onboarding.bnz.testing.dancerace-apps.com Open in urlscan Pro
3.105.254.250  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response onboarding.bnz.testing.dancerace-apps.com/	3 KB 3 KB	63ms 15ms	Document text/html	3.105.254.250 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://onboarding.bnz.testing.dancerace-apps.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 3.105.254.250 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-105-254-250.ap-southeast-2.compute.amazonaws.com Software / Resource Hash a7ad4498b07a976eb251e7d2caeef268235baeb42d03d7d1948a2a7e2e96eaa7 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization access-control-allow-methods GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD access-control-allow-origin * access-control-max-age 1728000 content-encoding gzip content-type text/html date Mon, 02 Dec 2024 18:59:39 GMT etag W/"6737228f-bc7" last-modified Fri, 15 Nov 2024 10:29:35 GMT strict-transport-security max-age=15724800; includeSubDomains vary Accept-Encoding
GET H2	200	index.9d3b31e2b153af526934.js Show response onboarding.bnz.testing.dancerace-apps.com/	2 MB 789 KB	47ms 47ms	Script application/javascript	3.105.254.250 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://onboarding.bnz.testing.dancerace-apps.com/index.9d3b31e2b153af526934.js Requested by Host: onboarding.bnz.testing.dancerace-apps.com URL: https://onboarding.bnz.testing.dancerace-apps.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 3.105.254.250 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-105-254-250.ap-southeast-2.compute.amazonaws.com Software / Resource Hash 6a7f6ab5be82636002ead6792d16a16458970b649d0d5db297946cd1e5db9317 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://onboarding.bnz.testing.dancerace-apps.com/ Response headers strict-transport-security max-age=15724800; includeSubDomains access-control-max-age 1728000 cache-control no-cache, no-store content-encoding gzip etag W/"6737228f-2571cf" access-control-allow-credentials true access-control-allow-methods GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD expires Mon, 02 Dec 2024 18:59:38 GMT access-control-allow-origin * date Mon, 02 Dec 2024 18:59:39 GMT content-type application/javascript last-modified Fri, 15 Nov 2024 10:29:35 GMT vary Accept-Encoding access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
GET H2	200	meta.json Show response onboarding.bnz.testing.dancerace-apps.com/	130 B 552 B	6ms 6ms	XHR application/json	3.105.254.250 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://onboarding.bnz.testing.dancerace-apps.com/meta.json Requested by Host: onboarding.bnz.testing.dancerace-apps.com URL: https://onboarding.bnz.testing.dancerace-apps.com/index.9d3b31e2b153af526934.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 3.105.254.250 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-105-254-250.ap-southeast-2.compute.amazonaws.com Software / Resource Hash 3e3b9b0a9a71e6c1caae0011805210efeefc80523cd8b18d67cb488be9a69fd2 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers sentry-trace 688c17acc76a4cd4bf98386d10062097-91c3f0e6d338d888-1 Referer https://onboarding.bnz.testing.dancerace-apps.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Accept application/json, text/plain, */* baggage sentry-environment=production,sentry-public_key=f073fe1329d9412a958ec6f1df5bad69,sentry-trace_id=688c17acc76a4cd4bf98386d10062097,sentry-sample_rate=1,sentry-sampled=true Response headers strict-transport-security max-age=15724800; includeSubDomains access-control-max-age 1728000 etag "673b4896-82" access-control-allow-credentials true access-control-allow-methods GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD accept-ranges bytes access-control-allow-origin * content-length 130 date Mon, 02 Dec 2024 18:59:40 GMT content-type application/json last-modified Mon, 18 Nov 2024 14:00:54 GMT access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
GET H2	200	onboarding Show response api.sso.ap-southeast-2.testing.dancerace-apps.com/v1/companies/bnz/applications/	74 KB 75 KB	217ms 81ms	XHR application/json	13.55.68.108 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.sso.ap-southeast-2.testing.dancerace-apps.com/v1/companies/bnz/applications/onboarding Requested by Host: onboarding.bnz.testing.dancerace-apps.com URL: https://onboarding.bnz.testing.dancerace-apps.com/index.9d3b31e2b153af526934.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 13.55.68.108 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-55-68-108.ap-southeast-2.compute.amazonaws.com Software / Resource Hash 7f4c1434375ef40284b0dcebb76609b5b412a37492963497d9dcd68a8ce49758 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Accept application/json, text/plain, */* Referer https://onboarding.bnz.testing.dancerace-apps.com/ Response headers access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization strict-transport-security max-age=15724800; includeSubDomains access-control-max-age 1728000 cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache access-control-allow-credentials true x-content-type-options nosniff access-control-allow-methods GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD expires 0 access-control-allow-origin * date Mon, 02 Dec 2024 18:59:40 GMT x-xss-protection 0 content-type application/json vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-frame-options DENY
GET H2	200	settings Show response api.onboarding.bnz.testing.dancerace-apps.com/v1/prospect-client/enquiry/	6 KB 7 KB	255ms 215ms	XHR application/json	13.55.68.108 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.onboarding.bnz.testing.dancerace-apps.com/v1/prospect-client/enquiry/settings Requested by Host: onboarding.bnz.testing.dancerace-apps.com URL: https://onboarding.bnz.testing.dancerace-apps.com/index.9d3b31e2b153af526934.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 13.55.68.108 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-55-68-108.ap-southeast-2.compute.amazonaws.com Software / Resource Hash 0785113fb54d08b4df8ec56de17ee5c2840790a9b896ebb8e7e20270f2159fa7 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Accept application/json, text/plain, */* Referer https://onboarding.bnz.testing.dancerace-apps.com/ Response headers access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization strict-transport-security max-age=15724800; includeSubDomains access-control-max-age 1728000 cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache access-control-allow-credentials true x-content-type-options nosniff access-control-allow-methods GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD expires 0 access-control-allow-origin * date Mon, 02 Dec 2024 18:59:40 GMT x-xss-protection 0 content-type application/json vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-frame-options DENY
GET H3	200	api.js Show response www.google.com/recaptcha/	1 KB 989 B	397ms 176ms	Script text/javascript	142.251.42.196 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit Requested by Host: onboarding.bnz.testing.dancerace-apps.com URL: https://onboarding.bnz.testing.dancerace-apps.com/index.9d3b31e2b153af526934.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.42.196 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS nrt12s47-in-f4.1e100.net Software ESF / Resource Hash 0781116351275f1c9d97818c6b40d4b90f97fc3a015d22bcb8e6ac1c8ac1562e Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://onboarding.bnz.testing.dancerace-apps.com/ Response headers cache-control private, max-age=300 content-encoding gzip cross-origin-resource-policy cross-origin report-to {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]} x-content-type-options nosniff expires Mon, 02 Dec 2024 18:59:41 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cross-origin-opener-policy-report-only same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d" date Mon, 02 Dec 2024 18:59:41 GMT x-xss-protection 0 content-type text/javascript; charset=utf-8 server ESF x-frame-options SAMEORIGIN
GET DATA	200 OK	truncated /	55 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 98a524a796d1f089581c1c2665417c6dfc8bd4e78673181fc08979314ded8cf8 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers Content-Type image/png
GET H2	404	terms-and-conditions Show response api.onboarding.bnz.testing.dancerace-apps.com/v1/prospect-client/enquiry/	59 B 603 B	49ms 48ms	XHR application/json	13.55.68.108 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.onboarding.bnz.testing.dancerace-apps.com/v1/prospect-client/enquiry/terms-and-conditions Requested by Host: onboarding.bnz.testing.dancerace-apps.com URL: https://onboarding.bnz.testing.dancerace-apps.com/index.9d3b31e2b153af526934.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 13.55.68.108 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-55-68-108.ap-southeast-2.compute.amazonaws.com Software / Resource Hash 0db779b2b133ab123a82127b13a308440cdc48a72f573fbc480846cbb1ae3233 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Accept application/json, text/plain, */* Referer https://onboarding.bnz.testing.dancerace-apps.com/ Response headers access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization strict-transport-security max-age=15724800; includeSubDomains access-control-max-age 1728000 cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache access-control-allow-credentials true x-content-type-options nosniff access-control-allow-methods GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD expires 0 access-control-allow-origin * date Mon, 02 Dec 2024 18:59:40 GMT x-xss-protection 0 content-type application/json vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-frame-options DENY
GET DATA	200 OK	truncated /	19 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 404e871f6b8dac259049a93978964225362d2c3845643470dbfe0ecfeec641af Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers Content-Type image/png
GET H2	200	Avenir-Next-Regular.90d46d7b0add16b98b8d9c4a89c7e3bf.woff2 onboarding.bnz.testing.dancerace-apps.com/assets/fonts/	34 KB 35 KB	12ms 11ms	Font font/woff2	3.105.254.250 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://onboarding.bnz.testing.dancerace-apps.com/assets/fonts/Avenir-Next-Regular.90d46d7b0add16b98b8d9c4a89c7e3bf.woff2 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 3.105.254.250 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-105-254-250.ap-southeast-2.compute.amazonaws.com Software / Resource Hash 15e77113e97ec57f9ddcc1e6e4e68e67c02f3ad2e479e97198917e9fc20f23c9 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://onboarding.bnz.testing.dancerace-apps.com Referer https://onboarding.bnz.testing.dancerace-apps.com/ Response headers strict-transport-security max-age=15724800; includeSubDomains access-control-max-age 1728000 cache-control no-cache, no-store etag "6737228f-8918" access-control-allow-credentials true access-control-allow-methods GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD expires Mon, 02 Dec 2024 18:59:39 GMT accept-ranges bytes access-control-allow-origin * content-length 35096 date Mon, 02 Dec 2024 18:59:40 GMT content-type font/woff2 last-modified Fri, 15 Nov 2024 10:29:35 GMT access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
GET H2	200	Avenir-Next-Demi.c50953e6ef474a870f2d6cd51046afed.woff2 onboarding.bnz.testing.dancerace-apps.com/assets/fonts/	35 KB 35 KB	15ms 14ms	Font font/woff2	3.105.254.250 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://onboarding.bnz.testing.dancerace-apps.com/assets/fonts/Avenir-Next-Demi.c50953e6ef474a870f2d6cd51046afed.woff2 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 3.105.254.250 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-105-254-250.ap-southeast-2.compute.amazonaws.com Software / Resource Hash 649ce3fc4a6477738bc0c5b69000127dcd7fc5452114007ee7fa782d64995749 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://onboarding.bnz.testing.dancerace-apps.com Referer https://onboarding.bnz.testing.dancerace-apps.com/ Response headers strict-transport-security max-age=15724800; includeSubDomains access-control-max-age 1728000 cache-control no-cache, no-store etag "6737228f-8b04" access-control-allow-credentials true access-control-allow-methods GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD expires Mon, 02 Dec 2024 18:59:39 GMT accept-ranges bytes access-control-allow-origin * content-length 35588 date Mon, 02 Dec 2024 18:59:40 GMT content-type font/woff2 last-modified Fri, 15 Nov 2024 10:29:35 GMT access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
GET H2	200	Avenir-Next-Bold.fc8db87cabfebd64f6b6413792737c2e.woff2 onboarding.bnz.testing.dancerace-apps.com/assets/fonts/	36 KB 37 KB	18ms 17ms	Font font/woff2	3.105.254.250 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://onboarding.bnz.testing.dancerace-apps.com/assets/fonts/Avenir-Next-Bold.fc8db87cabfebd64f6b6413792737c2e.woff2 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 3.105.254.250 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-105-254-250.ap-southeast-2.compute.amazonaws.com Software / Resource Hash c6efedecb2ea3d974b69ccec71582fefa14c310fef1f92232fcf34e9ce9d3b80 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://onboarding.bnz.testing.dancerace-apps.com Referer https://onboarding.bnz.testing.dancerace-apps.com/ Response headers strict-transport-security max-age=15724800; includeSubDomains access-control-max-age 1728000 cache-control no-cache, no-store etag "6737228f-91e4" access-control-allow-credentials true access-control-allow-methods GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD expires Mon, 02 Dec 2024 18:59:39 GMT accept-ranges bytes access-control-allow-origin * content-length 37348 date Mon, 02 Dec 2024 18:59:40 GMT content-type font/woff2 last-modified Fri, 15 Nov 2024 10:29:35 GMT access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
POST H2	200	/ Show response o385976.ingest.sentry.io/api/6055097/envelope/	41 B 340 B	35ms 6ms	Fetch application/json	34.120.195.249 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://o385976.ingest.sentry.io/api/6055097/envelope/?sentry_key=f073fe1329d9412a958ec6f1df5bad69&sentry_version=7&sentry_client=sentry.javascript.react%2F8.33.1 Requested by Host: onboarding.bnz.testing.dancerace-apps.com URL: https://onboarding.bnz.testing.dancerace-apps.com/index.9d3b31e2b153af526934.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 249.195.120.34.bc.googleusercontent.com Software nginx / Resource Hash cf08ca8318fd4926228d97679f88e29cce11516bf302c43acd09b9043fdbff06 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://onboarding.bnz.testing.dancerace-apps.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload access-control-expose-headers x-sentry-error,x-sentry-rate-limits,retry-after cross-origin-resource-policy cross-origin via 1.1 google access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 41 date Mon, 02 Dec 2024 18:59:40 GMT content-type application/json vary origin, access-control-request-method, access-control-request-headers server nginx
GET H3	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/	547 KB 216 KB	278ms 109ms	Script text/javascript	142.250.207.35 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.207.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt13s55-in-f3.1e100.net Software sffe / Resource Hash 73dd640564004ec8730e7f3433b9dfaa6876ac3a27e6964a17834f07f6d56116 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://onboarding.bnz.testing.dancerace-apps.com Referer https://onboarding.bnz.testing.dancerace-apps.com/ Response headers content-encoding gzip age 3780 report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} x-content-type-options nosniff expires Tue, 02 Dec 2025 17:56:41 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 02 Dec 2024 17:56:41 GMT last-modified Mon, 11 Nov 2024 05:00:22 GMT content-type text/javascript vary Accept-Encoding cache-control public, max-age=31536000 cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha accept-ranges bytes access-control-allow-origin * content-length 220753 x-xss-protection 0 server sffe
POST H2	200	/ Show response o385976.ingest.sentry.io/api/6055097/envelope/	41 B 95 B	12ms 8ms	Fetch application/json	34.120.195.249 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://o385976.ingest.sentry.io/api/6055097/envelope/?sentry_key=f073fe1329d9412a958ec6f1df5bad69&sentry_version=7&sentry_client=sentry.javascript.react%2F8.33.1 Requested by Host: onboarding.bnz.testing.dancerace-apps.com URL: https://onboarding.bnz.testing.dancerace-apps.com/index.9d3b31e2b153af526934.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 249.195.120.34.bc.googleusercontent.com Software nginx / Resource Hash a5e2fceed0bf50dd8190d58e46a5a2d5fb25b52596f10375271c92c43aed3b77 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://onboarding.bnz.testing.dancerace-apps.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload access-control-expose-headers x-sentry-error,x-sentry-rate-limits,retry-after cross-origin-resource-policy cross-origin via 1.1 google access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 41 date Mon, 02 Dec 2024 18:59:41 GMT content-type application/json vary origin, access-control-request-method, access-control-request-headers server nginx
GET H3	200	anchor www.google.com/recaptcha/api2/ Frame 5D52	0 0	405ms 196ms	Document text/html	142.251.42.196 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld9j9wUAAAAAK3SjLr3R7kNrUZWqd3fIeDC_6nj&co=aHR0cHM6Ly9vbmJvYXJkaW5nLmJuei50ZXN0aW5nLmRhbmNlcmFjZS1hcHBzLmNvbTo0NDM.&hl=en&type=image&v=pPK749sccDmVW_9DSeTMVvh2&theme=light&size=normal&badge=bottomright&cb=8753kqnbigd Requested by Host: onboarding.bnz.testing.dancerace-apps.com URL: https://onboarding.bnz.testing.dancerace-apps.com/index.9d3b31e2b153af526934.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.42.196 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS nrt12s47-in-f4.1e100.net Software ESF / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-qYSSmzNGpsackwLM-V3mSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://onboarding.bnz.testing.dancerace-apps.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-qYSSmzNGpsackwLM-V3mSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy-report-only same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d" cross-origin-resource-policy cross-origin date Mon, 02 Dec 2024 18:59:42 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]} server ESF x-content-type-options nosniff x-xss-protection 0
GET H3	200	bframe www.google.com/recaptcha/api2/ Frame 4BFD	0 0	173ms 173ms	Document text/html	142.251.42.196 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/bframe?hl=en&v=pPK749sccDmVW_9DSeTMVvh2&k=6Ld9j9wUAAAAAK3SjLr3R7kNrUZWqd3fIeDC_6nj Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__en.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.42.196 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS nrt12s47-in-f4.1e100.net Software ESF / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-rnAmv29ra91GXxPi_oZfSg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://onboarding.bnz.testing.dancerace-apps.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-rnAmv29ra91GXxPi_oZfSg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy-report-only same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d" cross-origin-resource-policy cross-origin date Mon, 02 Dec 2024 18:59:43 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]} server ESF x-content-type-options nosniff x-xss-protection 0

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| __SENTRY__ number| 2f1acc6c3a606b082e5eef5e54414ffb function| _ function| setImmediate function| clearImmediate object| Dancerace object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_290286

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.onboarding.bnz.testing.dancerace-apps.com/v1/prospect-client/enquiry/terms-and-conditions Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.onboarding.bnz.testing.dancerace-apps.com
api.sso.ap-southeast-2.testing.dancerace-apps.com
o385976.ingest.sentry.io
onboarding.bnz.testing.dancerace-apps.com
www.google.com
www.gstatic.com
13.55.68.108
142.250.207.35
142.251.42.196
3.105.254.250
34.120.195.249
0781116351275f1c9d97818c6b40d4b90f97fc3a015d22bcb8e6ac1c8ac1562e
0785113fb54d08b4df8ec56de17ee5c2840790a9b896ebb8e7e20270f2159fa7
0db779b2b133ab123a82127b13a308440cdc48a72f573fbc480846cbb1ae3233
15e77113e97ec57f9ddcc1e6e4e68e67c02f3ad2e479e97198917e9fc20f23c9
3e3b9b0a9a71e6c1caae0011805210efeefc80523cd8b18d67cb488be9a69fd2
404e871f6b8dac259049a93978964225362d2c3845643470dbfe0ecfeec641af
649ce3fc4a6477738bc0c5b69000127dcd7fc5452114007ee7fa782d64995749
6a7f6ab5be82636002ead6792d16a16458970b649d0d5db297946cd1e5db9317
73dd640564004ec8730e7f3433b9dfaa6876ac3a27e6964a17834f07f6d56116
7f4c1434375ef40284b0dcebb76609b5b412a37492963497d9dcd68a8ce49758
98a524a796d1f089581c1c2665417c6dfc8bd4e78673181fc08979314ded8cf8
a5e2fceed0bf50dd8190d58e46a5a2d5fb25b52596f10375271c92c43aed3b77
a7ad4498b07a976eb251e7d2caeef268235baeb42d03d7d1948a2a7e2e96eaa7
c6efedecb2ea3d974b69ccec71582fefa14c310fef1f92232fcf34e9ce9d3b80
cf08ca8318fd4926228d97679f88e29cce11516bf302c43acd09b9043fdbff06