firmroom.com Open in urlscan Pro
18.205.183.153 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://firmroom.com/registration/gsCOJEAk6zlnd0gBnZgW6F0r2gD4JDt5LiNpAQXJ
Effective URL:
https://firmroom.com/account/registration/gsCOJEAk6zlnd0gBnZgW6F0r2gD4JDt5LiNpAQXJ/
Submission: On September 16 via manual (September 16th 2022, 10:22:52 am UTC) from GB — Scanned from GB

Summary HTTP 14 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 14 HTTP transactions. The main IP is 18.205.183.153, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is firmroom.com.
TLS certificate: Issued by Amazon on March 30th 2022. Valid for: a year.

This is the only time firmroom.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	18.205.183.153 18.205.183.153	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:400e:80c::200a	15169 (GOOGLE) (GOOGLE)
7	2600:9000:203... 2600:9000:203c:4400:4:f284:84c0:21	16509 (AMAZON-02) (AMAZON-02)
2	35.188.42.15 35.188.42.15	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
14	6

4 18.205.183.153 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-205-183-153.compute-1.amazonaws.com

firmroom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:203c:4400:4:f284:84c0:21 (United States)

ASN16509 (AMAZON-02, US)

do99shaj1itcj.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.188.42.15 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 15.42.188.35.bc.googleusercontent.com

sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	cloudfront.net do99shaj1itcj.cloudfront.net	2 MB
4	firmroom.com 1 redirects firmroom.com	14 KB
2	sentry.io sentry.io — Cisco Umbrella Rank: 300	770 B
1	gstatic.com fonts.gstatic.com	38 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 40	1 KB
14	5

	Domain	Requested by
7	do99shaj1itcj.cloudfront.net	firmroom.com
4	firmroom.com	1 redirects do99shaj1itcj.cloudfront.net
2	sentry.io	firmroom.com do99shaj1itcj.cloudfront.net
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	firmroom.com
14	5

This site contains links to these domains. Also see Links.

Domain
www.google.com
www.mozilla.org
www.apple.com
www.microsoft.com
techcommunity.microsoft.com

Subject Issuer	Validity	Valid
firmroom.com Amazon	`2022-03-30` - `2023-04-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
sentry.io DigiCert TLS RSA SHA256 2020 CA1	`2022-06-03` - `2023-07-04`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://firmroom.com/account/registration/gsCOJEAk6zlnd0gBnZgW6F0r2gD4JDt5LiNpAQXJ/
Frame ID: 79540BA69D4A650E8F533A75449627C9
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FirmRoom Login

Page URL History Show full URLs

https://firmroom.com/registration/gsCOJEAk6zlnd0gBnZgW6F0r2gD4JDt5LiNpAQXJ HTTP 302
https://firmroom.com/account/registration/gsCOJEAk6zlnd0gBnZgW6F0r2gD4JDt5LiNpAQXJ/ Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

14
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

6
IPs

3
Countries

2442 kB
Transfer

7396 kB
Size

1
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.google.com/chrome/
Title: Google Chrome

Search URL Search Domain Scan URL

URL: https://www.mozilla.org/en-US/firefox/new/
Title: Mozilla Firefox

Search URL Search Domain Scan URL

URL: https://www.apple.com/au/safari/
Title: Apple Safari

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-au/windows/microsoft-edge
Title: Microsoft Edge

Search URL Search Domain Scan URL

URL: https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/The-perils-of-using-Internet-Explorer-as-your-default-browser/ba-p/331732
Title: Microsoft blog.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://firmroom.com/registration/gsCOJEAk6zlnd0gBnZgW6F0r2gD4JDt5LiNpAQXJ HTTP 302
https://firmroom.com/account/registration/gsCOJEAk6zlnd0gBnZgW6F0r2gD4JDt5LiNpAQXJ/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
firmroom.com/account/registration/gsCOJEAk6zlnd0gBnZgW6F0r2gD4JDt5LiNpAQXJ/
Redirect Chain

https://firmroom.com/registration/gsCOJEAk6zlnd0gBnZgW6F0r2gD4JDt5LiNpAQXJ
https://firmroom.com/account/registration/gsCOJEAk6zlnd0gBnZgW6F0r2gD4JDt5LiNpAQXJ/

10 KB
7 KB

155ms
154ms

Document
text/html

18.205.183.153
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://firmroom.com/account/registration/gsCOJEAk6zlnd0gBnZgW6F0r2gD4JDt5LiNpAQXJ/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.205.183.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-205-183-153.compute-1.amazonaws.com

Software

dws /

Resource Hash

93dc49e874b3515dc11bfaf1d4f9c25fdb3bd1b0bf56a9f175c2375642ce5f1f

Security Headers

Name	Value
Content-Security-Policy	media-src https://client.crisp.chat; script-src 'self' https://firmroom.com https://do99shaj1itcj.cloudfront.net/assets/ https://js.usemessages.com/conversations-embed.js https://js.stripe.com .vimeo.com .vimeocdn.com .newrelic.com .nr-data.net https://client.crisp.chat https://settings.crisp.chat 'nonce-TTrF7en17GGmXvpM'; font-src https://firmroom.com https://do99shaj1itcj.cloudfront.net/assets/ data: https://fonts.gstatic.com https://client.crisp.chat; img-src 'self' https://firmroom.com https://do99shaj1itcj.cloudfront.net/assets/ data: blob: https://i.vimeocdn.com/ https://firmroom-mcache.s3.amazonaws.com/ https://client.crisp.chat https://image.crisp.chat; worker-src 'self' blob:; child-src 'self'; default-src 'none'; connect-src 'self' https://firmroom.com https://api.hubspot.com/livechat-public/ https://sentry.io/api/1248121/ https://js.stripe.com https://app.posthog.com https://client.crisp.chat https://storage.crisp.chat wss://client.relay.crisp.chat wss://stream.relay.crisp.chat; manifest-src 'self' https://firmroom.com https://do99shaj1itcj.cloudfront.net/assets/; style-src https://firmroom.com https://do99shaj1itcj.cloudfront.net/assets/ 'unsafe-inline' https://fonts.googleapis.com .vimeocdn.com https://client.crisp.chat; frame-src 'self' viewer.firmroom.com editor.firmroom.com https://app.hubspot.com/conversations-visitor/3821204/ https://js.stripe.com https://hooks.stripe.com .vimeo.com *.vimeocdn.com https://game.crisp.chat; report-uri https://sentry.io/api/1248121/security/?sentry_key=330095f93cc047e5985fb2325d565bdc
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, must-revalidate, private
Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: media-src https://client.crisp.chat; script-src 'self' https://firmroom.com https://do99shaj1itcj.cloudfront.net/assets/ https://js.usemessages.com/conversations-embed.js https://js.stripe.com *.vimeo.com *.vimeocdn.com *.newrelic.com *.nr-data.net https://client.crisp.chat https://settings.crisp.chat 'nonce-TTrF7en17GGmXvpM'; font-src https://firmroom.com https://do99shaj1itcj.cloudfront.net/assets/ data: https://fonts.gstatic.com https://client.crisp.chat; img-src 'self' https://firmroom.com https://do99shaj1itcj.cloudfront.net/assets/ data: blob: https://i.vimeocdn.com/ https://firmroom-mcache.s3.amazonaws.com/ https://client.crisp.chat https://image.crisp.chat; worker-src 'self' blob:; child-src 'self'; default-src 'none'; connect-src 'self' https://firmroom.com https://api.hubspot.com/livechat-public/ https://sentry.io/api/1248121/ https://js.stripe.com https://app.posthog.com https://client.crisp.chat https://storage.crisp.chat wss://client.relay.crisp.chat wss://stream.relay.crisp.chat; manifest-src 'self' https://firmroom.com https://do99shaj1itcj.cloudfront.net/assets/; style-src https://firmroom.com https://do99shaj1itcj.cloudfront.net/assets/ 'unsafe-inline' https://fonts.googleapis.com *.vimeocdn.com https://client.crisp.chat; frame-src 'self' viewer.firmroom.com editor.firmroom.com https://app.hubspot.com/conversations-visitor/3821204/ https://js.stripe.com https://hooks.stripe.com *.vimeo.com *.vimeocdn.com https://game.crisp.chat; report-uri https://sentry.io/api/1248121/security/?sentry_key=330095f93cc047e5985fb2325d565bdc
Content-Type: text/html; charset=utf-8
Date: Fri, 16 Sep 2022 10:22:46 GMT
Expires: Fri, 16 Sep 2022 10:22:46 GMT
Feature-Policy: geolocation 'none';midi 'none';notifications 'none';push 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';vibrate 'none';payment 'none';
Referrer-Policy: origin strict-origin-when-cross-origin
Server: dws
Strict-Transport-Security: max-age=2592000; includeSubDomains
Transfer-Encoding: chunked
Vary: Cookie, Origin
X-Content-Type-Options: nosniff
X-Frame-Options: DENY DENY
X-XSS-Protection: 1; mode=block

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, must-revalidate, private
Connection: keep-alive
Content-Length: 0
Content-Security-Policy: media-src https://client.crisp.chat; script-src 'self' https://firmroom.com https://do99shaj1itcj.cloudfront.net/assets/ https://js.usemessages.com/conversations-embed.js https://js.stripe.com *.vimeo.com *.vimeocdn.com *.newrelic.com *.nr-data.net https://client.crisp.chat https://settings.crisp.chat; font-src https://firmroom.com https://do99shaj1itcj.cloudfront.net/assets/ data: https://fonts.gstatic.com https://client.crisp.chat; img-src 'self' https://firmroom.com https://do99shaj1itcj.cloudfront.net/assets/ data: blob: https://i.vimeocdn.com/ https://firmroom-mcache.s3.amazonaws.com/ https://client.crisp.chat https://image.crisp.chat; worker-src 'self' blob:; child-src 'self'; default-src 'none'; connect-src 'self' https://firmroom.com https://api.hubspot.com/livechat-public/ https://sentry.io/api/1248121/ https://js.stripe.com https://app.posthog.com https://client.crisp.chat https://storage.crisp.chat wss://client.relay.crisp.chat wss://stream.relay.crisp.chat; manifest-src 'self' https://firmroom.com https://do99shaj1itcj.cloudfront.net/assets/; style-src https://firmroom.com https://do99shaj1itcj.cloudfront.net/assets/ 'unsafe-inline' https://fonts.googleapis.com *.vimeocdn.com https://client.crisp.chat; frame-src 'self' viewer.firmroom.com editor.firmroom.com https://app.hubspot.com/conversations-visitor/3821204/ https://js.stripe.com https://hooks.stripe.com *.vimeo.com *.vimeocdn.com https://game.crisp.chat; report-uri https://sentry.io/api/1248121/security/?sentry_key=330095f93cc047e5985fb2325d565bdc
Content-Type: text/html; charset=utf-8
Date: Fri, 16 Sep 2022 10:22:46 GMT
Expires: Fri, 16 Sep 2022 10:22:46 GMT
Feature-Policy: geolocation 'none';midi 'none';notifications 'none';push 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';vibrate 'none';payment 'none';
Location: /account/registration/gsCOJEAk6zlnd0gBnZgW6F0r2gD4JDt5LiNpAQXJ/
Referrer-Policy: origin strict-origin-when-cross-origin
Server: dws
Strict-Transport-Security: max-age=2592000; includeSubDomains
Vary: Origin, Cookie
X-Content-Type-Options: nosniff
X-Frame-Options: DENY DENY
X-XSS-Protection: 1; mode=block

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 114ms
41ms Stylesheet
text/css 2a00:1450:400e:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap

Requested by

Host: firmroom.com
URL: https://firmroom.com/account/registration/gsCOJEAk6zlnd0gBnZgW6F0r2gD4JDt5LiNpAQXJ/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cc4772532e5066f9e49faf08fde464ad5f7947463c4c2b48a4c339efe7cd5f28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://firmroom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 16 Sep 2022 09:14:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 16 Sep 2022 10:22:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Sep 2022 10:22:46 GMT

GET
H2 200 vendor.c6fde91b.c68fc5640e0c.css
do99shaj1itcj.cloudfront.net/assets/frontend/bundle/css/ 285 KB
57 KB 504ms
339ms Stylesheet
text/css 2600:9000:203c:4400:4:f284:84c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://do99shaj1itcj.cloudfront.net/assets/frontend/bundle/css/vendor.c6fde91b.c68fc5640e0c.css

Requested by

Host: firmroom.com
URL: https://firmroom.com/account/registration/gsCOJEAk6zlnd0gBnZgW6F0r2gD4JDt5LiNpAQXJ/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:203c:4400:4:f284:84c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

dws /

Resource Hash

62fd67ede810886e5461b5da9adc0adafb4d0ad019a515ec6a3aa49f76a196a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://firmroom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 05:55:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102461
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 12 Sep 2022 07:48:56 GMT
server: dws
x-frame-options: DENY
etag: W/"631ee468-474c9"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: text/css; charset="utf-8"
via: 1.1 b09c9bae34dd4cc8282943c21319f752.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
feature-policy: geolocation 'none';midi 'none';notifications 'none';push 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';vibrate 'none';payment 'none';
x-amz-cf-pop: SOF50-C1
x-amz-cf-id: kx_1Et-oqvXgmQc5rjbgHMzlLNk0t1loCZ-oN7pQWhAns-4JD6I6cQ==
expires: Thu, 22 Sep 2022 05:55:06 GMT

GET
H2 200 internal.93e0803b.226c4f1bb076.css
do99shaj1itcj.cloudfront.net/assets/frontend/bundle/css/ 32 KB
19 KB 642ms
477ms Stylesheet
text/css 2600:9000:203c:4400:4:f284:84c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://do99shaj1itcj.cloudfront.net/assets/frontend/bundle/css/internal.93e0803b.226c4f1bb076.css

Requested by

Host: firmroom.com
URL: https://firmroom.com/account/registration/gsCOJEAk6zlnd0gBnZgW6F0r2gD4JDt5LiNpAQXJ/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:203c:4400:4:f284:84c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

dws /

Resource Hash

85fd28864ced012152808d687db50eaa12216de3507cf86cdb3723f25a1c0b34

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://firmroom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 08:10:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 267161
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 12 Sep 2022 07:48:56 GMT
server: dws
x-frame-options: DENY
etag: W/"631ee468-7eb4"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: text/css; charset="utf-8"
via: 1.1 b09c9bae34dd4cc8282943c21319f752.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
feature-policy: geolocation 'none';midi 'none';notifications 'none';push 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';vibrate 'none';payment 'none';
x-amz-cf-pop: SOF50-C1
x-amz-cf-id: GIXjX34TcHrECJWpCPbzdr5_j50SHwfML92tD0RNKD99VCSVyzcv0g==
expires: Tue, 20 Sep 2022 08:10:06 GMT

GET
H2 200 app.67a20657.bb41d06bb911.css
do99shaj1itcj.cloudfront.net/assets/frontend/bundle/css/ 856 KB
198 KB 589ms
424ms Stylesheet
text/css 2600:9000:203c:4400:4:f284:84c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://do99shaj1itcj.cloudfront.net/assets/frontend/bundle/css/app.67a20657.bb41d06bb911.css

Requested by

Host: firmroom.com
URL: https://firmroom.com/account/registration/gsCOJEAk6zlnd0gBnZgW6F0r2gD4JDt5LiNpAQXJ/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:203c:4400:4:f284:84c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

dws /

Resource Hash

e4461f743a03e46047312a1d27143e5a60a43c4b2c2c80a1af1d43892c12bd05

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://firmroom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 08:33:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 352158
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 12 Sep 2022 07:48:58 GMT
server: dws
x-frame-options: DENY
etag: W/"631ee46a-d5edb"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: text/css; charset="utf-8"
via: 1.1 b09c9bae34dd4cc8282943c21319f752.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
feature-policy: geolocation 'none';midi 'none';notifications 'none';push 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';vibrate 'none';payment 'none';
x-amz-cf-pop: SOF50-C1
x-amz-cf-id: WR0Su82KrICyU8HQEQJSsltfSE07NaiglmULbyvHQBfLVslrQYudMQ==
expires: Mon, 19 Sep 2022 08:33:29 GMT

GET
H2 200 reverse.357464163c2a.js Show response
do99shaj1itcj.cloudfront.net/assets/frontend/ 33 KB
7 KB 642ms
478ms Script
text/javascript 2600:9000:203c:4400:4:f284:84c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://do99shaj1itcj.cloudfront.net/assets/frontend/reverse.357464163c2a.js

Requested by

Host: firmroom.com
URL: https://firmroom.com/account/registration/gsCOJEAk6zlnd0gBnZgW6F0r2gD4JDt5LiNpAQXJ/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:203c:4400:4:f284:84c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

dws /

Resource Hash

8688fef0c2ba05eada1380a0a88dc0ab144dffd05e7b782fed9c2604b6232510

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://firmroom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 08:33:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 352158
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 12 Sep 2022 07:48:56 GMT
server: dws
x-frame-options: DENY
etag: W/"631ee468-821e"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: text/javascript; charset="utf-8"
via: 1.1 b09c9bae34dd4cc8282943c21319f752.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
feature-policy: geolocation 'none';midi 'none';notifications 'none';push 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';vibrate 'none';payment 'none';
x-amz-cf-pop: SOF50-C1
x-amz-cf-id: a0sbhdfW3mz1-PqEubWMV0YlxpmNhcd70XmtZjWF4cpIIPXLBjqE3A==
expires: Mon, 19 Sep 2022 08:33:29 GMT

GET
H2 200 vendor.48894cd4.5cbf15c1a15b.js Show response
do99shaj1itcj.cloudfront.net/assets/frontend/bundle/js/ 4 MB
1 MB 295ms
130ms Script
text/javascript 2600:9000:203c:4400:4:f284:84c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://do99shaj1itcj.cloudfront.net/assets/frontend/bundle/js/vendor.48894cd4.5cbf15c1a15b.js

Requested by

Host: firmroom.com
URL: https://firmroom.com/account/registration/gsCOJEAk6zlnd0gBnZgW6F0r2gD4JDt5LiNpAQXJ/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:203c:4400:4:f284:84c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

dws /

Resource Hash

7403821406a7c7be4a5802437713dd0244b43bae475fe3c5e5fc9b97ecb14357

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://firmroom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 08:33:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 352158
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 12 Sep 2022 07:48:58 GMT
server: dws
x-frame-options: DENY
etag: W/"631ee46a-417edf"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: text/javascript; charset="utf-8"
via: 1.1 b09c9bae34dd4cc8282943c21319f752.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
feature-policy: geolocation 'none';midi 'none';notifications 'none';push 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';vibrate 'none';payment 'none';
x-amz-cf-pop: SOF50-C1
x-amz-cf-id: 5hMzGFjm9uXuiPpTjA7MKYGhzuOfsvNgmfe6bpl8pUtFSfWbtLWd0g==
expires: Mon, 19 Sep 2022 08:33:29 GMT

GET
H2 200 internal.1a3fbaae.5de91652a123.js Show response
do99shaj1itcj.cloudfront.net/assets/frontend/bundle/js/ 134 KB
52 KB 582ms
417ms Script
text/javascript 2600:9000:203c:4400:4:f284:84c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://do99shaj1itcj.cloudfront.net/assets/frontend/bundle/js/internal.1a3fbaae.5de91652a123.js

Requested by

Host: firmroom.com
URL: https://firmroom.com/account/registration/gsCOJEAk6zlnd0gBnZgW6F0r2gD4JDt5LiNpAQXJ/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:203c:4400:4:f284:84c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

dws /

Resource Hash

7c571dadf629b77186e518c5d11287088f9791735dada663edae9fd1376cd0f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://firmroom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 13:46:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 160587
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 12 Sep 2022 07:48:58 GMT
server: dws
x-frame-options: DENY
etag: W/"631ee46a-217a1"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: text/javascript; charset="utf-8"
via: 1.1 b09c9bae34dd4cc8282943c21319f752.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
feature-policy: geolocation 'none';midi 'none';notifications 'none';push 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';vibrate 'none';payment 'none';
x-amz-cf-pop: SOF50-C1
x-amz-cf-id: l1lQVzahYsyvvyYzX1ePX_CPXGTv2ldh08WRGFZUA90onlDR-XcgMA==
expires: Wed, 21 Sep 2022 13:46:19 GMT

GET
H2 200 app.ff486893.1095084bce0f.js Show response
do99shaj1itcj.cloudfront.net/assets/frontend/bundle/js/ 2 MB
540 KB 618ms
455ms Script
text/javascript 2600:9000:203c:4400:4:f284:84c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://do99shaj1itcj.cloudfront.net/assets/frontend/bundle/js/app.ff486893.1095084bce0f.js

Requested by

Host: firmroom.com
URL: https://firmroom.com/account/registration/gsCOJEAk6zlnd0gBnZgW6F0r2gD4JDt5LiNpAQXJ/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:203c:4400:4:f284:84c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

dws /

Resource Hash

707a977f7ec6f24afe178a1adc1dcb1e3d008e2791be9d13056e3595826dc528

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://firmroom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 08:33:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 352158
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 12 Sep 2022 07:48:58 GMT
server: dws
x-frame-options: DENY
etag: W/"631ee46a-1c3545"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: text/javascript; charset="utf-8"
via: 1.1 b09c9bae34dd4cc8282943c21319f752.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
feature-policy: geolocation 'none';midi 'none';notifications 'none';push 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';vibrate 'none';payment 'none';
x-amz-cf-pop: SOF50-C1
x-amz-cf-id: 9AfSdgxTgr-p6OXD1wjE0YwhW-bqTMXq93QdnCe0Gov70pGzDqdCiw==
expires: Mon, 19 Sep 2022 08:33:29 GMT

POST
H/1.1 200
OK /
sentry.io/api/1248121/security/ 0
368 B 534ms
124ms Other
text/plain 35.188.42.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1248121/security/?sentry_key=330095f93cc047e5985fb2325d565bdc

Requested by

Host: firmroom.com
URL: https://firmroom.com/account/registration/gsCOJEAk6zlnd0gBnZgW6F0r2gD4JDt5LiNpAQXJ/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://firmroom.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/csp-report

Response headers

Date: Fri, 16 Sep 2022 10:22:47 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: https://firmroom.com
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200
OK / Show response
sentry.io/api/1248121/envelope/ 2 B
402 B 123ms
123ms Fetch
application/json 35.188.42.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1248121/envelope/?sentry_key=330095f93cc047e5985fb2325d565bdc&sentry_version=7

Requested by

Host: do99shaj1itcj.cloudfront.net
URL: https://do99shaj1itcj.cloudfront.net/assets/frontend/bundle/js/vendor.48894cd4.5cbf15c1a15b.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://firmroom.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 16 Sep 2022 10:22:47 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://firmroom.com
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 2

GET
H/1.1 200
OK firmroom.svg Show response
firmroom.com/assets/internal/ 3 KB
4 KB 117ms
117ms XHR
image/svg+xml 18.205.183.153
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://firmroom.com/assets/internal/firmroom.svg

Requested by

Host: do99shaj1itcj.cloudfront.net
URL: https://do99shaj1itcj.cloudfront.net/assets/frontend/bundle/js/vendor.48894cd4.5cbf15c1a15b.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.205.183.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-205-183-153.compute-1.amazonaws.com

Software

dws /

Resource Hash

9b4fca4de4f683722f39641d1c7a0c25b6f4d49b63f07f75056571bf057b62cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: text/html,application/xhtml+xml,application/xml
Referer: https://firmroom.com/account/registration/gsCOJEAk6zlnd0gBnZgW6F0r2gD4JDt5LiNpAQXJ/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 16 Sep 2022 10:22:47 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 3148
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 12 Sep 2022 07:48:56 GMT
Server: dws
ETag: "631ee468-c4c"
X-Frame-Options: DENY
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, public
Feature-Policy: geolocation 'none';midi 'none';notifications 'none';push 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';vibrate 'none';payment 'none';
Expires: Sat, 17 Sep 2022 10:22:47 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 37 KB
38 KB 254ms
41ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://firmroom.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:54:37 GMT
x-content-type-options: nosniff
age: 322091
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37924
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 16:54:37 GMT

POST
H/1.1 200
OK / Show response
firmroom.com/api/users/ 38 B
935 B 163ms
163ms XHR
application/json 18.205.183.153
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://firmroom.com/api/users/

Requested by

Host: do99shaj1itcj.cloudfront.net
URL: https://do99shaj1itcj.cloudfront.net/assets/frontend/bundle/js/vendor.48894cd4.5cbf15c1a15b.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.205.183.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-205-183-153.compute-1.amazonaws.com

Software

dws /

Resource Hash

c9cb3fa0f61bf615ac3869b40d8eb002c44b39b7a07f5a5ff222c3dff6215d25

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://firmroom.com/account/registration/gsCOJEAk6zlnd0gBnZgW6F0r2gD4JDt5LiNpAQXJ/
X-CSRFTOKEN: HzZz2OPyjBYTbHZbMrdm2WSV3T6A1dftzh7g27bapNw2dWu5yJV2pbuqXZk17KHR
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

Date: Fri, 16 Sep 2022 10:22:47 GMT
Content-Encoding: gzip
Vary: Origin, Cookie
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin, strict-origin-when-cross-origin
Allow: POST, OPTIONS
Server: dws
X-Frame-Options: DENY, DENY
Strict-Transport-Security: max-age=2592000; includeSubDomains
Content-Type: application/json
Access-Control-Allow-Origin: https://firmroom.com
Cache-Control: max-age=0, no-cache, no-store, must-revalidate, private
Feature-Policy: geolocation 'none';midi 'none';notifications 'none';push 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';vibrate 'none';payment 'none';
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
Expires: Fri, 16 Sep 2022 10:22:47 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 96e0728ef1c1021e1ae17671910de5e7a803ed7d7f0daff148b25abad532bcf0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/gif

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.firmroom.com/	1970-01-20 14:46:13	Name: xcsrftoken Value: HzZz2OPyjBYTbHZbMrdm2WSV3T6A1dftzh7g27bapNw2dWu5yJV2pbuqXZk17KHR

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'notifications'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'push'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'vibrate'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	media-src https://client.crisp.chat; script-src 'self' https://firmroom.com https://do99shaj1itcj.cloudfront.net/assets/ https://js.usemessages.com/conversations-embed.js https://js.stripe.com .vimeo.com .vimeocdn.com .newrelic.com .nr-data.net https://client.crisp.chat https://settings.crisp.chat 'nonce-TTrF7en17GGmXvpM'; font-src https://firmroom.com https://do99shaj1itcj.cloudfront.net/assets/ data: https://fonts.gstatic.com https://client.crisp.chat; img-src 'self' https://firmroom.com https://do99shaj1itcj.cloudfront.net/assets/ data: blob: https://i.vimeocdn.com/ https://firmroom-mcache.s3.amazonaws.com/ https://client.crisp.chat https://image.crisp.chat; worker-src 'self' blob:; child-src 'self'; default-src 'none'; connect-src 'self' https://firmroom.com https://api.hubspot.com/livechat-public/ https://sentry.io/api/1248121/ https://js.stripe.com https://app.posthog.com https://client.crisp.chat https://storage.crisp.chat wss://client.relay.crisp.chat wss://stream.relay.crisp.chat; manifest-src 'self' https://firmroom.com https://do99shaj1itcj.cloudfront.net/assets/; style-src https://firmroom.com https://do99shaj1itcj.cloudfront.net/assets/ 'unsafe-inline' https://fonts.googleapis.com .vimeocdn.com https://client.crisp.chat; frame-src 'self' viewer.firmroom.com editor.firmroom.com https://app.hubspot.com/conversations-visitor/3821204/ https://js.stripe.com https://hooks.stripe.com .vimeo.com *.vimeocdn.com https://game.crisp.chat; report-uri https://sentry.io/api/1248121/security/?sentry_key=330095f93cc047e5985fb2325d565bdc
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

do99shaj1itcj.cloudfront.net
firmroom.com
fonts.googleapis.com
fonts.gstatic.com
sentry.io
18.205.183.153
2600:9000:203c:4400:4:f284:84c0:21
2a00:1450:4001:82a::2003
2a00:1450:400e:80c::200a
35.188.42.15
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
62fd67ede810886e5461b5da9adc0adafb4d0ad019a515ec6a3aa49f76a196a1
707a977f7ec6f24afe178a1adc1dcb1e3d008e2791be9d13056e3595826dc528
7403821406a7c7be4a5802437713dd0244b43bae475fe3c5e5fc9b97ecb14357
7c571dadf629b77186e518c5d11287088f9791735dada663edae9fd1376cd0f2
85fd28864ced012152808d687db50eaa12216de3507cf86cdb3723f25a1c0b34
8688fef0c2ba05eada1380a0a88dc0ab144dffd05e7b782fed9c2604b6232510
93dc49e874b3515dc11bfaf1d4f9c25fdb3bd1b0bf56a9f175c2375642ce5f1f
96e0728ef1c1021e1ae17671910de5e7a803ed7d7f0daff148b25abad532bcf0
9b4fca4de4f683722f39641d1c7a0c25b6f4d49b63f07f75056571bf057b62cb
c9cb3fa0f61bf615ac3869b40d8eb002c44b39b7a07f5a5ff222c3dff6215d25
cc4772532e5066f9e49faf08fde464ad5f7947463c4c2b48a4c339efe7cd5f28
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4461f743a03e46047312a1d27143e5a60a43c4b2c2c80a1af1d43892c12bd05

firmroom.com Open in urlscan Pro 18.205.183.153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

60 %IPv6

5 Domains

5 Subdomains

6 IPs

3 Countries

2442 kBTransfer

7396 kBSize

1 Cookies

5 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

1 Cookies

3 Console Messages

Security Headers

Indicators

firmroom.com Open in urlscan Pro
18.205.183.153 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

6
IPs

3
Countries

2442 kB
Transfer

7396 kB
Size

1
Cookies

14 HTTP transactions
1 data transactions