urlscan.io logo urlscan.io
SecurityTrails logo

app-stge.sportskred.com Open in urlscan Pro
34.78.184.137  Public Scan

Go To Rescan Add Verdict Report
URL: https://app-stge.sportskred.com/
Submission: On June 15 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 17 HTTP transactions. The main IP is 34.78.184.137, located in Brussels, Belgium and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is app-stge.sportskred.com.
TLS certificate: Issued by R10 on June 13th 2024. Valid for: 3 months.
This is the only time app-stge.sportskred.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 34.78.184.137 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:400... 54113 (FASTLY)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
17 4
Apex Domain
Subdomains		 Transfer
9 sportskred.com
app-stge.sportskred.com
4 MB
6 userguiding.com
static.userguiding.com — Cisco Umbrella Rank: 40594
user.userguiding.com — Cisco Umbrella Rank: 46504
602 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 373
55 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 77
1 KB
17 4
Domain Requested by
9 app-stge.sportskred.com app-stge.sportskred.com
4 user.userguiding.com static.userguiding.com
2 static.userguiding.com app-stge.sportskred.com
static.userguiding.com
1 cdn.jsdelivr.net app-stge.sportskred.com
1 fonts.googleapis.com app-stge.sportskred.com
17 5

This site contains no links.

Subject Issuer Validity Valid
app-stge.sportskred.com
R10		 2024-06-13 -
2024-09-11		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
static.userguiding.com
GTS CA 1P5		 2024-05-26 -
2024-08-24		 3 months crt.sh
user.userguiding.com
GTS CA 1P5		 2024-05-26 -
2024-08-24		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://app-stge.sportskred.com/
Frame ID: 43F5CB1331DB651E8100223FC161D6F3
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home page - frontend-web

Detected technologies

Overall confidence: 100%
Detected patterns
  • /_nuxt/
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

17
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

5
Subdomains

4
IPs

3
Countries

4420 kB
Transfer

17614 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
app-stge.sportskred.com/ 		431 KB
59 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app-stge.sportskred.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.78.184.137 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.184.78.34.bc.googleusercontent.com
Software
/
Resource Hash
027fbff63fd31ec158685840afb0de8298c5af6bd232e7c63cc2f4fd22595e35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
none
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 15 Jun 2024 12:24:43 GMT
etag
"6bb29-GJ99sRYud4rbfw1mqzt5XQPMIRY"
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
css
fonts.googleapis.com/ 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900&display=swap
Requested by
Host: app-stge.sportskred.com
URL: https://app-stge.sportskred.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
35ae53cd6f0cde71e622f6e54dc576bb82ffab56c9e41b1298f932eebf963eb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app-stge.sportskred.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 15 Jun 2024 12:24:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 15 Jun 2024 11:13:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 15 Jun 2024 12:24:44 GMT
materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@latest/css/ 		339 KB
55 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css
Requested by
Host: app-stge.sportskred.com
URL: https://app-stge.sportskred.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
03fe3caba05e65b14e4035139eee89b12be87cd0bcf342ac3886770eec3a9962
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app-stge.sportskred.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 15 Jun 2024 12:24:44 GMT
x-content-type-options
nosniff
content-encoding
br
age
18886
x-jsd-version
7.4.47
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
55843
x-served-by
cache-fra-etou8220025-FRA, cache-cph2320049-CPH
x-jsd-version-type
version
etag
W/"54a02-OVjZUfBzAil15Q3gxxGhe/obcD8"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
e25ada9.js
app-stge.sportskred.com/_nuxt/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-stge.sportskred.com/_nuxt/e25ada9.js
Requested by
Host: app-stge.sportskred.com
URL: https://app-stge.sportskred.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.78.184.137 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.184.78.34.bc.googleusercontent.com
Software
/
Resource Hash
23517e1f14cfa4b3490a3e2014604fb6ed21ce9764baa79e40a376c1751ccf4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app-stge.sportskred.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 12:24:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 13 Jun 2024 18:38:10 GMT
etag
W/"11ca-19012e49a50"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
1a876e3.js
app-stge.sportskred.com/_nuxt/ 		2 MB
679 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-stge.sportskred.com/_nuxt/1a876e3.js
Requested by
Host: app-stge.sportskred.com
URL: https://app-stge.sportskred.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.78.184.137 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.184.78.34.bc.googleusercontent.com
Software
/
Resource Hash
439e11a8f8b6dbffb9d292b3f7c6a8440d4b808e8173db2a744f773938958731
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app-stge.sportskred.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 12:24:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 13 Jun 2024 18:38:10 GMT
etag
W/"27c16c-19012e49a50"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
8f2234c.js
app-stge.sportskred.com/_nuxt/ 		9 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-stge.sportskred.com/_nuxt/8f2234c.js
Requested by
Host: app-stge.sportskred.com
URL: https://app-stge.sportskred.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.78.184.137 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.184.78.34.bc.googleusercontent.com
Software
/
Resource Hash
b47499a6160cba058454ec7f9e14652b7c06c5163940f3eded890f587817606b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app-stge.sportskred.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 12:24:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 13 Jun 2024 18:38:10 GMT
etag
W/"916ec8-19012e49a50"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
b59a1ba.js
app-stge.sportskred.com/_nuxt/ 		2 MB
637 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-stge.sportskred.com/_nuxt/b59a1ba.js
Requested by
Host: app-stge.sportskred.com
URL: https://app-stge.sportskred.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.78.184.137 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.184.78.34.bc.googleusercontent.com
Software
/
Resource Hash
09b899963e082dbf363b094660181e8f56644e32b19104ca26ae9ac0db8df78e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app-stge.sportskred.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 12:24:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 13 Jun 2024 18:38:10 GMT
etag
W/"2764b0-19012e49a50"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
7bc014a.js
app-stge.sportskred.com/_nuxt/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-stge.sportskred.com/_nuxt/7bc014a.js
Requested by
Host: app-stge.sportskred.com
URL: https://app-stge.sportskred.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.78.184.137 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.184.78.34.bc.googleusercontent.com
Software
/
Resource Hash
cdbb7fa7cbe3e8ae515635b3ea9c1f82593d34a9bd1a685cb8efd2b7bfffebc1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app-stge.sportskred.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 12:24:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 13 Jun 2024 18:38:10 GMT
etag
W/"15c2-19012e49a50"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
user-guiding-KCN78927RDJID-embedded.js
static.userguiding.com/media/ 		2 MB
594 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.userguiding.com/media/user-guiding-KCN78927RDJID-embedded.js
Requested by
Host: app-stge.sportskred.com
URL: https://app-stge.sportskred.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d4d37725098323638b45b42a31aa9032f37da36bd83f57c589d8c0aad9704a3a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app-stge.sportskred.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 12:24:47 GMT
strict-transport-security
max-age=0; includeSubDomains
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
last-modified
Thu, 13 Jun 2024 13:28:17 GMT
server
cloudflare
etag
W/"232b9a-19011c8e64e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EKhl4IjIC0I0OjRt4rDMpLrpSZH0wXHeqti1JMZng9KtadWgVrMg7XEEZe4baciFk3W49fhK60ScKEBQWiI19sMOCprH04k6Os%2FyQypiFk94cBOKhdUqDiVS3EJ1FXEgWnkYQ93ZyHYLMYcY%2Fq7eF%2BRAqAE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-sent
true
x-timestamp
1718454287276
cache-control
public, max-age=1800
x-robots-tag
noindex,nofollow
cf-ray
894289fe89e4a031-FRA
aba97bb.js
app-stge.sportskred.com/_nuxt/ 		141 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-stge.sportskred.com/_nuxt/aba97bb.js
Requested by
Host: app-stge.sportskred.com
URL: https://app-stge.sportskred.com/_nuxt/e25ada9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.78.184.137 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.184.78.34.bc.googleusercontent.com
Software
/
Resource Hash
ff30e0f2eece4dd801dfa47bccad57d9042ebc59f22372334b272357408d17e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app-stge.sportskred.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 12:24:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 13 Jun 2024 18:38:10 GMT
etag
W/"23302-19012e49a50"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
44ecca3.js
app-stge.sportskred.com/_nuxt/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-stge.sportskred.com/_nuxt/44ecca3.js
Requested by
Host: app-stge.sportskred.com
URL: https://app-stge.sportskred.com/_nuxt/e25ada9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.78.184.137 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.184.78.34.bc.googleusercontent.com
Software
/
Resource Hash
c40bf601257f8f85f25247d6d4106f15beee8b291f05e50bbed5c2f952efeab3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app-stge.sportskred.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 12:24:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 13 Jun 2024 18:38:10 GMT
etag
W/"3d5b-19012e49a50"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
sdk-KCN78927RDJID.json
static.userguiding.com/media/ 		38 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.userguiding.com/media/sdk-KCN78927RDJID.json
Requested by
Host: static.userguiding.com
URL: https://static.userguiding.com/media/user-guiding-KCN78927RDJID-embedded.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
54cce6f57d5639b1079418bc8d00a5c08d16f5716e83c302c50b2f51f6c5ad4c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://app-stge.sportskred.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 12:24:48 GMT
strict-transport-security
max-age=0; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
last-modified
Sat, 15 Jun 2024 10:01:25 GMT
server
cloudflare
etag
W/"97b6-1901b583cd0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HiHWXT9Pin4YYiuo6Dx1xjt0oi5oXqCGzjI%2Fteg5dHetUT023TDh1T9q%2BRCsUO5OdduTxawb96wJPWy6IgQ0B5yJ5Bj0ys5K7TXL%2B73dv3f2L1mHnTV6kGkOJwKtBr8DEsFyOKQ6R2J2uDCT5x57D23RU0w%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
x-sent
true
x-timestamp
1718454288380
cache-control
public, max-age=0
x-robots-tag
noindex,nofollow
cf-ray
89428a056f47995a-FRA
favicon.ico
app-stge.sportskred.com/ 		1 KB
697 B 		Other
General
Check archive.org
Download Go to
Full URL
https://app-stge.sportskred.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.78.184.137 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.184.78.34.bc.googleusercontent.com
Software
/
Resource Hash
2b66514741144dde08b6818902dff3c922c3c49b365a055752d73c8748c0d4c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app-stge.sportskred.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 12:24:48 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 13 Jun 2024 18:33:07 GMT
etag
W/"47e-19012dffab8"
vary
Accept-Encoding
content-type
image/x-icon
cache-control
public, max-age=0
accept-ranges
bytes
identify
user.userguiding.com/sdk/ 		976 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://user.userguiding.com/sdk/identify
Requested by
Host: static.userguiding.com
URL: https://static.userguiding.com/media/user-guiding-KCN78927RDJID-embedded.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35d49a9178e07949cdf9c7f6f3775a61b0af56faea600be8f1f8336b56f02e34
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://app-stge.sportskred.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 12:24:49 GMT
strict-transport-security
max-age=0; includeSubDomains
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IorvaqgPe1IeslTbPP%2Fg7xcE8NJFAptzgsuScwxuceE6SqgUcWsoms919hr1yvUMZDMhxRUQMu9BnRvWL4h0mn%2BXUApiN6Lk1GKem0EBEjyZkwXZ6N6%2B1E2fKYCjANZestwU%2F1BSA%2BB0P6WtOL%2BvKupf"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-allow-credentials
true
x-robots-tag
noindex,nofollow
cf-ray
89428a0988d33612-FRA
content-length
976
identify
user.userguiding.com/sdk/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://user.userguiding.com/sdk/identify
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://app-stge.sportskred.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://app-stge.sportskred.com
access-control-max-age
600
cf-cache-status
DYNAMIC
cf-ray
89428a087f6d3612-FRA
content-length
2
content-type
text/plain; charset=utf-8
date
Sat, 15 Jun 2024 12:24:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nZEGEsVgoifIW3mX6nGrlh8aFPibg0fvTiTlyyqIUvRPK%2BouIpKuvplMPRG0dvOm7I3ul5N0rhqOXsTZQ06u7wjBaJrUx485Xt09j8Xui36MfJ6EiJEDn8x7TdrODba0TadRUkaMOED%2F5jOzBh5dzpzJ"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains
vary
Origin
x-robots-tag
noindex,nofollow
events
user.userguiding.com/sdk/ 		1003 B
755 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://user.userguiding.com/sdk/events
Requested by
Host: static.userguiding.com
URL: https://static.userguiding.com/media/user-guiding-KCN78927RDJID-embedded.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b565505117ab28cbc37b61c0a2ba7c21624fde97f0d34af71034703b08a6e0c1
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://app-stge.sportskred.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 12:24:50 GMT
strict-transport-security
max-age=0; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bMC4%2Ff7dAFfrRZ03x24IRYWbu4GbYRCcvv%2BOad0H8A%2BOl7NJdO%2FUw7bY9adMlUJ3wPILa1QK99ErrIwDL35r6uhkKTtkLopevxi7C0Lom7ErRu4m2w5%2B8WPYthTjZuOKG69esVAyUB3O4lnJgBVRyR7n"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
x-robots-tag
noindex,nofollow
cf-ray
89428a0ec8f13612-FRA
events
user.userguiding.com/sdk/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://user.userguiding.com/sdk/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://app-stge.sportskred.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://app-stge.sportskred.com
access-control-max-age
600
cf-cache-status
DYNAMIC
cf-ray
89428a0dcf883612-FRA
content-length
2
content-type
text/plain; charset=utf-8
date
Sat, 15 Jun 2024 12:24:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nhWwQcYulKyK7Y4FkMhVZtzA8teNg2smzMLbf7W0yplcsNc4rPed3dpX5pQVrgDILFvw2RSAT2uUJwWIhNgAn%2FMoVBRKzDUiNreLgwvyijXhIrhEjQF3ijwZBtPVjs92xkCZ2s2RltRLYS16MUdc%2B3gh"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains
vary
Origin
x-robots-tag
noindex,nofollow

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 undefined| event object| fence object| sharedStorage object| __NUXT__ object| webpackJsonp function| installComponents object| regeneratorRuntime function| setImmediate function| clearImmediate function| _ object| onNuxtReadyCbs function| onNuxtReady function| Hammer object| core function| ChoiceField function| ListBox function| ComboBox function| EditBox function| Button function| PushButton function| RadioButton function| CheckBox function| TextField function| PasswordField object| AcroForm function| _jzlib_Deflater function| Deflater function| RGBColor function| PNG object| userGuidingLayer object| userGuiding object| $nuxt boolean| _subscribeToAttributeChangesActive string| userGuidingUserId object| __ugPreviewFunctionContext object| userGuidingUserStorage

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains