urlscan.io logo urlscan.io
SecurityTrails logo

www.drum-cussac.net Open in urlscan Pro
35.190.11.170  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.drum-cussac.net/self-registration/04309ea8-3615-49b4-822a-7fb45184bdb1?lang=es
Submission Tags: falconsandbox
Submission: On September 10 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 13 HTTP transactions. The main IP is 35.190.11.170, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is www.drum-cussac.net.
TLS certificate: Issued by GeoTrust RSA CA 2018 on August 3rd 2021. Valid for: a year.
This is the only time www.drum-cussac.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 35.190.11.170 15169 (GOOGLE)
2 142.250.80.78 15169 (GOOGLE)
3 99.84.82.125 16509 (AMAZON-02)
13 4
Domain Requested by
8 www.drum-cussac.net www.drum-cussac.net
3 beacon-v2.helpscout.net www.drum-cussac.net
beacon-v2.helpscout.net
2 www.google-analytics.com www.drum-cussac.net
www.google-analytics.com
13 3

This site contains links to these domains. Also see Links.

Domain
crisis24.garda.com
Subject Issuer Validity Valid
drum-cussac.net
GeoTrust RSA CA 2018		 2021-08-03 -
2022-08-03		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.helpscout.net
Amazon		 2021-04-25 -
2022-05-24		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.drum-cussac.net/self-registration/04309ea8-3615-49b4-822a-7fb45184bdb1?lang=es
Frame ID: 7D3B6B4DA7C8549A1BCBBA05261AC6F6
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Registration

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

1
Countries

8903 kB
Transfer

9729 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 04309ea8-3615-49b4-822a-7fb45184bdb1
www.drum-cussac.net/self-registration/ 		5 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.drum-cussac.net/self-registration/04309ea8-3615-49b4-822a-7fb45184bdb1?lang=es
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.11.170 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
170.11.190.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
dd03caf317a0520c853e180d2e2d5871d2774f771eb9c8362ca5e2a88882a19b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:; frame-ancestors 'self' https://grmfutures.sharepoint.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://www.gstatic.com https://beacon-v2.helpscout.net https://translate.googleapis.com https://translate.google.com https://www.google-analytics.com https://ajax.googleapis.com https://ssl.google-analytics.com https://www.google.com; img-src 'self' https: data: blob:; style-src 'self' 'unsafe-inline' https://translate.googleapis.com https://fonts.googleapis.com; font-src 'self' https://themes.googleusercontent.com; frame-src 'self' https://www.google.com; object-src 'none'
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options allow-from https://grmfutures.sharepoint.com

Request headers

:method
GET
:authority
www.drum-cussac.net
:scheme
https
:path
/self-registration/04309ea8-3615-49b4-822a-7fb45184bdb1?lang=es
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Fri, 10 Sep 2021 21:16:52 GMT
content-type
text/html
content-length
5293
accept-ranges
bytes
content-security-policy
default-src * data: blob:; frame-ancestors 'self' https://grmfutures.sharepoint.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://www.gstatic.com https://beacon-v2.helpscout.net https://translate.googleapis.com https://translate.google.com https://www.google-analytics.com https://ajax.googleapis.com https://ssl.google-analytics.com https://www.google.com; img-src 'self' https: data: blob:; style-src 'self' 'unsafe-inline' https://translate.googleapis.com https://fonts.googleapis.com; font-src 'self' https://themes.googleusercontent.com; frame-src 'self' https://www.google.com; object-src 'none'
etag
"6136326f-14ad"
last-modified
Mon, 06 Sep 2021 15:23:27 GMT
x-frame-options
allow-from https://grmfutures.sharepoint.com
expires
Fri, 10 Sep 2021 21:16:51 GMT
cache-control
no-cache
strict-transport-security
max-age=2592000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
feature-policy
geolocation self; camera none; microphone none
via
1.1 google
alt-svc
clear
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.drum-cussac.net
URL: https://www.drum-cussac.net/self-registration/04309ea8-3615-49b4-822a-7fb45184bdb1?lang=es
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.drum-cussac.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
5740
date
Fri, 10 Sep 2021 19:41:13 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Fri, 10 Sep 2021 21:41:13 GMT
autotrack.js
www.drum-cussac.net/static/ 		24 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.drum-cussac.net/static/autotrack.js
Requested by
Host: www.drum-cussac.net
URL: https://www.drum-cussac.net/self-registration/04309ea8-3615-49b4-822a-7fb45184bdb1?lang=es
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.11.170 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
170.11.190.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
bceb73993d094c4c821c7571921103bdc8c05e9082c4fc513d244358d53593db
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:; frame-ancestors 'self' https://grmfutures.sharepoint.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://www.gstatic.com https://beacon-v2.helpscout.net https://translate.googleapis.com https://translate.google.com https://www.google-analytics.com https://ajax.googleapis.com https://ssl.google-analytics.com https://www.google.com; img-src 'self' https: data: blob:; style-src 'self' 'unsafe-inline' https://translate.googleapis.com https://fonts.googleapis.com; font-src 'self' https://themes.googleusercontent.com; frame-src 'self' https://www.google.com; object-src 'none'
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options allow-from https://grmfutures.sharepoint.com

Request headers

:path
/static/autotrack.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.drum-cussac.net
referer
https://www.drum-cussac.net/self-registration/04309ea8-3615-49b4-822a-7fb45184bdb1?lang=es
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.drum-cussac.net/self-registration/04309ea8-3615-49b4-822a-7fb45184bdb1?lang=es
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:; frame-ancestors 'self' https://grmfutures.sharepoint.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://www.gstatic.com https://beacon-v2.helpscout.net https://translate.googleapis.com https://translate.google.com https://www.google-analytics.com https://ajax.googleapis.com https://ssl.google-analytics.com https://www.google.com; img-src 'self' https: data: blob:; style-src 'self' 'unsafe-inline' https://translate.googleapis.com https://fonts.googleapis.com; font-src 'self' https://themes.googleusercontent.com; frame-src 'self' https://www.google.com; object-src 'none'
via
1.1 google
x-content-type-options
nosniff
alt-svc
clear
content-length
24792
etag
"6136307a-60d8"
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 06 Sep 2021 15:15:06 GMT
server
nginx
x-frame-options
allow-from https://grmfutures.sharepoint.com
date
Fri, 10 Sep 2021 21:16:52 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-type
application/javascript
cache-control
no-cache
feature-policy
geolocation self; camera none; microphone none
accept-ranges
bytes
expires
Fri, 10 Sep 2021 21:16:51 GMT
app.3bc6b726db5d1f717c83.css
www.drum-cussac.net/ 		927 KB
928 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.drum-cussac.net/app.3bc6b726db5d1f717c83.css
Requested by
Host: www.drum-cussac.net
URL: https://www.drum-cussac.net/self-registration/04309ea8-3615-49b4-822a-7fb45184bdb1?lang=es
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.11.170 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
170.11.190.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
fc6b85c18dcfbec840a0a2d78d3ff2563fb3418b91e473cad611a67f8e3d5512
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:; frame-ancestors 'self' https://grmfutures.sharepoint.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://www.gstatic.com https://beacon-v2.helpscout.net https://translate.googleapis.com https://translate.google.com https://www.google-analytics.com https://ajax.googleapis.com https://ssl.google-analytics.com https://www.google.com; img-src 'self' https: data: blob:; style-src 'self' 'unsafe-inline' https://translate.googleapis.com https://fonts.googleapis.com; font-src 'self' https://themes.googleusercontent.com; frame-src 'self' https://www.google.com; object-src 'none'
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options allow-from https://grmfutures.sharepoint.com

Request headers

:path
/app.3bc6b726db5d1f717c83.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.drum-cussac.net
referer
https://www.drum-cussac.net/self-registration/04309ea8-3615-49b4-822a-7fb45184bdb1?lang=es
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.drum-cussac.net/self-registration/04309ea8-3615-49b4-822a-7fb45184bdb1?lang=es
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:; frame-ancestors 'self' https://grmfutures.sharepoint.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://www.gstatic.com https://beacon-v2.helpscout.net https://translate.googleapis.com https://translate.google.com https://www.google-analytics.com https://ajax.googleapis.com https://ssl.google-analytics.com https://www.google.com; img-src 'self' https: data: blob:; style-src 'self' 'unsafe-inline' https://translate.googleapis.com https://fonts.googleapis.com; font-src 'self' https://themes.googleusercontent.com; frame-src 'self' https://www.google.com; object-src 'none'
via
1.1 google
x-content-type-options
nosniff
alt-svc
clear
content-length
949205
etag
"6136326f-e7bd5"
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 06 Sep 2021 15:23:27 GMT
server
nginx
x-frame-options
allow-from https://grmfutures.sharepoint.com
date
Fri, 10 Sep 2021 21:16:52 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-type
text/css
cache-control
no-cache
feature-policy
geolocation self; camera none; microphone none
accept-ranges
bytes
expires
Fri, 10 Sep 2021 21:16:51 GMT
app.a826a45bdcb840d908ce.bundle.js
www.drum-cussac.net/ 		7 MB
7 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.drum-cussac.net/app.a826a45bdcb840d908ce.bundle.js
Requested by
Host: www.drum-cussac.net
URL: https://www.drum-cussac.net/self-registration/04309ea8-3615-49b4-822a-7fb45184bdb1?lang=es
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.11.170 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
170.11.190.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
48ff2145b9ba32ab27726e0bd81ffe7e8791c6cfb8d5d09e5675a01ffefc1d0b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:; frame-ancestors 'self' https://grmfutures.sharepoint.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://www.gstatic.com https://beacon-v2.helpscout.net https://translate.googleapis.com https://translate.google.com https://www.google-analytics.com https://ajax.googleapis.com https://ssl.google-analytics.com https://www.google.com; img-src 'self' https: data: blob:; style-src 'self' 'unsafe-inline' https://translate.googleapis.com https://fonts.googleapis.com; font-src 'self' https://themes.googleusercontent.com; frame-src 'self' https://www.google.com; object-src 'none'
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options allow-from https://grmfutures.sharepoint.com

Request headers

:path
/app.a826a45bdcb840d908ce.bundle.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.drum-cussac.net
referer
https://www.drum-cussac.net/self-registration/04309ea8-3615-49b4-822a-7fb45184bdb1?lang=es
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.drum-cussac.net/self-registration/04309ea8-3615-49b4-822a-7fb45184bdb1?lang=es
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:; frame-ancestors 'self' https://grmfutures.sharepoint.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://www.gstatic.com https://beacon-v2.helpscout.net https://translate.googleapis.com https://translate.google.com https://www.google-analytics.com https://ajax.googleapis.com https://ssl.google-analytics.com https://www.google.com; img-src 'self' https: data: blob:; style-src 'self' 'unsafe-inline' https://translate.googleapis.com https://fonts.googleapis.com; font-src 'self' https://themes.googleusercontent.com; frame-src 'self' https://www.google.com; object-src 'none'
via
1.1 google
x-content-type-options
nosniff
alt-svc
clear
content-length
7277151
etag
"6136326f-6f0a5f"
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 06 Sep 2021 15:23:27 GMT
server
nginx
x-frame-options
allow-from https://grmfutures.sharepoint.com
date
Fri, 10 Sep 2021 21:16:52 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-type
application/javascript
cache-control
no-cache
feature-policy
geolocation self; camera none; microphone none
accept-ranges
bytes
expires
Fri, 10 Sep 2021 21:16:51 GMT
collect
www.google-analytics.com/j/ 		2 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1877549336&t=pageview&_s=1&dl=https%3A%2F%2Fwww.drum-cussac.net%2Fself-registration%2F04309ea8-3615-49b4-822a-7fb45184bdb1%3Flang%3Des&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAAEADAAAAAC~&jid=19901127&gjid=828702655&cid=1726431791.1631308613&tid=UA-128358489-1&_gid=91114068.1631308613&_r=1&_slc=1&_av=2.4.1&_au=100&did=i5iSjo&z=943747803
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.drum-cussac.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 21:16:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.drum-cussac.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/webp
04309ea8-3615-49b4-822a-7fb45184bdb1
www.drum-cussac.net/api/v1/users/self-registration/confirm/ 		84 B
198 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.drum-cussac.net/api/v1/users/self-registration/confirm/04309ea8-3615-49b4-822a-7fb45184bdb1
Requested by
Host: www.drum-cussac.net
URL: https://www.drum-cussac.net/app.a826a45bdcb840d908ce.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.11.170 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
170.11.190.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
72e698d7f1ab34fbb927cfad03fca8a8233f54ed8957e5e6dbcfa0f32dfc3714
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

:path
/api/v1/users/self-registration/confirm/04309ea8-3615-49b4-822a-7fb45184bdb1
pragma
no-cache
cookie
_ga=GA1.2.1726431791.1631308613; _gid=GA1.2.91114068.1631308613; _gat=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
application/json, text/plain, */*
cache-control
no-cache
sec-fetch-dest
empty
:authority
www.drum-cussac.net
referer
https://www.drum-cussac.net/self-registration/04309ea8-3615-49b4-822a-7fb45184bdb1?lang=es
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://www.drum-cussac.net/self-registration/04309ea8-3615-49b4-822a-7fb45184bdb1?lang=es
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 21:16:54 GMT
via
1.1 google
x-dc-request-id
b05f265d-7a3d-4e36-b6db-5fbc949c731a
server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
content-type
application/json
alt-svc
clear
content-length
84
ES.png
www.drum-cussac.net/static/flag-icons/ 		221 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.drum-cussac.net/static/flag-icons/ES.png
Requested by
Host: www.drum-cussac.net
URL: https://www.drum-cussac.net/self-registration/04309ea8-3615-49b4-822a-7fb45184bdb1?lang=es
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.11.170 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
170.11.190.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
79495ce402f8d31d1f750e039cbaaf05803b4ea9398926e81dba3a434f42fcff
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:; frame-ancestors 'self' https://grmfutures.sharepoint.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://www.gstatic.com https://beacon-v2.helpscout.net https://translate.googleapis.com https://translate.google.com https://www.google-analytics.com https://ajax.googleapis.com https://ssl.google-analytics.com https://www.google.com; img-src 'self' https: data: blob:; style-src 'self' 'unsafe-inline' https://translate.googleapis.com https://fonts.googleapis.com; font-src 'self' https://themes.googleusercontent.com; frame-src 'self' https://www.google.com; object-src 'none'
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options allow-from https://grmfutures.sharepoint.com

Request headers

:path
/static/flag-icons/ES.png
pragma
no-cache
cookie
_ga=GA1.2.1726431791.1631308613; _gid=GA1.2.91114068.1631308613; _gat=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.drum-cussac.net
referer
https://www.drum-cussac.net/self-registration/04309ea8-3615-49b4-822a-7fb45184bdb1?lang=es
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.drum-cussac.net/self-registration/04309ea8-3615-49b4-822a-7fb45184bdb1?lang=es
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:; frame-ancestors 'self' https://grmfutures.sharepoint.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://www.gstatic.com https://beacon-v2.helpscout.net https://translate.googleapis.com https://translate.google.com https://www.google-analytics.com https://ajax.googleapis.com https://ssl.google-analytics.com https://www.google.com; img-src 'self' https: data: blob:; style-src 'self' 'unsafe-inline' https://translate.googleapis.com https://fonts.googleapis.com; font-src 'self' https://themes.googleusercontent.com; frame-src 'self' https://www.google.com; object-src 'none'
via
1.1 google
x-content-type-options
nosniff
alt-svc
clear
content-length
221
etag
"6136307a-dd"
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 06 Sep 2021 15:15:06 GMT
server
nginx
x-frame-options
allow-from https://grmfutures.sharepoint.com
date
Fri, 10 Sep 2021 21:16:54 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-type
image/png
cache-control
no-cache
feature-policy
geolocation self; camera none; microphone none
accept-ranges
bytes
expires
Fri, 10 Sep 2021 21:16:53 GMT
1988d324035815def43a20156c8adf1d.jpg
www.drum-cussac.net/ 		510 KB
510 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.drum-cussac.net/1988d324035815def43a20156c8adf1d.jpg
Requested by
Host: www.drum-cussac.net
URL: https://www.drum-cussac.net/app.3bc6b726db5d1f717c83.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.11.170 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
170.11.190.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
856e656aee7ef37272fc02daad844c978c9e07d9ab79a581318a1d2f8a25049e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:; frame-ancestors 'self' https://grmfutures.sharepoint.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://www.gstatic.com https://beacon-v2.helpscout.net https://translate.googleapis.com https://translate.google.com https://www.google-analytics.com https://ajax.googleapis.com https://ssl.google-analytics.com https://www.google.com; img-src 'self' https: data: blob:; style-src 'self' 'unsafe-inline' https://translate.googleapis.com https://fonts.googleapis.com; font-src 'self' https://themes.googleusercontent.com; frame-src 'self' https://www.google.com; object-src 'none'
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options allow-from https://grmfutures.sharepoint.com

Request headers

:path
/1988d324035815def43a20156c8adf1d.jpg
pragma
no-cache
cookie
_ga=GA1.2.1726431791.1631308613; _gid=GA1.2.91114068.1631308613; _gat=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.drum-cussac.net
referer
https://www.drum-cussac.net/app.3bc6b726db5d1f717c83.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.drum-cussac.net/app.3bc6b726db5d1f717c83.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:; frame-ancestors 'self' https://grmfutures.sharepoint.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://www.gstatic.com https://beacon-v2.helpscout.net https://translate.googleapis.com https://translate.google.com https://www.google-analytics.com https://ajax.googleapis.com https://ssl.google-analytics.com https://www.google.com; img-src 'self' https: data: blob:; style-src 'self' 'unsafe-inline' https://translate.googleapis.com https://fonts.googleapis.com; font-src 'self' https://themes.googleusercontent.com; frame-src 'self' https://www.google.com; object-src 'none'
via
1.1 google
x-content-type-options
nosniff
alt-svc
clear
content-length
521756
etag
"6136326f-7f61c"
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 06 Sep 2021 15:23:27 GMT
server
nginx
x-frame-options
allow-from https://grmfutures.sharepoint.com
date
Fri, 10 Sep 2021 21:16:54 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-type
image/jpeg
cache-control
no-cache
feature-policy
geolocation self; camera none; microphone none
accept-ranges
bytes
expires
Fri, 10 Sep 2021 21:16:53 GMT
9b4a9d9ffa700133f817b524cec843f6.png
www.drum-cussac.net/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.drum-cussac.net/9b4a9d9ffa700133f817b524cec843f6.png
Requested by
Host: www.drum-cussac.net
URL: https://www.drum-cussac.net/app.3bc6b726db5d1f717c83.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.11.170 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
170.11.190.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
5224a0bf141e31d3904b0beca24da090914bf7b165b2113bc46244de66f9c6d7
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:; frame-ancestors 'self' https://grmfutures.sharepoint.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://www.gstatic.com https://beacon-v2.helpscout.net https://translate.googleapis.com https://translate.google.com https://www.google-analytics.com https://ajax.googleapis.com https://ssl.google-analytics.com https://www.google.com; img-src 'self' https: data: blob:; style-src 'self' 'unsafe-inline' https://translate.googleapis.com https://fonts.googleapis.com; font-src 'self' https://themes.googleusercontent.com; frame-src 'self' https://www.google.com; object-src 'none'
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options allow-from https://grmfutures.sharepoint.com

Request headers

:path
/9b4a9d9ffa700133f817b524cec843f6.png
pragma
no-cache
cookie
_ga=GA1.2.1726431791.1631308613; _gid=GA1.2.91114068.1631308613; _gat=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.drum-cussac.net
referer
https://www.drum-cussac.net/app.3bc6b726db5d1f717c83.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.drum-cussac.net/app.3bc6b726db5d1f717c83.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:; frame-ancestors 'self' https://grmfutures.sharepoint.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://www.gstatic.com https://beacon-v2.helpscout.net https://translate.googleapis.com https://translate.google.com https://www.google-analytics.com https://ajax.googleapis.com https://ssl.google-analytics.com https://www.google.com; img-src 'self' https: data: blob:; style-src 'self' 'unsafe-inline' https://translate.googleapis.com https://fonts.googleapis.com; font-src 'self' https://themes.googleusercontent.com; frame-src 'self' https://www.google.com; object-src 'none'
via
1.1 google
x-content-type-options
nosniff
alt-svc
clear
content-length
40808
etag
"6136326f-9f68"
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 06 Sep 2021 15:23:27 GMT
server
nginx
x-frame-options
allow-from https://grmfutures.sharepoint.com
date
Fri, 10 Sep 2021 21:16:54 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-type
image/png
cache-control
no-cache
feature-policy
geolocation self; camera none; microphone none
accept-ranges
bytes
expires
Fri, 10 Sep 2021 21:16:53 GMT
/
beacon-v2.helpscout.net/ 		293 B
622 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon-v2.helpscout.net/
Requested by
Host: www.drum-cussac.net
URL: https://www.drum-cussac.net/self-registration/04309ea8-3615-49b4-822a-7fb45184bdb1?lang=es
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.82.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-82-125.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
33bdc81a3d748d5c85c2791d31ce4f94c604d380230c92dcfc9c0765e829be40

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.drum-cussac.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 21:15:50 GMT
content-encoding
gzip
last-modified
Mon, 16 Aug 2021 16:56:44 GMT
server
AmazonS3
age
64
etag
"54b3789eb43cedb581d24be102fe360f"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 39ed76664123c3090231ff0882467152.cloudfront.net (CloudFront)
cache-control
max-age=120, s-maxage=120, public
x-amz-cf-pop
MUC50-C1
accept-ranges
bytes
content-length
244
x-amz-cf-id
DKF-cy-qQI3JhGGDzleFUmPyer89knU4HwhDHJpUdYw2SOAD2uz6Ig==
vendor.41dc2f6c.js
beacon-v2.helpscout.net/static/js/ 		813 KB
199 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon-v2.helpscout.net/static/js/vendor.41dc2f6c.js
Requested by
Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.82.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-82-125.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
410f8b843f7167320f135bb7b943a827ef5940a01d365e83dceac2985a4d1d2f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.drum-cussac.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 19:41:13 GMT
content-encoding
gzip
last-modified
Mon, 16 Aug 2021 16:56:44 GMT
server
AmazonS3
age
5742
etag
"25f42768fa4f17f3d159d824468e30f2"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 39ed76664123c3090231ff0882467152.cloudfront.net (CloudFront)
cache-control
max-age=315360000, s-maxage=7200, public
x-amz-cf-pop
MUC50-C1
accept-ranges
bytes
content-length
203297
x-amz-cf-id
Di5O-0Di82EZ-RV3d5-SeDfORYdblpV7QNYBEdRhy6AF_Gn4i3x2RQ==
main.f5788018.js
beacon-v2.helpscout.net/static/js/ 		256 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon-v2.helpscout.net/static/js/main.f5788018.js
Requested by
Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.82.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-82-125.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
14f3a8984203a5686c6cd771f4ad26ef17b8e2a8ed650b4b419512f99f209b8b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.drum-cussac.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 19:41:13 GMT
content-encoding
gzip
last-modified
Mon, 16 Aug 2021 16:56:44 GMT
server
AmazonS3
age
5742
etag
"ddbe969beae5e5996668517ee77de90e"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 39ed76664123c3090231ff0882467152.cloudfront.net (CloudFront)
cache-control
max-age=315360000, s-maxage=7200, public
x-amz-cf-pop
MUC50-C1
accept-ranges
bytes
content-length
65277
x-amz-cf-id
5NVRGh0ZO0s89jAzZ-QkUV16poL42SJyyh-JuiaWteu6feJ6sgcDQg==

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster function| ga object| gaDevIds object| gaplugins function| Beacon object| google_tag_data object| gaGlobal object| gaData function| setImmediate function| clearImmediate object| regeneratorRuntime function| _ function| beaconJsonp object| HSDSPortalWrapperGlobalManager

3 Cookies

Domain/Path Name / Value
.drum-cussac.net/ Name: _ga
Value: GA1.2.1726431791.1631308613
.drum-cussac.net/ Name: _gid
Value: GA1.2.91114068.1631308613
.drum-cussac.net/ Name: _gat
Value: 1

4 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'self'.
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
network error URL: https://www.drum-cussac.net/api/v1/users/self-registration/confirm/04309ea8-3615-49b4-822a-7fb45184bdb1
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * data: blob:; frame-ancestors 'self' https://grmfutures.sharepoint.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://www.gstatic.com https://beacon-v2.helpscout.net https://translate.googleapis.com https://translate.google.com https://www.google-analytics.com https://ajax.googleapis.com https://ssl.google-analytics.com https://www.google.com; img-src 'self' https: data: blob:; style-src 'self' 'unsafe-inline' https://translate.googleapis.com https://fonts.googleapis.com; font-src 'self' https://themes.googleusercontent.com; frame-src 'self' https://www.google.com; object-src 'none'
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options allow-from https://grmfutures.sharepoint.com