cl-60011.staging.apis.sojern.net Open in urlscan Pro
34.71.113.27 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cl-60011.staging.apis.sojern.net/
Submission: On December 09 via api (December 9th 2024, 11:07:13 am UTC) from US — Scanned from DE

Summary HTTP 28 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 9 IPs in 1 countries across 5 domains to perform 28 HTTP transactions. The main IP is 34.71.113.27, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is cl-60011.staging.apis.sojern.net.
TLS certificate: Issued by R11 on December 9th 2024. Valid for: 3 months.

This is the only time cl-60011.staging.apis.sojern.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	34.71.113.27 34.71.113.27	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a04:4e42::622 2a04:4e42::622	54113 (FASTLY) (FASTLY)
1	13.32.121.85 13.32.121.85	16509 (AMAZON-02) (AMAZON-02)
2	50.19.197.104 50.19.197.104	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
2	2600:1901:0:c... 2600:1901:0:c072::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	34.149.66.134 34.149.66.134	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	151.101.0.176 151.101.0.176	54113 (FASTLY) (FASTLY)
28	9

14 34.71.113.27 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 27.113.71.34.bc.googleusercontent.com

cl-60011.staging.apis.sojern.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42::622 (United States)

ASN54113 (FASTLY, US)

fast.appcues.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-85.fra60.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.19.197.104 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-197-104.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.128.176 (San Francisco, United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:c072:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

browser-intake-us5-datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.149.66.134 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 134.66.149.34.bc.googleusercontent.com

browser-intake-us5-datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.0.176 (San Francisco, United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	sojern.net cl-60011.staging.apis.sojern.net	19 MB
5	browser-intake-us5-datadoghq.com browser-intake-us5-datadoghq.com — Cisco Umbrella Rank: 6900	1 KB
3	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 867 heapanalytics.com — Cisco Umbrella Rank: 683	38 KB
3	appcues.com fast.appcues.com — Cisco Umbrella Rank: 5110	147 KB
2	stripe.com js.stripe.com — Cisco Umbrella Rank: 1073	166 KB
28	5

	Domain	Requested by
14	cl-60011.staging.apis.sojern.net	cl-60011.staging.apis.sojern.net
5	browser-intake-us5-datadoghq.com	cl-60011.staging.apis.sojern.net
3	fast.appcues.com	cl-60011.staging.apis.sojern.net fast.appcues.com
2	js.stripe.com	cl-60011.staging.apis.sojern.net js.stripe.com
2	heapanalytics.com	cl-60011.staging.apis.sojern.net
1	cdn.heapanalytics.com	cl-60011.staging.apis.sojern.net
28	6

This site contains links to these domains. Also see Links.

Domain
www.sojern.com

Subject Issuer	Validity	Valid
cl-60011.staging.apis.sojern.net R11	`2024-12-09` - `2025-03-09`	3 months	crt.sh
fast.appcues.com GlobalSign Atlas R3 DV TLS CA 2024 Q2	`2024-06-07` - `2025-07-09`	a year	crt.sh
cdn.heapanalytics.com Amazon RSA 2048 M02	`2024-05-29` - `2025-06-26`	a year	crt.sh
heapanalytics.com Amazon RSA 2048 M03	`2024-11-18` - `2025-12-17`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-10-30` - `2025-02-06`	3 months	crt.sh
*.browser-intake-us5-datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-28` - `2025-07-02`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://cl-60011.staging.apis.sojern.net/
Frame ID: 79F8950E23A7855F49CC5506F2BA0497
Requests: 26 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 25EAD015F664AD2F588D27E7535A7831
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sojern

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

Page Statistics

28
Requests

96 %
HTTPS

25 %
IPv6

5
Domains

6
Subdomains

9
IPs

1
Countries

19419 kB
Transfer

81729 kB
Size

6
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.sojern.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.sojern.com/contact
Title: Contact Us

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
cl-60011.staging.apis.sojern.net/ 3 KB
3 KB 460ms
138ms Document
text/html 34.71.113.27
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cl-60011.staging.apis.sojern.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.71.113.27 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

27.113.71.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

94d74d2f9950f52000aed0e821eece4617fbe44840120c5443ccfef1d667ac4a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.firebaseapp.com/ https://.appcues.com/ https://.gstatic.com/ https://.stripe.com/ https://.google.com/ https://.googleapis.com/ https://.firebaseio.com/ https://ad.doubleclick.net/ https://.facebook.com/ https://.sojern.com/ https://.sojern.net/ https://.datadoghq.com/ https://.googlesyndication.com/ https://.2mdn.net/ https://.browser-intake-datadoghq.com/ https://.browser-intake-us5-datadoghq.com/ ; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://.tile.openstreetmap.org/ https://heapanalytics.com/ https://.googleapis.com/ https://.2mdn.net/ https://.sojern.com/ https://.sojern.net/ blob: data:; connect-src 'self' https://.tile.openstreetmap.org/ wss://.firebaseio.com/ https://.sentry.io/ wss://.appcues.net/ wss://.sojern.net/ https://.sojern.net/ https://.sojern.com/ https://.googleapis.com/ https://.datadoghq.com/ https://.doubleclick.net/ https://.googlesyndication.com https://.browser-intake-datadoghq.com/ https://.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ data:; script-src 'self' blob: https://.truste.com/ https://.appcues.com/ https://.heapanalytics.com/ https://.gstatic.com/ https://.stripe.com/ https://.google.com/ https://.firebaseio.com/ https://.datadoghq.com/ https://.googletagservices.com/ https://.doubleclick.net/ https://.googlesyndication.com/ https://.2mdn.net/ https://.browser-intake-datadoghq.com/ https://.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://.googleapis.com/ https://.appcues.com/;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: default-src 'self' https://*.firebaseapp.com/ https://*.appcues.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.googleapis.com/ https://*.firebaseio.com/ https://ad.doubleclick.net/ https://*.facebook.com/ https://*.sojern.com/ https://*.sojern.net/ https://*.datadoghq.com/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ https://*.browser-intake-us5-datadoghq.com/ ; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://*.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://*.tile.openstreetmap.org/ https://heapanalytics.com/ https://*.googleapis.com/ https://*.2mdn.net/ https://*.sojern.com/ https://*.sojern.net/ blob: data:; connect-src 'self' https://*.tile.openstreetmap.org/ wss://*.firebaseio.com/ https://*.sentry.io/ wss://*.appcues.net/ wss://*.sojern.net/ https://*.sojern.net/ https://*.sojern.com/ https://*.googleapis.com/ https://*.datadoghq.com/ https://*.doubleclick.net/ https://*.googlesyndication.com https://*.browser-intake-datadoghq.com/ https://*.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ data:; script-src 'self' blob: https://*.truste.com/ https://*.appcues.com/ https://*.heapanalytics.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.firebaseio.com/ https://*.datadoghq.com/ https://*.googletagservices.com/ https://*.doubleclick.net/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ https://*.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.appcues.com/;
Content-Type: text/html
Date: Mon, 09 Dec 2024 11:06:44 GMT
ETag: W/"675684eb-b00"
Last-Modified: Mon, 09 Dec 2024 05:49:31 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Permitted-Cross-Domain-Policies: master-only

GET
H2 200 33462.js Show response
fast.appcues.com/ 21 KB
5 KB 753ms
543ms Script
text/javascript 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.appcues.com/33462.js
Requested by: Host: cl-60011.staging.apis.sojern.net
URL: https://cl-60011.staging.apis.sojern.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 8dee83492298c88f0b951684afe8f22f149f2564135b59ee83f34f8f10452d18

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cl-60011.staging.apis.sojern.net/

Response headers

x-request-id: GA99iCthAcHMW5oRa5ii
access-control-expose-headers
content-encoding: gzip
age: 0
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
x-cache: MISS
date: Mon, 09 Dec 2024 11:06:45 GMT
content-type: text/javascript; charset=utf-8
x-served-by: cache-mad22032-MAD
x-cache-hits: 0
vary: accept-encoding, Accept-Encoding
access-control-allow-headers: X-Requested-With,Authorization
cache-control: max-age=120,public
timing-allow-origin: *
x-timer: S1733742405.951156,VS0,VE487
access-control-allow-credentials: true
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4888
server: Cowboy

GET
H/1.1 200
OK vendor.1e8131408d74b0f6e037.bundle.js Show response
cl-60011.staging.apis.sojern.net/js/ 42 MB
11 MB 404ms
404ms Script
application/javascript 34.71.113.27
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cl-60011.staging.apis.sojern.net/js/vendor.1e8131408d74b0f6e037.bundle.js

Requested by

Host: cl-60011.staging.apis.sojern.net
URL: https://cl-60011.staging.apis.sojern.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.71.113.27 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

27.113.71.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

3fd709a6bd94f25d1f26c0e6a88d3a94728eeb73770cec4065b5c5469e92375c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.firebaseapp.com/ https://.appcues.com/ https://.gstatic.com/ https://.stripe.com/ https://.google.com/ https://.googleapis.com/ https://.firebaseio.com/ https://ad.doubleclick.net/ https://.facebook.com/ https://.sojern.com/ https://.sojern.net/ https://.datadoghq.com/ https://.googlesyndication.com/ https://.2mdn.net/ https://.browser-intake-datadoghq.com/ https://.browser-intake-us5-datadoghq.com/ ; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://.tile.openstreetmap.org/ https://heapanalytics.com/ https://.googleapis.com/ https://.2mdn.net/ https://.sojern.com/ https://.sojern.net/ blob: data:; connect-src 'self' https://.tile.openstreetmap.org/ wss://.firebaseio.com/ https://.sentry.io/ wss://.appcues.net/ wss://.sojern.net/ https://.sojern.net/ https://.sojern.com/ https://.googleapis.com/ https://.datadoghq.com/ https://.doubleclick.net/ https://.googlesyndication.com https://.browser-intake-datadoghq.com/ https://.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ data:; script-src 'self' blob: https://.truste.com/ https://.appcues.com/ https://.heapanalytics.com/ https://.gstatic.com/ https://.stripe.com/ https://.google.com/ https://.firebaseio.com/ https://.datadoghq.com/ https://.googletagservices.com/ https://.doubleclick.net/ https://.googlesyndication.com/ https://.2mdn.net/ https://.browser-intake-datadoghq.com/ https://.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://.googleapis.com/ https://.appcues.com/;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cl-60011.staging.apis.sojern.net/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Frame-Options: DENY
Content-Security-Policy: default-src 'self' https://*.firebaseapp.com/ https://*.appcues.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.googleapis.com/ https://*.firebaseio.com/ https://ad.doubleclick.net/ https://*.facebook.com/ https://*.sojern.com/ https://*.sojern.net/ https://*.datadoghq.com/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ https://*.browser-intake-us5-datadoghq.com/ ; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://*.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://*.tile.openstreetmap.org/ https://heapanalytics.com/ https://*.googleapis.com/ https://*.2mdn.net/ https://*.sojern.com/ https://*.sojern.net/ blob: data:; connect-src 'self' https://*.tile.openstreetmap.org/ wss://*.firebaseio.com/ https://*.sentry.io/ wss://*.appcues.net/ wss://*.sojern.net/ https://*.sojern.net/ https://*.sojern.com/ https://*.googleapis.com/ https://*.datadoghq.com/ https://*.doubleclick.net/ https://*.googlesyndication.com https://*.browser-intake-datadoghq.com/ https://*.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ data:; script-src 'self' blob: https://*.truste.com/ https://*.appcues.com/ https://*.heapanalytics.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.firebaseio.com/ https://*.datadoghq.com/ https://*.googletagservices.com/ https://*.doubleclick.net/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ https://*.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.appcues.com/;
Content-Encoding: gzip
ETag: W/"67568451-29e4300"
Connection: keep-alive
X-Permitted-Cross-Domain-Policies: master-only
X-Content-Type-Options: nosniff
Date: Mon, 09 Dec 2024 11:06:44 GMT
Content-Type: application/javascript
Last-Modified: Mon, 09 Dec 2024 05:46:57 GMT
Server: nginx
Vary: Accept-Encoding

GET
H/1.1 200
OK main.dd783451cba7f56ade0c.bundle.js Show response
cl-60011.staging.apis.sojern.net/js/ 36 MB
7 MB 569ms
269ms Script
application/javascript 34.71.113.27
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cl-60011.staging.apis.sojern.net/js/main.dd783451cba7f56ade0c.bundle.js

Requested by

Host: cl-60011.staging.apis.sojern.net
URL: https://cl-60011.staging.apis.sojern.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.71.113.27 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

27.113.71.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

0cc50523f714961f9752ea48314aad00b566fa1412c930c11c24c8349e1e3d93

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.firebaseapp.com/ https://.appcues.com/ https://.gstatic.com/ https://.stripe.com/ https://.google.com/ https://.googleapis.com/ https://.firebaseio.com/ https://ad.doubleclick.net/ https://.facebook.com/ https://.sojern.com/ https://.sojern.net/ https://.datadoghq.com/ https://.googlesyndication.com/ https://.2mdn.net/ https://.browser-intake-datadoghq.com/ https://.browser-intake-us5-datadoghq.com/ ; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://.tile.openstreetmap.org/ https://heapanalytics.com/ https://.googleapis.com/ https://.2mdn.net/ https://.sojern.com/ https://.sojern.net/ blob: data:; connect-src 'self' https://.tile.openstreetmap.org/ wss://.firebaseio.com/ https://.sentry.io/ wss://.appcues.net/ wss://.sojern.net/ https://.sojern.net/ https://.sojern.com/ https://.googleapis.com/ https://.datadoghq.com/ https://.doubleclick.net/ https://.googlesyndication.com https://.browser-intake-datadoghq.com/ https://.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ data:; script-src 'self' blob: https://.truste.com/ https://.appcues.com/ https://.heapanalytics.com/ https://.gstatic.com/ https://.stripe.com/ https://.google.com/ https://.firebaseio.com/ https://.datadoghq.com/ https://.googletagservices.com/ https://.doubleclick.net/ https://.googlesyndication.com/ https://.2mdn.net/ https://.browser-intake-datadoghq.com/ https://.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://.googleapis.com/ https://.appcues.com/;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cl-60011.staging.apis.sojern.net/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Frame-Options: DENY
Content-Security-Policy: default-src 'self' https://*.firebaseapp.com/ https://*.appcues.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.googleapis.com/ https://*.firebaseio.com/ https://ad.doubleclick.net/ https://*.facebook.com/ https://*.sojern.com/ https://*.sojern.net/ https://*.datadoghq.com/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ https://*.browser-intake-us5-datadoghq.com/ ; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://*.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://*.tile.openstreetmap.org/ https://heapanalytics.com/ https://*.googleapis.com/ https://*.2mdn.net/ https://*.sojern.com/ https://*.sojern.net/ blob: data:; connect-src 'self' https://*.tile.openstreetmap.org/ wss://*.firebaseio.com/ https://*.sentry.io/ wss://*.appcues.net/ wss://*.sojern.net/ https://*.sojern.net/ https://*.sojern.com/ https://*.googleapis.com/ https://*.datadoghq.com/ https://*.doubleclick.net/ https://*.googlesyndication.com https://*.browser-intake-datadoghq.com/ https://*.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ data:; script-src 'self' blob: https://*.truste.com/ https://*.appcues.com/ https://*.heapanalytics.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.firebaseio.com/ https://*.datadoghq.com/ https://*.googletagservices.com/ https://*.doubleclick.net/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ https://*.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.appcues.com/;
Content-Encoding: gzip
ETag: W/"675684ea-2457ba3"
Connection: keep-alive
X-Permitted-Cross-Domain-Policies: master-only
X-Content-Type-Options: nosniff
Date: Mon, 09 Dec 2024 11:06:45 GMT
Content-Type: application/javascript
Last-Modified: Mon, 09 Dec 2024 05:49:30 GMT
Server: nginx
Vary: Accept-Encoding

GET
H2 200 appcues.main.2aae9eaa894169cec61d6cfc8bf4cf2fdbb15531.js Show response
fast.appcues.com/generic/main/6.7.1/ 496 KB
139 KB 150ms
48ms Script
application/javascript 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.appcues.com/generic/main/6.7.1/appcues.main.2aae9eaa894169cec61d6cfc8bf4cf2fdbb15531.js
Requested by: Host: fast.appcues.com
URL: https://fast.appcues.com/33462.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f194f7525b03d3d1cafc8136adef82648902288e15f98fd4fcfea531cafbe124

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://cl-60011.staging.apis.sojern.net
Referer: https://cl-60011.staging.apis.sojern.net/

Response headers

content-encoding: gzip
etag: "101093c16a8291350e8bf0dbc753c647"
age: 400113
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
x-cache: HIT
date: Mon, 09 Dec 2024 11:06:45 GMT
last-modified: Wed, 04 Dec 2024 16:50:53 GMT
x-served-by: cache-mad2200128-MAD
x-cache-hits: 55
content-type: application/javascript; charset=utf-8
x-amz-id-2: PF0N5e34tsOd+0GPJfD5dSTnMXkSPLURCHh7oZ2Yg8hAkx8qQJg7ckoz+Ja/431Prppv4+Gwu48=
access-control-allow-headers: X-Requested-With,Authorization
vary: Accept-Encoding
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
x-timer: S1733742406.624407,VS0,VE0
via: 1.1 varnish
x-amz-request-id: S1VN6CW4K8T9QX3V
accept-ranges: bytes
access-control-allow-origin: *
content-length: 141945
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 heap-3605082106.js Show response
cdn.heapanalytics.com/js/ 117 KB
38 KB 212ms
144ms Script
application/javascript 13.32.121.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-3605082106.js

Requested by

Host: cl-60011.staging.apis.sojern.net
URL: https://cl-60011.staging.apis.sojern.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-85.fra60.r.cloudfront.net

Software

nginx / Express

Resource Hash

f465dfca55a522960db8d542b900bb6e512ae852f686b1d5712e3c46829f1a95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cl-60011.staging.apis.sojern.net/

Response headers

content-encoding: br
etag: W/"1d4bc-BZ18jniLjYqMPRTEyu/2w84yFJc"
age: 105
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: eBYKI7pv85M5eu7JkfAAqJnwTtfxeBR4hbUU4UYw-4bkhrMoihRGcw==
date: Mon, 09 Dec 2024 11:05:00 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=120
cross-origin-resource-policy: cross-origin
via: 1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-powered-by: Express
server: nginx

GET
H2 200 h
heapanalytics.com/ 37 B
378 B 322ms
99ms Image
image/gif 50.19.197.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=3605082106&u=1723945592181434&v=2204339546112784&s=436924851307759&b=web&tv=4.0&z=0&h=%2F&d=cl-60011.staging.apis.sojern.net&t=Sojern&ts=1733742405856&sch=1200&scw=1600&st=1733742405873&lv=4.23.4&ld=cdn.heapanalytics.com

Requested by

Host: cl-60011.staging.apis.sojern.net
URL: https://cl-60011.staging.apis.sojern.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.19.197.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-19-197-104.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cl-60011.staging.apis.sojern.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma: no-cache
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
access-control-allow-methods: POST, PUT, GET
access-control-allow-origin: *
content-length: 37
date: Mon, 09 Dec 2024 11:06:46 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 container.2aae9eaa894169cec61d6cfc8bf4cf2fdbb15531.css
fast.appcues.com/generic/main/6.7.1/ 16 KB
2 KB 34ms
32ms Stylesheet
text/css 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.appcues.com/generic/main/6.7.1/container.2aae9eaa894169cec61d6cfc8bf4cf2fdbb15531.css
Requested by: Host: fast.appcues.com
URL: https://fast.appcues.com/generic/main/6.7.1/appcues.main.2aae9eaa894169cec61d6cfc8bf4cf2fdbb15531.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c2f5a697cf483b8a50b286ec9481c2767bcc448ad563047894e7e623de8049eb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://cl-60011.staging.apis.sojern.net
Referer: https://cl-60011.staging.apis.sojern.net/

Response headers

content-encoding: gzip
etag: "5be05ce494e7cac41d062a0b12a1657c"
age: 400470
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
x-cache: HIT
date: Mon, 09 Dec 2024 11:06:46 GMT
last-modified: Wed, 04 Dec 2024 16:50:53 GMT
x-served-by: cache-mad2200128-MAD
x-cache-hits: 2506
content-type: text/css; charset=utf-8;
x-amz-id-2: c14gV+DJgv63er6L66Bdb22AjNviQ7NgjVg8F9DC/m2FVIz/Bpzs+uAyTNHlMMKubuhAJlSFKis3s4opvxoCHrLSB+m49YSXUnY2L4RzIOE=
access-control-allow-headers: X-Requested-With,Authorization
vary: Accept-Encoding
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
x-timer: S1733742406.287566,VS0,VE0
via: 1.1 varnish
x-amz-request-id: 3G9QJPQSWNNRXY5K
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1992
server: AmazonS3
x-amz-server-side-encryption: AES256

GET e14ac615-9726-47ca-8f76-4365699c0405
https://cl-60011.staging.apis.sojern.net/ Frame 0
0

GET
H2 200 v3 Show response
js.stripe.com/ 692 KB
166 KB 114ms
33ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: cl-60011.staging.apis.sojern.net
URL: https://cl-60011.staging.apis.sojern.net/js/vendor.1e8131408d74b0f6e037.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

1de7f8d34aa5925356f53aaaa4f70dce33733ea84a36ac47a71ff6caa939a462

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cl-60011.staging.apis.sojern.net/

Response headers

x-request-id: 521fdc05-4c52-4291-b354-e68318df5571
content-encoding: br
etag: "d352a37697a3c1f2c33078f8a5743e7c"
age: 44
x-content-type-options: nosniff
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Mon, 09 Dec 2024 11:07:03 GMT
last-modified: Sat, 07 Dec 2024 01:17:06 GMT
content-type: text/javascript; charset=utf-8
x-served-by: cache-mad2200100-MAD
x-cache-hits: 5
vary: Accept-Encoding
strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: max-age=60
timing-allow-origin: *
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 169016
server: Fastly

GET
H/1.1 200
OK 982d9764d3868fa800f4.woff2
cl-60011.staging.apis.sojern.net/assets/ 20 KB
23 KB 254ms
253ms Font
font/woff2 34.71.113.27
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cl-60011.staging.apis.sojern.net/assets/982d9764d3868fa800f4.woff2

Requested by

Host: cl-60011.staging.apis.sojern.net
URL: https://cl-60011.staging.apis.sojern.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.71.113.27 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

27.113.71.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

b5ad7bd39f996144915f0ad9849a90183b27d8c28ad97ed98af5b1bebc51f6b1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.firebaseapp.com/ https://.appcues.com/ https://.gstatic.com/ https://.stripe.com/ https://.google.com/ https://.googleapis.com/ https://.firebaseio.com/ https://ad.doubleclick.net/ https://.facebook.com/ https://.sojern.com/ https://.sojern.net/ https://.datadoghq.com/ https://.googlesyndication.com/ https://.2mdn.net/ https://.browser-intake-datadoghq.com/ https://.browser-intake-us5-datadoghq.com/ ; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://.tile.openstreetmap.org/ https://heapanalytics.com/ https://.googleapis.com/ https://.2mdn.net/ https://.sojern.com/ https://.sojern.net/ blob: data:; connect-src 'self' https://.tile.openstreetmap.org/ wss://.firebaseio.com/ https://.sentry.io/ wss://.appcues.net/ wss://.sojern.net/ https://.sojern.net/ https://.sojern.com/ https://.googleapis.com/ https://.datadoghq.com/ https://.doubleclick.net/ https://.googlesyndication.com https://.browser-intake-datadoghq.com/ https://.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ data:; script-src 'self' blob: https://.truste.com/ https://.appcues.com/ https://.heapanalytics.com/ https://.gstatic.com/ https://.stripe.com/ https://.google.com/ https://.firebaseio.com/ https://.datadoghq.com/ https://.googletagservices.com/ https://.doubleclick.net/ https://.googlesyndication.com/ https://.2mdn.net/ https://.browser-intake-datadoghq.com/ https://.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://.googleapis.com/ https://.appcues.com/;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://cl-60011.staging.apis.sojern.net
Referer: https://cl-60011.staging.apis.sojern.net/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Security-Policy: default-src 'self' https://*.firebaseapp.com/ https://*.appcues.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.googleapis.com/ https://*.firebaseio.com/ https://ad.doubleclick.net/ https://*.facebook.com/ https://*.sojern.com/ https://*.sojern.net/ https://*.datadoghq.com/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ https://*.browser-intake-us5-datadoghq.com/ ; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://*.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://*.tile.openstreetmap.org/ https://heapanalytics.com/ https://*.googleapis.com/ https://*.2mdn.net/ https://*.sojern.com/ https://*.sojern.net/ blob: data:; connect-src 'self' https://*.tile.openstreetmap.org/ wss://*.firebaseio.com/ https://*.sentry.io/ wss://*.appcues.net/ wss://*.sojern.net/ https://*.sojern.net/ https://*.sojern.com/ https://*.googleapis.com/ https://*.datadoghq.com/ https://*.doubleclick.net/ https://*.googlesyndication.com https://*.browser-intake-datadoghq.com/ https://*.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ data:; script-src 'self' blob: https://*.truste.com/ https://*.appcues.com/ https://*.heapanalytics.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.firebaseio.com/ https://*.datadoghq.com/ https://*.googletagservices.com/ https://*.doubleclick.net/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ https://*.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.appcues.com/;
ETag: "67568451-51f8"
Connection: keep-alive
X-Permitted-Cross-Domain-Policies: master-only
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 20984
Date: Mon, 09 Dec 2024 11:07:03 GMT
Content-Type: font/woff2
Last-Modified: Mon, 09 Dec 2024 05:46:57 GMT
Server: nginx
X-Frame-Options: DENY

GET
H/1.1 200
OK common.json Show response
cl-60011.staging.apis.sojern.net/locales/en-US/ 7 KB
9 KB 136ms
135ms Fetch
application/json 34.71.113.27
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cl-60011.staging.apis.sojern.net/locales/en-US/common.json

Requested by

Host: cl-60011.staging.apis.sojern.net
URL: https://cl-60011.staging.apis.sojern.net/js/vendor.1e8131408d74b0f6e037.bundle.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.71.113.27 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

27.113.71.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

8c7ad8236bedc03b54dcff692375f0b248d4a1960eb387767e5d8aa0d88b3cd9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.firebaseapp.com/ https://.appcues.com/ https://.gstatic.com/ https://.stripe.com/ https://.google.com/ https://.googleapis.com/ https://.firebaseio.com/ https://ad.doubleclick.net/ https://.facebook.com/ https://.sojern.com/ https://.sojern.net/ https://.datadoghq.com/ https://.googlesyndication.com/ https://.2mdn.net/ https://.browser-intake-datadoghq.com/ https://.browser-intake-us5-datadoghq.com/ ; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://.tile.openstreetmap.org/ https://heapanalytics.com/ https://.googleapis.com/ https://.2mdn.net/ https://.sojern.com/ https://.sojern.net/ blob: data:; connect-src 'self' https://.tile.openstreetmap.org/ wss://.firebaseio.com/ https://.sentry.io/ wss://.appcues.net/ wss://.sojern.net/ https://.sojern.net/ https://.sojern.com/ https://.googleapis.com/ https://.datadoghq.com/ https://.doubleclick.net/ https://.googlesyndication.com https://.browser-intake-datadoghq.com/ https://.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ data:; script-src 'self' blob: https://.truste.com/ https://.appcues.com/ https://.heapanalytics.com/ https://.gstatic.com/ https://.stripe.com/ https://.google.com/ https://.firebaseio.com/ https://.datadoghq.com/ https://.googletagservices.com/ https://.doubleclick.net/ https://.googlesyndication.com/ https://.2mdn.net/ https://.browser-intake-datadoghq.com/ https://.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://.googleapis.com/ https://.appcues.com/;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cl-60011.staging.apis.sojern.net/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Security-Policy: default-src 'self' https://*.firebaseapp.com/ https://*.appcues.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.googleapis.com/ https://*.firebaseio.com/ https://ad.doubleclick.net/ https://*.facebook.com/ https://*.sojern.com/ https://*.sojern.net/ https://*.datadoghq.com/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ https://*.browser-intake-us5-datadoghq.com/ ; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://*.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://*.tile.openstreetmap.org/ https://heapanalytics.com/ https://*.googleapis.com/ https://*.2mdn.net/ https://*.sojern.com/ https://*.sojern.net/ blob: data:; connect-src 'self' https://*.tile.openstreetmap.org/ wss://*.firebaseio.com/ https://*.sentry.io/ wss://*.appcues.net/ wss://*.sojern.net/ https://*.sojern.net/ https://*.sojern.com/ https://*.googleapis.com/ https://*.datadoghq.com/ https://*.doubleclick.net/ https://*.googlesyndication.com https://*.browser-intake-datadoghq.com/ https://*.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ data:; script-src 'self' blob: https://*.truste.com/ https://*.appcues.com/ https://*.heapanalytics.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.firebaseio.com/ https://*.datadoghq.com/ https://*.googletagservices.com/ https://*.doubleclick.net/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ https://*.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.appcues.com/;
ETag: "67568451-1c0d"
Connection: keep-alive
X-Permitted-Cross-Domain-Policies: master-only
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 7181
Date: Mon, 09 Dec 2024 11:07:04 GMT
Content-Type: application/json
Last-Modified: Mon, 09 Dec 2024 05:46:57 GMT
Server: nginx
X-Frame-Options: DENY

GET
H/1.1 200
OK header.json Show response
cl-60011.staging.apis.sojern.net/locales/en-US/ 175 B
2 KB 142ms
141ms Fetch
application/json 34.71.113.27
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cl-60011.staging.apis.sojern.net/locales/en-US/header.json

Requested by

Host: cl-60011.staging.apis.sojern.net
URL: https://cl-60011.staging.apis.sojern.net/js/vendor.1e8131408d74b0f6e037.bundle.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.71.113.27 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

27.113.71.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

cffee18f08d710105a95a15eb6324ccf7ec52f175a2f2fba4eb8455dd6d06fae

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.firebaseapp.com/ https://.appcues.com/ https://.gstatic.com/ https://.stripe.com/ https://.google.com/ https://.googleapis.com/ https://.firebaseio.com/ https://ad.doubleclick.net/ https://.facebook.com/ https://.sojern.com/ https://.sojern.net/ https://.datadoghq.com/ https://.googlesyndication.com/ https://.2mdn.net/ https://.browser-intake-datadoghq.com/ https://.browser-intake-us5-datadoghq.com/ ; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://.tile.openstreetmap.org/ https://heapanalytics.com/ https://.googleapis.com/ https://.2mdn.net/ https://.sojern.com/ https://.sojern.net/ blob: data:; connect-src 'self' https://.tile.openstreetmap.org/ wss://.firebaseio.com/ https://.sentry.io/ wss://.appcues.net/ wss://.sojern.net/ https://.sojern.net/ https://.sojern.com/ https://.googleapis.com/ https://.datadoghq.com/ https://.doubleclick.net/ https://.googlesyndication.com https://.browser-intake-datadoghq.com/ https://.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ data:; script-src 'self' blob: https://.truste.com/ https://.appcues.com/ https://.heapanalytics.com/ https://.gstatic.com/ https://.stripe.com/ https://.google.com/ https://.firebaseio.com/ https://.datadoghq.com/ https://.googletagservices.com/ https://.doubleclick.net/ https://.googlesyndication.com/ https://.2mdn.net/ https://.browser-intake-datadoghq.com/ https://.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://.googleapis.com/ https://.appcues.com/;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cl-60011.staging.apis.sojern.net/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Security-Policy: default-src 'self' https://*.firebaseapp.com/ https://*.appcues.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.googleapis.com/ https://*.firebaseio.com/ https://ad.doubleclick.net/ https://*.facebook.com/ https://*.sojern.com/ https://*.sojern.net/ https://*.datadoghq.com/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ https://*.browser-intake-us5-datadoghq.com/ ; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://*.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://*.tile.openstreetmap.org/ https://heapanalytics.com/ https://*.googleapis.com/ https://*.2mdn.net/ https://*.sojern.com/ https://*.sojern.net/ blob: data:; connect-src 'self' https://*.tile.openstreetmap.org/ wss://*.firebaseio.com/ https://*.sentry.io/ wss://*.appcues.net/ wss://*.sojern.net/ https://*.sojern.net/ https://*.sojern.com/ https://*.googleapis.com/ https://*.datadoghq.com/ https://*.doubleclick.net/ https://*.googlesyndication.com https://*.browser-intake-datadoghq.com/ https://*.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ data:; script-src 'self' blob: https://*.truste.com/ https://*.appcues.com/ https://*.heapanalytics.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.firebaseio.com/ https://*.datadoghq.com/ https://*.googletagservices.com/ https://*.doubleclick.net/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ https://*.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.appcues.com/;
ETag: "67568451-af"
Connection: keep-alive
X-Permitted-Cross-Domain-Policies: master-only
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 175
Date: Mon, 09 Dec 2024 11:07:04 GMT
Content-Type: application/json
Last-Modified: Mon, 09 Dec 2024 05:46:57 GMT
Server: nginx
X-Frame-Options: DENY

GET
H/1.1 200
OK dashboard.json Show response
cl-60011.staging.apis.sojern.net/locales/en-US/ 3 KB
5 KB 255ms
117ms Fetch
application/json 34.71.113.27
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cl-60011.staging.apis.sojern.net/locales/en-US/dashboard.json

Requested by

Host: cl-60011.staging.apis.sojern.net
URL: https://cl-60011.staging.apis.sojern.net/js/vendor.1e8131408d74b0f6e037.bundle.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.71.113.27 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

27.113.71.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

e17991526bd818a02fa0e3947a6a557ac82f124da4bd3393f297f81dcbc52fea

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.firebaseapp.com/ https://.appcues.com/ https://.gstatic.com/ https://.stripe.com/ https://.google.com/ https://.googleapis.com/ https://.firebaseio.com/ https://ad.doubleclick.net/ https://.facebook.com/ https://.sojern.com/ https://.sojern.net/ https://.datadoghq.com/ https://.googlesyndication.com/ https://.2mdn.net/ https://.browser-intake-datadoghq.com/ https://.browser-intake-us5-datadoghq.com/ ; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://.tile.openstreetmap.org/ https://heapanalytics.com/ https://.googleapis.com/ https://.2mdn.net/ https://.sojern.com/ https://.sojern.net/ blob: data:; connect-src 'self' https://.tile.openstreetmap.org/ wss://.firebaseio.com/ https://.sentry.io/ wss://.appcues.net/ wss://.sojern.net/ https://.sojern.net/ https://.sojern.com/ https://.googleapis.com/ https://.datadoghq.com/ https://.doubleclick.net/ https://.googlesyndication.com https://.browser-intake-datadoghq.com/ https://.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ data:; script-src 'self' blob: https://.truste.com/ https://.appcues.com/ https://.heapanalytics.com/ https://.gstatic.com/ https://.stripe.com/ https://.google.com/ https://.firebaseio.com/ https://.datadoghq.com/ https://.googletagservices.com/ https://.doubleclick.net/ https://.googlesyndication.com/ https://.2mdn.net/ https://.browser-intake-datadoghq.com/ https://.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://.googleapis.com/ https://.appcues.com/;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cl-60011.staging.apis.sojern.net/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Security-Policy: default-src 'self' https://*.firebaseapp.com/ https://*.appcues.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.googleapis.com/ https://*.firebaseio.com/ https://ad.doubleclick.net/ https://*.facebook.com/ https://*.sojern.com/ https://*.sojern.net/ https://*.datadoghq.com/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ https://*.browser-intake-us5-datadoghq.com/ ; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://*.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://*.tile.openstreetmap.org/ https://heapanalytics.com/ https://*.googleapis.com/ https://*.2mdn.net/ https://*.sojern.com/ https://*.sojern.net/ blob: data:; connect-src 'self' https://*.tile.openstreetmap.org/ wss://*.firebaseio.com/ https://*.sentry.io/ wss://*.appcues.net/ wss://*.sojern.net/ https://*.sojern.net/ https://*.sojern.com/ https://*.googleapis.com/ https://*.datadoghq.com/ https://*.doubleclick.net/ https://*.googlesyndication.com https://*.browser-intake-datadoghq.com/ https://*.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ data:; script-src 'self' blob: https://*.truste.com/ https://*.appcues.com/ https://*.heapanalytics.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.firebaseio.com/ https://*.datadoghq.com/ https://*.googletagservices.com/ https://*.doubleclick.net/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ https://*.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.appcues.com/;
ETag: "67568451-a93"
Connection: keep-alive
X-Permitted-Cross-Domain-Policies: master-only
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 2707
Date: Mon, 09 Dec 2024 11:07:04 GMT
Content-Type: application/json
Last-Modified: Mon, 09 Dec 2024 05:46:57 GMT
Server: nginx
X-Frame-Options: DENY

GET
H/1.1 200
OK Favicon_Sojern.png
cl-60011.staging.apis.sojern.net/ 919 B
3 KB 202ms
122ms Other
image/png 34.71.113.27
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cl-60011.staging.apis.sojern.net/Favicon_Sojern.png

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.71.113.27 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

27.113.71.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

1ba82bc7475bc4dc29f9bfa6a42d832c8ff49ecf2d1877704d5c8660cdaf83a8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.firebaseapp.com/ https://.appcues.com/ https://.gstatic.com/ https://.stripe.com/ https://.google.com/ https://.googleapis.com/ https://.firebaseio.com/ https://ad.doubleclick.net/ https://.facebook.com/ https://.sojern.com/ https://.sojern.net/ https://.datadoghq.com/ https://.googlesyndication.com/ https://.2mdn.net/ https://.browser-intake-datadoghq.com/ https://.browser-intake-us5-datadoghq.com/ ; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://.tile.openstreetmap.org/ https://heapanalytics.com/ https://.googleapis.com/ https://.2mdn.net/ https://.sojern.com/ https://.sojern.net/ blob: data:; connect-src 'self' https://.tile.openstreetmap.org/ wss://.firebaseio.com/ https://.sentry.io/ wss://.appcues.net/ wss://.sojern.net/ https://.sojern.net/ https://.sojern.com/ https://.googleapis.com/ https://.datadoghq.com/ https://.doubleclick.net/ https://.googlesyndication.com https://.browser-intake-datadoghq.com/ https://.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ data:; script-src 'self' blob: https://.truste.com/ https://.appcues.com/ https://.heapanalytics.com/ https://.gstatic.com/ https://.stripe.com/ https://.google.com/ https://.firebaseio.com/ https://.datadoghq.com/ https://.googletagservices.com/ https://.doubleclick.net/ https://.googlesyndication.com/ https://.2mdn.net/ https://.browser-intake-datadoghq.com/ https://.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://.googleapis.com/ https://.appcues.com/;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cl-60011.staging.apis.sojern.net/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Security-Policy: default-src 'self' https://*.firebaseapp.com/ https://*.appcues.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.googleapis.com/ https://*.firebaseio.com/ https://ad.doubleclick.net/ https://*.facebook.com/ https://*.sojern.com/ https://*.sojern.net/ https://*.datadoghq.com/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ https://*.browser-intake-us5-datadoghq.com/ ; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://*.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://*.tile.openstreetmap.org/ https://heapanalytics.com/ https://*.googleapis.com/ https://*.2mdn.net/ https://*.sojern.com/ https://*.sojern.net/ blob: data:; connect-src 'self' https://*.tile.openstreetmap.org/ wss://*.firebaseio.com/ https://*.sentry.io/ wss://*.appcues.net/ wss://*.sojern.net/ https://*.sojern.net/ https://*.sojern.com/ https://*.googleapis.com/ https://*.datadoghq.com/ https://*.doubleclick.net/ https://*.googlesyndication.com https://*.browser-intake-datadoghq.com/ https://*.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ data:; script-src 'self' blob: https://*.truste.com/ https://*.appcues.com/ https://*.heapanalytics.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.firebaseio.com/ https://*.datadoghq.com/ https://*.googletagservices.com/ https://*.doubleclick.net/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ https://*.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.appcues.com/;
ETag: "67568451-397"
Connection: keep-alive
X-Permitted-Cross-Domain-Policies: master-only
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 919
Date: Mon, 09 Dec 2024 11:07:04 GMT
Content-Type: image/png
Last-Modified: Mon, 09 Dec 2024 05:46:57 GMT
Server: nginx
X-Frame-Options: DENY

POST
H2 403 replay Show response
browser-intake-us5-datadoghq.com/api/v2/ 131 B
419 B 198ms
100ms XHR
application/json 2600:1901:0:c072::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser-intake-us5-datadoghq.com/api/v2/replay?ddsource=browser&ddtags=sdk_version%3A5.29.1%2Capi%3Axhr%2Cenv%3Astaging%2Cservice%3Aphoenix%2Cversion%3Acl.60011.3&dd-api-key=pub33e34420940081752c6c1d85aeb901a6-invalid&dd-evp-origin-version=5.29.1&dd-evp-origin=browser&dd-request-id=ef421167-1e2d-49a1-9874-9096caf9ba86

Requested by

Host: cl-60011.staging.apis.sojern.net
URL: https://cl-60011.staging.apis.sojern.net/js/vendor.1e8131408d74b0f6e037.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:c072:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

67e4ee5d8bbb06142251d7820ed92f3293f1d05329b1940c3d3b37ff0be23dac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryK32ar4iPWtZzu8Z3
Referer: https://cl-60011.staging.apis.sojern.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
date: Mon, 09 Dec 2024 11:07:04 GMT
content-type: application/json
dd-request-id: ef421167-1e2d-49a1-9874-9096caf9ba86

GET
H/1.1 200
OK reporting.json Show response
cl-60011.staging.apis.sojern.net/locales/en-US/ 5 KB
8 KB 130ms
129ms Fetch
application/json 34.71.113.27
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cl-60011.staging.apis.sojern.net/locales/en-US/reporting.json

Requested by

Host: cl-60011.staging.apis.sojern.net
URL: https://cl-60011.staging.apis.sojern.net/js/vendor.1e8131408d74b0f6e037.bundle.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.71.113.27 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

27.113.71.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

b8239e736cdf9c401f5df22c3b7fea367f1182fbcdb8ff70ea95a2ad6a760343

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.firebaseapp.com/ https://.appcues.com/ https://.gstatic.com/ https://.stripe.com/ https://.google.com/ https://.googleapis.com/ https://.firebaseio.com/ https://ad.doubleclick.net/ https://.facebook.com/ https://.sojern.com/ https://.sojern.net/ https://.datadoghq.com/ https://.googlesyndication.com/ https://.2mdn.net/ https://.browser-intake-datadoghq.com/ https://.browser-intake-us5-datadoghq.com/ ; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://.tile.openstreetmap.org/ https://heapanalytics.com/ https://.googleapis.com/ https://.2mdn.net/ https://.sojern.com/ https://.sojern.net/ blob: data:; connect-src 'self' https://.tile.openstreetmap.org/ wss://.firebaseio.com/ https://.sentry.io/ wss://.appcues.net/ wss://.sojern.net/ https://.sojern.net/ https://.sojern.com/ https://.googleapis.com/ https://.datadoghq.com/ https://.doubleclick.net/ https://.googlesyndication.com https://.browser-intake-datadoghq.com/ https://.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ data:; script-src 'self' blob: https://.truste.com/ https://.appcues.com/ https://.heapanalytics.com/ https://.gstatic.com/ https://.stripe.com/ https://.google.com/ https://.firebaseio.com/ https://.datadoghq.com/ https://.googletagservices.com/ https://.doubleclick.net/ https://.googlesyndication.com/ https://.2mdn.net/ https://.browser-intake-datadoghq.com/ https://.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://.googleapis.com/ https://.appcues.com/;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cl-60011.staging.apis.sojern.net/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Security-Policy: default-src 'self' https://*.firebaseapp.com/ https://*.appcues.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.googleapis.com/ https://*.firebaseio.com/ https://ad.doubleclick.net/ https://*.facebook.com/ https://*.sojern.com/ https://*.sojern.net/ https://*.datadoghq.com/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ https://*.browser-intake-us5-datadoghq.com/ ; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://*.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://*.tile.openstreetmap.org/ https://heapanalytics.com/ https://*.googleapis.com/ https://*.2mdn.net/ https://*.sojern.com/ https://*.sojern.net/ blob: data:; connect-src 'self' https://*.tile.openstreetmap.org/ wss://*.firebaseio.com/ https://*.sentry.io/ wss://*.appcues.net/ wss://*.sojern.net/ https://*.sojern.net/ https://*.sojern.com/ https://*.googleapis.com/ https://*.datadoghq.com/ https://*.doubleclick.net/ https://*.googlesyndication.com https://*.browser-intake-datadoghq.com/ https://*.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ data:; script-src 'self' blob: https://*.truste.com/ https://*.appcues.com/ https://*.heapanalytics.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.firebaseio.com/ https://*.datadoghq.com/ https://*.googletagservices.com/ https://*.doubleclick.net/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ https://*.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.appcues.com/;
ETag: "67568451-1588"
Connection: keep-alive
X-Permitted-Cross-Domain-Policies: master-only
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 5512
Date: Mon, 09 Dec 2024 11:07:04 GMT
Content-Type: application/json
Last-Modified: Mon, 09 Dec 2024 05:46:57 GMT
Server: nginx
X-Frame-Options: DENY

GET
H/1.1 200
OK userProfile.json Show response
cl-60011.staging.apis.sojern.net/locales/en-US/ 2 KB
4 KB 118ms
117ms Fetch
application/json 34.71.113.27
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cl-60011.staging.apis.sojern.net/locales/en-US/userProfile.json

Requested by

Host: cl-60011.staging.apis.sojern.net
URL: https://cl-60011.staging.apis.sojern.net/js/vendor.1e8131408d74b0f6e037.bundle.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.71.113.27 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

27.113.71.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

77cc9b4e0fccd1f49cbe8fca5e240728fdc5cd67d4767d19217b62566866de79

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.firebaseapp.com/ https://.appcues.com/ https://.gstatic.com/ https://.stripe.com/ https://.google.com/ https://.googleapis.com/ https://.firebaseio.com/ https://ad.doubleclick.net/ https://.facebook.com/ https://.sojern.com/ https://.sojern.net/ https://.datadoghq.com/ https://.googlesyndication.com/ https://.2mdn.net/ https://.browser-intake-datadoghq.com/ https://.browser-intake-us5-datadoghq.com/ ; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://.tile.openstreetmap.org/ https://heapanalytics.com/ https://.googleapis.com/ https://.2mdn.net/ https://.sojern.com/ https://.sojern.net/ blob: data:; connect-src 'self' https://.tile.openstreetmap.org/ wss://.firebaseio.com/ https://.sentry.io/ wss://.appcues.net/ wss://.sojern.net/ https://.sojern.net/ https://.sojern.com/ https://.googleapis.com/ https://.datadoghq.com/ https://.doubleclick.net/ https://.googlesyndication.com https://.browser-intake-datadoghq.com/ https://.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ data:; script-src 'self' blob: https://.truste.com/ https://.appcues.com/ https://.heapanalytics.com/ https://.gstatic.com/ https://.stripe.com/ https://.google.com/ https://.firebaseio.com/ https://.datadoghq.com/ https://.googletagservices.com/ https://.doubleclick.net/ https://.googlesyndication.com/ https://.2mdn.net/ https://.browser-intake-datadoghq.com/ https://.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://.googleapis.com/ https://.appcues.com/;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cl-60011.staging.apis.sojern.net/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Security-Policy: default-src 'self' https://*.firebaseapp.com/ https://*.appcues.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.googleapis.com/ https://*.firebaseio.com/ https://ad.doubleclick.net/ https://*.facebook.com/ https://*.sojern.com/ https://*.sojern.net/ https://*.datadoghq.com/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ https://*.browser-intake-us5-datadoghq.com/ ; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://*.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://*.tile.openstreetmap.org/ https://heapanalytics.com/ https://*.googleapis.com/ https://*.2mdn.net/ https://*.sojern.com/ https://*.sojern.net/ blob: data:; connect-src 'self' https://*.tile.openstreetmap.org/ wss://*.firebaseio.com/ https://*.sentry.io/ wss://*.appcues.net/ wss://*.sojern.net/ https://*.sojern.net/ https://*.sojern.com/ https://*.googleapis.com/ https://*.datadoghq.com/ https://*.doubleclick.net/ https://*.googlesyndication.com https://*.browser-intake-datadoghq.com/ https://*.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ data:; script-src 'self' blob: https://*.truste.com/ https://*.appcues.com/ https://*.heapanalytics.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.firebaseio.com/ https://*.datadoghq.com/ https://*.googletagservices.com/ https://*.doubleclick.net/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ https://*.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.appcues.com/;
ETag: "67568451-65e"
Connection: keep-alive
X-Permitted-Cross-Domain-Policies: master-only
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 1630
Date: Mon, 09 Dec 2024 11:07:04 GMT
Content-Type: application/json
Last-Modified: Mon, 09 Dec 2024 05:46:57 GMT
Server: nginx
X-Frame-Options: DENY

GET
H/1.1 200
OK error.json Show response
cl-60011.staging.apis.sojern.net/locales/en-US/ 334 B
2 KB 122ms
121ms Fetch
application/json 34.71.113.27
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cl-60011.staging.apis.sojern.net/locales/en-US/error.json

Requested by

Host: cl-60011.staging.apis.sojern.net
URL: https://cl-60011.staging.apis.sojern.net/js/vendor.1e8131408d74b0f6e037.bundle.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.71.113.27 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

27.113.71.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

6b84b50d02b53735f29f223594b5e74f2f7a38a54a6f85382fb5efc458e5763c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.firebaseapp.com/ https://.appcues.com/ https://.gstatic.com/ https://.stripe.com/ https://.google.com/ https://.googleapis.com/ https://.firebaseio.com/ https://ad.doubleclick.net/ https://.facebook.com/ https://.sojern.com/ https://.sojern.net/ https://.datadoghq.com/ https://.googlesyndication.com/ https://.2mdn.net/ https://.browser-intake-datadoghq.com/ https://.browser-intake-us5-datadoghq.com/ ; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://.tile.openstreetmap.org/ https://heapanalytics.com/ https://.googleapis.com/ https://.2mdn.net/ https://.sojern.com/ https://.sojern.net/ blob: data:; connect-src 'self' https://.tile.openstreetmap.org/ wss://.firebaseio.com/ https://.sentry.io/ wss://.appcues.net/ wss://.sojern.net/ https://.sojern.net/ https://.sojern.com/ https://.googleapis.com/ https://.datadoghq.com/ https://.doubleclick.net/ https://.googlesyndication.com https://.browser-intake-datadoghq.com/ https://.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ data:; script-src 'self' blob: https://.truste.com/ https://.appcues.com/ https://.heapanalytics.com/ https://.gstatic.com/ https://.stripe.com/ https://.google.com/ https://.firebaseio.com/ https://.datadoghq.com/ https://.googletagservices.com/ https://.doubleclick.net/ https://.googlesyndication.com/ https://.2mdn.net/ https://.browser-intake-datadoghq.com/ https://.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://.googleapis.com/ https://.appcues.com/;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cl-60011.staging.apis.sojern.net/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Security-Policy: default-src 'self' https://*.firebaseapp.com/ https://*.appcues.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.googleapis.com/ https://*.firebaseio.com/ https://ad.doubleclick.net/ https://*.facebook.com/ https://*.sojern.com/ https://*.sojern.net/ https://*.datadoghq.com/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ https://*.browser-intake-us5-datadoghq.com/ ; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://*.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://*.tile.openstreetmap.org/ https://heapanalytics.com/ https://*.googleapis.com/ https://*.2mdn.net/ https://*.sojern.com/ https://*.sojern.net/ blob: data:; connect-src 'self' https://*.tile.openstreetmap.org/ wss://*.firebaseio.com/ https://*.sentry.io/ wss://*.appcues.net/ wss://*.sojern.net/ https://*.sojern.net/ https://*.sojern.com/ https://*.googleapis.com/ https://*.datadoghq.com/ https://*.doubleclick.net/ https://*.googlesyndication.com https://*.browser-intake-datadoghq.com/ https://*.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ data:; script-src 'self' blob: https://*.truste.com/ https://*.appcues.com/ https://*.heapanalytics.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.firebaseio.com/ https://*.datadoghq.com/ https://*.googletagservices.com/ https://*.doubleclick.net/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ https://*.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.appcues.com/;
ETag: "67568451-14e"
Connection: keep-alive
X-Permitted-Cross-Domain-Policies: master-only
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 334
Date: Mon, 09 Dec 2024 11:07:04 GMT
Content-Type: application/json
Last-Modified: Mon, 09 Dec 2024 05:46:57 GMT
Server: nginx
X-Frame-Options: DENY

POST
H2 403 rum Show response
browser-intake-us5-datadoghq.com/api/v2/ 131 B
216 B 117ms
112ms Fetch
application/json 2600:1901:0:c072::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser-intake-us5-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.29.1%2Capi%3Afetch%2Cenv%3Astaging%2Cservice%3Aphoenix%2Cversion%3Acl.60011.3&dd-api-key=pub33e34420940081752c6c1d85aeb901a6-invalid&dd-evp-origin-version=5.29.1&dd-evp-origin=browser&dd-request-id=b9c02122-672a-4fad-afd9-829aefa4244a&batch_time=1733742425135

Requested by

Host: cl-60011.staging.apis.sojern.net
URL: https://cl-60011.staging.apis.sojern.net/js/vendor.1e8131408d74b0f6e037.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:c072:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

73dcac3b9ef56abd8884ac9f6494c2d1bd7f9d9bec1494000799795794f30d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://cl-60011.staging.apis.sojern.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
date: Mon, 09 Dec 2024 11:07:04 GMT
content-type: application/json
dd-request-id: b9c02122-672a-4fad-afd9-829aefa4244a

GET
H/1.1 200
OK src_Pages_Login_index_ts.0e1e1a28dc1583ed143b.bundle.js Show response
cl-60011.staging.apis.sojern.net/js/ 144 KB
41 KB 239ms
238ms Script
application/javascript 34.71.113.27
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cl-60011.staging.apis.sojern.net/js/src_Pages_Login_index_ts.0e1e1a28dc1583ed143b.bundle.js

Requested by

Host: cl-60011.staging.apis.sojern.net
URL: https://cl-60011.staging.apis.sojern.net/js/main.dd783451cba7f56ade0c.bundle.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.71.113.27 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

27.113.71.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

14539af41ace9409116a925269ab3cf592fd04a22b72314ec1a631489b4be37c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.firebaseapp.com/ https://.appcues.com/ https://.gstatic.com/ https://.stripe.com/ https://.google.com/ https://.googleapis.com/ https://.firebaseio.com/ https://ad.doubleclick.net/ https://.facebook.com/ https://.sojern.com/ https://.sojern.net/ https://.datadoghq.com/ https://.googlesyndication.com/ https://.2mdn.net/ https://.browser-intake-datadoghq.com/ https://.browser-intake-us5-datadoghq.com/ ; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://.tile.openstreetmap.org/ https://heapanalytics.com/ https://.googleapis.com/ https://.2mdn.net/ https://.sojern.com/ https://.sojern.net/ blob: data:; connect-src 'self' https://.tile.openstreetmap.org/ wss://.firebaseio.com/ https://.sentry.io/ wss://.appcues.net/ wss://.sojern.net/ https://.sojern.net/ https://.sojern.com/ https://.googleapis.com/ https://.datadoghq.com/ https://.doubleclick.net/ https://.googlesyndication.com https://.browser-intake-datadoghq.com/ https://.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ data:; script-src 'self' blob: https://.truste.com/ https://.appcues.com/ https://.heapanalytics.com/ https://.gstatic.com/ https://.stripe.com/ https://.google.com/ https://.firebaseio.com/ https://.datadoghq.com/ https://.googletagservices.com/ https://.doubleclick.net/ https://.googlesyndication.com/ https://.2mdn.net/ https://.browser-intake-datadoghq.com/ https://.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://.googleapis.com/ https://.appcues.com/;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cl-60011.staging.apis.sojern.net/login?next=/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Frame-Options: DENY
Content-Security-Policy: default-src 'self' https://*.firebaseapp.com/ https://*.appcues.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.googleapis.com/ https://*.firebaseio.com/ https://ad.doubleclick.net/ https://*.facebook.com/ https://*.sojern.com/ https://*.sojern.net/ https://*.datadoghq.com/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ https://*.browser-intake-us5-datadoghq.com/ ; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://*.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://*.tile.openstreetmap.org/ https://heapanalytics.com/ https://*.googleapis.com/ https://*.2mdn.net/ https://*.sojern.com/ https://*.sojern.net/ blob: data:; connect-src 'self' https://*.tile.openstreetmap.org/ wss://*.firebaseio.com/ https://*.sentry.io/ wss://*.appcues.net/ wss://*.sojern.net/ https://*.sojern.net/ https://*.sojern.com/ https://*.googleapis.com/ https://*.datadoghq.com/ https://*.doubleclick.net/ https://*.googlesyndication.com https://*.browser-intake-datadoghq.com/ https://*.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ data:; script-src 'self' blob: https://*.truste.com/ https://*.appcues.com/ https://*.heapanalytics.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.firebaseio.com/ https://*.datadoghq.com/ https://*.googletagservices.com/ https://*.doubleclick.net/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ https://*.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.appcues.com/;
Content-Encoding: gzip
ETag: W/"675684eb-23ed5"
Connection: keep-alive
X-Permitted-Cross-Domain-Policies: master-only
X-Content-Type-Options: nosniff
Date: Mon, 09 Dec 2024 11:07:05 GMT
Content-Type: application/javascript
Last-Modified: Mon, 09 Dec 2024 05:49:31 GMT
Server: nginx
Vary: Accept-Encoding

GET
H2 200 h
heapanalytics.com/ 37 B
377 B 100ms
100ms Image
image/gif 50.19.197.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=3605082106&u=1723945592181434&v=4550650781561994&s=436924851307759&b=web&tv=4.0&z=2&h=%2Flogin&q=%3Fnext%3D%2F&d=cl-60011.staging.apis.sojern.net&t=Sojern&ts=1733742425212&pr=%2F&sp=ts&sp=1733742405856&sp=d&sp=cl-60011.staging.apis.sojern.net&sp=h&sp=%2F&sch=1200&scw=1600&st=1733742425212&lv=4.23.4&ld=cdn.heapanalytics.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.19.197.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-19-197-104.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cl-60011.staging.apis.sojern.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma: no-cache
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
access-control-allow-methods: POST, PUT, GET
access-control-allow-origin: *
content-length: 37
date: Mon, 09 Dec 2024 11:07:05 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H/1.1 200
OK Favicon_Sojern.png
cl-60011.staging.apis.sojern.net/ 919 B
0 0ms
0ms Other
image/png 34.71.113.27
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cl-60011.staging.apis.sojern.net/Favicon_Sojern.png

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.71.113.27 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

27.113.71.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

1ba82bc7475bc4dc29f9bfa6a42d832c8ff49ecf2d1877704d5c8660cdaf83a8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.firebaseapp.com/ https://.appcues.com/ https://.gstatic.com/ https://.stripe.com/ https://.google.com/ https://.googleapis.com/ https://.firebaseio.com/ https://ad.doubleclick.net/ https://.facebook.com/ https://.sojern.com/ https://.sojern.net/ https://.datadoghq.com/ https://.googlesyndication.com/ https://.2mdn.net/ https://.browser-intake-datadoghq.com/ https://.browser-intake-us5-datadoghq.com/ ; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://.tile.openstreetmap.org/ https://heapanalytics.com/ https://.googleapis.com/ https://.2mdn.net/ https://.sojern.com/ https://.sojern.net/ blob: data:; connect-src 'self' https://.tile.openstreetmap.org/ wss://.firebaseio.com/ https://.sentry.io/ wss://.appcues.net/ wss://.sojern.net/ https://.sojern.net/ https://.sojern.com/ https://.googleapis.com/ https://.datadoghq.com/ https://.doubleclick.net/ https://.googlesyndication.com https://.browser-intake-datadoghq.com/ https://.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ data:; script-src 'self' blob: https://.truste.com/ https://.appcues.com/ https://.heapanalytics.com/ https://.gstatic.com/ https://.stripe.com/ https://.google.com/ https://.firebaseio.com/ https://.datadoghq.com/ https://.googletagservices.com/ https://.doubleclick.net/ https://.googlesyndication.com/ https://.2mdn.net/ https://.browser-intake-datadoghq.com/ https://.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://.googleapis.com/ https://.appcues.com/;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cl-60011.staging.apis.sojern.net/login?next=/

Response headers

Content-Security-Policy: default-src 'self' https://*.firebaseapp.com/ https://*.appcues.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.googleapis.com/ https://*.firebaseio.com/ https://ad.doubleclick.net/ https://*.facebook.com/ https://*.sojern.com/ https://*.sojern.net/ https://*.datadoghq.com/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ https://*.browser-intake-us5-datadoghq.com/ ; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://*.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://*.tile.openstreetmap.org/ https://heapanalytics.com/ https://*.googleapis.com/ https://*.2mdn.net/ https://*.sojern.com/ https://*.sojern.net/ blob: data:; connect-src 'self' https://*.tile.openstreetmap.org/ wss://*.firebaseio.com/ https://*.sentry.io/ wss://*.appcues.net/ wss://*.sojern.net/ https://*.sojern.net/ https://*.sojern.com/ https://*.googleapis.com/ https://*.datadoghq.com/ https://*.doubleclick.net/ https://*.googlesyndication.com https://*.browser-intake-datadoghq.com/ https://*.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ data:; script-src 'self' blob: https://*.truste.com/ https://*.appcues.com/ https://*.heapanalytics.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.firebaseio.com/ https://*.datadoghq.com/ https://*.googletagservices.com/ https://*.doubleclick.net/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ https://*.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.appcues.com/;
ETag: "67568451-397"
X-Permitted-Cross-Domain-Policies: master-only
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 919
Date: Mon, 09 Dec 2024 11:07:04 GMT
Content-Type: image/png
Last-Modified: Mon, 09 Dec 2024 05:46:57 GMT
Server: nginx
X-Frame-Options: DENY

POST
H3 403 replay Show response
browser-intake-us5-datadoghq.com/api/v2/ 131 B
151 B 118ms
115ms Fetch
application/json 34.149.66.134
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser-intake-us5-datadoghq.com/api/v2/replay?ddsource=browser&ddtags=sdk_version%3A5.29.1%2Capi%3Afetch%2Cenv%3Astaging%2Cservice%3Aphoenix%2Cversion%3Acl.60011.3&dd-api-key=pub33e34420940081752c6c1d85aeb901a6-invalid&dd-evp-origin-version=5.29.1&dd-evp-origin=browser&dd-request-id=2ab33659-a4fa-4fc9-aefa-399a615304cd

Requested by

Host: cl-60011.staging.apis.sojern.net
URL: https://cl-60011.staging.apis.sojern.net/js/vendor.1e8131408d74b0f6e037.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.66.134 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

134.66.149.34.bc.googleusercontent.com

Software

Resource Hash

a310f33a8c7f10b56f3b4dc7e61a6397176b5f1e2cda80f6f2dbc99edf2e8448

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryntNmrVft8GU0zwoc
Referer: https://cl-60011.staging.apis.sojern.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
date: Mon, 09 Dec 2024 11:07:05 GMT
content-type: application/json
dd-request-id: 2ab33659-a4fa-4fc9-aefa-399a615304cd

POST
H3 403 replay Show response
browser-intake-us5-datadoghq.com/api/v2/ 131 B
151 B 116ms
83ms XHR
application/json 34.149.66.134
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cl-60011.staging.apis.sojern.net
URL: https://cl-60011.staging.apis.sojern.net/js/vendor.1e8131408d74b0f6e037.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.66.134 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

134.66.149.34.bc.googleusercontent.com

Software

Resource Hash

b8b83b9e318a788ab2ca1cc42d74fac057f2422b03f196a82cd01bf328143266

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary2imKRdsYmmUycreO
Referer: https://cl-60011.staging.apis.sojern.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
date: Mon, 09 Dec 2024 11:07:05 GMT
content-type: application/json
dd-request-id: 5fc6e0f0-d5de-4d02-8167-3a3a1716b925

GET
H/1.1 200
OK c100ded634307e7d4a44.svg
cl-60011.staging.apis.sojern.net/assets/ 89 KB
91 KB 159ms
158ms Image
image/svg+xml 34.71.113.27
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cl-60011.staging.apis.sojern.net/assets/c100ded634307e7d4a44.svg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.71.113.27 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

27.113.71.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.firebaseapp.com/ https://.appcues.com/ https://.gstatic.com/ https://.stripe.com/ https://.google.com/ https://.googleapis.com/ https://.firebaseio.com/ https://ad.doubleclick.net/ https://.facebook.com/ https://.sojern.com/ https://.sojern.net/ https://.datadoghq.com/ https://.googlesyndication.com/ https://.2mdn.net/ https://.browser-intake-datadoghq.com/ https://.browser-intake-us5-datadoghq.com/ ; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://.tile.openstreetmap.org/ https://heapanalytics.com/ https://.googleapis.com/ https://.2mdn.net/ https://.sojern.com/ https://.sojern.net/ blob: data:; connect-src 'self' https://.tile.openstreetmap.org/ wss://.firebaseio.com/ https://.sentry.io/ wss://.appcues.net/ wss://.sojern.net/ https://.sojern.net/ https://.sojern.com/ https://.googleapis.com/ https://.datadoghq.com/ https://.doubleclick.net/ https://.googlesyndication.com https://.browser-intake-datadoghq.com/ https://.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ data:; script-src 'self' blob: https://.truste.com/ https://.appcues.com/ https://.heapanalytics.com/ https://.gstatic.com/ https://.stripe.com/ https://.google.com/ https://.firebaseio.com/ https://.datadoghq.com/ https://.googletagservices.com/ https://.doubleclick.net/ https://.googlesyndication.com/ https://.2mdn.net/ https://.browser-intake-datadoghq.com/ https://.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://.googleapis.com/ https://.appcues.com/;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cl-60011.staging.apis.sojern.net/login?next=/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Security-Policy: default-src 'self' https://*.firebaseapp.com/ https://*.appcues.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.googleapis.com/ https://*.firebaseio.com/ https://ad.doubleclick.net/ https://*.facebook.com/ https://*.sojern.com/ https://*.sojern.net/ https://*.datadoghq.com/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ https://*.browser-intake-us5-datadoghq.com/ ; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://*.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://*.tile.openstreetmap.org/ https://heapanalytics.com/ https://*.googleapis.com/ https://*.2mdn.net/ https://*.sojern.com/ https://*.sojern.net/ blob: data:; connect-src 'self' https://*.tile.openstreetmap.org/ wss://*.firebaseio.com/ https://*.sentry.io/ wss://*.appcues.net/ wss://*.sojern.net/ https://*.sojern.net/ https://*.sojern.com/ https://*.googleapis.com/ https://*.datadoghq.com/ https://*.doubleclick.net/ https://*.googlesyndication.com https://*.browser-intake-datadoghq.com/ https://*.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ data:; script-src 'self' blob: https://*.truste.com/ https://*.appcues.com/ https://*.heapanalytics.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.firebaseio.com/ https://*.datadoghq.com/ https://*.googletagservices.com/ https://*.doubleclick.net/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ https://*.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.appcues.com/;
ETag: "67568451-1638d"
Connection: keep-alive
X-Permitted-Cross-Domain-Policies: master-only
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 91021
Date: Mon, 09 Dec 2024 11:07:05 GMT
Content-Type: image/svg+xml
Last-Modified: Mon, 09 Dec 2024 05:46:57 GMT
Server: nginx
X-Frame-Options: DENY

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 25EA 0
0 106ms
33ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cl-60011.staging.apis.sojern.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1738396
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=31536000
content-encoding: br
content-length: 122
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 09 Dec 2024 11:07:09 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Tue, 19 Nov 2024 00:27:09 GMT
origin-agent-cluster: ?1
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 76896
x-content-type-options: nosniff
x-request-id: f8b4d850-203a-4536-bf83-40efafe947b9
x-served-by: cache-mad2200086-MAD

POST
H3 403 replay Show response
browser-intake-us5-datadoghq.com/api/v2/ 131 B
151 B 119ms
114ms Fetch
application/json 34.149.66.134
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cl-60011.staging.apis.sojern.net
URL: https://cl-60011.staging.apis.sojern.net/js/vendor.1e8131408d74b0f6e037.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.66.134 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

134.66.149.34.bc.googleusercontent.com

Software

Resource Hash

494667ea30dba9e421a59eb480e57dd46c8e5082e7784fc0172c38df05d51121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryAzu4BB1Jqm3HWYTu
Referer: https://cl-60011.staging.apis.sojern.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
date: Mon, 09 Dec 2024 11:07:09 GMT
content-type: application/json
dd-request-id: 1670b900-f463-428c-a28d-82b76e5a9095

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cl-60011.staging.apis.sojern.net
URL: blob:https://cl-60011.staging.apis.sojern.net/e14ac615-9726-47ca-8f76-4365699c0405

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sojern.net/	1970-01-21 01:35:44	Name: _hp2_ses_props.3605082106 Value: %7B%22ts%22%3A1733742405856%2C%22d%22%3A%22cl-60011.staging.apis.sojern.net%22%2C%22h%22%3A%22%2F%22%7D
.sojern.net/	1970-01-21 11:03:40	Name: _hp2_id.3605082106 Value: %7B%22userId%22%3A%221723945592181434%22%2C%22pageviewId%22%3A%224550650781561994%22%2C%22sessionId%22%3A%22436924851307759%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
m.stripe.com/	1970-01-21 11:11:42	Name: m Value: 059f4c3e-8818-4598-a67f-dfe38e93f886e27dc6
.cl-60011.staging.apis.sojern.net/	1970-01-21 10:21:18	Name: __stripe_mid Value: f3e4e814-6c7b-4bac-a229-7080ceb3a15bec807b
.cl-60011.staging.apis.sojern.net/	1970-01-21 01:35:44	Name: __stripe_sid Value: 1be20067-2cff-427b-a5ba-d611bc644a56cdeb88
cl-60011.staging.apis.sojern.net/	1970-01-21 01:35:43	Name: _dd_s Value: rum=1&id=12760b82-f370-433e-9b3e-dbfd56fe2abe&created=1733742423557&expire=1733743323642&logs=1

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://browser-intake-us5-datadoghq.com/api/v2/replay?ddsource=browser&ddtags=sdk_version%3A5.29.1%2Capi%3Axhr%2Cenv%3Astaging%2Cservice%3Aphoenix%2Cversion%3Acl.60011.3&dd-api-key=pub33e34420940081752c6c1d85aeb901a6-invalid&dd-evp-origin-version=5.29.1&dd-evp-origin=browser&dd-request-id=ef421167-1e2d-49a1-9874-9096caf9ba86 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://browser-intake-us5-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.29.1%2Capi%3Afetch%2Cenv%3Astaging%2Cservice%3Aphoenix%2Cversion%3Acl.60011.3&dd-api-key=pub33e34420940081752c6c1d85aeb901a6-invalid&dd-evp-origin-version=5.29.1&dd-evp-origin=browser&dd-request-id=b9c02122-672a-4fad-afd9-829aefa4244a&batch_time=1733742425135 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://browser-intake-us5-datadoghq.com/api/v2/replay?ddsource=browser&ddtags=sdk_version%3A5.29.1%2Capi%3Afetch%2Cenv%3Astaging%2Cservice%3Aphoenix%2Cversion%3Acl.60011.3&dd-api-key=pub33e34420940081752c6c1d85aeb901a6-invalid&dd-evp-origin-version=5.29.1&dd-evp-origin=browser&dd-request-id=2ab33659-a4fa-4fc9-aefa-399a615304cd Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://browser-intake-us5-datadoghq.com/api/v2/replay?ddsource=browser&ddtags=sdk_version%3A5.29.1%2Capi%3Axhr%2Cenv%3Astaging%2Cservice%3Aphoenix%2Cversion%3Acl.60011.3&dd-api-key=pub33e34420940081752c6c1d85aeb901a6-invalid&dd-evp-origin-version=5.29.1&dd-evp-origin=browser&dd-request-id=5fc6e0f0-d5de-4d02-8167-3a3a1716b925 Message: Failed to load resource: the server responded with a status of 403 ()
recommendation	verbose	URL: https://cl-60011.staging.apis.sojern.net/login?next=/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://browser-intake-us5-datadoghq.com/api/v2/replay?ddsource=browser&ddtags=sdk_version%3A5.29.1%2Capi%3Afetch%2Cenv%3Astaging%2Cservice%3Aphoenix%2Cversion%3Acl.60011.3&dd-api-key=pub33e34420940081752c6c1d85aeb901a6-invalid&dd-evp-origin-version=5.29.1&dd-evp-origin=browser&dd-request-id=1670b900-f463-428c-a28d-82b76e5a9095 Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https://.firebaseapp.com/ https://.appcues.com/ https://.gstatic.com/ https://.stripe.com/ https://.google.com/ https://.googleapis.com/ https://.firebaseio.com/ https://ad.doubleclick.net/ https://.facebook.com/ https://.sojern.com/ https://.sojern.net/ https://.datadoghq.com/ https://.googlesyndication.com/ https://.2mdn.net/ https://.browser-intake-datadoghq.com/ https://.browser-intake-us5-datadoghq.com/ ; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://.tile.openstreetmap.org/ https://heapanalytics.com/ https://.googleapis.com/ https://.2mdn.net/ https://.sojern.com/ https://.sojern.net/ blob: data:; connect-src 'self' https://.tile.openstreetmap.org/ wss://.firebaseio.com/ https://.sentry.io/ wss://.appcues.net/ wss://.sojern.net/ https://.sojern.net/ https://.sojern.com/ https://.googleapis.com/ https://.datadoghq.com/ https://.doubleclick.net/ https://.googlesyndication.com https://.browser-intake-datadoghq.com/ https://.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ data:; script-src 'self' blob: https://.truste.com/ https://.appcues.com/ https://.heapanalytics.com/ https://.gstatic.com/ https://.stripe.com/ https://.google.com/ https://.firebaseio.com/ https://.datadoghq.com/ https://.googletagservices.com/ https://.doubleclick.net/ https://.googlesyndication.com/ https://.2mdn.net/ https://.browser-intake-datadoghq.com/ https://.browser-intake-us5-datadoghq.com/ https://browser-intake-us5-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://.googleapis.com/ https://.appcues.com/;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser-intake-us5-datadoghq.com
cdn.heapanalytics.com
cl-60011.staging.apis.sojern.net
fast.appcues.com
heapanalytics.com
js.stripe.com
cl-60011.staging.apis.sojern.net
13.32.121.85
151.101.0.176
151.101.128.176
2600:1901:0:c072::
2a04:4e42::622
34.149.66.134
34.71.113.27
50.19.197.104
0cc50523f714961f9752ea48314aad00b566fa1412c930c11c24c8349e1e3d93
14539af41ace9409116a925269ab3cf592fd04a22b72314ec1a631489b4be37c
1ba82bc7475bc4dc29f9bfa6a42d832c8ff49ecf2d1877704d5c8660cdaf83a8
1de7f8d34aa5925356f53aaaa4f70dce33733ea84a36ac47a71ff6caa939a462
3fd709a6bd94f25d1f26c0e6a88d3a94728eeb73770cec4065b5c5469e92375c
494667ea30dba9e421a59eb480e57dd46c8e5082e7784fc0172c38df05d51121
67e4ee5d8bbb06142251d7820ed92f3293f1d05329b1940c3d3b37ff0be23dac
6b84b50d02b53735f29f223594b5e74f2f7a38a54a6f85382fb5efc458e5763c
73dcac3b9ef56abd8884ac9f6494c2d1bd7f9d9bec1494000799795794f30d48
77cc9b4e0fccd1f49cbe8fca5e240728fdc5cd67d4767d19217b62566866de79
8c7ad8236bedc03b54dcff692375f0b248d4a1960eb387767e5d8aa0d88b3cd9
8dee83492298c88f0b951684afe8f22f149f2564135b59ee83f34f8f10452d18
94d74d2f9950f52000aed0e821eece4617fbe44840120c5443ccfef1d667ac4a
a310f33a8c7f10b56f3b4dc7e61a6397176b5f1e2cda80f6f2dbc99edf2e8448
b5ad7bd39f996144915f0ad9849a90183b27d8c28ad97ed98af5b1bebc51f6b1
b8239e736cdf9c401f5df22c3b7fea367f1182fbcdb8ff70ea95a2ad6a760343
b8b83b9e318a788ab2ca1cc42d74fac057f2422b03f196a82cd01bf328143266
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c2f5a697cf483b8a50b286ec9481c2767bcc448ad563047894e7e623de8049eb
cffee18f08d710105a95a15eb6324ccf7ec52f175a2f2fba4eb8455dd6d06fae
e17991526bd818a02fa0e3947a6a557ac82f124da4bd3393f297f81dcbc52fea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f194f7525b03d3d1cafc8136adef82648902288e15f98fd4fcfea531cafbe124
f465dfca55a522960db8d542b900bb6e512ae852f686b1d5712e3c46829f1a95

cl-60011.staging.apis.sojern.net Open in urlscan Pro 34.71.113.27 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

28 Requests

96 %HTTPS

25 %IPv6

5 Domains

6 Subdomains

9 IPs

1 Countries

19419 kBTransfer

81729 kBSize

6 Cookies

2 Outgoing links

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

6 Cookies

6 Console Messages

cl-60011.staging.apis.sojern.net Open in urlscan Pro
34.71.113.27 Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

96 %
HTTPS

25 %
IPv6

5
Domains

6
Subdomains

9
IPs

1
Countries

19419 kB
Transfer

81729 kB
Size

6
Cookies

28 HTTP transactions
0 data transactions