urlscan.io logo urlscan.io
SecurityTrails logo

prestore.jtiint.org Open in urlscan Pro
51.143.103.168  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://prestore.jtiint.org/
Effective URL: https://prestore.jtiint.org/order
Submission: On October 07 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 6 domains to perform 15 HTTP transactions. The main IP is 51.143.103.168, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is prestore.jtiint.org.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 8th 2020. Valid for: 3 months.
This is the only time prestore.jtiint.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 51.143.103.168 8075 (MICROSOFT...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a04:4e42:1b:... 54113 (FASTLY)
2 52.218.108.128 16509 (AMAZON-02)
8 2600:9000:21c... 16509 (AMAZON-02)
1 138.201.9.137 24940 (HETZNER-AS)
15 6
2    51.143.103.168 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
prestore.jtiint.org
1    2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    2a04:4e42:1b::393 (Ascension Island)

ASN54113 (FASTLY, US)
res.cloudinary.com
2    52.218.108.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1-r-w.amazonaws.com
userlike-cdn-widgets.s3-eu-west-1.amazonaws.com
userlike-cdn-operators.s3-eu-west-1.amazonaws.com
8    2600:9000:21c7:2800:18:7e64:500:21 (United States)

ASN16509 (AMAZON-02, US)
d3dc1lgancj6l0.cloudfront.net
1    138.201.9.137 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: www.userlike.com
api.userlike.com
Domain Requested by
8 d3dc1lgancj6l0.cloudfront.net userlike-cdn-widgets.s3-eu-west-1.amazonaws.com
d3dc1lgancj6l0.cloudfront.net
prestore.jtiint.org
2 res.cloudinary.com prestore.jtiint.org
2 prestore.jtiint.org 1 redirects
1 userlike-cdn-operators.s3-eu-west-1.amazonaws.com
1 api.userlike.com d3dc1lgancj6l0.cloudfront.net
1 userlike-cdn-widgets.s3-eu-west-1.amazonaws.com prestore.jtiint.org
1 unpkg.com prestore.jtiint.org
15 7

This site contains no links.

Subject Issuer Validity Valid
prestore.jtiint.org
Let's Encrypt Authority X3		 2020-08-08 -
2020-11-06		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-02 -
2021-08-02		 a year crt.sh
*.cloudinary.com
Go Daddy Secure Certificate Authority - G2		 2020-05-27 -
2022-06-22		 2 years crt.sh
*.s3-eu-west-1.amazonaws.com
DigiCert Baltimore CA-2 G2		 2020-08-04 -
2021-08-09		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2020-05-26 -
2021-04-21		 a year crt.sh
*.userlike.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-28 -
2022-05-24		 2 years crt.sh

This page contains 3 frames:

Primary Page: https://prestore.jtiint.org/order
Frame ID: 6798F97CEBFE39DEA47E305020409B56
Requests: 5 HTTP requests in this frame

Frame: https://d3dc1lgancj6l0.cloudfront.net/umm-runtime.a963e781f6529ee59b23.js
Frame ID: CE16F9BA6009973BF7C18FC6595CD019
Requests: 8 HTTP requests in this frame

Frame: https://d3dc1lgancj6l0.cloudfront.net/fonts/open-sans-v15-latin_latin-ext-regular.81d0487ba73afd292730e6f89e83c2ea.woff2
Frame ID: 944AC63BBB62B819C1E5BE3892B01A6D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://prestore.jtiint.org/ HTTP 302
    https://prestore.jtiint.org/order Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

15
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

7
Subdomains

6
IPs

4
Countries

487 kB
Transfer

1539 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://prestore.jtiint.org/ HTTP 302
    https://prestore.jtiint.org/order Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request order
prestore.jtiint.org/
Redirect Chain
  • https://prestore.jtiint.org/
  • https://prestore.jtiint.org/order
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://prestore.jtiint.org/order
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.143.103.168 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.12.2 / Vx
Resource Hash
8233df45b576c9a463e4d1c686a8af4c1bccdad9c890e6c2b98bb86511dc4d59
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN DENY
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
prestore.jtiint.org
:scheme
https
:path
/order
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
server
nginx/1.12.2
date
Wed, 07 Oct 2020 17:42:11 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
Vx
x-frame-options
SAMEORIGIN DENY
x-xss-protection
1; mode=block
x-content-type-options
nosniff nosniff
pragma
no-cache
cache-control
no-cache, no-store, must-revalidate
expires
Thu, 01 Jan 1970 00:00:00 +0000
set-cookie
PHPSESSID=p8g6oblqbhf9emajrihml0c59e; path=/; domain=prestore.jtiint.org; HttpOnly
content-encoding
gzip

Redirect headers

status
302
server
nginx/1.12.2
date
Wed, 07 Oct 2020 17:42:10 GMT
content-type
text/html; charset=UTF-8
location
https://prestore.jtiint.org/order
x-powered-by
Vx
x-frame-options
SAMEORIGIN DENY
x-xss-protection
1; mode=block
x-content-type-options
nosniff nosniff
pragma
no-cache
cache-control
no-cache, no-store, must-revalidate
expires
Thu, 01 Jan 1970 00:00:00 +0000
tachyons.min.css
unpkg.com/tachyons@4.10.0/css/ 		72 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/tachyons@4.10.0/css/tachyons.min.css
Requested by
Host: prestore.jtiint.org
URL: https://prestore.jtiint.org/order
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2fca046af83cf173357f3db6d2b80fca51258cfbd46b77e500714b3514cd4ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://prestore.jtiint.org/order
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 07 Oct 2020 17:42:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
29673857
status
200
vary
Accept-Encoding
cf-request-id
05a5c115d0000064d3d906c200000001
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"11f18-+fX8lUDIoOwvNIsx+MxKTZEUgcM"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
439d414bc15108a94a614bb5cdcdb5c2
cache-control
public, max-age=31536000
cf-ray
5de96acfbc6964d3-FRA
jti_banner_300.png
res.cloudinary.com/jtiqmzl/image/upload/v1491954455/logo/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/jtiqmzl/image/upload/v1491954455/logo/jti_banner_300.png
Requested by
Host: prestore.jtiint.org
URL: https://prestore.jtiint.org/order
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::393 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
7904548f40fc7d43ecd36d658fdfcd77d905291abcc974895611cb1a46c50619
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://prestore.jtiint.org/order
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 07 Oct 2020 17:42:11 GMT
x-content-type-options
nosniff
last-modified
Tue, 11 Apr 2017 23:47:36 GMT
server
Cloudinary
status
200
etag
"aa304f31817414f6e6aed809b3def6fb"
strict-transport-security
max-age=604800
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=2592000
server-timing
fastly;dur=2;start=2020-10-07T17:42:11.156Z;desc=hit,rtt;dur=5
accept-ranges
bytes
timing-allow-origin
*
content-length
9863
jti-student-book-us.jpg
res.cloudinary.com/jtiqmzl/image/upload/v1517589633/website/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/jtiqmzl/image/upload/v1517589633/website/jti-student-book-us.jpg
Requested by
Host: prestore.jtiint.org
URL: https://prestore.jtiint.org/order
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::393 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
50478b1029fcf708a3d8879646886b86e3702acb387fe567acd26026243be9a9
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://prestore.jtiint.org/order
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 07 Oct 2020 17:42:11 GMT
x-content-type-options
nosniff
last-modified
Fri, 02 Feb 2018 16:40:34 GMT
server
Cloudinary
status
200
etag
"151e096959f2547c0bf6b4886c593d71"
strict-transport-security
max-age=604800
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=2592000
server-timing
fastly;dur=545;cpu=1;start=2020-10-07T17:42:11.156Z;desc=miss,rtt;dur=5,cloudinary;dur=451;start=2020-10-07T17:42:11.201Z
accept-ranges
bytes
timing-allow-origin
*
content-length
31684
8a3729ee6d25ce5377b8e0d868c687631a3e56ba1ba08143661aa2cab3038238.js
userlike-cdn-widgets.s3-eu-west-1.amazonaws.com/ 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://userlike-cdn-widgets.s3-eu-west-1.amazonaws.com/8a3729ee6d25ce5377b8e0d868c687631a3e56ba1ba08143661aa2cab3038238.js
Requested by
Host: prestore.jtiint.org
URL: https://prestore.jtiint.org/order
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.108.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
285c960b02d1e71c763818f43edeb698ea550b1c87d1a9851e3bbb24d5ebed65

Request headers

Referer
https://prestore.jtiint.org/order
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 07 Oct 2020 17:42:12 GMT
Content-Encoding
gzip
Last-Modified
Fri, 02 Oct 2020 19:26:22 GMT
Server
AmazonS3
x-amz-request-id
CB132896DBF85824
ETag
"4e4f9db83784faa0f1242f87d5b15811"
Content-Type
application/javascript
Cache-Control
max-age=3600, must-revalidate
Accept-Ranges
bytes
Content-Length
27506
x-amz-id-2
MO3UeEquY45pBsLitjUFZkvUF6mdQV4O/dTBRAZYViYBWYFrl2BBSPz4Zs6mWozW4lrOv7iD8P4=
umm-runtime.a963e781f6529ee59b23.js
d3dc1lgancj6l0.cloudfront.net/ Frame CE16 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3dc1lgancj6l0.cloudfront.net/umm-runtime.a963e781f6529ee59b23.js
Requested by
Host: userlike-cdn-widgets.s3-eu-west-1.amazonaws.com
URL: https://userlike-cdn-widgets.s3-eu-west-1.amazonaws.com/8a3729ee6d25ce5377b8e0d868c687631a3e56ba1ba08143661aa2cab3038238.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:2800:18:7e64:500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fae47b504412c2feefae0959a0bd775b934002f8e4acb32a24d293d3226ad86d

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 07 Oct 2020 15:01:39 GMT
content-encoding
gzip
age
9633
x-cache
Hit from cloudfront
status
200
content-length
2806
last-modified
Fri, 02 Oct 2020 15:10:44 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:f99f588c5b7b3b05f063758153870c40
etag
"f99f588c5b7b3b05f063758153870c40"
content-type
application/javascript;charset=utf-8
via
1.1 630336d6cdf08cf266841fd503dc03d0.cloudfront.net (CloudFront)
cache-control
public,max-age=2678400
x-amz-cf-pop
AMS54-C1
accept-ranges
bytes
x-amz-cf-id
nRWFzKFYFPY4-JTqN4uDFc2awsaGYMz1uKKxqKCsf_Nqws3fBYH_cA==
umm-vendors.5cfae40378f39052cd60.js
d3dc1lgancj6l0.cloudfront.net/ Frame CE16 		678 KB
197 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3dc1lgancj6l0.cloudfront.net/umm-vendors.5cfae40378f39052cd60.js
Requested by
Host: userlike-cdn-widgets.s3-eu-west-1.amazonaws.com
URL: https://userlike-cdn-widgets.s3-eu-west-1.amazonaws.com/8a3729ee6d25ce5377b8e0d868c687631a3e56ba1ba08143661aa2cab3038238.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:2800:18:7e64:500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a263fcdfb71dbffb41c4003f4829921085598d12169d8b3a317798cd130ff6d6

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 07 Oct 2020 15:01:39 GMT
content-encoding
gzip
age
9633
x-cache
Hit from cloudfront
status
200
content-length
201234
last-modified
Fri, 02 Oct 2020 15:10:45 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:6b7f55801977e5870e92bcd08f8f5839
etag
"6b7f55801977e5870e92bcd08f8f5839"
content-type
application/javascript;charset=utf-8
via
1.1 630336d6cdf08cf266841fd503dc03d0.cloudfront.net (CloudFront)
cache-control
public,max-age=2678400
x-amz-cf-pop
AMS54-C1
accept-ranges
bytes
x-amz-cf-id
PKXD_btuGh-dnLAAh8tV_QzOr7mqOPKNpo5lpmHYJrP9T4h3JifuIQ==
umm-messenger.38a9f288fe92dce6d4c2.js
d3dc1lgancj6l0.cloudfront.net/ Frame CE16 		181 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3dc1lgancj6l0.cloudfront.net/umm-messenger.38a9f288fe92dce6d4c2.js
Requested by
Host: userlike-cdn-widgets.s3-eu-west-1.amazonaws.com
URL: https://userlike-cdn-widgets.s3-eu-west-1.amazonaws.com/8a3729ee6d25ce5377b8e0d868c687631a3e56ba1ba08143661aa2cab3038238.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:2800:18:7e64:500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
15df560e1137c729d879da6a015aba15fa253d24f6e7d5875881a0ff36b88c41

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 07 Oct 2020 15:01:39 GMT
content-encoding
gzip
age
9633
x-cache
Hit from cloudfront
status
200
content-length
47988
last-modified
Fri, 02 Oct 2020 15:10:44 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:731541a7bc69faad26991f23e1180d9c
etag
"731541a7bc69faad26991f23e1180d9c"
content-type
application/javascript;charset=utf-8
via
1.1 630336d6cdf08cf266841fd503dc03d0.cloudfront.net (CloudFront)
cache-control
public,max-age=2678400
x-amz-cf-pop
AMS54-C1
accept-ranges
bytes
x-amz-cf-id
sbbYbp-34F_75fo2m7fRYsYKj7rnVAYQ18AVlUyXlIcF1B7r4fHkMQ==
umm-0.c5921567c979c2594036.js
d3dc1lgancj6l0.cloudfront.net/ Frame CE16 		383 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3dc1lgancj6l0.cloudfront.net/umm-0.c5921567c979c2594036.js
Requested by
Host: d3dc1lgancj6l0.cloudfront.net
URL: https://d3dc1lgancj6l0.cloudfront.net/umm-runtime.a963e781f6529ee59b23.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:2800:18:7e64:500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ce31e89b7f51210826deebcfbcbef5014cb987d3150b0b5fa71153c8f4a81e45

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 07 Oct 2020 15:01:39 GMT
content-encoding
gzip
age
9633
x-cache
Hit from cloudfront
status
200
content-length
115199
last-modified
Fri, 02 Oct 2020 15:10:44 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:e9eaf7b7463afee06f2b030764e702d9
etag
"e9eaf7b7463afee06f2b030764e702d9"
content-type
application/javascript;charset=utf-8
via
1.1 630336d6cdf08cf266841fd503dc03d0.cloudfront.net (CloudFront)
cache-control
public,max-age=2678400
x-amz-cf-pop
AMS54-C1
accept-ranges
bytes
x-amz-cf-id
AP9c2HT9nE7A8YG5ODoJjvYmwRhDPGLIrlGNaExAh4mE56MlqMGQ5A==
umm-31.33c99de8dff46e1ad579.js
d3dc1lgancj6l0.cloudfront.net/ Frame CE16 		48 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3dc1lgancj6l0.cloudfront.net/umm-31.33c99de8dff46e1ad579.js
Requested by
Host: d3dc1lgancj6l0.cloudfront.net
URL: https://d3dc1lgancj6l0.cloudfront.net/umm-runtime.a963e781f6529ee59b23.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:2800:18:7e64:500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
51e5dc236677e571c4e6298d769765cb1890dfffc1ba4a341d73074d226f5f08

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 07 Oct 2020 15:01:39 GMT
content-encoding
gzip
age
9633
x-cache
Hit from cloudfront
status
200
content-length
14817
last-modified
Wed, 07 Oct 2020 15:01:16 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:cb10856ddcc965f5377424be7553f182
etag
"cb10856ddcc965f5377424be7553f182"
content-type
application/javascript;charset=utf-8
via
1.1 630336d6cdf08cf266841fd503dc03d0.cloudfront.net (CloudFront)
cache-control
public,max-age=2678400
x-amz-cf-pop
AMS54-C1
accept-ranges
bytes
x-amz-cf-id
DaJA_SSALJLVTdQBspZ8_lAdpesF1thkDpvw5uILrDIUK-BnqoOCBQ==
/
api.userlike.com/api/um/chat/button/check/ Frame CE16 		468 B
774 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.userlike.com/api/um/chat/button/check/?customer_id=59585&chat_widget_id=54290&callback=__ul_jp1
Requested by
Host: d3dc1lgancj6l0.cloudfront.net
URL: https://d3dc1lgancj6l0.cloudfront.net/umm-messenger.38a9f288fe92dce6d4c2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.201.9.137 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www.userlike.com
Software
nginx /
Resource Hash
825e99127639ebe54d968ea2fae78bd1cc67e002d3717718eede08362964d464
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; upgrade-insecure-requests
content-encoding
gzip
x-content-type-options
nosniff
age
0
x-cache
MISS
status
200
strict-transport-security
max-age=31536000; includeSubDomains
content-length
344
x-xss-protection
1; mode=block
allow
GET, HEAD, OPTIONS
server
nginx
x-frame-options
sameorigin
date
Wed, 07 Oct 2020 17:42:11 GMT
vary
Accept, Cookie, Accept-Encoding
content-type
application/javascript; charset=utf-8
accept-ranges
bytes
umm-intl-en-US.43fe997b94ba97b0387b.js
d3dc1lgancj6l0.cloudfront.net/ Frame CE16 		28 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3dc1lgancj6l0.cloudfront.net/umm-intl-en-US.43fe997b94ba97b0387b.js
Requested by
Host: d3dc1lgancj6l0.cloudfront.net
URL: https://d3dc1lgancj6l0.cloudfront.net/umm-runtime.a963e781f6529ee59b23.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:2800:18:7e64:500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1b71f9360a2857aef95d27e122c503bc8aacfb80ac8f51df50c108d0913a9cf4

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 07 Oct 2020 15:01:46 GMT
content-encoding
gzip
age
9626
x-cache
Hit from cloudfront
status
200
content-length
4645
last-modified
Wed, 07 Oct 2020 15:01:17 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:cadea181dd0c4595e27913d4859b4976
etag
"cadea181dd0c4595e27913d4859b4976"
content-type
application/javascript;charset=utf-8
via
1.1 630336d6cdf08cf266841fd503dc03d0.cloudfront.net (CloudFront)
cache-control
public,max-age=2678400
x-amz-cf-pop
AMS54-C1
accept-ranges
bytes
x-amz-cf-id
YDm_-wlEcsyNoyzpoljfThWDtRys6MxTm54DIH8B0Azk9jzVG1derQ==
umm-button.96f13953758b453b0b9e.js
d3dc1lgancj6l0.cloudfront.net/ Frame CE16 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3dc1lgancj6l0.cloudfront.net/umm-button.96f13953758b453b0b9e.js
Requested by
Host: d3dc1lgancj6l0.cloudfront.net
URL: https://d3dc1lgancj6l0.cloudfront.net/umm-runtime.a963e781f6529ee59b23.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:2800:18:7e64:500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a5d4544348aa83a4cb45f388207ebf29c82db83c02785abb1b48ffbe79fd24c6

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 07 Oct 2020 15:01:39 GMT
content-encoding
gzip
age
9633
x-cache
Hit from cloudfront
status
200
content-length
632
last-modified
Wed, 07 Oct 2020 15:01:16 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:10da640fb231ddf6b6d84ba0e4218d54
etag
"10da640fb231ddf6b6d84ba0e4218d54"
content-type
application/javascript;charset=utf-8
via
1.1 630336d6cdf08cf266841fd503dc03d0.cloudfront.net (CloudFront)
cache-control
public,max-age=2678400
x-amz-cf-pop
AMS54-C1
accept-ranges
bytes
x-amz-cf-id
ppEWq8uyiQ1hichatVk7A0cbbfoLVY9MXfB8aAU2uq9FLIZT1rcwKg==
open-sans-v15-latin_latin-ext-regular.81d0487ba73afd292730e6f89e83c2ea.woff2
d3dc1lgancj6l0.cloudfront.net/fonts/ Frame 944A 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3dc1lgancj6l0.cloudfront.net/fonts/open-sans-v15-latin_latin-ext-regular.81d0487ba73afd292730e6f89e83c2ea.woff2
Requested by
Host: prestore.jtiint.org
URL: https://prestore.jtiint.org/order
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:2800:18:7e64:500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
557116ee5706daa3b6cb2f52e7490e22db9c30ebfc447a5c85458a5fa0f6f84b

Request headers

Origin
https://prestore.jtiint.org
Referer
https://prestore.jtiint.org/order
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 07 Oct 2020 15:01:40 GMT
content-encoding
gzip
vary
Access-Control-Request-Headers,Access-Control-Request-Method
age
9632
x-cache
Hit from cloudfront
status
200
content-length
18981
access-control-allow-origin
*
last-modified
Wed, 07 Oct 2020 15:01:33 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:a396828e89f9fb4a4b1d0dc7808901a6
etag
"a396828e89f9fb4a4b1d0dc7808901a6"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/font-woff2
via
1.1 6e44e48abc671a9155ea845c36f68921.cloudfront.net (CloudFront)
cache-control
public,max-age=2678400
x-amz-cf-pop
AMS54-C1
accept-ranges
bytes
x-amz-cf-id
af_H3ngUIcJVrjUwiweFLeOyEWzCDIZ5zFUsl9bQJ1xgUcRoo-J6dw==
828716ab426fc19d8b062a39b71b0f9997fe35cd38319c7fdd4f2931a643c336_80x80.jpg
userlike-cdn-operators.s3-eu-west-1.amazonaws.com/ Frame 944A 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://userlike-cdn-operators.s3-eu-west-1.amazonaws.com/828716ab426fc19d8b062a39b71b0f9997fe35cd38319c7fdd4f2931a643c336_80x80.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.108.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
394c4bc5b90b15d18cc2533b2341afdf25d3bce33ae67d1ec22c60b80e844a9d

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 07 Oct 2020 17:42:13 GMT
Last-Modified
Sat, 22 Feb 2020 23:15:34 GMT
Server
AmazonS3
x-amz-request-id
47E18F339DB93C73
ETag
"fa43fafe18636eda6b4ce81e15fed724"
Content-Type
image/jpeg
Cache-Control
max-age=86400, must-revalidate
Accept-Ranges
bytes
Content-Length
3670
x-amz-id-2
aPzODNzAWm5f8oyDenn/DtXFcsTdbS29ZWYAQ46/uV+ZH8Zy+mIvw6s+a7O+bYNzDsdLVmw4vBg=

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| __USERLIKE_PURE__ boolean| __USERLIKE_MOUNT_GUARD__ object| userlike

3 Cookies

Domain/Path Name / Value
prestore.jtiint.org/ Name: uslk_umm_59585_s
Value: {%22version%22:%221%22%2C%22data%22:{%22reauth%22:false}}
prestore.jtiint.org/ Name: uslk_umm_59585_c
Value: {%22version%22:%221%22%2C%22data%22:{}}
.prestore.jtiint.org/ Name: PHPSESSID
Value: p8g6oblqbhf9emajrihml0c59e

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN DENY
X-Xss-Protection 1; mode=block