dashboard.staging.heycarson.com Open in urlscan Pro
138.197.58.6 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://dashboard.staging.heycarson.com/
Effective URL:
https://dashboard.staging.heycarson.com/login
Submission: On June 19 via api (June 19th 2024, 3:58:28 pm UTC) from US — Scanned from DE

Summary HTTP 22 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 22 HTTP transactions. The main IP is 138.197.58.6, located in Clifton, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is dashboard.staging.heycarson.com.
TLS certificate: Issued by E5 on June 17th 2024. Valid for: 3 months.

This is the only time dashboard.staging.heycarson.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 13	138.197.58.6 138.197.58.6	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2606:4700::68... 2606:4700::6812:bb1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	52.85.65.38 52.85.65.38	16509 (AMAZON-02) (AMAZON-02)
2	18.66.188.204 18.66.188.204	16509 (AMAZON-02) (AMAZON-02)
22	6

13 138.197.58.6 (Clifton, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

dashboard.staging.heycarson.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bb1f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.85.65.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-65-38.muc50.r.cloudfront.net

beacon-v2.helpscout.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.188.204 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-188-204.muc50.r.cloudfront.net

d3hb14vkzrxvla.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	heycarson.com 1 redirects dashboard.staging.heycarson.com	966 KB
3	helpscout.net beacon-v2.helpscout.net — Cisco Umbrella Rank: 14068	32 KB
2	cloudfront.net d3hb14vkzrxvla.cloudfront.net	9 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 204	74 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 381	2 KB
22	6

	Domain	Requested by
13	dashboard.staging.heycarson.com	1 redirects dashboard.staging.heycarson.com
3	beacon-v2.helpscout.net	dashboard.staging.heycarson.com beacon-v2.helpscout.net
2	d3hb14vkzrxvla.cloudfront.net	beacon-v2.helpscout.net
2	www.facebook.com	dashboard.staging.heycarson.com
2	connect.facebook.net	dashboard.staging.heycarson.com connect.facebook.net
1	cdn.jsdelivr.net	dashboard.staging.heycarson.com
22	6

This site contains links to these domains. Also see Links.

Domain
heycarson.com

Subject Issuer	Validity	Valid
dashboard.staging.heycarson.com E5	`2024-06-17` - `2024-09-15`	3 months	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2024-05-04` - `2025-05-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-28` - `2024-06-26`	3 months	crt.sh
*.helpscout.net Amazon RSA 2048 M03	`2024-03-18` - `2025-04-15`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://dashboard.staging.heycarson.com/login
Frame ID: 91A186464E39F67A7FCF2880C662F9C3
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log in to Your HeyCarson Account

Page URL History Show full URLs

https://dashboard.staging.heycarson.com/ HTTP 302
https://dashboard.staging.heycarson.com/login Page URL

Detected technologies

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

22
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

1086 kB
Transfer

1436 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://heycarson.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://dashboard.staging.heycarson.com/ HTTP 302
https://dashboard.staging.heycarson.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
dashboard.staging.heycarson.com/
Redirect Chain

https://dashboard.staging.heycarson.com/
https://dashboard.staging.heycarson.com/login

12 KB
4 KB

148ms
148ms

Document
text/html

138.197.58.6
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.staging.heycarson.com/login

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

138.197.58.6 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.19.2 / PHP/7.4.33

Resource Hash

0105b1e494b316b56e1d735b56024464644c6fbc9f0088525d5ca439005717d6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: private, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 19 Jun 2024 15:58:23 GMT
expires: -1
pragma: no-cache
server: nginx/1.19.2
vary: Accept-Encoding Accept-Encoding
x-frame-options: SAMEORIGIN
x-powered-by: PHP/7.4.33

Redirect headers

cache-control: private, must-revalidate
content-type: text/html; charset=UTF-8
date: Wed, 19 Jun 2024 15:58:22 GMT
expires: -1
location: https://dashboard.staging.heycarson.com/login
pragma: no-cache
server: nginx/1.19.2
x-frame-options: SAMEORIGIN
x-powered-by: PHP/7.4.33

GET
H2 200 auth.css
dashboard.staging.heycarson.com/assets/v2/css/ 18 KB
3 KB 116ms
115ms Stylesheet
text/css 138.197.58.6
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.staging.heycarson.com/assets/v2/css/auth.css?v=9637211

Requested by

Host: dashboard.staging.heycarson.com
URL: https://dashboard.staging.heycarson.com/login

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

138.197.58.6 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.19.2 /

Resource Hash

e73c940e9ff79392e28760ee5f49efc3b08847b54b5399b1d5af1cc6c2a52697

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dashboard.staging.heycarson.com/login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 15:58:23 GMT
content-encoding: gzip
last-modified: Fri, 24 May 2024 14:33:16 GMT
server: nginx/1.19.2
etag: W/"6650a52c-4779"
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css

GET
H2 200 carson-logo.svg
dashboard.staging.heycarson.com/assets/v2/images/auth/ 8 KB
8 KB 117ms
116ms Image
image/svg+xml 138.197.58.6
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dashboard.staging.heycarson.com/assets/v2/images/auth/carson-logo.svg

Requested by

Host: dashboard.staging.heycarson.com
URL: https://dashboard.staging.heycarson.com/login

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

138.197.58.6 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.19.2 /

Resource Hash

ebebae7de955da969cafda9a5bfccb44baa0a8dabc12c10fef368adedc5f2441

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dashboard.staging.heycarson.com/login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 15:58:23 GMT
last-modified: Fri, 24 May 2024 14:33:16 GMT
server: nginx/1.19.2
etag: "6650a52c-1e41"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 7745

GET
H2 200 back.svg
dashboard.staging.heycarson.com/assets/v2/images/auth/ 1 KB
1 KB 226ms
226ms Image
image/svg+xml 138.197.58.6
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dashboard.staging.heycarson.com/assets/v2/images/auth/back.svg

Requested by

Host: dashboard.staging.heycarson.com
URL: https://dashboard.staging.heycarson.com/login

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

138.197.58.6 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.19.2 /

Resource Hash

0829c7d061bdab08f2e91d8d759f686cbf1cc926c20e6ef06b36c4cbfca64ca6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dashboard.staging.heycarson.com/login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 15:58:23 GMT
last-modified: Fri, 24 May 2024 14:33:16 GMT
server: nginx/1.19.2
etag: "6650a52c-462"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1122

GET
H2 200 show-password.svg
dashboard.staging.heycarson.com/assets/v2/images/auth/ 3 KB
3 KB 143ms
136ms Image
image/svg+xml 138.197.58.6
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dashboard.staging.heycarson.com/assets/v2/images/auth/show-password.svg

Requested by

Host: dashboard.staging.heycarson.com
URL: https://dashboard.staging.heycarson.com/login

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

138.197.58.6 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.19.2 /

Resource Hash

6bac07e2d046bb2bf1fcaea5ae10740ede2ad4dbf423478dd5cbebed6049f6bc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dashboard.staging.heycarson.com/login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 15:58:23 GMT
last-modified: Fri, 24 May 2024 14:33:16 GMT
server: nginx/1.19.2
etag: "6650a52c-b29"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 2857

GET
H2 200 star.svg
dashboard.staging.heycarson.com/assets/v2/images/auth/ 829 B
991 B 144ms
137ms Image
image/svg+xml 138.197.58.6
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dashboard.staging.heycarson.com/assets/v2/images/auth/star.svg

Requested by

Host: dashboard.staging.heycarson.com
URL: https://dashboard.staging.heycarson.com/login

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

138.197.58.6 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.19.2 /

Resource Hash

e38abafcb65fe542df6dad09d4da90678743f3cc911717d57769c5bb5e8f2bf8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dashboard.staging.heycarson.com/login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 15:58:23 GMT
last-modified: Fri, 24 May 2024 14:33:16 GMT
server: nginx/1.19.2
etag: "6650a52c-33d"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 829

GET
H2 200 auth-graphic.svg
dashboard.staging.heycarson.com/assets/v2/images/auth/ 635 KB
636 KB 141ms
138ms Image
image/svg+xml 138.197.58.6
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dashboard.staging.heycarson.com/assets/v2/images/auth/auth-graphic.svg

Requested by

Host: dashboard.staging.heycarson.com
URL: https://dashboard.staging.heycarson.com/login

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

138.197.58.6 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.19.2 /

Resource Hash

99afc34dc1a69a0f20c7370a93e0584117d4ae1706f97a6fa1950843e11e188c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dashboard.staging.heycarson.com/login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 15:58:23 GMT
last-modified: Fri, 24 May 2024 14:33:16 GMT
server: nginx/1.19.2
etag: "6650a52c-9ed72"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 650610

GET
H2 200 jquery-1.12.0.min.js Show response
dashboard.staging.heycarson.com/assets/js/vendor/ 95 KB
33 KB 142ms
136ms Script
application/javascript 138.197.58.6
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.staging.heycarson.com/assets/js/vendor/jquery-1.12.0.min.js

Requested by

Host: dashboard.staging.heycarson.com
URL: https://dashboard.staging.heycarson.com/login

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

138.197.58.6 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.19.2 /

Resource Hash

5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dashboard.staging.heycarson.com/login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 15:58:23 GMT
content-encoding: gzip
last-modified: Fri, 24 May 2024 14:33:16 GMT
server: nginx/1.19.2
etag: W/"6650a52c-17c52"
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8

GET
H2 200 js.cookie.min.js Show response
cdn.jsdelivr.net/npm/js-cookie@2.2.1/src/ 2 KB
2 KB 148ms
58ms Script
application/javascript 2606:4700::6812:bb1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/js-cookie@2.2.1/src/js.cookie.min.js

Requested by

Host: dashboard.staging.heycarson.com
URL: https://dashboard.staging.heycarson.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39b8fe6364621725ff90431a34af0f87976d95c00cbfd1d0f3711a3f1fa1a07b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dashboard.staging.heycarson.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 15:58:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3987363
x-jsd-version: 2.2.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1078
x-served-by: cache-fra-eddf8230124-FRA, cache-lga21951-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"79f-7pVBzxqV0qiF+LFDoQXKqgjKnJ0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QACdQ5svYv2%2FvUTToDePFAmSQQH4ZTkln0vS1Y%2FqREa0Vrnm9HoczKvfowxBzOKqnhxhg0eoPV%2Fu95eRBuwmCiVY7BR8K6Hvgx66SK5XGdQaEhtBs4FlHJKR3Ysl5VBclh6dONSbLh5Y5H9BIII%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8964b8645c298ecd-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 128ms
40ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: dashboard.staging.heycarson.com
URL: https://dashboard.staging.heycarson.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dashboard.staging.heycarson.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 19 Jun 2024 15:58:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58024
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1297, tbw=2800, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: IcfJZVx9SBsTYSOGe/bkW9edO9wfR752irwTmeb2iemudlAiwtiVZpe4JE4WELKau++OnUNUEmG5AlLrIWuG1A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 CircularPro-Book.otf
dashboard.staging.heycarson.com/assets/v2/fonts/ 85 KB
85 KB 353ms
352ms Font
application/octet-stream 138.197.58.6
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.staging.heycarson.com/assets/v2/fonts/CircularPro-Book.otf

Requested by

Host: dashboard.staging.heycarson.com
URL: https://dashboard.staging.heycarson.com/assets/v2/css/auth.css?v=9637211

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

138.197.58.6 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.19.2 /

Resource Hash

0c833aefd088c6fae2c65e2faf155463b75091c61b984a22292ca98718b465de

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dashboard.staging.heycarson.com/assets/v2/css/auth.css?v=9637211
Origin: https://dashboard.staging.heycarson.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 15:58:23 GMT
last-modified: Fri, 24 May 2024 14:33:16 GMT
server: nginx/1.19.2
etag: "6650a52c-15468"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
accept-ranges: bytes
content-length: 87144

GET
H2 200 CircularPro-Bold.otf
dashboard.staging.heycarson.com/assets/v2/fonts/ 93 KB
94 KB 352ms
352ms Font
application/octet-stream 138.197.58.6
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.staging.heycarson.com/assets/v2/fonts/CircularPro-Bold.otf

Requested by

Host: dashboard.staging.heycarson.com
URL: https://dashboard.staging.heycarson.com/assets/v2/css/auth.css?v=9637211

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

138.197.58.6 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.19.2 /

Resource Hash

594300be2fc6e632294a76fe384a058e0596ad08ce1dec2d65a82c014b089f27

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dashboard.staging.heycarson.com/assets/v2/css/auth.css?v=9637211
Origin: https://dashboard.staging.heycarson.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 15:58:23 GMT
last-modified: Fri, 24 May 2024 14:33:16 GMT
server: nginx/1.19.2
etag: "6650a52c-175ec"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
accept-ranges: bytes
content-length: 95724

GET
H2 200 CircularPro-Medium.otf
dashboard.staging.heycarson.com/assets/v2/fonts/ 93 KB
93 KB 352ms
352ms Font
application/octet-stream 138.197.58.6
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.staging.heycarson.com/assets/v2/fonts/CircularPro-Medium.otf

Requested by

Host: dashboard.staging.heycarson.com
URL: https://dashboard.staging.heycarson.com/assets/v2/css/auth.css?v=9637211

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

138.197.58.6 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.19.2 /

Resource Hash

8df65c16e955a73528fdc581781364fd6059da9c7ffb7d9e84ebea9e34f894b6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dashboard.staging.heycarson.com/assets/v2/css/auth.css?v=9637211
Origin: https://dashboard.staging.heycarson.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 15:58:23 GMT
last-modified: Fri, 24 May 2024 14:33:16 GMT
server: nginx/1.19.2
etag: "6650a52c-173ec"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
accept-ranges: bytes
content-length: 95212

GET
H2 200 967843979939129 Show response
connect.facebook.net/signals/config/ 78 KB
15 KB 193ms
192ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/967843979939129?v=2.9.158&r=stable&domain=dashboard.staging.heycarson.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c7a597cc16c5c962a90ac509bbcbcfe47aa0e3ed0e57142d75c8213bfb85e22b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dashboard.staging.heycarson.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 19 Jun 2024 15:58:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=47, rtx=0, c=65, mss=1297, tbw=63560, tp=-1, tpl=-1, uplat=151, ullat=0
pragma: public
x-fb-debug: TYMVDUvxQhtVJ2raREb8tuU66ge/uP9SLZPP8JV1Y8YzKJCU1YeFmGb00nYsyOhxTOhApdkTTHAPemVWjezdyA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 142ms
39ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=967843979939129&ev=PageView&dl=https%3A%2F%2Fdashboard.staging.heycarson.com%2Flogin&rl=&if=false&ts=1718812703759&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718812703755.113414917545874118&cs_est=true&ler=empty&cdl=API_unavailable&it=1718812703542&coo=false&rqm=GET

Requested by

Host: dashboard.staging.heycarson.com
URL: https://dashboard.staging.heycarson.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dashboard.staging.heycarson.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=2782, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 19 Jun 2024 15:58:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 344ms
241ms Image
image/png 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=967843979939129&ev=PageView&dl=https%3A%2F%2Fdashboard.staging.heycarson.com%2Flogin&rl=&if=false&ts=1718812703759&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718812703755.113414917545874118&cs_est=true&ler=empty&cdl=API_unavailable&it=1718812703542&coo=false&rqm=FGET

Requested by

Host: dashboard.staging.heycarson.com
URL: https://dashboard.staging.heycarson.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dashboard.staging.heycarson.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xc052854310f1846a","source_keys":["1","2"]},{"key_piece":"0x3244ba0bc588c2df","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Wed, 19 Jun 2024 15:58:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7382244349425927844", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=3100, tp=-1, tpl=-1, uplat=201, ullat=0
pragma: no-cache
x-fb-debug: Ej11yiKsd5eHAQ7lbf5bL9O9bUVBbpnROqEs8CbYoeNuxREr1E6O9jKl0cr4CgxSwPPIkWBOYn1tnZKH3N86eA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7382244349425927844"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
beacon-v2.helpscout.net/ 458 B
903 B 190ms
39ms Script
application/javascript 52.85.65.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon-v2.helpscout.net/

Requested by

Host: dashboard.staging.heycarson.com
URL: https://dashboard.staging.heycarson.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.65.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-65-38.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

42b7d17bd68b11a8a1e41fa64a7682994cf6bf73f95a8b8f512a52d8db37c400

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dashboard.staging.heycarson.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 15:57:49 GMT
content-encoding: gzip
via: 1.1 8e2b9bc1b41cb69d67514a54937a01e6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MUC50-P6
age: 72
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 327
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 17 Jun 2024 12:52:22 GMT
server: AmazonS3
etag: "3b480f0bbd8ec0abbc7871821ec510a1"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=120, s-maxage=120, public
accept-ranges: bytes
x-amz-cf-id: ZMAgNyqTu0cgKsXU1UIGLd8oI_sdfLPF0CyThX9JW-isOdCK6RVmxQ==

GET
H2 200 favicon-32x32.png
dashboard.staging.heycarson.com/fav/ 2 KB
3 KB 112ms
112ms Other
image/png 138.197.58.6
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.staging.heycarson.com/fav/favicon-32x32.png

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

138.197.58.6 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.19.2 /

Resource Hash

4419423388781e73530cf7ed56c840056d8ca5d3fdca2a223291befe5f23623c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dashboard.staging.heycarson.com/login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 15:58:25 GMT
last-modified: Fri, 24 May 2024 14:33:16 GMT
server: nginx/1.19.2
etag: "6650a52c-9e7"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 2535

GET
H2 200 vendor.ec06f8ec.js Show response
beacon-v2.helpscout.net/static/js/ 51 KB
18 KB 45ms
45ms Script
application/javascript 52.85.65.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon-v2.helpscout.net/static/js/vendor.ec06f8ec.js

Requested by

Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.65.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-65-38.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ab850ad464108a322046664c880f5366f3eff6edafbc2ca74d39ddf8805299fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dashboard.staging.heycarson.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 15:38:06 GMT
content-encoding: gzip
via: 1.1 8e2b9bc1b41cb69d67514a54937a01e6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MUC50-P6
age: 1222
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 17759
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 17 Jun 2024 12:52:23 GMT
server: AmazonS3
etag: "4f7df3b96aea0e17614278fab0e93749"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: TJKpIEwT_vC8n4rqaSoSo2HA1PDgEoiqLnxJrO3hjOWEmcZycj5Nww==

GET
H2 200 main.63d07020.js Show response
beacon-v2.helpscout.net/static/js/ 31 KB
13 KB 51ms
51ms Script
application/javascript 52.85.65.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon-v2.helpscout.net/static/js/main.63d07020.js

Requested by

Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.65.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-65-38.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f2312f9d28fcfe55564b427619148799f3d70b69d28542c9a10df1aa5358da13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dashboard.staging.heycarson.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 15:38:05 GMT
content-encoding: gzip
via: 1.1 8e2b9bc1b41cb69d67514a54937a01e6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MUC50-P6
age: 1222
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 12627
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 17 Jun 2024 12:52:23 GMT
server: AmazonS3
etag: "01b177e429180f0563986b3f9a821f48"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: wTnjlt20fRxVAZvQO1wu4UNK5pHV-oE3AIoo_9yP5xCg0X7Z6ibWbQ==

GET
H2 200 6a409334-7d5c-4b2d-96eb-20616f4960d9 Show response
d3hb14vkzrxvla.cloudfront.net/v1/ 8 KB
9 KB 148ms
148ms XHR
application/json 18.66.188.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3hb14vkzrxvla.cloudfront.net/v1/6a409334-7d5c-4b2d-96eb-20616f4960d9

Requested by

Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/static/js/vendor.ec06f8ec.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.188.204 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-188-204.muc50.r.cloudfront.net

Software

Resource Hash

28eaf7a6fdbc79e87d1f887bc98f610a4b85eeaf989df14190ec788352b4b65e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

correlationId: 4db4729f-e131-4da3-92cd-2de69d9cc35a
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Helpscout-Release: 2.2.199
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Beacon-Device-ID: a56ed161-4f12-43e4-bc14-7bf40b9af620
Referer: https://dashboard.staging.heycarson.com/
Beacon-Device-Instance-ID: 0c6de94c-7dcf-4dde-a5e5-29572be38cb3
Helpscout-Origin: Beacon-Embed
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 15:58:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 af1bbc213b3a9ee2f125be77ca3609a0.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
x-ratelimit-remaining-ai-ask-hour: 25
x-ratelimit-remaining-identify-hour: 25
x-ratelimit-limit-general-minute: 60
x-ratelimit-remaining-conversations-hour: 10
x-ratelimit-limit-identify-hour: 25
x-ratelimit-remaining-chat-tokens-hour: 25
x-ratelimit-limit-conversations-hour: 10
x-ratelimit-limit-attachments-hour: 10
vary: Origin,Access-Control-Request-Method
content-type: application/json
access-control-allow-origin: https://dashboard.staging.heycarson.com
x-ratelimit-remaining-general-minute: 60
access-control-expose-headers: Resource-ID
cache-control: max-age=300
access-control-allow-credentials: true
x-ratelimit-remaining-attachments-hour: 10
x-ratelimit-limit-ai-ask-hour: 25
x-amz-cf-id: b_t798WdzgiI0Bkcm1p-aSexnuBjYqSF8KLITxDoaTka1RibNJ-4ag==
x-ratelimit-limit-chat-tokens-hour: 25

OPTIONS
H2 200 6a409334-7d5c-4b2d-96eb-20616f4960d9
d3hb14vkzrxvla.cloudfront.net/v1/ 0
0 240ms
145ms Preflight 18.66.188.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3hb14vkzrxvla.cloudfront.net/v1/6a409334-7d5c-4b2d-96eb-20616f4960d9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.188.204 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-188-204.muc50.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: beacon-device-id,beacon-device-instance-id,correlationid,helpscout-origin,helpscout-release
Access-Control-Request-Method: GET
Origin: https://dashboard.staging.heycarson.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: beacon-device-id, beacon-device-instance-id, correlationid, helpscout-origin, helpscout-release
access-control-allow-methods: GET
access-control-allow-origin: https://dashboard.staging.heycarson.com
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, TRACE, PATCH
content-length: 0
date: Wed, 19 Jun 2024 15:58:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin,Access-Control-Request-Method
via: 1.1 af1bbc213b3a9ee2f125be77ca3609a0.cloudfront.net (CloudFront)
x-amz-cf-id: gROtejBZvf47ort8BKz9sDsAPkYBt_TpwRvR-dSjgXd9Jg7ulN2V9g==
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
x-ratelimit-limit-ai-ask-hour: 25
x-ratelimit-limit-attachments-hour: 10
x-ratelimit-limit-chat-tokens-hour: 25
x-ratelimit-limit-conversations-hour: 10
x-ratelimit-limit-general-minute: 60
x-ratelimit-limit-identify-hour: 25
x-ratelimit-remaining-ai-ask-hour: 25
x-ratelimit-remaining-attachments-hour: 10
x-ratelimit-remaining-chat-tokens-hour: 25
x-ratelimit-remaining-conversations-hour: 10
x-ratelimit-remaining-general-minute: 60
x-ratelimit-remaining-identify-hour: 25

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
dashboard.staging.heycarson.com/	1970-01-20 21:27:25	Name: XSRF-TOKEN Value: eyJpdiI6Ikk1R0pkMEREdDBaTHZwSVEwKzBVVEE9PSIsInZhbHVlIjoiM1RHbnRTN1djdUN6M0xwYXBrWFwvR3EydkUwR1lEOWxCYWUrS2JjT1M3MlhueEw4b0J1K2p5TXJQXC9jOVRReHF3IiwibWFjIjoiNGUxOGMxNDA5OTAzODg4OTUzZDJmNGY5YTk5ZWJhNzk0Yjc0MjJkYWNkMmRhMGUyNTNhNWZiMDk4ZDMwYzBiZCJ9
dashboard.staging.heycarson.com/	1970-01-20 21:27:25	Name: laravel_session Value: eyJpdiI6Im5JQTdcL2RSM2o5ZUcwc3dBU21RWWRBPT0iLCJ2YWx1ZSI6InpuenFHRENDT0FvSlJBUmh3WXNxbW9UTnJWRjNFZExVNHlKMDJiWWR4a1l1TGlBQVwvS0pJaitvV1ZhNDY4S2xldjd5UHBaVURnaGlwcUVzN2lmY3lIRlZzb3hRTWNxXC85blZFM3VyRGZPTFl4YldPUUEzZ3h2R3V4aWxCZ09semIiLCJtYWMiOiJiY2I0YTVjYTA4ZTBmM2JlZDNiY2JjOTk2MGU3NTE2MGFhYjg2ZDhlMDJkZDZlZDQ0OTk5OTc1ZTg5MGU3NTQxIn0%3D
.heycarson.com/	1970-01-20 23:36:28	Name: _fbp Value: fb.1.1718812703755.113414917545874118

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://dashboard.staging.heycarson.com/login Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beacon-v2.helpscout.net
cdn.jsdelivr.net
connect.facebook.net
d3hb14vkzrxvla.cloudfront.net
dashboard.staging.heycarson.com
www.facebook.com
138.197.58.6
18.66.188.204
2606:4700::6812:bb1f
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
52.85.65.38
0105b1e494b316b56e1d735b56024464644c6fbc9f0088525d5ca439005717d6
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
0829c7d061bdab08f2e91d8d759f686cbf1cc926c20e6ef06b36c4cbfca64ca6
0c833aefd088c6fae2c65e2faf155463b75091c61b984a22292ca98718b465de
28eaf7a6fdbc79e87d1f887bc98f610a4b85eeaf989df14190ec788352b4b65e
39b8fe6364621725ff90431a34af0f87976d95c00cbfd1d0f3711a3f1fa1a07b
42b7d17bd68b11a8a1e41fa64a7682994cf6bf73f95a8b8f512a52d8db37c400
4419423388781e73530cf7ed56c840056d8ca5d3fdca2a223291befe5f23623c
594300be2fc6e632294a76fe384a058e0596ad08ce1dec2d65a82c014b089f27
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf
6bac07e2d046bb2bf1fcaea5ae10740ede2ad4dbf423478dd5cbebed6049f6bc
8df65c16e955a73528fdc581781364fd6059da9c7ffb7d9e84ebea9e34f894b6
99afc34dc1a69a0f20c7370a93e0584117d4ae1706f97a6fa1950843e11e188c
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab850ad464108a322046664c880f5366f3eff6edafbc2ca74d39ddf8805299fd
c7a597cc16c5c962a90ac509bbcbcfe47aa0e3ed0e57142d75c8213bfb85e22b
e38abafcb65fe542df6dad09d4da90678743f3cc911717d57769c5bb5e8f2bf8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e73c940e9ff79392e28760ee5f49efc3b08847b54b5399b1d5af1cc6c2a52697
ebebae7de955da969cafda9a5bfccb44baa0a8dabc12c10fef368adedc5f2441
f2312f9d28fcfe55564b427619148799f3d70b69d28542c9a10df1aa5358da13

dashboard.staging.heycarson.com Open in urlscan Pro 138.197.58.6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

100 %HTTPS

50 %IPv6

6 Domains

6 Subdomains

6 IPs

2 Countries

1086 kBTransfer

1436 kBSize

3 Cookies

1 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

3 Cookies

1 Console Messages

Security Headers

Indicators

dashboard.staging.heycarson.com Open in urlscan Pro
138.197.58.6 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

1086 kB
Transfer

1436 kB
Size

3
Cookies

22 HTTP transactions
0 data transactions