business.itsdino-qa.com Open in urlscan Pro
18.185.244.112 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://business.itsdino-qa.com/
Submission: On March 30 via manual (March 30th 2023, 3:50:04 am UTC) from BR — Scanned from DE

Summary HTTP 14 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 14 HTTP transactions. The main IP is 18.185.244.112, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is business.itsdino-qa.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 13th 2023. Valid for: a year.

This is the only time business.itsdino-qa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	18.185.244.112 18.185.244.112	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:400... 2a04:4e42:400::282	54113 (FASTLY) (FASTLY)
2	13.32.121.11 13.32.121.11	16509 (AMAZON-02) (AMAZON-02)
2	18.196.66.91 18.196.66.91	16509 (AMAZON-02) (AMAZON-02)
14	4

9 18.185.244.112 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-244-112.eu-central-1.compute.amazonaws.com

business.itsdino-qa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-11.fra60.r.cloudfront.net

assets.cake.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.66.91 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-66-91.eu-central-1.compute.amazonaws.com

partner-api.itsdino-qa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	itsdino-qa.com business.itsdino-qa.com partner-api.itsdino-qa.com	962 KB
2	cake.app assets.cake.app	2 KB
1	polyfill.io polyfill.io — Cisco Umbrella Rank: 1464	653 B
14	3

	Domain	Requested by
9	business.itsdino-qa.com	business.itsdino-qa.com
2	partner-api.itsdino-qa.com	business.itsdino-qa.com
2	assets.cake.app	business.itsdino-qa.com assets.cake.app
1	polyfill.io	business.itsdino-qa.com
14	4

This site contains links to these domains. Also see Links.

Domain
cake.app

Subject Issuer	Validity	Valid
itsdino-qa.com Amazon RSA 2048 M01	`2023-02-13` - `2024-02-13`	a year	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-10` - `2024-01-11`	a year	crt.sh
assets.cake.app Amazon RSA 2048 M01	`2023-02-24` - `2023-08-14`	6 months	crt.sh

This page contains 2 frames:

Primary Page: https://business.itsdino-qa.com/
Frame ID: 53172069D82C02EE634F47B6BEC9B75D
Requests: 11 HTTP requests in this frame

Frame: https://assets.cake.app/cookie-check/complete.html
Frame ID: 9FE429A4B27DF92ADD4AF20D8BF9DF6D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign In • Cake for Business

Detected technologies

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Page Statistics

14
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

964 kB
Transfer

3598 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://cake.app/business/terms-and-conditions
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://cake.app/business/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
business.itsdino-qa.com/ 1 KB
2 KB 117ms
41ms Document
text/html 18.185.244.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://business.itsdino-qa.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.185.244.112 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-185-244-112.eu-central-1.compute.amazonaws.com

Software

envoy /

Resource Hash

cf667508ac89828cbbab0a0ecccb3400a9a0104a19f436fb9072f3a3618300c2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; base-uri 'self'; connect-src 'self' https://dino-public-s3-qa.s3.eu-central-1.amazonaws.com/ https://maps.googleapis.com/maps/api/ https://gitlab.com/api/v4/feature_flags/unleash/10353594/ https://partner-api.itsdino-qa.com https://partner-banks-api.itsdino-qa.com https://cognito-idp.eu-central-1.amazonaws.com https://dino-saurus.onelogin.com; script-src 'self' 'sha256-XnSj7Ro80Dq2JK3UPh7IGzcOg4HPB1I25M7yPe4LDSI=' 'sha256-D6kpIX0A4TTsmvxfEpOpkS2C/u3VGN/Hbjf0UwftoVg=' https://polyfill.io/v3/ https://maps.googleapis.com/maps/ https://maps.googleapis.com/maps-api-v3/; child-src 'self'; form-action 'self' ; img-src 'self' blob: data: https://assets.cake.app https://assets.itsdino-qa.com https://cake.eu.looker.com https://maps.gstatic.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com https://github.com/ixahmedxi/circular-std/blob/master/fonts/; frame-ancestors 'self'; frame-src 'self' https://assets.cake.app https://cake.eu.looker.com; object-src 'none'; worker-src 'self' blob:; manifest-src 'self'; media-src 'self'; prefetch-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-security-policy: upgrade-insecure-requests; default-src 'self'; base-uri 'self'; connect-src 'self' https://dino-public-s3-qa.s3.eu-central-1.amazonaws.com/ https://maps.googleapis.com/maps/api/ https://gitlab.com/api/v4/feature_flags/unleash/10353594/ https://partner-api.itsdino-qa.com https://partner-banks-api.itsdino-qa.com https://cognito-idp.eu-central-1.amazonaws.com https://dino-saurus.onelogin.com; script-src 'self' 'sha256-XnSj7Ro80Dq2JK3UPh7IGzcOg4HPB1I25M7yPe4LDSI=' 'sha256-D6kpIX0A4TTsmvxfEpOpkS2C/u3VGN/Hbjf0UwftoVg=' https://polyfill.io/v3/ https://maps.googleapis.com/maps/ https://maps.googleapis.com/maps-api-v3/; child-src 'self'; form-action 'self' ; img-src 'self' blob: data: https://assets.cake.app https://assets.itsdino-qa.com https://cake.eu.looker.com https://maps.gstatic.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com https://github.com/ixahmedxi/circular-std/blob/master/fonts/; frame-ancestors 'self'; frame-src 'self' https://assets.cake.app https://cake.eu.looker.com; object-src 'none'; worker-src 'self' blob:; manifest-src 'self'; media-src 'self'; prefetch-src 'self'
content-type: text/html
date: Thu, 30 Mar 2023 03:49:57 GMT
etag: W/"641affb7-598"
expect-ct: max-age=86400, enforce
last-modified: Wed, 22 Mar 2023 13:16:39 GMT
permissions-policy: autoplay=(self), camera=(self), encrypted-media=(), fullscreen=(), geolocation=(self), microphone=(), midi=(), payment=()
referrer-policy: no-referrer
server: envoy
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 0
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 101 B
653 B 90ms
27ms Script
text/javascript 2a04:4e42:400::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js

Requested by

Host: business.itsdino-qa.com
URL: https://business.itsdino-qa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 30 Mar 2023 03:49:57 GMT
age: 3081492
detected-user-agent: Chrome Mobile/111.0.0
useragent_normaliser: chrome/111.0.0
server-timing: HIT, fastly;desc="Edge time";dur=0
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 113
referrer-policy: origin-when-cross-origin
last-modified: Wed, 22 Feb 2023 11:03:04 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
normalized-user-agent: chrome/111.0.0
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 main.946e155c.js Show response
business.itsdino-qa.com/static/js/ 3 MB
696 KB 75ms
74ms Script
application/javascript 18.185.244.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://business.itsdino-qa.com/static/js/main.946e155c.js

Requested by

Host: business.itsdino-qa.com
URL: https://business.itsdino-qa.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.185.244.112 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-185-244-112.eu-central-1.compute.amazonaws.com

Software

envoy /

Resource Hash

5ca6aa93a1b018626d9f2af25be3e410a598e66d319c82d67fab50130b5c62da

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; base-uri 'self'; connect-src 'self' https://dino-public-s3-qa.s3.eu-central-1.amazonaws.com/ https://maps.googleapis.com/maps/api/ https://gitlab.com/api/v4/feature_flags/unleash/10353594/ https://partner-api.itsdino-qa.com https://partner-banks-api.itsdino-qa.com https://cognito-idp.eu-central-1.amazonaws.com https://dino-saurus.onelogin.com; script-src 'self' 'sha256-XnSj7Ro80Dq2JK3UPh7IGzcOg4HPB1I25M7yPe4LDSI=' 'sha256-D6kpIX0A4TTsmvxfEpOpkS2C/u3VGN/Hbjf0UwftoVg=' https://polyfill.io/v3/ https://maps.googleapis.com/maps/ https://maps.googleapis.com/maps-api-v3/; child-src 'self'; form-action 'self' ; img-src 'self' blob: data: https://assets.cake.app https://assets.itsdino-qa.com https://cake.eu.looker.com https://maps.gstatic.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com https://github.com/ixahmedxi/circular-std/blob/master/fonts/; frame-ancestors 'self'; frame-src 'self' https://assets.cake.app https://cake.eu.looker.com; object-src 'none'; worker-src 'self' blob:; manifest-src 'self'; media-src 'self'; prefetch-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 03:49:57 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; base-uri 'self'; connect-src 'self' https://dino-public-s3-qa.s3.eu-central-1.amazonaws.com/ https://maps.googleapis.com/maps/api/ https://gitlab.com/api/v4/feature_flags/unleash/10353594/ https://partner-api.itsdino-qa.com https://partner-banks-api.itsdino-qa.com https://cognito-idp.eu-central-1.amazonaws.com https://dino-saurus.onelogin.com; script-src 'self' 'sha256-XnSj7Ro80Dq2JK3UPh7IGzcOg4HPB1I25M7yPe4LDSI=' 'sha256-D6kpIX0A4TTsmvxfEpOpkS2C/u3VGN/Hbjf0UwftoVg=' https://polyfill.io/v3/ https://maps.googleapis.com/maps/ https://maps.googleapis.com/maps-api-v3/; child-src 'self'; form-action 'self' ; img-src 'self' blob: data: https://assets.cake.app https://assets.itsdino-qa.com https://cake.eu.looker.com https://maps.gstatic.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com https://github.com/ixahmedxi/circular-std/blob/master/fonts/; frame-ancestors 'self'; frame-src 'self' https://assets.cake.app https://cake.eu.looker.com; object-src 'none'; worker-src 'self' blob:; manifest-src 'self'; media-src 'self'; prefetch-src 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-envoy-upstream-service-time: 0
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 22 Mar 2023 13:16:39 GMT
server: envoy
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
permissions-policy: autoplay=(self), camera=(self), encrypted-media=(), fullscreen=(), geolocation=(self), microphone=(), midi=(), payment=()
accept-ranges: bytes

GET
H2 200 main.e46ecf6b.css
business.itsdino-qa.com/static/css/ 484 KB
79 KB 47ms
47ms Stylesheet
text/css 18.185.244.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://business.itsdino-qa.com/static/css/main.e46ecf6b.css

Requested by

Host: business.itsdino-qa.com
URL: https://business.itsdino-qa.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.185.244.112 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-185-244-112.eu-central-1.compute.amazonaws.com

Software

envoy /

Resource Hash

6f054ca1bdca1e84df35ab2dff08f7639a18f44300674e70a04a771008ec0c0f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; base-uri 'self'; connect-src 'self' https://dino-public-s3-qa.s3.eu-central-1.amazonaws.com/ https://maps.googleapis.com/maps/api/ https://gitlab.com/api/v4/feature_flags/unleash/10353594/ https://partner-api.itsdino-qa.com https://partner-banks-api.itsdino-qa.com https://cognito-idp.eu-central-1.amazonaws.com https://dino-saurus.onelogin.com; script-src 'self' 'sha256-XnSj7Ro80Dq2JK3UPh7IGzcOg4HPB1I25M7yPe4LDSI=' 'sha256-D6kpIX0A4TTsmvxfEpOpkS2C/u3VGN/Hbjf0UwftoVg=' https://polyfill.io/v3/ https://maps.googleapis.com/maps/ https://maps.googleapis.com/maps-api-v3/; child-src 'self'; form-action 'self' ; img-src 'self' blob: data: https://assets.cake.app https://assets.itsdino-qa.com https://cake.eu.looker.com https://maps.gstatic.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com https://github.com/ixahmedxi/circular-std/blob/master/fonts/; frame-ancestors 'self'; frame-src 'self' https://assets.cake.app https://cake.eu.looker.com; object-src 'none'; worker-src 'self' blob:; manifest-src 'self'; media-src 'self'; prefetch-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 03:49:57 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; base-uri 'self'; connect-src 'self' https://dino-public-s3-qa.s3.eu-central-1.amazonaws.com/ https://maps.googleapis.com/maps/api/ https://gitlab.com/api/v4/feature_flags/unleash/10353594/ https://partner-api.itsdino-qa.com https://partner-banks-api.itsdino-qa.com https://cognito-idp.eu-central-1.amazonaws.com https://dino-saurus.onelogin.com; script-src 'self' 'sha256-XnSj7Ro80Dq2JK3UPh7IGzcOg4HPB1I25M7yPe4LDSI=' 'sha256-D6kpIX0A4TTsmvxfEpOpkS2C/u3VGN/Hbjf0UwftoVg=' https://polyfill.io/v3/ https://maps.googleapis.com/maps/ https://maps.googleapis.com/maps-api-v3/; child-src 'self'; form-action 'self' ; img-src 'self' blob: data: https://assets.cake.app https://assets.itsdino-qa.com https://cake.eu.looker.com https://maps.gstatic.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com https://github.com/ixahmedxi/circular-std/blob/master/fonts/; frame-ancestors 'self'; frame-src 'self' https://assets.cake.app https://cake.eu.looker.com; object-src 'none'; worker-src 'self' blob:; manifest-src 'self'; media-src 'self'; prefetch-src 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-envoy-upstream-service-time: 1
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 22 Mar 2023 13:16:39 GMT
server: envoy
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
permissions-policy: autoplay=(self), camera=(self), encrypted-media=(), fullscreen=(), geolocation=(self), microphone=(), midi=(), payment=()
accept-ranges: bytes

GET
H2 200 start.html Show response
assets.cake.app/cookie-check/ Frame 9FE4 359 B
719 B 222ms
78ms Document
text/html 13.32.121.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.cake.app/cookie-check/start.html
Requested by: Host: business.itsdino-qa.com
URL: https://business.itsdino-qa.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1f79d88026739a09d4d1c09940f6ee868047ac2c0d1986d97c50ad367e3a9620

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-length: 359
content-type: text/html
date: Thu, 30 Mar 2023 03:49:58 GMT
etag: "fff7a7f9fdab3b8265eff16db5dd072c"
last-modified: Tue, 15 Sep 2020 09:52:19 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
x-amz-cf-id: _Ah6VLER2yrK_mt3APLiPP_xrbPFrEPmXoRsdv07cQrzoPsk2yJtXQ==
x-amz-cf-pop: FRA60-P1
x-amz-version-id: null
x-cache: RefreshHit from cloudfront

OPTIONS
H2 200 features
partner-api.itsdino-qa.com/v1/feature-flags/client/ Frame 0
0 119ms
41ms Preflight 18.196.66.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://partner-api.itsdino-qa.com/v1/feature-flags/client/features

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.196.66.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-196-66-91.eu-central-1.compute.amazonaws.com

Software

envoy /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,unleash-appname,unleash-instanceid
Access-Control-Request-Method: GET
Origin: https://business.itsdino-qa.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-headers: content-type, unleash-appname, unleash-instanceid
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE
access-control-allow-origin: https://business.itsdino-qa.com
access-control-max-age: 1800
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Thu, 30 Mar 2023 03:49:57 GMT
expires: 0
pragma: no-cache
server: envoy
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 81.92048dfe.chunk.js Show response
business.itsdino-qa.com/static/js/ 199 B
1 KB 41ms
41ms Script
application/javascript 18.185.244.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://business.itsdino-qa.com/static/js/81.92048dfe.chunk.js

Requested by

Host: business.itsdino-qa.com
URL: https://business.itsdino-qa.com/static/js/main.946e155c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.185.244.112 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-185-244-112.eu-central-1.compute.amazonaws.com

Software

envoy /

Resource Hash

97c9e46604f395ce09eccccb841384e11f3dfbb0970bb6d638d3fa925ebecb34

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; base-uri 'self'; connect-src 'self' https://dino-public-s3-qa.s3.eu-central-1.amazonaws.com/ https://maps.googleapis.com/maps/api/ https://gitlab.com/api/v4/feature_flags/unleash/10353594/ https://partner-api.itsdino-qa.com https://partner-banks-api.itsdino-qa.com https://cognito-idp.eu-central-1.amazonaws.com https://dino-saurus.onelogin.com; script-src 'self' 'sha256-XnSj7Ro80Dq2JK3UPh7IGzcOg4HPB1I25M7yPe4LDSI=' 'sha256-D6kpIX0A4TTsmvxfEpOpkS2C/u3VGN/Hbjf0UwftoVg=' https://polyfill.io/v3/ https://maps.googleapis.com/maps/ https://maps.googleapis.com/maps-api-v3/; child-src 'self'; form-action 'self' ; img-src 'self' blob: data: https://assets.cake.app https://assets.itsdino-qa.com https://cake.eu.looker.com https://maps.gstatic.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com https://github.com/ixahmedxi/circular-std/blob/master/fonts/; frame-ancestors 'self'; frame-src 'self' https://assets.cake.app https://cake.eu.looker.com; object-src 'none'; worker-src 'self' blob:; manifest-src 'self'; media-src 'self'; prefetch-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 03:49:57 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; base-uri 'self'; connect-src 'self' https://dino-public-s3-qa.s3.eu-central-1.amazonaws.com/ https://maps.googleapis.com/maps/api/ https://gitlab.com/api/v4/feature_flags/unleash/10353594/ https://partner-api.itsdino-qa.com https://partner-banks-api.itsdino-qa.com https://cognito-idp.eu-central-1.amazonaws.com https://dino-saurus.onelogin.com; script-src 'self' 'sha256-XnSj7Ro80Dq2JK3UPh7IGzcOg4HPB1I25M7yPe4LDSI=' 'sha256-D6kpIX0A4TTsmvxfEpOpkS2C/u3VGN/Hbjf0UwftoVg=' https://polyfill.io/v3/ https://maps.googleapis.com/maps/ https://maps.googleapis.com/maps-api-v3/; child-src 'self'; form-action 'self' ; img-src 'self' blob: data: https://assets.cake.app https://assets.itsdino-qa.com https://cake.eu.looker.com https://maps.gstatic.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com https://github.com/ixahmedxi/circular-std/blob/master/fonts/; frame-ancestors 'self'; frame-src 'self' https://assets.cake.app https://cake.eu.looker.com; object-src 'none'; worker-src 'self' blob:; manifest-src 'self'; media-src 'self'; prefetch-src 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-envoy-upstream-service-time: 0
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 22 Mar 2023 13:16:39 GMT
server: envoy
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
permissions-policy: autoplay=(self), camera=(self), encrypted-media=(), fullscreen=(), geolocation=(self), microphone=(), midi=(), payment=()
accept-ranges: bytes

GET
H2 200 features Show response
partner-api.itsdino-qa.com/v1/feature-flags/client/ 2 KB
764 B 278ms
269ms Fetch
application/json 18.196.66.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://partner-api.itsdino-qa.com/v1/feature-flags/client/features

Requested by

Host: business.itsdino-qa.com
URL: https://business.itsdino-qa.com/static/js/main.946e155c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.196.66.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-196-66-91.eu-central-1.compute.amazonaws.com

Software

envoy /

Resource Hash

3335259296357dcface02f1b52e99cbece2561325ba9d4239d0b232b1a489f71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

UNLEASH-APPNAME: INTERNAL
UNLEASH-INSTANCEID: INTERNAL
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 30 Mar 2023 03:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: envoy
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: https://business.itsdino-qa.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-envoy-upstream-service-time: 241
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 background-cake.7fce8b4c1d18d3081e6c.svg
business.itsdino-qa.com/static/media/ 1 KB
2 KB 57ms
56ms Image
image/svg+xml 18.185.244.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://business.itsdino-qa.com/static/media/background-cake.7fce8b4c1d18d3081e6c.svg

Requested by

Host: business.itsdino-qa.com
URL: https://business.itsdino-qa.com/static/css/main.e46ecf6b.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.185.244.112 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-185-244-112.eu-central-1.compute.amazonaws.com

Software

envoy /

Resource Hash

35a2fb0b11b3cb54aae04531cf11180cddd9984cfaef634ca8b1dfbd5f997a13

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; base-uri 'self'; connect-src 'self' https://dino-public-s3-qa.s3.eu-central-1.amazonaws.com/ https://maps.googleapis.com/maps/api/ https://gitlab.com/api/v4/feature_flags/unleash/10353594/ https://partner-api.itsdino-qa.com https://partner-banks-api.itsdino-qa.com https://cognito-idp.eu-central-1.amazonaws.com https://dino-saurus.onelogin.com; script-src 'self' 'sha256-XnSj7Ro80Dq2JK3UPh7IGzcOg4HPB1I25M7yPe4LDSI=' 'sha256-D6kpIX0A4TTsmvxfEpOpkS2C/u3VGN/Hbjf0UwftoVg=' https://polyfill.io/v3/ https://maps.googleapis.com/maps/ https://maps.googleapis.com/maps-api-v3/; child-src 'self'; form-action 'self' ; img-src 'self' blob: data: https://assets.cake.app https://assets.itsdino-qa.com https://cake.eu.looker.com https://maps.gstatic.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com https://github.com/ixahmedxi/circular-std/blob/master/fonts/; frame-ancestors 'self'; frame-src 'self' https://assets.cake.app https://cake.eu.looker.com; object-src 'none'; worker-src 'self' blob:; manifest-src 'self'; media-src 'self'; prefetch-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 03:49:57 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; base-uri 'self'; connect-src 'self' https://dino-public-s3-qa.s3.eu-central-1.amazonaws.com/ https://maps.googleapis.com/maps/api/ https://gitlab.com/api/v4/feature_flags/unleash/10353594/ https://partner-api.itsdino-qa.com https://partner-banks-api.itsdino-qa.com https://cognito-idp.eu-central-1.amazonaws.com https://dino-saurus.onelogin.com; script-src 'self' 'sha256-XnSj7Ro80Dq2JK3UPh7IGzcOg4HPB1I25M7yPe4LDSI=' 'sha256-D6kpIX0A4TTsmvxfEpOpkS2C/u3VGN/Hbjf0UwftoVg=' https://polyfill.io/v3/ https://maps.googleapis.com/maps/ https://maps.googleapis.com/maps-api-v3/; child-src 'self'; form-action 'self' ; img-src 'self' blob: data: https://assets.cake.app https://assets.itsdino-qa.com https://cake.eu.looker.com https://maps.gstatic.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com https://github.com/ixahmedxi/circular-std/blob/master/fonts/; frame-ancestors 'self'; frame-src 'self' https://assets.cake.app https://cake.eu.looker.com; object-src 'none'; worker-src 'self' blob:; manifest-src 'self'; media-src 'self'; prefetch-src 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-envoy-upstream-service-time: 0
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 22 Mar 2023 13:16:39 GMT
server: envoy
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
permissions-policy: autoplay=(self), camera=(self), encrypted-media=(), fullscreen=(), geolocation=(self), microphone=(), midi=(), payment=()
accept-ranges: bytes

GET
H2 200 lineto-circular-book.5b0e4a984d88022c145a.woff2
business.itsdino-qa.com/static/media/ 50 KB
51 KB 57ms
57ms Font
font/woff2 18.185.244.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://business.itsdino-qa.com/static/media/lineto-circular-book.5b0e4a984d88022c145a.woff2

Requested by

Host: business.itsdino-qa.com
URL: https://business.itsdino-qa.com/static/css/main.e46ecf6b.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.185.244.112 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-185-244-112.eu-central-1.compute.amazonaws.com

Software

envoy /

Resource Hash

39c5d1ed54e49102939d0280aeb20f01ef021bf5ffa74dc25fcafb43fce62ff3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; base-uri 'self'; connect-src 'self' https://dino-public-s3-qa.s3.eu-central-1.amazonaws.com/ https://maps.googleapis.com/maps/api/ https://gitlab.com/api/v4/feature_flags/unleash/10353594/ https://partner-api.itsdino-qa.com https://partner-banks-api.itsdino-qa.com https://cognito-idp.eu-central-1.amazonaws.com https://dino-saurus.onelogin.com; script-src 'self' 'sha256-XnSj7Ro80Dq2JK3UPh7IGzcOg4HPB1I25M7yPe4LDSI=' 'sha256-D6kpIX0A4TTsmvxfEpOpkS2C/u3VGN/Hbjf0UwftoVg=' https://polyfill.io/v3/ https://maps.googleapis.com/maps/ https://maps.googleapis.com/maps-api-v3/; child-src 'self'; form-action 'self' ; img-src 'self' blob: data: https://assets.cake.app https://assets.itsdino-qa.com https://cake.eu.looker.com https://maps.gstatic.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com https://github.com/ixahmedxi/circular-std/blob/master/fonts/; frame-ancestors 'self'; frame-src 'self' https://assets.cake.app https://cake.eu.looker.com; object-src 'none'; worker-src 'self' blob:; manifest-src 'self'; media-src 'self'; prefetch-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://business.itsdino-qa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 03:49:57 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; base-uri 'self'; connect-src 'self' https://dino-public-s3-qa.s3.eu-central-1.amazonaws.com/ https://maps.googleapis.com/maps/api/ https://gitlab.com/api/v4/feature_flags/unleash/10353594/ https://partner-api.itsdino-qa.com https://partner-banks-api.itsdino-qa.com https://cognito-idp.eu-central-1.amazonaws.com https://dino-saurus.onelogin.com; script-src 'self' 'sha256-XnSj7Ro80Dq2JK3UPh7IGzcOg4HPB1I25M7yPe4LDSI=' 'sha256-D6kpIX0A4TTsmvxfEpOpkS2C/u3VGN/Hbjf0UwftoVg=' https://polyfill.io/v3/ https://maps.googleapis.com/maps/ https://maps.googleapis.com/maps-api-v3/; child-src 'self'; form-action 'self' ; img-src 'self' blob: data: https://assets.cake.app https://assets.itsdino-qa.com https://cake.eu.looker.com https://maps.gstatic.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com https://github.com/ixahmedxi/circular-std/blob/master/fonts/; frame-ancestors 'self'; frame-src 'self' https://assets.cake.app https://cake.eu.looker.com; object-src 'none'; worker-src 'self' blob:; manifest-src 'self'; media-src 'self'; prefetch-src 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-envoy-upstream-service-time: 0
content-length: 51112
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 22 Mar 2023 13:16:39 GMT
server: envoy
etag: "641affb7-c7a8"
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
content-type: font/woff2
permissions-policy: autoplay=(self), camera=(self), encrypted-media=(), fullscreen=(), geolocation=(self), microphone=(), midi=(), payment=()
accept-ranges: bytes

GET
H2 200 bootstrap-icons.b2e5aab643c6f0fd2da6.woff2
business.itsdino-qa.com/static/media/ 118 KB
120 KB 47ms
47ms Font
font/woff2 18.185.244.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://business.itsdino-qa.com/static/media/bootstrap-icons.b2e5aab643c6f0fd2da6.woff2

Requested by

Host: business.itsdino-qa.com
URL: https://business.itsdino-qa.com/static/css/main.e46ecf6b.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.185.244.112 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-185-244-112.eu-central-1.compute.amazonaws.com

Software

envoy /

Resource Hash

966620f9e3bec428663687f9e8d67a6b8e35d79adebf6fb204e9b139eada7599

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; base-uri 'self'; connect-src 'self' https://dino-public-s3-qa.s3.eu-central-1.amazonaws.com/ https://maps.googleapis.com/maps/api/ https://gitlab.com/api/v4/feature_flags/unleash/10353594/ https://partner-api.itsdino-qa.com https://partner-banks-api.itsdino-qa.com https://cognito-idp.eu-central-1.amazonaws.com https://dino-saurus.onelogin.com; script-src 'self' 'sha256-XnSj7Ro80Dq2JK3UPh7IGzcOg4HPB1I25M7yPe4LDSI=' 'sha256-D6kpIX0A4TTsmvxfEpOpkS2C/u3VGN/Hbjf0UwftoVg=' https://polyfill.io/v3/ https://maps.googleapis.com/maps/ https://maps.googleapis.com/maps-api-v3/; child-src 'self'; form-action 'self' ; img-src 'self' blob: data: https://assets.cake.app https://assets.itsdino-qa.com https://cake.eu.looker.com https://maps.gstatic.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com https://github.com/ixahmedxi/circular-std/blob/master/fonts/; frame-ancestors 'self'; frame-src 'self' https://assets.cake.app https://cake.eu.looker.com; object-src 'none'; worker-src 'self' blob:; manifest-src 'self'; media-src 'self'; prefetch-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://business.itsdino-qa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 03:49:57 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; base-uri 'self'; connect-src 'self' https://dino-public-s3-qa.s3.eu-central-1.amazonaws.com/ https://maps.googleapis.com/maps/api/ https://gitlab.com/api/v4/feature_flags/unleash/10353594/ https://partner-api.itsdino-qa.com https://partner-banks-api.itsdino-qa.com https://cognito-idp.eu-central-1.amazonaws.com https://dino-saurus.onelogin.com; script-src 'self' 'sha256-XnSj7Ro80Dq2JK3UPh7IGzcOg4HPB1I25M7yPe4LDSI=' 'sha256-D6kpIX0A4TTsmvxfEpOpkS2C/u3VGN/Hbjf0UwftoVg=' https://polyfill.io/v3/ https://maps.googleapis.com/maps/ https://maps.googleapis.com/maps-api-v3/; child-src 'self'; form-action 'self' ; img-src 'self' blob: data: https://assets.cake.app https://assets.itsdino-qa.com https://cake.eu.looker.com https://maps.gstatic.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com https://github.com/ixahmedxi/circular-std/blob/master/fonts/; frame-ancestors 'self'; frame-src 'self' https://assets.cake.app https://cake.eu.looker.com; object-src 'none'; worker-src 'self' blob:; manifest-src 'self'; media-src 'self'; prefetch-src 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-envoy-upstream-service-time: 0
content-length: 121296
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 22 Mar 2023 13:16:39 GMT
server: envoy
etag: "641affb7-1d9d0"
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
content-type: font/woff2
permissions-policy: autoplay=(self), camera=(self), encrypted-media=(), fullscreen=(), geolocation=(self), microphone=(), midi=(), payment=()
accept-ranges: bytes

GET
H2 200 illu_login_lock.svg
business.itsdino-qa.com/img/illustrations/ 7 KB
4 KB 60ms
38ms Image
image/svg+xml 18.185.244.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://business.itsdino-qa.com/img/illustrations/illu_login_lock.svg

Requested by

Host: business.itsdino-qa.com
URL: https://business.itsdino-qa.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.185.244.112 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-185-244-112.eu-central-1.compute.amazonaws.com

Software

envoy /

Resource Hash

5ee7597b9fadcea84a1d6eae0e5c5bf3bee553c6abccbb6556973157d9d4c51e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; base-uri 'self'; connect-src 'self' https://dino-public-s3-qa.s3.eu-central-1.amazonaws.com/ https://maps.googleapis.com/maps/api/ https://gitlab.com/api/v4/feature_flags/unleash/10353594/ https://partner-api.itsdino-qa.com https://partner-banks-api.itsdino-qa.com https://cognito-idp.eu-central-1.amazonaws.com https://dino-saurus.onelogin.com; script-src 'self' 'sha256-XnSj7Ro80Dq2JK3UPh7IGzcOg4HPB1I25M7yPe4LDSI=' 'sha256-D6kpIX0A4TTsmvxfEpOpkS2C/u3VGN/Hbjf0UwftoVg=' https://polyfill.io/v3/ https://maps.googleapis.com/maps/ https://maps.googleapis.com/maps-api-v3/; child-src 'self'; form-action 'self' ; img-src 'self' blob: data: https://assets.cake.app https://assets.itsdino-qa.com https://cake.eu.looker.com https://maps.gstatic.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com https://github.com/ixahmedxi/circular-std/blob/master/fonts/; frame-ancestors 'self'; frame-src 'self' https://assets.cake.app https://cake.eu.looker.com; object-src 'none'; worker-src 'self' blob:; manifest-src 'self'; media-src 'self'; prefetch-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 03:49:57 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; base-uri 'self'; connect-src 'self' https://dino-public-s3-qa.s3.eu-central-1.amazonaws.com/ https://maps.googleapis.com/maps/api/ https://gitlab.com/api/v4/feature_flags/unleash/10353594/ https://partner-api.itsdino-qa.com https://partner-banks-api.itsdino-qa.com https://cognito-idp.eu-central-1.amazonaws.com https://dino-saurus.onelogin.com; script-src 'self' 'sha256-XnSj7Ro80Dq2JK3UPh7IGzcOg4HPB1I25M7yPe4LDSI=' 'sha256-D6kpIX0A4TTsmvxfEpOpkS2C/u3VGN/Hbjf0UwftoVg=' https://polyfill.io/v3/ https://maps.googleapis.com/maps/ https://maps.googleapis.com/maps-api-v3/; child-src 'self'; form-action 'self' ; img-src 'self' blob: data: https://assets.cake.app https://assets.itsdino-qa.com https://cake.eu.looker.com https://maps.gstatic.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com https://github.com/ixahmedxi/circular-std/blob/master/fonts/; frame-ancestors 'self'; frame-src 'self' https://assets.cake.app https://cake.eu.looker.com; object-src 'none'; worker-src 'self' blob:; manifest-src 'self'; media-src 'self'; prefetch-src 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-envoy-upstream-service-time: 0
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 22 Mar 2023 13:15:19 GMT
server: envoy
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
permissions-policy: autoplay=(self), camera=(self), encrypted-media=(), fullscreen=(), geolocation=(self), microphone=(), midi=(), payment=()
accept-ranges: bytes

GET
H2 200 complete.html Show response
assets.cake.app/cookie-check/ Frame 9FE4 610 B
967 B 85ms
65ms Document
text/html 13.32.121.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.cake.app/cookie-check/complete.html
Requested by: Host: assets.cake.app
URL: https://assets.cake.app/cookie-check/start.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 62ac711d2fbccc5efc878c4dcc25c5cb082a640ff8dd0b531819a75073273515

Request headers

Referer: https://assets.cake.app/cookie-check/start.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-length: 610
content-type: text/html
date: Thu, 30 Mar 2023 03:49:58 GMT
etag: "949e2e19bc061ac0f71ba129c72fc6b4"
last-modified: Tue, 15 Sep 2020 09:52:19 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
x-amz-cf-id: HyfX2emYsp-d9xIq_tpysrpN-nfjbTLes9irnyCcIe5RteU5JEmrQA==
x-amz-cf-pop: FRA60-P1
x-amz-version-id: null
x-cache: RefreshHit from cloudfront

GET
H2 200 cake_for_business.617b95db3b5286e99dfa.svg
business.itsdino-qa.com/static/media/ 10 KB
6 KB 45ms
33ms Image
image/svg+xml 18.185.244.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://business.itsdino-qa.com/static/media/cake_for_business.617b95db3b5286e99dfa.svg

Requested by

Host: business.itsdino-qa.com
URL: https://business.itsdino-qa.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.185.244.112 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-185-244-112.eu-central-1.compute.amazonaws.com

Software

envoy /

Resource Hash

6ddb38da67f26c4f8d779eb20323c5cc596a17cb612cee3ccfbb6d6b667e52d5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; base-uri 'self'; connect-src 'self' https://dino-public-s3-qa.s3.eu-central-1.amazonaws.com/ https://maps.googleapis.com/maps/api/ https://gitlab.com/api/v4/feature_flags/unleash/10353594/ https://partner-api.itsdino-qa.com https://partner-banks-api.itsdino-qa.com https://cognito-idp.eu-central-1.amazonaws.com https://dino-saurus.onelogin.com; script-src 'self' 'sha256-XnSj7Ro80Dq2JK3UPh7IGzcOg4HPB1I25M7yPe4LDSI=' 'sha256-D6kpIX0A4TTsmvxfEpOpkS2C/u3VGN/Hbjf0UwftoVg=' https://polyfill.io/v3/ https://maps.googleapis.com/maps/ https://maps.googleapis.com/maps-api-v3/; child-src 'self'; form-action 'self' ; img-src 'self' blob: data: https://assets.cake.app https://assets.itsdino-qa.com https://cake.eu.looker.com https://maps.gstatic.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com https://github.com/ixahmedxi/circular-std/blob/master/fonts/; frame-ancestors 'self'; frame-src 'self' https://assets.cake.app https://cake.eu.looker.com; object-src 'none'; worker-src 'self' blob:; manifest-src 'self'; media-src 'self'; prefetch-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 03:49:57 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; base-uri 'self'; connect-src 'self' https://dino-public-s3-qa.s3.eu-central-1.amazonaws.com/ https://maps.googleapis.com/maps/api/ https://gitlab.com/api/v4/feature_flags/unleash/10353594/ https://partner-api.itsdino-qa.com https://partner-banks-api.itsdino-qa.com https://cognito-idp.eu-central-1.amazonaws.com https://dino-saurus.onelogin.com; script-src 'self' 'sha256-XnSj7Ro80Dq2JK3UPh7IGzcOg4HPB1I25M7yPe4LDSI=' 'sha256-D6kpIX0A4TTsmvxfEpOpkS2C/u3VGN/Hbjf0UwftoVg=' https://polyfill.io/v3/ https://maps.googleapis.com/maps/ https://maps.googleapis.com/maps-api-v3/; child-src 'self'; form-action 'self' ; img-src 'self' blob: data: https://assets.cake.app https://assets.itsdino-qa.com https://cake.eu.looker.com https://maps.gstatic.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com https://github.com/ixahmedxi/circular-std/blob/master/fonts/; frame-ancestors 'self'; frame-src 'self' https://assets.cake.app https://cake.eu.looker.com; object-src 'none'; worker-src 'self' blob:; manifest-src 'self'; media-src 'self'; prefetch-src 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-envoy-upstream-service-time: 0
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 22 Mar 2023 13:16:39 GMT
server: envoy
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
permissions-policy: autoplay=(self), camera=(self), encrypted-media=(), fullscreen=(), geolocation=(self), microphone=(), midi=(), payment=()
accept-ranges: bytes

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			assets.cake.app/cookie-check	1970-01-20 10:42:31	Name: allowedThirdPartyCookies Value: yes

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; base-uri 'self'; connect-src 'self' https://dino-public-s3-qa.s3.eu-central-1.amazonaws.com/ https://maps.googleapis.com/maps/api/ https://gitlab.com/api/v4/feature_flags/unleash/10353594/ https://partner-api.itsdino-qa.com https://partner-banks-api.itsdino-qa.com https://cognito-idp.eu-central-1.amazonaws.com https://dino-saurus.onelogin.com; script-src 'self' 'sha256-XnSj7Ro80Dq2JK3UPh7IGzcOg4HPB1I25M7yPe4LDSI=' 'sha256-D6kpIX0A4TTsmvxfEpOpkS2C/u3VGN/Hbjf0UwftoVg=' https://polyfill.io/v3/ https://maps.googleapis.com/maps/ https://maps.googleapis.com/maps-api-v3/; child-src 'self'; form-action 'self' ; img-src 'self' blob: data: https://assets.cake.app https://assets.itsdino-qa.com https://cake.eu.looker.com https://maps.gstatic.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com https://github.com/ixahmedxi/circular-std/blob/master/fonts/; frame-ancestors 'self'; frame-src 'self' https://assets.cake.app https://cake.eu.looker.com; object-src 'none'; worker-src 'self' blob:; manifest-src 'self'; media-src 'self'; prefetch-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.cake.app
business.itsdino-qa.com
partner-api.itsdino-qa.com
polyfill.io
13.32.121.11
18.185.244.112
18.196.66.91
2a04:4e42:400::282
1f79d88026739a09d4d1c09940f6ee868047ac2c0d1986d97c50ad367e3a9620
3335259296357dcface02f1b52e99cbece2561325ba9d4239d0b232b1a489f71
35a2fb0b11b3cb54aae04531cf11180cddd9984cfaef634ca8b1dfbd5f997a13
39c5d1ed54e49102939d0280aeb20f01ef021bf5ffa74dc25fcafb43fce62ff3
5ca6aa93a1b018626d9f2af25be3e410a598e66d319c82d67fab50130b5c62da
5ee7597b9fadcea84a1d6eae0e5c5bf3bee553c6abccbb6556973157d9d4c51e
62ac711d2fbccc5efc878c4dcc25c5cb082a640ff8dd0b531819a75073273515
6ddb38da67f26c4f8d779eb20323c5cc596a17cb612cee3ccfbb6d6b667e52d5
6f054ca1bdca1e84df35ab2dff08f7639a18f44300674e70a04a771008ec0c0f
966620f9e3bec428663687f9e8d67a6b8e35d79adebf6fb204e9b139eada7599
97c9e46604f395ce09eccccb841384e11f3dfbb0970bb6d638d3fa925ebecb34
cf667508ac89828cbbab0a0ecccb3400a9a0104a19f436fb9072f3a3618300c2
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

business.itsdino-qa.com Open in urlscan Pro 18.185.244.112 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

25 %IPv6

3 Domains

4 Subdomains

4 IPs

2 Countries

964 kBTransfer

3598 kBSize

1 Cookies

2 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

business.itsdino-qa.com Open in urlscan Pro
18.185.244.112 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

964 kB
Transfer

3598 kB
Size

1
Cookies

14 HTTP transactions
0 data transactions