urlscan.io logo urlscan.io
SecurityTrails logo

dashboard2.hiddenapp.dev Open in urlscan Pro
2606:4700:3031::6815:5e2e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://dashboard2.hiddenapp.dev/
Effective URL: https://dashboard2.hiddenapp.dev/account/login/?next=/
Submission: On March 16 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 1 countries across 14 domains to perform 35 HTTP transactions. The main IP is 2606:4700:3031::6815:5e2e, located in United States and belongs to CLOUDFLARENET, US. The main domain is dashboard2.hiddenapp.dev.
TLS certificate: Issued by E1 on March 2nd 2024. Valid for: 3 months.
This is the only time dashboard2.hiddenapp.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 2606:4700:303... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 6 2606:4700::68... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 35.186.235.23 15169 (GOOGLE)
2 2620:1ec:46::38 8075 (MICROSOFT...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
8 2607:f8b0:400... 15169 (GOOGLE)
2 104.45.184.134 8075 (MICROSOFT...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 20.125.209.212 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 130.211.34.183 ()
35 16
7    2606:4700:3031::6815:5e2e (United States)

ASN13335 (CLOUDFLARENET, US)
dashboard2.hiddenapp.dev
1    2607:f8b0:4004:c08::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6812:109b (United States)

ASN13335 (CLOUDFLARENET, US)
js.userpilot.io
2    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
6    2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    2607:f8b0:4004:c1f::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    35.186.235.23 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 23.235.186.35.bc.googleusercontent.com
cdn4.mxpnl.com
2    2620:1ec:46::38 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    2607:f8b0:4004:c1b::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700::6812:119b (United States)

ASN13335 (CLOUDFLARENET, US)
find.userpilot.io
8    2607:f8b0:4004:c1b::66 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    104.45.184.134 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
a.clarity.ms
1    2607:f8b0:4004:c09::9c (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2606:4700:20::ac43:46a7 (United States)

ASN13335 (CLOUDFLARENET, US)
resources-app.encharge.io
2    20.125.209.212 (Chicago, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    130.211.34.183 (None, )

ASN- ()
api-js.mixpanel.com
Apex Domain
Subdomains		 Transfer
8 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
22 KB
7 hiddenapp.dev
dashboard2.hiddenapp.dev
353 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 753
a.clarity.ms — Cisco Umbrella Rank: 6050
c.clarity.ms — Cisco Umbrella Rank: 1385
28 KB
6 unpkg.com
unpkg.com — Cisco Umbrella Rank: 757
17 KB
3 userpilot.io
js.userpilot.io — Cisco Umbrella Rank: 21548
find.userpilot.io — Cisco Umbrella Rank: 25830
243 KB
2 mixpanel.com
api-js.mixpanel.com
508 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
165 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 253
34 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 247
763 B
1 encharge.io
resources-app.encharge.io — Cisco Umbrella Rank: 347884
25 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 90
352 B
1 gstatic.com
fonts.gstatic.com
15 KB
1 mxpnl.com
cdn4.mxpnl.com — Cisco Umbrella Rank: 13720
19 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 38
1 KB
35 14
Domain Requested by
8 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
7 dashboard2.hiddenapp.dev 1 redirects dashboard2.hiddenapp.dev
6 unpkg.com 4 redirects dashboard2.hiddenapp.dev
2 api-js.mixpanel.com cdn4.mxpnl.com
2 c.clarity.ms 1 redirects
2 a.clarity.ms www.clarity.ms
2 www.clarity.ms dashboard2.hiddenapp.dev
www.clarity.ms
2 www.googletagmanager.com dashboard2.hiddenapp.dev
www.google-analytics.com
2 cdnjs.cloudflare.com dashboard2.hiddenapp.dev
2 js.userpilot.io dashboard2.hiddenapp.dev
js.userpilot.io
1 c.bing.com 1 redirects
1 resources-app.encharge.io dashboard2.hiddenapp.dev
1 stats.g.doubleclick.net www.google-analytics.com
1 find.userpilot.io js.userpilot.io
1 fonts.gstatic.com fonts.googleapis.com
1 cdn4.mxpnl.com dashboard2.hiddenapp.dev
1 fonts.googleapis.com dashboard2.hiddenapp.dev
35 17

This site contains links to these domains. Also see Links.

Domain
hiddenapp.com
help.hiddenapp.com
Subject Issuer Validity Valid
hiddenapp.dev
E1		 2024-03-02 -
2024-05-31		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
userpilot.io
GTS CA 1P5		 2024-01-20 -
2024-04-19		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.mxpnl.com
GeoTrust TLS RSA CA G1		 2023-07-12 -
2024-08-11		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 01		 2024-01-14 -
2024-06-27		 5 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.mixpanel.com
GeoTrust TLS RSA CA G1		 2024-02-08 -
2025-03-10		 a year crt.sh

This page contains 1 frames:

Primary Page: https://dashboard2.hiddenapp.dev/account/login/?next=/
Frame ID: 80120EECB5B8337B9C8E005E2DE90651
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

HiddenApp - Dashboard Login

Page URL History Show full URLs

  1. https://dashboard2.hiddenapp.dev/ HTTP 302
    https://dashboard2.hiddenapp.dev/account/login/?next=/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

35
Requests

91 %
HTTPS

76 %
IPv6

14
Domains

17
Subdomains

16
IPs

1
Countries

917 kB
Transfer

2413 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://dashboard2.hiddenapp.dev/ HTTP 302
    https://dashboard2.hiddenapp.dev/account/login/?next=/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://unpkg.com/@popperjs/core@2 HTTP 302
  • https://unpkg.com/@popperjs/core@2.11.8 HTTP 302
  • https://unpkg.com/@popperjs/core@2.11.8/dist/umd/popper.min.js
Request Chain 6
  • https://unpkg.com/tippy.js@6 HTTP 302
  • https://unpkg.com/tippy.js@6.3.7 HTTP 302
  • https://unpkg.com/tippy.js@6.3.7/dist/tippy-bundle.umd.min.js
Request Chain 24
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=26D95405F3F84FDF9654ABDCD5DF381F&RedC=c.clarity.ms&MXFR=286B08A0CEEB60BD01021CE4CAEB6EB0 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=26D95405F3F84FDF9654ABDCD5DF381F&MUID=1BD883D0B16768492ADC9794B0D96915

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
dashboard2.hiddenapp.dev/account/login/
Redirect Chain
  • https://dashboard2.hiddenapp.dev/
  • https://dashboard2.hiddenapp.dev/account/login/?next=/
25 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dashboard2.hiddenapp.dev/account/login/?next=/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5e2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc469dadad8ef470c81989bcb2bdb9e8e608448ff0d543f6b56b38ec5bc569c5
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https: https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js https://www.googletagmanager.com/gtm.js https://www.google-analytics.com/analytics.js https://widget.intercom.io https://js.intercomcdn.com https://connect.facebook.net/en_US/fbevents.js https://connect.facebook.net/signals/config/1875604675787476 https://fullstory.com/ https://edge.fullstory.com/s/fs.js https://trackcmp.net/visit https://app-worker.visitor-analytics.io/main.js https://cdn4.mxpnl.com/libs/mixpanel-2-latest.min.js https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js https://cdn.tooltip.io/static/player.js https://cdnjs.cloudflare.com/ajax/libs/list.js/1.5.0/list.min.js js.braintreegateway.com assets.braintreegateway.com songbirdstag.cardinalcommerce.com songbird.cardinalcommerce.com www.paypalobjects.com *.paypal.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io https://api-js.mixpanel.com https://data.gist.com; style-src 'self' 'unsafe-inline' https: fonts.googleapis.com https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css; font-src 'self' data: https: fonts.gstatic.com https://js.intercomcdn.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io https://*.google.com/; style-src-elem 'self' 'unsafe-inline' https: fonts.googleapis.com https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css; connect-src 'self' https: https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://nexus-long-poller-a.intercom.io https://nexus-long-poller-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://rs.fullstory.com/rec/page https://rs.fullstory.com/rec/bundle https://app-loadbalancer.visitor-analytics.io/standalone/worker-log https://sa-api.visitor-analytics.io https://www.facebook.com/tr/ api.sandbox.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com api.braintreegateway.com client-analytics.braintreegateway.com *.cardinalcommerce.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com https://*.typeform.com wss://api.userpilot.io wss://chat.convertfox.com; img-src 'self' data: blob: https: https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com www.googletagmanager.com assets.braintreegateway.com checkout.paypal.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io; frame-src *.paypal.com assets.braintreegateway.com *.cardinalcommerce.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io https://*.typeform.com https://*.getbeamer.com https://*.google.com/; form-action 'self' https://intercom.help https://api-iam.intercom.io *.cardinalcommerce.com; media-src 'self' https: https://js.intercomcdn.com; script-src-elem * 'self' 'unsafe-inline' 'unsafe-eval' https: https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js https://www.googletagmanager.com/gtm.js https://www.google-analytics.com/analytics.js https://widget.intercom.io https://js.intercomcdn.com https://connect.facebook.net/en_US/fbevents.js https://connect.facebook.net/signals/config/1875604675787476 https://fullstory.com/ https://edge.fullstory.com/s/fs.js https://trackcmp.net/visit https://app-worker.visitor-analytics.io/main.js https://cdn4.mxpnl.com/libs/mixpanel-2-latest.min.js https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js https://cdn.tooltip.io/static/player.js https://cdnjs.cloudflare.com/ajax/libs/list.js/1.5.0/list.min.js js.braintreegateway.com assets.braintreegateway.com songbirdstag.cardinalcommerce.com songbird.cardinalcommerce.com www.paypalobjects.com *.paypal.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io https://api-js.mixpanel.com https://data.gist.com; child-src 'self' https: https://share.intercom.io https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net assets.braintreegateway.com *.paypal.com
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

allow
GET, POST, HEAD, PUT, DELETE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, no-cache, no-store, must-revalidate, private
cf-cache-status
DYNAMIC
cf-ray
8655405c1f79da9b-MIA
content-encoding
br
content-language
en
content-security-policy
default-src 'self'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https: https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js https://www.googletagmanager.com/gtm.js https://www.google-analytics.com/analytics.js https://widget.intercom.io https://js.intercomcdn.com https://connect.facebook.net/en_US/fbevents.js https://connect.facebook.net/signals/config/1875604675787476 https://fullstory.com/ https://edge.fullstory.com/s/fs.js https://trackcmp.net/visit https://app-worker.visitor-analytics.io/main.js https://cdn4.mxpnl.com/libs/mixpanel-2-latest.min.js https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js https://cdn.tooltip.io/static/player.js https://cdnjs.cloudflare.com/ajax/libs/list.js/1.5.0/list.min.js js.braintreegateway.com assets.braintreegateway.com songbirdstag.cardinalcommerce.com songbird.cardinalcommerce.com www.paypalobjects.com *.paypal.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io https://api-js.mixpanel.com https://data.gist.com; style-src 'self' 'unsafe-inline' https: fonts.googleapis.com https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css; font-src 'self' data: https: fonts.gstatic.com https://js.intercomcdn.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io https://*.google.com/; style-src-elem 'self' 'unsafe-inline' https: fonts.googleapis.com https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css; connect-src 'self' https: https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://nexus-long-poller-a.intercom.io https://nexus-long-poller-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://rs.fullstory.com/rec/page https://rs.fullstory.com/rec/bundle https://app-loadbalancer.visitor-analytics.io/standalone/worker-log https://sa-api.visitor-analytics.io https://www.facebook.com/tr/ api.sandbox.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com api.braintreegateway.com client-analytics.braintreegateway.com *.cardinalcommerce.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com https://*.typeform.com wss://api.userpilot.io wss://chat.convertfox.com; img-src 'self' data: blob: https: https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com www.googletagmanager.com assets.braintreegateway.com checkout.paypal.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io; frame-src *.paypal.com assets.braintreegateway.com *.cardinalcommerce.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io https://*.typeform.com https://*.getbeamer.com https://*.google.com/; form-action 'self' https://intercom.help https://api-iam.intercom.io *.cardinalcommerce.com; media-src 'self' https: https://js.intercomcdn.com; script-src-elem * 'self' 'unsafe-inline' 'unsafe-eval' https: https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js https://www.googletagmanager.com/gtm.js https://www.google-analytics.com/analytics.js https://widget.intercom.io https://js.intercomcdn.com https://connect.facebook.net/en_US/fbevents.js https://connect.facebook.net/signals/config/1875604675787476 https://fullstory.com/ https://edge.fullstory.com/s/fs.js https://trackcmp.net/visit https://app-worker.visitor-analytics.io/main.js https://cdn4.mxpnl.com/libs/mixpanel-2-latest.min.js https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js https://cdn.tooltip.io/static/player.js https://cdnjs.cloudflare.com/ajax/libs/list.js/1.5.0/list.min.js js.braintreegateway.com assets.braintreegateway.com songbirdstag.cardinalcommerce.com songbird.cardinalcommerce.com www.paypalobjects.com *.paypal.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io https://api-js.mixpanel.com https://data.gist.com; child-src 'self' https: https://share.intercom.io https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net assets.braintreegateway.com *.paypal.com
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
date
Sat, 16 Mar 2024 13:57:16 GMT
expires
Sat, 16 Mar 2024 13:57:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7oHSVPqYDtHgVrB93TTMSPJTHg9sOizk37fnZXZS%2B0Y5MAvK9GkxgEBh%2Bvy9vFLdItBSciiEi1a3EhpLmIvjhTNdNA%2BibC0aRx1Yip2DMKKC%2FBzGsP06l8aLOMMhIp7nXacGFubyazg1ZZ7JXB3yQKCP7z%2FwIBY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=2592000
vary
Accept-Encoding Cookie, Accept-Language, origin
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

allow
GET, POST, HEAD, PUT, DELETE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8655405add91da9b-MIA
content-language
en
content-security-policy
default-src 'self'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https: https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js https://www.googletagmanager.com/gtm.js https://www.google-analytics.com/analytics.js https://widget.intercom.io https://js.intercomcdn.com https://connect.facebook.net/en_US/fbevents.js https://connect.facebook.net/signals/config/1875604675787476 https://fullstory.com/ https://edge.fullstory.com/s/fs.js https://trackcmp.net/visit https://app-worker.visitor-analytics.io/main.js https://cdn4.mxpnl.com/libs/mixpanel-2-latest.min.js https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js https://cdn.tooltip.io/static/player.js https://cdnjs.cloudflare.com/ajax/libs/list.js/1.5.0/list.min.js js.braintreegateway.com assets.braintreegateway.com songbirdstag.cardinalcommerce.com songbird.cardinalcommerce.com www.paypalobjects.com *.paypal.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io https://api-js.mixpanel.com https://data.gist.com; style-src 'self' 'unsafe-inline' https: fonts.googleapis.com https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css; font-src 'self' data: https: fonts.gstatic.com https://js.intercomcdn.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io https://*.google.com/; style-src-elem 'self' 'unsafe-inline' https: fonts.googleapis.com https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css; connect-src 'self' https: https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://nexus-long-poller-a.intercom.io https://nexus-long-poller-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://rs.fullstory.com/rec/page https://rs.fullstory.com/rec/bundle https://app-loadbalancer.visitor-analytics.io/standalone/worker-log https://sa-api.visitor-analytics.io https://www.facebook.com/tr/ api.sandbox.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com api.braintreegateway.com client-analytics.braintreegateway.com *.cardinalcommerce.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com https://*.typeform.com wss://api.userpilot.io wss://chat.convertfox.com; img-src 'self' data: blob: https: https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com www.googletagmanager.com assets.braintreegateway.com checkout.paypal.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io; frame-src *.paypal.com assets.braintreegateway.com *.cardinalcommerce.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io https://*.typeform.com https://*.getbeamer.com https://*.google.com/; form-action 'self' https://intercom.help https://api-iam.intercom.io *.cardinalcommerce.com; media-src 'self' https: https://js.intercomcdn.com; script-src-elem * 'self' 'unsafe-inline' 'unsafe-eval' https: https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js https://www.googletagmanager.com/gtm.js https://www.google-analytics.com/analytics.js https://widget.intercom.io https://js.intercomcdn.com https://connect.facebook.net/en_US/fbevents.js https://connect.facebook.net/signals/config/1875604675787476 https://fullstory.com/ https://edge.fullstory.com/s/fs.js https://trackcmp.net/visit https://app-worker.visitor-analytics.io/main.js https://cdn4.mxpnl.com/libs/mixpanel-2-latest.min.js https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js https://cdn.tooltip.io/static/player.js https://cdnjs.cloudflare.com/ajax/libs/list.js/1.5.0/list.min.js js.braintreegateway.com assets.braintreegateway.com songbirdstag.cardinalcommerce.com songbird.cardinalcommerce.com www.paypalobjects.com *.paypal.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io https://api-js.mixpanel.com https://data.gist.com; child-src 'self' https: https://share.intercom.io https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net assets.braintreegateway.com *.paypal.com
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
date
Sat, 16 Mar 2024 13:57:16 GMT
location
/account/login/?next=/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zCxAu9oAjv3cKzNCJabP9oIN2l6kf4f32p3VMQyp86%2BY5NIIXqN7cXD6gy3dfCMa5qM%2BCFenafO7q9Bn77RlRmiLf1R9J4JPjKjl4X8QQcZ7aACv31XGbuC%2BD3Za2f7P1lofpNzNMGPGnr9l2LkRDXOGHP36jlM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=2592000
vary
Accept-Language, Cookie, origin
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700,900&display=swap
Requested by
Host: dashboard2.hiddenapp.dev
URL: https://dashboard2.hiddenapp.dev/account/login/?next=/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9215ab17d5bb95365fda0ddf670b851bdf468f5cd802812639f7ec416f702513
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 16 Mar 2024 13:57:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 16 Mar 2024 13:51:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 16 Mar 2024 13:57:17 GMT
common.min.css
dashboard2.hiddenapp.dev/static/css/ 		112 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dashboard2.hiddenapp.dev/static/css/common.min.css
Requested by
Host: dashboard2.hiddenapp.dev
URL: https://dashboard2.hiddenapp.dev/account/login/?next=/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5e2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80c9c8f74b72fd8553775aed53bb86f85577afa782eca52d443af58ab95fb151
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dashboard2.hiddenapp.dev/account/login/?next=/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 13:57:17 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 24 Nov 2023 10:17:19 GMT
server
cloudflare
etag
W/"6560782f-1c043"
allow
GET, POST, HEAD, PUT, DELETE, OPTIONS, PATCH
vary
Accept-Encoding
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MvSn6nxfeNRfr0MGcrgYPGGDC6pYBNmAzNpiHKaLuDeMMDUeUkSBNU4KDm3zZH2HnkGM5QybJfrAALfCpFd3JdwX%2FDCnHq6UsbjSD6FBXYJLg8efwnrFkFfoqFaPYyonTABPqgHVDFw7P3MAtuEOgQyJD3JxdNE%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8655405d5ca07439-MIA
latest.js
js.userpilot.io/sdk/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.userpilot.io/sdk/latest.js
Requested by
Host: dashboard2.hiddenapp.dev
URL: https://dashboard2.hiddenapp.dev/account/login/?next=/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:109b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44bd100929241218de0189d96aca5496da8fb259ebd09454d868adcd653cf0da
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 13:57:17 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
x-amz-request-id
MDHYFZ3QDF1PVVCW
age
35
x-amz-server-side-encryption
AES256
x-amz-id-2
IoQwpnI7CKxGcTGeJGkLd5SVbqRWT8pfh6oYi72RvzekcqwV9n5CCvrVWLfopI62DDwZk12F94mUQ8k8eT5h8Q==
cf-bgj
minify
last-modified
Wed, 13 Mar 2024 13:25:51 GMT
server
cloudflare
etag
W/"b1741ce726aeaac56ac2e305beb41f5d"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=120
cf-ray
8655405e2ce1336a-MIA
HiddenAppLogo_white.svg
dashboard2.hiddenapp.dev/static/images/dashboard/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dashboard2.hiddenapp.dev/static/images/dashboard/HiddenAppLogo_white.svg
Requested by
Host: dashboard2.hiddenapp.dev
URL: https://dashboard2.hiddenapp.dev/account/login/?next=/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5e2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e809b8052160827914e0d7f920863070f3adb20849212b60ae45f6b2de47905a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dashboard2.hiddenapp.dev/account/login/?next=/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 13:57:17 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Mon, 17 Jul 2023 19:12:49 GMT
server
cloudflare
etag
W/"64b592b1-13ea"
allow
GET, POST, HEAD, PUT, DELETE, OPTIONS, PATCH
vary
Accept-Encoding
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nVmXBfM0x17AqmpQRqMBC5YpV5Mbr1TWMP8%2B8HjYQar1c%2FHuXDPDHlLFgR2itpB%2Fwr2PxUiwRNy4vp%2F4TS6g27f7w9UdPaXpTQGQaVDBZr4vShoYjOIvUyr%2BhphbtwbCkVNuTjrnJC%2Bz7w6FOMiB7sn64hY11tY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8655405d5ca17439-MIA
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/ 		88 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/jquery.min.js
Requested by
Host: dashboard2.hiddenapp.dev
URL: https://dashboard2.hiddenapp.dev/account/login/?next=/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 13:57:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
411308
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27990
last-modified
Fri, 26 Aug 2022 18:34:13 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"63091225-6d56"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ofky1qBtOEIYEIGrIVdZWNZY2benNVwQOKNuzUFeOCNNCTYFU8rYFlnv4ziFttPah1OB3O7I66laNc4fQwRWiMEJhbJgC%2B7LMH28lqSvjjoDmZvqMSPVWzXyDTT1HbEvuAuP%2BqlJgSaO7WJV0VSetXn0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8655405deebc743e-MIA
expires
Thu, 06 Mar 2025 13:57:17 GMT
popper.min.js
unpkg.com/@popperjs/core@2.11.8/dist/umd/
Redirect Chain
  • https://unpkg.com/@popperjs/core@2
  • https://unpkg.com/@popperjs/core@2.11.8
  • https://unpkg.com/@popperjs/core@2.11.8/dist/umd/popper.min.js
20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/@popperjs/core@2.11.8/dist/umd/popper.min.js
Requested by
Host: dashboard2.hiddenapp.dev
URL: https://dashboard2.hiddenapp.dev/account/login/?next=/
Protocol
H2
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c212f4b505a86352aed62b24a8f16f999f821ecbe6456c7f3c8a04bc87968782
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 13:57:17 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1541363
last-modified
Fri, 26 May 2023 17:27:16 GMT
fly-request-id
01HQNTW88SDHD318G43JC6GMM6-mia
server
cloudflare
etag
W/"4e9a-hx1u8QcL02PqOQ4MjDhOR9zn84k"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8655405f2aa12887-MIA

Redirect headers

date
Sat, 16 Mar 2024 13:57:17 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01HQP4YR4DABZGE4A6AXBXQT2V-mia
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1530795
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/@popperjs/core@2.11.8/dist/umd/popper.min.js
cache-control
public, max-age=31536000
cf-ray
8655405eda602887-MIA
tippy-bundle.umd.min.js
unpkg.com/tippy.js@6.3.7/dist/
Redirect Chain
  • https://unpkg.com/tippy.js@6
  • https://unpkg.com/tippy.js@6.3.7
  • https://unpkg.com/tippy.js@6.3.7/dist/tippy-bundle.umd.min.js
25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/tippy.js@6.3.7/dist/tippy-bundle.umd.min.js
Requested by
Host: dashboard2.hiddenapp.dev
URL: https://dashboard2.hiddenapp.dev/account/login/?next=/
Protocol
H2
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f0fe70eb26ccf28f6887a192e29d38dd7ef7c2f079a73304ad42ddc7bed37de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 13:57:17 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1541363
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HQNTW87E8JZGYAVB4XEC6KQT-mia
server
cloudflare
etag
W/"6475-GJFZFDM34LwIzjC4uKWaXpNTNf4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8655405f2aa22887-MIA

Redirect headers

date
Sat, 16 Mar 2024 13:57:17 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01HQNPSTCF65733MXZ68CT3DYR-mia
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1545637
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/tippy.js@6.3.7/dist/tippy-bundle.umd.min.js
cache-control
public, max-age=31536000
cf-ray
8655405eea622887-MIA
list.min.js
cdnjs.cloudflare.com/ajax/libs/list.js/1.5.0/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/list.js/1.5.0/list.min.js
Requested by
Host: dashboard2.hiddenapp.dev
URL: https://dashboard2.hiddenapp.dev/account/login/?next=/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62a388a7833280dc7dfe5716af9969711f3c2a2fcc34c5af249907d1e2be7c73
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 13:57:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
412258
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5556
last-modified
Mon, 04 May 2020 16:12:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ed2-46b5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lgWSldsiP9%2BW19VQ55CCZlNEJ44rAoabrXbYEJNYqPRF%2BnSWuZO9EGE7MKnvHWwVq56ciKpgeWankJH567VV6CCdWjK%2BPEvIm3kZ3DDdBCB%2B2QWWpQ2w2GKsooIfgGWGNo1zgqfq5MWM16RKk1%2F%2Fr6ik"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8655405ebfb5743e-MIA
expires
Thu, 06 Mar 2025 13:57:17 GMT
common.min.js
dashboard2.hiddenapp.dev/static/js/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard2.hiddenapp.dev/static/js/common.min.js
Requested by
Host: dashboard2.hiddenapp.dev
URL: https://dashboard2.hiddenapp.dev/account/login/?next=/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5e2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0a99fef5ee4ab82df9039e8aa6a5baa3499b1fcb435b4f3c454f84a141e4ff9
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dashboard2.hiddenapp.dev/account/login/?next=/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 13:57:17 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 05 Dec 2023 18:48:38 GMT
server
cloudflare
etag
W/"656f7086-427b"
allow
GET, POST, HEAD, PUT, DELETE, OPTIONS, PATCH
vary
Accept-Encoding
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fp3qPT2iYVLr%2F2GLyovdLDH18txKYtT33w5BqanMIY6v6Q%2BGyR7p5GCDusTFtnU3sWFgtBOR6vhVKYA4OIDxN5%2FL6IpcYkaU2rDoXuRjP4lZJEbDuB30r77BrA2B3qvdypeVFvNfmgUMRSIceplsw1KiBYtZxkY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8655405ebe997439-MIA
gtm.js
www.googletagmanager.com/ 		231 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W84C835
Requested by
Host: dashboard2.hiddenapp.dev
URL: https://dashboard2.hiddenapp.dev/account/login/?next=/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b685ed4d27f17415c9e631de5a07e66d8b546641b11850ae1d3e1387891040a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 13:57:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
82152
x-xss-protection
0
last-modified
Sat, 16 Mar 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 16 Mar 2024 13:57:17 GMT
mixpanel-2-latest.min.js
cdn4.mxpnl.com/libs/ 		54 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn4.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by
Host: dashboard2.hiddenapp.dev
URL: https://dashboard2.hiddenapp.dev/account/login/?next=/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.235.23 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
23.235.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7c690a6ebb2eef51e8ccc66161b02197c22f388f1fc23c89e0f5c7b70e1eac50

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 13:56:56 GMT
content-encoding
gzip
age
21
x-guploader-uploadid
ABPtcPpboERhPw3P2byRZ55DIIg7rj_VIRZ3CWX2HjVAjYky_MHYGEN3sk0FTvkSFwFm99ew-1pR9iCD0w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18490
last-modified
Tue, 06 Feb 2024 00:09:36 GMT
server
UploadServer
etag
"eb0675a8749ea5d76345796217db928f"
vary
Accept-Encoding
x-goog-generation
1707178176338436
x-goog-hash
crc32c=fWmQwA==, md5=6wZ1qHSepddjRXliF9uSjw==
access-control-allow-origin
*
content-type
text/javascript
cache-control
public,max-age=600
x-goog-stored-content-length
18490
accept-ranges
bytes
expires
Sat, 16 Mar 2024 14:06:56 GMT
981merjh80
www.clarity.ms/tag/ 		650 B
1015 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/981merjh80
Requested by
Host: dashboard2.hiddenapp.dev
URL: https://dashboard2.hiddenapp.dev/account/login/?next=/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6db990de042b987ce4d0a1be6d23f63421e20933ed78eea94895554eaa1d0210

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires
-1
date
Sat, 16 Mar 2024 13:57:17 GMT
x-azure-ref
20240316T135717Z-md5pvdkp9d2tbcvzbmyegesqr400000006cg00000000dyfw
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
650
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
app.js
js.userpilot.io/sdk/version/1.464/ 		1 MB
241 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.userpilot.io/sdk/version/1.464/app.js
Requested by
Host: js.userpilot.io
URL: https://js.userpilot.io/sdk/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:109b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a81e72cf0ce1d5a4029abb0ea218849a139f4467a1b20b0909bf000f7b81c3b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 13:57:17 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
x-amz-request-id
MDHZV4XFAPT5X8HG
age
1882
x-amz-server-side-encryption
AES256
x-amz-id-2
i9Z9xTO9/A3FPfuvfbLYI32CSeSKYcgrrraiSNG9CJmt0u0CfkSUdAKzITO3tM2URlaqMIu8gmVB5WEJSueTQA==
cf-bgj
minify
last-modified
Wed, 13 Mar 2024 13:25:48 GMT
server
cloudflare
etag
W/"872f442d53c1c1854d88b2780e3f81af"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=86400
cf-ray
8655405ebdcf336a-MIA
Poppins-Black.ttf
dashboard2.hiddenapp.dev/static/fonts/Poppins/ 		148 KB
148 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dashboard2.hiddenapp.dev/static/fonts/Poppins/Poppins-Black.ttf
Requested by
Host: dashboard2.hiddenapp.dev
URL: https://dashboard2.hiddenapp.dev/static/css/common.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5e2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2f1bccca460a96af91705a6fc73b1c1e74f49292446f7bc44991af3a1546194
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dashboard2.hiddenapp.dev/static/css/common.min.css
Origin
https://dashboard2.hiddenapp.dev
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 13:57:17 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
151340
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Mon, 17 Jul 2023 19:12:49 GMT
server
cloudflare
etag
"64b592b1-24f2c"
allow
GET, POST, HEAD, PUT, DELETE, OPTIONS, PATCH
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O7jQj6OPn%2B9TnFFDGIyTQxrHEcI52xRpSuUuwJyYAlOE991ACdgjV6C%2B1qFuy%2FDf1SJiSLT90vmOWJWFZ0u7yG5jyiFXkjrBLFdugn%2Fc0skx3Fl6c6HD8Hs9GDahRR0pzX0vF1A7ORTuhNqdKKzkmYecwnpNb1I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
8655405eceae7439-MIA
Poppins-Regular.ttf
dashboard2.hiddenapp.dev/static/fonts/Poppins/ 		154 KB
155 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dashboard2.hiddenapp.dev/static/fonts/Poppins/Poppins-Regular.ttf
Requested by
Host: dashboard2.hiddenapp.dev
URL: https://dashboard2.hiddenapp.dev/static/css/common.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5e2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78f127277756ae464f4eb665ce214cb6315746f6f4193e95b31f18f4b3e97527
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dashboard2.hiddenapp.dev/static/css/common.min.css
Origin
https://dashboard2.hiddenapp.dev
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 13:57:17 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
158192
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Mon, 17 Jul 2023 19:12:49 GMT
server
cloudflare
etag
"64b592b1-269f0"
allow
GET, POST, HEAD, PUT, DELETE, OPTIONS, PATCH
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RR30u%2FYmoBa7JkJ0n%2BJfTqOuioajxreuNOOE5OdJbvT9Gu9rLYCpzlLxw8YUQz9NqIGGQah0mwTNFVKcrk6yPHS0RC0AwJx0THfAGpElVwpMqrNIgmhKhk1ukpX0iZ%2FFLcd6J4b2T%2Fn71RBZTjBeN%2BAmO3vnrXU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
8655405eceb07439-MIA
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dashboard2.hiddenapp.dev
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 20:46:30 GMT
x-content-type-options
nosniff
age
234647
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14712
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Mar 2025 20:46:30 GMT
19by90k7
find.userpilot.io/v1/lookups/ 		62 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://find.userpilot.io/v1/lookups/19by90k7
Requested by
Host: js.userpilot.io
URL: https://js.userpilot.io/sdk/version/1.464/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:119b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a01e643447eecd7cc74d4b9a55a2f26bb205a874806a6dedfaace8b41082feb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 13:57:17 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
gzip
x-cache
Hit from findex
x-request-id
F71DTnj1ZZbdksYCdsTB
last-modified
Sat, 16 Mar 2024 13:57:17 GMT
server
cloudflare
vary
Accept-Encoding
x-ratelimit-remaining
59999
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-apo-via
origin,host
x-ratelimit-limit
60000
x-ratelimit-reset
1710597480000
cf-ray
865540601b84370e-MIA
clarity.js
www.clarity.ms/s/0.7.24/ 		60 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.24/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/981merjh80
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3bc9c1f81ac6f56f2077096ca22a3bb734f895f14dc0d8524dee9a0e124302cc

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 13:57:17 GMT
content-encoding
br
last-modified
Sun, 10 Mar 2024 17:00:12 GMT
etag
W/"0x8DC41238D312F83"
vary
Accept-Encoding
x-azure-ref
20240316T135717Z-md5pvdkp9d2tbcvzbmyegesqr400000006cg00000000dyg2
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
018b5061-e01e-0061-4f17-740d98000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W84C835
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 16 Mar 2024 12:14:14 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6183
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 16 Mar 2024 14:14:14 GMT
collect
a.clarity.ms/ 		0
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.24/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.45.184.134 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://dashboard2.hiddenapp.dev
Date
Sat, 16 Mar 2024 13:57:17 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 13:48:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
501
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
697
x-xss-protection
0
last-modified
Fri, 30 Jun 2023 18:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 16 Mar 2024 14:48:56 GMT
collect
www.google-analytics.com/j/ 		15 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1492942799&t=pageview&_s=1&dl=https%3A%2F%2Fdashboard2.hiddenapp.dev%2Faccount%2Flogin%2F%3Fnext%3D%2F&ul=en-us&de=UTF-8&dt=HiddenApp%20-%20Dashboard%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAiUAjBAAAACAEKAB~&jid=503708160&gjid=1222088533&cid=389987468.1710597438&tid=UA-12672592-1&_gid=677252529.1710597438&_slc=1&gtm=45He43d0n81W84C835v78970982za200&cg1=Unknown&cg2=Unknown&cg3=Unknown&cd3=Unknown&gcd=13l3l3l3l1&dma=0&cd10=389987468.1710597438&z=468717393
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
563126319bcd4662f7fb059608d97e77719660f5743d0f4b6ff5263125c7bb45
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 13:57:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dashboard2.hiddenapp.dev
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-12672592-1&cid=389987468.1710597438&jid=503708160&gjid=1222088533&_gid=677252529.1710597438&_u=aGBAiUAjBAAAAGAEKAB~&z=1484101917
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 16 Mar 2024 13:57:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dashboard2.hiddenapp.dev
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
encharge-tracking.min.js
resources-app.encharge.io/ 		78 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources-app.encharge.io/encharge-tracking.min.js
Requested by
Host: dashboard2.hiddenapp.dev
URL: https://dashboard2.hiddenapp.dev/account/login/?next=/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f453653c317fc4f9860166662cba48514e3b402f02574ab67bf27f774a423fd

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 13:57:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
PKAD8A3D89Z4CQEE
age
1562
alt-svc
h3=":443"; ma=86400
x-amz-id-2
GuJSqHVgBMhn6Ydb6ySOwnGd2pWWIlLemqAN9DIrq8W7/5yVh8TjQMGrxTTFlHeQHXJ/0GD+9fc=
last-modified
Fri, 26 May 2023 23:12:08 GMT
server
cloudflare
etag
W/"8de3448f594279f074e28929219d1fc7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pb2n782Lv3Gmf4EuUWDJXPOoikSJYfvPrv%2BZphe2ZdPlHKkMeSib7Wnp%2BuBFcN9T8CUyYhAlA%2BHWEOdjOZRuaq5rsAr3o1CWy04cVBGTED0Rnsm1jlb498ccuD58xuvj6wZJxmm26tTNcYI5qZhHDAls%2BDg5kxo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=86400
cf-ray
865540637bdc74c0-MIA
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=26D95405F3F84FDF9654ABDCD5DF381F&RedC=c.clarity.ms&MXFR=286B08A0CEEB60BD01021CE4CAEB6EB0
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=26D95405F3F84FDF9654ABDCD5DF381F&MUID=1BD883D0B16768492ADC9794B0D96915
42 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=26D95405F3F84FDF9654ABDCD5DF381F&MUID=1BD883D0B16768492ADC9794B0D96915
Protocol
H2
Server
20.125.209.212 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 13:57:17 GMT
last-modified
Fri, 01 Mar 2024 22:54:06 GMT
server
Microsoft-IIS/10.0
etag
"8573f85c2b6cda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Sat, 16 Mar 2024 13:57:17 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 88802ED0397A4A57BAEBB4F6B6A1011A Ref B: MIAEDGE2018 Ref C: 2024-03-16T13:57:18Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=26D95405F3F84FDF9654ABDCD5DF381F&MUID=1BD883D0B16768492ADC9794B0D96915
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
collect
www.google-analytics.com/ 		35 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1492942799&t=event&ni=1&_s=1&dl=https%3A%2F%2Fdashboard2.hiddenapp.dev%2Faccount%2Flogin%2F%3Fnext%3D%2F&ul=en-us&de=UTF-8&dt=HiddenApp%20-%20Dashboard%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Browse&ea=Reached%20Scroll%20Depth&_u=aGDAiUAjBAAAAGAEKAB~&jid=&gjid=&cid=389987468.1710597438&tid=UA-12672592-1&_gid=677252529.1710597438&gtm=45He43d0n81W84C835v78970982za200&cg1=Unknown&cg2=Unknown&cg3=Unknown&cd3=Unknown&gcd=13l3l3l3l1&dma=0&cd10=389987468.1710597438&z=1160406414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 00:25:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
48724
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1492942799&t=event&ni=1&_s=1&dl=https%3A%2F%2Fdashboard2.hiddenapp.dev%2Faccount%2Flogin%2F%3Fnext%3D%2F&ul=en-us&de=UTF-8&dt=HiddenApp%20-%20Dashboard%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Browse&ea=Reached%20Scroll%20Depth&_u=aGDAiUAjBAAAAGAEKAB~&jid=&gjid=&cid=389987468.1710597438&tid=UA-12672592-1&_gid=677252529.1710597438&gtm=45He43d0n81W84C835v78970982za200&cg1=Unknown&cg2=Unknown&cg3=Unknown&cd3=Unknown&gcd=13l3l3l3l1&dma=0&cd10=389987468.1710597438&z=339305208
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 00:25:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
48724
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1492942799&t=event&ni=1&_s=1&dl=https%3A%2F%2Fdashboard2.hiddenapp.dev%2Faccount%2Flogin%2F%3Fnext%3D%2F&ul=en-us&de=UTF-8&dt=HiddenApp%20-%20Dashboard%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Browse&ea=Reached%20Scroll%20Depth&_u=aGDAiUAjBAAAAGAEKAB~&jid=&gjid=&cid=389987468.1710597438&tid=UA-12672592-1&_gid=677252529.1710597438&gtm=45He43d0n81W84C835v78970982za200&cg1=Unknown&cg2=Unknown&cg3=Unknown&cd3=Unknown&gcd=13l3l3l3l1&dma=0&cd10=389987468.1710597438&z=380884994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 00:25:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
48724
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1492942799&t=event&ni=1&_s=1&dl=https%3A%2F%2Fdashboard2.hiddenapp.dev%2Faccount%2Flogin%2F%3Fnext%3D%2F&ul=en-us&de=UTF-8&dt=HiddenApp%20-%20Dashboard%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Browse&ea=Reached%20Scroll%20Depth&_u=aGDAiUAjBAAAAGAEKAB~&jid=&gjid=&cid=389987468.1710597438&tid=UA-12672592-1&_gid=677252529.1710597438&gtm=45He43d0n81W84C835v78970982za200&cg1=Unknown&cg2=Unknown&cg3=Unknown&cd3=Unknown&gcd=13l3l3l3l1&dma=0&cd10=389987468.1710597438&z=1181816215
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 00:25:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
48724
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		236 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3KLVGV5FMT&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cf62befb8193386ef5a74850d870bce894010d2c60e566d151315018d3e32ed7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 13:57:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86231
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 16 Mar 2024 13:57:17 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-3KLVGV5FMT&gtm=45je43d0v9127252680za200&_p=1710597437218&gcd=13l3l3l3l2&npa=0&dma=0&ul=en-us&sr=1600x1200&cid=389987468.1710597438&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fdashboard2.hiddenapp.dev%2Faccount%2Flogin%2F%3Fnext%3D%2F&dt=HiddenApp%20-%20Dashboard%20Login&sid=1710597438&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_content_group_1=Unknown&ep.ua_content_group_2=Unknown&ep.ua_content_group_3=Unknown&ep.ua_dimension_3=Unknown&ep.ua_dimension_10=389987468.1710597438&tfd=1579
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3KLVGV5FMT&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 13:57:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dashboard2.hiddenapp.dev
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
a.clarity.ms/ 		0
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.24/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.45.184.134 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://dashboard2.hiddenapp.dev
Date
Sat, 16 Mar 2024 13:57:18 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
/
api-js.mixpanel.com/track/ 		52 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1710597442421
Requested by
Host: cdn4.mxpnl.com
URL: https://cdn4.mxpnl.com/libs/mixpanel-2-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.34.183 -, , ASN (),
Reverse DNS
Software
envoy /
Resource Hash
54fd6aba318140e1a91670d53c3f85263687b80d27db87e03afb9cbbe8944653
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=604800; includeSubDomains
date
Sat, 16 Mar 2024 13:57:22 GMT
via
1.1 google
server
envoy
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://dashboard2.hiddenapp.dev
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
X-Requested-With
content-length
52
alt-svc
clear
/
api-js.mixpanel.com/engage/ 		53 B
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.mixpanel.com/engage/?verbose=1&ip=1&_=1710597442422
Requested by
Host: cdn4.mxpnl.com
URL: https://cdn4.mxpnl.com/libs/mixpanel-2-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.34.183 -, , ASN (),
Reverse DNS
Software
envoy /
Resource Hash
a9a2fd280437b1a9da9f09a4c907d2da7ab5fb6ae9744f92858bade3ccdd47d9
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=604800; includeSubDomains
date
Sat, 16 Mar 2024 13:57:22 GMT
via
1.1 google
server
envoy
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://dashboard2.hiddenapp.dev
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
X-Requested-With
content-length
53
alt-svc
clear

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer object| mixpanel function| clarity object| EncTracking object| userpilotSettings function| userpilotInitiator object| userpilotInitiatorSDK object| userpilotCallMethods object| userpilot function| $ function| jQuery object| Popper function| tippy function| List object| beamer_config function| hideUnAuthorizedNavItems function| getDashboardDevices function| expandDevices function| hideNotification function| handleNotification function| validateInternationalPhoneNumber object| userpilotChecklist object| userpilotNps function| _userpilot object| userpilotIntegrations object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| riveted object| gaplugins object| gaGlobal object| gaData function| setImmediate function| clearImmediate undefined| keenGlobals function| Keen function| KeenTracking function| EnchargeTracking function| default

19 Cookies

Domain/Path Name / Value
dashboard2.hiddenapp.dev/ Name: csrftoken
Value: Xl1jmEsQGz83cYpG3JUIrlqRQq7l39S3
.hiddenapp.dev/ Name: sessionid
Value: a0n95b7juon4t7kjmruqtnwlhvnce4xa
www.clarity.ms/ Name: CLID
Value: cabff7bac3ae49dea25a9a5c827449ea.20240316.20250316
.hiddenapp.dev/ Name: mp_13459d6fab041d3e51b5e5b06d1328af_mixpanel
Value: %7B%22distinct_id%22%3A%20%22%22%2C%22%24device_id%22%3A%20%2218e478d77f73af-0a2004ae7bf10b-64345551-1d4c00-18e478d77f73af%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.hiddenapp.dev/ Name: _clck
Value: 1t6c5od%7C2%7Cfk4%7C0%7C1536
.hiddenapp.dev/ Name: _gcl_au
Value: 1.1.981171847.1710597438
.hiddenapp.dev/ Name: _ga
Value: GA1.2.389987468.1710597438
.hiddenapp.dev/ Name: _gid
Value: GA1.2.677252529.1710597438
.hiddenapp.dev/ Name: _clsk
Value: 1olbx2l%7C1710597437821%7C1%7C1%7Ca.clarity.ms%2Fcollect
.hiddenapp.dev/ Name: _dc_gtm_UA-12672592-1
Value: 1
.hiddenapp.dev/ Name: encheventsnippet
Value: {%22uuid%22:%225a43e353-26aa-4a6b-b03e-beda13cb657e%22%2C%22initialReferrer%22:null}
.hiddenapp.dev/ Name: _ga_3KLVGV5FMT
Value: GS1.2.1710597438.1.0.1710597438.0.0.0
.bing.com/ Name: MUID
Value: 1BD883D0B16768492ADC9794B0D96915
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 1BD883D0B16768492ADC9794B0D96915
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 1BD883D0B16768492ADC9794B0D96915
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

14 Console Messages

Source Level URL
Text
other warning URL: https://dashboard2.hiddenapp.dev/account/login/?next=/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dashboard2.hiddenapp.dev/account/login/?next=/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dashboard2.hiddenapp.dev/account/login/?next=/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dashboard2.hiddenapp.dev/account/login/?next=/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dashboard2.hiddenapp.dev/account/login/?next=/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dashboard2.hiddenapp.dev/account/login/?next=/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dashboard2.hiddenapp.dev/account/login/?next=/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dashboard2.hiddenapp.dev/account/login/?next=/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dashboard2.hiddenapp.dev/account/login/?next=/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dashboard2.hiddenapp.dev/account/login/?next=/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dashboard2.hiddenapp.dev/account/login/?next=/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dashboard2.hiddenapp.dev/account/login/?next=/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dashboard2.hiddenapp.dev/account/login/?next=/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dashboard2.hiddenapp.dev/account/login/?next=/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; script-src * 'self' 'unsafe-inline' 'unsafe-eval' https: https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js https://www.googletagmanager.com/gtm.js https://www.google-analytics.com/analytics.js https://widget.intercom.io https://js.intercomcdn.com https://connect.facebook.net/en_US/fbevents.js https://connect.facebook.net/signals/config/1875604675787476 https://fullstory.com/ https://edge.fullstory.com/s/fs.js https://trackcmp.net/visit https://app-worker.visitor-analytics.io/main.js https://cdn4.mxpnl.com/libs/mixpanel-2-latest.min.js https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js https://cdn.tooltip.io/static/player.js https://cdnjs.cloudflare.com/ajax/libs/list.js/1.5.0/list.min.js js.braintreegateway.com assets.braintreegateway.com songbirdstag.cardinalcommerce.com songbird.cardinalcommerce.com www.paypalobjects.com *.paypal.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io https://api-js.mixpanel.com https://data.gist.com; style-src 'self' 'unsafe-inline' https: fonts.googleapis.com https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css; font-src 'self' data: https: fonts.gstatic.com https://js.intercomcdn.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io https://*.google.com/; style-src-elem 'self' 'unsafe-inline' https: fonts.googleapis.com https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css; connect-src 'self' https: https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://nexus-long-poller-a.intercom.io https://nexus-long-poller-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://rs.fullstory.com/rec/page https://rs.fullstory.com/rec/bundle https://app-loadbalancer.visitor-analytics.io/standalone/worker-log https://sa-api.visitor-analytics.io https://www.facebook.com/tr/ api.sandbox.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com api.braintreegateway.com client-analytics.braintreegateway.com *.cardinalcommerce.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com https://*.typeform.com wss://api.userpilot.io wss://chat.convertfox.com; img-src 'self' data: blob: https: https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com www.googletagmanager.com assets.braintreegateway.com checkout.paypal.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io; frame-src *.paypal.com assets.braintreegateway.com *.cardinalcommerce.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io https://*.typeform.com https://*.getbeamer.com https://*.google.com/; form-action 'self' https://intercom.help https://api-iam.intercom.io *.cardinalcommerce.com; media-src 'self' https: https://js.intercomcdn.com; script-src-elem * 'self' 'unsafe-inline' 'unsafe-eval' https: https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js https://www.googletagmanager.com/gtm.js https://www.google-analytics.com/analytics.js https://widget.intercom.io https://js.intercomcdn.com https://connect.facebook.net/en_US/fbevents.js https://connect.facebook.net/signals/config/1875604675787476 https://fullstory.com/ https://edge.fullstory.com/s/fs.js https://trackcmp.net/visit https://app-worker.visitor-analytics.io/main.js https://cdn4.mxpnl.com/libs/mixpanel-2-latest.min.js https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js https://cdn.tooltip.io/static/player.js https://cdnjs.cloudflare.com/ajax/libs/list.js/1.5.0/list.min.js js.braintreegateway.com assets.braintreegateway.com songbirdstag.cardinalcommerce.com songbird.cardinalcommerce.com www.paypalobjects.com *.paypal.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io https://api-js.mixpanel.com https://data.gist.com; child-src 'self' https: https://share.intercom.io https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net assets.braintreegateway.com *.paypal.com
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.clarity.ms
api-js.mixpanel.com
c.bing.com
c.clarity.ms
cdn4.mxpnl.com
cdnjs.cloudflare.com
dashboard2.hiddenapp.dev
find.userpilot.io
fonts.googleapis.com
fonts.gstatic.com
js.userpilot.io
resources-app.encharge.io
stats.g.doubleclick.net
unpkg.com
www.clarity.ms
www.google-analytics.com
www.googletagmanager.com
104.45.184.134
130.211.34.183
20.125.209.212
2606:4700:20::ac43:46a7
2606:4700:3031::6815:5e2e
2606:4700::6810:7eaf
2606:4700::6811:190e
2606:4700::6812:109b
2606:4700::6812:119b
2607:f8b0:4004:c08::5f
2607:f8b0:4004:c09::9c
2607:f8b0:4004:c1b::5e
2607:f8b0:4004:c1b::66
2607:f8b0:4004:c1f::61
2620:1ec:46::38
2620:1ec:c11::200
35.186.235.23
0a01e643447eecd7cc74d4b9a55a2f26bb205a874806a6dedfaace8b41082feb
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
3bc9c1f81ac6f56f2077096ca22a3bb734f895f14dc0d8524dee9a0e124302cc
3f0fe70eb26ccf28f6887a192e29d38dd7ef7c2f079a73304ad42ddc7bed37de
3f453653c317fc4f9860166662cba48514e3b402f02574ab67bf27f774a423fd
44bd100929241218de0189d96aca5496da8fb259ebd09454d868adcd653cf0da
54fd6aba318140e1a91670d53c3f85263687b80d27db87e03afb9cbbe8944653
563126319bcd4662f7fb059608d97e77719660f5743d0f4b6ff5263125c7bb45
62a388a7833280dc7dfe5716af9969711f3c2a2fcc34c5af249907d1e2be7c73
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6db990de042b987ce4d0a1be6d23f63421e20933ed78eea94895554eaa1d0210
78f127277756ae464f4eb665ce214cb6315746f6f4193e95b31f18f4b3e97527
7c690a6ebb2eef51e8ccc66161b02197c22f388f1fc23c89e0f5c7b70e1eac50
80c9c8f74b72fd8553775aed53bb86f85577afa782eca52d443af58ab95fb151
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9215ab17d5bb95365fda0ddf670b851bdf468f5cd802812639f7ec416f702513
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a81e72cf0ce1d5a4029abb0ea218849a139f4467a1b20b0909bf000f7b81c3b
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a9a2fd280437b1a9da9f09a4c907d2da7ab5fb6ae9744f92858bade3ccdd47d9
b685ed4d27f17415c9e631de5a07e66d8b546641b11850ae1d3e1387891040a2
bc469dadad8ef470c81989bcb2bdb9e8e608448ff0d543f6b56b38ec5bc569c5
c212f4b505a86352aed62b24a8f16f999f821ecbe6456c7f3c8a04bc87968782
cf62befb8193386ef5a74850d870bce894010d2c60e566d151315018d3e32ed7
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2f1bccca460a96af91705a6fc73b1c1e74f49292446f7bc44991af3a1546194
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e809b8052160827914e0d7f920863070f3adb20849212b60ae45f6b2de47905a
f0a99fef5ee4ab82df9039e8aa6a5baa3499b1fcb435b4f3c454f84a141e4ff9