urlscan.io logo urlscan.io
SecurityTrails logo

app.sharesies.com Open in urlscan Pro
2606:4700::6812:1a55  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sharesies.page.link/sharesieslogin?lid%3dwibufpwpxslv
Effective URL: https://app.sharesies.com/login
Submission: On July 31 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 1 countries across 16 domains to perform 42 HTTP transactions. The main IP is 2606:4700::6812:1a55, located in United States and belongs to CLOUDFLARENET, US. The main domain is app.sharesies.com.
TLS certificate: Issued by WE1 on July 31st 2024. Valid for: 3 months.
This is the only time app.sharesies.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2607:f8b0:4004:c19::84 (Washington, United States)

ASN15169 (GOOGLE, US)
sharesies.page.link
17    2606:4700::6812:1a55 (United States)

ASN13335 (CLOUDFLARENET, US)
app.sharesies.com
rs.sharesies.com
1    2607:f8b0:400d:c0f::5f (Morganton, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    18.160.10.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-10-72.iad12.r.cloudfront.net
js.stripe.com
1    2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    2a04:4e42:400::396 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
2    2a03:2880:f003:100:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    2606:4700:4400::6812:25a1 (United States)

ASN13335 (CLOUDFLARENET, US)
sdk.iad-05.braze.com
1    151.101.65.91 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.growthbook.io
1    2607:f8b0:400d:c04::61 (Morganton, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    18.160.10.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-10-5.iad12.r.cloudfront.net
js.stripe.com
2    2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2607:f8b0:4004:c1f::9c (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    157.240.229.1 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-iad3.fbcdn.net
connect.facebook.net
1    108.138.64.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-64-81.iad12.r.cloudfront.net
widget.intercom.io
2    108.139.47.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-46.jfk50.r.cloudfront.net
js.intercomcdn.com
2    44.199.39.168 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-199-39-168.compute-1.amazonaws.com
api-iam.intercom.io
Apex Domain
Subdomains		 Transfer
17 sharesies.com
app.sharesies.com
rs.sharesies.com
2 MB
4 braze.com
sdk.iad-05.braze.com — Cisco Umbrella Rank: 3003
1 KB
3 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 5025
api-iam.intercom.io — Cisco Umbrella Rank: 5121
8 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
81 KB
2 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 7846
283 KB
2 google.com
analytics.google.com — Cisco Umbrella Rank: 238
2 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1561
13 KB
2 stripe.com
js.stripe.com — Cisco Umbrella Rank: 2856
155 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
246 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
104 KB
1 growthbook.io
cdn.growthbook.io — Cisco Umbrella Rank: 10321
1 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1223
7 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
775 B
1 page.link
sharesies.page.link
1 KB
0 reddit.com Failed
pixel-config.reddit.com Failed
0 uriports.com Failed
157qg4dy.uriports.com Failed
42 16
Domain Requested by
15 app.sharesies.com app.sharesies.com
4 sdk.iad-05.braze.com app.sharesies.com
3 connect.facebook.net app.sharesies.com
connect.facebook.net
2 api-iam.intercom.io js.intercomcdn.com
2 js.intercomcdn.com widget.intercom.io
2 analytics.google.com app.sharesies.com
2 www.redditstatic.com app.sharesies.com
2 rs.sharesies.com app.sharesies.com
2 js.stripe.com app.sharesies.com
js.stripe.com
1 widget.intercom.io app.sharesies.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 www.googletagmanager.com app.sharesies.com
1 cdn.growthbook.io app.sharesies.com
1 static.cloudflareinsights.com app.sharesies.com
1 fonts.googleapis.com app.sharesies.com
1 sharesies.page.link 1 redirects
0 pixel-config.reddit.com Failed app.sharesies.com
0 157qg4dy.uriports.com Failed app.sharesies.com
42 18

This site contains links to these domains. Also see Links.

Domain
apps.apple.com
play.google.com
Subject Issuer Validity Valid
sharesies.com
WE1		 2024-07-31 -
2024-10-29		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-07-23 -
2024-10-24		 3 months crt.sh
cloudflareinsights.com
WE1		 2024-07-06 -
2024-10-04		 3 months crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-23 -
2024-11-18		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-05-10 -
2024-08-08		 3 months crt.sh
sdk.iad-05.braze.com
WE1		 2024-06-17 -
2024-09-15		 3 months crt.sh
cdn.growthbook.io
R11		 2024-07-26 -
2024-10-24		 3 months crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.intercom.com
Amazon RSA 2048 M03		 2024-01-15 -
2025-02-11		 a year crt.sh
*.intercomcdn.com
Amazon RSA 2048 M02		 2023-12-01 -
2024-12-29		 a year crt.sh

This page contains 3 frames:

Primary Page: https://app.sharesies.com/login
Frame ID: 225938B0121102E14B346B377C704885
Requests: 34 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 81A590B60E6B3E3FA8141CD6DF2FD7A7
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.294cf2ff.js
Frame ID: 3502EFE731C9AF607A1510563FAB82D7
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Log in - Sharesies

Page URL History Show full URLs

  1. http://sharesies.page.link/sharesieslogin?lid%3dwibufpwpxslv HTTP 307
    https://sharesies.page.link/sharesieslogin?lid%3dwibufpwpxslv HTTP 302
    https://app.sharesies.com/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

42
Requests

95 %
HTTPS

59 %
IPv6

16
Domains

18
Subdomains

17
IPs

1
Countries

2495 kB
Transfer

9300 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sharesies.page.link/sharesieslogin?lid%3dwibufpwpxslv HTTP 307
    https://sharesies.page.link/sharesieslogin?lid%3dwibufpwpxslv HTTP 302
    https://app.sharesies.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
app.sharesies.com/
Redirect Chain
  • http://sharesies.page.link/sharesieslogin?lid%3dwibufpwpxslv
  • https://sharesies.page.link/sharesieslogin?lid%3dwibufpwpxslv
  • https://app.sharesies.com/login
5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.sharesies.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee190feeb1a0a03530a4ce54280c38e94ae693fd9d44126dd9c2dba3ca468fcb
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
private, no-cache
cf-cache-status
DYNAMIC
cf-ray
8abff5099f0a2f5f-LAX
content-encoding
gzip
content-security-policy
default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
content-type
text/html; charset=utf-8
date
Wed, 31 Jul 2024 19:22:27 GMT
last-modified
Tue, 30 Jul 2024 22:54:26 GMT
nel
{"report_to":"default","max_age":604800,"include_subdomains":true,"failure_fraction":0.1}
report-to
{"group":"default","max_age":604800,"endpoints":[{"url":"https://157qg4dy.uriports.com/reports"}],"include_subdomains":true}
server
cloudflare
vary
Accept-Encoding
x-amz-id-2
Gg5/ZITw2r02XEBf9d/SudbffvROvxDozekTR5NnazgAf+Dpmwr5A+F/fXUe8zTfJ2LZ78fNbWc=
x-amz-request-id
PMXPNHH8E0YVAN9N
x-amz-server-side-encryption
AES256
x-content-type-options
nosniff
x-frame-options
deny
x-sharesies-router
cf
x-xss-protection
1; mode=block

Redirect headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-security-policy
require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport script-src 'report-sample' 'nonce-WYJj0K_SxSMGnCfNersTLQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport/allowlist
content-type
application/binary
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
same-site
date
Wed, 31 Jul 2024 19:22:25 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://app.sharesies.com/login
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
icon
fonts.googleapis.com/ 		569 B
775 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0f::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://app.sharesies.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 31 Jul 2024 19:22:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 31 Jul 2024 19:22:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 31 Jul 2024 19:22:27 GMT
/
js.stripe.com/v3/ 		633 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-72.iad12.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f97697e2fc4ce9dac5189aa1bfa4c1593f2dd71e462daa4ea09c74110c89b1c6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app.sharesies.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 19:21:37 GMT
content-encoding
br
via
1.1 7375f2360b80ec8c602f04aa2cc7a57c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
51
x-amz-cf-pop
IAD12-P3
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 31 Jul 2024 17:34:25 GMT
server
Cloudfront
etag
W/"b6bda75ffdd1bfd87ea1ae3b4c53f714"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
IjGXfotaipWFlbStyy7-P-3h8p1IraAsaw501BG9iuuVN3wksO48EQ==
vendors~app-9e8528bb7773b131385c.css
app.sharesies.com/s/css/ 		76 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.sharesies.com/s/css/vendors~app-9e8528bb7773b131385c.css
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fc66d06e38ceba4a85d1480631f8c9fdeada02fdd441fd60d72a07a49eb2675
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.sharesies.com/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-sharesies-router
cf
date
Wed, 31 Jul 2024 19:22:27 GMT
content-security-policy
default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"default","max_age":604800,"include_subdomains":true,"failure_fraction":0.1}
age
73501
x-amz-request-id
0KXHK8G6TKNQK6K8
x-amz-server-side-encryption
AES256
content-encoding
gzip
x-amz-id-2
V4q7cw3DMGuTAfOhHlXetruU4EArpa6OyMp9TyTk3tM8zn7ZXQclOcThGECwsfewRsZxL0hpcts=
x-xss-protection
1; mode=block
last-modified
Tue, 30 Jul 2024 22:54:22 GMT
server
cloudflare
etag
W/"73215973c1dbef406d9f949778f45b25"
vary
Accept-Encoding
report-to
{"group":"default","max_age":604800,"endpoints":[{"url":"https://157qg4dy.uriports.com/reports"}],"include_subdomains":true}
content-type
text/css; charset=utf-8
x-frame-options
deny
cache-control
public, max-age=315360000
cf-ray
8abff5111fc92f5f-LAX
app-ff83eb2277c74bc31457.css
app.sharesies.com/s/css/ 		479 KB
81 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.sharesies.com/s/css/app-ff83eb2277c74bc31457.css
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7f171b8c5f5d7072061ec73ec6201f3e42909ca26898e2fc1076fb1e5486406
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.sharesies.com/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-sharesies-router
cf
date
Wed, 31 Jul 2024 19:22:27 GMT
content-security-policy
default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"default","max_age":604800,"include_subdomains":true,"failure_fraction":0.1}
age
73500
x-amz-request-id
0KXMH7XQ1A4XK7H5
x-amz-server-side-encryption
AES256
content-encoding
gzip
x-amz-id-2
b/yCDoQvWISTHDOj1GwdYg22poRcQEmOh1tbPh3f9k3aXZTSvfqRWyuwenNucQ9tG89WQCoHsws=
x-xss-protection
1; mode=block
last-modified
Tue, 30 Jul 2024 22:54:22 GMT
server
cloudflare
etag
W/"3ab047dd9f1e20fc86746d748dd8b7bc"
vary
Accept-Encoding
report-to
{"group":"default","max_age":604800,"endpoints":[{"url":"https://157qg4dy.uriports.com/reports"}],"include_subdomains":true}
content-type
text/css; charset=utf-8
x-frame-options
deny
cache-control
public, max-age=315360000
cf-ray
8abff5111fcb2f5f-LAX
vendors~app~error-1d30816d554645720693.js
app.sharesies.com/s/js/ 		84 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.sharesies.com/s/js/vendors~app~error-1d30816d554645720693.js
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eb90463ec2c164af520dda6ead9d277dd8360c8c25e4872ac4e2eb902a67e85
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.sharesies.com/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-sharesies-router
cf
date
Wed, 31 Jul 2024 19:22:27 GMT
content-security-policy
default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"default","max_age":604800,"include_subdomains":true,"failure_fraction":0.1}
age
243748
x-amz-request-id
Z9QHTRCR2VP62YM9
x-amz-server-side-encryption
AES256
content-encoding
gzip
x-amz-id-2
bFpYmrGxdQokk1wztV8QRtIT77ByUit1TQDJqlBvjkAOFxk5Oss61LzZkH0TyE2eaKwb5jibU9w=
x-xss-protection
1; mode=block
last-modified
Sun, 28 Jul 2024 23:39:51 GMT
server
cloudflare
etag
W/"da035289e907cfca50e061381a8c7111"
vary
Accept-Encoding
report-to
{"group":"default","max_age":604800,"endpoints":[{"url":"https://157qg4dy.uriports.com/reports"}],"include_subdomains":true}
content-type
text/javascript
x-frame-options
deny
cache-control
public, max-age=315360000
cf-ray
8abff5111fcd2f5f-LAX
error-5bc3d5d7e0dea5a05d67.js
app.sharesies.com/s/js/ 		9 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.sharesies.com/s/js/error-5bc3d5d7e0dea5a05d67.js
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfdd74bd4f4e8de590b52fdcb97568eb421cebbfe89932eed84c0285e1990bc1
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.sharesies.com/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-sharesies-router
cf
date
Wed, 31 Jul 2024 19:22:27 GMT
content-security-policy
default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"default","max_age":604800,"include_subdomains":true,"failure_fraction":0.1}
age
73501
x-amz-request-id
0KXN6BZH3EF5VDMA
x-amz-server-side-encryption
AES256
content-encoding
gzip
x-amz-id-2
npagTl3SBsXdAajw8CuxakX910ZwVzqIm6KTYrAV3vPlQ1m6SEP2x3HRuJo43rj3l7LWO6Bhy9I=
x-xss-protection
1; mode=block
last-modified
Tue, 30 Jul 2024 22:54:23 GMT
server
cloudflare
etag
W/"64aa229ccc1cb4e29805b1c5eb82b1f4"
vary
Accept-Encoding
report-to
{"group":"default","max_age":604800,"endpoints":[{"url":"https://157qg4dy.uriports.com/reports"}],"include_subdomains":true}
content-type
text/javascript
x-frame-options
deny
cache-control
public, max-age=315360000
cf-ray
8abff5111fce2f5f-LAX
vendors~app-9e8528bb7773b131385c.js
app.sharesies.com/s/js/ 		3 MB
789 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.sharesies.com/s/js/vendors~app-9e8528bb7773b131385c.js
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
690fbe257f0e4a9fe86024bc4865c198611e83c1e7501898ab878bacae83a9ec
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.sharesies.com/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-sharesies-router
cf
date
Wed, 31 Jul 2024 19:22:27 GMT
content-security-policy
default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"default","max_age":604800,"include_subdomains":true,"failure_fraction":0.1}
age
73500
x-amz-request-id
0KXWYJPSV5MKB1Z9
x-amz-server-side-encryption
AES256
content-encoding
gzip
x-amz-id-2
CBGnbiIr7JYStl/d9rnfHt0iB2+v63RaTCRj/OEVjQRlOP2g2TNkYtYlzX6xEXcNjjVcyVpA3YI=
x-xss-protection
1; mode=block
last-modified
Tue, 30 Jul 2024 22:54:23 GMT
server
cloudflare
etag
W/"b7ef19ddf2c6951e8ef4d586e27e73d0"
vary
Accept-Encoding
report-to
{"group":"default","max_age":604800,"endpoints":[{"url":"https://157qg4dy.uriports.com/reports"}],"include_subdomains":true}
content-type
text/javascript
x-frame-options
deny
cache-control
public, max-age=315360000
cf-ray
8abff5111fcf2f5f-LAX
app-ff83eb2277c74bc31457.js
app.sharesies.com/s/js/ 		3 MB
789 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.sharesies.com/s/js/app-ff83eb2277c74bc31457.js
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a709540f7f036e922507e08a970665a7f97942611eef69df0f6463ede04a8234
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.sharesies.com/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-sharesies-router
cf
date
Wed, 31 Jul 2024 19:22:27 GMT
content-security-policy
default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"default","max_age":604800,"include_subdomains":true,"failure_fraction":0.1}
age
73501
x-amz-request-id
0KXHDF34E0EYKH4F
x-amz-server-side-encryption
AES256
content-encoding
gzip
x-amz-id-2
aukdW/1WibUQxnj0qCtJT/8v+rK1unLVFmG4/4ESSosVF/AhpYAMwT76aPE8oekGOpJG6PllgnY=
x-xss-protection
1; mode=block
last-modified
Tue, 30 Jul 2024 22:54:23 GMT
server
cloudflare
etag
W/"f8765751e3659fb282ee722a58836f0f"
vary
Accept-Encoding
report-to
{"group":"default","max_age":604800,"endpoints":[{"url":"https://157qg4dy.uriports.com/reports"}],"include_subdomains":true}
content-type
text/javascript
x-frame-options
deny
cache-control
public, max-age=315360000
cf-ray
8abff5111fd22f5f-LAX
fallback-f8fa2eab2b2147808624.js
app.sharesies.com/s/js/ 		2 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.sharesies.com/s/js/fallback-f8fa2eab2b2147808624.js
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80aa764fe0b8334ed5c34851b32d360673c942a981c7d5f737adaf47760d2a2b
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.sharesies.com/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-sharesies-router
cf
date
Wed, 31 Jul 2024 19:22:27 GMT
content-security-policy
default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"default","max_age":604800,"include_subdomains":true,"failure_fraction":0.1}
age
243748
x-amz-request-id
Z9QSQA417TG2QQGV
x-amz-server-side-encryption
AES256
content-encoding
gzip
x-amz-id-2
x2kcCZ0FKhYLdgbbdskQHMM04pahx7+rc3sIlwQAFNYav0eRuytny48E41KtVzpwPjxEDWkAfO8=
x-xss-protection
1; mode=block
last-modified
Sun, 28 Jul 2024 23:39:51 GMT
server
cloudflare
etag
W/"42275404831514f9cd045bd357279eb9"
vary
Accept-Encoding
report-to
{"group":"default","max_age":604800,"endpoints":[{"url":"https://157qg4dy.uriports.com/reports"}],"include_subdomains":true}
content-type
text/javascript
x-frame-options
deny
cache-control
public, max-age=315360000
cf-ray
8abff5111fd52f5f-LAX
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

Referer
https://app.sharesies.com/
Origin
https://app.sharesies.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 19:22:28 GMT
content-encoding
gzip
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
server
cloudflare
etag
W/"2024.6.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
8abff5158a647d8c-LAX
/
rs.sharesies.com/sourceConfig/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://rs.sharesies.com/sourceConfig/?p=npm&v=2.48.10&writeKey=26RJB2tgq04F90dDrn4cqDgKHn5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://app.sharesies.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
authorization
access-control-allow-methods
GET,HEAD,POST,OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cf-ray
8abff517fd602a9a-LAX
content-length
0
date
Wed, 31 Jul 2024 19:22:28 GMT
server
cloudflare
vary
Accept-Encoding
/
rs.sharesies.com/sourceConfig/ 		521 B
999 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.sharesies.com/sourceConfig/?p=npm&v=2.48.10&writeKey=26RJB2tgq04F90dDrn4cqDgKHn5
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/s/js/vendors~app-9e8528bb7773b131385c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce7b0ae09df6920a6519db0bfb51d5360e6ead10b2631236c2fd61ec7a4f5888
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.sharesies.com/
Authorization
Basic MjZSSkIydGdxMDRGOTBkRHJuNGNxRGdLSG41Og==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 19:22:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 be66acbcc5d85e825abf1047b034d722.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
content-encoding
gzip
x-content-type-options
nosniff
age
10
x-amz-cf-pop
LAX50-C1
x-dns-prefetch-control
off
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
x-request-id
33cfd7e0-4f72-11ef-8634-817363469583
server
cloudflare
x-download-options
noopen
vary
Origin, Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
cf-ray
8abff5187df62a9a-LAX
x-amz-cf-id
xtEDQkUg8ecWmb73JDXGRq1Pl6l8cTmI4QrBRFtgeWJYWMhwwZGrYw==
9-9c02047a162c5630815f.js
app.sharesies.com/s/js/ 		8 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.sharesies.com/s/js/9-9c02047a162c5630815f.js
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/s/js/app-ff83eb2277c74bc31457.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
085265f4b515b066f4332519bdd000e1b9a7270d25b0a2b68bb3e0593ac67a38
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.sharesies.com/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-sharesies-router
cf
date
Wed, 31 Jul 2024 19:22:28 GMT
content-security-policy
default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"default","max_age":604800,"include_subdomains":true,"failure_fraction":0.1}
age
243746
x-amz-request-id
PM81M1T3XC2TDYAW
x-amz-server-side-encryption
AES256
content-encoding
gzip
x-amz-id-2
kDLS8KLn8m8/OJqBMiSHlUj+qMzGrXq6dwM/J9vazAA0fQC2pF9uUg2/XzmAy71w4mn0qkfWXs873ypu8z0siA==
x-xss-protection
1; mode=block
last-modified
Sun, 28 Jul 2024 23:39:50 GMT
server
cloudflare
etag
W/"375d35175a2710f59d8984b06d0f1a7a"
vary
Accept-Encoding
report-to
{"group":"default","max_age":604800,"endpoints":[{"url":"https://157qg4dy.uriports.com/reports"}],"include_subdomains":true}
content-type
text/javascript
x-frame-options
deny
cache-control
public, max-age=315360000
cf-ray
8abff5167df62f5f-LAX
pixel.js
www.redditstatic.com/ads/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/s/js/vendors~app-9e8528bb7773b131385c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9

Request headers

Referer
https://app.sharesies.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 19:22:28 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Thu, 20 Jun 2024 19:23:03 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"71b328aff914ada8b774bfa8fff542c4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
12116
check
app.sharesies.com/api/identity/ 		52 B
347 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.sharesies.com/api/identity/check?initialisation_check=true
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/s/js/app-ff83eb2277c74bc31457.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
224aab1317bb73221bfa4d8e714c3a3d54d6b33b66d0623cf665ad4d031daf05
Security Headers
Name Value
Content-Security-Policy default-src 'none'; object-src 'self'; style-src 'unsafe-inline'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

x-known-device-key
94b5db05-151a-4d64-b4d0-bda368662dac
x-version
27457
x-git-hash
a1fea784fcfae2322dd77bf9693d7533bb5783a3
Referer
https://app.sharesies.com/login
x-api-version
33
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jul 2024 19:22:29 GMT
content-security-policy
default-src 'none'; object-src 'self'; style-src 'unsafe-inline'
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
server
cloudflare
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/json
cache-control
private, no-cache, no-store, must-revalidate
cf-ray
8abff5178f5d2f5f-LAX
x-xss-protection
1; mode=block
expires
Sat, 01 Jan 2000 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		224 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/s/js/vendors~app-9e8528bb7773b131385c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://app.sharesies.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 31 Jul 2024 19:22:28 GMT
document-policy
force-load-at-top
x-fb-server-load
39
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58677
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=118, rtx=0, c=12, mss=1297, tbw=2783, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
/J8otKfStvO8W9yMSDwGoAH+/FR5ggMqILtZ5VZ9B56i8QKPLPUYULYXq+ZY5B7zAiUaFgK+pGL1Wf40WRFdbg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
sdk.iad-05.braze.com/api/v3/data/ 		1 KB
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/data/
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/s/js/vendors~app~error-1d30816d554645720693.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
162ce40e69b4b5465125275bddd7c648c67d974b11c0c4821faba03c29fbfa40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

X-Braze-Api-Key
dec3b92c-8d79-432b-9ff2-d2743d0b8014
Referer
https://app.sharesies.com/
X-Braze-TriggersRequest
true
X-Requested-With
XMLHttpRequest
X-Braze-DataRequest
true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type
application/json

Response headers

date
Wed, 31 Jul 2024 19:22:29 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
0bccb4c5-fc66-40a6-9455-f1ca5306681e
x-runtime
0.148770
server
cloudflare
etag
W/"162ce40e69b4b5465125275bddd7c648"
vary
Origin,Accept-Encoding
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1722453750
access-control-max-age
7200
x-ratelimit-limit
500.0
cf-ray
8abff51b889c2f77-LAX
x-ratelimit-remaining
481.0
/
sdk.iad-05.braze.com/api/v3/data/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
Access-Control-Request-Method
POST
Origin
https://app.sharesies.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
8abff51aafaa2f77-LAX
content-encoding
gzip
date
Wed, 31 Jul 2024 19:22:28 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
key_prod_6ace3c178a54a8a3
cdn.growthbook.io/api/features/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.growthbook.io/api/features/key_prod_6ace3c178a54a8a3
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/s/js/vendors~app~error-1d30816d554645720693.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
adcf1294ea3e1364bdefee83e25ea2be9cddaf645005543e552dadfc7cdc6bcf

Request headers

Referer
https://app.sharesies.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 19:22:28 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
265
x-powered-by
Express
x-cache
HIT, HIT
content-length
737
x-served-by
cache-iad-kiad7000071-IAD, cache-lax-kwhp1940045-LAX
x-timer
S1722453749.907764,VS0,VE1
etag
W/"79d-+rXokX4wvK95piKudG/6a6mXtZg"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30, stale-while-revalidate=3600, stale-if-error=36000
accept-ranges
bytes
x-cache-hits
44518, 0
js
www.googletagmanager.com/gtag/ 		314 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TT1S4W5EWQ
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/s/js/vendors~app-9e8528bb7773b131385c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a2602db6aa6a41819e47a057e54ebf5d029de516540352322bad22f5fd5241b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://app.sharesies.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 19:22:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
105796
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 31 Jul 2024 19:22:28 GMT
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 81A5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-5.iad12.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app.sharesies.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3131
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 31 Jul 2024 18:30:19 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 26 Jul 2024 20:06:53 GMT
origin-agent-cluster
?1
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 68a3b1d5c75429221abc685a453afb60.cloudfront.net (CloudFront)
x-amz-cf-id
AxWcLZCc9jbK_Fad0oqS6iHJMkd3TJITDGBw_d8EkAGcO2HUB9DdQA==
x-amz-cf-pop
IAD12-P3
x-cache
Hit from cloudfront
x-content-type-options
nosniff
enforce
157qg4dy.uriports.com/reports/ 		0
0
config
pixel-config.reddit.com/pixels/t2_37csa6l/ 		0
0
t2_37csa6l_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 		86 B
699 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_37csa6l_telemetry
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/s/js/vendors~app~error-1d30816d554645720693.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9

Request headers

Referer
https://app.sharesies.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 19:22:28 GMT
content-encoding
gzip
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
server
snooserv
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
content-length
97
CentraNo2-Book-93f91169dbfffe3de8dba837c8c7b438.woff2
app.sharesies.com/s/i/ 		42 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.sharesies.com/s/i/CentraNo2-Book-93f91169dbfffe3de8dba837c8c7b438.woff2
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/s/css/app-ff83eb2277c74bc31457.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91ce35451f5bbfac933451f8cd59327226244407438768e442708455d94f8842
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.sharesies.com/s/css/app-ff83eb2277c74bc31457.css
Origin
https://app.sharesies.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-sharesies-router
cf
date
Wed, 31 Jul 2024 19:22:29 GMT
content-security-policy
default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"default","max_age":604800,"include_subdomains":true,"failure_fraction":0.1}
age
859032
x-amz-request-id
HTEJJCVN0MH0MYJ1
x-amz-server-side-encryption
AES256
content-length
43353
x-amz-id-2
9Zx8CTaHkbDEFN/j/EegSch6G/aWKkbX7ldUIrOXQ9jlKUCTt9cYWVe+HBsteFq3R76r6ZWN2fs=
x-xss-protection
1; mode=block
last-modified
Fri, 19 Jul 2024 03:37:24 GMT
server
cloudflare
etag
"93f91169dbfffe3de8dba837c8c7b438"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD
content-type
font/woff2
access-control-allow-origin
https://app.sharesies.com
report-to
{"group":"default","max_age":604800,"endpoints":[{"url":"https://157qg4dy.uriports.com/reports"}],"include_subdomains":true}
cache-control
public, max-age=315360000
access-control-allow-credentials
true
access-control-max-age
0
accept-ranges
bytes
cf-ray
8abff51c1cda2f5f-LAX
x-frame-options
deny
CentraNo2-Medium-366c42832d3249a7110734304ef38236.woff2
app.sharesies.com/s/i/ 		29 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.sharesies.com/s/i/CentraNo2-Medium-366c42832d3249a7110734304ef38236.woff2
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/s/css/app-ff83eb2277c74bc31457.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fd60d2c48138652ffefd476b2cb07725960d848d32843914c5b3165190e210e
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.sharesies.com/s/css/app-ff83eb2277c74bc31457.css
Origin
https://app.sharesies.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-sharesies-router
cf
date
Wed, 31 Jul 2024 19:22:29 GMT
content-security-policy
default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"default","max_age":604800,"include_subdomains":true,"failure_fraction":0.1}
age
859032
x-amz-request-id
HTEJFKR1HADRKPHH
x-amz-server-side-encryption
AES256
content-length
29229
x-amz-id-2
cBbdgnj8SewKSaR6UdVLmC3AQ4fCAMCG0qH5LQlG3fqKp73Q68KXp/Nd/UaXahC8YIgskB4dieg=
x-xss-protection
1; mode=block
last-modified
Fri, 19 Jul 2024 03:37:24 GMT
server
cloudflare
etag
"366c42832d3249a7110734304ef38236"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD
content-type
font/woff2
access-control-allow-origin
https://app.sharesies.com
report-to
{"group":"default","max_age":604800,"endpoints":[{"url":"https://157qg4dy.uriports.com/reports"}],"include_subdomains":true}
cache-control
public, max-age=315360000
access-control-allow-credentials
true
access-control-max-age
0
accept-ranges
bytes
cf-ray
8abff51c2cdd2f5f-LAX
x-frame-options
deny
CentraNo2-Extrabold-065b5f69173fd76b95217fc75b0c6199.woff2
app.sharesies.com/s/i/ 		27 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.sharesies.com/s/i/CentraNo2-Extrabold-065b5f69173fd76b95217fc75b0c6199.woff2
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/s/css/app-ff83eb2277c74bc31457.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de485701a5c8a43ab24ef7c58cd7ec15068d1cc35b1b3fe2ebfd8804b7612278
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.sharesies.com/s/css/app-ff83eb2277c74bc31457.css
Origin
https://app.sharesies.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-sharesies-router
cf
date
Wed, 31 Jul 2024 19:22:29 GMT
content-security-policy
default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"default","max_age":604800,"include_subdomains":true,"failure_fraction":0.1}
age
605853
x-amz-request-id
SQ7VCTTQX8VDM7GT
x-amz-server-side-encryption
AES256
content-length
27937
x-amz-id-2
JbPLUoFA9hEQMk4VrK3Md5bfgHsgSJrvOws5as35Q9HxK8OQZhrs/miunOwMOb9PgxlzT+F5E2M=
x-xss-protection
1; mode=block
last-modified
Tue, 23 Jul 2024 23:22:54 GMT
server
cloudflare
etag
"065b5f69173fd76b95217fc75b0c6199"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD
content-type
font/woff2
access-control-allow-origin
https://app.sharesies.com
report-to
{"group":"default","max_age":604800,"endpoints":[{"url":"https://157qg4dy.uriports.com/reports"}],"include_subdomains":true}
cache-control
public, max-age=315360000
access-control-allow-credentials
true
access-control-max-age
0
accept-ranges
bytes
cf-ray
8abff51c2ce02f5f-LAX
x-frame-options
deny
1442682735793758
connect.facebook.net/signals/config/ 		71 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1442682735793758?v=2.9.162&r=stable&domain=app.sharesies.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d6e598eb544afe09d1657b7a99890f6ce314e699b2e6d13f0ab9abadcf2b0c78
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://app.sharesies.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 31 Jul 2024 19:22:29 GMT
document-policy
force-load-at-top
x-fb-server-load
64
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
15538
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=122, rtx=0, c=64, mss=1297, tbw=64207, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
Ki9vRYExJsUDprxsLv95sDcWU1pmLN0xQe6b3p4uri4gHgyYRoUpDmpvoGPx1PhX+V0LEtnBtF6RNkfxhZkNdw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-TT1S4W5EWQ&gtm=45je47t0v887819618za200&_p=1722453749327&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250753&cid=378128610.1722453749&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1722453749&sct=1&seg=0&dl=https%3A%2F%2Fapp.sharesies.com%2Flogin&dt=Log%20in%20-%20Sharesies&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.debug_mode=false&tfd=4050
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/s/js/vendors~app~error-1d30816d554645720693.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://app.sharesies.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jul 2024 19:22:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.sharesies.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-TT1S4W5EWQ&cid=378128610.1722453749&gtm=45je47t0v887819618za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&tag_exp=95250753
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TT1S4W5EWQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://app.sharesies.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jul 2024 19:22:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.sharesies.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
sdk.iad-05.braze.com/api/v3/content_cards/ 		85 B
228 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/s/js/vendors~app~error-1d30816d554645720693.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fabdb20a7eecc681e243deb4d0f788d47d31c01947df3c7b091007f4a1a53416
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

X-Braze-Api-Key
dec3b92c-8d79-432b-9ff2-d2743d0b8014
X-Braze-DataRequest
true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type
application/json
BRAZE-SYNC-RETRY-COUNT
0
Referer
https://app.sharesies.com/
X-Requested-With
XMLHttpRequest
X-Braze-ContentCardsRequest
true

Response headers

date
Wed, 31 Jul 2024 19:22:29 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
4c5ee866-e52a-4281-9a22-066583d47749
x-runtime
0.046602
server
cloudflare
etag
W/"fabdb20a7eecc681e243deb4d0f788d4"
vary
Origin,Accept-Encoding
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1722453750
access-control-max-age
7200
x-ratelimit-limit
500.0
cf-ray
8abff51eccce2f77-LAX
x-ratelimit-remaining
427.0
sync
sdk.iad-05.braze.com/api/v3/content_cards/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
Access-Control-Request-Method
POST
Origin
https://app.sharesies.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
8abff51ddba12f77-LAX
content-encoding
gzip
date
Wed, 31 Jul 2024 19:22:29 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
2484139198546837
connect.facebook.net/signals/config/ 		35 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2484139198546837?v=2.9.162&r=stable&domain=app.sharesies.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108%2C127%2C155%2C185%2C187%2C116%2C138%2C143%2C180%2C122%2C222%2C109%2C186%2C120%2C121%2C139%2C164%2C151%2C112%2C223%2C157%2C113%2C129%2C117%2C146%2C141
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-iad3.fbcdn.net
Software
/
Resource Hash
c96c024e14cf4eced9d7a30bdd8980e8683193cece26864bf8ed248ca4719e2e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://app.sharesies.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 31 Jul 2024 19:22:29 GMT
document-policy
force-load-at-top
x-fb-server-load
37
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5829
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=117, rtx=0, c=24, mss=1232, tbw=8114, tp=13, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
HFX4nSftY7ey7QC/Ugx/T/0ail8F8xWoPd8rJOgV9aQaaqAwEcwM16ETUYvhyPfaeHeGxrG3w8e6JcGaaOJV+Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-TT1S4W5EWQ&gtm=45je47t0v887819618za200&_p=1722453749327&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250753&cid=378128610.1722453749&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EEA&_s=2&sid=1722453749&sct=1&seg=0&dl=https%3A%2F%2Fapp.sharesies.com%2Flogin&dt=Log%20in%20-%20Sharesies&en=scroll&ep.debug_mode=false&epn.percent_scrolled=90&_et=8&tfd=4248
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/s/js/vendors~app~error-1d30816d554645720693.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://app.sharesies.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jul 2024 19:22:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.sharesies.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
n1goyeo2
widget.intercom.io/widget/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.intercom.io/widget/n1goyeo2
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/s/js/vendors~app-9e8528bb7773b131385c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.64.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-64-81.iad12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ec801de0b4a742fec3d9d99bcc3a109218047bad144e4fa5a824dcfa5eb5689f

Request headers

Referer
https://app.sharesies.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
jrhM29XFWYRZfmAXiAHoCD1RVSp5cNvQ
content-encoding
gzip
via
1.1 7eeed291abf48890d3f36565208941a8.cloudfront.net (CloudFront)
date
Wed, 31 Jul 2024 19:19:32 GMT
x-amz-cf-pop
IAD12-P1
age
186
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2669
last-modified
Wed, 31 Jul 2024 10:14:21 GMT
server
AmazonS3
etag
"bcde07814f477c4c243e41f589e2ce11"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=300, s-maxage=300, public
accept-ranges
bytes
x-amz-cf-id
U5NcPJOYjhwq0tqjP3N5LfLvnKfw07NHNvJ1ScKjyfPhXNEpS_01uQ==
rum
app.sharesies.com/cdn-cgi/ 		0
177 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.sharesies.com/cdn-cgi/rum?
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/s/js/vendors~app~error-1d30816d554645720693.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://app.sharesies.com/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Wed, 31 Jul 2024 19:22:30 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://app.sharesies.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
8abff5219b622f5f-LAX
pineapple-favicon-03ecb20de8c0f41ab0c1b3c9234be544.png
app.sharesies.com/s/i/ 		4 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://app.sharesies.com/s/i/pineapple-favicon-03ecb20de8c0f41ab0c1b3c9234be544.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc72f0cd10b1c11c5f9ca55c27166bcc02411112afc2a07c5a04d633bcf21d90
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.sharesies.com/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-sharesies-router
cf
date
Wed, 31 Jul 2024 19:22:30 GMT
content-security-policy
default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"default","max_age":604800,"include_subdomains":true,"failure_fraction":0.1}
age
483988
x-amz-request-id
CVT48WTJP9GWA4N4
x-amz-server-side-encryption
AES256
content-length
3744
x-amz-id-2
ukIWtccI48KemHnI1FchEGO2mYRE4hcmUd4zvHSaYKKqYWvMZkUFGwcY9DfZAqwwf4N6kKurEV0=
x-xss-protection
1; mode=block
last-modified
Fri, 26 Jul 2024 03:26:42 GMT
server
cloudflare
etag
"03ecb20de8c0f41ab0c1b3c9234be544"
vary
Accept-Encoding
report-to
{"group":"default","max_age":604800,"endpoints":[{"url":"https://157qg4dy.uriports.com/reports"}],"include_subdomains":true}
content-type
image/png
x-frame-options
deny
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
8abff5219b662f5f-LAX
frame-modern.294cf2ff.js
js.intercomcdn.com/ Frame 3502 		459 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.294cf2ff.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/n1goyeo2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-46.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c79867f3bf79271377ae1853d46f9542c9b6b82d265c39943e8ceab5cb0ec248
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 18:14:24 GMT
content-encoding
gzip
via
1.1 5b4b6c6517b988a4ff2c794e5583ee02.cloudfront.net (CloudFront)
x-amz-version-id
vaBZJXPCfikzcAAbZdBqEJNBY55Q.6E9
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
JFK50-P1
age
4087
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
141164
last-modified
Wed, 31 Jul 2024 10:11:51 GMT
server
AmazonS3
etag
"0c1926a02923b115cc767539082ab96a"
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
GB3sYnAyosDnNjVKgW3kjjDWYoGQ6XKsazIih_ROXOhptaogViSDFQ==
vendor-modern.24002cc7.js
js.intercomcdn.com/ Frame 3502 		455 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.24002cc7.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/n1goyeo2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-46.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
614ba69cc45e1d7f36150f778fe53f5ad76ad857df5c5ac9c762a6978086b09c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
Cn0kEwCguCJaLrAXldJa6qtUIn0i.6.X
content-encoding
gzip
via
1.1 5b4b6c6517b988a4ff2c794e5583ee02.cloudfront.net (CloudFront)
date
Wed, 31 Jul 2024 19:11:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
JFK50-P1
age
681
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
147288
last-modified
Wed, 31 Jul 2024 10:11:51 GMT
server
AmazonS3
etag
"9cffe9d409ffd49439595bfe9ba87d5d"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
41MM18qg7e7eZHqBv9ta2B11qJ8hbrQ5s22EqcCVCEn2Kb9pTvJqQg==
ping
api-iam.intercom.io/messenger/web/ Frame 3502 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.294cf2ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.199.39.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-199-39-168.compute-1.amazonaws.com
Software
nginx /
Resource Hash
0f380ea9ff5e01eeccf170f8f7360a092f828e0f0971151b9e0859a0fad23f3a
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 31 Jul 2024 19:22:31 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-0942a50332414b488
status
200 OK
x-xss-protection
1; mode=block
x-request-id
00064eea0rksr1qk88m0
x-runtime
0.299948
server
nginx
etag
W/"0f380ea9ff5e01eeccf170f8f7360a09"
x-request-queueing
0
vary
Accept,Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://app.sharesies.com
x-intercom-version
4e6830a2b23ef447575f629483e9a3a25966d990
access-control-expose-headers
x-request-id
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
ping
api-iam.intercom.io/messenger/web/ Frame 3502 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.294cf2ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.199.39.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-199-39-168.compute-1.amazonaws.com
Software
nginx /
Resource Hash
9dbe362b7ce5d724e48c887ac2cd80d1c0e6aa17fd42a0b02eee26b63f972058
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 31 Jul 2024 19:22:32 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-0942a50332414b488
status
200 OK
x-xss-protection
1; mode=block
x-request-id
0011fvsbcs460hmooc1g
x-runtime
0.211679
server
nginx
etag
W/"9dbe362b7ce5d724e48c887ac2cd80d1"
x-request-queueing
0
vary
Accept,Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://app.sharesies.com
x-intercom-version
4e6830a2b23ef447575f629483e9a3a25966d990
access-control-expose-headers
x-request-id
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
157qg4dy.uriports.com
URL
https://157qg4dy.uriports.com/reports/enforce
Domain
pixel-config.reddit.com
URL
https://pixel-config.reddit.com/pixels/t2_37csa6l/config

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| webpackChunkStripeJSouter function| noop function| Stripe object| webpackJsonpSharesies number| _rollbarStartTime function| rollbar boolean| _rollbarDidLoad function| setImmediate function| clearImmediate object| regeneratorRuntime function| rdt object| nativeAppControls object| platform function| fbq function| _fbq function| _rollbarURH object| sharesiesRollbar function| Intercom object| intercomSettings object| __cfBeacon function| redditNormalizeEmail object| google_tag_manager object| google_tag_data object| dataLayer function| gtag function| onYouTubeIframeAPIReady object| __ga4React__ object| gaGlobal function| __intercomAssignLocation function| __intercomReloadLocation

16 Cookies

Domain/Path Name / Value
.sharesies.com/ Name: rl_anonymous_id
Value: RudderEncrypt%3AU2FsdGVkX1%2Fqiza6T6QGIJmOpOM%2BmpNJH5dkqJ%2BkFG%2FcS6ydqomiO99yMVGoMS3Lr9oTVZDMcIwJnkqvbsUV2g%3D%3D
.sharesies.com/ Name: rl_page_init_referrer
Value: RudderEncrypt%3AU2FsdGVkX1%2BX6SIfn82fV3gbCCcxlETQRNNynvAszHg%3D
.sharesies.com/ Name: rl_page_init_referring_domain
Value: RudderEncrypt%3AU2FsdGVkX1%2FzLnjUAE2gPtFZS%2FYP0eUNqQf3HXiL%2FZ8%3D
.sharesies.com/ Name: ab.storage.sessionId.dec3b92c-8d79-432b-9ff2-d2743d0b8014
Value: %7B%22g%22%3A%22f7d4f6c3-5083-2ccf-cf50-14d04dc52fa4%22%2C%22e%22%3A1722455548200%2C%22c%22%3A1722453748200%2C%22l%22%3A1722453748200%7D
.sharesies.com/ Name: ab.storage.deviceId.dec3b92c-8d79-432b-9ff2-d2743d0b8014
Value: %7B%22g%22%3A%22528ed1a0-81a7-353d-bec4-cedb5bff64c9%22%2C%22c%22%3A1722453748202%2C%22l%22%3A1722453748202%7D
.sharesies.com/ Name: _rdt_uuid
Value: 1722453748544.a614f0cc-1c13-4ae5-973b-49b579d01fde
.sharesies.com/ Name: rl_session
Value: RudderEncrypt%3AU2FsdGVkX19iBCsVV%2Ffmn0upYnlRfZCBy%2F4ZwuT7VrbQp1%2BTuqAVG15cCd%2BNQ45Jo8U4mszPB%2FInE5BRLBdd1Yd9BkTI1sfGhA88tb%2FupHtLIzCc5adE7V1Q%2Bi6pnwa5K8CA%2Fxrqg9zHVb3xoyHp1Q%3D%3D
.sharesies.com/ Name: _ga
Value: GA1.1.378128610.1722453749
.sharesies.com/ Name: _ga_TT1S4W5EWQ
Value: GS1.1.1722453749.1.1.1722453749.60.0.0
m.stripe.com/ Name: m
Value: 535705bf-82d1-47a8-83ab-6f3b4e0dcc7243b51f
.app.sharesies.com/ Name: __stripe_mid
Value: 5980f5ab-c307-40d5-81a4-38a4b577a8eb48ef9c
.app.sharesies.com/ Name: __stripe_sid
Value: 608fb331-d086-4dac-a99e-57d8bb1f21b2f3e112
.sharesies.com/ Name: _cfuvid
Value: 8Stk.amsrlHfns7YLREw5cw46e6IbfgSptbapzVex2U-1722453751463-0.0.1.1-604800000
.sharesies.com/ Name: intercom-id-n1goyeo2
Value: 71ccce44-caf6-48c3-934c-966cf1ac24c5
.sharesies.com/ Name: intercom-session-n1goyeo2
Value:
.sharesies.com/ Name: intercom-device-id-n1goyeo2
Value: 5a7496eb-d155-4434-90b4-3a0a2694bc02

2 Console Messages

Source Level URL
Text
security error URL: https://app.sharesies.com/s/js/vendors~app~error-1d30816d554645720693.js
Message:
Refused to connect to 'https://pixel-config.reddit.com/pixels/t2_37csa6l/config' because it violates the following Content Security Policy directive: "connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/".
network error URL: https://157qg4dy.uriports.com/reports/enforce
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

157qg4dy.uriports.com
analytics.google.com
api-iam.intercom.io
app.sharesies.com
cdn.growthbook.io
connect.facebook.net
fonts.googleapis.com
js.intercomcdn.com
js.stripe.com
pixel-config.reddit.com
rs.sharesies.com
sdk.iad-05.braze.com
sharesies.page.link
static.cloudflareinsights.com
stats.g.doubleclick.net
widget.intercom.io
www.googletagmanager.com
www.redditstatic.com
157qg4dy.uriports.com
pixel-config.reddit.com
108.138.64.81
108.139.47.46
151.101.65.91
157.240.229.1
18.160.10.5
18.160.10.72
2001:4860:4802:34::181
2606:4700:4400::6812:25a1
2606:4700::6810:4f49
2606:4700::6812:1a55
2607:f8b0:4004:c19::84
2607:f8b0:4004:c1f::9c
2607:f8b0:400d:c04::61
2607:f8b0:400d:c0f::5f
2a03:2880:f003:100:face:b00c:0:3
2a04:4e42:400::396
44.199.39.168
085265f4b515b066f4332519bdd000e1b9a7270d25b0a2b68bb3e0593ac67a38
0f380ea9ff5e01eeccf170f8f7360a092f828e0f0971151b9e0859a0fad23f3a
162ce40e69b4b5465125275bddd7c648c67d974b11c0c4821faba03c29fbfa40
224aab1317bb73221bfa4d8e714c3a3d54d6b33b66d0623cf665ad4d031daf05
2eb90463ec2c164af520dda6ead9d277dd8360c8c25e4872ac4e2eb902a67e85
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9
4fd60d2c48138652ffefd476b2cb07725960d848d32843914c5b3165190e210e
614ba69cc45e1d7f36150f778fe53f5ad76ad857df5c5ac9c762a6978086b09c
6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9
690fbe257f0e4a9fe86024bc4865c198611e83c1e7501898ab878bacae83a9ec
80aa764fe0b8334ed5c34851b32d360673c942a981c7d5f737adaf47760d2a2b
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
91ce35451f5bbfac933451f8cd59327226244407438768e442708455d94f8842
9dbe362b7ce5d724e48c887ac2cd80d1c0e6aa17fd42a0b02eee26b63f972058
9fc66d06e38ceba4a85d1480631f8c9fdeada02fdd441fd60d72a07a49eb2675
a2602db6aa6a41819e47a057e54ebf5d029de516540352322bad22f5fd5241b4
a709540f7f036e922507e08a970665a7f97942611eef69df0f6463ede04a8234
adcf1294ea3e1364bdefee83e25ea2be9cddaf645005543e552dadfc7cdc6bcf
c79867f3bf79271377ae1853d46f9542c9b6b82d265c39943e8ceab5cb0ec248
c7f171b8c5f5d7072061ec73ec6201f3e42909ca26898e2fc1076fb1e5486406
c96c024e14cf4eced9d7a30bdd8980e8683193cece26864bf8ed248ca4719e2e
ce7b0ae09df6920a6519db0bfb51d5360e6ead10b2631236c2fd61ec7a4f5888
d6e598eb544afe09d1657b7a99890f6ce314e699b2e6d13f0ab9abadcf2b0c78
de485701a5c8a43ab24ef7c58cd7ec15068d1cc35b1b3fe2ebfd8804b7612278
dfdd74bd4f4e8de590b52fdcb97568eb421cebbfe89932eed84c0285e1990bc1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
ec801de0b4a742fec3d9d99bcc3a109218047bad144e4fa5a824dcfa5eb5689f
ee190feeb1a0a03530a4ce54280c38e94ae693fd9d44126dd9c2dba3ca468fcb
f97697e2fc4ce9dac5189aa1bfa4c1593f2dd71e462daa4ea09c74110c89b1c6
fabdb20a7eecc681e243deb4d0f788d47d31c01947df3c7b091007f4a1a53416
fc72f0cd10b1c11c5f9ca55c27166bcc02411112afc2a07c5a04d633bcf21d90