client.joistapp.com Open in urlscan Pro
44.207.24.182 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://outbound.joistapp.com/track/click/30009834/client.joistapp.com?p=eyJzIjoiREt6UDRPcnFXX2I1aW9yUWQ4bUlHOFpKa1pjIiwidiI6M...
Effective URL:
https://client.joistapp.com/estimates/2e65bbe9bc0b4b60f9d7f51f
Submission: On January 25 via manual (January 25th 2024, 6:42:17 pm UTC) from US — Scanned from DE

Summary HTTP 43 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 9 domains to perform 43 HTTP transactions. The main IP is 44.207.24.182, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is client.joistapp.com. The Cisco Umbrella rank of the primary domain is 337359.
TLS certificate: Issued by Amazon RSA 2048 M02 on November 22nd 2023. Valid for: a year.

This is the only time client.joistapp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.78.186.219 54.78.186.219	16509 (AMAZON-02) (AMAZON-02)
4	44.207.24.182 44.207.24.182	14618 (AMAZON-AES) (AMAZON-AES)
3	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2600:9000:215... 2600:9000:2156:1a00:12:42f7:e2c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	99.86.8.175 99.86.8.175	16509 (AMAZON-02) (AMAZON-02)
6	151.101.193.21 151.101.193.21	54113 (FASTLY) (FASTLY)
6	54.205.27.121 54.205.27.121	14618 (AMAZON-AES) (AMAZON-AES)
6	35.160.35.184 35.160.35.184	16509 (AMAZON-02) (AMAZON-02)
3	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
2	151.101.1.35 151.101.1.35	54113 (FASTLY) (FASTLY)
2	34.102.193.164 34.102.193.164	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.216.57.24 52.216.57.24	16509 (AMAZON-02) (AMAZON-02)
2	3.17.103.230 3.17.103.230	16509 (AMAZON-02) (AMAZON-02)
43	12

1 54.78.186.219 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-186-219.eu-west-1.compute.amazonaws.com

outbound.joistapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 44.207.24.182 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-207-24-182.compute-1.amazonaws.com

client.joistapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2156:1a00:12:42f7:e2c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

payment-amount.acornfinance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.86.8.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-8-175.fra6.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.193.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.205.27.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-27-121.compute-1.amazonaws.com

api.joistapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.160.35.184 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-160-35-184.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.102.193.164 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 164.193.102.34.bc.googleusercontent.com

api.leanplum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.57.24 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.17.103.230 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-17-103-230.us-east-2.compute.amazonaws.com

api.acornfinance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	joistapp.com 1 redirects outbound.joistapp.com — Cisco Umbrella Rank: 324716 client.joistapp.com — Cisco Umbrella Rank: 337359 api.joistapp.com — Cisco Umbrella Rank: 245654	3 MB
8	paypal.com www.paypal.com — Cisco Umbrella Rank: 3015 t.paypal.com — Cisco Umbrella Rank: 3523	89 KB
6	segment.io api.segment.io — Cisco Umbrella Rank: 1326	1 KB
6	acornfinance.com payment-amount.acornfinance.com — Cisco Umbrella Rank: 246357 api.acornfinance.com — Cisco Umbrella Rank: 632623	19 KB
4	segment.com cdn.segment.com — Cisco Umbrella Rank: 1697	35 KB
3	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2611	33 KB
3	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1019	98 KB
2	leanplum.com api.leanplum.com — Cisco Umbrella Rank: 10315	3 KB
1	amazonaws.com s3.amazonaws.com	90 KB
43	9

	Domain	Requested by
6	api.segment.io	cdn.segment.com
6	api.joistapp.com	client.joistapp.com
6	www.paypal.com	client.joistapp.com www.paypal.com www.paypalobjects.com
4	cdn.segment.com	client.joistapp.com cdn.segment.com
4	payment-amount.acornfinance.com	client.joistapp.com payment-amount.acornfinance.com
4	client.joistapp.com	client.joistapp.com
3	www.paypalobjects.com	www.paypal.com www.paypalobjects.com
3	maxcdn.bootstrapcdn.com	client.joistapp.com maxcdn.bootstrapcdn.com
2	api.acornfinance.com	payment-amount.acornfinance.com
2	api.leanplum.com	client.joistapp.com
2	t.paypal.com	client.joistapp.com
1	s3.amazonaws.com	client.joistapp.com
1	outbound.joistapp.com	1 redirects
43	13

This site contains links to these domains. Also see Links.

Domain
s3.amazonaws.com
www.facebook.com
instagram.com
haleysconstruction.com

Subject Issuer	Validity	Valid
*.joistapp.com Amazon RSA 2048 M02	`2023-11-22` - `2024-12-20`	a year	crt.sh
bootstrapcdn.com GTS CA 1P5	`2023-11-30` - `2024-02-28`	3 months	crt.sh
*.acornfinance.com Amazon RSA 2048 M02	`2023-11-17` - `2024-12-16`	a year	crt.sh
*.segment.com Amazon RSA 2048 M03	`2023-11-14` - `2024-12-13`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-10-13` - `2024-08-20`	10 months	crt.sh
*.segment.io Amazon RSA 2048 M03	`2023-12-13` - `2025-01-11`	a year	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-09-21` - `2024-10-21`	a year	crt.sh
*.leanplum.com Sectigo RSA Domain Validation Secure Server CA	`2023-11-08` - `2024-12-08`	a year	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-10`	9 months	crt.sh
api.acornfinance.com Amazon RSA 2048 M02	`2024-01-18` - `2025-02-15`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://client.joistapp.com/estimates/2e65bbe9bc0b4b60f9d7f51f
Frame ID: 006E9629AF873311203F05D5303F3AA1
Requests: 37 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: D27387D083C014683DCBAA23B4741EDD
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Joist - View Documentprintdownloaddownloadprintinfo

Page URL History Show full URLs

http://outbound.joistapp.com/track/click/30009834/client.joistapp.com?p=eyJzIjoiREt6UDRPcnFXX2I1aW9yUWQ4b... HTTP 302
https://client.joistapp.com/estimates/2e65bbe9bc0b4b60f9d7f51f Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

Page Statistics

43
Requests

100 %
HTTPS

15 %
IPv6

9
Domains

13
Subdomains

12
IPs

2
Countries

3312 kB
Transfer

3822 kB
Size

2
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://s3.amazonaws.com/joist-uploads-document-attachments/E439736C-26E2-416D-BF94-C10E11C06334/2024%20Business%20Insurance%20.jpg
Title: insurance

Search URL Search Domain Scan URL

URL: http://www.facebook.com/lemander.haley.1?mibextid=LQQJ4d

Search URL Search Domain Scan URL

URL: https://instagram.com/haleysroofing

Search URL Search Domain Scan URL

URL: https://haleysconstruction.com/
Title: haleysconstruction.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://outbound.joistapp.com/track/click/30009834/client.joistapp.com?p=eyJzIjoiREt6UDRPcnFXX2I1aW9yUWQ4bUlHOFpKa1pjIiwidiI6MSwicCI6IntcInVcIjozMDAwOTgzNCxcInZcIjoxLFwidXJsXCI6XCJodHRwczpcXFwvXFxcL2NsaWVudC5qb2lzdGFwcC5jb21cXFwvZXN0aW1hdGVzXFxcLzJlNjViYmU5YmMwYjRiNjBmOWQ3ZjUxZlwiLFwiaWRcIjpcIjE3ZjBkMTNkYjI5ZTQ5ZWJiMzhlMmZkNjNmYzg1MTUzXCIsXCJ1cmxfaWRzXCI6W1wiMTdlYmYyYzYxZmJmMjgyMGQ1Yjg5MDUwODMxM2Q0YzExMDYwNDMxN1wiXX0ifQ HTTP 302
https://client.joistapp.com/estimates/2e65bbe9bc0b4b60f9d7f51f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 2e65bbe9bc0b4b60f9d7f51f Show response
client.joistapp.com/estimates/
Redirect Chain

http://outbound.joistapp.com/track/click/30009834/client.joistapp.com?p=eyJzIjoiREt6UDRPcnFXX2I1aW9yUWQ4bUlHOFpKa1pjIiwidiI6MSwicCI6IntcInVcIjozMDAwOTgzNCxcInZcIjoxLFwidXJsXCI6XCJodHRwczpcXFwvXFxcL...
https://client.joistapp.com/estimates/2e65bbe9bc0b4b60f9d7f51f

3 KB
3 KB

431ms
105ms

Document
text/html

44.207.24.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://client.joistapp.com/estimates/2e65bbe9bc0b4b60f9d7f51f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.207.24.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-207-24-182.compute-1.amazonaws.com
Software: / Express
Resource Hash: 437a122011eaa58fc876011801ab51f166f20152c8738577a9fc66a72daf0ee6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: public, max-age=0
content-length: 2663
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 18:42:06 GMT
etag: W/"a67-18d370092e8"
last-modified: Tue, 23 Jan 2024 15:46:41 GMT
x-powered-by: Express

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 18:42:06 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://client.joistapp.com/estimates/2e65bbe9bc0b4b60f9d7f51f
pragma: no-cache
server: nginx
transfer-encoding: chunked
vary: Accept-Encoding

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 38ms
20ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: client.joistapp.com
URL: https://client.joistapp.com/estimates/2e65bbe9bc0b4b60f9d7f51f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://client.joistapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 18:42:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1078
age: 4970904
cdn-cachedat: 10/31/2023 18:59:36
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"ec3bb52a00e176a7181d454dffaea219"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: a99131ed71793c235969f4741b45dd0f
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 84b2a779f938362c-FRA
cdn-requestpullsuccess: True

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/ 28 KB
7 KB 41ms
23ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css

Requested by

Host: client.joistapp.com
URL: https://client.joistapp.com/estimates/2e65bbe9bc0b4b60f9d7f51f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://client.joistapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 18:42:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 632, 617, 617
age: 4984367
cdn-cachedat: 2021-06-08 21:31:13
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 5bb5196854d77b3b0bd1d55200ac7249
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 84b2a779f939362c-FRA
cdn-requestpullsuccess: True

GET
H2 200 acorn-finance.min.css
payment-amount.acornfinance.com/v3/ 8 KB
3 KB 497ms
430ms Stylesheet
text/css 2600:9000:2156:1a00:12:42f7:e2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payment-amount.acornfinance.com/v3/acorn-finance.min.css

Requested by

Host: client.joistapp.com
URL: https://client.joistapp.com/estimates/2e65bbe9bc0b4b60f9d7f51f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:1a00:12:42f7:e2c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9106dd05cb3be1b2f1d39b4ec78d6bad5f685aba2ee66473151b5795fd6b5a3b

Security Headers

Name

Value

Content-Security-Policy

frame-ancestors https://acornfinance.com https://*.acornfinance.com https://acornfinance.dev https://*.acornfinance.dev https://pr.acornfinance.com https://vars.hotjar.com https://*.pr.acornfinance.com; frame-src 'self' https://acornfinance.dev https://*.acornfinance.dev https://*.acornfinance.com https://vars.hotjar.com https://accounts.google.com https://www.google.com https://*.pr.acornfinance.com https://*.api.acornfinance.com https://studio-shed.com https://*.studio-shed.com; upgrade-insecure-requests;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://client.joistapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 18:42:07 GMT
content-encoding: gzip
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
content-security-policy: frame-ancestors https://acornfinance.com https://*.acornfinance.com https://acornfinance.dev https://*.acornfinance.dev https://pr.acornfinance.com https://vars.hotjar.com https://*.pr.acornfinance.com; frame-src 'self' https://acornfinance.dev https://*.acornfinance.dev https://*.acornfinance.com https://vars.hotjar.com https://accounts.google.com https://www.google.com https://*.pr.acornfinance.com https://*.api.acornfinance.com https://studio-shed.com https://*.studio-shed.com; upgrade-insecure-requests;
last-modified: Fri, 15 Sep 2023 21:22:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"8016e82edd88cc83e2dbab5d660871d0"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=0, s-maxage=2
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: nYfUfFXo5CjImapQT4uObsBdb9qAQI0l44OtDOtP-J7L1LWR92W0Sg==

GET
H2 200 acorn-finance.min.js Show response
payment-amount.acornfinance.com/v3/ 14 KB
6 KB 458ms
437ms Script
application/javascript 2600:9000:2156:1a00:12:42f7:e2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payment-amount.acornfinance.com/v3/acorn-finance.min.js

Requested by

Host: client.joistapp.com
URL: https://client.joistapp.com/estimates/2e65bbe9bc0b4b60f9d7f51f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:1a00:12:42f7:e2c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1855b74a33cb2c1ea5ccdd07ce0d1bdad269f99b8c887c01e2ece8e7885c929e

Security Headers

Name

Value

Content-Security-Policy

Request headers

Referer: https://client.joistapp.com/
Origin: https://client.joistapp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 18:42:07 GMT
content-encoding: gzip
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
content-security-policy: frame-ancestors https://acornfinance.com https://*.acornfinance.com https://acornfinance.dev https://*.acornfinance.dev https://pr.acornfinance.com https://vars.hotjar.com https://*.pr.acornfinance.com; frame-src 'self' https://acornfinance.dev https://*.acornfinance.dev https://*.acornfinance.com https://vars.hotjar.com https://accounts.google.com https://www.google.com https://*.pr.acornfinance.com https://*.api.acornfinance.com https://studio-shed.com https://*.studio-shed.com; upgrade-insecure-requests;
last-modified: Fri, 15 Sep 2023 21:22:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"0f55296bb67ba39d245af7cbc8408129"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, s-maxage=2
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: hYwQKxqoUVzr06LgJ0X-W9uLV7Dc1vnkJkJVqJ-jtbkyGfg_mvLPJA==

GET
H2 200 main.9e0402ce.js Show response
client.joistapp.com/static/js/ 3 MB
3 MB 268ms
268ms Script
application/javascript 44.207.24.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://client.joistapp.com/static/js/main.9e0402ce.js
Requested by: Host: client.joistapp.com
URL: https://client.joistapp.com/estimates/2e65bbe9bc0b4b60f9d7f51f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.207.24.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-207-24-182.compute-1.amazonaws.com
Software: / Express
Resource Hash: 2a6e6a45173d7d89cf7b6f2085588f236f8ad83e49fdc95438382b12e046b5b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://client.joistapp.com/estimates/2e65bbe9bc0b4b60f9d7f51f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 18:42:07 GMT
last-modified: Tue, 23 Jan 2024 15:46:41 GMT
x-powered-by: Express
etag: W/"2c2fa4-18d370092e8"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 2895780

GET
H2 200 main.73e37bb0.css
client.joistapp.com/static/css/ 100 KB
100 KB 106ms
106ms Stylesheet
text/css 44.207.24.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://client.joistapp.com/static/css/main.73e37bb0.css
Requested by: Host: client.joistapp.com
URL: https://client.joistapp.com/estimates/2e65bbe9bc0b4b60f9d7f51f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.207.24.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-207-24-182.compute-1.amazonaws.com
Software: / Express
Resource Hash: 8206bb8a9f46e802a4b846ab4e628b29f109aa7326d809796b11bd131bc02f33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://client.joistapp.com/estimates/2e65bbe9bc0b4b60f9d7f51f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 18:42:07 GMT
last-modified: Tue, 23 Jan 2024 15:46:41 GMT
x-powered-by: Express
etag: W/"18fec-18d370092e8"
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 102380

GET
H2 200 acorn-rates.json Show response
payment-amount.acornfinance.com/v3/ 1 KB
1 KB 4198ms
4198ms Fetch
application/json 2600:9000:2156:1a00:12:42f7:e2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payment-amount.acornfinance.com/v3/acorn-rates.json

Requested by

Host: payment-amount.acornfinance.com
URL: https://payment-amount.acornfinance.com/v3/acorn-finance.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:1a00:12:42f7:e2c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

34c4f48357a5ddff0ab8a8d8bc4fab8c07bae0cdb274013368ebaf95540c2454

Security Headers

Name

Value

Content-Security-Policy

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://client.joistapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 18:42:07 GMT
content-encoding: gzip
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
content-security-policy: frame-ancestors https://acornfinance.com https://*.acornfinance.com https://acornfinance.dev https://*.acornfinance.dev https://pr.acornfinance.com https://vars.hotjar.com https://*.pr.acornfinance.com; frame-src 'self' https://acornfinance.dev https://*.acornfinance.dev https://*.acornfinance.com https://vars.hotjar.com https://accounts.google.com https://www.google.com https://*.pr.acornfinance.com https://*.api.acornfinance.com https://studio-shed.com https://*.studio-shed.com; upgrade-insecure-requests;
last-modified: Fri, 15 Sep 2023 21:22:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"4b56aa7b46bdd8228340c9dfa061c016"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=0, s-maxage=2
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 2RQPQoEjMBUte3iVgYRv3r3FHtIqydTTE9lt2MDGsg0fsyuZzBvsIQ==

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/K88QpdmsKhRzrofQjSapSzTurnYQhGeJ/ 108 KB
29 KB 3866ms
28ms Script
text/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/K88QpdmsKhRzrofQjSapSzTurnYQhGeJ/analytics.min.js
Requested by: Host: client.joistapp.com
URL: https://client.joistapp.com/estimates/2e65bbe9bc0b4b60f9d7f51f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b966caa11e2a8721449045be23a5e33a35b34fc662aca0ef44f87d9901a8b9c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://client.joistapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 24w6.z3uY2ekiSJrMhO2jNAEhY3VD1v4
content-encoding: br
via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
date: Thu, 25 Jan 2024 18:42:11 GMT
x-amz-cf-pop: FRA6-C1
age: 52
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 17 Jan 2024 23:07:24 GMT
server: AmazonS3
etag: W/"858bc4a115e2c83777db2739f278c2a4"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
vary: Accept-Encoding
x-amz-cf-id: Zp3NKOzHWPuY1dDHrjv6NViw6Jdz6Nma5b2LNxoateuR1gvPg8BU2A==

GET
H2 200 js Show response
www.paypal.com/sdk/ 294 KB
80 KB 3896ms
68ms Script
application/javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AebN-PzKrASrgmVPbTYZZbViuFCnuFgDIqSxaMAZI5Hrx5fH64iDfNVzCifAW_3MjfFntWcyqz1aQzZQ&components=buttons,funding-eligibility

Requested by

Host: client.joistapp.com
URL: https://client.joistapp.com/static/js/main.9e0402ce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

634884dad609fbf2fa08e6ead914f0b5d0b64f416ef73881b8fd0d6e0d626a02

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-+H1mhKktkVj4k0fphmWWcKcn7kHVeQNCt7zkgBEl3npjNJXQ' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-+H1mhKktkVj4k0fphmWWcKcn7kHVeQNCt7zkgBEl3npjNJXQ' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://client.joistapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-+H1mhKktkVj4k0fphmWWcKcn7kHVeQNCt7zkgBEl3npjNJXQ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-+H1mhKktkVj4k0fphmWWcKcn7kHVeQNCt7zkgBEl3npjNJXQ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
disable-set-cookie: true
via: 1.1 varnish, 1.1 varnish
date: Thu, 25 Jan 2024 18:42:11 GMT
age: 6400
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT, MISS
p3p: true
paypal-debug-id: f2167405b73c1
server-timing: "traceparent;desc="00-0000000000000000000f2167405b73c1-6eaaa2df0f9c4423-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 80266
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230035-FRA, cache-fra-eddf8230035-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f2167405b73c1-4aa3c3ff296196aa-01
x-timer: S1706208132.853829,VS0,VE17
etag: W/"1398a-P5XgLlJwDhkKhoR1AIfsGYJLGH8"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 2e65bbe9bc0b4b60f9d7f51f Show response
api.joistapp.com/api/v7/public_documents/ 460 B
1 KB 4134ms
128ms XHR
application/json 54.205.27.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.joistapp.com/api/v7/public_documents/2e65bbe9bc0b4b60f9d7f51f

Requested by

Host: client.joistapp.com
URL: https://client.joistapp.com/static/js/main.9e0402ce.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.205.27.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-205-27-121.compute-1.amazonaws.com

Software

Resource Hash

7b532de8a4953fd1344495886491dab01ac56d9c3d0c9ec7d5eb71932fd4e06d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cloudfront.net; font-src 'self' fonts.gstatic.com netdna.bootstrapcdn.com .cloudfront.net; script-src 'self' 'unsafe-inline' js-agent.newrelic.com bam.nr-data.net .cloudfront.net; style-src 'self' 'unsafe-inline' fonts.googleapis.com netdna.bootstrapcdn.com .cloudfront.net; worker-src 'self' .joisttest.com .joistapp.com blob:
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://client.joistapp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rack-cors: hit
date: Thu, 25 Jan 2024 18:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=631138519
x-permitted-cross-domain-policies: none
content-security-policy: default-src 'self' *.cloudfront.net; font-src 'self' fonts.gstatic.com netdna.bootstrapcdn.com *.cloudfront.net; script-src 'self' 'unsafe-inline' js-agent.newrelic.com bam.nr-data.net *.cloudfront.net; style-src 'self' 'unsafe-inline' fonts.googleapis.com netdna.bootstrapcdn.com *.cloudfront.net; worker-src 'self' *.joisttest.com *.joistapp.com blob:
x-xss-protection: 1; mode=block
x-request-id: b9caf01b-f8a4-420f-9eb3-9af7b162097f
x-runtime: 0.023745
etag: W/"7b532de8a4953fd1344495886491dab0"
x-download-options: noopen
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://client.joistapp.com
access-control-expose-headers: Link
cache-control: max-age=0, private, must-revalidate
x-frame-options: sameorigin
vary: Accept-Encoding, Origin

GET
H2 200 summary Show response
api.joistapp.com/api/v7/public_documents/2e65bbe9bc0b4b60f9d7f51f/ 560 B
1 KB 4146ms
139ms XHR
application/json 54.205.27.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.joistapp.com/api/v7/public_documents/2e65bbe9bc0b4b60f9d7f51f/summary

Requested by

Host: client.joistapp.com
URL: https://client.joistapp.com/static/js/main.9e0402ce.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.205.27.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-205-27-121.compute-1.amazonaws.com

Software

Resource Hash

d3cb42385390abe04615937d1dcd383849995f4a7270d87a1ad9897737790f16

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cloudfront.net; font-src 'self' fonts.gstatic.com netdna.bootstrapcdn.com .cloudfront.net; script-src 'self' 'unsafe-inline' js-agent.newrelic.com bam.nr-data.net .cloudfront.net; style-src 'self' 'unsafe-inline' fonts.googleapis.com netdna.bootstrapcdn.com .cloudfront.net; worker-src 'self' .joisttest.com .joistapp.com blob:
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://client.joistapp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rack-cors: hit
date: Thu, 25 Jan 2024 18:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=631138519
x-permitted-cross-domain-policies: none
content-security-policy: default-src 'self' *.cloudfront.net; font-src 'self' fonts.gstatic.com netdna.bootstrapcdn.com *.cloudfront.net; script-src 'self' 'unsafe-inline' js-agent.newrelic.com bam.nr-data.net *.cloudfront.net; style-src 'self' 'unsafe-inline' fonts.googleapis.com netdna.bootstrapcdn.com *.cloudfront.net; worker-src 'self' *.joisttest.com *.joistapp.com blob:
x-xss-protection: 1; mode=block
x-request-id: baa87520-9321-4c54-bfd3-5cd8a52d5862
x-runtime: 0.035696
etag: W/"d3cb42385390abe04615937d1dcd3838"
x-download-options: noopen
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://client.joistapp.com
access-control-expose-headers: Link
cache-control: max-age=0, private, must-revalidate
x-frame-options: sameorigin
vary: Accept-Encoding, Origin

GET
H2 200 attachments Show response
api.joistapp.com/api/v8/public/2e65bbe9bc0b4b60f9d7f51f/ 28 B
947 B 4292ms
286ms XHR
application/json 54.205.27.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.joistapp.com/api/v8/public/2e65bbe9bc0b4b60f9d7f51f/attachments

Requested by

Host: client.joistapp.com
URL: https://client.joistapp.com/static/js/main.9e0402ce.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.205.27.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-205-27-121.compute-1.amazonaws.com

Software

Resource Hash

051ca5211546c4b91c8c047341a7bcbf2a02ea62c2617f30fd33b805202b16a5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cloudfront.net; font-src 'self' fonts.gstatic.com netdna.bootstrapcdn.com .cloudfront.net; script-src 'self' 'unsafe-inline' js-agent.newrelic.com bam.nr-data.net .cloudfront.net; style-src 'self' 'unsafe-inline' fonts.googleapis.com netdna.bootstrapcdn.com .cloudfront.net; worker-src 'self' .joisttest.com .joistapp.com blob:
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://client.joistapp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rack-cors: hit
date: Thu, 25 Jan 2024 18:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=631138519
x-permitted-cross-domain-policies: none
content-security-policy: default-src 'self' *.cloudfront.net; font-src 'self' fonts.gstatic.com netdna.bootstrapcdn.com *.cloudfront.net; script-src 'self' 'unsafe-inline' js-agent.newrelic.com bam.nr-data.net *.cloudfront.net; style-src 'self' 'unsafe-inline' fonts.googleapis.com netdna.bootstrapcdn.com *.cloudfront.net; worker-src 'self' *.joisttest.com *.joistapp.com blob:
x-xss-protection: 1; mode=block
x-request-id: ab0c22b5-1cd0-4ff5-bc2a-c12c486e1645
x-runtime: 0.182261
etag: W/"051ca5211546c4b91c8c047341a7bcbf"
x-download-options: noopen
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://client.joistapp.com
access-control-expose-headers: Link
cache-control: max-age=0, private, must-revalidate
x-frame-options: sameorigin
vary: Accept-Encoding, Origin

GET
H2 200 preview Show response
api.joistapp.com/api/v8/public/2e65bbe9bc0b4b60f9d7f51f/ 2 KB
2 KB 4125ms
119ms XHR
application/json 54.205.27.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.joistapp.com/api/v8/public/2e65bbe9bc0b4b60f9d7f51f/preview

Requested by

Host: client.joistapp.com
URL: https://client.joistapp.com/static/js/main.9e0402ce.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.205.27.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-205-27-121.compute-1.amazonaws.com

Software

Resource Hash

b52407aec1ed7966d80d5322ed8bd8075a39361cbca9559f8887769cc1a62dd8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cloudfront.net; font-src 'self' fonts.gstatic.com netdna.bootstrapcdn.com .cloudfront.net; script-src 'self' 'unsafe-inline' js-agent.newrelic.com bam.nr-data.net .cloudfront.net; style-src 'self' 'unsafe-inline' fonts.googleapis.com netdna.bootstrapcdn.com .cloudfront.net; worker-src 'self' .joisttest.com .joistapp.com blob:
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://client.joistapp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rack-cors: hit
date: Thu, 25 Jan 2024 18:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=631138519
x-permitted-cross-domain-policies: none
content-security-policy: default-src 'self' *.cloudfront.net; font-src 'self' fonts.gstatic.com netdna.bootstrapcdn.com *.cloudfront.net; script-src 'self' 'unsafe-inline' js-agent.newrelic.com bam.nr-data.net *.cloudfront.net; style-src 'self' 'unsafe-inline' fonts.googleapis.com netdna.bootstrapcdn.com *.cloudfront.net; worker-src 'self' *.joisttest.com *.joistapp.com blob:
x-xss-protection: 1; mode=block
x-request-id: dab29d94-2343-4e5c-81be-1081bcf3b3ed
x-runtime: 0.015892
etag: W/"b52407aec1ed7966d80d5322ed8bd807"
x-download-options: noopen
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://client.joistapp.com
access-control-expose-headers: Link
cache-control: max-age=0, private, must-revalidate
x-frame-options: sameorigin
vary: Accept-Encoding, Origin

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/K88QpdmsKhRzrofQjSapSzTurnYQhGeJ/ 1 KB
1 KB 31ms
11ms Fetch
application/json 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/K88QpdmsKhRzrofQjSapSzTurnYQhGeJ/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/K88QpdmsKhRzrofQjSapSzTurnYQhGeJ/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 25e5bd4d8c412ea0722eb2116fcf07f224776eab02ebbb704959713d1b051fc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://client.joistapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 4Vh1VxISFzPDzy8AnApNJYXekDpGFoBE
content-encoding: gzip
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
date: Thu, 25 Jan 2024 17:09:24 GMT
x-amz-cf-pop: FRA6-C1
age: 5681
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 23 Jun 2023 13:26:20 GMT
server: AmazonS3
etag: W/"157cc8ba762cbd0283cc5ed41aa369c7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
vary: Accept-Encoding
x-amz-cf-id: 0PZ2Mt41HxNjNe1zlvnEZeRklOW59x1P6INaltAhkH75SsNCr5vS0w==

GET
H2 200 ajs-destination.bundle.13362ca512563a10e34d.js Show response
cdn.segment.com/analytics-next/bundles/ 9 KB
3 KB 8ms
8ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.13362ca512563a10e34d.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/K88QpdmsKhRzrofQjSapSzTurnYQhGeJ/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e4fde2a7e2da4eb11065a29f03b7f68566665515cf79bf4841168b46508dda5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://client.joistapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 20:48:28 GMT
x-amz-version-id: p6tk_itArJhm1.zmwaH5aXhODx_TUmzt
content-encoding: br
via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 6126824
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 15 Nov 2023 20:12:01 GMT
server: AmazonS3
etag: W/"0dec480089dae7da1834489f95aca4e7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: VgRPmq0Frfaw3CmcizKNtNwl5HsD1vFHxEaoFvdSnO82IgKCLpzBkA==

GET
H2 200 schemaFilter.bundle.f63551a29dc1697f71b6.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 8ms
7ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.f63551a29dc1697f71b6.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/K88QpdmsKhRzrofQjSapSzTurnYQhGeJ/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://client.joistapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 16:42:23 GMT
x-amz-version-id: ImHr9JVwNOQx3sB3unWxqI5ddwoeSEnO
content-encoding: br
via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 4413589
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 01 Dec 2023 20:22:01 GMT
server: AmazonS3
etag: W/"2a359f6227308e4ee31623f9381ae1d7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: 3ByFz-pAsXcRbvRrNxElrPhUrUrXa_C1zzRNp4MzddMpmx4rjevS6w==

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
176 B 521ms
176ms Fetch
application/json 35.160.35.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/K88QpdmsKhRzrofQjSapSzTurnYQhGeJ/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.160.35.184 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-160-35-184.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://client.joistapp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://client.joistapp.com
date: Thu, 25 Jan 2024 18:42:12 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 14 KB
6 KB 25ms
24ms Script
application/x-javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=client.joistapp.com&t=xo&v=5.0.421&source=payments_sdk&client_id=AebN-PzKrASrgmVPbTYZZbViuFCnuFgDIqSxaMAZI5Hrx5fH64iDfNVzCifAW_3MjfFntWcyqz1aQzZQ&comp=buttons,funding-eligibility&disableSetCookie=true&vault=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AebN-PzKrASrgmVPbTYZZbViuFCnuFgDIqSxaMAZI5Hrx5fH64iDfNVzCifAW_3MjfFntWcyqz1aQzZQ&components=buttons,funding-eligibility

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5c599f30629913305c40092a3d1db4f38e933c92a9eb3272d83fedd5ff4358a2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-LMxnq+MI0WZqWgQ6J+rqZylARD1WlzhdjDbYU1TM4Yd1/GI1' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://client.joistapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-LMxnq+MI0WZqWgQ6J+rqZylARD1WlzhdjDbYU1TM4Yd1/GI1' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 25 Jan 2024 18:42:12 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 80836
x-cache: HIT, MISS
paypal-debug-id: f82681571e9f0
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4804
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230035-FRA, cache-fra-eddf8230035-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f82681571e9f0-e7684bcfd8fc9edb-01
x-timer: S1706208132.032435,VS0,VE15
etag: W/"36a0-0TNf7LIanY8q1aZ4xfmPuoLITc0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=3600
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 muse.js Show response
www.paypalobjects.com/muse/ 55 KB
17 KB 82ms
16ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/muse.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=client.joistapp.com&t=xo&v=5.0.421&source=payments_sdk&client_id=AebN-PzKrASrgmVPbTYZZbViuFCnuFgDIqSxaMAZI5Hrx5fH64iDfNVzCifAW_3MjfFntWcyqz1aQzZQ&comp=buttons,funding-eligibility&disableSetCookie=true&vault=false

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48DA) /

Resource Hash

20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://client.joistapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 18:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: d10f85ce629d1
dc: ccg11-origin-www-1.paypal.com
content-length: 16488
last-modified: Fri, 01 Sep 2023 21:10:59 GMT
server: ECAcc (ama/48DA)
traceparent: 00-0000000000000000000d10f85ce629d1-724f3c79864288ee-01
etag: "64f25363-daa8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Thu, 25 Jan 2024 19:42:12 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
512 B 236ms
181ms Image
image/gif 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3AXCDFT4MAKE5A8-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3AXCDFT4MAKE5A8-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=3ae06958-635b-41a4-8c69-d00062bc57d6&fltp=analytics&mrid=XCDFT4MAKE5A8&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Joist%20-%20View%20Document&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1706208132059&g=-60&completeurl=https%3A%2F%2Fclient.joistapp.com%2Festimates%2F2e65bbe9bc0b4b60f9d7f51f&disableSetCookie=true

Requested by

Host: client.joistapp.com
URL: https://client.joistapp.com/estimates/2e65bbe9bc0b4b60f9d7f51f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://client.joistapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 25 Jan 2024 18:42:12 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: e50f4a8b38945
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-eddf8230073-FRA
pragma: no-cache
correlation-id: e50f4a8b38945
traceparent: 00-0000000000000000000e50f4a8b38945-ba7d7b0e4d4335ca-01
x-timer: S1706208132.116230,VS0,VE173
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Jan 2024 18:42:12 GMT

GET
H2 200 index.html Show response
www.paypalobjects.com/muse/analytics/ Frame D273 55 KB
17 KB 16ms
15ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/index.html

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48B6) /

Resource Hash

7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://client.joistapp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-length: 16892
content-type: text/html
date: Thu, 25 Jan 2024 18:42:12 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "64f25363-dacc"
expires: Thu, 25 Jan 2024 19:42:12 GMT
last-modified: Fri, 01 Sep 2023 21:10:59 GMT
paypal-debug-id: ae02605259f60
server: ECAcc (ama/48B6)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000ae02605259f60-54abfbcc446bc5fb-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff

GET
H2 200 payment_options Show response
api.joistapp.com/api/v7/public_documents/2e65bbe9bc0b4b60f9d7f51f/ 801 B
1 KB 163ms
163ms XHR
application/json 54.205.27.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.joistapp.com/api/v7/public_documents/2e65bbe9bc0b4b60f9d7f51f/payment_options

Requested by

Host: client.joistapp.com
URL: https://client.joistapp.com/static/js/main.9e0402ce.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.205.27.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-205-27-121.compute-1.amazonaws.com

Software

Resource Hash

c89aadbef900392d046dbed6240e3836837226f389fbd4b304146f053cc4bd19

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cloudfront.net; font-src 'self' fonts.gstatic.com netdna.bootstrapcdn.com .cloudfront.net; script-src 'self' 'unsafe-inline' js-agent.newrelic.com bam.nr-data.net .cloudfront.net; style-src 'self' 'unsafe-inline' fonts.googleapis.com netdna.bootstrapcdn.com .cloudfront.net; worker-src 'self' .joisttest.com .joistapp.com blob:
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://client.joistapp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rack-cors: hit
date: Thu, 25 Jan 2024 18:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=631138519
x-permitted-cross-domain-policies: none
content-security-policy: default-src 'self' *.cloudfront.net; font-src 'self' fonts.gstatic.com netdna.bootstrapcdn.com *.cloudfront.net; script-src 'self' 'unsafe-inline' js-agent.newrelic.com bam.nr-data.net *.cloudfront.net; style-src 'self' 'unsafe-inline' fonts.googleapis.com netdna.bootstrapcdn.com *.cloudfront.net; worker-src 'self' *.joisttest.com *.joistapp.com blob:
x-xss-protection: 1; mode=block
x-request-id: e63afb49-afb2-457a-b5f9-0b0fd5948025
x-runtime: 0.060093
etag: W/"c89aadbef900392d046dbed6240e3836"
x-download-options: noopen
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://client.joistapp.com
access-control-expose-headers: Link
cache-control: max-age=0, private, must-revalidate
x-frame-options: sameorigin
vary: Accept-Encoding, Origin

GET
H2 200 noop.js Show response
www.paypalobjects.com/muse/ Frame D273 18 B
212 B 188ms
188ms Fetch
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/noop.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (daa/7CCC) /

Resource Hash

0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypalobjects.com/muse/analytics/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 18:42:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
paypal-debug-id: 2f7da957dc953
dc: ccg11-origin-www-1.paypal.com
content-length: 18
last-modified: Sat, 13 Feb 2021 00:26:56 GMT
server: ECAcc (daa/7CCC)
traceparent: 00-00000000000000000002f7da957dc953-991c683b4009982d-01
etag: "60271cd0-12"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Thu, 25 Jan 2024 18:42:11 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
167 B 181ms
181ms Image
image/gif 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AXCDFT4MAKE5A8-1&page=muse%3Aoffer%3A%3A%3AXCDFT4MAKE5A8-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=3ae06958-635b-41a4-8c69-d00062bc57d6&es=visitorInfoFlowStarted&mrid=XCDFT4MAKE5A8&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Joist%20-%20View%20Document&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1706208132181&g=-60&completeurl=https%3A%2F%2Fclient.joistapp.com%2Festimates%2F2e65bbe9bc0b4b60f9d7f51f&disableSetCookie=true

Requested by

Host: client.joistapp.com
URL: https://client.joistapp.com/estimates/2e65bbe9bc0b4b60f9d7f51f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://client.joistapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 25 Jan 2024 18:42:12 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: d85c2e8670840
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-eddf8230073-FRA
pragma: no-cache
correlation-id: d85c2e8670840
traceparent: 00-0000000000000000000d85c2e8670840-9c7d24ec54733184-01
x-timer: S1706208132.183118,VS0,VE174
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Jan 2024 18:42:12 GMT

POST
H2 200 api Show response
api.leanplum.com/ 170 B
342 B 204ms
152ms XHR
application/json 34.102.193.164
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leanplum.com/api?appId=app_LtTSxKgkE8pyNKAgqgGmakjhDK2TXxGgGBvMXv4o2so&client=js&clientKey=prod_mc0NHLJvr0Plr0ya9eaDCKd6UWHzONhFrlgYARUdh3s&sdkVersion=1.11.3&action=multi&time=1706208132.313
Requested by: Host: client.joistapp.com
URL: https://client.joistapp.com/static/js/main.9e0402ce.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.193.164 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 164.193.102.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: afeefbf5496ba2247b83b353f48f1e147c8c50f6084bfca782fa94ff8ac75bdd

Request headers

Referer: https://client.joistapp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Jan 2024 18:42:12 GMT
content-encoding: gzip
via: 1.1 google
server: istio-envoy
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: *
x-envoy-upstream-service-time: 28
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 logo.b8cc27039f7dfd869789df74a06577c7.svg
client.joistapp.com/static/media/ 1 KB
2 KB 105ms
105ms Image
image/svg+xml 44.207.24.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://client.joistapp.com/static/media/logo.b8cc27039f7dfd869789df74a06577c7.svg
Requested by: Host: client.joistapp.com
URL: https://client.joistapp.com/estimates/2e65bbe9bc0b4b60f9d7f51f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.207.24.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-207-24-182.compute-1.amazonaws.com
Software: / Express
Resource Hash: e1379cb2f8d1393495c95106b91bf8b1b6ec405e03f59d409decc21c0060e1d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://client.joistapp.com/estimates/2e65bbe9bc0b4b60f9d7f51f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 18:42:12 GMT
last-modified: Tue, 23 Jan 2024 15:46:41 GMT
x-powered-by: Express
etag: W/"552-18d370092e8"
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 1362

GET
H/1.1 200
OK logo.jpg
s3.amazonaws.com/joist-uploads-logos/6187FED6-D936-44E9-BB41-071910F928A0/ 89 KB
90 KB 362ms
156ms Image
image/jpeg 52.216.57.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/joist-uploads-logos/6187FED6-D936-44E9-BB41-071910F928A0/logo.jpg
Requested by: Host: client.joistapp.com
URL: https://client.joistapp.com/estimates/2e65bbe9bc0b4b60f9d7f51f
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.57.24 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e6dbf700c49759ef37d8c12df23759fdb54ab14faf5b4be0ddc5fb79356d7450

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://client.joistapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 18:42:13 GMT
x-amz-version-id: null
Last-Modified: Sun, 13 Feb 2022 16:29:12 GMT
Server: AmazonS3
x-amz-request-id: D6G3VCY1JH8MGX4V
ETag: "20b0cfd178b1f10fc5b6c88c35cedca9"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 91537
x-amz-id-2: h+jo3SI9e3s+X2Ow857l1E9mtfxQ6wz3MDUVz24hz9eq0Febge87l1p5aIhLsnts1MZKG3Jss7Q=

POST
H2 200 t Show response
api.segment.io/v1/ 21 B
175 B 170ms
170ms Fetch
application/json 35.160.35.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/t

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/K88QpdmsKhRzrofQjSapSzTurnYQhGeJ/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.160.35.184 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-160-35-184.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://client.joistapp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://client.joistapp.com
date: Thu, 25 Jan 2024 18:42:12 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

POST
H2 200 i Show response
api.segment.io/v1/ 21 B
175 B 171ms
171ms Fetch
application/json 35.160.35.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/i

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/K88QpdmsKhRzrofQjSapSzTurnYQhGeJ/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.160.35.184 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-160-35-184.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://client.joistapp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://client.joistapp.com
date: Thu, 25 Jan 2024 18:42:12 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

POST
H2 200 t Show response
api.segment.io/v1/ 21 B
175 B 304ms
304ms Fetch
application/json 35.160.35.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/t

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/K88QpdmsKhRzrofQjSapSzTurnYQhGeJ/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.160.35.184 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-160-35-184.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://client.joistapp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://client.joistapp.com
date: Thu, 25 Jan 2024 18:42:12 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

POST
H2 200 graphql Show response
www.paypal.com/targeting/ Frame D273 435 B
2 KB 264ms
264ms Fetch
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql?disableSetCookie=true

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cacfcddfa67d8936a25cb47587e117e99fc910b9cf6ce67aa739410085035cdd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; img-src 'self' https:; script-src 'nonce-v206d5zpU9izBe33APRr+MRFg39BaWA1XoJqvP7j5vwyjxQl' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypalobjects.com/
disable-set-cookie: true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-v206d5zpU9izBe33APRr+MRFg39BaWA1XoJqvP7j5vwyjxQl' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Thu, 25 Jan 2024 18:42:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: f984440cc998e
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230035-FRA, cache-fra-eddf8230035-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f984440cc998e-db058a72f6d0b92f-01
x-timer: S1706208133.592746,VS0,VE254
etag: W/"1b3-g1ygRtvPmBNMQpEWydi8zPnDrLc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

OPTIONS
H2 204 graphql
www.paypal.com/targeting/ Frame 0
0 219ms
202ms Preflight 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql?disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,disable-set-cookie
Access-Control-Request-Method: POST
Origin: https://www.paypalobjects.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,disable-set-cookie
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Thu, 25 Jan 2024 18:42:12 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f152321219e8d
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f152321219e8d-3c27fa288afb4880-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-served-by: cache-fra-eddf8230115-FRA, cache-fra-eddf8230115-FRA
x-timer: S1706208132.388747,VS0,VE183

POST
H2 200 api Show response
api.leanplum.com/ 8 KB
3 KB 295ms
295ms XHR
application/json 34.102.193.164
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leanplum.com/api?appId=app_LtTSxKgkE8pyNKAgqgGmakjhDK2TXxGgGBvMXv4o2so&client=js&clientKey=prod_mc0NHLJvr0Plr0ya9eaDCKd6UWHzONhFrlgYARUdh3s&sdkVersion=1.11.3&action=multi&time=1706208132.519
Requested by: Host: client.joistapp.com
URL: https://client.joistapp.com/static/js/main.9e0402ce.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.193.164 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 164.193.102.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: 72d042dbe1d918bf1cafc65132546252cc7d058c72203471cdf143560efeeaef

Request headers

Referer: https://client.joistapp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Jan 2024 18:42:12 GMT
content-encoding: gzip
via: 1.1 google
server: istio-envoy
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: *
x-envoy-upstream-service-time: 171
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 activity_log_for_payment_widgets
api.acornfinance.com/ Frame 0
0 429ms
124ms Preflight 3.17.103.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.acornfinance.com/activity_log_for_payment_widgets
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.17.103.230 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-17-103-230.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://client.joistapp.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: *
access-control-expose-headers: authorization
access-control-max-age: 7200
content-length: 0
date: Thu, 25 Jan 2024 18:42:13 GMT
server: nginx

POST
H2 200 activity_log_for_payment_widgets Show response
api.acornfinance.com/ 21 B
569 B 156ms
147ms Fetch
application/json 3.17.103.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.acornfinance.com/activity_log_for_payment_widgets

Requested by

Host: payment-amount.acornfinance.com
URL: https://payment-amount.acornfinance.com/v3/acorn-finance.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.17.103.230 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-17-103-230.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

838a7c62adda8d131d694ae13ba2c5b73579aeb0f327d9f23e23880943a8a289

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:
Strict-Transport-Security	max-age=31556952; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://client.joistapp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: application/json

Response headers

date: Thu, 25 Jan 2024 18:42:13 GMT
content-security-policy: default-src 'self' https:
x-content-type-options: nosniff
strict-transport-security: max-age=31556952; includeSubDomains
content-length: 21
x-xss-protection: 1; mode=block
x-request-id: b60c6904-1440-4462-b4cb-160bff16adae
x-runtime: 0.023710
referrer-policy: strict-origin-when-cross-origin
server: nginx
etag: W/"838a7c62adda8d131d694ae13ba2c5b7"
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: authorization
x-frame-options: SAMEORIGIN
cache-control: max-age=0, private, must-revalidate
vary: Origin

GET
H2 200 acorn-logo-tagline-h-small.png
payment-amount.acornfinance.com/v3/ 8 KB
9 KB 441ms
440ms Image
image/png 2600:9000:2156:1a00:12:42f7:e2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://payment-amount.acornfinance.com/v3/acorn-logo-tagline-h-small.png

Requested by

Host: client.joistapp.com
URL: https://client.joistapp.com/estimates/2e65bbe9bc0b4b60f9d7f51f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:1a00:12:42f7:e2c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c29df51e669790f74823aa12b401e1a16e4c300681b1691b857c2f967280e23e

Security Headers

Name

Value

Content-Security-Policy

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://client.joistapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 18:42:13 GMT
content-security-policy: frame-ancestors https://acornfinance.com https://*.acornfinance.com https://acornfinance.dev https://*.acornfinance.dev https://pr.acornfinance.com https://vars.hotjar.com https://*.pr.acornfinance.com; frame-src 'self' https://acornfinance.dev https://*.acornfinance.dev https://*.acornfinance.com https://vars.hotjar.com https://accounts.google.com https://www.google.com https://*.pr.acornfinance.com https://*.api.acornfinance.com https://studio-shed.com https://*.studio-shed.com; upgrade-insecure-requests;
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
last-modified: Fri, 15 Sep 2023 21:22:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "cd8aafe36c51fe0a68a36c4f97fe88ec"
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 8309
x-amz-cf-id: ie4_WoDJzMA8DbvmV6iczUtcOvxIuf4MY5YPsS1e040HwVzR4kBSlg==

GET
H2 200 company_info Show response
api.joistapp.com/api/v8/public/2e65bbe9bc0b4b60f9d7f51f/ 988 B
1 KB 213ms
213ms XHR
application/json 54.205.27.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.joistapp.com/api/v8/public/2e65bbe9bc0b4b60f9d7f51f/company_info

Requested by

Host: client.joistapp.com
URL: https://client.joistapp.com/static/js/main.9e0402ce.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.205.27.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-205-27-121.compute-1.amazonaws.com

Software

Resource Hash

09b61b1680f51e4460310b441a7e571b3171429290d0f77fcadc70a280e114f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .cloudfront.net; font-src 'self' fonts.gstatic.com netdna.bootstrapcdn.com .cloudfront.net; script-src 'self' 'unsafe-inline' js-agent.newrelic.com bam.nr-data.net .cloudfront.net; style-src 'self' 'unsafe-inline' fonts.googleapis.com netdna.bootstrapcdn.com .cloudfront.net; worker-src 'self' .joisttest.com .joistapp.com blob:
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://client.joistapp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rack-cors: hit
date: Thu, 25 Jan 2024 18:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=631138519
x-permitted-cross-domain-policies: none
content-security-policy: default-src 'self' *.cloudfront.net; font-src 'self' fonts.gstatic.com netdna.bootstrapcdn.com *.cloudfront.net; script-src 'self' 'unsafe-inline' js-agent.newrelic.com bam.nr-data.net *.cloudfront.net; style-src 'self' 'unsafe-inline' fonts.googleapis.com netdna.bootstrapcdn.com *.cloudfront.net; worker-src 'self' *.joisttest.com *.joistapp.com blob:
x-xss-protection: 1; mode=block
x-request-id: bb1cec59-4d78-49bc-86ee-a7eff5fc9001
x-runtime: 0.109839
etag: W/"09b61b1680f51e4460310b441a7e571b"
x-download-options: noopen
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://client.joistapp.com
access-control-expose-headers: Link
cache-control: max-age=0, private, must-revalidate
x-frame-options: sameorigin
vary: Accept-Encoding, Origin

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.6.3/fonts/ 70 KB
71 KB 36ms
18ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/fonts/fontawesome-webfont.woff2?v=4.6.3

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css
Origin: https://client.joistapp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 18:42:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1076
age: 20560
cdn-cachedat: 10/31/2023 18:59:59
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 71896
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "e6cf7c6ec7c2d6f670ae9d762604cb0b"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: fdf945f7c17057282c8900aced609e23
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 84b2a79fbc1f9113-FRA
cdn-requestpullsuccess: True

POST
H2 200 t Show response
api.segment.io/v1/ 21 B
175 B 171ms
170ms Fetch
application/json 35.160.35.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/t

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/K88QpdmsKhRzrofQjSapSzTurnYQhGeJ/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.160.35.184 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-160-35-184.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://client.joistapp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://client.joistapp.com
date: Thu, 25 Jan 2024 18:42:13 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

POST
H2 200 t Show response
api.segment.io/v1/ 21 B
175 B 169ms
169ms Fetch
application/json 35.160.35.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/t

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/K88QpdmsKhRzrofQjSapSzTurnYQhGeJ/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.160.35.184 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-160-35-184.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://client.joistapp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://client.joistapp.com
date: Thu, 25 Jan 2024 18:42:13 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1014 B
861 B 192ms
191ms XHR
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AebN-PzKrASrgmVPbTYZZbViuFCnuFgDIqSxaMAZI5Hrx5fH64iDfNVzCifAW_3MjfFntWcyqz1aQzZQ&components=buttons,funding-eligibility

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

502b2f73dcee4eccddaedccc208c6fa80a4bf4c3384f2a1c91b4c5d27f9cee9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://client.joistapp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: application/json

Response headers

date: Thu, 25 Jan 2024 18:42:13 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f33527565000f
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-fra-eddf8230115-FRA, cache-fra-eddf8230115-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f33527565000f-8396b5f08cb21024-01
x-timer: S1706208134.508230,VS0,VE184
etag: W/"3f6-mNJ9ABBiNUbPZfnRVuBVHP7ZklA"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://client.joistapp.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 184ms
184ms Preflight 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://client.joistapp.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://client.joistapp.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-length: 0
date: Thu, 25 Jan 2024 18:42:13 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f984440eb8b34
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f984440eb8b34-1e3f566de2b8dfb7-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-served-by: cache-fra-eddf8230115-FRA, cache-fra-eddf8230115-FRA
x-timer: S1706208133.323988,VS0,VE176

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.joistapp.com/	1970-01-21 02:42:24	Name: ajs_user_id Value: 722490
			.joistapp.com/	1970-01-21 02:42:24	Name: ajs_anonymous_id Value: ANON-722490

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.acornfinance.com
api.joistapp.com
api.leanplum.com
api.segment.io
cdn.segment.com
client.joistapp.com
maxcdn.bootstrapcdn.com
outbound.joistapp.com
payment-amount.acornfinance.com
s3.amazonaws.com
t.paypal.com
www.paypal.com
www.paypalobjects.com
151.101.1.35
151.101.193.21
192.229.221.25
2600:9000:2156:1a00:12:42f7:e2c0:93a1
2606:4700::6812:acf
3.17.103.230
34.102.193.164
35.160.35.184
44.207.24.182
52.216.57.24
54.205.27.121
54.78.186.219
99.86.8.175
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
051ca5211546c4b91c8c047341a7bcbf2a02ea62c2617f30fd33b805202b16a5
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
09b61b1680f51e4460310b441a7e571b3171429290d0f77fcadc70a280e114f8
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1855b74a33cb2c1ea5ccdd07ce0d1bdad269f99b8c887c01e2ece8e7885c929e
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
25e5bd4d8c412ea0722eb2116fcf07f224776eab02ebbb704959713d1b051fc7
2a6e6a45173d7d89cf7b6f2085588f236f8ad83e49fdc95438382b12e046b5b0
34c4f48357a5ddff0ab8a8d8bc4fab8c07bae0cdb274013368ebaf95540c2454
437a122011eaa58fc876011801ab51f166f20152c8738577a9fc66a72daf0ee6
502b2f73dcee4eccddaedccc208c6fa80a4bf4c3384f2a1c91b4c5d27f9cee9b
5c599f30629913305c40092a3d1db4f38e933c92a9eb3272d83fedd5ff4358a2
634884dad609fbf2fa08e6ead914f0b5d0b64f416ef73881b8fd0d6e0d626a02
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03
72d042dbe1d918bf1cafc65132546252cc7d058c72203471cdf143560efeeaef
7b532de8a4953fd1344495886491dab01ac56d9c3d0c9ec7d5eb71932fd4e06d
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7e4fde2a7e2da4eb11065a29f03b7f68566665515cf79bf4841168b46508dda5
8206bb8a9f46e802a4b846ab4e628b29f109aa7326d809796b11bd131bc02f33
838a7c62adda8d131d694ae13ba2c5b73579aeb0f327d9f23e23880943a8a289
9106dd05cb3be1b2f1d39b4ec78d6bad5f685aba2ee66473151b5795fd6b5a3b
afeefbf5496ba2247b83b353f48f1e147c8c50f6084bfca782fa94ff8ac75bdd
b52407aec1ed7966d80d5322ed8bd8075a39361cbca9559f8887769cc1a62dd8
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83
b966caa11e2a8721449045be23a5e33a35b34fc662aca0ef44f87d9901a8b9c4
c29df51e669790f74823aa12b401e1a16e4c300681b1691b857c2f967280e23e
c89aadbef900392d046dbed6240e3836837226f389fbd4b304146f053cc4bd19
cacfcddfa67d8936a25cb47587e117e99fc910b9cf6ce67aa739410085035cdd
d3cb42385390abe04615937d1dcd383849995f4a7270d87a1ad9897737790f16
e1379cb2f8d1393495c95106b91bf8b1b6ec405e03f59d409decc21c0060e1d8
e6dbf700c49759ef37d8c12df23759fdb54ab14faf5b4be0ddc5fb79356d7450
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

client.joistapp.com Open in urlscan Pro 44.207.24.182 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

43 Requests

100 %HTTPS

15 %IPv6

9 Domains

13 Subdomains

12 IPs

2 Countries

3312 kBTransfer

3822 kBSize

2 Cookies

4 Outgoing links

Page URL History

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

client.joistapp.com Open in urlscan Pro
44.207.24.182 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

100 %
HTTPS

15 %
IPv6

9
Domains

13
Subdomains

12
IPs

2
Countries

3312 kB
Transfer

3822 kB
Size

2
Cookies

43 HTTP transactions
0 data transactions