urlscan.io logo urlscan.io
SecurityTrails logo

app.buddypunch.com Open in urlscan Pro
23.96.207.177  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://app.buddypunch.com/
Effective URL: https://app.buddypunch.com/Account/Logon
Submission: On September 15 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 26 IPs in 4 countries across 20 domains to perform 62 HTTP transactions. The main IP is 23.96.207.177, located in Chicago, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is app.buddypunch.com. The Cisco Umbrella rank of the primary domain is 574605.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 10th 2020. Valid for: 2 years.
This is the only time app.buddypunch.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 9 23.96.207.177 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
7 2620:1ec:46::45 8068 (MICROSOFT...)
6 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:249... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 172.217.18.98 15169 (GOOGLE)
1 4 2620:1ec:c11:... 8068 (MICROSOFT...)
1 52.222.206.6 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2620:1ec:27::... 8075 (MICROSOFT...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 34.208.96.37 16509 (AMAZON-02)
1 151.101.130.137 54113 (FASTLY)
1 2 20.234.93.27 8075 (MICROSOFT...)
1 20.96.88.162 8075 (MICROSOFT...)
1 162.247.241.14 23467 (NEWRELIC-...)
62 26
9    23.96.207.177 (Chicago, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
app.buddypunch.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
7    2620:1ec:46::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
buddypunch-cdn.azureedge.net
6    2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2600:9000:2490:b400:17:62f0:2dc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.raygun.io
1    2a00:1450:400e:80f::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
11    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6812:246 (United States)

ASN13335 (CLOUDFLARENET, US)
snippet.growsumo.com
4    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2606:4700::6812:bd4 (United States)

ASN13335 (CLOUDFLARENET, US)
grsm.io
3    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
www.googleadservices.com
4    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
1    52.222.206.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-6.fra56.r.cloudfront.net
cdn.amplitude.com
1    2606:4700::6812:1f85 (United States)

ASN13335 (CLOUDFLARENET, US)
partnerlinks.io
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2620:1ec:27::cafe:1761 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    34.208.96.37 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-208-96-37.us-west-2.compute.amazonaws.com
api.amplitude.com
1    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    20.234.93.27 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    20.96.88.162 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
k.clarity.ms
1    162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
Apex Domain
Subdomains		 Transfer
15 gstatic.com
fonts.gstatic.com
www.gstatic.com
468 KB
9 buddypunch.com
app.buddypunch.com — Cisco Umbrella Rank: 574605
137 KB
7 azureedge.net
buddypunch-cdn.azureedge.net — Cisco Umbrella Rank: 640680
981 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 2
41 KB
5 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 557
c.clarity.ms — Cisco Umbrella Rank: 998
k.clarity.ms — Cisco Umbrella Rank: 5452
26 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 375
c.bing.com — Cisco Umbrella Rank: 220
13 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
61 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6352
655 B
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
2 KB
2 amplitude.com
cdn.amplitude.com — Cisco Umbrella Rank: 2561
api.amplitude.com — Cisco Umbrella Rank: 1363
26 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 293
fonts.googleapis.com — Cisco Umbrella Rank: 40
7 KB
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 215
620 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 326
14 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 209
2 KB
1 partnerlinks.io
partnerlinks.io — Cisco Umbrella Rank: 15866
204 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 128
16 KB
1 grsm.io
grsm.io — Cisco Umbrella Rank: 14488
235 B
1 growsumo.com
snippet.growsumo.com — Cisco Umbrella Rank: 32106
3 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
85 KB
1 raygun.io
cdn.raygun.io — Cisco Umbrella Rank: 13259
21 KB
62 20
Domain Requested by
11 fonts.gstatic.com fonts.googleapis.com
www.google.com
9 app.buddypunch.com 2 redirects app.buddypunch.com
7 buddypunch-cdn.azureedge.net app.buddypunch.com
6 www.google.com app.buddypunch.com
www.gstatic.com
www.google.com
4 www.gstatic.com www.google.com
www.gstatic.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
app.buddypunch.com
3 www.google-analytics.com www.googletagmanager.com
cdn.raygun.io
2 c.clarity.ms 1 redirects
2 www.clarity.ms bat.bing.com
www.clarity.ms
2 www.google.de app.buddypunch.com
1 bam.nr-data.net js-agent.newrelic.com
1 k.clarity.ms cdn.raygun.io
1 c.bing.com 1 redirects
1 js-agent.newrelic.com app.buddypunch.com
1 api.amplitude.com cdn.raygun.io
1 cdnjs.cloudflare.com buddypunch-cdn.azureedge.net
1 stats.g.doubleclick.net cdn.raygun.io
1 googleads.g.doubleclick.net www.googleadservices.com
1 partnerlinks.io cdn.raygun.io
1 cdn.amplitude.com app.buddypunch.com
1 www.googleadservices.com www.googletagmanager.com
1 grsm.io snippet.growsumo.com
1 snippet.growsumo.com app.buddypunch.com
1 www.googletagmanager.com app.buddypunch.com
1 fonts.googleapis.com ajax.googleapis.com
1 cdn.raygun.io app.buddypunch.com
1 ajax.googleapis.com app.buddypunch.com
62 27

This site contains links to these domains. Also see Links.

Domain
docs.buddypunch.com
Subject Issuer Validity Valid
*.buddypunch.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-10 -
2022-11-12		 2 years crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.azureedge.net
Microsoft Azure TLS Issuing CA 02		 2022-08-03 -
2023-07-29		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.raygun.io
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-10-11 -
2022-11-11		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-09-03 -
2023-03-03		 6 months crt.sh
cdn.amplitude.com
Amazon		 2021-12-17 -
2023-01-14		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-27 -
2023-02-27		 a year crt.sh
*.amplitude.com
COMODO RSA Domain Validation Secure Server CA		 2022-01-28 -
2023-02-28		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-07-10 -
2023-08-11		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 02		 2022-06-07 -
2023-06-02		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-10 -
2023-02-10		 a year crt.sh

This page contains 2 frames:

Primary Page: https://app.buddypunch.com/Account/Logon
Frame ID: DB3542450955C904E4155A13D16A6EC0
Requests: 54 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfmfakZAAAAADnXIu_8rDEZOPL_0cBnc1tk4DRQ&co=aHR0cHM6Ly9hcHAuYnVkZHlwdW5jaC5jb206NDQz&hl=de&v=g8G8cw32bNQPGUVoDvt680GA&size=invisible&cb=bnvr2zrbbyuo
Frame ID: E9D6549307A118BE7A05D331012DC4FD
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Buddy Punch Login | Time Clock & Scheduling Software

Page URL History Show full URLs

  1. http://app.buddypunch.com/ HTTP 301
    https://app.buddypunch.com/ HTTP 302
    https://app.buddypunch.com/Account/Logon Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\.amplitude\.com
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

62
Requests

98 %
HTTPS

69 %
IPv6

20
Domains

27
Subdomains

26
IPs

4
Countries

1904 kB
Transfer

5810 kB
Size

26
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://app.buddypunch.com/ HTTP 301
    https://app.buddypunch.com/ HTTP 302
    https://app.buddypunch.com/Account/Logon Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=E92A99A0DEBC4FF98FE85D4AD00F9046&RedC=c.clarity.ms&MXFR=3623D46D04A463593FE0C64D00A46D57 HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=E92A99A0DEBC4FF98FE85D4AD00F9046&MUID=1E41EAE54AAA6DE21CE2F8C54BC16C57

62 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Logon
app.buddypunch.com/Account/
Redirect Chain
  • http://app.buddypunch.com/
  • https://app.buddypunch.com/
  • https://app.buddypunch.com/Account/Logon
28 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.buddypunch.com/Account/Logon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.207.177 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a6f8280edf761b4e544fcd923b65acfe9bfb92f0a1a8a733ce621549973f2bdf
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

arr-disable-session-affinity
True
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
10749
content-type
text/html; charset=utf-8
date
Thu, 15 Sep 2022 19:40:30 GMT
expires
-1
pragma
no-cache
strict-transport-security
max-age=16070400; includeSubDomains
vary
Accept-Encoding
x-frame-options
DENY

Redirect headers

arr-disable-session-affinity
True
cache-control
private
content-length
0
date
Thu, 15 Sep 2022 19:40:30 GMT
location
/Account/Logon
strict-transport-security
max-age=16070400; includeSubDomains
x-frame-options
DENY
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.16/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.16/webfont.js
Requested by
Host: app.buddypunch.com
URL: https://app.buddypunch.com/Account/Logon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a28396880470a28e0525bdc0ea326ffb811de7de13662d02f7530dbbe3f12d90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.buddypunch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 19:20:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
87585
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5480
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Sep 2023 19:20:46 GMT
bundle.css
buddypunch-cdn.azureedge.net/dist/ 		2 MB
251 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buddypunch-cdn.azureedge.net/dist/bundle.css
Requested by
Host: app.buddypunch.com
URL: https://app.buddypunch.com/Account/Logon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
80055eb64ff2e667488388b3c108966f6a1f08350ee3ef462f0f620363a3ca1d
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.buddypunch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 12 Sep 2022 13:49:28 GMT
x-azure-ref-originshield
0r38jYwAAAADztU1ALGsHTJ9QyxUSlXEVRlJBMjMxMDUwNDE3MDExAGE3M2VjZDQ2LTg1OTgtNDE3ZS1iNjI1LTMzN2ZhY2YzZWJjYQ==
cache-control
max-age=31536000
etag
"0e4f279aec6d81:0"
x-frame-options
DENY
x-cache
TCP_REMOTE_HIT
content-type
text/css
arr-disable-session-affinity
True
date
Thu, 15 Sep 2022 19:40:31 GMT
x-azure-ref
0r38jYwAAAAAdt+QKDmByR6JUkfhNWgkyRlJBRURHRTEwMTEAYTczZWNkNDYtODU5OC00MTdlLWI2MjUtMzM3ZmFjZjNlYmNh
accept-ranges
bytes
app-bundle.css
app.buddypunch.com/dist/v-637980885520000000/ 		167 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.buddypunch.com/dist/v-637980885520000000/app-bundle.css
Requested by
Host: app.buddypunch.com
URL: https://app.buddypunch.com/Account/Logon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.207.177 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bb3b439d69ef2a6d553357d9e068982e06a780a031d1a708e20620e573e03383
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.buddypunch.com/Account/Logon
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 19:40:31 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 06 Sep 2022 19:15:52 GMT
cache-control
max-age=31536000
etag
"0a4711425c2d81:0"
x-frame-options
DENY
content-type
text/css
arr-disable-session-affinity
True
strict-transport-security
max-age=16070400; includeSubDomains
accept-ranges
bytes
content-length
41843
api.js
www.google.com/recaptcha/ 		884 B
997 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LfmfakZAAAAADnXIu_8rDEZOPL_0cBnc1tk4DRQ
Requested by
Host: app.buddypunch.com
URL: https://app.buddypunch.com/Account/Logon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
39fc8443f1d85eea30a49897f2b6de70ba8b8822e2ac9d53f85a1be8b8d13f35
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.buddypunch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 19:40:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
584
x-xss-protection
1; mode=block
expires
Thu, 15 Sep 2022 19:40:31 GMT
Buddy-Punch_Header_Logo.png
buddypunch-cdn.azureedge.net/dist/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buddypunch-cdn.azureedge.net/dist/images/Buddy-Punch_Header_Logo.png
Requested by
Host: app.buddypunch.com
URL: https://app.buddypunch.com/Account/Logon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
99deeb81f5121325af94e5aa703752a5e03ac4ae9904717c0b269094ed296cc2
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.buddypunch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
last-modified
Mon, 12 Sep 2022 13:51:08 GMT
x-azure-ref-originshield
0r38jYwAAAAB9zUcGZMvMRYFZgGKtSHrmRlJBMjMxMDUwNDE4MDUxAGE3M2VjZDQ2LTg1OTgtNDE3ZS1iNjI1LTMzN2ZhY2YzZWJjYQ==
cache-control
max-age=31536000
etag
"0ae8db5aec6d81:0"
x-frame-options
DENY
x-cache
TCP_REMOTE_HIT
content-type
image/png
arr-disable-session-affinity
True
date
Thu, 15 Sep 2022 19:40:31 GMT
x-azure-ref
0r38jYwAAAAB8cf/4CLzuTYmrI6U5sZS7RlJBRURHRTEwMTEAYTczZWNkNDYtODU5OC00MTdlLWI2MjUtMzM3ZmFjZjNlYmNh
accept-ranges
bytes
content-length
3340
facial_recognition_login.png
buddypunch-cdn.azureedge.net/dist/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buddypunch-cdn.azureedge.net/dist/images/facial_recognition_login.png
Requested by
Host: app.buddypunch.com
URL: https://app.buddypunch.com/Account/Logon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b63cb9e94ffd80456720d6bf53a2cacdd57c6e05bd01a7e212e2741b1cde8f8b
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.buddypunch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
last-modified
Mon, 12 Sep 2022 13:51:10 GMT
x-azure-ref-originshield
0r38jYwAAAABCPrtA6pYCR5PCjH394Oy7RlJBMjMxMDUwNDE4MDM1AGE3M2VjZDQ2LTg1OTgtNDE3ZS1iNjI1LTMzN2ZhY2YzZWJjYQ==
cache-control
max-age=31536000
etag
"0dbbeb6aec6d81:0"
x-frame-options
DENY
x-cache
TCP_REMOTE_HIT
content-type
image/png
arr-disable-session-affinity
True
date
Thu, 15 Sep 2022 19:40:31 GMT
x-azure-ref
0r38jYwAAAAARszGZJd5BSbafdgcP7X0DRlJBRURHRTEwMTEAYTczZWNkNDYtODU5OC00MTdlLWI2MjUtMzM3ZmFjZjNlYmNh
accept-ranges
bytes
content-length
3939
default_qrcode.png
buddypunch-cdn.azureedge.net/dist/images/ 		805 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buddypunch-cdn.azureedge.net/dist/images/default_qrcode.png
Requested by
Host: app.buddypunch.com
URL: https://app.buddypunch.com/Account/Logon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
debea4a1159831cfe60c2d258a8947c67234a34a6b2f097d2df27e4b693b0a81
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.buddypunch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
last-modified
Wed, 14 Sep 2022 22:00:40 GMT
x-azure-ref-originshield
0r38jYwAAAAAYroOQiAWKSIu/lvSasj39RlJBMjMxMDUwNDE3MDI5AGE3M2VjZDQ2LTg1OTgtNDE3ZS1iNjI1LTMzN2ZhY2YzZWJjYQ==
cache-control
max-age=31536000
etag
"0b4746d85c8d81:0"
x-frame-options
DENY
x-cache
TCP_REMOTE_HIT
content-type
image/png
arr-disable-session-affinity
True
date
Thu, 15 Sep 2022 19:40:31 GMT
x-azure-ref
0r38jYwAAAAAit50lw35XS7A7gSI+tDBdRlJBRURHRTEwMTEAYTczZWNkNDYtODU5OC00MTdlLWI2MjUtMzM3ZmFjZjNlYmNh
accept-ranges
bytes
content-length
805
pin_web_kiosk.png
buddypunch-cdn.azureedge.net/dist/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buddypunch-cdn.azureedge.net/dist/images/pin_web_kiosk.png
Requested by
Host: app.buddypunch.com
URL: https://app.buddypunch.com/Account/Logon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
61c357eae9472720352a396c4ec551d70a0d9509c19bf59a8b7778925fc8965c
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.buddypunch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
last-modified
Mon, 12 Sep 2022 13:51:10 GMT
x-azure-ref-originshield
0r38jYwAAAADwubKfj/KGQrPtSftfH7TSRlJBMjMxMDUwNDE4MDI5AGE3M2VjZDQ2LTg1OTgtNDE3ZS1iNjI1LTMzN2ZhY2YzZWJjYQ==
cache-control
max-age=31536000
etag
"0dbbeb6aec6d81:0"
x-frame-options
DENY
x-cache
TCP_REMOTE_HIT
content-type
image/png
arr-disable-session-affinity
True
date
Thu, 15 Sep 2022 19:40:31 GMT
x-azure-ref
0r38jYwAAAABgOR5+T+HeSpFMD2+Vc7+jRlJBRURHRTEwMTEAYTczZWNkNDYtODU5OC00MTdlLWI2MjUtMzM3ZmFjZjNlYmNh
accept-ranges
bytes
content-length
1039
bundle.js
buddypunch-cdn.azureedge.net/dist/ 		2 MB
716 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buddypunch-cdn.azureedge.net/dist/bundle.js
Requested by
Host: app.buddypunch.com
URL: https://app.buddypunch.com/Account/Logon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
81e65715305d74f8825c6988aa8191ec2eadfd32f0c34adcf3398484b938f09b
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.buddypunch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 12 Sep 2022 13:51:08 GMT
x-azure-ref-originshield
0r38jYwAAAAD904d89FQQTbEU6jmB9GQWRlJBMjMxMDUwNDE4MDQ1AGE3M2VjZDQ2LTg1OTgtNDE3ZS1iNjI1LTMzN2ZhY2YzZWJjYQ==
cache-control
max-age=31536000
etag
"0ae8db5aec6d81:0"
x-frame-options
DENY
x-cache
TCP_REMOTE_HIT
content-type
application/x-javascript
arr-disable-session-affinity
True
date
Thu, 15 Sep 2022 19:40:31 GMT
x-azure-ref
0r38jYwAAAABYfyVXX034Q7ux1HRsQ8E5RlJBRURHRTEwMTEAYTczZWNkNDYtODU5OC00MTdlLWI2MjUtMzM3ZmFjZjNlYmNh
accept-ranges
bytes
app-bundle.js
app.buddypunch.com/dist/v-637980886580000000/ 		245 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.buddypunch.com/dist/v-637980886580000000/app-bundle.js
Requested by
Host: app.buddypunch.com
URL: https://app.buddypunch.com/Account/Logon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.207.177 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b3389bd03b7055602b862c8eed3dc61d9d36a921b223d3dd7c67c2bd6b4d45b8
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.buddypunch.com/Account/Logon
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 19:40:31 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 06 Sep 2022 19:17:38 GMT
cache-control
max-age=31536000
etag
"0f59f5325c2d81:0"
x-frame-options
DENY
content-type
application/x-javascript
arr-disable-session-affinity
True
strict-transport-security
max-age=16070400; includeSubDomains
accept-ranges
bytes
smartbanner.min.js
buddypunch-cdn.azureedge.net/dist/additionalScripts/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buddypunch-cdn.azureedge.net/dist/additionalScripts/smartbanner.min.js
Requested by
Host: app.buddypunch.com
URL: https://app.buddypunch.com/Account/Logon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0903d1d09c03eaba47e224999410e72bec488598210614a30fc2232cdce9b9aa
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.buddypunch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 12 Sep 2022 13:51:08 GMT
x-azure-ref-originshield
0r38jYwAAAADWhpguT/u2TZORWHPyCKZJRlJBMjMxMDUwNDE3MDM3AGE3M2VjZDQ2LTg1OTgtNDE3ZS1iNjI1LTMzN2ZhY2YzZWJjYQ==
cache-control
max-age=31536000
etag
"0ae8db5aec6d81:0"
x-frame-options
DENY
x-cache
TCP_REMOTE_HIT
content-type
application/x-javascript
arr-disable-session-affinity
True
date
Thu, 15 Sep 2022 19:40:31 GMT
x-azure-ref
0r38jYwAAAADq7SmF6inoSoJreBuGazrtRlJBRURHRTEwMTEAYTczZWNkNDYtODU5OC00MTdlLWI2MjUtMzM3ZmFjZjNlYmNh
accept-ranges
bytes
content-length
3936
utm_form-1.1.0.min.js
app.buddypunch.com/Scripts/utm_form/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.buddypunch.com/Scripts/utm_form/utm_form-1.1.0.min.js
Requested by
Host: app.buddypunch.com
URL: https://app.buddypunch.com/Account/Logon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.207.177 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
40ce6f40eb905064b3fac270bffb4fca30fb92533e968b4c2f4162974a1ad3d0
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.buddypunch.com/Account/Logon
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 19:40:30 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 06 Sep 2022 19:13:46 GMT
cache-control
max-age=31536000
etag
"09157c924c2d81:0"
x-frame-options
DENY
content-type
application/x-javascript
arr-disable-session-affinity
True
strict-transport-security
max-age=16070400; includeSubDomains
accept-ranges
bytes
content-length
2599
raygun.min.js
cdn.raygun.io/raygun4js/ 		68 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.raygun.io/raygun4js/raygun.min.js
Requested by
Host: app.buddypunch.com
URL: https://app.buddypunch.com/Account/Logon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:b400:17:62f0:2dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
672c06ecc22211e9e8b8e20f83271a52d81945d1eb9f5b8d2886eb59bbdc7d49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.buddypunch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 05:58:42 GMT
content-encoding
gzip
last-modified
Tue, 19 Jul 2022 21:15:14 GMT
server
AmazonS3
age
67760
etag
W/"677413d0a23da339064232023ede5601"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
mXj7L6Rw2uHnl6WJqlD-KaAGxDxY_7JKNspQK7ZQPgeRkvDNaHaRGw==
css
fonts.googleapis.com/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700%7CRoboto:300,400,500,600,700
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.16/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
498b420c77ee388404c8b47f2d05e4b095d93c12c612e8230dc1281822de8e1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.buddypunch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 19:37:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 15 Sep 2022 19:40:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 15 Sep 2022 19:40:31 GMT
pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700%7CRoboto:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://app.buddypunch.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 19:25:01 GMT
x-content-type-options
nosniff
age
87330
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7840
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:51:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Sep 2023 19:25:01 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700%7CRoboto:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://app.buddypunch.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 19:25:00 GMT
x-content-type-options
nosniff
age
87331
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Sep 2023 19:25:00 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700%7CRoboto:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://app.buddypunch.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 19:25:01 GMT
x-content-type-options
nosniff
age
87330
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Sep 2023 19:25:01 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700%7CRoboto:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://app.buddypunch.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 19:25:01 GMT
x-content-type-options
nosniff
age
87330
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8000
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:59:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Sep 2023 19:25:01 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700%7CRoboto:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://app.buddypunch.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 19:24:52 GMT
x-content-type-options
nosniff
age
87339
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Sep 2023 19:24:52 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700%7CRoboto:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://app.buddypunch.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 11:47:17 GMT
x-content-type-options
nosniff
age
287594
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Sep 2023 11:47:17 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700%7CRoboto:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://app.buddypunch.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 08:01:51 GMT
x-content-type-options
nosniff
age
41920
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Sep 2023 08:01:51 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700%7CRoboto:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://app.buddypunch.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 20:10:25 GMT
x-content-type-options
nosniff
age
84606
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Sep 2023 20:10:25 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700%7CRoboto:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://app.buddypunch.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:29:41 GMT
x-content-type-options
nosniff
age
396650
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Sep 2023 05:29:41 GMT
gtm.js
www.googletagmanager.com/ 		271 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NHMHK8Z
Requested by
Host: app.buddypunch.com
URL: https://app.buddypunch.com/Account/Logon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
583bc953dfe09505fa01072242c6e6fdb4154dcbb1c663bf96a4bda31c7e3213
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.buddypunch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 19:40:31 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86948
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 19:02:56 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 15 Sep 2022 19:40:31 GMT
growsumo.min.js
snippet.growsumo.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snippet.growsumo.com/growsumo.min.js
Requested by
Host: app.buddypunch.com
URL: https://app.buddypunch.com/Account/Logon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0be9c85966eeed0b1af9a530e56d8b0ba5cfe2c46d293f4c77b66ddbe9be3d5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.buddypunch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74b3d5aafcc1233d-ZRH
date
Thu, 15 Sep 2022 19:40:31 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 14 Sep 2022 17:43:45 GMT
server
cloudflare
age
8
etag
W/"632212d1-18b1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
content-encoding
br
expires
Thu, 15 Sep 2022 23:40:31 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/ 		390 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfmfakZAAAAADnXIu_8rDEZOPL_0cBnc1tk4DRQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c1dbb67cd9021604a4b6e9b0685afa71ce51d3c50ca4b059c8af8a53491043f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.buddypunch.com/
Origin
https://app.buddypunch.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 16:45:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10516
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
158665
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 00:04:24 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Sep 2023 16:45:15 GMT
g-logo.png
app.buddypunch.com/dist/images/google-signin/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.buddypunch.com/dist/images/google-signin/g-logo.png
Requested by
Host: app.buddypunch.com
URL: https://app.buddypunch.com/dist/v-637980885520000000/app-bundle.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.207.177 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d382aea88f9c3cc757f203991c78e496d075e3fd25c6b89ce0bcd082cf7a730c
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.buddypunch.com/dist/v-637980885520000000/app-bundle.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 19:40:31 GMT
last-modified
Tue, 06 Sep 2022 19:17:38 GMT
cache-control
max-age=31536000
etag
"0f59f5325c2d81:0"
x-frame-options
DENY
content-type
image/png
arr-disable-session-affinity
True
strict-transport-security
max-age=16070400; includeSubDomains
accept-ranges
bytes
content-length
1772
Logo_Black@3x.png
app.buddypunch.com/dist/images/apple/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.buddypunch.com/dist/images/apple/Logo_Black@3x.png
Requested by
Host: app.buddypunch.com
URL: https://app.buddypunch.com/dist/v-637980885520000000/app-bundle.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.207.177 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9cb093ebe058d7f686178d73557847c509534793ce42f7092f4a7cf9d7b5eea2
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.buddypunch.com/dist/v-637980885520000000/app-bundle.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 19:40:30 GMT
last-modified
Tue, 06 Sep 2022 19:17:38 GMT
cache-control
max-age=31536000
etag
"0f59f5325c2d81:0"
x-frame-options
DENY
content-type
image/png
arr-disable-session-affinity
True
strict-transport-security
max-age=16070400; includeSubDomains
accept-ranges
bytes
content-length
3015
Sign_in_blue_btn_med_default2x.png
app.buddypunch.com/dist/images/intuit-signin/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.buddypunch.com/dist/images/intuit-signin/Sign_in_blue_btn_med_default2x.png
Requested by
Host: app.buddypunch.com
URL: https://app.buddypunch.com/dist/v-637980885520000000/app-bundle.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.207.177 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f4df545cd86e9316910df9368a76027c76c78cf355df2a6a20d68b6dee2ccc67
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.buddypunch.com/dist/v-637980885520000000/app-bundle.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 19:40:31 GMT
last-modified
Tue, 06 Sep 2022 19:17:38 GMT
cache-control
max-age=31536000
etag
"0f59f5325c2d81:0"
x-frame-options
DENY
content-type
image/png
arr-disable-session-affinity
True
strict-transport-security
max-age=16070400; includeSubDomains
accept-ranges
bytes
content-length
3283
pk_dGv7drMcNZEYCUAc1TMn5lzpeXhEJOdz
grsm.io/pr/gpk/ 		0
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grsm.io/pr/gpk/pk_dGv7drMcNZEYCUAc1TMn5lzpeXhEJOdz
Requested by
Host: snippet.growsumo.com
URL: https://snippet.growsumo.com/growsumo.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bd4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.buddypunch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 19:40:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="This is not a P3P policy! See our docs for more info."
access-control-allow-origin
https://app.buddypunch.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
cf-ray
74b3d5ac2f860200-ZRH
content-type
text/plain; charset=utf-8
content-length
0
optimize.js
www.google-analytics.com/gtm/ 		105 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/optimize.js?id=OPT-WRXQDGK
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHMHK8Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1b162c9d52ab50cf2ab8c70041ef700c221ff07cd529e7f727074c2fd9815090
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.buddypunch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 19:40:32 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41647
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 19:11:59 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 15 Sep 2022 19:40:32 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHMHK8Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.buddypunch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
2312
date
Thu, 15 Sep 2022 19:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 15 Sep 2022 21:02:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		41 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHMHK8Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.buddypunch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 19:40:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15690
x-xss-protection
0
server
cafe
etag
13194339052015637803
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 15 Sep 2022 19:40:32 GMT
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHMHK8Z
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.buddypunch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 17:32:37 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 914AE994CEB24EAD93D432A7CE52CA8D Ref B: FRAEDGE1511 Ref C: 2022-09-15T19:40:32Z
etag
"80a8697a8a2d81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
date
Thu, 15 Sep 2022 19:40:31 GMT
accept-ranges
bytes
content-length
11376
amplitude-4.5.2-min.gz.js
cdn.amplitude.com/libs/ 		76 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.amplitude.com/libs/amplitude-4.5.2-min.gz.js
Requested by
Host: app.buddypunch.com
URL: https://app.buddypunch.com/Account/Logon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.206.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-6.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5a28f221720bef2396de8f1113568e75fd2cb28c76ffb3efe31d4d28a26bdee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.buddypunch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 10:47:48 GMT
content-encoding
gzip
age
27507165
x-cache
Hit from cloudfront
content-length
25727
access-control-allow-origin
*
last-modified
Mon, 21 Oct 2019 15:45:34 GMT
server
AmazonS3
etag
"5e816d32cb1cd1f7bda71ead48ac192e"
x-amz-version-id
zskY2uLkrv0oL4SiNEoxREaWRVRZwrqD
via
1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
XKs1ON-m7hqD5CGTMy72XziVCDsquJ3YwwbKfxH0vIwP-mjA_co-og==
collect
www.google-analytics.com/j/ 		2 B
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=22256918&t=pageview&_s=1&dl=https%3A%2F%2Fapp.buddypunch.com%2FAccount%2FLogon&ul=en-us&de=UTF-8&dt=Buddy%20Punch%20Login%20%7C%20Time%20Clock%20%26%20Scheduling%20Software&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABQAAAAC~&jid=608466931&gjid=1485421819&cid=1408212254.1663270832&tid=UA-42211102-1&_gid=1480736834.1663270832&_r=1&gtm=2wg9e0NHMHK8Z&cd3=1408212254.1663270832&z=1927119528
Requested by
Host: cdn.raygun.io
URL: https://cdn.raygun.io/raygun4js/raygun.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://app.buddypunch.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 19:40:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.buddypunch.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
pk_dGv7drMcNZEYCUAc1TMn5lzpeXhEJOdz
partnerlinks.io/pr/gpk/ 		0
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://partnerlinks.io/pr/gpk/pk_dGv7drMcNZEYCUAc1TMn5lzpeXhEJOdz
Requested by
Host: cdn.raygun.io
URL: https://cdn.raygun.io/raygun4js/raygun.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.buddypunch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 19:40:32 GMT
content-type
text/plain; charset=utf-8
server
cloudflare
vary
Accept-Encoding
p3p
CP="This is not a P3P policy! See our docs for more info."
access-control-allow-origin
https://app.buddypunch.com
access-control-allow-credentials
true
cf-ray
74b3d5ae0f7f0225-ZRH
content-length
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/979866078/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/979866078/?random=1663270832232&cv=9&fst=1663270832232&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9e0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fapp.buddypunch.com%2FAccount%2FLogon&tiba=Buddy%20Punch%20Login%20%7C%20Time%20Clock%20%26%20Scheduling%20Software&auid=371686322.1663270832&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7751cab980d27f82d89dc61e90b60a815bc5861959a2b284f054914fcaa0881
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.buddypunch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 19:40:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1054
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-42211102-1&cid=1408212254.1663270832&jid=608466931&gjid=1485421819&_gid=1480736834.1663270832&_u=aEBAAEAAQAAAAC~&z=727494319
Requested by
Host: cdn.raygun.io
URL: https://cdn.raygun.io/raygun4js/raygun.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app.buddypunch.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 15 Sep 2022 19:40:32 GMT
content-type
text/plain
access-control-allow-origin
https://app.buddypunch.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/979866078/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/979866078/?random=1663270832232&cv=9&fst=1663268400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9e0&sendb=1&frm=0&url=https%3A%2F%2Fapp.buddypunch.com%2FAccount%2FLogon&tiba=Buddy%20Punch%20Login%20%7C%20Time%20Clock%20%26%20Scheduling%20Software&async=1&fmt=3&is_vtc=1&random=139974557&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: app.buddypunch.com
URL: https://app.buddypunch.com/Account/Logon
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.buddypunch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 19:40:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/979866078/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/979866078/?random=1663270832232&cv=9&fst=1663268400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9e0&sendb=1&frm=0&url=https%3A%2F%2Fapp.buddypunch.com%2FAccount%2FLogon&tiba=Buddy%20Punch%20Login%20%7C%20Time%20Clock%20%26%20Scheduling%20Software&async=1&fmt=3&is_vtc=1&random=139974557&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: app.buddypunch.com
URL: https://app.buddypunch.com/Account/Logon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.buddypunch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 19:40:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-42211102-1&cid=1408212254.1663270832&jid=608466931&_u=aEBAAEAAQAAAAC~&z=1826974782
Requested by
Host: app.buddypunch.com
URL: https://app.buddypunch.com/Account/Logon
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.buddypunch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 19:40:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-42211102-1&cid=1408212254.1663270832&jid=608466931&_u=aEBAAEAAQAAAAC~&z=1826974782
Requested by
Host: app.buddypunch.com
URL: https://app.buddypunch.com/Account/Logon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.buddypunch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 19:40:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
17513845.js
bat.bing.com/p/action/ 		1 KB
870 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/17513845.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
cf76bf2a7600bb2a58f8e5f16f29d11d520be8d60b513716985a448a29edc71c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.buddypunch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 48791A0F95454BDAAEF0A2C248BEFE27 Ref B: FRAEDGE1511 Ref C: 2022-09-15T19:40:32Z
x-powered-by
ARR/3.0
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private,max-age=60
date
Thu, 15 Sep 2022 19:40:32 GMT
content-length
667
17513845
www.clarity.ms/tag/uet/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/17513845
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/17513845.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1761 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
263c89bece8063daf2a77d1070eba38146125e0aeaed4cabc85a889bd7fe1ecb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.buddypunch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 19:40:32 GMT
x-powered-by
ASP.NET
x-azure-ref
0sH8jYwAAAAAGaDnGwtt8Qb16humMKBKKR1ZBMzBFREdFMDIxNAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
content-length
1639
expires
-1
jquery.mousewheel.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js
Requested by
Host: buddypunch-cdn.azureedge.net
URL: https://buddypunch-cdn.azureedge.net/dist/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.buddypunch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 19:40:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1994570
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1046
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-ad3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uifytca53d1jVXhZltGZnKyvoQ3d4l5Y5DMvsdWF4abg4KkkeKAAZIls8R%2F9rSPV18kmJC%2F5Ah0c%2FddVMOGxhNT7%2BlxV72s0XAjy2A1qQLQnsp7Il%2Bl%2FEXz0HqWHY2tPtCORKb7bzlnUvn5H6rlPIwxk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74b3d5b0ea3801f4-ZRH
expires
Tue, 05 Sep 2023 19:40:32 GMT
/
api.amplitude.com/ 		7 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.amplitude.com/
Requested by
Host: cdn.raygun.io
URL: https://cdn.raygun.io/raygun4js/raygun.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.96.37 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-96-37.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://app.buddypunch.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 15 Sep 2022 19:40:33 GMT
trace-id
Root=1-63237fb1-5ac17bad691b47e03ae0a912
content-length
7
strict-transport-security
max-age=15768000
access-control-allow-methods
GET, POST
content-type
text/html;charset=utf-8
anchor
www.google.com/recaptcha/api2/ Frame E9D6 		42 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfmfakZAAAAADnXIu_8rDEZOPL_0cBnc1tk4DRQ&co=aHR0cHM6Ly9hcHAuYnVkZHlwdW5jaC5jb206NDQz&hl=de&v=g8G8cw32bNQPGUVoDvt680GA&size=invisible&cb=bnvr2zrbbyuo
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
375c442ff481a6ef5cf3ac64b5902a225337d7deb5b3b4ae165e6544f8709a93
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8-X8B9BnOXfjYULdAR-Sqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.buddypunch.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22122
content-security-policy
script-src 'report-sample' 'nonce-8-X8B9BnOXfjYULdAR-Sqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 15 Sep 2022 19:40:32 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
0
bat.bing.com/action/ 		0
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=17513845&tm=gtm002&Ver=2&mid=a22dce0b-81e5-4072-8cb0-883ecb3099d2&sid=4306d100352e11ed8330090395c3dbc1&vid=43070520352e11ed8bf5cd304efc91dd&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Buddy%20Punch%20Login%20%7C%20Time%20Clock%20%26%20Scheduling%20Software&p=https%3A%2F%2Fapp.buddypunch.com%2FAccount%2FLogon&r=&lt=3249&evt=pageLoad&sv=1&rn=872372
Requested by
Host: app.buddypunch.com
URL: https://app.buddypunch.com/Account/Logon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.buddypunch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 893A185CD8B74AC295B789374B473178 Ref B: FRAEDGE1511 Ref C: 2022-09-15T19:40:32Z
date
Thu, 15 Sep 2022 19:40:32 GMT
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/ Frame E9D6 		52 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfmfakZAAAAADnXIu_8rDEZOPL_0cBnc1tk4DRQ&co=aHR0cHM6Ly9hcHAuYnVkZHlwdW5jaC5jb206NDQz&hl=de&v=g8G8cw32bNQPGUVoDvt680GA&size=invisible&cb=bnvr2zrbbyuo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:21:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22741
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24251
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 00:04:24 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Sep 2023 13:21:31 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/ Frame E9D6 		390 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfmfakZAAAAADnXIu_8rDEZOPL_0cBnc1tk4DRQ&co=aHR0cHM6Ly9hcHAuYnVkZHlwdW5jaC5jb206NDQz&hl=de&v=g8G8cw32bNQPGUVoDvt680GA&size=invisible&cb=bnvr2zrbbyuo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c1dbb67cd9021604a4b6e9b0685afa71ce51d3c50ca4b059c8af8a53491043f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 16:45:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10517
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
158665
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 00:04:24 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Sep 2023 16:45:15 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame E9D6 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 18:59:48 GMT
x-content-type-options
nosniff
age
175245
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 20 Sep 2022 18:59:48 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E9D6 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfmfakZAAAAADnXIu_8rDEZOPL_0cBnc1tk4DRQ&co=aHR0cHM6Ly9hcHAuYnVkZHlwdW5jaC5jb206NDQz&hl=de&v=g8G8cw32bNQPGUVoDvt680GA&size=invisible&cb=bnvr2zrbbyuo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 11:18:05 GMT
x-content-type-options
nosniff
age
202948
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 13 Sep 2023 11:18:05 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E9D6 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfmfakZAAAAADnXIu_8rDEZOPL_0cBnc1tk4DRQ&co=aHR0cHM6Ly9hcHAuYnVkZHlwdW5jaC5jb206NDQz&hl=de&v=g8G8cw32bNQPGUVoDvt680GA&size=invisible&cb=bnvr2zrbbyuo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 18:59:48 GMT
x-content-type-options
nosniff
age
175245
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 13 Sep 2023 18:59:48 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame E9D6 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=g8G8cw32bNQPGUVoDvt680GA
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfmfakZAAAAADnXIu_8rDEZOPL_0cBnc1tk4DRQ&co=aHR0cHM6Ly9hcHAuYnVkZHlwdW5jaC5jb206NDQz&hl=de&v=g8G8cw32bNQPGUVoDvt680GA&size=invisible&cb=bnvr2zrbbyuo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5ee23a368d4d73e542e0eb7edc3ae2f5fddc59b439cc0fb7a4cf6ff90cbc5fbd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfmfakZAAAAADnXIu_8rDEZOPL_0cBnc1tk4DRQ&co=aHR0cHM6Ly9hcHAuYnVkZHlwdW5jaC5jb206NDQz&hl=de&v=g8G8cw32bNQPGUVoDvt680GA&size=invisible&cb=bnvr2zrbbyuo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 19:40:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Thu, 15 Sep 2022 19:40:33 GMT
clarity.js
www.clarity.ms/eus2-e/s/0.6.40/ 		54 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus2-e/s/0.6.40/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/17513845
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1761 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
bbffae0d03e6d48b808856596e595ab718c08bbc4476e7323bfcff4a6f833260

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.buddypunch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 19:40:32 GMT
content-encoding
br
etag
"1d8bd4806fdad30"
last-modified
Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
x-azure-ref
0sX8jYwAAAAAu17OlSXs7RKkypQ8VOg8BR1ZBMzBFREdFMDIxNAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges
bytes
content-length
23442
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
reload
www.google.com/recaptcha/api2/ Frame E9D6 		32 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LfmfakZAAAAADnXIu_8rDEZOPL_0cBnc1tk4DRQ
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f901d53902dc28602285aba33dc1190c3239450d1b091b2275308c0bdf53b21d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfmfakZAAAAADnXIu_8rDEZOPL_0cBnc1tk4DRQ&co=aHR0cHM6Ly9hcHAuYnVkZHlwdW5jaC5jb206NDQz&hl=de&v=g8G8cw32bNQPGUVoDvt680GA&size=invisible&cb=bnvr2zrbbyuo
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Thu, 15 Sep 2022 19:40:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18451
x-xss-protection
1; mode=block
expires
Thu, 15 Sep 2022 19:40:33 GMT
nr-1216.min.js
js-agent.newrelic.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1216.min.js
Requested by
Host: app.buddypunch.com
URL: https://app.buddypunch.com/Account/Logon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.buddypunch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding
gzip
etag
"9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-request-id
PT1X3XEF2KF64GRE
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
14391
x-amz-id-2
rWr2JWGo0/hJJpCkOl46Jludz4/khIecVhbiRQQ0qpVwJVN5XkS3fA4iIlbnsr7DzvXsY648nRw=
x-served-by
cache-hhn4078-HHN
last-modified
Thu, 14 Apr 2022 16:45:57 GMT
server
AmazonS3
x-timer
S1663270834.957221,VS0,VE0
date
Thu, 15 Sep 2022 19:40:33 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
814
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=E92A99A0DEBC4FF98FE85D4AD00F9046&RedC=c.clarity.ms&MXFR=3623D46D04A463593FE0C64D00A46D57
  • https://c.clarity.ms/c.gif?CtsSyncId=E92A99A0DEBC4FF98FE85D4AD00F9046&MUID=1E41EAE54AAA6DE21CE2F8C54BC16C57
42 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=E92A99A0DEBC4FF98FE85D4AD00F9046&MUID=1E41EAE54AAA6DE21CE2F8C54BC16C57
Protocol
H2
Server
20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.buddypunch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 19:40:34 GMT
last-modified
Tue, 13 Sep 2022 19:54:52 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"8d3298b0aac7d81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 15 Sep 2022 19:40:33 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 55533334752A4F669AAD8FF0D94DAC8C Ref B: FRAEDGE1511 Ref C: 2022-09-15T19:40:34Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=E92A99A0DEBC4FF98FE85D4AD00F9046&MUID=1E41EAE54AAA6DE21CE2F8C54BC16C57
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
collect
k.clarity.ms/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://k.clarity.ms/collect
Requested by
Host: cdn.raygun.io
URL: https://cdn.raygun.io/raygun4js/raygun.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://app.buddypunch.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
https://app.buddypunch.com
date
Thu, 15 Sep 2022 19:40:34 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
0b38480901
bam.nr-data.net/1/ 		49 B
620 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/0b38480901?a=154044134&v=1216.487a282&to=NgZabEVSXEVVAUFfWQ9MdW50HHNVVw1AWEIiDFZMRVxeWlEQGnpZBgxW&rst=4468&ck=1&ref=https://app.buddypunch.com/Account/Logon&ap=11&be=1690&fe=4133&dc=3240&perf=%7B%22timing%22:%7B%22of%22:1663270829514,%22n%22:0,%22f%22:1530,%22dn%22:1530,%22dne%22:1530,%22c%22:1530,%22ce%22:1530,%22rq%22:1531,%22rp%22:1670,%22rpe%22:1671,%22dl%22:1672,%22di%22:3240,%22ds%22:3240,%22de%22:3249,%22dc%22:4132,%22l%22:4133,%22le%22:4137%7D,%22navigation%22:%7B%7D%7D&fp=2167&fcp=2167&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.buddypunch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 15 Sep 2022 19:40:34 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
access-control-allow-credentials
true
CF-Ray
74b3d5b8eff55c56-FRA

Verdicts & Comments Add Verdict or Comment

202 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| NREUM object| newrelic function| __nr_require string| RaygunObject function| rg4js object| WebFont object| dataLayer object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| growsumo function| getHighFidelityUAString function| raygunCoreWebVitalFactory function| raygunFactory function| raygunRumFactory string| raygunUserAgent object| raygunUserAgentData number| raygunUserAgentDataStatus object| TraceKit object| webVitals function| raygunUtilityFactory function| raygunErrorUtilitiesFactory function| raygunNetworkTrackingFactory function| raygunViewportFactory function| raygunBreadcrumbsFactory object| Raygun object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| amplitude object| recaptcha object| gaplugins object| google_optimize object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| UET function| UET_init function| UET_push object| ueto_930c64f79d object| uetq object| mUtil object| mApp function| mDropdown function| mHeader function| mMenu function| mOffcanvas function| mPortlet function| mQuicksearch function| mScrollTop function| mToggle function| mWizard object| mLayout object| mQuickSidebar function| saveAs boolean| DO_NOT_EXPORT_CODEPAGE boolean| DO_NOT_EXPORT_JSZIP object| XLSX object| XLS object| ODS function| _classCallCheck function| Table function| Row function| Cell function| Column function| $ function| jQuery function| Popper object| bootstrap function| Cookies function| moment function| wNumb object| zenscroll function| Tooltip boolean| mCustomScrollbar function| daterangepicker object| markdown object| toastr function| Color function| Chart function| Sweetalert2 function| swal function| sweetAlert object| mUtilElementDataStore number| mUtilElementDataStoreID object| mUtilDelegatedEventHandlers boolean| noZensmooth function| JSZip function| jsPDF function| tmp function| AcroForm function| ChoiceField function| ListBox function| ComboBox function| EditBox function| Button function| PushButton function| RadioButton function| CheckBox function| TextField function| PasswordField function| html2canvas function| PNG function| jspdf function| Vue object| dataTableReportConfig object| dataTableBaseConfig function| getReportDataTableConfig function| initDataTable function| initDataTableFromObject function| initActionsDataTable function| initInOutActivityDataTable function| initEditProfileTable function| initReportByDataTable function| initReportDataTable function| ptoAccrualRulesTable function| ptoPunchReportDataTable function| ptoDetailAccrualEntriesTable function| ptoSummaryTable function| initDeleteReportTable function| initDashboardTable function| initDashboardWidgetTables string| HOST_URL function| browserLocale function| zeroDecimalCurrencies function| calculateDisplayAmountFromCurrency function| init function| toggleElementsModalVisibility function| createPaymentIntent function| createSetupIntent function| getPublicKey function| create function| createElements function| stripePaymentHandler object| Login object| LoginPin undefined| initBPQuicksearch function| sendMessageClick function| showErrorAlertIfErrors function| Availability function| DashboardTimesheets function| GeofenceForm function| initPayrollsTable function| PendingApproval function| PTOAccrualPage function| PTOCalendar function| Schedule function| ShiftRequests function| Timecard function| AvailabilityService function| NotificationService function| PTOService function| PTOCalendarService function| ScheduleService function| ShiftRequestService function| TimecardService object| baseLoader object| bpUIBlock function| isHTML function| isMobileDevice function| parseTimestamp function| capitalizeFirstLetter function| generateLocDepText function| initRunExportTooltip function| DynamicTable function| getDefaultMap object| QRReader function| QrScanPage function| select2CustomMatch object| elementsModal function| FreezeTable object| _uf object| notNull undefined| user_id undefined| account_id undefined| member_id undefined| role undefined| email undefined| firstname undefined| lastname undefined| identify function| UtmCookie object| UtmForm object| closure_lm_420889 function| getTrafficSrcCookie object| trafficSrcCookie function| clarity

26 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AMifcdOHjQY_srvbqjPzjXJJdcO5l_8jNDKBK1FR11gNHQTXVtMegbmyqznDUfNn1sgC5OaQpKq_EKgRqmCNMIQ
app.buddypunch.com/ Name: OpenIdConnect.nonce.zKC8lankkxku8v0gtkcZoprYnyncLyx7Z5OmxuaLPsA%3D
Value: WHFYYzNUa2ZCY3dWb3dnMWV0SjBsdzV6blJ3VXFkdmlCMkRwQnUtVEdFMC1HUnFtUUVtZERiMmdIY0pqN2NsRXRXMFNTSzJsNDhGSEJVRy1SUUN1NVlmRDRyZ1R4U1JsUmpVdzNlbDVhUWR4X2x0akdKd2J0STNVVGtqajFKWTRjLUdCb1A0elMxTzZHODlzMmVteTgyZklGcjVEaFlqVlhMYmxLakF0ZUloREZlZEVUSVFJMkZidHAzNk9hTjRvYzZMbnNSaEJqV2pod1J1TVFLWkNfb2dXQ3F1WUNZTlBKT2JIRnZKRDZHMA%3D%3D
app.buddypunch.com/ Name: __RequestVerificationToken
Value: G-Bcc-LvlWlRr2WFTAbPpF30oqSBuYEJENIWCk22DUBE34aD-_U2Us5oEcWg314Pt3mGUX3-NrPOW7eg3U7y6WAau8WW8U8cBcehNJUUFWg1
.buddypunch.com/ Name: _gcl_au
Value: 1.1.371686322.1663270832
.buddypunch.com/ Name: _ga
Value: GA1.2.1408212254.1663270832
.buddypunch.com/ Name: _gid
Value: GA1.2.1480736834.1663270832
.buddypunch.com/ Name: _gat_UA-42211102-1
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.bing.com/ Name: MUID
Value: 1E41EAE54AAA6DE21CE2F8C54BC16C57
.buddypunch.com/ Name: amplitude_id_efea5b6f6ec3f66d4e5cc3bb54ca437ebuddypunch.com
Value: eyJkZXZpY2VJZCI6ImJkYWMzOTVmLWJmZGQtNDlhOC1iMTQxLTc2YjY4OWQwOTgyZVIiLCJ1c2VySWQiOm51bGwsIm9wdE91dCI6ZmFsc2UsInNlc3Npb25JZCI6MTY2MzI3MDgzMjI0NiwibGFzdEV2ZW50VGltZSI6MTY2MzI3MDgzMjc0NCwiZXZlbnRJZCI6MSwiaWRlbnRpZnlJZCI6MCwic2VxdWVuY2VOdW1iZXIiOjF9
.buddypunch.com/ Name: _uc_referrer
Value: direct
.buddypunch.com/ Name: _uc_last_referrer
Value: direct
.buddypunch.com/ Name: _uc_initial_landing_page
Value: https%3A//app.buddypunch.com/Account/Logon
.buddypunch.com/ Name: _uc_current_session
Value: true
.buddypunch.com/ Name: _uc_visits
Value: 1
.buddypunch.com/ Name: _uetsid
Value: 4306d100352e11ed8330090395c3dbc1
.buddypunch.com/ Name: _uetvid
Value: 43070520352e11ed8bf5cd304efc91dd
.buddypunch.com/ Name: traffic_src
Value: {"ga_gclid":"","ga_source":"(direct)","ga_medium":"(none)","ga_campaign":"","ga_content":"","ga_keyword":"","ga_landing_page":"https://app.buddypunch.com/Account/Logon"}
www.clarity.ms/ Name: CLID
Value: 4e528121e75c499096aaea4c85c4e22a.20220915.20230915
.buddypunch.com/ Name: _clck
Value: zpb6hk|1|f4w|0
.buddypunch.com/ Name: _clsk
Value: u81p6s|1663270834187|1|1|k.clarity.ms/collect
.c.bing.com/ Name: SRM_B
Value: 1E41EAE54AAA6DE21CE2F8C54BC16C57
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 1E41EAE54AAA6DE21CE2F8C54BC16C57
.c.clarity.ms/ Name: ANONCHK
Value: 0
.nr-data.net/ Name: JSESSIONID
Value: 3e7b918b49d2266f

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.amplitude.com
app.buddypunch.com
bam.nr-data.net
bat.bing.com
buddypunch-cdn.azureedge.net
c.bing.com
c.clarity.ms
cdn.amplitude.com
cdn.raygun.io
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
grsm.io
js-agent.newrelic.com
k.clarity.ms
partnerlinks.io
snippet.growsumo.com
stats.g.doubleclick.net
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
151.101.130.137
162.247.241.14
172.217.18.98
20.234.93.27
20.96.88.162
23.96.207.177
2600:9000:2490:b400:17:62f0:2dc0:93a1
2606:4700::6811:190e
2606:4700::6812:1f85
2606:4700::6812:246
2606:4700::6812:bd4
2620:1ec:27::cafe:1761
2620:1ec:46::45
2620:1ec:c11::200
2a00:1450:4001:801::2003
2a00:1450:4001:803::2004
2a00:1450:4001:809::2003
2a00:1450:4001:809::2008
2a00:1450:4001:80b::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2002
2a00:1450:4001:811::200e
2a00:1450:400c:c08::9d
2a00:1450:400e:80f::200a
34.208.96.37
52.222.206.6
0903d1d09c03eaba47e224999410e72bec488598210614a30fc2232cdce9b9aa
0be9c85966eeed0b1af9a530e56d8b0ba5cfe2c46d293f4c77b66ddbe9be3d5e
1b162c9d52ab50cf2ab8c70041ef700c221ff07cd529e7f727074c2fd9815090
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
263c89bece8063daf2a77d1070eba38146125e0aeaed4cabc85a889bd7fe1ecb
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
375c442ff481a6ef5cf3ac64b5902a225337d7deb5b3b4ae165e6544f8709a93
39fc8443f1d85eea30a49897f2b6de70ba8b8822e2ac9d53f85a1be8b8d13f35
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40ce6f40eb905064b3fac270bffb4fca30fb92533e968b4c2f4162974a1ad3d0
498b420c77ee388404c8b47f2d05e4b095d93c12c612e8230dc1281822de8e1a
4c1dbb67cd9021604a4b6e9b0685afa71ce51d3c50ca4b059c8af8a53491043f
583bc953dfe09505fa01072242c6e6fdb4154dcbb1c663bf96a4bda31c7e3213
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ee23a368d4d73e542e0eb7edc3ae2f5fddc59b439cc0fb7a4cf6ff90cbc5fbd
61c357eae9472720352a396c4ec551d70a0d9509c19bf59a8b7778925fc8965c
672c06ecc22211e9e8b8e20f83271a52d81945d1eb9f5b8d2886eb59bbdc7d49
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
80055eb64ff2e667488388b3c108966f6a1f08350ee3ef462f0f620363a3ca1d
81e65715305d74f8825c6988aa8191ec2eadfd32f0c34adcf3398484b938f09b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99deeb81f5121325af94e5aa703752a5e03ac4ae9904717c0b269094ed296cc2
9cb093ebe058d7f686178d73557847c509534793ce42f7092f4a7cf9d7b5eea2
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a28396880470a28e0525bdc0ea326ffb811de7de13662d02f7530dbbe3f12d90
a6f8280edf761b4e544fcd923b65acfe9bfb92f0a1a8a733ce621549973f2bdf
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b3389bd03b7055602b862c8eed3dc61d9d36a921b223d3dd7c67c2bd6b4d45b8
b63cb9e94ffd80456720d6bf53a2cacdd57c6e05bd01a7e212e2741b1cde8f8b
bb3b439d69ef2a6d553357d9e068982e06a780a031d1a708e20620e573e03383
bbffae0d03e6d48b808856596e595ab718c08bbc4476e7323bfcff4a6f833260
c5a28f221720bef2396de8f1113568e75fd2cb28c76ffb3efe31d4d28a26bdee
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cf76bf2a7600bb2a58f8e5f16f29d11d520be8d60b513716985a448a29edc71c
d382aea88f9c3cc757f203991c78e496d075e3fd25c6b89ce0bcd082cf7a730c
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
debea4a1159831cfe60c2d258a8947c67234a34a6b2f097d2df27e4b693b0a81
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7751cab980d27f82d89dc61e90b60a815bc5861959a2b284f054914fcaa0881
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4df545cd86e9316910df9368a76027c76c78cf355df2a6a20d68b6dee2ccc67
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f901d53902dc28602285aba33dc1190c3239450d1b091b2275308c0bdf53b21d