encrypted-invoice-ref0091.myportfolio.com Open in urlscan Pro
151.101.64.119  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://ribbon-pine-parade.glitch.me/ Page URL
2. https://encrypted-invoice-ref0091.myportfolio.com/ Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ ribbon-pine-parade.glitch.me/	684 B 1018 B	150ms 78ms	Document text/html	34.236.119.172 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://ribbon-pine-parade.glitch.me/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.236.119.172 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-236-119-172.compute-1.amazonaws.com Software AmazonS3 / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes cache-control no-cache content-length 684 content-type text/html; charset=utf-8 date Mon, 15 Aug 2022 17:27:29 GMT etag "ca0b9c0c8c075b8eb21697a9027f4d23" last-modified Mon, 15 Aug 2022 16:00:50 GMT server AmazonS3 x-amz-id-2 81JFrQqeuHN66/pgDFOHylZYh6KA8DPDsZx4MSrobFIp6WLQZfvc6j+x9rLJB1PrzN/yobyB99Q= x-amz-request-id 0CTECMJ94MEY8DZY x-amz-version-id 6WU.ncdBPghajSBb9fkzc152cH1ei6nQ
GET H2	200	Primary Request / Show response encrypted-invoice-ref0091.myportfolio.com/	17 KB 17 KB	359ms 11ms	Document text/html	151.101.64.119 FASTLY
General Check archive.org Show headers Download Go to Full URL https://encrypted-invoice-ref0091.myportfolio.com/ Requested by Host: ribbon-pine-parade.glitch.me URL: https://ribbon-pine-parade.glitch.me/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.64.119 , United States, ASN54113 (FASTLY, US), Reverse DNS Software adobe / Resource Hash 2dcaf1b6396e401ef2c5b8ddb8bf3970377fe71e55ad375d9ace7a68e81437d3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://ribbon-pine-parade.glitch.me/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes age 8779 cache-control s-maxage=31536000 content-length 17082 content-type text/html; charset=utf-8 date Mon, 15 Aug 2022 17:27:30 GMT server adobe vary Accept-Language, Accept-Encoding,Fastly-SSL, X-Use-Renderer via 1.1 varnish x-app-name Pro2-Renderer x-cache HIT x-cache-hits 1 x-content-type-options nosniff x-locale en_us x-robots-tag noindex x-served-by cache-yul12823-YUL x-timer S1660584450.145892,VS0,VE1 x-trace-id hSijIUqN0qcpID5hvk8h/Vl6m/4 x-xss-protection 1; mode=block
GET H2	200	main.css encrypted-invoice-ref0091.myportfolio.com/dist/css/	11 KB 11 KB	30ms 29ms	Stylesheet text/css	151.101.64.119 FASTLY
General Check archive.org Show headers Download Go to Full URL https://encrypted-invoice-ref0091.myportfolio.com/dist/css/main.css Requested by Host: encrypted-invoice-ref0091.myportfolio.com URL: https://encrypted-invoice-ref0091.myportfolio.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.64.119 , United States, ASN54113 (FASTLY, US), Reverse DNS Software adobe / Resource Hash 009a029a1fbe7ec1821f8884761847d0c4857770dc9aefe51c13ff36c9ac6fd2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://encrypted-invoice-ref0091.myportfolio.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Mon, 15 Aug 2022 17:27:30 GMT via 1.1 varnish x-content-type-options nosniff age 0 x-cache MISS content-length 11553 x-xss-protection 1; mode=block x-served-by cache-yul12823-YUL last-modified Fri, 05 Aug 2022 21:22:47 GMT server adobe x-timer S1660584450.181078,VS0,VE18 etag "62ed8a27-2d21" vary Fastly-SSL, X-Use-Renderer content-type text/css accept-ranges bytes x-cache-hits 0
GET H2	200	d75ee0aafd222cd584ca8c6d00f4cd321660557669.css cdn.myportfolio.com/bb863cf4-6962-402e-8e6e-9ab9927319c7/	78 KB 79 KB	73ms 12ms	Stylesheet text/css	151.101.2.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.myportfolio.com/bb863cf4-6962-402e-8e6e-9ab9927319c7/d75ee0aafd222cd584ca8c6d00f4cd321660557669.css?h=f5d213f926b479aa8d69f92b44a23e76 Requested by Host: encrypted-invoice-ref0091.myportfolio.com URL: https://encrypted-invoice-ref0091.myportfolio.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.2.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software adobe / Resource Hash 562defaa1ec4833b5a8edd341f09174438136b5b2d5f9054a6cf9e27b54be5ac Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://encrypted-invoice-ref0091.myportfolio.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Mon, 15 Aug 2022 17:27:30 GMT via 1.1 varnish x-content-type-options nosniff age 8777 x-cache HIT cross-origin-resource-policy cross-origin vary Origin content-length 80187 x-xss-protection 1; mode=block x-served-by cache-yul12825-YUL x-trace-id eQeH0Wh5uhDyQUzlTwfrw4smjTo last-modified Sun, 27 Apr 2014 08:35:25 UTC server adobe x-timer S1660584450.242988,VS0,VE1 etag 945b49507f7fe35f21880ee8029d5bee strict-transport-security max-age=300 content-type text/css;charset=UTF-8 access-control-allow-origin * expires Thu, 15 Sep 2022 01:01:13 +0000 cache-control max-age=2628000 accept-ranges bytes x-cache-hits 1
GET H2	200	TLnW-FSnk91rh_ETuJ_yAgzojlg0dexCvoNpQC4Ga3MfenvgfHYEBsJzwD9oFDIDWDbow2yqwh9UZQg8w2q3jRS3jD8y5QJhwRB8w26DFQBqwQJujcsy52q-mkG0dW83da4XZcNC-Av0jhNlOfG0SY4zwKuh-AmaOcuoSeNkieZzde8zOcFzdPUlpWgzS1scdhUTd... Show response use.typekit.net/ik/	17 KB 7 KB	132ms 27ms	Script text/javascript	2600:141b:13::17d7:82c3 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/ik/TLnW-FSnk91rh_ETuJ_yAgzojlg0dexCvoNpQC4Ga3MfenvgfHYEBsJzwD9oFDIDWDbow2yqwh9UZQg8w2q3jRS3jD8y5QJhwRB8w26DFQBqwQJujcsy52q-mkG0dW83da4XZcNC-Av0jhNlOfG0SY4zwKuh-AmaOcuoSeNkieZzde8zOcFzdPUlpWgzS1scdhUTdkoRdhXCSY4zwKuh-AmaOcuoSeNkieZzde8zOcFzdPJIjcT3ZkGHfH_JMsMMeMb6MKGHfOWJMsMMeMj6MKGHfHDJMsMMeMS6MTMg_tpsa69.js?cb=d72b228e4d1ecff44d38251e0ae6b79eac41f5fc Requested by Host: encrypted-invoice-ref0091.myportfolio.com URL: https://encrypted-invoice-ref0091.myportfolio.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:13::17d7:82c3 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 8be216137dc0c3598e32bbfdf50019d76f7c51d3aa93de44c8fda653a4c911e5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; Request headers accept-language en-CA,en;q=0.9 Referer https://encrypted-invoice-ref0091.myportfolio.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; content-encoding gzip server nginx date Mon, 15 Aug 2022 17:27:30 GMT vary Accept-Encoding content-type text/javascript;charset=utf-8 access-control-allow-origin * cache-control public, max-age=604800 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 6683
GET DATA	200 OK	truncated /	42 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Content-Type image/gif
GET H2	200	translations Show response encrypted-invoice-ref0091.myportfolio.com/site/	141 B 255 B	69ms 68ms	Script application/javascript	151.101.64.119 FASTLY
General Check archive.org Show headers Download Go to Full URL https://encrypted-invoice-ref0091.myportfolio.com/site/translations?cb=d72b228e4d1ecff44d38251e0ae6b79eac41f5fc Requested by Host: encrypted-invoice-ref0091.myportfolio.com URL: https://encrypted-invoice-ref0091.myportfolio.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.64.119 , United States, ASN54113 (FASTLY, US), Reverse DNS Software adobe / Resource Hash 6650c64dab8bfba200daab73d82c0a8a3e5e7021b2e7a008a21489cfd65e7779 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://encrypted-invoice-ref0091.myportfolio.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Mon, 15 Aug 2022 17:27:30 GMT via 1.1 varnish x-content-type-options nosniff age 0 x-cache MISS x-app-name Pro2-Renderer content-length 141 x-xss-protection 1; mode=block x-served-by cache-yul12823-YUL x-trace-id 6yJ4O8F1Uh2ymkcTSFm5/coqTGA server adobe x-timer S1660584450.182960,VS0,VE41 vary Accept-Language, Accept-Encoding,Fastly-SSL, X-Use-Renderer content-type application/javascript; charset=utf-8 accept-ranges bytes x-cache-hits 0
GET H2	200	main.js Show response encrypted-invoice-ref0091.myportfolio.com/dist/js/	347 KB 347 KB	34ms 33ms	Script application/javascript	151.101.64.119 FASTLY
General Check archive.org Show headers Download Go to Full URL https://encrypted-invoice-ref0091.myportfolio.com/dist/js/main.js?cb=d72b228e4d1ecff44d38251e0ae6b79eac41f5fc Requested by Host: encrypted-invoice-ref0091.myportfolio.com URL: https://encrypted-invoice-ref0091.myportfolio.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.64.119 , United States, ASN54113 (FASTLY, US), Reverse DNS Software adobe / Resource Hash 9f096217c974a5bb9cc2d1e705cd59de004eaf3efca52a9e0d5aed77aedecc1c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://encrypted-invoice-ref0091.myportfolio.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Mon, 15 Aug 2022 17:27:30 GMT via 1.1 varnish x-content-type-options nosniff age 0 x-cache MISS content-length 354855 x-xss-protection 1; mode=block x-served-by cache-yul12823-YUL last-modified Fri, 05 Aug 2022 21:22:47 GMT server adobe x-timer S1660584450.183132,VS0,VE23 etag "62ed8a27-56a27" vary Fastly-SSL, X-Use-Renderer content-type application/javascript accept-ranges bytes x-cache-hits 0
GET H2	200	d75ee0aafd222cd584ca8c6d00f4cd321660557669.css cdn.myportfolio.com/bb863cf4-6962-402e-8e6e-9ab9927319c7/	78 KB 78 KB	11ms 10ms	Image text/css	151.101.2.133 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.myportfolio.com/bb863cf4-6962-402e-8e6e-9ab9927319c7/d75ee0aafd222cd584ca8c6d00f4cd321660557669.css?h=f5d213f926b479aa8d69f92b44a23e76 Requested by Host: cdn.myportfolio.com URL: https://cdn.myportfolio.com/bb863cf4-6962-402e-8e6e-9ab9927319c7/d75ee0aafd222cd584ca8c6d00f4cd321660557669.css?h=f5d213f926b479aa8d69f92b44a23e76 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.2.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software adobe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://cdn.myportfolio.com/bb863cf4-6962-402e-8e6e-9ab9927319c7/d75ee0aafd222cd584ca8c6d00f4cd321660557669.css?h=f5d213f926b479aa8d69f92b44a23e76 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Mon, 15 Aug 2022 17:27:30 GMT via 1.1 varnish x-content-type-options nosniff age 8777 x-cache HIT cross-origin-resource-policy cross-origin vary Origin content-length 80187 x-xss-protection 1; mode=block x-served-by cache-yul12825-YUL x-trace-id eQeH0Wh5uhDyQUzlTwfrw4smjTo last-modified Sun, 27 Apr 2014 08:35:25 UTC server adobe x-timer S1660584450.270694,VS0,VE0 etag 945b49507f7fe35f21880ee8029d5bee strict-transport-security max-age=300 content-type text/css;charset=UTF-8 access-control-allow-origin * expires Thu, 15 Sep 2022 01:01:13 +0000 cache-control max-age=2628000 accept-ranges bytes x-cache-hits 2
GET H2	200	471e2e9d-bdb5-45b2-9c44-4f80b77a6f3f_rwc_0x0x2880x1442x4096.png cdn.myportfolio.com/bb863cf4-6962-402e-8e6e-9ab9927319c7/	191 KB 191 KB	14ms 14ms	Image image/png	151.101.2.133 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.myportfolio.com/bb863cf4-6962-402e-8e6e-9ab9927319c7/471e2e9d-bdb5-45b2-9c44-4f80b77a6f3f_rwc_0x0x2880x1442x4096.png?h=4390130c81f0839fc116db3a0df24d46 Requested by Host: cdn.myportfolio.com URL: https://cdn.myportfolio.com/bb863cf4-6962-402e-8e6e-9ab9927319c7/d75ee0aafd222cd584ca8c6d00f4cd321660557669.css?h=f5d213f926b479aa8d69f92b44a23e76 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.2.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software adobe / Resource Hash 046c7acaa75da9e549cd77715f96ff49ff89809de5b2d2eb1bf11a7aeba4c257 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://cdn.myportfolio.com/bb863cf4-6962-402e-8e6e-9ab9927319c7/d75ee0aafd222cd584ca8c6d00f4cd321660557669.css?h=f5d213f926b479aa8d69f92b44a23e76 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Mon, 15 Aug 2022 17:27:30 GMT via 1.1 varnish x-content-type-options nosniff age 8776 x-cache HIT cross-origin-resource-policy cross-origin vary Origin content-length 195771 x-xss-protection 1; mode=block x-served-by cache-yul12825-YUL x-trace-id g0x8+hGSM79/Np3dBnmGfM2Awr0 last-modified Sun, 27 Apr 2014 08:56:12 UTC server adobe x-timer S1660584450.270885,VS0,VE2 etag 782a4ad67b6433f99caf98f3a6a4a733 strict-transport-security max-age=300 content-type image/png access-control-allow-origin * expires Thu, 15 Sep 2022 01:01:14 +0000 cache-control max-age=2628000 accept-ranges bytes x-cache-hits 1
GET H2	200	5934e834-90d1-4625-a77f-39755cf85c5f_rw_1920.png cdn.myportfolio.com/bb863cf4-6962-402e-8e6e-9ab9927319c7/	119 KB 120 KB	13ms 13ms	Image image/png	151.101.2.133 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.myportfolio.com/bb863cf4-6962-402e-8e6e-9ab9927319c7/5934e834-90d1-4625-a77f-39755cf85c5f_rw_1920.png?h=41ec4a457420d5ae6f7d1a9a11a4ee2c Requested by Host: encrypted-invoice-ref0091.myportfolio.com URL: https://encrypted-invoice-ref0091.myportfolio.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.2.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software adobe / Resource Hash 4b6291040603f588f593003ed35ce878ff862007a2a404e6aa839262d077d3f9 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://encrypted-invoice-ref0091.myportfolio.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Mon, 15 Aug 2022 17:27:30 GMT via 1.1 varnish x-content-type-options nosniff age 8775 x-cache HIT cross-origin-resource-policy cross-origin vary Origin content-length 122317 x-xss-protection 1; mode=block x-served-by cache-yul12825-YUL x-trace-id 5groejvRxKHXtSAMoO+oaIVlMk8 last-modified Sun, 27 Apr 2014 08:34:16 UTC server adobe x-timer S1660584450.326674,VS0,VE2 etag fab2859ffbdaf40656c910adbc992b98 strict-transport-security max-age=300 content-type image/png access-control-allow-origin * expires Thu, 15 Sep 2022 01:01:14 +0000 cache-control max-age=2628000 accept-ranges bytes x-cache-hits 1
GET H2	200	l use.typekit.net/af/54d47a/000000000000000000017750/27/	17 KB 18 KB	85ms 27ms	Font application/font-woff2	2600:141b:13::17d7:82c3 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/54d47a/000000000000000000017750/27/l?subset_id=2&fvd=n4&v=3 Requested by Host: encrypted-invoice-ref0091.myportfolio.com URL: https://encrypted-invoice-ref0091.myportfolio.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:13::17d7:82c3 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 4c7fb148dd3fbb2dd3693817feaa71b30fcf07abae676c7d9ac4973744c4c7de Request headers Referer https://encrypted-invoice-ref0091.myportfolio.com/ Origin https://encrypted-invoice-ref0091.myportfolio.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Mon, 15 Aug 2022 17:27:30 GMT server nginx etag "40cfac9e106a217031011293b321e4ba25cecc5c" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 17800
GET H2	200	l use.typekit.net/af/f7ef3a/00000000000000007735a6cd/30/	18 KB 18 KB	84ms 25ms	Font application/font-woff2	2600:141b:13::17d7:82c3 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/f7ef3a/00000000000000007735a6cd/30/l?subset_id=2&fvd=n6&v=3 Requested by Host: encrypted-invoice-ref0091.myportfolio.com URL: https://encrypted-invoice-ref0091.myportfolio.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:13::17d7:82c3 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 55d6627c5c80026cbd2e175876d11e91c09873cfc41ecba6f08c2ce41a327f22 Request headers Referer https://encrypted-invoice-ref0091.myportfolio.com/ Origin https://encrypted-invoice-ref0091.myportfolio.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Mon, 15 Aug 2022 17:27:30 GMT server nginx etag "cc950ea9910c69d57b9f3941eb4b62d809f3a12b" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 18180
GET H2	200	l use.typekit.net/af/3e2979/00000000000000007735a6b9/30/	18 KB 18 KB	81ms 23ms	Font application/font-woff2	2600:141b:13::17d7:82c3 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/3e2979/00000000000000007735a6b9/30/l?subset_id=2&fvd=n7&v=3 Requested by Host: encrypted-invoice-ref0091.myportfolio.com URL: https://encrypted-invoice-ref0091.myportfolio.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:13::17d7:82c3 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 4a30778c6846d2ddfc7bda043c30d7ada2f0d92a829c18d6330c1657de8df13a Request headers Referer https://encrypted-invoice-ref0091.myportfolio.com/ Origin https://encrypted-invoice-ref0091.myportfolio.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Mon, 15 Aug 2022 17:27:30 GMT server nginx etag "ea96ad08e70914a05fea1864bb6820811797df07" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 18100
GET H2	200	nr-1216.min.js Show response js-agent.newrelic.com/	38 KB 14 KB	45ms 17ms	Script application/javascript	151.101.66.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js-agent.newrelic.com/nr-1216.min.js Requested by Host: encrypted-invoice-ref0091.myportfolio.com URL: https://encrypted-invoice-ref0091.myportfolio.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.66.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708 Request headers accept-language en-CA,en;q=0.9 Referer https://encrypted-invoice-ref0091.myportfolio.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers x-amz-version-id mHHzJIqOizHibcYt0xqAszRr0gQRiNYy content-encoding gzip etag "9f533d8cd24b2c5e3b4dc886ecbd43e8" x-amz-request-id 73HZJ3HD5R4XZEBY x-cache HIT cross-origin-resource-policy cross-origin content-length 14391 x-amz-id-2 ySNxGM9HyI6kd+2aYOZjdjL9fw4n674tyJrd3NFdrComnN/zebDnUT+jaIaJypqu71rJwvDkNWI= x-served-by cache-yul12823-YUL last-modified Thu, 14 Apr 2022 16:45:57 GMT server AmazonS3 x-timer S1660584451.516067,VS0,VE0 date Mon, 15 Aug 2022 17:27:30 GMT vary Accept-Encoding content-type application/javascript via 1.1 varnish cache-control public, max-age=7200, stale-if-error=604800 accept-ranges bytes x-cache-hits 1900
GET H2	200	p.gif p.typekit.net/	35 B 214 B	355ms 18ms	Image image/gif	2600:141b:13::17d7:82db AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://p.typekit.net/p.gif?s=2&k=359713_4908d3e1e0e090b70c9a92621e08351d125bda89&ht=tk&h=encrypted-invoice-ref0091.myportfolio.com&f=25646.25653.25644&a=359713&js=1.21.0&app=typekit&e=js&_=1660584450481 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:13::17d7:82db New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39 Request headers accept-language en-CA,en;q=0.9 Referer https://encrypted-invoice-ref0091.myportfolio.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Mon, 15 Aug 2022 17:27:30 GMT last-modified Sat, 09 Oct 2021 06:42:30 GMT server nginx etag "616139d6-23" content-type image/gif access-control-allow-origin * cache-control public, max-age=604800 cross-origin-resource-policy cross-origin accept-ranges bytes content-length 35
GET H/1.1	200 OK	e7fb1b89a0 Show response bam.nr-data.net/1/	49 B 720 B	132ms 68ms	Script text/javascript	162.247.241.14 NEWRELIC-AS-1
General Check archive.org Show headers Download Go to Full URL https://bam.nr-data.net/1/e7fb1b89a0?a=750147145&v=1216.487a282&to=ZwZaYkJVDERXUxULCV5Me0NDQA1aGWsmJzJtQxdtS0QDQ14KT0gbbQ%3D%3D&rst=742&ck=1&ref=https://encrypted-invoice-ref0091.myportfolio.com/&ap=34&be=382&fe=688&dc=523&perf=%7B%22timing%22:%7B%22of%22:1660584449791,%22n%22:0,%22f%22:0,%22dn%22:2,%22dne%22:105,%22c%22:105,%22s%22:115,%22ce%22:349,%22rq%22:349,%22rp%22:360,%22rpe%22:383,%22dl%22:364,%22di%22:523,%22ds%22:523,%22de%22:527,%22dc%22:688,%22l%22:688,%22le%22:688%7D,%22navigation%22:%7B%7D%7D&fp=671&fcp=671&at=S0FNFApPHxsUUUNYHU0e&jsonp=NREUM.setToken Requested by Host: js-agent.newrelic.com URL: https://js-agent.newrelic.com/nr-1216.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US), Reverse DNS Software cloudflare / Resource Hash dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82 Request headers accept-language en-CA,en;q=0.9 Referer https://encrypted-invoice-ref0091.myportfolio.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Mon, 15 Aug 2022 17:27:30 GMT Content-Encoding gzip CF-Cache-Status DYNAMIC Server cloudflare Expect-CT max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" Vary Accept-Encoding access-control-allow-methods GET, POST, PUT, HEAD, OPTIONS Content-Type text/javascript Access-Control-Allow-Origin * Transfer-Encoding chunked Cross-Origin-Resource-Policy cross-origin Connection keep-alive access-control-allow-credentials true CF-Ray 73b3a4304c8a3ff1-YYZ

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| NREUM object| newrelic function| __nr_require object| __config__ object| __languages__ object| regeneratorRuntime object| core object| __core-js_shared__ object| Typekit

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 3a7c7e7737e3725b

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
cdn.myportfolio.com
encrypted-invoice-ref0091.myportfolio.com
js-agent.newrelic.com
p.typekit.net
ribbon-pine-parade.glitch.me
use.typekit.net
151.101.2.133
151.101.64.119
151.101.66.137
162.247.241.14
2600:141b:13::17d7:82c3
2600:141b:13::17d7:82db
34.236.119.172
009a029a1fbe7ec1821f8884761847d0c4857770dc9aefe51c13ff36c9ac6fd2
046c7acaa75da9e549cd77715f96ff49ff89809de5b2d2eb1bf11a7aeba4c257
2dcaf1b6396e401ef2c5b8ddb8bf3970377fe71e55ad375d9ace7a68e81437d3
4a30778c6846d2ddfc7bda043c30d7ada2f0d92a829c18d6330c1657de8df13a
4b6291040603f588f593003ed35ce878ff862007a2a404e6aa839262d077d3f9
4c7fb148dd3fbb2dd3693817feaa71b30fcf07abae676c7d9ac4973744c4c7de
55d6627c5c80026cbd2e175876d11e91c09873cfc41ecba6f08c2ce41a327f22
562defaa1ec4833b5a8edd341f09174438136b5b2d5f9054a6cf9e27b54be5ac
6650c64dab8bfba200daab73d82c0a8a3e5e7021b2e7a008a21489cfd65e7779
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
8be216137dc0c3598e32bbfdf50019d76f7c51d3aa93de44c8fda653a4c911e5
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9f096217c974a5bb9cc2d1e705cd59de004eaf3efca52a9e0d5aed77aedecc1c
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629