app.threat.zone Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request scan Show response app.threat.zone/	3 KB 2 KB	533ms 453ms	Document text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.threat.zone/scan Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 82e553f30bb91f4e62a02e250a5e579fd2b693fc32026f9d5c4882b95c69f86c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control max-age=31536000 cf-cache-status DYNAMIC cf-ray 779b3b585df10e64-AMS content-encoding br content-type text/html date Thu, 15 Dec 2022 00:58:36 GMT feature-policy none last-modified Fri, 25 Nov 2022 12:48:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} permissions-policy none referrer-policy no-referrer report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=230vW5ed5BkEuDOdobriXaCFN8mb67CroQkwcUx5ZQ8wG2Lfisc1YnyPjAyGrPSbl5h5NnpEoidM1IN0PU0aJQY2%2BGIZPbT4oWkr5Kw%2FOAsXu0Eyv26O6WEQGnYWleNoP%2FtNt6egNbVoYCuOriI%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	js Show response www.googletagmanager.com/gtag/	216 KB 76 KB	206ms 76ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-DKTQSZ62Y0 Requested by Host: app.threat.zone URL: https://app.threat.zone/scan Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 34ce59e450db3986c11cef84bc098d12dc12cea4b7610621e17f347bc1a9eaf8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers date Thu, 15 Dec 2022 00:58:36 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 76874 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Thu, 15 Dec 2022 00:58:36 GMT
GET H2	200	api.js Show response www.google.com/recaptcha/	850 B 968 B	188ms 59ms	Script text/javascript	2a00:1450:4001:80f::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js Requested by Host: app.threat.zone URL: https://app.threat.zone/scan Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash b59dae56216ef0e0fad97453ed5175bd1b607385cc54a36621ebe2509a693116 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers date Thu, 15 Dec 2022 00:58:36 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 555 x-xss-protection 1; mode=block expires Thu, 15 Dec 2022 00:58:36 GMT
GET H2	200	index.14ec51d4.js Show response app.threat.zone/assets/	3 MB 837 KB	978ms 977ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.threat.zone/assets/index.14ec51d4.js Requested by Host: app.threat.zone URL: https://app.threat.zone/scan Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b3280fdd5688898ba46f4aef30a3d999982b2b56d39903f385487d88626973a2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer Origin https://app.threat.zone accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers date Thu, 15 Dec 2022 00:58:37 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy no-referrer last-modified Fri, 25 Nov 2022 12:48:09 GMT server cloudflare etag W/"6380b989-2ef974" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cNTJBwRb50sHvIkf3N6fv2yvua3jO4HuzLRaXQfxVWpsk6w0frQAQwdoWPZLL%2FL5YKe55dAu3weWpue9PsczTsXqhCi83RFvmS0FGOlqccRjdcRi0h60771Tlv1hP0%2BkOp5vtH1bcMHWZyTEAKQ%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=31536000 feature-policy none permissions-policy none cf-ray 779b3b5b3f8b0e64-AMS
GET H2	200	index.7dcf7e9e.css app.threat.zone/assets/	58 KB 11 KB	557ms 557ms	Stylesheet text/css	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.threat.zone/assets/index.7dcf7e9e.css Requested by Host: app.threat.zone URL: https://app.threat.zone/scan Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash df431fad22aa279c14b96471baf9986bfbfde25ce82078087f3c701ad08c0752 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers date Thu, 15 Dec 2022 00:58:37 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy no-referrer last-modified Fri, 25 Nov 2022 12:48:09 GMT server cloudflare etag W/"6380b989-e77b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RZIpjNh5uCP%2BVpbwuAqZozVcuu2L%2BCDYaQHXZXj8rFnjC4H7ZJy3UTDqWxb%2BtM8JRj%2FAcd4rigrYJIHCk66NeWoMb%2BzAKy%2B9Tn1j7YBRGzSAXIvrKUHsuZckmFr0GRX%2B84BdMIGTu8L4vaJr5ZI%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=31536000 feature-policy none permissions-policy none cf-ray 779b3b5b3f8a0e64-AMS
GET H2	200	hotjar-3105834.js Show response static.hotjar.com/c/	8 KB 4 KB	150ms 62ms	Script application/javascript	108.156.60.37 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-3105834.js?sv=6 Requested by Host: app.threat.zone URL: https://app.threat.zone/scan Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.156.60.37 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-156-60-37.ams1.r.cloudfront.net Software / Resource Hash 0d8ec92f673f3c69b8d913c1dabcb4aeb03e7b3828acc596d992d6dcf92c2b37 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers date Thu, 15 Dec 2022 00:58:36 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 fabf8b14862325981b1496bd502a7818.cloudfront.net (CloudFront) x-amz-cf-pop AMS1-P2 etag W/be161367ed066e238c11c100394d93bf vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=60 x-cache-hit 1 cross-origin-resource-policy cross-origin x-amz-cf-id prl1UckWDtUyu5PyUhc7rl48GexWWAKBh0PZFaoa_CkLVI_7X8t07w==
GET H2	200	modules.e446dd48ad4c173d0779.js Show response script.hotjar.com/	263 KB 68 KB	91ms 28ms	Script application/javascript	18.65.39.52 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.e446dd48ad4c173d0779.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-3105834.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.39.52 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-39-52.ams1.r.cloudfront.net Software / Resource Hash 28e7e652bdb6c55c2347e51f218cacfca5645711fa919dc879b25a5c88991aed Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers date Tue, 13 Dec 2022 14:30:06 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 ca1ae3b3ff3d7a9e41b26e307972401e.cloudfront.net (CloudFront) x-amz-cf-pop AMS1-P1 age 124110 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 68690 last-modified Tue, 13 Dec 2022 14:30:02 GMT etag "e594ec8e48bfdcd811b3aa8ce1ff2044" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id WaiizP2R1CbIJDvLfcasgcX2n25Vih0G7qm146U76pUqmT7SdwF92g==
GET H2	200	recaptcha__nl.js Show response www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/	402 KB 161 KB	102ms 32ms	Script text/javascript	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__nl.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7df48615d50b66c34968e7e3f7bcfd74b708ae463a633e6bf6087c0ab07ba60d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer Origin https://app.threat.zone accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers date Thu, 08 Dec 2022 06:54:26 GMT content-encoding gzip x-content-type-options nosniff age 583450 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 164127 x-xss-protection 0 last-modified Thu, 08 Dec 2022 01:21:32 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 08 Dec 2023 06:54:26 GMT
GET H2	200	box-5e66f98b4ee957db209dc6f63e3d59dd.html Show response vars.hotjar.com/ Frame 6EE4	2 KB 1 KB	86ms 24ms	Document text/html	108.156.60.78 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-3105834.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.156.60.78 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-156-60-78.ams1.r.cloudfront.net Software / Resource Hash cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ranges bytes age 1856910 cache-control max-age=31536000 content-encoding br content-length 1035 content-type text/html cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Wed, 23 Nov 2022 13:10:06 GMT etag "e0652b84b7b3b650769c759fc520c3f8" last-modified Wed, 23 Nov 2022 13:09:18 GMT strict-transport-security max-age=2592000; includeSubDomains vary Accept-Encoding via 1.1 abf5199c76a5a64063b4cf8863f823aa.cloudfront.net (CloudFront) x-amz-cf-id THDkq3kh6N6koEjR1wVh-XOykNrU7UkqAijHYKRleDVMHDHkJQKrpQ== x-amz-cf-pop AMS1-P2 x-cache Hit from cloudfront x-robots-tag none
POST H2	204	collect region1.google-analytics.com/g/	0 338 B	83ms 29ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-DKTQSZ62Y0&gtm=2oebu0&_p=1954035147&cid=1344677844.1671065917&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1671065917&sct=1&seg=0&dl=https%3A%2F%2Fapp.threat.zone%2Fscan&dt=Threat.Zone&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-DKTQSZ62Y0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers pragma no-cache date Thu, 15 Dec 2022 00:58:37 GMT server Golfe2 content-type text/plain access-control-allow-origin https://app.threat.zone cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	visit-data Show response in.hotjar.com/api/v2/client/sites/3105834/	147 B 322 B	135ms 45ms	XHR application/json	34.248.5.173 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://in.hotjar.com/api/v2/client/sites/3105834/visit-data?sv=6 Requested by Host: script.hotjar.com URL: https://script.hotjar.com/modules.e446dd48ad4c173d0779.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.248.5.173 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-248-5-173.eu-west-1.compute.amazonaws.com Software / Resource Hash 8d30577eeff150721411d9bae27fc0eb69e8c8dc46ff11475fa816e723843960 Request headers Referer accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Content-Type text/plain; charset=UTF-8 Response headers date Thu, 15 Dec 2022 00:58:37 GMT content-encoding br vary Accept-Encoding access-control-max-age 86400 content-type application/json access-control-allow-origin * cache-control no-cache, no-store access-control-allow-credentials true
POST H2	200	content Show response ws37.hotjar.com/api/v2/sites/3105834/recordings/	66 B 258 B	154ms 48ms	XHR application/json	54.229.132.216 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ws37.hotjar.com/api/v2/sites/3105834/recordings/content Requested by Host: script.hotjar.com URL: https://script.hotjar.com/modules.e446dd48ad4c173d0779.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.229.132.216 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-229-132-216.eu-west-1.compute.amazonaws.com Software / Resource Hash afda2359cc445bca83017bac64b8cf276228c9a0d280a91ff230a0f7b637d097 Request headers Referer accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Content-Type text/plain; charset=UTF-8 Response headers date Thu, 15 Dec 2022 00:58:37 GMT content-encoding br vary Accept-Encoding access-control-max-age 86400 content-type application/json access-control-allow-origin * cache-control no-cache, no-store access-control-allow-credentials true
GET H2	200	css2 fonts.googleapis.com/	9 KB 1 KB	204ms 69ms	Stylesheet text/css	2a00:1450:4001:813::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600;700;800;900&display=swap Requested by Host: app.threat.zone URL: https://app.threat.zone/assets/index.7dcf7e9e.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash a88ee13d2e82bd99ff8c5ac3c2cd52d3a4175f9121e48e30b1683bb80684b711 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 15 Dec 2022 00:58:37 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 14 Dec 2022 23:14:20 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 15 Dec 2022 00:58:37 GMT
GET H2	200	b0vdoqa0 Show response widget.intercom.io/widget/	18 KB 7 KB	96ms 33ms	Script application/javascript	18.65.39.110 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget.intercom.io/widget/b0vdoqa0 Requested by Host: app.threat.zone URL: https://app.threat.zone/scan Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.39.110 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-39-110.ams1.r.cloudfront.net Software AmazonS3 / Resource Hash 5f2033ac8a8a5e9c5365bd3bbc82c3ed2bdda34196ce05bc7efaed3604114af7 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers x-amz-version-id 0l_BCNxgWfYmLCz.RCzG4WVh7JdG4UwC content-encoding gzip via 1.1 d0b402ca7e5fc6514bdd05f23e206b58.cloudfront.net (CloudFront) date Thu, 15 Dec 2022 00:49:48 GMT x-amz-cf-pop AMS1-P1 age 1294 x-amz-server-side-encryption AES256 x-cache Error from cloudfront alt-svc h3=":443"; ma=86400 content-length 6169 last-modified Wed, 14 Dec 2022 13:10:59 GMT server AmazonS3 etag "a468c8b6bc2cc2fd8a338eef8cf8b5fa" vary Accept-Encoding, Origin content-type application/javascript; charset=UTF-8 cache-control max-age=900, s-maxage=900, public accept-ranges bytes x-amz-cf-id stasZuPiCeB9sWauqRfx08_K5Wl-Xte4Aysf-fww7UUeG2SQpo136Q==
POST H3	200	graphql Show response app.threat.zone/	74 B 1 KB	465ms 465ms	Fetch application/json	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.threat.zone/graphql Requested by Host: app.threat.zone URL: https://app.threat.zone/assets/index.14ec51d4.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf9f4b7ff63ac25e4004afe3a8558697e09ac09a87ab353551ee747b98bc03f9 Security Headers Name Value Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Strict-Transport-Security max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains X-Content-Type-Options nosniff, nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0, 1; mode=block Request headers accept */* Referer accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 content-type application/json Response headers date Thu, 15 Dec 2022 00:58:38 GMT content-security-policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests x-content-type-options nosniff, nosniff strict-transport-security max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains cf-cache-status DYNAMIC x-permitted-cross-domain-policies none nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cross-origin-embedder-policy require-corp x-dns-prefetch-control off content-encoding br cross-origin-resource-policy same-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 0, 1; mode=block referrer-policy no-referrer, no-referrer server cloudflare cross-origin-opener-policy same-origin etag W/"4a-0ATTnF4Z78F8J0F7AODajpfpUEE" expect-ct max-age=0 x-frame-options SAMEORIGIN vary Origin, Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://app.threat.zone origin-agent-cluster ?1 x-download-options noopen cache-control max-age=31536000 access-control-allow-credentials true feature-policy none permissions-policy none report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D403QRBR1BDoaepoR5bpNnJTB1QCbhSM4tqnMEJzjPCLwwEuujHFHnllSNwL4Xe2wDa1W7bKnLvCtfOudRSNd83fFhKOSCa3Sg0YFZH7nZet9eerfMzs4Ad6yaErbwVFIzTJSaCpgxMd53LvqOo%3D"}],"group":"cf-nel","max_age":604800} cf-ray 779b3b64a814b936-AMS
GET H2	200	client Show response accounts.google.com/gsi/	191 KB 76 KB	230ms 153ms	Script application/javascript	2a00:1450:4001:811::200d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/gsi/client Requested by Host: app.threat.zone URL: https://app.threat.zone/assets/index.14ec51d4.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e285fe2bbf96c407e81437642952e7619e03dbd1be7d53161d90a988f691f834 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-4xMaBmel5iim_TgDqIfSUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers date Thu, 15 Dec 2022 00:58:38 GMT content-security-policy script-src 'report-sample' 'nonce-4xMaBmel5iim_TgDqIfSUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN report-to {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]} content-type application/javascript; charset=utf-8 cache-control private, max-age=1800 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1" expires Thu, 15 Dec 2022 00:58:38 GMT
GET H3	200	threat_zone.f80d2905.png app.threat.zone/assets/	166 KB 167 KB	45ms 45ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://app.threat.zone/assets/threat_zone.f80d2905.png Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f80d290507a17a4a7b859f0765e0d518b5e47bc5cc72070a1f48ef7baf9fe7c0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers date Thu, 15 Dec 2022 00:58:38 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 56368 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 170489 x-xss-protection 1; mode=block referrer-policy no-referrer last-modified Fri, 25 Nov 2022 12:48:09 GMT server cloudflare etag "6380b989-299f9" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XffWcmXNBf7AsMaBDsgVI05vM6Oyt%2BOqurNTabgpX%2BRKjs%2FHRkpmu8BC1XNn796bSoaY09BlSMG3MyXUwykI8kz9AgU814urYOYXyeJhXDtU8c01IGYG8vvKnUUBMMHtK7DUXnGD8npX1p51AqQ%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 feature-policy none permissions-policy none accept-ranges bytes cf-ray 779b3b64b817b936-AMS
GET H3	200	threat_zone_scan.ffab1fe2.png app.threat.zone/assets/	38 KB 38 KB	573ms 572ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://app.threat.zone/assets/threat_zone_scan.ffab1fe2.png Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ffab1fe24220f665b89e0c77741800e990dd8b12be7966dadf52ee5b0518ceaa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers date Thu, 15 Dec 2022 00:58:38 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 38549 x-xss-protection 1; mode=block referrer-policy no-referrer last-modified Fri, 25 Nov 2022 12:48:09 GMT server cloudflare etag "6380b989-9695" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aFeKVjhMaeWLccAF8e0oAYwaHKayUYtsAdkhagm6ThsaPrzAa4AUawMphrZaKK3ugju%2BQ%2FEmZKyuFplxVfXv7UaHs68ZkGhHyW%2FSefrpDFbhtPuyTeMrM431UHUMZmYIAe2MesFQCvOhzSE2C4A%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 feature-policy none permissions-policy none accept-ranges bytes cf-ray 779b3b64b819b936-AMS
GET H2	200	pxiEyp8kv8JHgFVrJJfecg.woff2 fonts.gstatic.com/s/poppins/v20/	8 KB 8 KB	106ms 33ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600;700;800;900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://app.threat.zone accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers date Wed, 14 Dec 2022 19:25:00 GMT x-content-type-options nosniff age 20018 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7884 x-xss-protection 0 last-modified Wed, 27 Apr 2022 17:03:52 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 14 Dec 2023 19:25:00 GMT
GET H2	200	pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v20/	8 KB 8 KB	114ms 42ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600;700;800;900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://app.threat.zone accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers date Wed, 14 Dec 2022 19:25:01 GMT x-content-type-options nosniff age 20017 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7748 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:21:30 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 14 Dec 2023 19:25:01 GMT
GET H2	200	pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v20/	8 KB 8 KB	109ms 37ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600;700;800;900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://app.threat.zone accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers date Sat, 10 Dec 2022 16:04:49 GMT x-content-type-options nosniff age 377629 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8000 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:59:07 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 10 Dec 2023 16:04:49 GMT
GET H2	200	frame-modern.60c16743.js Show response js.intercomcdn.com/ Frame A6C9	461 KB 126 KB	109ms 38ms	Script application/javascript	18.66.147.49 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.intercomcdn.com/frame-modern.60c16743.js Requested by Host: widget.intercom.io URL: https://widget.intercom.io/widget/b0vdoqa0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.147.49 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-147-49.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 764a3ff1b9315bd7d629b3ad41e47d72d51da5a2ffbcd3eea133698d5d8c5413 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers x-amz-version-id JMNBfjQueitzrHveJtrtwSdyHDzmH8qk content-encoding gzip via 1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront) date Wed, 14 Dec 2022 23:59:47 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop FRA60-P4 age 3532 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 content-length 128120 last-modified Wed, 14 Dec 2022 13:09:30 GMT server AmazonS3 etag "ff581b9a2a0995b9deae4dee37b08c12" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=31536000, s-maxage=7200, public accept-ranges bytes x-amz-cf-id u4cKxIR3VLe0cQRlNK9HhQASbOEcTf-ZyzMeScAeXn8purPKCkbLjQ==
GET H2	200	vendor-modern.36ed38c1.js Show response js.intercomcdn.com/ Frame A6C9	236 KB 73 KB	174ms 103ms	Script application/javascript	18.66.147.49 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.intercomcdn.com/vendor-modern.36ed38c1.js Requested by Host: widget.intercom.io URL: https://widget.intercom.io/widget/b0vdoqa0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.147.49 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-147-49.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 4475a08c95b869199ca5bdbc8493bcdb1e5dca212d29d234117c32b32444ba11 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers x-amz-version-id 4vun2YlxxxLdaoabhH2zQlgl.uLOfhth content-encoding gzip via 1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront) date Wed, 14 Dec 2022 23:09:59 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop FRA60-P4 age 6520 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 content-length 74429 last-modified Wed, 14 Dec 2022 13:09:30 GMT server AmazonS3 etag "92d069eaabf3b558c0e41c73e56cd888" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=31536000, s-maxage=7200, public accept-ranges bytes x-amz-cf-id Jt6fsCUU-fJMaM4iBZiaOLrs6CCs5JvaQ_peBfvKqgGaZxoU3utSTg==
POST H2	200	ping Show response api-iam.intercom.io/messenger/web/ Frame A6C9	3 KB 2 KB	694ms 477ms	XHR application/json	3.217.204.123 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api-iam.intercom.io/messenger/web/ping Requested by Host: js.intercomcdn.com URL: https://js.intercomcdn.com/frame-modern.60c16743.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.217.204.123 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-217-204-123.compute-1.amazonaws.com Software nginx / Resource Hash 18a9715390a72546530ca2941fe370f97418f6cac1f50d1f74d9de9b07f5c5e4 Security Headers Name Value Strict-Transport-Security max-age=31556952; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Thu, 15 Dec 2022 00:58:39 GMT strict-transport-security max-age=31556952; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff x-ami-version ami-02c0cfe17eb72be22 status 200 OK x-xss-protection 1; mode=block x-request-id 0015mjapple8rvrh3jg0 x-runtime 0.353735 server nginx etag W/"18a9715390a72546530ca2941fe370f9" x-ratelimit-remaining 13332 vary Accept,Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://app.threat.zone x-intercom-version 939f3f679188de71f66f18fa1722388f989dca11 cache-control max-age=0, private, must-revalidate access-control-allow-credentials true x-ratelimit-reset 1671065920 x-ratelimit-limit 13333 access-control-allow-methods POST, GET, OPTIONS access-control-allow-headers Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA x-frame-options SAMEORIGIN
POST H2	200	ping Show response api-iam.intercom.io/messenger/web/ Frame A6C9	3 KB 2 KB	511ms 480ms	XHR application/json	3.217.204.123 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api-iam.intercom.io/messenger/web/ping Requested by Host: js.intercomcdn.com URL: https://js.intercomcdn.com/frame-modern.60c16743.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.217.204.123 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-217-204-123.compute-1.amazonaws.com Software nginx / Resource Hash 9626b4ad183246a2a5353286976444678862789bd714a62de109bf3530e99c5f Security Headers Name Value Strict-Transport-Security max-age=31556952; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Thu, 15 Dec 2022 00:58:39 GMT strict-transport-security max-age=31556952; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff x-ami-version ami-02c0cfe17eb72be22 status 200 OK x-xss-protection 1; mode=block x-request-id 0004ramunqsvrgb8chq0 x-runtime 0.328267 server nginx etag W/"9626b4ad183246a2a535328697644467" x-ratelimit-remaining 13331 vary Accept,Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://app.threat.zone x-intercom-version 939f3f679188de71f66f18fa1722388f989dca11 cache-control max-age=0, private, must-revalidate access-control-allow-credentials true x-ratelimit-reset 1671065920 x-ratelimit-limit 13333 access-control-allow-methods POST, GET, OPTIONS access-control-allow-headers Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA x-frame-options SAMEORIGIN
POST H3	204	collect region1.google-analytics.com/g/	0 17 B	85ms 29ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-DKTQSZ62Y0&gtm=2oebu0&_p=1954035147&cid=1344677844.1671065917&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1671065917&sct=1&seg=0&dl=https%3A%2F%2Fapp.threat.zone%2Fscan&dt=Threat.Zone&en=scroll&epn.percent_scrolled=90&_et=5 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-DKTQSZ62Y0 Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers pragma no-cache date Thu, 15 Dec 2022 00:58:42 GMT server Golfe2 content-type text/plain access-control-allow-origin https://app.threat.zone cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| oncontentvisibilityautostatechange function| hj object| _hjSettings function| gtag object| dataLayer function| Intercom object| intercomSettings object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| recaptcha object| __core-js_shared__ function| __intercomAssignLocation object| default_gsi object| google

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.threat.zone/	1970-01-20 17:47:05	Name: _ga_DKTQSZ62Y0 Value: GS1.1.1671065917.1.0.1671065917.0.0.0
			.threat.zone/	1970-01-20 17:47:05	Name: _ga Value: GA1.1.1344677844.1671065917
			.threat.zone/	1970-01-20 16:56:41	Name: _hjSessionUser_3105834 Value: eyJpZCI6ImRhNWJhYzBhLTZkMDgtNWZjOS05M2M2LTkxYWRlY2ZjNjgyNCIsImNyZWF0ZWQiOjE2NzEwNjU5MTY5NzgsImV4aXN0aW5nIjpmYWxzZX0=
			.threat.zone/	1970-01-20 08:11:07	Name: _hjFirstSeen Value: 1
			app.threat.zone/	1970-01-20 08:11:06	Name: _hjIncludedInSessionSample Value: 1
			.threat.zone/	1970-01-20 08:11:07	Name: _hjSession_3105834 Value: eyJpZCI6IjhiMGQyZGQ3LTliN2EtNDdjYi04YjljLTQ5MzViNjgwMTI2NyIsImNyZWF0ZWQiOjE2NzEwNjU5MTcwMzEsImluU2FtcGxlIjp0cnVlfQ==
			app.threat.zone/	1970-01-20 08:11:06	Name: _hjIncludedInPageviewSample Value: 1
			.threat.zone/	1970-01-20 08:11:07	Name: _hjAbsoluteSessionInProgress Value: 0
			.threat.zone/	1970-01-20 14:39:55	Name: intercom-id-b0vdoqa0 Value: 1351f288-fb5d-43c6-adae-a74f911ac1ac
			.threat.zone/	1970-01-20 08:21:10	Name: intercom-session-b0vdoqa0 Value:
			.threat.zone/	1970-01-20 14:39:55	Name: intercom-device-id-b0vdoqa0 Value: 0cdcfe69-3765-4ee7-946b-33cf6477dcb4

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'none'.
security	warning	Message: Error with Permissions-Policy header: Invalid allowlist item for feature none. Allowlist item must be *, self, or quoted url.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'none'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
api-iam.intercom.io
app.threat.zone
fonts.googleapis.com
fonts.gstatic.com
in.hotjar.com
js.intercomcdn.com
region1.google-analytics.com
script.hotjar.com
static.hotjar.com
vars.hotjar.com
widget.intercom.io
ws37.hotjar.com
www.google.com
www.googletagmanager.com
www.gstatic.com
108.156.60.37
108.156.60.78
18.65.39.110
18.65.39.52
18.66.147.49
2001:4860:4802:34::36
2a00:1450:4001:806::2008
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:811::200d
2a00:1450:4001:813::200a
2a00:1450:4001:831::2003
2a06:98c1:3120::3
3.217.204.123
34.248.5.173
54.229.132.216
0d8ec92f673f3c69b8d913c1dabcb4aeb03e7b3828acc596d992d6dcf92c2b37
18a9715390a72546530ca2941fe370f97418f6cac1f50d1f74d9de9b07f5c5e4
28e7e652bdb6c55c2347e51f218cacfca5645711fa919dc879b25a5c88991aed
34ce59e450db3986c11cef84bc098d12dc12cea4b7610621e17f347bc1a9eaf8
4475a08c95b869199ca5bdbc8493bcdb1e5dca212d29d234117c32b32444ba11
5f2033ac8a8a5e9c5365bd3bbc82c3ed2bdda34196ce05bc7efaed3604114af7
764a3ff1b9315bd7d629b3ad41e47d72d51da5a2ffbcd3eea133698d5d8c5413
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7df48615d50b66c34968e7e3f7bcfd74b708ae463a633e6bf6087c0ab07ba60d
82e553f30bb91f4e62a02e250a5e579fd2b693fc32026f9d5c4882b95c69f86c
8d30577eeff150721411d9bae27fc0eb69e8c8dc46ff11475fa816e723843960
9626b4ad183246a2a5353286976444678862789bd714a62de109bf3530e99c5f
a88ee13d2e82bd99ff8c5ac3c2cd52d3a4175f9121e48e30b1683bb80684b711
afda2359cc445bca83017bac64b8cf276228c9a0d280a91ff230a0f7b637d097
b3280fdd5688898ba46f4aef30a3d999982b2b56d39903f385487d88626973a2
b59dae56216ef0e0fad97453ed5175bd1b607385cc54a36621ebe2509a693116
cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cf9f4b7ff63ac25e4004afe3a8558697e09ac09a87ab353551ee747b98bc03f9
df431fad22aa279c14b96471baf9986bfbfde25ce82078087f3c701ad08c0752
e285fe2bbf96c407e81437642952e7619e03dbd1be7d53161d90a988f691f834
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f80d290507a17a4a7b859f0765e0d518b5e47bc5cc72070a1f48ef7baf9fe7c0
ffab1fe24220f665b89e0c77741800e990dd8b12be7966dadf52ee5b0518ceaa