urlscan.io logo urlscan.io
SecurityTrails logo

user.demo.doxo.com Open in urlscan Pro
18.210.89.26  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://user.demo.doxo.com/
Effective URL: https://user.demo.doxo.com/
Submission: On October 27 via manual from MM — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 2 countries across 10 domains to perform 27 HTTP transactions. The main IP is 18.210.89.26, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is user.demo.doxo.com.
TLS certificate: Issued by Amazon on April 26th 2022. Valid for: a year.
This is the only time user.demo.doxo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    18.210.89.26 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-89-26.compute-1.amazonaws.com
user.demo.doxo.com
1    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    18.155.152.187 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-152-187.ham50.r.cloudfront.net
d27xo4b5rwjgqp.cloudfront.net
1    2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4860:4802:38::15 (United States)

ASN15169 (GOOGLE, US)
ssc.doxo.com
3    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    13.32.121.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-24.fra60.r.cloudfront.net
cdn.heapanalytics.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    3.231.52.38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-231-52-38.compute-1.amazonaws.com
heapanalytics.com
5    2a00:1450:4001:800::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gtm-npwhfxw-ytmxz.uc.r.appspot.com
1    2600:9000:206f:8c00:a:bf95:3c0:21 (United States)

ASN16509 (AMAZON-02, US)
d24yzpb428jor3.cloudfront.net
Apex Domain
Subdomains		 Transfer
5 appspot.com
gtm-npwhfxw-ytmxz.uc.r.appspot.com — Cisco Umbrella Rank: 290610
107 KB
4 heapanalytics.com
cdn.heapanalytics.com — Cisco Umbrella Rank: 2880
heapanalytics.com — Cisco Umbrella Rank: 2527
46 KB
4 cloudfront.net
d27xo4b5rwjgqp.cloudfront.net
d24yzpb428jor3.cloudfront.net
30 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 368
12 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
21 KB
3 doxo.com
user.demo.doxo.com
ssc.doxo.com — Cisco Umbrella Rank: 340614
73 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 106
203 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 144
112 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 52
85 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 40
869 B
27 10
Domain Requested by
5 gtm-npwhfxw-ytmxz.uc.r.appspot.com www.google-analytics.com
ssc.doxo.com
gtm-npwhfxw-ytmxz.uc.r.appspot.com
3 heapanalytics.com user.demo.doxo.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
user.demo.doxo.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 d27xo4b5rwjgqp.cloudfront.net user.demo.doxo.com
2 www.facebook.com user.demo.doxo.com
2 connect.facebook.net user.demo.doxo.com
connect.facebook.net
2 user.demo.doxo.com 1 redirects
1 d24yzpb428jor3.cloudfront.net user.demo.doxo.com
1 cdn.heapanalytics.com user.demo.doxo.com
1 ssc.doxo.com user.demo.doxo.com
1 www.googletagmanager.com user.demo.doxo.com
1 fonts.googleapis.com user.demo.doxo.com
27 13

This site contains links to these domains. Also see Links.

Domain
www.demo.doxo.com
support.doxo.com
Subject Issuer Validity Valid
*.demo.doxo.com
Amazon		 2022-04-26 -
2023-05-25		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
ssc.doxo.com
GTS CA 1D4		 2022-09-06 -
2022-12-05		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-09-03 -
2023-03-03		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-08-05 -
2022-11-03		 3 months crt.sh
cdn.heapanalytics.com
Amazon		 2022-07-29 -
2023-08-27		 a year crt.sh
heapanalytics.com
Amazon		 2021-12-09 -
2023-01-06		 a year crt.sh
*.appspot.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://user.demo.doxo.com/
Frame ID: 02DD81187FDB68E005F4A3EA5141B8B6
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

log in to doxoâ„¢ | doxoOpen Chat

Page URL History Show full URLs

  1. http://user.demo.doxo.com/ HTTP 301
    https://user.demo.doxo.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • heap-\d+\.js

Page Statistics

27
Requests

100 %
HTTPS

69 %
IPv6

10
Domains

13
Subdomains

13
IPs

2
Countries

487 kB
Transfer

1403 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://user.demo.doxo.com/ HTTP 301
    https://user.demo.doxo.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
user.demo.doxo.com/
Redirect Chain
  • http://user.demo.doxo.com/
  • https://user.demo.doxo.com/
7 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://user.demo.doxo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.210.89.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-89-26.compute-1.amazonaws.com
Software
/
Resource Hash
e66aff6d2631db3fe5266d9dca1af2da241bc99a06e140df7fdf3ef0c762347c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.demo.doxo.com https://marketing.demo.doxo.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
content-security-policy
frame-ancestors 'self' https://www.demo.doxo.com https://marketing.demo.doxo.com;
content-type
text/html; charset=utf-8
date
Thu, 27 Oct 2022 13:51:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-request-id
53b43e61-3207-4831-83ef-c827572ac734
x-robots-tag
noindex
x-runtime
0.015921
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
134
Content-Type
text/html
Date
Thu, 27 Oct 2022 13:51:51 GMT
Location
https://user.demo.doxo.com:443/
Server
awselb/2.0
css
fonts.googleapis.com/ 		569 B
869 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Material+Icons
Requested by
Host: user.demo.doxo.com
URL: https://user.demo.doxo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.demo.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 27 Oct 2022 13:51:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 27 Oct 2022 13:51:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Oct 2022 13:51:51 GMT
public-fa8880e2ebe90ad7f26383993452061f1add4563d0d2f30f6bb8586c90dc3acf.css
d27xo4b5rwjgqp.cloudfront.net/assets/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d27xo4b5rwjgqp.cloudfront.net/assets/public-fa8880e2ebe90ad7f26383993452061f1add4563d0d2f30f6bb8586c90dc3acf.css
Requested by
Host: user.demo.doxo.com
URL: https://user.demo.doxo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.152.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-152-187.ham50.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.demo.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers
application_responsive-1ece609ed2c7c63be7286a0d31ba0b98fd11375eda59e5b36fc683d18a0a798e.js
d27xo4b5rwjgqp.cloudfront.net/assets/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://d27xo4b5rwjgqp.cloudfront.net/assets/application_responsive-1ece609ed2c7c63be7286a0d31ba0b98fd11375eda59e5b36fc683d18a0a798e.js
Requested by
Host: user.demo.doxo.com
URL: https://user.demo.doxo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.152.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-152-187.ham50.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.demo.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers
horizontal_rgb-75d0593175e1e619eb1520f182cf61e2b3bfe1760bff6eb1897d85401c6251a0.svg
d27xo4b5rwjgqp.cloudfront.net/assets/bonsai/logos/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d27xo4b5rwjgqp.cloudfront.net/assets/bonsai/logos/horizontal_rgb-75d0593175e1e619eb1520f182cf61e2b3bfe1760bff6eb1897d85401c6251a0.svg
Requested by
Host: user.demo.doxo.com
URL: https://user.demo.doxo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.152.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-152-187.ham50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.demo.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers
gtm.js
www.googletagmanager.com/ 		262 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MN22SCS&gtm_auth=hlkgcZc2P1xV3MN5vuC-UA&gtm_preview=env-55&gtm_cookies_win=x
Requested by
Host: user.demo.doxo.com
URL: https://user.demo.doxo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c3429fdc96bf1b6987ce4a259e13282bed4cc1e6c6ab34e94f76b96e9cf10236
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.demo.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 13:51:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87016
x-xss-protection
0
pragma
no-cache
server
Google Tag Manager
vary
*
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Jan 1990 00:00:00 GMT
gtm.js
ssc.doxo.com/ 		171 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssc.doxo.com/gtm.js?id=GTM-PPXDVKB&amp;gtm_auth=7iZxQsDW2Yq9TPKjEIQH4g&amp;gtm_preview=env-26&amp;gtm_cookies_win=x
Requested by
Host: user.demo.doxo.com
URL: https://user.demo.doxo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
19c3db2ca4a440d9158204ba720da0abdbd4fc45f1ed749b442fa8f42b3b18c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.demo.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 13:51:52 GMT
content-encoding
gzip
via
1.1 google
last-modified
Thu, 27 Oct 2022 12:00:00 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
private, max-age=450
expires
Thu, 27 Oct 2022 13:59:22 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN22SCS&gtm_auth=hlkgcZc2P1xV3MN5vuC-UA&gtm_preview=env-55&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.demo.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 27 Oct 2022 13:01:58 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
2994
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Thu, 27 Oct 2022 15:01:58 GMT
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN22SCS&gtm_auth=hlkgcZc2P1xV3MN5vuC-UA&gtm_preview=env-55&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.demo.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Thu, 27 Oct 2022 13:51:51 GMT
last-modified
Thu, 28 Jul 2022 17:32:37 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 28962A97BCEE4C0487A98DCF55A1DF46 Ref B: FRA31EDGE0110 Ref C: 2022-10-27T13:51:52Z
etag
"80a8697a8a2d81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
11367
fbevents.js
connect.facebook.net/en_US/ 		102 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: user.demo.doxo.com
URL: https://user.demo.doxo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
18a899ae93d683c1e44173b7ba70e1025532cfeef1417889ae22aa78a11ee3be
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.demo.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 27 Oct 2022 13:51:52 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27076
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
HKJrHcQyWT5Y693GxkFtPLizxvgqPi13uVKjoNAoPtNsN4VPQaU8wmey1sABISy6r0HbvNviRxrt3JhpLDSFvA==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
heap-1019850093.js
cdn.heapanalytics.com/js/ 		118 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.heapanalytics.com/js/heap-1019850093.js
Requested by
Host: user.demo.doxo.com
URL: https://user.demo.doxo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-24.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
67888544df94f93ff58d9dd16fd6c8501b0115ec352cf5614406019fae0fe170
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.demo.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 13:51:52 GMT
content-encoding
gzip
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
x-amz-cf-pop
FRA60-P1
etag
W/"1d702-SNCImRy8IKKwMwGklr+DsQ"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=120
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
tn51Tb0gNgWxnHUCCzlli6bVeoociduxUqTqZDPtxeNcWmZJAH4WHQ==
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.demo.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 13:12:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2381
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 27 Oct 2022 14:12:11 GMT
150715232192596
connect.facebook.net/signals/config/ 		293 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/150715232192596?v=2.9.88&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
08a389481042588441613aee4d7bfa74c53c130b461cab8e4fef10ed1e1cf958
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.demo.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 27 Oct 2022 13:51:52 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86318
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
qfHY2RHieaHUFrYPHUN6GV18Pw/aOkKzcXox/SRGjuwe1RjDdu4J4KZtPb4anFccJOHb+9wz4EDTOyM/D1xY8Q==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1477214819&t=pageview&_s=1&dl=https%3A%2F%2Fuser.demo.doxo.com%2F&ul=en-us&de=UTF-8&dt=log%20in%20to%20doxo%E2%84%A2%20%7C%20doxo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEAjAAAAACAAIC~&jid=146236025&gjid=960264765&cid=2104966577.1666878712&tid=UA-9243928-22&_gid=394132540.1666878712&_r=1&gtm=2wgaq0MN22SCS&cd13=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F107.0.5304.68%20Safari%2F537.36&z=298571132
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://user.demo.doxo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 13:51:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://user.demo.doxo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
5772357.js
bat.bing.com/p/action/ 		0
118 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5772357.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.demo.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 27 Oct 2022 13:51:51 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4A5F4FF3EABD47B6BFC0867B951C9AA2 Ref B: FRA31EDGE0110 Ref C: 2022-10-27T13:51:52Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5772357&tm=gtm002&Ver=2&mid=f201c69f-7a45-4bdf-9939-4a83bd6befce&sid=82ab0eb055fe11edaa157fea19ebd13b&vid=82ab21c055fe11ed838a459fb641d594&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=log%20in%20to%20doxo%E2%84%A2%20%7C%20doxo&p=https%3A%2F%2Fuser.demo.doxo.com%2F&r=&lt=674&evt=pageLoad&sv=1&rn=603321
Requested by
Host: user.demo.doxo.com
URL: https://user.demo.doxo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.demo.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 27 Oct 2022 13:51:51 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5DF3ABEC38754A35B99EBBAE9A662437 Ref B: FRA31EDGE0110 Ref C: 2022-10-27T13:51:52Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=150715232192596&ev=PageView&dl=https%3A%2F%2Fuser.demo.doxo.com%2F&rl=&if=false&ts=1666878712079&sw=1600&sh=1200&v=2.9.88&r=stable&ec=0&o=30&fbp=fb.1.1666878712078.233456480&it=1666878712043&coo=false&rqm=GET
Requested by
Host: user.demo.doxo.com
URL: https://user.demo.doxo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.demo.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 27 Oct 2022 13:51:52 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
telemetry
heapanalytics.com/api/ 		37 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/api/telemetry?a=1019850093&te=type&te=data&te=cm&te=eventPropertiesTelemetry%20-%20added%20new%20properties&te=val&te=1&st=1666878712185&hv=4.18.4
Requested by
Host: user.demo.doxo.com
URL: https://user.demo.doxo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.231.52.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-52-38.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.demo.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 13:51:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
etag
W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
h
heapanalytics.com/ 		37 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/h?a=1019850093&u=61579361709479&v=540855516309927&s=4138631274306909&b=web&tv=4.0&z=0&h=%2F&d=user.demo.doxo.com&t=log%20in%20to%20doxo%E2%84%A2%20%7C%20doxo&k=user_agent&k=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F107.0.5304.68%20Safari%2F537.36&k=onload_is_doxoplus_subscriber&k=true&ts=1666878712193&st=1666878712196
Requested by
Host: user.demo.doxo.com
URL: https://user.demo.doxo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.231.52.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-52-38.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.demo.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 13:51:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
etag
W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
collect
gtm-npwhfxw-ytmxz.uc.r.appspot.com/j/ 		35 B
473 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gtm-npwhfxw-ytmxz.uc.r.appspot.com/j/collect?v=1&_v=j98&a=1477214819&t=pageview&_s=1&dl=https%3A%2F%2Fuser.demo.doxo.com%2F&ul=en-us&de=UTF-8&dt=log%20in%20to%20doxo%E2%84%A2%20%7C%20doxo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEAjAAAAACAAIK~&jid=531932684&gjid=899234473&cid=2104966577.1666878712&tid=UA-9243928-21&_gid=394132540.1666878712&_fplc=0&_r=1&gtm=2ygaq0PPXDVKB&cd13=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F107.0.5304.68%20Safari%2F537.36&z=719628144
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://user.demo.doxo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 13:51:52 GMT
via
1.1 google
content-type
image/gif
access-control-allow-origin
https://user.demo.doxo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 01 Jan 1970 00:00:00 GMT
analytics.js
gtm-npwhfxw-ytmxz.uc.r.appspot.com/ 		49 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gtm-npwhfxw-ytmxz.uc.r.appspot.com/analytics.js
Requested by
Host: ssc.doxo.com
URL: https://ssc.doxo.com/gtm.js?id=GTM-PPXDVKB&amp;gtm_auth=7iZxQsDW2Yq9TPKjEIQH4g&amp;gtm_preview=env-26&amp;gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.demo.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 13:21:50 GMT
content-encoding
gzip
via
1.1 google
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
age
1802
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22467
expires
Thu, 27 Oct 2022 13:57:43 GMT
js
gtm-npwhfxw-ytmxz.uc.r.appspot.com/gtag/ 		211 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gtm-npwhfxw-ytmxz.uc.r.appspot.com/gtag/js?id=G-ZZSLRJ4F63&l=dataLayer&cx=c&sign=68066693e95c6a52b153608b7d45a4a40f4c9e824dd3dde3762395496703931b_20221027
Requested by
Host: ssc.doxo.com
URL: https://ssc.doxo.com/gtm.js?id=GTM-PPXDVKB&amp;gtm_auth=7iZxQsDW2Yq9TPKjEIQH4g&amp;gtm_preview=env-26&amp;gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
a4d8d99f391aa61c9ec5811e447b17b52ef9326f3d66d1c618eb23539a8f62a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.demo.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 13:51:52 GMT
content-encoding
gzip
via
1.1 google
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
private, max-age=450
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 27 Oct 2022 13:54:46 GMT
telemetry
heapanalytics.com/api/ 		37 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/api/telemetry?a=1019850093&te=type&te=data&te=cm&te=addUserProperties%20-%20no%20valid%20props&st=1666878712196&hv=4.18.4
Requested by
Host: user.demo.doxo.com
URL: https://user.demo.doxo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.231.52.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-52-38.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.demo.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Oct 2022 13:51:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
etag
W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
collect
gtm-npwhfxw-ytmxz.uc.r.appspot.com/g/ 		65 B
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gtm-npwhfxw-ytmxz.uc.r.appspot.com/g/collect?v=2&tid=G-ZZSLRJ4F63&gtm=2reaq0&_p=1477214819&cid=2104966577.1666878712&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1666878712&sct=1&seg=0&dl=https%3A%2F%2Fuser.demo.doxo.com%2F&dt=log%20in%20to%20doxo%E2%84%A2%20%7C%20doxo&en=page_view&_fv=1&_ss=1&richsstsse
Requested by
Host: gtm-npwhfxw-ytmxz.uc.r.appspot.com
URL: https://gtm-npwhfxw-ytmxz.uc.r.appspot.com/gtag/js?id=G-ZZSLRJ4F63&l=dataLayer&cx=c&sign=68066693e95c6a52b153608b7d45a4a40f4c9e824dd3dde3762395496703931b_20221027
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.demo.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 13:51:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 google
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://user.demo.doxo.com
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
amazon-connect-chat-interface-client.js
d24yzpb428jor3.cloudfront.net/ 		100 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d24yzpb428jor3.cloudfront.net/amazon-connect-chat-interface-client.js
Requested by
Host: user.demo.doxo.com
URL: https://user.demo.doxo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:8c00:a:bf95:3c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9ebadcc5d7b4d8e1d7329e17d63c8d4c235db99b32ec3d71cbedf84819b6fc0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.demo.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 06:27:02 GMT
content-encoding
br
via
1.1 910fc18161f0602555cc5b6397ca26f2.cloudfront.net (CloudFront)
last-modified
Tue, 20 Sep 2022 05:25:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
26692
etag
W/"41c224acfb2ab0f110411c032ff7bac2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
slk5RwuHwgmlsNo7WkP4nITX33sxzeuYH5i1LLBEDv_WW-P8RfI9_Q==
collect
gtm-npwhfxw-ytmxz.uc.r.appspot.com/g/ 		65 B
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gtm-npwhfxw-ytmxz.uc.r.appspot.com/g/collect?v=2&tid=G-ZZSLRJ4F63&gtm=2reaq0&_p=1477214819&cid=2104966577.1666878712&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1666878712&sct=1&seg=0&dl=https%3A%2F%2Fuser.demo.doxo.com%2F&dt=log%20in%20to%20doxo%E2%84%A2%20%7C%20doxo&en=scroll&epn.percent_scrolled=90&_et=6&richsstsse
Requested by
Host: gtm-npwhfxw-ytmxz.uc.r.appspot.com
URL: https://gtm-npwhfxw-ytmxz.uc.r.appspot.com/gtag/js?id=G-ZZSLRJ4F63&l=dataLayer&cx=c&sign=68066693e95c6a52b153608b7d45a4a40f4c9e824dd3dde3762395496703931b_20221027
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.demo.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 13:51:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 google
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://user.demo.doxo.com
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=150715232192596&ev=Microdata&dl=https%3A%2F%2Fuser.demo.doxo.com%2F&rl=&if=false&ts=1666878713582&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22log%20in%20to%20doxo%E2%84%A2%20%7C%20doxo%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.88&r=stable&ec=1&o=30&fbp=fb.1.1666878712078.233456480&it=1666878712043&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.demo.doxo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 27 Oct 2022 13:51:53 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| heap object| gaplugins object| gaGlobal object| gaData function| UET function| UET_init function| UET_push object| ueto_47723f0b11 object| uetq function| onYouTubeIframeAPIReady object| s function| amazon_connect number| 2f1acc6c3a606b082e5eef5e54414ffb

14 Cookies

Domain/Path Name / Value
user.demo.doxo.com/ Name: _aspen_session_id
Value: 7e1637f1ec866e4b84261f6d66da0157
.doxo.com/ Name: _gcl_au
Value: 1.1.686553209.1666878712
.doxo.com/ Name: _gid
Value: GA1.2.394132540.1666878712
.doxo.com/ Name: _gat_UA-9243928-22
Value: 1
.bing.com/ Name: MUID
Value: 062D7A76834C69C332A0683C82E0682A
.doxo.com/ Name: _uetsid
Value: 82ab0eb055fe11edaa157fea19ebd13b
.doxo.com/ Name: _uetvid
Value: 82ab21c055fe11ed838a459fb641d594
.doxo.com/ Name: _fbp
Value: fb.1.1666878712078.233456480
.doxo.com/ Name: _hp2_props.1019850093
Value: %7B%22user_agent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F107.0.5304.68%20Safari%2F537.36%22%7D
.doxo.com/ Name: _hp2_id.1019850093
Value: %7B%22userId%22%3A%2261579361709479%22%2C%22pageviewId%22%3A%22540855516309927%22%2C%22sessionId%22%3A%224138631274306909%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.doxo.com/ Name: _hp2_ses_props.1019850093
Value: %7B%22ts%22%3A1666878712193%2C%22d%22%3A%22user.demo.doxo.com%22%2C%22h%22%3A%22%2F%22%7D
.doxo.com/ Name: _gat_stg
Value: 1
.doxo.com/ Name: _ga_ZZSLRJ4F63
Value: GS1.1.1666878712.1.0.1666878712.0.0.0
.doxo.com/ Name: _ga
Value: GA1.1.2104966577.1666878712

3 Console Messages

Source Level URL
Text
network error URL: https://d27xo4b5rwjgqp.cloudfront.net/assets/application_responsive-1ece609ed2c7c63be7286a0d31ba0b98fd11375eda59e5b36fc683d18a0a798e.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://d27xo4b5rwjgqp.cloudfront.net/assets/public-fa8880e2ebe90ad7f26383993452061f1add4563d0d2f30f6bb8586c90dc3acf.css
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://d27xo4b5rwjgqp.cloudfront.net/assets/bonsai/logos/horizontal_rgb-75d0593175e1e619eb1520f182cf61e2b3bfe1760bff6eb1897d85401c6251a0.svg
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://www.demo.doxo.com https://marketing.demo.doxo.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bat.bing.com
cdn.heapanalytics.com
connect.facebook.net
d24yzpb428jor3.cloudfront.net
d27xo4b5rwjgqp.cloudfront.net
fonts.googleapis.com
gtm-npwhfxw-ytmxz.uc.r.appspot.com
heapanalytics.com
ssc.doxo.com
user.demo.doxo.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
13.32.121.24
18.155.152.187
18.210.89.26
2001:4860:4802:38::15
2600:9000:206f:8c00:a:bf95:3c0:21
2620:1ec:c11::200
2a00:1450:4001:800::2014
2a00:1450:4001:803::2008
2a00:1450:4001:803::200a
2a00:1450:4001:80f::200e
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.231.52.38
08a389481042588441613aee4d7bfa74c53c130b461cab8e4fef10ed1e1cf958
18a899ae93d683c1e44173b7ba70e1025532cfeef1417889ae22aa78a11ee3be
19c3db2ca4a440d9158204ba720da0abdbd4fc45f1ed749b442fa8f42b3b18c5
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
67888544df94f93ff58d9dd16fd6c8501b0115ec352cf5614406019fae0fe170
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9ebadcc5d7b4d8e1d7329e17d63c8d4c235db99b32ec3d71cbedf84819b6fc0e
a4d8d99f391aa61c9ec5811e447b17b52ef9326f3d66d1c618eb23539a8f62a9
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c3429fdc96bf1b6987ce4a259e13282bed4cc1e6c6ab34e94f76b96e9cf10236
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
e66aff6d2631db3fe5266d9dca1af2da241bc99a06e140df7fdf3ef0c762347c