app.goconsensus.com Open in urlscan Pro
2600:9000:21ec:4200:7:51b9:cf80:93a1  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request dialog.html Show response app.goconsensus.com/app/static/integrations/office365_share/	587 B 2 KB	380ms 271ms	Document text/html	2600:9000:21ec:4200:7:51b9:cf80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.goconsensus.com/app/static/integrations/office365_share/dialog.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21ec:4200:7:51b9:cf80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 6f58c17795b7abb38aa02000d06ce1617637a55efcd28b025e25778c9f528f91 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language en-CA,en;q=0.9 Response headers content-type text/html; charset=utf-8 content-length 587 date Wed, 19 Jan 2022 17:27:37 GMT server nginx last-modified Wednesday, 19-Jan-2022 17:27:37 UTC access-control-allow-origin * * access-control-allow-credentials true true access-control-allow-methods GET, POST, OPTIONS GET, POST, PUT, PATCH, DELETE, OPTIONS access-control-allow-headers X-API-KEY, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method, has-message, x-xss-protection, X-Has-Message, Authorization X-API-KEY, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method, has-message, x-xss-protection, X-Has-Message, Authorization, x-source access-control-expose-headers Authorization, Origin, X-Requested-With, Content-Type, Accept, has-message, x-xss-protection Authorization, Origin, X-Requested-With, Content-Type, Accept, has-message, x-xss-protection, x-source cache-control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 x-cache Miss from cloudfront via 1.1 a3974a97ba504b481cfb8868c9d58588.cloudfront.net (CloudFront) x-amz-cf-pop JFK51-C1 x-amz-cf-id z27MtrIv_PEpzkncdahJgsOJJVTtJf7a4ZT3G0VwrkUnXTgzCDLZCg==
GET H/1.1	200 OK	office.js Show response appsforoffice.microsoft.com/lib/1.1/hosted/	58 KB 17 KB	98ms 20ms	Script application/javascript	23.217.44.208 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://appsforoffice.microsoft.com/lib/1.1/hosted/office.js Requested by Host: app.goconsensus.com URL: https://app.goconsensus.com/app/static/integrations/office365_share/dialog.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.217.44.208 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-217-44-208.deploy.static.akamaitechnologies.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 74e51b7388ffadc5b1cc6cd8ee77871ef957d65cdb943450b294a8bd1aa6f104 Request headers Accept-Language en-CA,en;q=0.9 Referer https://app.goconsensus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Wed, 19 Jan 2022 17:27:37 GMT Content-Encoding gzip Last-Modified Mon, 03 Jan 2022 12:39:40 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET ETag "0ce9bf99e0d81:0" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control public, max-age=13012 Connection keep-alive Accept-Ranges bytes Content-Length 16894
GET H2	200	dialog.css app.goconsensus.com/app/static/integrations/office365_share/	181 B 1 KB	517ms 517ms	Stylesheet text/css	2600:9000:21ec:4200:7:51b9:cf80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.goconsensus.com/app/static/integrations/office365_share/dialog.css Requested by Host: app.goconsensus.com URL: https://app.goconsensus.com/app/static/integrations/office365_share/dialog.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21ec:4200:7:51b9:cf80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 3d49966e747c43932ff12eefce9e260f5c217bbb23466e563c8fde8717ff4e60 Request headers Accept-Language en-CA,en;q=0.9 Referer https://app.goconsensus.com/app/static/integrations/office365_share/dialog.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 17:27:37 GMT via 1.1 a3974a97ba504b481cfb8868c9d58588.cloudfront.net (CloudFront) last-modified Wednesday, 19-Jan-2022 17:27:37 UTC server nginx x-amz-cf-pop JFK51-C1 access-control-allow-methods GET, POST, OPTIONS, GET, POST, PUT, PATCH, DELETE, OPTIONS content-type text/css access-control-allow-origin *, * access-control-expose-headers Authorization, Origin, X-Requested-With, Content-Type, Accept, has-message, x-xss-protection, Authorization, Origin, X-Requested-With, Content-Type, Accept, has-message, x-xss-protection, x-source cache-control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 access-control-allow-credentials true, true x-cache Miss from cloudfront access-control-allow-headers X-API-KEY, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method, has-message, x-xss-protection, X-Has-Message, Authorization, X-API-KEY, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method, has-message, x-xss-protection, X-Has-Message, Authorization, x-source content-length 181 x-amz-cf-id OJJ6gU9lgkzkHk8Ho_aDZP15uWEiyQVqllQ9v05W5dD6YyUCT4Xhnw==
GET H2	200	dialog.js Show response app.goconsensus.com/app/static/integrations/office365_share/	3 KB 2 KB	280ms 280ms	Script application/javascript	2600:9000:21ec:4200:7:51b9:cf80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.goconsensus.com/app/static/integrations/office365_share/dialog.js Requested by Host: app.goconsensus.com URL: https://app.goconsensus.com/app/static/integrations/office365_share/dialog.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21ec:4200:7:51b9:cf80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash d2b0465ad3534c0dff9cd2ccc6c6d1c977978dc9023e869a08a8c48a7b83c33c Request headers Accept-Language en-CA,en;q=0.9 Referer https://app.goconsensus.com/app/static/integrations/office365_share/dialog.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 17:27:37 GMT content-encoding gzip x-amz-cf-pop JFK51-C1 x-cache Miss from cloudfront access-control-allow-origin *, * last-modified Wednesday, 19-Jan-2022 17:27:37 UTC server nginx vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS, GET, POST, PUT, PATCH, DELETE, OPTIONS content-type application/javascript; charset=utf-8 via 1.1 a3974a97ba504b481cfb8868c9d58588.cloudfront.net (CloudFront) access-control-expose-headers Authorization, Origin, X-Requested-With, Content-Type, Accept, has-message, x-xss-protection, Authorization, Origin, X-Requested-With, Content-Type, Accept, has-message, x-xss-protection, x-source cache-control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 access-control-allow-credentials true, true access-control-allow-headers X-API-KEY, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method, has-message, x-xss-protection, X-Has-Message, Authorization, X-API-KEY, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method, has-message, x-xss-protection, X-Has-Message, Authorization, x-source x-amz-cf-id Hk1LvD-OzGbLNpwt_QFVSr7wub71XQwMy2hw-jcDbt1evLYmdDWWag==
GET H2	200	polyfill.js Show response app.goconsensus.com/app/static/integrations/office365_share/	103 KB 40 KB	554ms 553ms	Script application/javascript	2600:9000:21ec:4200:7:51b9:cf80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.goconsensus.com/app/static/integrations/office365_share/polyfill.js Requested by Host: app.goconsensus.com URL: https://app.goconsensus.com/app/static/integrations/office365_share/dialog.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21ec:4200:7:51b9:cf80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash d7412905a2ee1afe0cffea574c2abec1b268dfafd89913e005ca43d032242687 Request headers Accept-Language en-CA,en;q=0.9 Referer https://app.goconsensus.com/app/static/integrations/office365_share/dialog.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 17:27:37 GMT content-encoding gzip x-amz-cf-pop JFK51-C1 x-cache Miss from cloudfront access-control-allow-origin *, * last-modified Wednesday, 19-Jan-2022 17:27:37 UTC server nginx vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS, GET, POST, PUT, PATCH, DELETE, OPTIONS content-type application/javascript; charset=utf-8 via 1.1 a3974a97ba504b481cfb8868c9d58588.cloudfront.net (CloudFront) access-control-expose-headers Authorization, Origin, X-Requested-With, Content-Type, Accept, has-message, x-xss-protection, Authorization, Origin, X-Requested-With, Content-Type, Accept, has-message, x-xss-protection, x-source cache-control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 access-control-allow-credentials true, true access-control-allow-headers X-API-KEY, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method, has-message, x-xss-protection, X-Has-Message, Authorization, X-API-KEY, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method, has-message, x-xss-protection, X-Has-Message, Authorization, x-source x-amz-cf-id wdf-XLkmclNwyyaY_JAzVfeCawA6DiAlrTZjKzxTNucUrBXVBxZm_w==
GET H/1.1	200 OK	o15apptofilemappingtable.js Show response appsforoffice.microsoft.com/lib/1.1/hosted/	167 KB 37 KB	74ms 21ms	Script application/javascript	23.217.44.208 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://appsforoffice.microsoft.com/lib/1.1/hosted/o15apptofilemappingtable.js Requested by Host: appsforoffice.microsoft.com URL: https://appsforoffice.microsoft.com/lib/1.1/hosted/office.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.217.44.208 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-217-44-208.deploy.static.akamaitechnologies.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 2cf6e909da5391f513f14379c3ba86fe888f083d9f8205bcc7bd91cde3d9b522 Request headers Referer https://app.goconsensus.com/ Origin https://app.goconsensus.com Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Wed, 19 Jan 2022 17:27:37 GMT Content-Encoding gzip Last-Modified Mon, 03 Jan 2022 12:39:40 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET ETag "0ce9bf99e0d81:0" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control public, max-age=2024 Connection keep-alive Accept-Ranges bytes Content-Length 37609
GET H2	200	index.html Show response app.goconsensus.com/app/static/integrations/outreach_share/ Frame 8C6E	2 KB 2 KB	255ms 255ms	Document text/html	2600:9000:21ec:4200:7:51b9:cf80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.goconsensus.com/app/static/integrations/outreach_share/index.html?flow=dm&office=1 Requested by Host: app.goconsensus.com URL: https://app.goconsensus.com/app/static/integrations/office365_share/dialog.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21ec:4200:7:51b9:cf80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 5a2c1fd03d1122f6cde94ecebb8fe656ad5d9a084749afa5efb23b8827e191d6 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://app.goconsensus.com/app/static/integrations/office365_share/dialog.html Response headers content-type text/html; charset=utf-8 date Wed, 19 Jan 2022 17:27:37 GMT server nginx last-modified Wednesday, 19-Jan-2022 17:27:37 UTC vary Accept-Encoding access-control-allow-origin * * access-control-allow-credentials true true access-control-allow-methods GET, POST, OPTIONS GET, POST, PUT, PATCH, DELETE, OPTIONS access-control-allow-headers X-API-KEY, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method, has-message, x-xss-protection, X-Has-Message, Authorization X-API-KEY, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method, has-message, x-xss-protection, X-Has-Message, Authorization, x-source access-control-expose-headers Authorization, Origin, X-Requested-With, Content-Type, Accept, has-message, x-xss-protection Authorization, Origin, X-Requested-With, Content-Type, Accept, has-message, x-xss-protection, x-source content-encoding gzip cache-control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 x-cache Miss from cloudfront via 1.1 a3974a97ba504b481cfb8868c9d58588.cloudfront.net (CloudFront) x-amz-cf-pop JFK51-C1 x-amz-cf-id 39dT3IKcuaCKU8Qy9f9mBnrLmpO2ZrmXbv-trXzvxUu57r1nC276Ag==
GET H2	200	css fonts.googleapis.com/ Frame 8C6E	3 KB 1 KB	84ms 36ms	Stylesheet text/css	2607:f8b0:4006:80c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans Requested by Host: app.goconsensus.com URL: https://app.goconsensus.com/app/static/integrations/outreach_share/index.html?flow=dm&office=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://app.goconsensus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 19 Jan 2022 16:26:42 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Wed, 19 Jan 2022 17:27:37 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 19 Jan 2022 17:27:37 GMT
GET H2	200	2.3661fc73.chunk.css app.goconsensus.com/app/static/integrations/outreach_share/static/css/ Frame 8C6E	144 KB 31 KB	345ms 344ms	Stylesheet text/css	2600:9000:21ec:4200:7:51b9:cf80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.goconsensus.com/app/static/integrations/outreach_share/static/css/2.3661fc73.chunk.css Requested by Host: app.goconsensus.com URL: https://app.goconsensus.com/app/static/integrations/outreach_share/index.html?flow=dm&office=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21ec:4200:7:51b9:cf80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 491b3aa3f1c7e4e47389439b6ebf88a9080d572c2f566d848a270c07a8129a73 Request headers Accept-Language en-CA,en;q=0.9 Referer https://app.goconsensus.com/app/static/integrations/outreach_share/index.html?flow=dm&office=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 17:27:37 GMT content-encoding gzip x-amz-cf-pop JFK51-C1 x-cache Miss from cloudfront access-control-allow-origin *, * last-modified Wednesday, 19-Jan-2022 17:27:37 UTC server nginx vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS, GET, POST, PUT, PATCH, DELETE, OPTIONS content-type text/css via 1.1 a3974a97ba504b481cfb8868c9d58588.cloudfront.net (CloudFront) access-control-expose-headers Authorization, Origin, X-Requested-With, Content-Type, Accept, has-message, x-xss-protection, Authorization, Origin, X-Requested-With, Content-Type, Accept, has-message, x-xss-protection, x-source cache-control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 access-control-allow-credentials true, true access-control-allow-headers X-API-KEY, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method, has-message, x-xss-protection, X-Has-Message, Authorization, X-API-KEY, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method, has-message, x-xss-protection, X-Has-Message, Authorization, x-source x-amz-cf-id qKRnFnTDqIY-HDJdA4rvbGyMKKiyGsTk-opGpiVAl9x_Iiqb-mC6Gw==
GET H2	200	main.577963af.chunk.css app.goconsensus.com/app/static/integrations/outreach_share/static/css/ Frame 8C6E	33 KB 9 KB	241ms 240ms	Stylesheet text/css	2600:9000:21ec:4200:7:51b9:cf80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.goconsensus.com/app/static/integrations/outreach_share/static/css/main.577963af.chunk.css Requested by Host: app.goconsensus.com URL: https://app.goconsensus.com/app/static/integrations/outreach_share/index.html?flow=dm&office=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21ec:4200:7:51b9:cf80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash f56003e9815f57faf9e4fd857e3e18921bc7510c22ea796ffb782af368ffeee4 Request headers Accept-Language en-CA,en;q=0.9 Referer https://app.goconsensus.com/app/static/integrations/outreach_share/index.html?flow=dm&office=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 17:27:37 GMT content-encoding gzip x-amz-cf-pop JFK51-C1 x-cache Miss from cloudfront access-control-allow-origin *, * last-modified Wednesday, 19-Jan-2022 17:27:37 UTC server nginx vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS, GET, POST, PUT, PATCH, DELETE, OPTIONS content-type text/css via 1.1 a3974a97ba504b481cfb8868c9d58588.cloudfront.net (CloudFront) access-control-expose-headers Authorization, Origin, X-Requested-With, Content-Type, Accept, has-message, x-xss-protection, Authorization, Origin, X-Requested-With, Content-Type, Accept, has-message, x-xss-protection, x-source cache-control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 access-control-allow-credentials true, true access-control-allow-headers X-API-KEY, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method, has-message, x-xss-protection, X-Has-Message, Authorization, X-API-KEY, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method, has-message, x-xss-protection, X-Has-Message, Authorization, x-source x-amz-cf-id 1CePQHjEl-ffyeHF-gvuND_dlfnzzgJ7HDSZCB_oAhgkt66mPzZZgg==
GET H2	200	2.c821a33c.chunk.js Show response app.goconsensus.com/app/static/integrations/outreach_share/static/js/ Frame 8C6E	4 MB 1 MB	339ms 338ms	Script application/javascript	2600:9000:21ec:4200:7:51b9:cf80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.goconsensus.com/app/static/integrations/outreach_share/static/js/2.c821a33c.chunk.js Requested by Host: app.goconsensus.com URL: https://app.goconsensus.com/app/static/integrations/outreach_share/index.html?flow=dm&office=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21ec:4200:7:51b9:cf80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b075979b6523c82e020a2b6334437ef1958b3a4b2394ae4b43d37b7cbeb64a62 Request headers Accept-Language en-CA,en;q=0.9 Referer https://app.goconsensus.com/app/static/integrations/outreach_share/index.html?flow=dm&office=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 17:27:37 GMT content-encoding gzip x-amz-cf-pop JFK51-C1 x-cache Miss from cloudfront access-control-allow-origin *, * last-modified Wednesday, 19-Jan-2022 17:27:37 UTC server nginx vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS, GET, POST, PUT, PATCH, DELETE, OPTIONS content-type application/javascript; charset=utf-8 via 1.1 a3974a97ba504b481cfb8868c9d58588.cloudfront.net (CloudFront) access-control-expose-headers Authorization, Origin, X-Requested-With, Content-Type, Accept, has-message, x-xss-protection, Authorization, Origin, X-Requested-With, Content-Type, Accept, has-message, x-xss-protection, x-source cache-control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 access-control-allow-credentials true, true access-control-allow-headers X-API-KEY, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method, has-message, x-xss-protection, X-Has-Message, Authorization, X-API-KEY, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method, has-message, x-xss-protection, X-Has-Message, Authorization, x-source x-amz-cf-id X52TRl08G3nmc8Bw0iYiBKkBE99iNjxowL4lIfvQdyhG9SeRkYehQQ==
GET H2	200	main.5744bacf.chunk.js Show response app.goconsensus.com/app/static/integrations/outreach_share/static/js/ Frame 8C6E	186 KB 48 KB	362ms 362ms	Script application/javascript	2600:9000:21ec:4200:7:51b9:cf80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.goconsensus.com/app/static/integrations/outreach_share/static/js/main.5744bacf.chunk.js Requested by Host: app.goconsensus.com URL: https://app.goconsensus.com/app/static/integrations/outreach_share/index.html?flow=dm&office=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21ec:4200:7:51b9:cf80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 67c4163cfa372c5e7070da5aecf00c4f11fbc14ec546cba5ff4003cbc738a3f8 Request headers Accept-Language en-CA,en;q=0.9 Referer https://app.goconsensus.com/app/static/integrations/outreach_share/index.html?flow=dm&office=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 17:27:37 GMT content-encoding gzip x-amz-cf-pop JFK51-C1 x-cache Miss from cloudfront access-control-allow-origin *, * last-modified Wednesday, 19-Jan-2022 17:27:37 UTC server nginx vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS, GET, POST, PUT, PATCH, DELETE, OPTIONS content-type application/javascript; charset=utf-8 via 1.1 a3974a97ba504b481cfb8868c9d58588.cloudfront.net (CloudFront) access-control-expose-headers Authorization, Origin, X-Requested-With, Content-Type, Accept, has-message, x-xss-protection, Authorization, Origin, X-Requested-With, Content-Type, Accept, has-message, x-xss-protection, x-source cache-control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 access-control-allow-credentials true, true access-control-allow-headers X-API-KEY, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method, has-message, x-xss-protection, X-Has-Message, Authorization, X-API-KEY, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method, has-message, x-xss-protection, X-Has-Message, Authorization, x-source x-amz-cf-id gvrin0XMVdknstm7skd03jPMYrtTiqa4YWuMAweuRtNcskkxhDdbzA==
GET H2	200	dialog.js Show response app.goconsensus.com/app/static/integrations/office365_share/	3 KB 2 KB	289ms 289ms	Script application/javascript	2600:9000:21ec:4200:7:51b9:cf80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.goconsensus.com/app/static/integrations/office365_share/dialog.js Requested by Host: app.goconsensus.com URL: https://app.goconsensus.com/app/static/integrations/office365_share/dialog.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21ec:4200:7:51b9:cf80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash d2b0465ad3534c0dff9cd2ccc6c6d1c977978dc9023e869a08a8c48a7b83c33c Request headers Accept-Language en-CA,en;q=0.9 Referer https://app.goconsensus.com/app/static/integrations/office365_share/dialog.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 17:27:38 GMT content-encoding gzip x-amz-cf-pop JFK51-C1 x-cache Miss from cloudfront access-control-allow-origin *, * last-modified Wednesday, 19-Jan-2022 17:27:38 UTC server nginx vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS, GET, POST, PUT, PATCH, DELETE, OPTIONS content-type application/javascript; charset=utf-8 via 1.1 a3974a97ba504b481cfb8868c9d58588.cloudfront.net (CloudFront) access-control-expose-headers Authorization, Origin, X-Requested-With, Content-Type, Accept, has-message, x-xss-protection, Authorization, Origin, X-Requested-With, Content-Type, Accept, has-message, x-xss-protection, x-source cache-control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 access-control-allow-credentials true, true access-control-allow-headers X-API-KEY, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method, has-message, x-xss-protection, X-Has-Message, Authorization, X-API-KEY, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method, has-message, x-xss-protection, X-Has-Message, Authorization, x-source x-amz-cf-id lh7G_l0b0ul7742a35gLrdwd3pwu2dOUKekvp40QHwwvEpHnIx-KJQ==
GET H2	200	c_logo_blue.png app.goconsensus.com/app/static/integrations/outreach_share/images/ Frame 8C6E	2 KB 3 KB	88ms 88ms	Image image/png	2600:9000:21ec:4200:7:51b9:cf80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://app.goconsensus.com/app/static/integrations/outreach_share/images/c_logo_blue.png Requested by Host: app.goconsensus.com URL: https://app.goconsensus.com/app/static/integrations/outreach_share/index.html?flow=dm&office=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21ec:4200:7:51b9:cf80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 74292c58162fc5f9999a6fead8af62c9c71cb904a1642347078d392e1f6214db Request headers Accept-Language en-CA,en;q=0.9 Referer https://app.goconsensus.com/app/static/integrations/outreach_share/index.html?flow=dm&office=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 17:27:38 GMT via 1.1 a3974a97ba504b481cfb8868c9d58588.cloudfront.net (CloudFront) last-modified Wednesday, 19-Jan-2022 17:27:38 UTC server nginx x-amz-cf-pop JFK51-C1 access-control-allow-methods GET, POST, OPTIONS, GET, POST, PUT, PATCH, DELETE, OPTIONS content-type image/png access-control-allow-origin *, * access-control-expose-headers Authorization, Origin, X-Requested-With, Content-Type, Accept, has-message, x-xss-protection, Authorization, Origin, X-Requested-With, Content-Type, Accept, has-message, x-xss-protection, x-source cache-control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 access-control-allow-credentials true, true x-cache Miss from cloudfront access-control-allow-headers X-API-KEY, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method, has-message, x-xss-protection, X-Has-Message, Authorization, X-API-KEY, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method, has-message, x-xss-protection, X-Has-Message, Authorization, x-source content-length 1670 x-amz-cf-id 0jQDc5iL36zpwz3DFj2kcp7z2DhkXF2hGyzHem8MLIhOIILYvAulgQ==
GET H2	200	consensus_logo.png app.goconsensus.com/app/static/integrations/outreach_share/images/ Frame 8C6E	5 KB 6 KB	201ms 200ms	Image image/png	2600:9000:21ec:4200:7:51b9:cf80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://app.goconsensus.com/app/static/integrations/outreach_share/images/consensus_logo.png Requested by Host: app.goconsensus.com URL: https://app.goconsensus.com/app/static/integrations/outreach_share/index.html?flow=dm&office=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21ec:4200:7:51b9:cf80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b4e10b77d12adff6b68e886ef22f27aa6787fa308848cee9801e70c38fd25f48 Request headers Accept-Language en-CA,en;q=0.9 Referer https://app.goconsensus.com/app/static/integrations/outreach_share/index.html?flow=dm&office=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 17:27:38 GMT via 1.1 a3974a97ba504b481cfb8868c9d58588.cloudfront.net (CloudFront) last-modified Wednesday, 19-Jan-2022 17:27:38 UTC server nginx x-amz-cf-pop JFK51-C1 access-control-allow-methods GET, POST, OPTIONS, GET, POST, PUT, PATCH, DELETE, OPTIONS content-type image/png access-control-allow-origin *, * access-control-expose-headers Authorization, Origin, X-Requested-With, Content-Type, Accept, has-message, x-xss-protection, Authorization, Origin, X-Requested-With, Content-Type, Accept, has-message, x-xss-protection, x-source cache-control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 access-control-allow-credentials true, true x-cache Miss from cloudfront access-control-allow-headers X-API-KEY, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method, has-message, x-xss-protection, X-Has-Message, Authorization, X-API-KEY, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method, has-message, x-xss-protection, X-Has-Message, Authorization, x-source content-length 4964 x-amz-cf-id v2UideSKBN3ljVooPrXHP_lXqhbVI5XcSgt-a0q1yVyTDrqvytvQ2A==
GET H2	404	telemetryproxy.html Show response telemetryservice.firstpartyapps.oaspapps.com/telemetryservice/ Frame DBAC	1 KB 1 KB	964ms 248ms	Document text/html	52.109.124.125 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://telemetryservice.firstpartyapps.oaspapps.com/telemetryservice/telemetryproxy.html Requested by Host: appsforoffice.microsoft.com URL: https://appsforoffice.microsoft.com/lib/1.1/hosted/o15apptofilemappingtable.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.109.124.125 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://app.goconsensus.com/ Response headers content-type text/html server Microsoft-IIS/10.0 x-powered-by ASP.NET date Wed, 19 Jan 2022 17:27:40 GMT content-length 1245

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| OSFPerformance object| OSF object| ScriptLoading object| OfficeExt object| Office object| OTel object| CustomFunctionMappings object| CustomFunctions boolean| g_isExpEnabled boolean| g_isOfflineLibrary object| oteljs object| Microsoft function| __extends object| OsfMsAjaxFactory object| OSFLog object| Logger object| OSFAppTelemetry function| Type object| Sys object| AriaLogger object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://telemetryservice.firstpartyapps.oaspapps.com/telemetryservice/telemetryproxy.html Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.goconsensus.com
appsforoffice.microsoft.com
fonts.googleapis.com
telemetryservice.firstpartyapps.oaspapps.com
23.217.44.208
2600:9000:21ec:4200:7:51b9:cf80:93a1
2607:f8b0:4006:80c::200a
52.109.124.125
2cf6e909da5391f513f14379c3ba86fe888f083d9f8205bcc7bd91cde3d9b522
3d49966e747c43932ff12eefce9e260f5c217bbb23466e563c8fde8717ff4e60
491b3aa3f1c7e4e47389439b6ebf88a9080d572c2f566d848a270c07a8129a73
5a2c1fd03d1122f6cde94ecebb8fe656ad5d9a084749afa5efb23b8827e191d6
67c4163cfa372c5e7070da5aecf00c4f11fbc14ec546cba5ff4003cbc738a3f8
6f58c17795b7abb38aa02000d06ce1617637a55efcd28b025e25778c9f528f91
74292c58162fc5f9999a6fead8af62c9c71cb904a1642347078d392e1f6214db
74e51b7388ffadc5b1cc6cd8ee77871ef957d65cdb943450b294a8bd1aa6f104
b075979b6523c82e020a2b6334437ef1958b3a4b2394ae4b43d37b7cbeb64a62
b4e10b77d12adff6b68e886ef22f27aa6787fa308848cee9801e70c38fd25f48
c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40
d2b0465ad3534c0dff9cd2ccc6c6d1c977978dc9023e869a08a8c48a7b83c33c
d7412905a2ee1afe0cffea574c2abec1b268dfafd89913e005ca43d032242687
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
f56003e9815f57faf9e4fd857e3e18921bc7510c22ea796ffb782af368ffeee4