urlscan.io logo urlscan.io
SecurityTrails logo

onsite.hconnect.digital Open in urlscan Pro
2620:1ec:bdf::45  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://hcon.site/l/rX93
Effective URL: https://onsite.hconnect.digital/?id=65ccf3ce-1c5c-4d03-929e-699ee4a05ef2&countryCode=FR&webviewType=orderCreate
Submission: On June 04 via manual from FR — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 4 domains to perform 18 HTTP transactions. The main IP is 2620:1ec:bdf::45, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is onsite.hconnect.digital.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on December 7th 2023. Valid for: a year.
This is the only time onsite.hconnect.digital was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 199.36.158.100 54113 (FASTLY)
6 20.126.238.81 8075 (MICROSOFT...)
12 2620:1ec:bdf::45 8075 (MICROSOFT...)
18 2
Domain Requested by
10 onsite.hconnect.digital hcag.app
onsite.hconnect.digital
6 hcag.app hcag.app
2 api.hconnect.heidelbergcement.com onsite.hconnect.digital
1 hcon.site 1 redirects
18 4

This site contains links to these domains. Also see Links.

Domain
hconnect.digital
Subject Issuer Validity Valid
hcag.app
R3		 2024-05-05 -
2024-08-03		 3 months crt.sh
onsite.hconnect.digital
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
api.hconnect.heidelbergcement.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh

This page contains 1 frames:

Primary Page: https://onsite.hconnect.digital/?id=65ccf3ce-1c5c-4d03-929e-699ee4a05ef2&countryCode=FR&webviewType=orderCreate
Frame ID: 4DCCF44DE53658AA4E81BD2A18FEF70C
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://hcon.site/l/rX93 HTTP 302
    https://hcag.app/r1/?scope=permission_share&id=65ccf3ce-1c5c-4d03-929e-699ee4a05ef2&countryCo... Page URL
  2. https://onsite.hconnect.digital/?id=65ccf3ce-1c5c-4d03-929e-699ee4a05ef2&countryCode=FR&webviewType=orderCreate Page URL

Page Statistics

18
Requests

100 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

2
IPs

2
Countries

920 kB
Transfer

1822 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://hcon.site/l/rX93 HTTP 302
    https://hcag.app/r1/?scope=permission_share&id=65ccf3ce-1c5c-4d03-929e-699ee4a05ef2&countryCode=FR&source=webview&webviewType=orderCreate&env=prod&receiverType=SiteContact Page URL
  2. https://onsite.hconnect.digital/?id=65ccf3ce-1c5c-4d03-929e-699ee4a05ef2&countryCode=FR&webviewType=orderCreate Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://hcon.site/l/rX93 HTTP 302
  • https://hcag.app/r1/?scope=permission_share&id=65ccf3ce-1c5c-4d03-929e-699ee4a05ef2&countryCode=FR&source=webview&webviewType=orderCreate&env=prod&receiverType=SiteContact

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
hcag.app/r1/
Redirect Chain
  • https://hcon.site/l/rX93
  • https://hcag.app/r1/?scope=permission_share&id=65ccf3ce-1c5c-4d03-929e-699ee4a05ef2&countryCode=FR&source=webview&webviewType=orderCreate&env=prod&receiverType=SiteContact
1 KB
973 B 		Document
General
Check archive.org
Download Go to
Full URL
https://hcag.app/r1/?scope=permission_share&id=65ccf3ce-1c5c-4d03-929e-699ee4a05ef2&countryCode=FR&source=webview&webviewType=orderCreate&env=prod&receiverType=SiteContact
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.126.238.81 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f7074740b9f82f540709e73faed75ef933302ef11b244218ffaae950c46513ae
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
content-type
text/html
date
Tue, 04 Jun 2024 15:55:25 GMT
etag
W/"0x8DC5A234C4169E0"
last-modified
Thu, 11 Apr 2024 12:31:22 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-azure-ref
20240604T155525Z-r18f798df986w9xkm8kbqf88ac000000079g000000009dtw
x-cache
TCP_HIT
x-content-type-options
nosniff
x-fd-int-roxy-purgeid
68570648
x-frame-options
SAMEORIGIN
x-ms-request-id
67bb2408-a01e-003d-74cb-b553a0000000
x-ms-version
2018-03-28
x-xss-protection
1; mode=block

Redirect headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-security-policy
script-src 'report-sample' 'nonce-FbrwWdk4xpogIO6qMuvMXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self',script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport/allowlist,require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport
content-type
application/binary
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
same-site
date
Tue, 04 Jun 2024 15:55:25 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://hcag.app/r1/?scope=permission_share&id=65ccf3ce-1c5c-4d03-929e-699ee4a05ef2&countryCode=FR&source=webview&webviewType=orderCreate&env=prod&receiverType=SiteContact
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site, x-fh-requested-host, accept-encoding
x-cache
MISS
x-cache-hits
0
x-served-by
cache-lcy-eglc8600090-LCY
x-timer
S1717516525.442690,VS0,VE164
styles.css
hcag.app/r1/ 		927 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hcag.app/r1/styles.css
Requested by
Host: hcag.app
URL: https://hcag.app/r1/?scope=permission_share&id=65ccf3ce-1c5c-4d03-929e-699ee4a05ef2&countryCode=FR&source=webview&webviewType=orderCreate&env=prod&receiverType=SiteContact
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.126.238.81 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3f09fc79ec639f7fdbbeb12e5fb527c0dcf7860f253021b675094ef77db66a3a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://hcag.app/r1/?scope=permission_share&id=65ccf3ce-1c5c-4d03-929e-699ee4a05ef2&countryCode=FR&source=webview&webviewType=orderCreate&env=prod&receiverType=SiteContact
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 15:55:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Thu, 11 Apr 2024 12:31:22 GMT
etag
"0x8DC5A234C46C04F"
x-azure-ref
20240604T155525Z-r18f798df986w9xkm8kbqf88ac000000079g000000009dtx
x-cache
TCP_HIT
content-type
text/css
x-frame-options
SAMEORIGIN
x-ms-request-id
84d0e1e7-501e-0029-19cd-b51bcf000000
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
68570648
accept-ranges
bytes
content-length
927
x-xss-protection
1; mode=block
onsite-truck.png
hcag.app/r1/assets/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hcag.app/r1/assets/onsite-truck.png
Requested by
Host: hcag.app
URL: https://hcag.app/r1/?scope=permission_share&id=65ccf3ce-1c5c-4d03-929e-699ee4a05ef2&countryCode=FR&source=webview&webviewType=orderCreate&env=prod&receiverType=SiteContact
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.126.238.81 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e7d4f67e37256fa27279f5f1ff48796ff71c46540cff9760a8d4b9ff777d54bc
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://hcag.app/r1/?scope=permission_share&id=65ccf3ce-1c5c-4d03-929e-699ee4a05ef2&countryCode=FR&source=webview&webviewType=orderCreate&env=prod&receiverType=SiteContact
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 15:55:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
x-cache
TCP_HIT
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
68570648
content-length
2050
x-xss-protection
1; mode=block
last-modified
Thu, 11 Apr 2024 12:31:23 GMT
etag
"0x8DC5A234C4E8756"
x-azure-ref
20240604T155525Z-r18f798df986w9xkm8kbqf88ac00000007cg000000003bhx
x-frame-options
SAMEORIGIN
content-type
image/png
x-ms-request-id
0760c13b-501e-0064-662e-b5d423000000
x-ms-version
2018-03-28
accept-ranges
bytes
google-play-badge.png
hcag.app/r1/assets/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hcag.app/r1/assets/google-play-badge.png
Requested by
Host: hcag.app
URL: https://hcag.app/r1/?scope=permission_share&id=65ccf3ce-1c5c-4d03-929e-699ee4a05ef2&countryCode=FR&source=webview&webviewType=orderCreate&env=prod&receiverType=SiteContact
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.126.238.81 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
215e46442382af6784b854e56f70c527d0d205a367c58567c308d3c3fbe31cc2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://hcag.app/r1/?scope=permission_share&id=65ccf3ce-1c5c-4d03-929e-699ee4a05ef2&countryCode=FR&source=webview&webviewType=orderCreate&env=prod&receiverType=SiteContact
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 15:55:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
x-cache
TCP_HIT
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
68570648
content-length
13957
x-xss-protection
1; mode=block
last-modified
Thu, 11 Apr 2024 12:31:23 GMT
etag
"0x8DC5A234C4E6056"
x-azure-ref
20240604T155525Z-1686f577599sbp8q0ugtawbph800000007k0000000001p37
x-frame-options
SAMEORIGIN
content-type
image/png
x-ms-request-id
68fba43a-a01e-003d-37fe-b553a0000000
x-ms-version
2018-03-28
accept-ranges
bytes
app-store-badge.svg
hcag.app/r1/assets/ 		11 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hcag.app/r1/assets/app-store-badge.svg
Requested by
Host: hcag.app
URL: https://hcag.app/r1/?scope=permission_share&id=65ccf3ce-1c5c-4d03-929e-699ee4a05ef2&countryCode=FR&source=webview&webviewType=orderCreate&env=prod&receiverType=SiteContact
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.126.238.81 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a26fc5b38380272c92e9019a2eb8b45542a66814b3e2b203772db8904b9fb99f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://hcag.app/r1/?scope=permission_share&id=65ccf3ce-1c5c-4d03-929e-699ee4a05ef2&countryCode=FR&source=webview&webviewType=orderCreate&env=prod&receiverType=SiteContact
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 15:55:25 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Thu, 11 Apr 2024 12:31:23 GMT
etag
W/"0x8DC5A234C52575A"
vary
Accept-Encoding
x-azure-ref
20240604T155525Z-r18f798df98z8lkw5x6xyh2pyc00000007d00000000041q1
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
x-ms-request-id
c0d4cc9e-101e-0065-0b17-b58bff000000
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
68570648
x-xss-protection
1; mode=block
main.bundle.js
hcag.app/r1/ 		133 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hcag.app/r1/main.bundle.js
Requested by
Host: hcag.app
URL: https://hcag.app/r1/?scope=permission_share&id=65ccf3ce-1c5c-4d03-929e-699ee4a05ef2&countryCode=FR&source=webview&webviewType=orderCreate&env=prod&receiverType=SiteContact
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.126.238.81 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5870374e6a75bf61647839b9cbd5499249380d127d218bb80df9cdae62d0f0bd
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://hcag.app/r1/?scope=permission_share&id=65ccf3ce-1c5c-4d03-929e-699ee4a05ef2&countryCode=FR&source=webview&webviewType=orderCreate&env=prod&receiverType=SiteContact
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 15:55:25 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Thu, 11 Apr 2024 12:31:23 GMT
etag
W/"0x8DC5A234C4FBFAC"
vary
Accept-Encoding
x-azure-ref
20240604T155525Z-r18f798df986w9xkm8kbqf88ac000000079g000000009dty
content-type
application/javascript
x-frame-options
SAMEORIGIN
x-ms-request-id
9caa9774-201e-0051-2df7-b5b837000000
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
68570648
x-xss-protection
1; mode=block
Primary Request /
onsite.hconnect.digital/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onsite.hconnect.digital/?id=65ccf3ce-1c5c-4d03-929e-699ee4a05ef2&countryCode=FR&webviewType=orderCreate
Requested by
Host: hcag.app
URL: https://hcag.app/r1/main.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d354f0fc6e06dad6f5df0db0797780f0fd48aea589a625f6851d4058138d6300
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
https://hcag.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
public,no-cache,no-store
content-encoding
br
content-type
text/html
date
Tue, 04 Jun 2024 15:55:26 GMT
etag
W/"0x8DBEB70635687FC"
last-modified
Wed, 22 Nov 2023 15:33:33 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-azure-ref
20240604T155526Z-r15ddbcdf57h9h927mzxs11fqn00000001a000000000xxdb
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-frame-options
DENY
x-ms-request-id
355d8304-001e-010b-2897-b67977000000
x-ms-version
2018-03-28
2.e76c70b7.chunk.js
onsite.hconnect.digital/static/js/ 		1 MB
431 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onsite.hconnect.digital/static/js/2.e76c70b7.chunk.js
Requested by
Host: onsite.hconnect.digital
URL: https://onsite.hconnect.digital/?id=65ccf3ce-1c5c-4d03-929e-699ee4a05ef2&countryCode=FR&webviewType=orderCreate
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1823020511fdb716fb9fe3ce28abc3419b14da9404c849b7a7b38d285ec87cbd
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://onsite.hconnect.digital/?id=65ccf3ce-1c5c-4d03-929e-699ee4a05ef2&countryCode=FR&webviewType=orderCreate
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 15:55:26 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
x-cache
TCP_HIT
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
0
last-modified
Wed, 22 Nov 2023 15:33:33 GMT
etag
W/"0x8DBEB706362941F"
vary
Accept-Encoding
x-azure-ref
20240604T155526Z-r15ddbcdf57h9h927mzxs11fqn00000001a000000000xxdt
content-type
application/javascript
x-frame-options
DENY
x-ms-request-id
59a32ea2-e01e-0086-592d-b67384000000
cache-control
public,max-age=31536000,immutable
x-ms-version
2018-03-28
main.a553c870.chunk.js
onsite.hconnect.digital/static/js/ 		217 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onsite.hconnect.digital/static/js/main.a553c870.chunk.js
Requested by
Host: onsite.hconnect.digital
URL: https://onsite.hconnect.digital/?id=65ccf3ce-1c5c-4d03-929e-699ee4a05ef2&countryCode=FR&webviewType=orderCreate
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
566e86fa1f824167780bd009e789cb4e2ba9537d13128afdba4c8e91ecbbddba
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://onsite.hconnect.digital/?id=65ccf3ce-1c5c-4d03-929e-699ee4a05ef2&countryCode=FR&webviewType=orderCreate
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 15:55:26 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
x-cache
TCP_HIT
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
0
last-modified
Wed, 22 Nov 2023 15:33:33 GMT
etag
W/"0x8DBEB70635A57F5"
vary
Accept-Encoding
x-azure-ref
20240604T155526Z-r15ddbcdf57h9h927mzxs11fqn00000001a000000000xxdu
content-type
application/javascript
x-frame-options
DENY
x-ms-request-id
0123bd77-501e-0131-562d-b63ad4000000
cache-control
public,max-age=31536000,immutable
x-ms-version
2018-03-28
Inter.var.c2fe3cb2.woff2
onsite.hconnect.digital/static/media/ 		317 KB
318 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://onsite.hconnect.digital/static/media/Inter.var.c2fe3cb2.woff2
Requested by
Host: onsite.hconnect.digital
URL: https://onsite.hconnect.digital/?id=65ccf3ce-1c5c-4d03-929e-699ee4a05ef2&countryCode=FR&webviewType=orderCreate
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
85f08b5f51e36ca7e961a033c6bb61d7f0e44aa0984646383ecac648e98fdcc8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://onsite.hconnect.digital/?id=65ccf3ce-1c5c-4d03-929e-699ee4a05ef2&countryCode=FR&webviewType=orderCreate
Origin
https://onsite.hconnect.digital
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 15:55:27 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
x-cache
TCP_HIT
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
0
content-length
324864
last-modified
Wed, 22 Nov 2023 15:33:33 GMT
etag
"0x8DBEB70635ACD11"
x-azure-ref
20240604T155527Z-r15ddbcdf57h9h927mzxs11fqn00000001a000000000xxg1
x-frame-options
DENY
content-type
font/woff2
x-ms-request-id
6f296388-901e-0001-252d-b626ab000000
cache-control
public,max-age=31536000,immutable
x-ms-version
2018-03-28
accept-ranges
bytes
LogoOnSiteWhiteTrans.bc245ecc.svg
onsite.hconnect.digital/static/media/ 		788 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onsite.hconnect.digital/static/media/LogoOnSiteWhiteTrans.bc245ecc.svg
Requested by
Host: onsite.hconnect.digital
URL: https://onsite.hconnect.digital/?id=65ccf3ce-1c5c-4d03-929e-699ee4a05ef2&countryCode=FR&webviewType=orderCreate
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a6f30a70fb584408f208129a7b7800854f4541d4ac88159c3fa7e14328472691
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://onsite.hconnect.digital/?id=65ccf3ce-1c5c-4d03-929e-699ee4a05ef2&countryCode=FR&webviewType=orderCreate
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 15:55:27 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
x-cache
TCP_HIT
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
0
content-length
788
last-modified
Wed, 22 Nov 2023 15:33:33 GMT
etag
"0x8DBEB70635B9046"
x-azure-ref
20240604T155527Z-r15ddbcdf57h9h927mzxs11fqn00000001a000000000xxfx
x-frame-options
DENY
content-type
image/svg+xml
x-ms-request-id
1f6a79c2-d01e-00ac-40bc-b506c1000000
cache-control
public,max-age=31536000,immutable
x-ms-version
2018-03-28
accept-ranges
bytes
LogoOnSiteFooter.895a723f.svg
onsite.hconnect.digital/static/media/ 		7 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onsite.hconnect.digital/static/media/LogoOnSiteFooter.895a723f.svg
Requested by
Host: onsite.hconnect.digital
URL: https://onsite.hconnect.digital/?id=65ccf3ce-1c5c-4d03-929e-699ee4a05ef2&countryCode=FR&webviewType=orderCreate
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
beb03c99e64a05f31d215c960c8a9b5056e2c673bc4b9e577bcfec4a940d45b9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://onsite.hconnect.digital/?id=65ccf3ce-1c5c-4d03-929e-699ee4a05ef2&countryCode=FR&webviewType=orderCreate
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 15:55:27 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
x-cache
TCP_HIT
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
0
last-modified
Wed, 22 Nov 2023 15:33:33 GMT
etag
W/"0x8DBEB7063583564"
vary
Accept-Encoding
x-azure-ref
20240604T155527Z-r15ddbcdf57h9h927mzxs11fqn00000001a000000000xxfy
content-type
image/svg+xml
x-frame-options
DENY
x-ms-request-id
5c513019-801e-0073-7657-b65795000000
cache-control
public,max-age=31536000,immutable
x-ms-version
2018-03-28
AppStoreBadge.8c4986ee.svg
onsite.hconnect.digital/static/media/ 		11 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onsite.hconnect.digital/static/media/AppStoreBadge.8c4986ee.svg
Requested by
Host: onsite.hconnect.digital
URL: https://onsite.hconnect.digital/?id=65ccf3ce-1c5c-4d03-929e-699ee4a05ef2&countryCode=FR&webviewType=orderCreate
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a26fc5b38380272c92e9019a2eb8b45542a66814b3e2b203772db8904b9fb99f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://onsite.hconnect.digital/?id=65ccf3ce-1c5c-4d03-929e-699ee4a05ef2&countryCode=FR&webviewType=orderCreate
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 15:55:27 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
x-cache
TCP_HIT
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
0
last-modified
Wed, 22 Nov 2023 15:33:33 GMT
etag
W/"0x8DBEB706353F047"
vary
Accept-Encoding
x-azure-ref
20240604T155527Z-r15ddbcdf57h9h927mzxs11fqn00000001a000000000xxfz
content-type
image/svg+xml
x-frame-options
DENY
x-ms-request-id
667a729e-d01e-00ac-062d-b606c1000000
cache-control
public,max-age=31536000,immutable
x-ms-version
2018-03-28
GooglePlayBadge.f902960a.png
onsite.hconnect.digital/static/media/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onsite.hconnect.digital/static/media/GooglePlayBadge.f902960a.png
Requested by
Host: onsite.hconnect.digital
URL: https://onsite.hconnect.digital/?id=65ccf3ce-1c5c-4d03-929e-699ee4a05ef2&countryCode=FR&webviewType=orderCreate
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
215e46442382af6784b854e56f70c527d0d205a367c58567c308d3c3fbe31cc2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://onsite.hconnect.digital/?id=65ccf3ce-1c5c-4d03-929e-699ee4a05ef2&countryCode=FR&webviewType=orderCreate
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 15:55:27 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
x-cache
TCP_HIT
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
0
content-length
13957
last-modified
Wed, 22 Nov 2023 15:33:33 GMT
etag
"0x8DBEB70635AA609"
x-azure-ref
20240604T155527Z-r15ddbcdf57h9h927mzxs11fqn00000001a000000000xxg0
x-frame-options
DENY
content-type
image/png
x-ms-request-id
342f22e8-f01e-011e-352d-b6bbee000000
cache-control
public,max-age=31536000,immutable
x-ms-version
2018-03-28
accept-ranges
bytes
65ccf3ce-1c5c-4d03-929e-699ee4a05ef2
api.hconnect.heidelbergcement.com/previews/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hconnect.heidelbergcement.com/previews/65ccf3ce-1c5c-4d03-929e-699ee4a05ef2
Requested by
Host: onsite.hconnect.digital
URL: https://onsite.hconnect.digital/static/js/2.e76c70b7.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c19218b12b27730d51f72c4b16f76ac0bcb491f10953dfc8ca42d38dbb2bdfaa
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
X-Timezone-Offset
-120
traceparent
00-2c9262805c244ee78f535c5275faa992-f313eb2c2cab49fd-01
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://onsite.hconnect.digital/
Request-ID
UX6e_hlxBfaWNshKRPqUM, |2c9262805c244ee78f535c5275faa992.f313eb2c2cab49fd
Request-Context
appId=cid-v1:e0970f89-e122-4954-93e8-d4dd46e2aa57

Response headers

date
Tue, 04 Jun 2024 15:55:27 GMT
content-encoding
br
x-correlation-id
UX6e_hlxBfaWNshKRPqUM, |2c9262805c244ee78f535c5275faa992.f313eb2c2cab49fd
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
content-length
649
x-xss-protection
1; mode=block
request-context
appId=cid-v1:e0970f89-e122-4954-93e8-d4dd46e2aa57
x-build-number
1.28.1.0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-azure-ref
20240604T155527Z-174b4bdfd94l2njx1beqnwfph00000000570000000001c32
accept-ranges
bytes
65ccf3ce-1c5c-4d03-929e-699ee4a05ef2
api.hconnect.heidelbergcement.com/previews/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.hconnect.heidelbergcement.com/previews/65ccf3ce-1c5c-4d03-929e-699ee4a05ef2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
request-context,request-id,traceparent,x-timezone-offset
Access-Control-Request-Method
GET
Origin
https://onsite.hconnect.digital
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
request-context,request-id,traceparent,x-timezone-offset
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
3600
date
Tue, 04 Jun 2024 15:55:27 GMT
request-context
appId=cid-v1:e0970f89-e122-4954-93e8-d4dd46e2aa57
strict-transport-security
max-age=15724800; includeSubDomains
x-azure-ref
20240604T155527Z-174b4bdfd94l2njx1beqnwfph00000000570000000001c31
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
favicon.ico
onsite.hconnect.digital/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://onsite.hconnect.digital/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d354f0fc6e06dad6f5df0db0797780f0fd48aea589a625f6851d4058138d6300
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://onsite.hconnect.digital/?id=65ccf3ce-1c5c-4d03-929e-699ee4a05ef2&countryCode=FR&webviewType=orderCreate
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 15:55:27 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Wed, 22 Nov 2023 15:33:33 GMT
etag
W/"0x8DBEB70635687FC"
vary
Accept-Encoding
x-azure-ref
20240604T155527Z-r15ddbcdf57h9h927mzxs11fqn00000001a000000000xxgg
content-type
text/html
x-frame-options
DENY
x-ms-request-id
2e7efbc7-601e-00d3-3a97-b698f3000000
cache-control
public,no-cache,no-store
x-cache
CONFIG_NOCACHE
x-ms-version
2018-03-28
TruckLogo.ddfeb582.svg
onsite.hconnect.digital/static/media/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onsite.hconnect.digital/static/media/TruckLogo.ddfeb582.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1e56c92ea197835efe3723831f92eadee7b1d876445eb385eec8372ee2f94e53
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://onsite.hconnect.digital/?id=65ccf3ce-1c5c-4d03-929e-699ee4a05ef2&countryCode=FR&webviewType=orderCreate
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 15:55:27 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
x-cache
TCP_HIT
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
0
last-modified
Wed, 22 Nov 2023 15:33:33 GMT
etag
W/"0x8DBEB70635242E3"
vary
Accept-Encoding
x-azure-ref
20240604T155527Z-r15ddbcdf57h9h927mzxs11fqn00000001a000000000xxmy
content-type
image/svg+xml
x-frame-options
DENY
x-ms-request-id
342f24ea-f01e-011e-672d-b6bbee000000
cache-control
public,max-age=31536000,immutable
x-ms-version
2018-03-28

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| REACT_APP_BUILD_ID string| REACT_APP_BUILD_TIME string| REACT_APP_GIT_SHA1 string| REACT_APP_STAGE string| REACT_APP_VERSION object| webpackJsonp@hconnect/onsite number| 2f1acc6c3a606b082e5eef5e54414ffb object| __dynProto$Gbl function| _ boolean| __reactResponderSystemActive

1 Cookies

Domain/Path Name / Value
hcag.app/ Name: ai_user
Value: 2fKiEz/GG602aLF+Q5/XiR|2024-06-04T15:55:25.980Z

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block