URL: https://demo.lasso.ai/
Submission: On February 15 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 10 IPs in 2 countries across 6 domains to perform 27 HTTP transactions. The main IP is 2606:4700:10::6816:3967, located in United States and belongs to CLOUDFLARENET, US. The main domain is demo.lasso.ai.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 9th 2022. Valid for: a year.
This is the only time demo.lasso.ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 2606:4700:10:... 13335 (CLOUDFLAR...)
3 151.101.192.176 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 108.156.61.171 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 54.186.23.98 16509 (AMAZON-02)
2 13.32.110.94 16509 (AMAZON-02)
2 52.10.183.135 16509 (AMAZON-02)
1 35.161.86.192 16509 (AMAZON-02)
27 10
Apex Domain
Subdomains
Transfer
12 lasso.ai
demo.lasso.ai
5 MB
7 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1255
q.stripe.com — Cisco Umbrella Rank: 8027
m.stripe.com — Cisco Umbrella Rank: 1235
121 KB
3 amplitude.com
cdn.amplitude.com — Cisco Umbrella Rank: 3173
api.amplitude.com — Cisco Umbrella Rank: 1465
28 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1317
16 KB
1 gstatic.com
fonts.gstatic.com
24 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 54
1 KB
27 6
Domain Requested by
12 demo.lasso.ai demo.lasso.ai
3 q.stripe.com demo.lasso.ai
3 js.stripe.com demo.lasso.ai
js.stripe.com
2 api.amplitude.com demo.lasso.ai
2 m.stripe.network js.stripe.com
m.stripe.network
1 m.stripe.com m.stripe.network
1 fonts.gstatic.com fonts.googleapis.com
1 cdn.amplitude.com demo.lasso.ai
1 fonts.googleapis.com demo.lasso.ai
27 9

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-09 -
2023-06-09
a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA
2023-02-06 -
2023-05-13
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-01-31 -
2023-04-25
3 months crt.sh
cdn.amplitude.com
Amazon RSA 2048 M01
2023-01-12 -
2024-02-11
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-01-31 -
2023-04-25
3 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-02-14 -
2023-06-13
4 months crt.sh
*.amplitude.com
COMODO RSA Domain Validation Secure Server CA
2022-01-28 -
2023-02-28
a year crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1
2023-01-08 -
2023-04-08
3 months crt.sh

This page contains 3 frames:

Primary Page: https://demo.lasso.ai/
Frame ID: 3351C3B490E17AB0D884572F379BC2AE
Requests: 18 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 5C2EB831DE4AE56BA1EABFC20E91058F
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 8B3D2C9BEC7BE6D81AA92442544A6FA7
Requests: 4 HTTP requests in this frame

Screenshot

Page Title

Lasso

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Overall confidence: 100%
Detected patterns
  • cdn\.amplitude\.com

Page Statistics

27
Requests

96 %
HTTPS

33 %
IPv6

6
Domains

9
Subdomains

10
IPs

2
Countries

5667 kB
Transfer

9886 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
demo.lasso.ai/
3 KB
2 KB
Document
General
Full URL
https://demo.lasso.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3967 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e2f696089cbc1724c9e79bd4126520ed27868ca3f24f9aad1dd91431504bc91

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
799ca16e79035c3e-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 15 Feb 2023 08:21:32 GMT
server
cloudflare
index.css
demo.lasso.ai/css/
328 KB
53 KB
Stylesheet
General
Full URL
https://demo.lasso.ai/css/index.css?ts=1675716346
Requested by
Host: demo.lasso.ai
URL: https://demo.lasso.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3967 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3213a0abdfe340b612293fe0af9b8c633b6ae65bc28e3bf8f6e1c4f8c0ba30ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demo.lasso.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 08:21:34 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 06 Feb 2023 20:45:46 GMT
server
cloudflare
etag
W/"63e166fa-51e73"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
799ca1728e005c3e-FRA
/
js.stripe.com/v3/
437 KB
117 KB
Script
General
Full URL
https://js.stripe.com/v3/
Requested by
Host: demo.lasso.ai
URL: https://demo.lasso.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
e861595fa7024f9db1f207582d5d79149e244e4118e7c71975a6c816e9dd5922
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demo.lasso.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Wed, 15 Feb 2023 08:21:33 GMT
via
1.1 varnish
age
35
x-cache
HIT
content-length
119839
x-request-id
59b30583-2e15-4e88-83df-fc6e310e6d6d
x-served-by
cache-hhn-etou8220026-HHN
last-modified
Tue, 14 Feb 2023 21:54:09 GMT
server
Fastly
etag
"c581f2125aefc6abf71e57ed1ac7411d"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
14
app.js
demo.lasso.ai/js/
2 MB
473 KB
Script
General
Full URL
https://demo.lasso.ai/js/app.js?ts=1676394962
Requested by
Host: demo.lasso.ai
URL: https://demo.lasso.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3967 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc505fdefd87c9301fed8e81458678adc84bcb9fbfe73bbd8ed715cf460d9af2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demo.lasso.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 08:21:34 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 14 Feb 2023 17:16:02 GMT
server
cloudflare
etag
W/"63ebc1d2-1c0dfa"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
799ca1728e015c3e-FRA
css2
fonts.googleapis.com/
8 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Darker+Grotesque:wght@400;700;900&family=Lato:ital,wght@0,400;0,700;0,900;1,400;1,700;1,900&display=swap
Requested by
Host: demo.lasso.ai
URL: https://demo.lasso.ai/css/index.css?ts=1675716346
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f03ccb43415c156edf84b1fd621f9fe713722530bbdfead0d63d2187d599aebc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demo.lasso.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 15 Feb 2023 08:21:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 15 Feb 2023 08:21:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 15 Feb 2023 08:21:34 GMT
amplitude-8.17.0-min.gz.js
cdn.amplitude.com/libs/
92 KB
27 KB
Script
General
Full URL
https://cdn.amplitude.com/libs/amplitude-8.17.0-min.gz.js
Requested by
Host: demo.lasso.ai
URL: https://demo.lasso.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.61.171 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-61-171.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7e7a2297c8371775455adc684445c2a383bcd0cee869777d45aefd8bc08456a6

Request headers

Referer
https://demo.lasso.ai/
Origin
https://demo.lasso.ai
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 08:21:35 GMT
content-encoding
gzip
via
1.1 e802bba79ff3efb2497084ca4babc248.cloudfront.net (CloudFront)
x-amz-version-id
wr63ICD3duh0Opi8j2KDhI34Ow38BHG0
x-amz-cf-pop
AMS1-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
27400
last-modified
Fri, 25 Mar 2022 19:53:18 GMT
server
AmazonS3
etag
"e5211b7cbee53b6912f07a1cd72a4582"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
JFYMqhOcOsuzif7gJt3I-dK24VRH1-f-eyr7-ZIUOu4bta7PUdvLBA==
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/
23 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Darker+Grotesque:wght@400;700;900&family=Lato:ital,wght@0,400;0,700;0,900;1,400;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://demo.lasso.ai
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 15:21:12 GMT
x-content-type-options
nosniff
age
61222
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Feb 2024 15:21:12 GMT
706-1676394854038.js
demo.lasso.ai/js/
938 KB
197 KB
Script
General
Full URL
https://demo.lasso.ai/js/706-1676394854038.js
Requested by
Host: demo.lasso.ai
URL: https://demo.lasso.ai/js/app.js?ts=1676394962
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3967 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31ae8ba4f9661c94e61e274279a3079ceaa8ded7a488534abb83ea61feed81e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demo.lasso.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 08:21:36 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 14 Feb 2023 17:16:02 GMT
server
cloudflare
etag
W/"63ebc1d2-ea855"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
799ca17e1abc5c3e-FRA
user
demo.lasso.ai/ui-api/
30 B
801 B
XHR
General
Full URL
https://demo.lasso.ai/ui-api/user
Requested by
Host: demo.lasso.ai
URL: https://demo.lasso.ai/js/app.js?ts=1676394962
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3967 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8031180d4d982a471ca97ef5a04e8d013d003c5c19e80d0a5f45401c4463ec27

Request headers

Accept
application/json
Referer
https://demo.lasso.ai/
X-XSRF-TOKEN
eyJpdiI6IkpoVnY1VmE3Ry82cUxCUXM1ak9COUE9PSIsInZhbHVlIjoiVkpqRFNYM2RqaEVmQUpCR1FkbHMxb1lZa01LTUpqSXp2SDNVZzJmT2FUdzVISHJxRnZzU1F1VTlQVW54S1RGZjlIZE1RM3ZIbTQ1Vy9lRExoRUVJQ0ZmdmN5U2FVbG03eXJrcS83ZEx6UnBlbkNITFZYWDNmWW52d1FVaURKVnIiLCJtYWMiOiI1YzRlMGZiMjc5ZTY4MTE2YTVlNGMyNDJiMzU2YTQwNDg2MmNkNmNmYWU3ODEwYTdhOTNmZWI2MTM5YTkxMzE1In0=
X-CSRF-TOKEN
m6vuX3KJsPvNYGQ4gAO6bk63dYYfDQQUHOmVocbh
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 08:21:35 GMT
cache-control
no-cache, private
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
799ca17e5b065c3e-FRA
content-type
application/json
m-outer-93afeeb17bc37e711759584dbfc50d47.html
js.stripe.com/v3/ Frame 5C2E
200 B
809 B
Document
General
Full URL
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://demo.lasso.ai/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
5984191
cache-control
max-age=31536000
content-encoding
br
content-length
122
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 15 Feb 2023 08:21:35 GMT
etag
"93afeeb17bc37e711759584dbfc50d47"
last-modified
Wed, 07 Dec 2022 23:30:12 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
1374403
x-content-type-options
nosniff
x-request-id
188e468c-e9ee-436e-a5c7-59f04b0f4bdc
x-served-by
cache-hhn-etou8220026-HHN
csp-report
q.stripe.com/ Frame 5C2E
0
599 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: demo.lasso.ai
URL: https://demo.lasso.ai/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 15 Feb 2023 08:21:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 5C2E
0
599 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: demo.lasso.ai
URL: https://demo.lasso.ai/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 15 Feb 2023 08:21:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
m-outer-8cb24ab2d649fd36a488d04d8c457933.js
js.stripe.com/v3/fingerprinted/js/ Frame 5C2E
631 B
467 B
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Wed, 15 Feb 2023 08:21:35 GMT
via
1.1 varnish
age
5984190
x-cache
HIT
content-length
332
x-request-id
1cd58d74-90dd-4006-8b8c-13109cd12a1e
x-served-by
cache-hhn-etou8220026-HHN
last-modified
Wed, 07 Dec 2022 23:30:11 GMT
server
Fastly
etag
"f8f6a4584135f737b26927596ce6e0a7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1215294
inner.html
m.stripe.network/ Frame 8B3D
930 B
2 KB
Document
General
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-94.vie50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
219
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 15 Feb 2023 08:18:18 GMT
etag
"fc2e029628f163bb59adc6fa5a31161c"
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 639dd5dd68d7e7193120d95480cd44ca.cloudfront.net (CloudFront)
x-amz-cf-id
NpCGpR8Ujtyp90E6936lyvgw8UlEFhX3uS8W8rGccSF1_uxAAI6eXA==
x-amz-cf-pop
VIE50-C2
x-cache
Hit from cloudfront
x-content-type-options
nosniff
csp-report
q.stripe.com/ Frame 8B3D
0
374 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: demo.lasso.ai
URL: https://demo.lasso.ai/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
application/csp-report

Response headers

x-stripe-bg-intended-route-color
blue
pragma
no-cache
date
Wed, 15 Feb 2023 08:21:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
nginx
cross-origin-opener-policy
same-origin
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
x-robots-tag
none
content-length
0
expires
0
out-4.5.42.js
m.stripe.network/ Frame 8B3D
86 KB
15 KB
Script
General
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-94.vie50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Wed, 15 Feb 2023 08:17:28 GMT
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
via
1.1 639dd5dd68d7e7193120d95480cd44ca.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
etag
W/"21df7244385e5c0bdf32da01d0dad6c0"
age
248
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
TQSG-nnazZdJVyXBWqVn9qM-UArLfvOO22IhWdQHcSMk8wVRX3AZ4A==
/
api.amplitude.com/
7 B
205 B
XHR
General
Full URL
https://api.amplitude.com/
Requested by
Host: demo.lasso.ai
URL: https://demo.lasso.ai/js/app.js?ts=1676394962
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.183.135 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-183-135.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://demo.lasso.ai/
Cross-Origin-Resource-Policy
cross-origin
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 15 Feb 2023 08:21:35 GMT
strict-transport-security
max-age=15768000
trace-id
Root=1-63ec960f-3d603b050b87ddc8447e4a73
content-length
7
access-control-allow-methods
GET, POST
content-type
text/html;charset=utf-8
/
api.amplitude.com/ Frame
0
0
Preflight
General
Full URL
https://api.amplitude.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.183.135 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-183-135.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Headers
cross-origin-resource-policy
Access-Control-Request-Method
POST
Origin
https://demo.lasso.ai
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-headers
cross-origin-resource-policy
access-control-allow-methods
GET, POST
access-control-allow-origin
*
content-length
0
date
Wed, 15 Feb 2023 08:21:35 GMT
strict-transport-security
max-age=15768000
White-cactus.svg
demo.lasso.ai/images/
2 KB
957 B
Image
General
Full URL
https://demo.lasso.ai/images/White-cactus.svg?83ceda724f51832d116717402155df9b
Requested by
Host: demo.lasso.ai
URL: https://demo.lasso.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3967 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8140774bf62c30ea3b21103f5db7a16e52aded368742c002fd1af4dc5eaedd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demo.lasso.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 08:21:35 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 16 Aug 2022 04:29:54 GMT
server
cloudflare
etag
W/"62fb1d42-776"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
799ca17feccf5c3e-FRA
6a520803e444f734c48da5f0687f2d8b.mp4
demo.lasso.ai/
62 KB
0
Media
General
Full URL
https://demo.lasso.ai/6a520803e444f734c48da5f0687f2d8b.mp4
Requested by
Host: demo.lasso.ai
URL: https://demo.lasso.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3967 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://demo.lasso.ai/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 15 Feb 2023 08:21:36 GMT
cf-cache-status
MISS
last-modified
Wed, 08 Feb 2023 13:43:56 GMT
server
cloudflare
etag
"63e3a71c-5a11ad"
vary
Accept-Encoding
content-type
video/mp4
Content-Range
bytes 0-5902764/5902765
cache-control
max-age=14400
cf-ray
799ca17ffcd55c3e-FRA
Content-Length
5902765
6
m.stripe.com/ Frame 8B3D
156 B
551 B
XHR
General
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.161.86.192 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-161-86-192.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
d9ee3472ae221b5fbf625ccf4e02d2fee839f11d24b96b4b5d6785aea7936726
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 15 Feb 2023 08:21:35 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
server
nginx
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
6a520803e444f734c48da5f0687f2d8b.mp4
demo.lasso.ai/
120 KB
0
Media
General
Full URL
https://demo.lasso.ai/6a520803e444f734c48da5f0687f2d8b.mp4
Requested by
Host: demo.lasso.ai
URL: https://demo.lasso.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3967 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://demo.lasso.ai/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Range
bytes=5734400-

Response headers

date
Wed, 15 Feb 2023 08:21:37 GMT
cf-cache-status
HIT
last-modified
Wed, 08 Feb 2023 13:43:56 GMT
server
cloudflare
age
1
etag
"63e3a71c-5a11ad"
vary
Accept-Encoding
content-type
video/mp4
Content-Range
bytes 5734400-5902764/5902765
cache-control
max-age=14400
cf-ray
799ca184daee5c3e-FRA
Content-Length
168365
6a520803e444f734c48da5f0687f2d8b.mp4
demo.lasso.ai/
0
0

6a520803e444f734c48da5f0687f2d8b.mp4
demo.lasso.ai/
100 KB
101 KB
Media
General
Full URL
https://demo.lasso.ai/6a520803e444f734c48da5f0687f2d8b.mp4
Requested by
Host: demo.lasso.ai
URL: https://demo.lasso.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3967 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b4dc25da592e963aa9b05469c3d2883d62db990257b560f1d5a5a3a203f4de1

Request headers

Referer
https://demo.lasso.ai/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Range
bytes=5799936-

Response headers

date
Wed, 15 Feb 2023 08:21:37 GMT
cf-cache-status
HIT
last-modified
Wed, 08 Feb 2023 13:43:56 GMT
server
cloudflare
age
2
etag
"63e3a71c-5a11ad"
vary
Accept-Encoding
content-type
video/mp4
Content-Range
bytes 5799936-5902764/5902765
cache-control
max-age=14400
cf-ray
799ca18ac9795c3e-FRA
Content-Length
102829
6a520803e444f734c48da5f0687f2d8b.mp4
demo.lasso.ai/
287 KB
0
Media
General
Full URL
https://demo.lasso.ai/6a520803e444f734c48da5f0687f2d8b.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3967 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://demo.lasso.ai/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Range
bytes=950272-

Response headers

date
Wed, 15 Feb 2023 08:21:37 GMT
cf-cache-status
HIT
last-modified
Wed, 08 Feb 2023 13:43:56 GMT
server
cloudflare
age
2
etag
"63e3a71c-5a11ad"
vary
Accept-Encoding
content-type
video/mp4
Content-Range
bytes 950272-5902764/5902765
cache-control
max-age=14400
cf-ray
799ca18af9af5c3e-FRA
Content-Length
4952493
6a520803e444f734c48da5f0687f2d8b.mp4
demo.lasso.ai/
959 KB
0
Media
General
Full URL
https://demo.lasso.ai/6a520803e444f734c48da5f0687f2d8b.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3967 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://demo.lasso.ai/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Range
bytes=32768-

Response headers

date
Wed, 15 Feb 2023 08:21:37 GMT
cf-cache-status
HIT
last-modified
Wed, 08 Feb 2023 13:43:56 GMT
server
cloudflare
age
2
etag
"63e3a71c-5a11ad"
vary
Accept-Encoding
content-type
video/mp4
Content-Range
bytes 32768-5902764/5902765
cache-control
max-age=14400
cf-ray
799ca18b19cb5c3e-FRA
Content-Length
5869997
6a520803e444f734c48da5f0687f2d8b.mp4
demo.lasso.ai/
5 MB
5 MB
Media
General
Full URL
https://demo.lasso.ai/6a520803e444f734c48da5f0687f2d8b.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3967 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f3e636a60ef1d196e3e09517c5c427896c6a22986277ab442a6e28931facb30

Request headers

Referer
https://demo.lasso.ai/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Range
bytes=1146880-

Response headers

date
Wed, 15 Feb 2023 08:21:37 GMT
cf-cache-status
HIT
last-modified
Wed, 08 Feb 2023 13:43:56 GMT
server
cloudflare
age
2
etag
"63e3a71c-5a11ad"
vary
Accept-Encoding
content-type
video/mp4
Content-Range
bytes 1146880-5902764/5902765
cache-control
max-age=14400
cf-ray
799ca18b5a085c3e-FRA
Content-Length
4755885

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
demo.lasso.ai
URL
https://demo.lasso.ai/6a520803e444f734c48da5f0687f2d8b.mp4

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| oncontentvisibilityautostatechange object| amplitude object| webpackChunkStripeJSouter function| noop function| Stripe object| webpackChunklasso object| FontAwesomeConfig object| ___FONT_AWESOME___ object| analyticsConnectorInstances

7 Cookies

Domain/Path Name / Value
.lasso.ai/ Name: amp_5e463f
Value: BN8EML8Mniv0XWBrJ5RtWG...1gpa2kamu.1gpa2kas7.0.0.0
demo.lasso.ai/ Name: XSRF-TOKEN
Value: eyJpdiI6Ind1czg0ZlNOWkVBdmF6NlJTVGxZZGc9PSIsInZhbHVlIjoiVkIwQ0tLR3JYeVpzSE5pK3c3WG9BM282N2srekNKYlE1ckNSNzJrUm9lTktYVis2Sy91TzR4TCtJLyt6VUM0Um1KeXZLK21BL2hRaVNXRXY4RkVKYkVUczBac2dCdFFBTEhTaFdnMkR2MmxsVlNVdWd2TUNUV2hvSU1vV2lMQmkiLCJtYWMiOiI0MDk4YmM4NDAxMWRhM2RmOGViMmVjYWI0ZGFkMWE3ZDEzZDU3ZDkzYWMzZjk3OWQ1OGY3M2E5Y2ExMDBiYjRmIn0%3D
demo.lasso.ai/ Name: lasso_session
Value: eyJpdiI6Im9Sdm02WHdBN2lPcUxmN0NuL1lIalE9PSIsInZhbHVlIjoiOGVVdkJ2MjU5ZU5scE9TMU84QldCMkV6aWl5ZjZTVzRCa01wNkMxV3l0THJoR2dHMnRxS1VyZjNpbUJUSm0yQUZreUZVTk1aQmRaSTBYay9lVHN3M0hLQzFqV3d0U1RZNlZiKzZoK3U3SFYwdU5RRjJiYUFROFB6eWt2bXliK1giLCJtYWMiOiIwMGJhZTkxNmVjZWYwNDU0YjUwMmM4MzQxYjE2ZTQ3YWU2M2M0YzNiYTdhZWM0ZWQ3NzA3M2Q5YjFmZWNmNGI1In0%3D
.lasso.ai/ Name: amp_5e463f_lasso.ai
Value: BN8EML8Mniv0XWBrJ5RtWG...1gpa2kamu.1gpa2kav3.1.0.1
m.stripe.com/ Name: m
Value: 728b80be-a05c-41e7-b06a-b6a5d9e5b320609332
.demo.lasso.ai/ Name: __stripe_mid
Value: de2d6daa-50f7-40dc-afd4-22da663fc966b778bd
.demo.lasso.ai/ Name: __stripe_sid
Value: 42e48741-9d96-4e1a-a325-af0bda8df6bf91a49d

2 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network error URL: https://demo.lasso.ai/ui-api/user
Message:
Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.amplitude.com
cdn.amplitude.com
demo.lasso.ai
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
m.stripe.com
m.stripe.network
q.stripe.com
demo.lasso.ai
108.156.61.171
13.32.110.94
151.101.192.176
2606:4700:10::6816:3967
2a00:1450:400d:802::200a
2a00:1450:400d:80a::2003
35.161.86.192
52.10.183.135
54.186.23.98
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
31ae8ba4f9661c94e61e274279a3079ceaa8ded7a488534abb83ea61feed81e3
3213a0abdfe340b612293fe0af9b8c633b6ae65bc28e3bf8f6e1c4f8c0ba30ca
4e2f696089cbc1724c9e79bd4126520ed27868ca3f24f9aad1dd91431504bc91
7e7a2297c8371775455adc684445c2a383bcd0cee869777d45aefd8bc08456a6
7f3e636a60ef1d196e3e09517c5c427896c6a22986277ab442a6e28931facb30
8031180d4d982a471ca97ef5a04e8d013d003c5c19e80d0a5f45401c4463ec27
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9b4dc25da592e963aa9b05469c3d2883d62db990257b560f1d5a5a3a203f4de1
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a8140774bf62c30ea3b21103f5db7a16e52aded368742c002fd1af4dc5eaedd1
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
d9ee3472ae221b5fbf625ccf4e02d2fee839f11d24b96b4b5d6785aea7936726
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e861595fa7024f9db1f207582d5d79149e244e4118e7c71975a6c816e9dd5922
f03ccb43415c156edf84b1fd621f9fe713722530bbdfead0d63d2187d599aebc
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
fc505fdefd87c9301fed8e81458678adc84bcb9fbfe73bbd8ed715cf460d9af2