nexiondemo1.gttwl2.com Open in urlscan Pro
167.99.177.129 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://nexiondemo1.gttwl2.com/
Submission: On March 31 via automatic, source certstream-suspicious (March 31st 2020, 11:07:07 pm UTC)

Summary HTTP 31 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 9 IPs in 5 countries across 9 domains to perform 31 HTTP transactions. The main IP is 167.99.177.129, located in Toronto, Canada and belongs to DIGITALOCEAN-ASN, US. The main domain is nexiondemo1.gttwl2.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 31st 2020. Valid for: 3 months.

This is the only time nexiondemo1.gttwl2.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	167.99.177.129 167.99.177.129	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	2001:4de0:ac1... 2001:4de0:ac19::1:b:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
6	2a00:1450:400... 2a00:1450:4001:81a::200a	15169 (GOOGLE) (GOOGLE)
3 4	51.81.251.174 51.81.251.174	16276 (OVH) (OVH)
3	2a04:4e42:3::720 2a04:4e42:3::720	54113 (FASTLY) (FASTLY)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
31	9

7 167.99.177.129 (Toronto, Canada)

ASN14061 (DIGITALOCEAN-ASN, US)

nexiondemo1.gttwl2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.81.251.174 (United States) 3 redirects

ASN16276 (OVH, FR)
PTR: proxy2.gttwl.net

media.gttwl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api2.gttwl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:3::720 (Ascension Island)

ASN54113 (FASTLY, US)

tat.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.19.160 (United States)

ASN15133 (EDGECAST, US)

ajax.aspnetcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	gttwl2.com nexiondemo1.gttwl2.com	13 KB
6	googleapis.com maps.googleapis.com fonts.googleapis.com Failed ajax.googleapis.com Failed	194 KB
5	bootstrapcdn.com netdna.bootstrapcdn.com	77 KB
3	imgix.net tat.imgix.net	213 KB
3	gttwl.com 3 redirects media.gttwl.com	714 B
2	gstatic.com maps.gstatic.com	5 KB
1	aspnetcdn.com ajax.aspnetcdn.com	41 KB
1	gttwl.net api2.gttwl.net	201 B
0	leafletjs.com Failed cdn.leafletjs.com Failed
31	9

	Domain	Requested by
7	nexiondemo1.gttwl2.com	nexiondemo1.gttwl2.com ajax.aspnetcdn.com
6	maps.googleapis.com	nexiondemo1.gttwl2.com maps.googleapis.com
5	netdna.bootstrapcdn.com	nexiondemo1.gttwl2.com
3	tat.imgix.net	nexiondemo1.gttwl2.com
3	media.gttwl.com	3 redirects
2	maps.gstatic.com	nexiondemo1.gttwl2.com
1	ajax.aspnetcdn.com	nexiondemo1.gttwl2.com
1	api2.gttwl.net	nexiondemo1.gttwl2.com
0	ajax.googleapis.com Failed	nexiondemo1.gttwl2.com
0	cdn.leafletjs.com Failed	nexiondemo1.gttwl2.com
0	fonts.googleapis.com Failed	nexiondemo1.gttwl2.com
31	11

This site contains links to these domains. Also see Links.

Domain
www.shoretrips.com

Subject Issuer	Validity	Valid
nexiondemo1.gttwl2.com Let's Encrypt Authority X3	`2020-03-31` - `2020-06-29`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
imgix.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-08-20` - `2020-08-20`	a year	crt.sh
api2.gttwl.net Let's Encrypt Authority X3	`2020-03-23` - `2020-06-21`	3 months	crt.sh
*.vo.msecnd.net Microsoft IT TLS CA 2	`2020-03-18` - `2022-03-18`	2 years	crt.sh
*.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://nexiondemo1.gttwl2.com/
Frame ID: 4168A29921851D830339E99E89AFB8DF
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

script /\/\/maps\.googleapis\.com\/maps\/api\/js/i

Leaflet (Maps) Expand

Overall confidence: 100%
Detected patterns

script /leaflet.*\.js/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Phusion Passenger (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /Phusion Passenger ([\d.]+)/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

31
Requests

81 %
HTTPS

63 %
IPv6

9
Domains

11
Subdomains

9
IPs

5
Countries

543 kB
Transfer

1175 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.shoretrips.com/agents/linkhome.asp?linkid=ST883960
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

http://media.gttwl.com/attachments/nexiondemo1.gttwl2.com/ltmq6z/1371753923_original.jpg HTTP 301
https://tat.imgix.net/attachments/nexiondemo1.gttwl2.com/ltmq6z/1371753923_original.jpg

Request Chain 7

http://media.gttwl.com/attachments/nexiondemo1.gttwl2.com/ltmq6z/1371753947_original.jpg HTTP 301
https://tat.imgix.net/attachments/nexiondemo1.gttwl2.com/ltmq6z/1371753947_original.jpg

Request Chain 18

http://media.gttwl.com/attachments/global/1371739499_original.jpg HTTP 301
https://tat.imgix.net/attachments/global/1371739499_original.jpg

31 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
nexiondemo1.gttwl2.com/ 9 KB
4 KB 412ms
157ms Document
text/html 167.99.177.129
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://nexiondemo1.gttwl2.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

167.99.177.129 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Caddy nginx/1.12.2 + Phusion Passenger 5.2.1 / Phusion Passenger 5.2.1

Resource Hash

014d2a999df318cbfee8327856348f163db8eed96b559cf531ce3e1fa6b079d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: nexiondemo1.gttwl2.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200 200 OK
cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 31 Mar 2020 23:06:49 GMT
etag: W/"12d2c7a6dd4456c6b640e5fa531e10af"
server: Caddy nginx/1.12.2 + Phusion Passenger 5.2.1
set-cookie: cart=b7d3a7c0-6e90-4090-b32c-748aec448db2; path=/; expires=Sat, 31 Mar 2040 23:06:49 -0000 _gttwl2_session=YzFLVHl5SXFvVTl5MmNIWFc3Zlk1MEVTVUxReXJxa25YR1VjV25OeTZ6K1Z0ZnZKRCt1ZUY0NTltQnZCWDVhUDBKc0haY3VNVXhNWWxsSVJNWEFtblhLREN5Qmt1UU02UjVRZVRLRGY3bDB5NnZOeGVkOHRnM3J4RldPWDBFRzcvS1dXa3hZRklmdHg1Q0UzbHRzSnluWUFlVE5IcFA0WDNjMG5FcFM5MmV6Z2tha01UWFlRSW45K1FvakNnUlFzLS1mSC9XZjhEZW9XTWNnSG80UFhxdnJnPT0%3D--2c6d360e35d2f4ffbf22bb4c6b17cf80aa1788be; path=/; expires=Wed, 01 Apr 2020 23:06:49 -0000; HttpOnly
x-content-type-options: nosniff
x-powered-by: Phusion Passenger 5.2.1
x-request-id: d1a13c71-01ed-4cea-985d-b6da6c8d8820
x-runtime: 0.020681
x-ua-compatible: chrome=1
x-xss-protection: 1; mode=block
content-length: 3257

GET
H2 200 bootstrap-combined.no-icons.min.css
netdna.bootstrapcdn.com/twitter-bootstrap/2.3.2/css/ 116 KB
19 KB 10ms
9ms Stylesheet
text/css 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.2/css/bootstrap-combined.no-icons.min.css
Requested by: Host: nexiondemo1.gttwl2.com
URL: https://nexiondemo1.gttwl2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 75a721f6f467fcda98080593f318b78ff31558e822d283d473cabd3ad0d49b24

Request headers

Referer: https://nexiondemo1.gttwl2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Tue, 31 Mar 2020 23:06:49 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:35:23 GMT
access-control-allow-origin: *
etag: "1544639723"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
status: 200
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 19318

GET
H2 200 font-awesome.min.css
netdna.bootstrapcdn.com/font-awesome/3.2.0/css/ 21 KB
4 KB 9ms
8ms Stylesheet
text/css 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://netdna.bootstrapcdn.com/font-awesome/3.2.0/css/font-awesome.min.css
Requested by: Host: nexiondemo1.gttwl2.com
URL: https://nexiondemo1.gttwl2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: bbb102718687334c9562f1048617e79c04e1a0f281aafafa919b597e4cdb0178

Request headers

Referer: https://nexiondemo1.gttwl2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Tue, 31 Mar 2020 23:06:49 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:35:19 GMT
access-control-allow-origin: *
etag: "1544639719"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
status: 200
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 4366

GET
H2 200 font-awesome-ie7.min.css
netdna.bootstrapcdn.com/font-awesome/3.2.0/css/ 37 KB
3 KB 10ms
8ms Stylesheet
text/css 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://netdna.bootstrapcdn.com/font-awesome/3.2.0/css/font-awesome-ie7.min.css
Requested by: Host: nexiondemo1.gttwl2.com
URL: https://nexiondemo1.gttwl2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 66f98612057077e629c85fd25a0f1ee73959314e1df85c8eb1fecdb347dff667

Request headers

Referer: https://nexiondemo1.gttwl2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Tue, 31 Mar 2020 23:06:49 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:35:19 GMT
access-control-allow-origin: *
etag: "1544639719"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
status: 200
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 3313

GET
H2 200 temp.css
nexiondemo1.gttwl2.com/ 17 KB
5 KB 259ms
258ms Stylesheet
text/css 167.99.177.129
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://nexiondemo1.gttwl2.com/temp.css

Requested by

Host: nexiondemo1.gttwl2.com
URL: https://nexiondemo1.gttwl2.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

167.99.177.129 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Caddy, nginx/1.12.2 + Phusion Passenger 5.2.1 / Phusion Passenger 5.2.1

Resource Hash

bbd2bcffccd8718cec27b9465df0831049c667ec73a176cae7f923eba8c3e3cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nexiondemo1.gttwl2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

x-runtime: 0.130894
date: Tue, 31 Mar 2020 23:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Caddy, nginx/1.12.2 + Phusion Passenger 5.2.1
x-powered-by: Phusion Passenger 5.2.1
content-type: text/css; charset=utf-8
status: 200, 200 OK
x-xss-protection: 1; mode=block
cache-control: max-age=0, private, must-revalidate
etag: W/"eb2f088e37408e0b978ab4d8a54ba66f"
x-request-id: 814c3fba-2c23-41dd-a64d-f4732712bf03
x-ua-compatible: chrome=1

GET
H2 200 temp-responsive.css
nexiondemo1.gttwl2.com/ 717 B
740 B 281ms
280ms Stylesheet
text/css 167.99.177.129
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://nexiondemo1.gttwl2.com/temp-responsive.css

Requested by

Host: nexiondemo1.gttwl2.com
URL: https://nexiondemo1.gttwl2.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

167.99.177.129 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Caddy, nginx/1.12.2 + Phusion Passenger 5.2.1 / Phusion Passenger 5.2.1

Resource Hash

57d183940e0d55636660d662b381bc4711459521bf28d7bb1ae7017d71ce8996

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nexiondemo1.gttwl2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

x-runtime: 0.152023
date: Tue, 31 Mar 2020 23:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Caddy, nginx/1.12.2 + Phusion Passenger 5.2.1
x-powered-by: Phusion Passenger 5.2.1
content-type: text/css; charset=utf-8
status: 200, 200 OK
x-xss-protection: 1; mode=block
cache-control: max-age=0, private, must-revalidate
content-length: 311
etag: W/"fe04c7ada9a62e4a0953570dfc87b8ea"
x-request-id: a9d8b2d3-7d8d-4527-a3a2-06879c713f72
x-ua-compatible: chrome=1

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 122 KB
40 KB 54ms
35ms Script
text/javascript 2a00:1450:4001:81a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyA0ANfu3tY7dgdY_OKC-i7LifyTk2l2v4I&libraries=places&sensor=true

Requested by

Host: nexiondemo1.gttwl2.com
URL: https://nexiondemo1.gttwl2.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

1c9be4a33765e371f8c76a8bbc4d8ed5224f7304f1f4fe44b42e6b174633fd7c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://nexiondemo1.gttwl2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 31 Mar 2020 23:06:49 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
vary: Accept-Language
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=1800
server-timing: gfet4t7; dur=21
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 40292
x-xss-protection: 0
expires: Tue, 31 Mar 2020 23:36:49 GMT

GET
H2

200

1371753923_original.jpg
tat.imgix.net/attachments/nexiondemo1.gttwl2.com/ltmq6z/
Redirect Chain

http://media.gttwl.com/attachments/nexiondemo1.gttwl2.com/ltmq6z/1371753923_original.jpg
https://tat.imgix.net/attachments/nexiondemo1.gttwl2.com/ltmq6z/1371753923_original.jpg

10 KB
10 KB

187ms
155ms

Image
image/jpeg

2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tat.imgix.net/attachments/nexiondemo1.gttwl2.com/ltmq6z/1371753923_original.jpg

Requested by

Host: nexiondemo1.gttwl2.com
URL: https://nexiondemo1.gttwl2.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

b1e094bd7159f9dc9ee43a6a74782783c5b9d6450d01639a9fb3c78969996e56

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 31 Mar 2020 23:06:49 GMT
x-content-type-options: nosniff
last-modified: Tue, 31 Mar 2020 23:04:36 GMT
server: imgix
age: 133
x-cache: HIT, MISS
content-type: image/jpeg
status: 200
cache-control: public, max-age=31536000
x-imgix-id: 768f618af83558ffdcaa0789ced6cfb719458514
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10232
x-served-by: cache-lax8650-LAX, cache-fra19176-FRA

Redirect headers

Location: https://tat.imgix.net/attachments/nexiondemo1.gttwl2.com/ltmq6z/1371753923_original.jpg
Date: Tue, 31 Mar 2020 23:06:49 GMT
Server: Caddy
Content-Length: 122
Content-Type: text/html; charset=utf-8

GET
H2

200

1371753947_original.jpg
tat.imgix.net/attachments/nexiondemo1.gttwl2.com/ltmq6z/
Redirect Chain

http://media.gttwl.com/attachments/nexiondemo1.gttwl2.com/ltmq6z/1371753947_original.jpg
https://tat.imgix.net/attachments/nexiondemo1.gttwl2.com/ltmq6z/1371753947_original.jpg

8 KB
9 KB

191ms
157ms

Image
image/png

2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tat.imgix.net/attachments/nexiondemo1.gttwl2.com/ltmq6z/1371753947_original.jpg

Requested by

Host: nexiondemo1.gttwl2.com
URL: https://nexiondemo1.gttwl2.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

0ee42c759c563a9c38e8246e9f1efa251cc52a9f033363350e5096598ad3e74e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 31 Mar 2020 23:06:49 GMT
x-content-type-options: nosniff
last-modified: Tue, 31 Mar 2020 23:04:36 GMT
server: imgix
age: 133
x-cache: HIT, MISS
content-type: image/png
status: 200
cache-control: public, max-age=31536000
x-imgix-id: 6baca853a8f1cbfb3aaabdaca587ce45d5976ded
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8652
x-served-by: cache-lax8621-LAX, cache-fra19176-FRA

Redirect headers

Location: https://tat.imgix.net/attachments/nexiondemo1.gttwl2.com/ltmq6z/1371753947_original.jpg
Date: Tue, 31 Mar 2020 23:06:49 GMT
Server: Caddy
Content-Length: 122
Content-Type: text/html; charset=utf-8

GET
H2 200 bootstrap.min.js Show response
netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/js/ 28 KB
8 KB 9ms
8ms Script
text/javascript 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.1/js/bootstrap.min.js
Requested by: Host: nexiondemo1.gttwl2.com
URL: https://nexiondemo1.gttwl2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 61ce3854c13015d809b16c1325e707259e05d74eb7a4b958d2e96cf892d7557d

Request headers

Referer: https://nexiondemo1.gttwl2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 31 Mar 2020 23:06:49 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:33:55 GMT
access-control-allow-origin: *
etag: "1544639635"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
status: 200
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 7612

GET
H2 200 custom.js Show response
nexiondemo1.gttwl2.com/js/ 149 B
604 B 146ms
145ms Script
application/javascript 167.99.177.129
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://nexiondemo1.gttwl2.com/js/custom.js

Requested by

Host: nexiondemo1.gttwl2.com
URL: https://nexiondemo1.gttwl2.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

167.99.177.129 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Caddy, nginx/1.12.2 + Phusion Passenger 5.2.1 / Phusion Passenger 5.2.1

Resource Hash

3d48d04fd03d6446110844708862e7168b31728944f7faad69f28e2ec2a0c2f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nexiondemo1.gttwl2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-runtime: 0.017732
date: Tue, 31 Mar 2020 23:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Caddy, nginx/1.12.2 + Phusion Passenger 5.2.1
x-powered-by: Phusion Passenger 5.2.1
content-type: application/javascript; charset=utf-8
status: 200, 200 OK
x-xss-protection: 1; mode=block
cache-control: max-age=0, private, must-revalidate
content-length: 146
etag: W/"553410b3118d3210188e2699c2ee170b"
x-request-id: 719c9fe8-c3ca-40ba-940e-0c1dc9b40134
x-ua-compatible: chrome=1

GET
H2 200 gttwl2.js Show response
nexiondemo1.gttwl2.com/javascripts/ 4 KB
1 KB 125ms
124ms Script
application/x-javascript 167.99.177.129
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://nexiondemo1.gttwl2.com/javascripts/gttwl2.js
Requested by: Host: nexiondemo1.gttwl2.com
URL: https://nexiondemo1.gttwl2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.177.129 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Caddy, nginx/1.12.2 /
Resource Hash: 901f5c66d74ebf9e3900248ceea21aaf160d8cc86143e4646fa07839a170ac83

Request headers

Referer: https://nexiondemo1.gttwl2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 31 Mar 2020 23:06:49 GMT
content-encoding: gzip
last-modified: Tue, 17 Mar 2020 20:53:36 GMT
server: Caddy, nginx/1.12.2
etag: W/"5e7138d0-ece"
content-type: application/x-javascript
status: 200
content-length: 1270

GET css
fonts.googleapis.com/ 0
0

GET leaflet.css
cdn.leafletjs.com/leaflet-0.5/ 0
0

GET leaflet.js
cdn.leafletjs.com/leaflet-0.5/ 0
0

GET css
fonts.googleapis.com/ 0
0

GET
H2 200 hits Show response
nexiondemo1.gttwl2.com/ 4 B
673 B 530ms
530ms Script
text/javascript 167.99.177.129
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://nexiondemo1.gttwl2.com/hits?js=1&u=e824b4e6-5531-4df3-ad0d-3e45ba1bdc3f&r=&q=https%3A%2F%2Fnexiondemo1.gttwl2.com%2F

Requested by

Host: nexiondemo1.gttwl2.com
URL: https://nexiondemo1.gttwl2.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

167.99.177.129 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Caddy, nginx/1.12.2 + Phusion Passenger 5.2.1 / Phusion Passenger 5.2.1

Resource Hash

a8883bc180474bec5859cbb00c092eb96d48d2ee0d99416c6c3790d04bd7cb0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nexiondemo1.gttwl2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-runtime: 0.398821
date: Tue, 31 Mar 2020 23:06:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Caddy, nginx/1.12.2 + Phusion Passenger 5.2.1
x-powered-by: Phusion Passenger 5.2.1
content-type: text/javascript; charset=utf-8
status: 200, 200 OK
x-xss-protection: 1; mode=block
cache-control: max-age=0, private, must-revalidate
content-length: 30
etag: W/"fe46eec7bb2dbf27375ebcbf208b19c8"
x-request-id: 6fc7c2c3-41de-40e4-902a-d3c35e67759f
x-ua-compatible: chrome=1

GET
H2 200 249 Show response
api2.gttwl.net/tm/h/ 0
201 B 1241ms
868ms Script
text/plain 51.81.251.174
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.gttwl.net/tm/h/249?js=1&t=e824b4e6-5531-4df3-ad0d-3e45ba1bdc3f&req=https%3A%2F%2Fnexiondemo1.gttwl2.com%2F&ref=&kind=&kind_id=
Requested by: Host: nexiondemo1.gttwl2.com
URL: https://nexiondemo1.gttwl2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.81.251.174 , United States, ASN16276 (OVH, FR),
Reverse DNS: proxy2.gttwl.net
Software: Caddy, Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nexiondemo1.gttwl2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

status: 200
date: Tue, 31 Mar 2020 23:06:50 GMT
cache-control: max-age=0, private, must-revalidate
server: Caddy, Cowboy
content-length: 0
x-request-id: FgGGHq9Jm60UDK8AA58B

GET
H2

200

1371739499_original.jpg
tat.imgix.net/attachments/global/
Redirect Chain

http://media.gttwl.com/attachments/global/1371739499_original.jpg
https://tat.imgix.net/attachments/global/1371739499_original.jpg

194 KB
194 KB

172ms
172ms

Image
image/jpeg

2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tat.imgix.net/attachments/global/1371739499_original.jpg

Requested by

Host: nexiondemo1.gttwl2.com
URL: https://nexiondemo1.gttwl2.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

c2ecdd840d2aa3a3304d021b920ecd92ce8f0810bb42d38fc91aefa7210960de

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 31 Mar 2020 23:06:50 GMT
x-content-type-options: nosniff
last-modified: Tue, 31 Mar 2020 23:04:36 GMT
server: imgix
age: 133
x-cache: HIT, MISS
content-type: image/jpeg
status: 200
cache-control: public, max-age=31536000
x-imgix-id: 0f1800561da9e39d79b6a56d9d2a8e35bee414e5
accept-ranges: bytes
access-control-allow-origin: *
content-length: 198763
x-served-by: cache-lax8635-LAX, cache-fra19176-FRA

Redirect headers

Location: https://tat.imgix.net/attachments/global/1371739499_original.jpg
Date: Tue, 31 Mar 2020 23:06:49 GMT
Server: Caddy
Content-Length: 99
Content-Type: text/html; charset=utf-8

GET
H2 200 fontawesome-webfont.woff
netdna.bootstrapcdn.com/font-awesome/3.2.0/font/ 43 KB
43 KB 7ms
7ms Font
font/woff 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://netdna.bootstrapcdn.com/font-awesome/3.2.0/font/fontawesome-webfont.woff?v=3.2.0
Requested by: Host: nexiondemo1.gttwl2.com
URL: https://nexiondemo1.gttwl2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f

Request headers

Referer: https://netdna.bootstrapcdn.com/font-awesome/3.2.0/css/font-awesome.min.css
Origin: https://nexiondemo1.gttwl2.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 31 Mar 2020 23:06:49 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:35:43 GMT
access-control-allow-origin: *
etag: "1544639743"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff
status: 200
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 43577

GET jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ 0
0

GET
H2 200 jquery-1.10.1.min.js Show response
ajax.aspnetcdn.com/ajax/jQuery/ 91 KB
41 KB 31ms
7ms Script
application/javascript 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.10.1.min.js

Requested by

Host: nexiondemo1.gttwl2.com
URL: https://nexiondemo1.gttwl2.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8E94) /

Resource Hash

4837f7e1f1565ff667528cd75c41f401e07e229de1bd1b232f0a7a40d4c46f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nexiondemo1.gttwl2.com/
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 31 Mar 2020 23:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30397528
x-cache: HIT
status: 200
content-length: 41691
x-xss-protection: 1; mode=block
last-modified: Mon, 31 Oct 2016 23:10:48 GMT
server: ECAcc (frc/8E94)
etag: "e544544cc33d21:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 humanity Show response
nexiondemo1.gttwl2.com/api/ 36 B
478 B 142ms
142ms XHR
text/plain 167.99.177.129
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://nexiondemo1.gttwl2.com/api/humanity

Requested by

Host: ajax.aspnetcdn.com
URL: https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.10.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

167.99.177.129 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Caddy, nginx/1.12.2 + Phusion Passenger 5.2.1 / Phusion Passenger 5.2.1

Resource Hash

942a64804b63ff7c4a7f8545f327e32aa651bbd12179e0c278475f3d834aa1ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://nexiondemo1.gttwl2.com/
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-runtime: 0.014981
date: Tue, 31 Mar 2020 23:06:49 GMT
x-content-type-options: nosniff
server: Caddy, nginx/1.12.2 + Phusion Passenger 5.2.1
x-powered-by: Phusion Passenger 5.2.1
content-type: text; charset=utf-8
status: 200, 200 OK
cache-control: max-age=0, private, must-revalidate
etag: "6c38bd54da643b340a829eac1c9106ba"
content-length: 36
x-xss-protection: 1; mode=block
x-request-id: 39bf37b8-a2fe-4347-bdd5-b25e58bedd89
x-ua-compatible: chrome=1

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/40/6/ 77 KB
28 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/40/6/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyA0ANfu3tY7dgdY_OKC-i7LifyTk2l2v4I&libraries=places&sensor=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67a1c446a4b15a120ef3f91f6bda3a50a877a89785b62c2dc4870e440d9d2a6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nexiondemo1.gttwl2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 28 Mar 2020 09:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 24 Mar 2020 19:43:31 GMT
server: sffe
age: 307879
vary: Accept-Encoding, Origin
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28924
x-xss-protection: 0
expires: Sun, 28 Mar 2021 09:35:30 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/40/6/ 143 KB
53 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:81a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/40/6/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyA0ANfu3tY7dgdY_OKC-i7LifyTk2l2v4I&libraries=places&sensor=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd031c511ae18654a3853dbecf9e9c1cd54e9d47ab8db8b9b667da11ac1f9da1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nexiondemo1.gttwl2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 25 Mar 2020 17:42:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 24 Mar 2020 19:43:31 GMT
server: sffe
age: 537839
vary: Accept-Encoding, Origin
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 54062
x-xss-protection: 0
expires: Thu, 25 Mar 2021 17:42:50 GMT

GET
H2 200 controls.js Show response
maps.googleapis.com/maps-api-v3/api/js/40/6/ 208 KB
56 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/40/6/controls.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyA0ANfu3tY7dgdY_OKC-i7LifyTk2l2v4I&libraries=places&sensor=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f7498f9f4e6278cba762fe2ebef703edc32fc027c85c71fab167a05ca45dd1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nexiondemo1.gttwl2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 25 Mar 2020 17:42:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 24 Mar 2020 19:43:31 GMT
server: sffe
age: 537836
vary: Accept-Encoding, Origin
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 57595
x-xss-protection: 0
expires: Thu, 25 Mar 2021 17:42:53 GMT

GET
H2 200 places_impl.js Show response
maps.googleapis.com/maps-api-v3/api/js/40/6/ 41 KB
16 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:81a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/40/6/places_impl.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyA0ANfu3tY7dgdY_OKC-i7LifyTk2l2v4I&libraries=places&sensor=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4be781c0a58ce716562723e733ad5fcd61217b8652f923144ec30a80398d4a1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nexiondemo1.gttwl2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 25 Mar 2020 17:42:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 24 Mar 2020 19:43:31 GMT
server: sffe
age: 537835
vary: Accept-Encoding, Origin
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 16128
x-xss-protection: 0
expires: Thu, 25 Mar 2021 17:42:54 GMT

GET
H2 200 powered-by-google-on-white3.png
maps.gstatic.com/mapfiles/api-3/images/ 2 KB
2 KB 61ms
40ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png

Requested by

Host: nexiondemo1.gttwl2.com
URL: https://nexiondemo1.gttwl2.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nexiondemo1.gttwl2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 31 Mar 2020 23:06:49 GMT
x-content-type-options: nosniff
last-modified: Thu, 17 Oct 2019 23:15:00 GMT
server: sffe
access-control-allow-origin: *
content-type: image/png
status: 200
cache-control: private, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1616
x-xss-protection: 0
expires: Tue, 31 Mar 2020 23:06:49 GMT

GET
H2 200 autocomplete-icons.png
maps.gstatic.com/mapfiles/api-3/images/ 3 KB
4 KB 60ms
39ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png

Requested by

Host: nexiondemo1.gttwl2.com
URL: https://nexiondemo1.gttwl2.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nexiondemo1.gttwl2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 31 Mar 2020 23:06:49 GMT
x-content-type-options: nosniff
last-modified: Thu, 17 Oct 2019 23:15:00 GMT
server: sffe
access-control-allow-origin: *
content-type: image/png
status: 200
cache-control: private, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 3351
x-xss-protection: 0
expires: Tue, 31 Mar 2020 23:06:49 GMT

GET
H2 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ 62 B
211 B 68ms
68ms Script
text/javascript 2a00:1450:4001:81a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fnexiondemo1.gttwl2.com%2F&4sAIzaSyA0ANfu3tY7dgdY_OKC-i7LifyTk2l2v4I&callback=_xdc_._r03xpq&key=AIzaSyA0ANfu3tY7dgdY_OKC-i7LifyTk2l2v4I&token=15502

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/40/6/common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

d53cdc27d50bd164516aecf37e38a0021c4e57775eaa6a21a8238e3355d03d41

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://nexiondemo1.gttwl2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Tue, 31 Mar 2020 23:06:54 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=54
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Source+Sans+Pro:400,300,300italic,400italic,600,600italic,700

Domain: cdn.leafletjs.com
URL: http://cdn.leafletjs.com/leaflet-0.5/leaflet.css

Domain: cdn.leafletjs.com
URL: http://cdn.leafletjs.com/leaflet-0.5/leaflet.js

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Source+Sans+Pro:400,300,300italic,400italic,600,600italic,700

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Oswald:400

Domain: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
nexiondemo1.gttwl2.com/	1970-01-19 08:29:42	Name: _gttwl2_session Value: b0pMWk9USEdNZGtVaUl3anhFaXhhaHdrb1cza3BSNTR5KzNZM0dNNkRWRjNPakVzbWpwWDVCdzhqL3hWTUprWVpZbXZ1dnlDZ0tjVFI3NE8rNVhJeXBpTndDeDNLUUZhWHNSVFlkRWxJd1g1Y2MyVm14R0JINHU5RmpTeWdSWjdtamlpQUdEUmdjTnFwR2hNV2NSQzhDZmtpUnVTNUV4SWlBWlkwL2ttbmJMcEtyVmEyd0preWRxSDJmRVAxckc2LS1GNEV3Yko4dHBFT01kT2tKRzNDZ1JBPT0%3D--da1f686c63be770281bc727cc114184f9852d98d
nexiondemo1.gttwl2.com/	1970-01-20 01:45:04	Name: __tat_u Value: e824b4e6-5531-4df3-ad0d-3e45ba1bdc3f
nexiondemo1.gttwl2.com/	1970-01-26 15:47:28	Name: cart Value: b7d3a7c0-6e90-4090-b32c-748aec448db2

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://maps.googleapis.com/maps-api-v3/api/js/40/6/util.js(Line 230) Message: Google Maps JavaScript API warning: SensorNotRequired https://developers.google.com/maps/documentation/javascript/error-messages#sensor-not-required

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
ajax.googleapis.com
api2.gttwl.net
cdn.leafletjs.com
fonts.googleapis.com
maps.googleapis.com
maps.gstatic.com
media.gttwl.com
netdna.bootstrapcdn.com
nexiondemo1.gttwl2.com
tat.imgix.net
ajax.googleapis.com
cdn.leafletjs.com
fonts.googleapis.com
152.199.19.160
167.99.177.129
2001:4de0:ac19::1:b:1a
2001:4de0:ac19::1:b:3b
2a00:1450:4001:80b::2003
2a00:1450:4001:81a::200a
2a04:4e42:3::720
51.81.251.174
014d2a999df318cbfee8327856348f163db8eed96b559cf531ce3e1fa6b079d8
0ee42c759c563a9c38e8246e9f1efa251cc52a9f033363350e5096598ad3e74e
18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f
1c9be4a33765e371f8c76a8bbc4d8ed5224f7304f1f4fe44b42e6b174633fd7c
1f7498f9f4e6278cba762fe2ebef703edc32fc027c85c71fab167a05ca45dd1b
3d48d04fd03d6446110844708862e7168b31728944f7faad69f28e2ec2a0c2f8
4837f7e1f1565ff667528cd75c41f401e07e229de1bd1b232f0a7a40d4c46f79
4be781c0a58ce716562723e733ad5fcd61217b8652f923144ec30a80398d4a1a
57d183940e0d55636660d662b381bc4711459521bf28d7bb1ae7017d71ce8996
61ce3854c13015d809b16c1325e707259e05d74eb7a4b958d2e96cf892d7557d
66f98612057077e629c85fd25a0f1ee73959314e1df85c8eb1fecdb347dff667
67a1c446a4b15a120ef3f91f6bda3a50a877a89785b62c2dc4870e440d9d2a6c
75a721f6f467fcda98080593f318b78ff31558e822d283d473cabd3ad0d49b24
901f5c66d74ebf9e3900248ceea21aaf160d8cc86143e4646fa07839a170ac83
942a64804b63ff7c4a7f8545f327e32aa651bbd12179e0c278475f3d834aa1ea
a8883bc180474bec5859cbb00c092eb96d48d2ee0d99416c6c3790d04bd7cb0d
b1e094bd7159f9dc9ee43a6a74782783c5b9d6450d01639a9fb3c78969996e56
bbb102718687334c9562f1048617e79c04e1a0f281aafafa919b597e4cdb0178
bbd2bcffccd8718cec27b9465df0831049c667ec73a176cae7f923eba8c3e3cc
bd031c511ae18654a3853dbecf9e9c1cd54e9d47ab8db8b9b667da11ac1f9da1
c2ecdd840d2aa3a3304d021b920ecd92ce8f0810bb42d38fc91aefa7210960de
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
d53cdc27d50bd164516aecf37e38a0021c4e57775eaa6a21a8238e3355d03d41
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

nexiondemo1.gttwl2.com Open in urlscan Pro 167.99.177.129 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

31 Requests

81 %HTTPS

63 %IPv6

9 Domains

11 Subdomains

9 IPs

5 Countries

543 kBTransfer

1175 kBSize

3 Cookies

1 Outgoing links

Redirected requests

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

3 Cookies

1 Console Messages

Security Headers

Indicators

nexiondemo1.gttwl2.com Open in urlscan Pro
167.99.177.129 Public Scan

Screenshot
Live screenshot

Full Image

31
Requests

81 %
HTTPS

63 %
IPv6

9
Domains

11
Subdomains

9
IPs

5
Countries

543 kB
Transfer

1175 kB
Size

3
Cookies

31 HTTP transactions
0 data transactions