urlscan.io logo urlscan.io
SecurityTrails logo

aena.horizzon.cloud Open in urlscan Pro
13.33.187.102  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://aena.horizzon.cloud/
Effective URL: https://aena.horizzon.cloud/auth/loginForm
Submission: On March 13 via manual from ES — Scanned from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 6 domains to perform 52 HTTP transactions. The main IP is 13.33.187.102, located in United States and belongs to AMAZON-02, US. The main domain is aena.horizzon.cloud.
TLS certificate: Issued by Amazon ECDSA 256 M03 on January 18th 2024. Valid for: a year.
This is the only time aena.horizzon.cloud was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 26 13.33.187.102 16509 (AMAZON-02)
1 3.161.82.88 16509 (AMAZON-02)
6 104.18.40.252 13335 (CLOUDFLAR...)
1 142.250.185.202 15169 (GOOGLE)
1 142.250.186.136 15169 (GOOGLE)
10 104.18.32.29 13335 (CLOUDFLAR...)
3 104.18.33.190 13335 (CLOUDFLAR...)
1 172.67.157.170 ()
52 9
26    13.33.187.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-102.fra60.r.cloudfront.net
aena.horizzon.cloud
1    3.161.82.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-88.fra56.r.cloudfront.net
stats.bizzdesign.cloud
6    104.18.40.252 (None, )

ASN13335 (CLOUDFLARENET, US)
view.ceros.com
1    142.250.185.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f10.1e100.net
ajax.googleapis.com
1    142.250.186.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f8.1e100.net
www.googletagmanager.com
10    104.18.32.29 (None, )

ASN13335 (CLOUDFLARENET, US)
media-s3-us-east-1.ceros.com
3    104.18.33.190 (None, )

ASN13335 (CLOUDFLARENET, US)
assets-s3-us-east-1.ceros.com
1    172.67.157.170 (None, )

ASN- ()
cdn.intake-lr.com
Apex Domain
Subdomains		 Transfer
26 horizzon.cloud
aena.horizzon.cloud
4 MB
19 ceros.com
view.ceros.com — Cisco Umbrella Rank: 30841
media-s3-us-east-1.ceros.com — Cisco Umbrella Rank: 39686
assets-s3-us-east-1.ceros.com — Cisco Umbrella Rank: 43030
api.ceros.com Failed
950 KB
1 intake-lr.com
cdn.intake-lr.com
165 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
46 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 368
31 KB
1 bizzdesign.cloud
stats.bizzdesign.cloud
133 KB
52 6
Domain Requested by
26 aena.horizzon.cloud 2 redirects aena.horizzon.cloud
10 media-s3-us-east-1.ceros.com ajax.googleapis.com
view.ceros.com
media-s3-us-east-1.ceros.com
6 view.ceros.com aena.horizzon.cloud
view.ceros.com
3 assets-s3-us-east-1.ceros.com view.ceros.com
1 cdn.intake-lr.com assets-s3-us-east-1.ceros.com
1 www.googletagmanager.com view.ceros.com
1 ajax.googleapis.com view.ceros.com
1 stats.bizzdesign.cloud aena.horizzon.cloud
stats.bizzdesign.cloud
0 api.ceros.com Failed ajax.googleapis.com
52 9

This site contains links to these domains. Also see Links.

Domain
support.bizzdesign.com
Subject Issuer Validity Valid
*.bizzdesign.cloud
Amazon ECDSA 256 M03		 2024-01-18 -
2025-02-15		 a year crt.sh
view.ceros.com
E1		 2024-03-01 -
2024-05-30		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
media-s3-us-east-1.ceros.com
E1		 2024-01-20 -
2024-04-19		 3 months crt.sh
assets-s3-us-east-1.ceros.com
E1		 2024-01-14 -
2024-04-13		 3 months crt.sh
intake-lr.com
E1		 2024-03-06 -
2024-06-04		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://aena.horizzon.cloud/auth/loginForm
Frame ID: 32FB64342689C5AFB3EFEFF7AEA2D0C2
Requests: 26 HTTP requests in this frame

Frame: https://view.ceros.com/bizzdesign/cta-login-screen-horizzon
Frame ID: 71BF9A98A9EE29C017A6E26EC7541FD8
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bizzdesign - Sign in to Bizzdesign Horizzon

Page URL History Show full URLs

  1. https://aena.horizzon.cloud/ Page URL
  2. https://aena.horizzon.cloud/oauth/authenticate?client_id=horizzon&redirect_uri=https%3A%2F%2Faena.horizz... HTTP 302
    https://aena.horizzon.cloud/auth/AuthenticationFormClient?client_id=horizzon HTTP 302
    https://aena.horizzon.cloud/auth/loginForm Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • require.*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

52
Requests

90 %
HTTPS

0 %
IPv6

6
Domains

9
Subdomains

9
IPs

2
Countries

5487 kB
Transfer

21176 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://aena.horizzon.cloud/ Page URL
  2. https://aena.horizzon.cloud/oauth/authenticate?client_id=horizzon&redirect_uri=https%3A%2F%2Faena.horizzon.cloud%2Fcallback&response_type=id_token%20token&scope=openid%20email%20profile&nonce=998bada80cde612f0c0eef1c152e3f18e9IpvKZdv&state=da820797aafee1556757eaea5251597792MFVhKnm HTTP 302
    https://aena.horizzon.cloud/auth/AuthenticationFormClient?client_id=horizzon HTTP 302
    https://aena.horizzon.cloud/auth/loginForm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

52 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
aena.horizzon.cloud/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aena.horizzon.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-102.fra60.r.cloudfront.net
Software
/
Resource Hash
40141122aa020db5e3a89e625edfe38f13f431b127e977ef8043c2e2098e7606
Security Headers
Name Value
Content-Security-Policy default-src aena.horizzon.cloud *.sentry.io https://status.bizzdesign.io/api/v2/summary.json automation-engine-reports.s3.eu-central-1.amazonaws.com amazonappstream: https://player.vimeo.com/ https://stats.bizzdesign.cloud https://e.userflow.com https://js.userflow.com wss://e.userflow.com blob:; script-src aena.horizzon.cloud 'sha256-oZhLbc2kO8b8oaYLrUc7uye1MgVKMyLtPqWR4WtKF+c=' https://js.userflow.com https://stats.bizzdesign.cloud; object-src 'none'; worker-src 'none'; style-src aena.horizzon.cloud 'unsafe-inline' https://js.userflow.com https://storage.googleapis.com/studio1-prod-blob/ fonts.googleapis.com; img-src aena.horizzon.cloud https://js.userflow.com https://storage.googleapis.com/studio1-prod-blob/ data: ; font-src aena.horizzon.cloud data: fonts.gstatic.com; frame-src aena.horizzon.cloud https://player.vimeo.com https://view.ceros.com/bizzdesign/cta-login-screen-horizzon; media-src https://storage.googleapis.com/studio1-prod-blob/;
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store
content-encoding
gzip
content-security-policy
default-src aena.horizzon.cloud *.sentry.io https://status.bizzdesign.io/api/v2/summary.json automation-engine-reports.s3.eu-central-1.amazonaws.com amazonappstream: https://player.vimeo.com/ https://stats.bizzdesign.cloud https://e.userflow.com https://js.userflow.com wss://e.userflow.com blob:; script-src aena.horizzon.cloud 'sha256-oZhLbc2kO8b8oaYLrUc7uye1MgVKMyLtPqWR4WtKF+c=' https://js.userflow.com https://stats.bizzdesign.cloud; object-src 'none'; worker-src 'none'; style-src aena.horizzon.cloud 'unsafe-inline' https://js.userflow.com https://storage.googleapis.com/studio1-prod-blob/ fonts.googleapis.com; img-src aena.horizzon.cloud https://js.userflow.com https://storage.googleapis.com/studio1-prod-blob/ data: ; font-src aena.horizzon.cloud data: fonts.gstatic.com; frame-src aena.horizzon.cloud https://player.vimeo.com https://view.ceros.com/bizzdesign/cta-login-screen-horizzon; media-src https://storage.googleapis.com/studio1-prod-blob/;
content-type
text/html
date
Wed, 13 Mar 2024 12:14:24 GMT
expect-ct
max-age=86400, enforce
expires
-1
permissions-policy
accelerometer=() ambient-light-sensor=() battery=() camera=() gamepad=() geolocation=() gyroscope=() magnetometer=() microphone=() midi=() payment=() serial=() usb=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains;
vary
Accept-Encoding
via
1.1 5f82872daec754c74bbd4ef1bc7f7314.cloudfront.net (CloudFront)
x-amz-cf-id
6NQMma6DgjgIRkFbLFslo6y9dHLYbWs2kiR27Bshc3hA6FbBHbfnfw==
x-amz-cf-pop
FRA60-P9
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
styles.667047086cb539d4.css
aena.horizzon.cloud/ 		1 MB
286 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aena.horizzon.cloud/styles.667047086cb539d4.css
Requested by
Host: aena.horizzon.cloud
URL: https://aena.horizzon.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-102.fra60.r.cloudfront.net
Software
/
Resource Hash
4767920ed86117e009fa75176243cc4a37c379491b89c5ee3f3b188ef06a2b36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://aena.horizzon.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 09:13:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 5f82872daec754c74bbd4ef1bc7f7314.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P9
age
1220450
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
expect-ct
max-age=86400, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
permissions-policy
accelerometer=(), ambient-light-sensor=(), battery=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), serial=(), usb=()
x-amz-cf-id
tsBfqxpLQekc_EE_4p2NcDUvieg-wf13H939gPwJYaSGk_KYnFb2kA==
runtime.87a33e77cae8da84.js
aena.horizzon.cloud/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aena.horizzon.cloud/runtime.87a33e77cae8da84.js
Requested by
Host: aena.horizzon.cloud
URL: https://aena.horizzon.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-102.fra60.r.cloudfront.net
Software
/
Resource Hash
7cc5e4f0035eb6bccf9cb2ef9e9c1c289de34b84ba1bf6242af50626fea0a2ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://aena.horizzon.cloud/
Origin
https://aena.horizzon.cloud
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 09:13:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 5f82872daec754c74bbd4ef1bc7f7314.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P9
age
1220450
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
expect-ct
max-age=86400, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
permissions-policy
accelerometer=(), ambient-light-sensor=(), battery=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), serial=(), usb=()
x-amz-cf-id
VC8nKVUjBUbL3NhH-39VNwLtGWnr9Tu3W5G7pMrs6a2E3MbozZOJjQ==
polyfills.f170e8e688244795.js
aena.horizzon.cloud/ 		181 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aena.horizzon.cloud/polyfills.f170e8e688244795.js
Requested by
Host: aena.horizzon.cloud
URL: https://aena.horizzon.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-102.fra60.r.cloudfront.net
Software
/
Resource Hash
011e3d1fb90cb32edae1bcdf827fa3a92178cef150ff888907b061ae618dde5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://aena.horizzon.cloud/
Origin
https://aena.horizzon.cloud
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 09:13:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 5f82872daec754c74bbd4ef1bc7f7314.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P9
age
1220450
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
expect-ct
max-age=86400, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
permissions-policy
accelerometer=(), ambient-light-sensor=(), battery=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), serial=(), usb=()
x-amz-cf-id
vJqdls0oW2W3-cBKt928QQgTH25NIHTqtgY30YediLrhC9qHCI9NBA==
scripts.7df6af5721a79f9d.js
aena.horizzon.cloud/ 		8 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://aena.horizzon.cloud/scripts.7df6af5721a79f9d.js
Requested by
Host: aena.horizzon.cloud
URL: https://aena.horizzon.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-102.fra60.r.cloudfront.net
Software
/
Resource Hash
1d316943903a6d68cc383b83022fd9c4e0cc9a662bc62b5c1293b59dadcc5b5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://aena.horizzon.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 09:13:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 5f82872daec754c74bbd4ef1bc7f7314.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P9
age
1220450
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
expect-ct
max-age=86400, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
permissions-policy
accelerometer=(), ambient-light-sensor=(), battery=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), serial=(), usb=()
x-amz-cf-id
IZblPwrHY6jllDeaOSgmq1-x124lLn7BpVO5ITbDtp6dhHy6ovvFTw==
main.77cf382c2eecaffc.js
aena.horizzon.cloud/ 		6 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://aena.horizzon.cloud/main.77cf382c2eecaffc.js
Requested by
Host: aena.horizzon.cloud
URL: https://aena.horizzon.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-102.fra60.r.cloudfront.net
Software
/
Resource Hash
4ce3b9fade47dc317ae53a686e40639b02e1e60b3211c5157845bb91c3390c8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://aena.horizzon.cloud/
Origin
https://aena.horizzon.cloud
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 09:13:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 5f82872daec754c74bbd4ef1bc7f7314.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P9
age
1220450
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
expect-ct
max-age=86400, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
permissions-policy
accelerometer=(), ambient-light-sensor=(), battery=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), serial=(), usb=()
x-amz-cf-id
iBiMo-6ccrg0IXLWsr1J5ZTSKPTnB0knTA9L3iTfV9inQjIz7tFA3A==
logo-zz-white.2b2e704a61551dd3.svg
aena.horizzon.cloud/ 		939 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aena.horizzon.cloud/logo-zz-white.2b2e704a61551dd3.svg
Requested by
Host: aena.horizzon.cloud
URL: https://aena.horizzon.cloud/styles.667047086cb539d4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-102.fra60.r.cloudfront.net
Software
/
Resource Hash
b6ff5602f45c62806c4c8b826b74f3668e4a42f465ce8c0f11e227a58d8c771a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://aena.horizzon.cloud/styles.667047086cb539d4.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 07:57:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 5f82872daec754c74bbd4ef1bc7f7314.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P9
age
3817039
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
expect-ct
max-age=86400, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
permissions-policy
accelerometer=(), ambient-light-sensor=(), battery=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), serial=(), usb=()
x-amz-cf-id
GRo8jdyggfdOTnNRCa8Dbu2h41apWQRgkDs9oeakQizWsTsqCOhmBQ==
SourceSansPro-Regular.ttf.c8dbac02e83d653b.woff2
aena.horizzon.cloud/ 		88 KB
89 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://aena.horizzon.cloud/SourceSansPro-Regular.ttf.c8dbac02e83d653b.woff2
Requested by
Host: aena.horizzon.cloud
URL: https://aena.horizzon.cloud/styles.667047086cb539d4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-102.fra60.r.cloudfront.net
Software
/
Resource Hash
d3f2a7c124a4a987cbf255a3579b9866789cc3e561d3ab7cb2d09bee40b137e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://aena.horizzon.cloud/styles.667047086cb539d4.css
Origin
https://aena.horizzon.cloud
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:51:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
via
1.1 5f82872daec754c74bbd4ef1bc7f7314.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P9
age
3720162
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
expect-ct
max-age=86400, enforce
x-frame-options
SAMEORIGIN
content-type
application/font-woff2
access-control-allow-origin
https://academy.horizzon.cloud
access-control-expose-headers
Location,Content-Disposition
cache-control
max-age=31536000
access-control-allow-credentials
true
permissions-policy
accelerometer=(), ambient-light-sensor=(), battery=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), serial=(), usb=()
accept-ranges
bytes
x-amz-cf-id
Fzy5Sb1JAlETg2dHSx_gqQzGfodw281lBLcYpdL4WTnmclgQ69uPbA==
en.json
aena.horizzon.cloud/assets/i18n/ 		152 KB
38 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aena.horizzon.cloud/assets/i18n/en.json
Requested by
Host: aena.horizzon.cloud
URL: https://aena.horizzon.cloud/polyfills.f170e8e688244795.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-102.fra60.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://aena.horizzon.cloud/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 12:14:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 5f82872daec754c74bbd4ef1bc7f7314.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P9
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
expect-ct
max-age=86400, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache, no-store
permissions-policy
accelerometer=(), ambient-light-sensor=(), battery=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), serial=(), usb=()
x-amz-cf-id
RFF-cvz4T9M6gZPSTX4v9bkTYSAhGtbFad343z6UUrHZTqqYkOHpSA==
expires
-1
app.config.json
aena.horizzon.cloud/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aena.horizzon.cloud/app.config.json
Requested by
Host: aena.horizzon.cloud
URL: https://aena.horizzon.cloud/polyfills.f170e8e688244795.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-102.fra60.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://aena.horizzon.cloud/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 12:14:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 5f82872daec754c74bbd4ef1bc7f7314.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P9
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
expect-ct
max-age=86400, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache, no-store
permissions-policy
accelerometer=(), ambient-light-sensor=(), battery=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), serial=(), usb=()
x-amz-cf-id
NWNQQ8WFkrLneK1IW3V_qy0A3RHMgQYl4OaZuuzUArWWxDhZtVraWg==
expires
-1
app.config.json
aena.horizzon.cloud/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aena.horizzon.cloud/app.config.json
Requested by
Host: aena.horizzon.cloud
URL: https://aena.horizzon.cloud/polyfills.f170e8e688244795.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-102.fra60.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://aena.horizzon.cloud/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 12:14:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 5f82872daec754c74bbd4ef1bc7f7314.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P9
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
expect-ct
max-age=86400, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache, no-store
permissions-policy
accelerometer=(), ambient-light-sensor=(), battery=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), serial=(), usb=()
x-amz-cf-id
aFA-Z3kJzT4QTc_pU0voQ5gG3Jz675SbHHQOHkE_HQuOF7eCZ2Mvyw==
expires
-1
matomo.js
stats.bizzdesign.cloud/ 		132 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.bizzdesign.cloud/matomo.js
Requested by
Host: aena.horizzon.cloud
URL: https://aena.horizzon.cloud/main.77cf382c2eecaffc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-88.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://aena.horizzon.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 08:15:23 GMT
via
1.1 b61ff825a3ca0ff851caf7741034ca52.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 11 Mar 2024 12:47:27 GMT
server
CloudFront
x-amz-cf-pop
FRA56-P10
age
14346
etag
"210d0-61361f1ada6c5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
135376
x-amz-cf-id
XA-pfueCMCHHVJ4tjTO6ZA6MafyH6Ptweb4V_3EG4Y3OgcpyIPtQBQ==
openid-configuration
aena.horizzon.cloud/oauth/.well-known/ 		375 B
1021 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aena.horizzon.cloud/oauth/.well-known/openid-configuration
Requested by
Host: aena.horizzon.cloud
URL: https://aena.horizzon.cloud/polyfills.f170e8e688244795.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-102.fra60.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://aena.horizzon.cloud/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 12:14:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 5f82872daec754c74bbd4ef1bc7f7314.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P9
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
expect-ct
max-age=86400, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache, no-store
permissions-policy
accelerometer=(), ambient-light-sensor=(), battery=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), serial=(), usb=()
x-amz-cf-id
ToVQcET4CkNp3QyuQduhDi6hSz_VhnYzypOnO0-Q9jlooDI8aO2Ckw==
expires
-1
Primary Request loginForm
aena.horizzon.cloud/auth/
Redirect Chain
  • https://aena.horizzon.cloud/oauth/authenticate?client_id=horizzon&redirect_uri=https%3A%2F%2Faena.horizzon.cloud%2Fcallback&response_type=id_token%20token&scope=openid%20email%20profile&nonce=998ba...
  • https://aena.horizzon.cloud/auth/AuthenticationFormClient?client_id=horizzon
  • https://aena.horizzon.cloud/auth/loginForm
5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aena.horizzon.cloud/auth/loginForm
Requested by
Host: aena.horizzon.cloud
URL: https://aena.horizzon.cloud/main.77cf382c2eecaffc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-102.fra60.r.cloudfront.net
Software
/
Resource Hash
17349a8d7376131197f25ffad7309029a18b179c81dbb88a74f48b2e2ddfaf24
Security Headers
Name Value
Content-Security-Policy default-src aena.horizzon.cloud *.sentry.io https://status.bizzdesign.io/api/v2/summary.json automation-engine-reports.s3.eu-central-1.amazonaws.com amazonappstream: https://player.vimeo.com/ https://stats.bizzdesign.cloud https://e.userflow.com https://js.userflow.com wss://e.userflow.com blob:; script-src aena.horizzon.cloud 'sha256-oZhLbc2kO8b8oaYLrUc7uye1MgVKMyLtPqWR4WtKF+c=' https://js.userflow.com https://stats.bizzdesign.cloud; object-src 'none'; worker-src 'none'; style-src aena.horizzon.cloud 'unsafe-inline' https://js.userflow.com https://storage.googleapis.com/studio1-prod-blob/ fonts.googleapis.com; img-src aena.horizzon.cloud https://js.userflow.com https://storage.googleapis.com/studio1-prod-blob/ data: ; font-src aena.horizzon.cloud data: fonts.gstatic.com; frame-src aena.horizzon.cloud https://player.vimeo.com https://view.ceros.com/bizzdesign/cta-login-screen-horizzon; media-src https://storage.googleapis.com/studio1-prod-blob/;
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://aena.horizzon.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store
content-encoding
gzip
content-security-policy
default-src aena.horizzon.cloud *.sentry.io https://status.bizzdesign.io/api/v2/summary.json automation-engine-reports.s3.eu-central-1.amazonaws.com amazonappstream: https://player.vimeo.com/ https://stats.bizzdesign.cloud https://e.userflow.com https://js.userflow.com wss://e.userflow.com blob:; script-src aena.horizzon.cloud 'sha256-oZhLbc2kO8b8oaYLrUc7uye1MgVKMyLtPqWR4WtKF+c=' https://js.userflow.com https://stats.bizzdesign.cloud; object-src 'none'; worker-src 'none'; style-src aena.horizzon.cloud 'unsafe-inline' https://js.userflow.com https://storage.googleapis.com/studio1-prod-blob/ fonts.googleapis.com; img-src aena.horizzon.cloud https://js.userflow.com https://storage.googleapis.com/studio1-prod-blob/ data: ; font-src aena.horizzon.cloud data: fonts.gstatic.com; frame-src aena.horizzon.cloud https://player.vimeo.com https://view.ceros.com/bizzdesign/cta-login-screen-horizzon; media-src https://storage.googleapis.com/studio1-prod-blob/;
content-type
text/html; charset=utf-8
date
Wed, 13 Mar 2024 12:14:29 GMT
expect-ct
max-age=86400, enforce
expires
-1
permissions-policy
accelerometer=() ambient-light-sensor=() battery=() camera=() gamepad=() geolocation=() gyroscope=() magnetometer=() microphone=() midi=() payment=() serial=() usb=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains;
vary
Accept-Encoding
via
1.1 5f82872daec754c74bbd4ef1bc7f7314.cloudfront.net (CloudFront)
x-amz-cf-id
6DH_rtFb3SEl2I9Y8BO_C-iArYD9NgZLUDTic_yDwDbagwjlku362A==
x-amz-cf-pop
FRA60-P9
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store
content-length
0
date
Wed, 13 Mar 2024 12:14:28 GMT
expect-ct
max-age=86400, enforce
expires
-1
location
/auth/loginForm
permissions-policy
accelerometer=() ambient-light-sensor=() battery=() camera=() gamepad=() geolocation=() gyroscope=() magnetometer=() microphone=() midi=() payment=() serial=() usb=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains;
via
1.1 5f82872daec754c74bbd4ef1bc7f7314.cloudfront.net (CloudFront)
x-amz-cf-id
77PBDzjaGaPdH8wOaJMiXFYqLb9Bo4Qtb1TNOFPLnv1yi_9O8IED0g==
x-amz-cf-pop
FRA60-P9
x-cache
Miss from cloudfront
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block 1; mode=block
configs.php
stats.bizzdesign.cloud/plugins/HeatmapSessionRecording/ 		0
0
c495654869785bc3df60216616814ad1-font-awesome.css
aena.horizzon.cloud/assets/authentication/vendor/font-awesome/css/ 		37 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aena.horizzon.cloud/assets/authentication/vendor/font-awesome/css/c495654869785bc3df60216616814ad1-font-awesome.css
Requested by
Host: aena.horizzon.cloud
URL: https://aena.horizzon.cloud/auth/loginForm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-102.fra60.r.cloudfront.net
Software
/
Resource Hash
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
Security Headers
Name Value
Content-Security-Policy default-src schaeffler.horizzon.cloud schaeffler.bizzdesign.cloud schaeffler-api.horizzon.cloud *.sentry.io https://status.bizzdesign.io/api/v2/summary.json automation-engine-reports.s3.eu-central-1.amazonaws.com *.maps.elastic.co amazonappstream: https://player.vimeo.com/ https://stats.bizzdesign.cloud https://e.userflow.com https://js.userflow.com wss://e.userflow.com blob:; script-src schaeffler.horizzon.cloud schaeffler.bizzdesign.cloud schaeffler-api.horizzon.cloud 'unsafe-eval' 'unsafe-inline' 'sha256-oZhLbc2kO8b8oaYLrUc7uye1MgVKMyLtPqWR4WtKF+c=' https://js.userflow.com https://stats.bizzdesign.cloud; object-src 'none'; worker-src 'none'; style-src schaeffler.horizzon.cloud schaeffler.bizzdesign.cloud schaeffler-api.horizzon.cloud 'unsafe-inline' https://js.userflow.com https://storage.googleapis.com/studio1-prod-blob/ fonts.googleapis.com; img-src schaeffler.horizzon.cloud schaeffler.bizzdesign.cloud schaeffler-api.horizzon.cloud chart.googleapis.com *.maps.elastic.co api.qrserver.com https://js.userflow.com https://storage.googleapis.com/studio1-prod-blob/ data: ; font-src schaeffler.horizzon.cloud schaeffler.bizzdesign.cloud schaeffler-api.horizzon.cloud data: 'self' fonts.gstatic.com; frame-src schaeffler.horizzon.cloud schaeffler.bizzdesign.cloud schaeffler-api.horizzon.cloud https://view.ceros.com/bizzdesign/ https://player.vimeo.com; media-src https://storage.googleapis.com/studio1-prod-blob/;
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://aena.horizzon.cloud/auth/loginForm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 09:05:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains;
via
1.1 5f82872daec754c74bbd4ef1bc7f7314.cloudfront.net (CloudFront)
content-security-policy
default-src schaeffler.horizzon.cloud schaeffler.bizzdesign.cloud schaeffler-api.horizzon.cloud *.sentry.io https://status.bizzdesign.io/api/v2/summary.json automation-engine-reports.s3.eu-central-1.amazonaws.com *.maps.elastic.co amazonappstream: https://player.vimeo.com/ https://stats.bizzdesign.cloud https://e.userflow.com https://js.userflow.com wss://e.userflow.com blob:; script-src schaeffler.horizzon.cloud schaeffler.bizzdesign.cloud schaeffler-api.horizzon.cloud 'unsafe-eval' 'unsafe-inline' 'sha256-oZhLbc2kO8b8oaYLrUc7uye1MgVKMyLtPqWR4WtKF+c=' https://js.userflow.com https://stats.bizzdesign.cloud; object-src 'none'; worker-src 'none'; style-src schaeffler.horizzon.cloud schaeffler.bizzdesign.cloud schaeffler-api.horizzon.cloud 'unsafe-inline' https://js.userflow.com https://storage.googleapis.com/studio1-prod-blob/ fonts.googleapis.com; img-src schaeffler.horizzon.cloud schaeffler.bizzdesign.cloud schaeffler-api.horizzon.cloud chart.googleapis.com *.maps.elastic.co api.qrserver.com https://js.userflow.com https://storage.googleapis.com/studio1-prod-blob/ data: ; font-src schaeffler.horizzon.cloud schaeffler.bizzdesign.cloud schaeffler-api.horizzon.cloud data: 'self' fonts.gstatic.com; frame-src schaeffler.horizzon.cloud schaeffler.bizzdesign.cloud schaeffler-api.horizzon.cloud https://view.ceros.com/bizzdesign/ https://player.vimeo.com; media-src https://storage.googleapis.com/studio1-prod-blob/;
x-amz-cf-pop
FRA60-P9
age
4417763
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
7447
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 01 Dec 2023 11:30:54 GMT
etag
"c495654869785bc3df60216616814ad1"
expect-ct
max-age=86400, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
permissions-policy
accelerometer=(), ambient-light-sensor=(), battery=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), serial=(), usb=()
accept-ranges
bytes
x-amz-cf-id
xa4gSJ29wI8RmpriKLrzlInVUnfK0Jbesg0fdLmjSp_sI6ZPyIRwHg==
a4b3f509e79c54a512b890d73235ef04-bootstrap.css
aena.horizzon.cloud/assets/authentication/vendor/bootstrap/dist/css/ 		158 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aena.horizzon.cloud/assets/authentication/vendor/bootstrap/dist/css/a4b3f509e79c54a512b890d73235ef04-bootstrap.css
Requested by
Host: aena.horizzon.cloud
URL: https://aena.horizzon.cloud/auth/loginForm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-102.fra60.r.cloudfront.net
Software
/
Resource Hash
f886516f3d41e9e7bd994c7f7a39a89cafae9483f90396cb0ddeafe8d1ea5e72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://aena.horizzon.cloud/auth/loginForm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 23:23:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains;
via
1.1 5f82872daec754c74bbd4ef1bc7f7314.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P9
age
3847888
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
24181
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 19 Dec 2023 07:59:02 GMT
etag
"a4b3f509e79c54a512b890d73235ef04"
expect-ct
max-age=86400, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
permissions-policy
accelerometer=(), ambient-light-sensor=(), battery=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), serial=(), usb=()
accept-ranges
bytes
x-amz-cf-id
MNRD-IQk6kGmm7v86zpZQwo1A5-VUB-Aekfu8LIfMmvW6useocicYQ==
bd03faff519eb64e3b41f198ee14a0dc-app.css
aena.horizzon.cloud/assets/authentication/css/ 		148 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aena.horizzon.cloud/assets/authentication/css/bd03faff519eb64e3b41f198ee14a0dc-app.css
Requested by
Host: aena.horizzon.cloud
URL: https://aena.horizzon.cloud/auth/loginForm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-102.fra60.r.cloudfront.net
Software
/
Resource Hash
34fe6cf348c572ccd2eda9a181066e06d49fbca1f20f158fa5edeca17dda01f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://aena.horizzon.cloud/auth/loginForm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 23:23:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains;
via
1.1 5f82872daec754c74bbd4ef1bc7f7314.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P9
age
3847888
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
21496
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 19 Dec 2023 07:59:02 GMT
etag
"bd03faff519eb64e3b41f198ee14a0dc"
expect-ct
max-age=86400, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
permissions-policy
accelerometer=(), ambient-light-sensor=(), battery=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), serial=(), usb=()
accept-ranges
bytes
x-amz-cf-id
4E_jtCZmkLe9q6arrt_9MfnCYtlSgyTmRO1DhpaT9JmXi6zl8m747g==
d50185ae23ed8c8b6095a56216d31d51-logo.svg
aena.horizzon.cloud/assets/authentication/img/ 		6 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aena.horizzon.cloud/assets/authentication/img/d50185ae23ed8c8b6095a56216d31d51-logo.svg
Requested by
Host: aena.horizzon.cloud
URL: https://aena.horizzon.cloud/auth/loginForm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-102.fra60.r.cloudfront.net
Software
/
Resource Hash
7eb46a9f2e17eec53fc683b3c84a9d3c23768efa320de6199e62d0528f97d81d
Security Headers
Name Value
Content-Security-Policy default-src shell.horizzon.cloud shell.bizzdesign.cloud shell-api.horizzon.cloud *.sentry.io https://status.bizzdesign.io/api/v2/summary.json automation-engine-reports.s3.eu-central-1.amazonaws.com *.maps.elastic.co amazonappstream: https://player.vimeo.com/ https://stats.bizzdesign.cloud https://e.userflow.com https://js.userflow.com wss://e.userflow.com blob:; script-src shell.horizzon.cloud shell.bizzdesign.cloud shell-api.horizzon.cloud 'unsafe-eval' 'unsafe-inline' 'sha256-oZhLbc2kO8b8oaYLrUc7uye1MgVKMyLtPqWR4WtKF+c=' https://js.userflow.com https://stats.bizzdesign.cloud; object-src 'none'; worker-src 'none'; style-src shell.horizzon.cloud shell.bizzdesign.cloud shell-api.horizzon.cloud 'unsafe-inline' https://js.userflow.com https://storage.googleapis.com/studio1-prod-blob/ fonts.googleapis.com; img-src shell.horizzon.cloud shell.bizzdesign.cloud shell-api.horizzon.cloud chart.googleapis.com *.maps.elastic.co api.qrserver.com https://js.userflow.com https://storage.googleapis.com/studio1-prod-blob/ data: ; font-src shell.horizzon.cloud shell.bizzdesign.cloud shell-api.horizzon.cloud data: 'self' fonts.gstatic.com; frame-src shell.horizzon.cloud shell.bizzdesign.cloud shell-api.horizzon.cloud https://view.ceros.com/bizzdesign/ https://player.vimeo.com; media-src https://storage.googleapis.com/studio1-prod-blob/;
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://aena.horizzon.cloud/auth/loginForm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 14:10:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
content-security-policy
default-src shell.horizzon.cloud shell.bizzdesign.cloud shell-api.horizzon.cloud *.sentry.io https://status.bizzdesign.io/api/v2/summary.json automation-engine-reports.s3.eu-central-1.amazonaws.com *.maps.elastic.co amazonappstream: https://player.vimeo.com/ https://stats.bizzdesign.cloud https://e.userflow.com https://js.userflow.com wss://e.userflow.com blob:; script-src shell.horizzon.cloud shell.bizzdesign.cloud shell-api.horizzon.cloud 'unsafe-eval' 'unsafe-inline' 'sha256-oZhLbc2kO8b8oaYLrUc7uye1MgVKMyLtPqWR4WtKF+c=' https://js.userflow.com https://stats.bizzdesign.cloud; object-src 'none'; worker-src 'none'; style-src shell.horizzon.cloud shell.bizzdesign.cloud shell-api.horizzon.cloud 'unsafe-inline' https://js.userflow.com https://storage.googleapis.com/studio1-prod-blob/ fonts.googleapis.com; img-src shell.horizzon.cloud shell.bizzdesign.cloud shell-api.horizzon.cloud chart.googleapis.com *.maps.elastic.co api.qrserver.com https://js.userflow.com https://storage.googleapis.com/studio1-prod-blob/ data: ; font-src shell.horizzon.cloud shell.bizzdesign.cloud shell-api.horizzon.cloud data: 'self' fonts.gstatic.com; frame-src shell.horizzon.cloud shell.bizzdesign.cloud shell-api.horizzon.cloud https://view.ceros.com/bizzdesign/ https://player.vimeo.com; media-src https://storage.googleapis.com/studio1-prod-blob/;
content-encoding
gzip
via
1.1 5f82872daec754c74bbd4ef1bc7f7314.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P9
age
3276249
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 19 Dec 2023 07:59:02 GMT
etag
W/"d50185ae23ed8c8b6095a56216d31d51"
expect-ct
max-age=86400, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
permissions-policy
accelerometer=(), ambient-light-sensor=(), battery=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), serial=(), usb=()
x-amz-cf-id
-JKCeskkwjGIWk-MUeFF25mnCGCpkl7z5JhheUxTv6twkevpPx_dWQ==
12b69d0ae6c6f0c42942ae6da2896e84-jquery.js
aena.horizzon.cloud/assets/authentication/vendor/jquery/dist/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aena.horizzon.cloud/assets/authentication/vendor/jquery/dist/12b69d0ae6c6f0c42942ae6da2896e84-jquery.js
Requested by
Host: aena.horizzon.cloud
URL: https://aena.horizzon.cloud/auth/loginForm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-102.fra60.r.cloudfront.net
Software
/
Resource Hash
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://aena.horizzon.cloud/auth/loginForm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 23:23:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains;
via
1.1 5f82872daec754c74bbd4ef1bc7f7314.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P9
age
3847888
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
30946
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 19 Dec 2023 07:59:02 GMT
etag
"12b69d0ae6c6f0c42942ae6da2896e84"
expect-ct
max-age=86400, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
permissions-policy
accelerometer=(), ambient-light-sensor=(), battery=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), serial=(), usb=()
accept-ranges
bytes
x-amz-cf-id
P1QSaWJ_B0tKLHMA2yTdevxyN7nTA368413s3PKmUpb7ujGTmjRxKw==
48046680090dbba6b7aaecab01c09d52-parsley.js
aena.horizzon.cloud/assets/authentication/vendor/parsleyjs/dist/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aena.horizzon.cloud/assets/authentication/vendor/parsleyjs/dist/48046680090dbba6b7aaecab01c09d52-parsley.js
Requested by
Host: aena.horizzon.cloud
URL: https://aena.horizzon.cloud/auth/loginForm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-102.fra60.r.cloudfront.net
Software
/
Resource Hash
65de0a9836c00588563a70fea65cc79aa3d71feeb823bb39317ac56cbe3d622b
Security Headers
Name Value
Content-Security-Policy default-src schaeffler.horizzon.cloud schaeffler.bizzdesign.cloud schaeffler-api.horizzon.cloud *.sentry.io https://status.bizzdesign.io/api/v2/summary.json automation-engine-reports.s3.eu-central-1.amazonaws.com *.maps.elastic.co amazonappstream: https://player.vimeo.com/ https://stats.bizzdesign.cloud https://e.userflow.com https://js.userflow.com wss://e.userflow.com blob:; script-src schaeffler.horizzon.cloud schaeffler.bizzdesign.cloud schaeffler-api.horizzon.cloud 'unsafe-eval' 'unsafe-inline' 'sha256-oZhLbc2kO8b8oaYLrUc7uye1MgVKMyLtPqWR4WtKF+c=' https://js.userflow.com https://stats.bizzdesign.cloud; object-src 'none'; worker-src 'none'; style-src schaeffler.horizzon.cloud schaeffler.bizzdesign.cloud schaeffler-api.horizzon.cloud 'unsafe-inline' https://js.userflow.com https://storage.googleapis.com/studio1-prod-blob/ fonts.googleapis.com; img-src schaeffler.horizzon.cloud schaeffler.bizzdesign.cloud schaeffler-api.horizzon.cloud chart.googleapis.com *.maps.elastic.co api.qrserver.com https://js.userflow.com https://storage.googleapis.com/studio1-prod-blob/ data: ; font-src schaeffler.horizzon.cloud schaeffler.bizzdesign.cloud schaeffler-api.horizzon.cloud data: 'self' fonts.gstatic.com; frame-src schaeffler.horizzon.cloud schaeffler.bizzdesign.cloud schaeffler-api.horizzon.cloud https://view.ceros.com/bizzdesign/ https://player.vimeo.com; media-src https://storage.googleapis.com/studio1-prod-blob/;
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://aena.horizzon.cloud/auth/loginForm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 09:05:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains;
via
1.1 5f82872daec754c74bbd4ef1bc7f7314.cloudfront.net (CloudFront)
content-security-policy
default-src schaeffler.horizzon.cloud schaeffler.bizzdesign.cloud schaeffler-api.horizzon.cloud *.sentry.io https://status.bizzdesign.io/api/v2/summary.json automation-engine-reports.s3.eu-central-1.amazonaws.com *.maps.elastic.co amazonappstream: https://player.vimeo.com/ https://stats.bizzdesign.cloud https://e.userflow.com https://js.userflow.com wss://e.userflow.com blob:; script-src schaeffler.horizzon.cloud schaeffler.bizzdesign.cloud schaeffler-api.horizzon.cloud 'unsafe-eval' 'unsafe-inline' 'sha256-oZhLbc2kO8b8oaYLrUc7uye1MgVKMyLtPqWR4WtKF+c=' https://js.userflow.com https://stats.bizzdesign.cloud; object-src 'none'; worker-src 'none'; style-src schaeffler.horizzon.cloud schaeffler.bizzdesign.cloud schaeffler-api.horizzon.cloud 'unsafe-inline' https://js.userflow.com https://storage.googleapis.com/studio1-prod-blob/ fonts.googleapis.com; img-src schaeffler.horizzon.cloud schaeffler.bizzdesign.cloud schaeffler-api.horizzon.cloud chart.googleapis.com *.maps.elastic.co api.qrserver.com https://js.userflow.com https://storage.googleapis.com/studio1-prod-blob/ data: ; font-src schaeffler.horizzon.cloud schaeffler.bizzdesign.cloud schaeffler-api.horizzon.cloud data: 'self' fonts.gstatic.com; frame-src schaeffler.horizzon.cloud schaeffler.bizzdesign.cloud schaeffler-api.horizzon.cloud https://view.ceros.com/bizzdesign/ https://player.vimeo.com; media-src https://storage.googleapis.com/studio1-prod-blob/;
x-amz-cf-pop
FRA60-P9
age
4417762
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
12144
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 01 Dec 2023 11:30:54 GMT
etag
"48046680090dbba6b7aaecab01c09d52"
expect-ct
max-age=86400, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
permissions-policy
accelerometer=(), ambient-light-sensor=(), battery=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), serial=(), usb=()
accept-ranges
bytes
x-amz-cf-id
isoLkcO-1_H1KfEn2Q8vjBBUiATDCA2g05b_QXPEYbNMmMJj_IwsIQ==
a8d01a5ca4a77fa9e7eb36a5aaa25021-app.js
aena.horizzon.cloud/assets/authentication/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aena.horizzon.cloud/assets/authentication/js/a8d01a5ca4a77fa9e7eb36a5aaa25021-app.js
Requested by
Host: aena.horizzon.cloud
URL: https://aena.horizzon.cloud/auth/loginForm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-102.fra60.r.cloudfront.net
Software
/
Resource Hash
7c0373fe5d8766541f06b0c0422df58e1b9830f5b650b7af32fd057154b977c5
Security Headers
Name Value
Content-Security-Policy default-src schaeffler.horizzon.cloud schaeffler.bizzdesign.cloud schaeffler-api.horizzon.cloud *.sentry.io https://status.bizzdesign.io/api/v2/summary.json automation-engine-reports.s3.eu-central-1.amazonaws.com *.maps.elastic.co amazonappstream: https://player.vimeo.com/ https://stats.bizzdesign.cloud https://e.userflow.com https://js.userflow.com wss://e.userflow.com blob:; script-src schaeffler.horizzon.cloud schaeffler.bizzdesign.cloud schaeffler-api.horizzon.cloud 'unsafe-eval' 'unsafe-inline' 'sha256-oZhLbc2kO8b8oaYLrUc7uye1MgVKMyLtPqWR4WtKF+c=' https://js.userflow.com https://stats.bizzdesign.cloud; object-src 'none'; worker-src 'none'; style-src schaeffler.horizzon.cloud schaeffler.bizzdesign.cloud schaeffler-api.horizzon.cloud 'unsafe-inline' https://js.userflow.com https://storage.googleapis.com/studio1-prod-blob/ fonts.googleapis.com; img-src schaeffler.horizzon.cloud schaeffler.bizzdesign.cloud schaeffler-api.horizzon.cloud chart.googleapis.com *.maps.elastic.co api.qrserver.com https://js.userflow.com https://storage.googleapis.com/studio1-prod-blob/ data: ; font-src schaeffler.horizzon.cloud schaeffler.bizzdesign.cloud schaeffler-api.horizzon.cloud data: 'self' fonts.gstatic.com; frame-src schaeffler.horizzon.cloud schaeffler.bizzdesign.cloud schaeffler-api.horizzon.cloud https://view.ceros.com/bizzdesign/ https://player.vimeo.com; media-src https://storage.googleapis.com/studio1-prod-blob/;
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://aena.horizzon.cloud/auth/loginForm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 09:05:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains;
via
1.1 5f82872daec754c74bbd4ef1bc7f7314.cloudfront.net (CloudFront)
content-security-policy
default-src schaeffler.horizzon.cloud schaeffler.bizzdesign.cloud schaeffler-api.horizzon.cloud *.sentry.io https://status.bizzdesign.io/api/v2/summary.json automation-engine-reports.s3.eu-central-1.amazonaws.com *.maps.elastic.co amazonappstream: https://player.vimeo.com/ https://stats.bizzdesign.cloud https://e.userflow.com https://js.userflow.com wss://e.userflow.com blob:; script-src schaeffler.horizzon.cloud schaeffler.bizzdesign.cloud schaeffler-api.horizzon.cloud 'unsafe-eval' 'unsafe-inline' 'sha256-oZhLbc2kO8b8oaYLrUc7uye1MgVKMyLtPqWR4WtKF+c=' https://js.userflow.com https://stats.bizzdesign.cloud; object-src 'none'; worker-src 'none'; style-src schaeffler.horizzon.cloud schaeffler.bizzdesign.cloud schaeffler-api.horizzon.cloud 'unsafe-inline' https://js.userflow.com https://storage.googleapis.com/studio1-prod-blob/ fonts.googleapis.com; img-src schaeffler.horizzon.cloud schaeffler.bizzdesign.cloud schaeffler-api.horizzon.cloud chart.googleapis.com *.maps.elastic.co api.qrserver.com https://js.userflow.com https://storage.googleapis.com/studio1-prod-blob/ data: ; font-src schaeffler.horizzon.cloud schaeffler.bizzdesign.cloud schaeffler-api.horizzon.cloud data: 'self' fonts.gstatic.com; frame-src schaeffler.horizzon.cloud schaeffler.bizzdesign.cloud schaeffler-api.horizzon.cloud https://view.ceros.com/bizzdesign/ https://player.vimeo.com; media-src https://storage.googleapis.com/studio1-prod-blob/;
x-amz-cf-pop
FRA60-P9
age
4417762
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
568
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 01 Dec 2023 11:30:54 GMT
etag
"a8d01a5ca4a77fa9e7eb36a5aaa25021"
expect-ct
max-age=86400, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
permissions-policy
accelerometer=(), ambient-light-sensor=(), battery=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), serial=(), usb=()
accept-ranges
bytes
x-amz-cf-id
Yi4xnOpqqXngjnaJC0XLrJ68y4YVMVrmvwVaLPUJcbnqFV8YV0KKBA==
5b271a3d79e21498628838327862212d-scroll-proxy.min.js
aena.horizzon.cloud/assets/authentication/vendor/ceros/dist/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aena.horizzon.cloud/assets/authentication/vendor/ceros/dist/5b271a3d79e21498628838327862212d-scroll-proxy.min.js
Requested by
Host: aena.horizzon.cloud
URL: https://aena.horizzon.cloud/auth/loginForm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-102.fra60.r.cloudfront.net
Software
/
Resource Hash
16323673554b74fbd629cdedaf2ffe9bbd2b469191f8aeb60453943b52fdc864
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://aena.horizzon.cloud/auth/loginForm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 22:48:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains;
via
1.1 5f82872daec754c74bbd4ef1bc7f7314.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P9
age
2813165
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
3941
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 19 Dec 2023 07:59:02 GMT
etag
"5b271a3d79e21498628838327862212d"
expect-ct
max-age=86400, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
permissions-policy
accelerometer=(), ambient-light-sensor=(), battery=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), serial=(), usb=()
accept-ranges
bytes
x-amz-cf-id
QgGRQAPOgN7XarLMuCVRyHginQ3aTPVnk4KfjKFfIy5Hw3A-oRGZXw==
cta-login-screen-horizzon
view.ceros.com/bizzdesign/ Frame 71BF 		15 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://view.ceros.com/bizzdesign/cta-login-screen-horizzon
Requested by
Host: aena.horizzon.cloud
URL: https://aena.horizzon.cloud/auth/loginForm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.252 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe556f135a5f80437fbfc21f3c94e411af5297ddd3bd6b5280077c5e192708d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aena.horizzon.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

age
18738
cache-control
no-store
cf-cache-status
HIT
cf-ray
863bf1acce876669-MAD
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 13 Mar 2024 12:14:29 GMT
last-modified
Wed, 13 Mar 2024 07:02:11 GMT
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
font.css
aena.horizzon.cloud/assets/authentication/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aena.horizzon.cloud/assets/authentication/css/font.css
Requested by
Host: aena.horizzon.cloud
URL: https://aena.horizzon.cloud/assets/authentication/css/bd03faff519eb64e3b41f198ee14a0dc-app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-102.fra60.r.cloudfront.net
Software
/
Resource Hash
ba5fe1d7ddb5d12b3b7f02fede76894c035b6ce11a50682d85ebd6ec8e117f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://aena.horizzon.cloud/assets/authentication/css/bd03faff519eb64e3b41f198ee14a0dc-app.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 23:43:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains;
via
1.1 5f82872daec754c74bbd4ef1bc7f7314.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P9
age
217845
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
305
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 19 Feb 2024 10:34:28 GMT
etag
"b92b18acae4ab6af62bebb87bc184254"
expect-ct
max-age=86400, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=604800
permissions-policy
accelerometer=(), ambient-light-sensor=(), battery=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), serial=(), usb=()
accept-ranges
bytes
x-amz-cf-id
JnFmfnR4SxhAnuDovyPeG2y-rwiycxwsWzZJBroNsplXFyjQ5O2xPQ==
source-sans-pro-v14-latin-600.woff2
aena.horizzon.cloud/assets/authentication/fonts/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://aena.horizzon.cloud/assets/authentication/fonts/source-sans-pro-v14-latin-600.woff2
Requested by
Host: aena.horizzon.cloud
URL: https://aena.horizzon.cloud/assets/authentication/css/font.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-102.fra60.r.cloudfront.net
Software
/
Resource Hash
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://aena.horizzon.cloud/assets/authentication/css/font.css
Origin
https://aena.horizzon.cloud
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:51:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
via
1.1 5f82872daec754c74bbd4ef1bc7f7314.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P9
age
3720164
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
15948
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 19 Dec 2023 07:59:02 GMT
etag
"c85615b296302af51e683eecb5e371d4"
expect-ct
max-age=86400, enforce
x-frame-options
SAMEORIGIN
content-type
application/font-woff2
access-control-allow-origin
https://academy.horizzon.cloud
access-control-expose-headers
Location,Content-Disposition
cache-control
max-age=31536000
access-control-allow-credentials
true
permissions-policy
accelerometer=(), ambient-light-sensor=(), battery=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), serial=(), usb=()
accept-ranges
bytes
x-amz-cf-id
NNsYf6dxx19TuiwpFyNBtESfXSaGMzw5N99uJN6E1BcdF5cne9s6bA==
source-sans-pro-v14-latin-regular.woff2
aena.horizzon.cloud/assets/authentication/fonts/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://aena.horizzon.cloud/assets/authentication/fonts/source-sans-pro-v14-latin-regular.woff2
Requested by
Host: aena.horizzon.cloud
URL: https://aena.horizzon.cloud/assets/authentication/css/font.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-102.fra60.r.cloudfront.net
Software
/
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://aena.horizzon.cloud/assets/authentication/css/font.css
Origin
https://aena.horizzon.cloud
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:51:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
via
1.1 5f82872daec754c74bbd4ef1bc7f7314.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P9
age
3720164
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
16112
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 19 Dec 2023 07:59:02 GMT
etag
"899c8f78ce650d4009d42443897aa723"
expect-ct
max-age=86400, enforce
x-frame-options
SAMEORIGIN
content-type
application/font-woff2
access-control-allow-origin
https://academy.horizzon.cloud
access-control-expose-headers
Location,Content-Disposition
cache-control
max-age=31536000
access-control-allow-credentials
true
permissions-policy
accelerometer=(), ambient-light-sensor=(), battery=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), serial=(), usb=()
accept-ranges
bytes
x-amz-cf-id
hkc_02_399qajSFjyZZ_bzvZR4fCahEdldn_AhoRap4LG0UvuYWReQ==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ Frame 71BF 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: view.ceros.com
URL: https://view.ceros.com/bizzdesign/cta-login-screen-horizzon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f10.1e100.net
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://view.ceros.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 20:16:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57502
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Mar 2025 20:16:08 GMT
webfont-1.6.3.js
view.ceros.com/ Frame 71BF 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://view.ceros.com/webfont-1.6.3.js
Requested by
Host: view.ceros.com
URL: https://view.ceros.com/bizzdesign/cta-login-screen-horizzon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.252 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c32949b380a8e2de4d20de669d0573ba34d27f172a459886d434512fa2781cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://view.ceros.com/bizzdesign/cta-login-screen-horizzon
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 12:14:30 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
cf-cache-status
HIT
last-modified
Sat, 24 Feb 2024 13:48:12 GMT
x-content-type-options
nosniff
server
cloudflare
age
50764
etag
W/"e5efb8110abda03656884f299395aad2"
vary
Accept-Encoding
content-type
text/javascript
cache-control
no-store
cf-ray
863bf1ada8336669-MAD
x-xss-protection
0
js
www.googletagmanager.com/gtag/ Frame 71BF 		119 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js
Requested by
Host: view.ceros.com
URL: https://view.ceros.com/bizzdesign/cta-login-screen-horizzon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
23a14d302863302fd8372e57962d8f2a28b1e038bf1437d7a5de06301f71167a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://view.ceros.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 12:14:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
47074
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 13 Mar 2024 12:14:30 GMT
experience-version-65f012ab4d15e.js
media-s3-us-east-1.ceros.com/bizzdesign/doc-version-json/v11/ Frame 71BF 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media-s3-us-east-1.ceros.com/bizzdesign/doc-version-json/v11/experience-version-65f012ab4d15e.js
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.32.29 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c8a9227db7adcc0d786ca1b98b75077f36b3c471d6e136b4431dacee5178a9f
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://view.ceros.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 12:14:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
age
98060
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 12 Mar 2024 08:30:36 GMT
server
cloudflare
etag
W/"14444ca14ca388a358bd0b1d9e923eb9"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray
863bf1b44f78668f-MAD
require-min.js
assets-s3-us-east-1.ceros.com/8.13.23/view.ceros.com/default/assets/player/shared/libs/require/ Frame 71BF 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets-s3-us-east-1.ceros.com/8.13.23/view.ceros.com/default/assets/player/shared/libs/require/require-min.js
Requested by
Host: view.ceros.com
URL: https://view.ceros.com/bizzdesign/cta-login-screen-horizzon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b0a585ef0d7a06ed38fd133e0fdcf28cd5c2f9f2ac40114580f1dce13498123
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://view.ceros.com/
Origin
https://view.ceros.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 12:14:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
age
50630
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 12 Mar 2024 21:54:14 GMT
server
cloudflare
etag
W/"b03b66057d7df9b2cc9aa9c4c18aa569"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/x-javascript
access-control-max-age
3000
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-frame-options
DENY
cf-ray
863bf1b459ce1ba1-MAD
bootstrap-optimized.js
assets-s3-us-east-1.ceros.com/8.13.23/view.ceros.com/default/assets/player/applications/html5-player/ Frame 71BF 		3 MB
771 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets-s3-us-east-1.ceros.com/8.13.23/view.ceros.com/default/assets/player/applications/html5-player/bootstrap-optimized.js
Requested by
Host: view.ceros.com
URL: https://view.ceros.com/bizzdesign/cta-login-screen-horizzon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69786bd6683da42f04358af32f4a6bc7621a2756932461978e3510b75f932518
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://view.ceros.com/
Origin
https://view.ceros.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 12:14:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
age
50629
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 12 Mar 2024 21:53:56 GMT
server
cloudflare
etag
W/"5f422e915baada56ec98e14b256ce867"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/x-javascript
access-control-max-age
3000
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-frame-options
DENY
cf-ray
863bf1b4eabc1ba1-MAD
html5-player.css
assets-s3-us-east-1.ceros.com/8.13.23/view.ceros.com/default/assets/player/applications/html5-player/css/ Frame 71BF 		91 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets-s3-us-east-1.ceros.com/8.13.23/view.ceros.com/default/assets/player/applications/html5-player/css/html5-player.css
Requested by
Host: view.ceros.com
URL: https://view.ceros.com/bizzdesign/cta-login-screen-horizzon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37c35b291e404695a07564658d4293b267c41cb2a085057d323eb52a65d236ff
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://view.ceros.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 12:14:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
age
50630
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 12 Mar 2024 21:53:57 GMT
server
cloudflare
etag
W/"726ad5e569780ba67f756647613a96dd"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray
863bf1b76c9269fd-MAD
logger-1.min.js
cdn.intake-lr.com/ Frame 71BF 		833 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intake-lr.com/logger-1.min.js
Requested by
Host: assets-s3-us-east-1.ceros.com
URL: https://assets-s3-us-east-1.ceros.com/8.13.23/view.ceros.com/default/assets/player/applications/html5-player/bootstrap-optimized.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.157.170 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
8ef8431ab651622118890beb2373f5917937a1be3545e0703e1f89295bb6c346
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://view.ceros.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 12:14:32 GMT
strict-transport-security
max-age=31556926
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
294
x-cache
MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-mad22079-MAD
last-modified
Tue, 12 Mar 2024 22:22:34 GMT
server
cloudflare
x-timer
S1710282342.426880,VS0,VE101
etag
W/"2d8c4862de0970a5603b77423c3728a83191b35ee127a61f208b53e2c6768416-br"
vary
x-fh-requested-host, accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ugq%2FtEjF0UgAlI4CNpWytATwsTns0GW1gBA%2FsK2FfVQl6sRVec1tV5z8FWAwPrKUSPYmCB08p7P8VYS0oNqGoSbhU4cp7tgnN7oDjeuseP6x4Frt8mL8mRbx4IxNr7ti2A9Drw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
863bf1ba3d8f2162-MAD
x-cache-hits
0
469f6557-c618-49e0-aab0-72ee90433e9c
https://view.ceros.com/ Frame 71BF 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://view.ceros.com/469f6557-c618-49e0-aab0-72ee90433e9c
Requested by
Host: view.ceros.com
URL: https://view.ceros.com/bizzdesign/cta-login-screen-horizzon
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
ceros-fonts-2023-01-26.css
view.ceros.com/ Frame 71BF 		407 B
373 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://view.ceros.com/ceros-fonts-2023-01-26.css
Requested by
Host: view.ceros.com
URL: https://view.ceros.com/webfont-1.6.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.252 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b82466a6fe31e0baf68cee789f451980ffd808f9425e045e8f205abc574e683
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://view.ceros.com/bizzdesign/cta-login-screen-horizzon
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 12:14:31 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
cf-cache-status
HIT
last-modified
Thu, 15 Feb 2024 21:44:01 GMT
x-content-type-options
nosniff
server
cloudflare
age
50764
etag
W/"206ef34c0d1bd67a404b0b733c6350b1"
vary
Accept-Encoding
content-type
text/css
cache-control
no-store
cf-ray
863bf1b84b6f6669-MAD
x-xss-protection
0
avenir-next-lt.css
view.ceros.com/ Frame 71BF 		3 KB
473 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://view.ceros.com/avenir-next-lt.css
Requested by
Host: view.ceros.com
URL: https://view.ceros.com/webfont-1.6.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.252 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f619dac7a65a742377859042634f38d1ac996ee20c2897bc5e73befb52957743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://view.ceros.com/bizzdesign/cta-login-screen-horizzon
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 12:14:31 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
cf-cache-status
HIT
last-modified
Mon, 04 Dec 2023 22:54:53 GMT
x-content-type-options
nosniff
server
cloudflare
age
50764
etag
W/"2de96d67a05f8ff4db4685ab78cdde91"
vary
Accept-Encoding
content-type
text/css
cache-control
no-store
cf-ray
863bf1b85b886669-MAD
x-xss-protection
0
bd-logo-blue.svg
media-s3-us-east-1.ceros.com/bizzdesign/images/2022/01/31/e3442a51a6c73e1dfdd7d5dc2ff9b907/ Frame 71BF 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://media-s3-us-east-1.ceros.com/bizzdesign/images/2022/01/31/e3442a51a6c73e1dfdd7d5dc2ff9b907/bd-logo-blue.svg
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.32.29 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
734e8a363399e29334b035158463bbce8a7de483cb4e2f4f26a4dcd247076816
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://view.ceros.com/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 12:14:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
age
100427
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 31 Jan 2022 16:36:12 GMT
server
cloudflare
etag
W/"3394b36eb528dcea08069982dfef04ac"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, HEAD
content-type
image/svg+xml
access-control-max-age
3000
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-frame-options
DENY
cf-ray
863bf1bbde6071ff-MAD
outfit-semibold.css
media-s3-us-east-1.ceros.com/bizzdesign/fonts/2022/03/07/3d95d17c-94ae-49a7-a8d4-44b9eb85a021/ Frame 71BF 		282 B
381 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://media-s3-us-east-1.ceros.com/bizzdesign/fonts/2022/03/07/3d95d17c-94ae-49a7-a8d4-44b9eb85a021/outfit-semibold.css
Requested by
Host: view.ceros.com
URL: https://view.ceros.com/webfont-1.6.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.32.29 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3db882b1f66a590c3efecfda38dee26ca485649a2a78462e035f4f6d9e9fb43
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://view.ceros.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 12:14:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
age
245610
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 07 Mar 2022 13:02:32 GMT
server
cloudflare
etag
W/"ab7c5311bbbea69e2d25746a4d9aa2cb"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray
863bf1b87f09668f-MAD
visual-state-of-ea.png
media-s3-us-east-1.ceros.com/bizzdesign/images/2024/03/11/c1b835c65652c4907c6565942876e435/ Frame 71BF 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media-s3-us-east-1.ceros.com/bizzdesign/images/2024/03/11/c1b835c65652c4907c6565942876e435/visual-state-of-ea.png?imageOpt=1&fit=bounds&width=114
Requested by
Host: view.ceros.com
URL: https://view.ceros.com/bizzdesign/cta-login-screen-horizzon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.32.29 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75d817171eeebca260a59c8ed3138a4853da8cc42460c27ceed3dada7468e6f0
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://view.ceros.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 12:14:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
content-length
1256
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 11 Mar 2024 22:16:31 GMT
server
cloudflare
etag
"cflauEkIyM2Fs0VREoJlKelQh6pUIsVoZ9fgQWfFvhDQ:f52329e2835a2a3ec30588990fb4f603"
vary
Accept, Accept-Encoding
x-frame-options
DENY
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
cf-ray
863bf1b8e83f668f-MAD
structure.png
media-s3-us-east-1.ceros.com/bizzdesign/images/2024/03/11/2559a0554a018d8baaec572b9830934a/ Frame 71BF 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media-s3-us-east-1.ceros.com/bizzdesign/images/2024/03/11/2559a0554a018d8baaec572b9830934a/structure.png?imageOpt=1&fit=bounds&width=100
Requested by
Host: view.ceros.com
URL: https://view.ceros.com/bizzdesign/cta-login-screen-horizzon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.32.29 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f9c3f9271c8a42b4ccd0b4b749312813770e829df503c0f45b720248dd6841e
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://view.ceros.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 12:14:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
content-length
2110
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 11 Mar 2024 22:12:00 GMT
server
cloudflare
etag
"cf6cgdd2VVZI6KLFoH15KsR-miOkzmfk-vBAuwETO6DQ:7494e24f66b0346e20a878df9b96f6f1"
vary
Accept, Accept-Encoding
x-frame-options
DENY
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
cf-ray
863bf1b9188b668f-MAD
CerosIcons-Regular-2023-01-26.woff
view.ceros.com/ Frame 71BF 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://view.ceros.com/CerosIcons-Regular-2023-01-26.woff
Requested by
Host: view.ceros.com
URL: https://view.ceros.com/ceros-fonts-2023-01-26.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.252 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dea4035f77031a35f930dd5ffd12db5f5cab458f69272c07d8968e1d289a247
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://view.ceros.com/ceros-fonts-2023-01-26.css
Origin
https://view.ceros.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 12:14:31 GMT
referrer-policy
strict-origin-when-cross-origin
cf-cache-status
HIT
last-modified
Thu, 15 Feb 2024 21:44:01 GMT
x-content-type-options
nosniff
server
cloudflare
age
50763
etag
"7814c91459be51eb8fbdc05c65db6b46"
vary
Accept-Encoding
content-type
application/x-font-woff
cache-control
no-store
accept-ranges
bytes
cf-ray
863bf1b90cc46669-MAD
content-length
47628
x-xss-protection
0
outfit-semibold.woff
media-s3-us-east-1.ceros.com/bizzdesign/fonts/2022/03/07/7ac23f6e-31f5-4ee9-9b32-dcaabf77a0d7/ Frame 71BF 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://media-s3-us-east-1.ceros.com/bizzdesign/fonts/2022/03/07/7ac23f6e-31f5-4ee9-9b32-dcaabf77a0d7/outfit-semibold.woff
Requested by
Host: media-s3-us-east-1.ceros.com
URL: https://media-s3-us-east-1.ceros.com/bizzdesign/fonts/2022/03/07/3d95d17c-94ae-49a7-a8d4-44b9eb85a021/outfit-semibold.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.32.29 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d407fc4afea91fdf2c914a68319698810759ee1c30330d2bed616a7094d12397
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://media-s3-us-east-1.ceros.com/bizzdesign/fonts/2022/03/07/3d95d17c-94ae-49a7-a8d4-44b9eb85a021/outfit-semibold.css
Origin
https://view.ceros.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 12:14:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
age
245611
content-length
21744
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 07 Mar 2022 13:02:32 GMT
server
cloudflare
etag
"6bdde819830b67697fc7289160585444"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, HEAD
content-type
font/woff
access-control-max-age
3000
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-frame-options
DENY
accept-ranges
bytes
cf-ray
863bf1bbde5f71ff-MAD
Avenir%20Next%20LT%20W05%20Regular.woff2
view.ceros.com/ Frame 71BF 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://view.ceros.com/Avenir%20Next%20LT%20W05%20Regular.woff2
Requested by
Host: view.ceros.com
URL: https://view.ceros.com/avenir-next-lt.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.252 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e3fd3c3fedec9fded5a9493a3d261dc1e140e2bf77ba10b8f07242414a03bad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://view.ceros.com/avenir-next-lt.css
Origin
https://view.ceros.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 12:14:31 GMT
referrer-policy
strict-origin-when-cross-origin
cf-cache-status
HIT
last-modified
Sat, 24 Feb 2024 13:48:11 GMT
x-content-type-options
nosniff
server
cloudflare
age
50763
etag
"07382a6efc7520ca9dd45e6d0c2f862a"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
no-store
accept-ranges
bytes
cf-ray
863bf1b92ced6669-MAD
content-length
36040
x-xss-protection
0
visual-state-of-ea.png
media-s3-us-east-1.ceros.com/bizzdesign/images/2024/03/11/c1b835c65652c4907c6565942876e435/ Frame 71BF 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media-s3-us-east-1.ceros.com/bizzdesign/images/2024/03/11/c1b835c65652c4907c6565942876e435/visual-state-of-ea.png?imageOpt=1&fit=bounds&width=400
Requested by
Host: view.ceros.com
URL: https://view.ceros.com/bizzdesign/cta-login-screen-horizzon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.32.29 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2355876d6489cf632e97827d1ea3f3495bf186433c31a4a5e4943bbfdfc66b21
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://view.ceros.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 12:14:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
content-length
5482
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 11 Mar 2024 22:16:31 GMT
server
cloudflare
etag
"cflauEkIyM2Fs0VREoJlKelQh6kO9tb748wxME0USlDQ:f52329e2835a2a3ec30588990fb4f603"
vary
Accept, Accept-Encoding
x-frame-options
DENY
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
cf-ray
863bf1b96915668f-MAD
structure.png
media-s3-us-east-1.ceros.com/bizzdesign/images/2024/03/11/2559a0554a018d8baaec572b9830934a/ Frame 71BF 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media-s3-us-east-1.ceros.com/bizzdesign/images/2024/03/11/2559a0554a018d8baaec572b9830934a/structure.png?imageOpt=1&fit=bounds&width=400
Requested by
Host: view.ceros.com
URL: https://view.ceros.com/bizzdesign/cta-login-screen-horizzon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.32.29 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e378d0f2ddad29300ea5a80d65ab3d165f6570358dd9daf3f2a963ee38222e45
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://view.ceros.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 12:14:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
content-length
9117
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 11 Mar 2024 22:12:00 GMT
server
cloudflare
etag
"cf6cgdd2VVZI6KLFoH15KsR-mikO9tb748wxME0USlDQ:7494e24f66b0346e20a878df9b96f6f1"
vary
Accept, Accept-Encoding
x-frame-options
DENY
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
cf-ray
863bf1b99985668f-MAD
5d26e670-d4c4-4bf4-b8b4-aa192df61e89
https://view.ceros.com/ Frame 71BF 		463 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://view.ceros.com/5d26e670-d4c4-4bf4-b8b4-aa192df61e89
Requested by
Host: view.ceros.com
URL: https://view.ceros.com/bizzdesign/cta-login-screen-horizzon
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9b7b3d2365c3f26a9145d0ac62b49372b9f9e30c2f5740f181c1bb34f7bcca82

Request headers

accept-language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Length
474307
Content-Type
truncated
/ Frame 71BF 		124 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5c11a0405bfcca07e1a05baa52631f30ac97b8dba84e6fc2e92dfda853303291

Request headers

accept-language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type
image/png
structure.png
media-s3-us-east-1.ceros.com/bizzdesign/images/2024/03/11/2559a0554a018d8baaec572b9830934a/ Frame 71BF 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media-s3-us-east-1.ceros.com/bizzdesign/images/2024/03/11/2559a0554a018d8baaec572b9830934a/structure.png?imageOpt=1&fit=bounds&width=400
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.32.29 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e378d0f2ddad29300ea5a80d65ab3d165f6570358dd9daf3f2a963ee38222e45
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://view.ceros.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 12:14:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
content-length
9117
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 11 Mar 2024 22:12:00 GMT
server
cloudflare
etag
"cf6cgdd2VVZI6KLFoH15KsR-mikO9tb748wxME0USlDQ:7494e24f66b0346e20a878df9b96f6f1"
vary
Accept, Accept-Encoding
x-frame-options
DENY
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
cf-ray
863bf1bcfaad668f-MAD
visual-state-of-ea.png
media-s3-us-east-1.ceros.com/bizzdesign/images/2024/03/11/c1b835c65652c4907c6565942876e435/ Frame 71BF 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media-s3-us-east-1.ceros.com/bizzdesign/images/2024/03/11/c1b835c65652c4907c6565942876e435/visual-state-of-ea.png?imageOpt=1&fit=bounds&width=400
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.32.29 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2355876d6489cf632e97827d1ea3f3495bf186433c31a4a5e4943bbfdfc66b21
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://view.ceros.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 12:14:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
content-length
5482
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 11 Mar 2024 22:16:31 GMT
server
cloudflare
etag
"cflauEkIyM2Fs0VREoJlKelQh6kO9tb748wxME0USlDQ:f52329e2835a2a3ec30588990fb4f603"
vary
Accept, Accept-Encoding
x-frame-options
DENY
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
cf-ray
863bf1bd2b2a668f-MAD
a
api.ceros.com/ Frame 71BF 		0
0
a
api.ceros.com/ Frame 71BF 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
stats.bizzdesign.cloud
URL
https://stats.bizzdesign.cloud/plugins/HeatmapSessionRecording/configs.php?idsite=6&trackerid=NBb4dx&url=https%3A%2F%2Faena.horizzon.cloud%2F
Domain
api.ceros.com
URL
https://api.ceros.com/a?data=eyJjb21tb24iOnsiYWNjb3VudF9zbHVnIjoiYml6emRlc2lnbiIsImNsaWVudF92ZXJzaW9uIjoxMSwidXNlcl90b2tlbiI6IjE4ZTM3YmM0ZWY4M2UtMDU5ZTU2MGVmZDJkZjktNjczZDU1NTEtMWQ0YzAwLTE4ZTM3YmM0ZWY5MTY3ZiIsInZpc2l0X3NsdWciOiIxOGUzN2JjNGVmYjEwNDctMDFkM2ViY2ZlMTgzNS02NzNkNTU1MS0xZDRjMDAtMThlMzdiYzRlZmMxNjhkIiwidXNlcl9jb25zZW50Ijp0cnVlLCJleHBlcmllbmNlX2FsaWFzIjoiY3RhLWxvZ2luLXNjcmVlbi1ob3JpenpvbiIsImV4cGVyaWVuY2Vfc2x1ZyI6ImV4cGVyaWVuY2UtNjQxY2IzMWFmMjc1OCIsImV4cGVyaWVuY2VfdmVyc2lvbl9zbHVnIjoiZXhwZXJpZW5jZS12ZXJzaW9uLTY1ZjAxMmFiNGQxNWUiLCJwcm9qZWN0X3NsdWciOiJjdGEtaG9yaXp6b24tbG9naW4tcGFnZSIsImN1cnJlbnRfbGF5b3V0IjoiZGVza3RvcCJ9LCJleHRlbmRlZF9jb21tb24iOnsiYnJvd3NlciI6IkNocm9tZSIsInRyaWFsIjpmYWxzZSwiYnJvd3Nlcl92ZXJzaW9uIjoiMTIyIiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjIuMC42MjYxLjExMSBTYWZhcmkvNTM3LjM2IiwiZGV2aWNlX3R5cGUiOiJkZXNrdG9wIiwicGxheWVyX3R5cGUiOiJodG1sNSIsImluaXRpYWxfb3JpZW50YXRpb24iOiJsYW5kc2NhcGUiLCJjb29raWVzX2VuYWJsZWQiOmZhbHNlLCJlbWJlZGRlZCI6dHJ1ZSwiaHR0cHMiOnRydWUsImRldmljZV9waXhlbF9yYXRpbyI6MSwib3MiOiJXaW5kb3dzIiwib3NfdmVyc2lvbiI6IjEwLjAiLCJyZWZlcnJlciI6Imh0dHBzOi8vYWVuYS5ob3Jpenpvbi5jbG91ZC8iLCJyZWZlcnJpbmdfZG9tYWluIjoiYWVuYS5ob3Jpenpvbi5jbG91ZCIsInNjcmVlbl93aWR0aCI6MTYwMCwic2NyZWVuX2hlaWdodCI6MTIwMCwiaW5pdGlhbF9zY2FsZSI6MC43ODQzMTM3MjU0OTAxOTYxLCJzY2FsZSI6MC43ODQzMTM3MjU0OTAxOTYxLCJ0aW1lem9uZSI6MCwiaW5pdGlhbF9yZWZlcnJlciI6Imh0dHBzOi8vYWVuYS5ob3Jpenpvbi5jbG91ZC8iLCJpbml0aWFsX3JlZmVycmluZ19kb21haW4iOiJhZW5hLmhvcml6em9uLmNsb3VkIn0sImV2ZW50cyI6W3siZXZlbnRfc2x1ZyI6IjE4ZTM3YmM1MjBjNmI5LTBmZjZkMThlYTBiNjEtNjczZDU1NTEtMWQ0YzAwLTE4ZTM3YmM1MjBkZGEwIiwibG9hZF90aW1lIjoxLjgzOCwicGFnZV9zbHVnIjoicGFnZS02NWYwMTJhYjRkMTczIiwicGFnZV9udW0iOjEsImdyYWNlX3BlcmlvZF9leHBpcmVkIjpmYWxzZSwiZXZlbnRfbmFtZSI6InBsYXllci5leHBlcmllbmNlLm9wZW4iLCJjbGllbnRfdGltZXN0YW1wIjoxNzEwMzMyMDcyNDYyfSx7ImV2ZW50X3NsdWciOiIxOGUzN2JjNGVmZWEzMy0wN2Y5NzgyNzY5OGY4MS02NzNkNTU1MS0xZDRjMDAtMThlMzdiYzRlZmYxNGEyIiwicGVyZm9ybWFuY2VfbWFya2VyX25hbWUiOiJzdGFydC10cmFja2luZyIsInBlcmZvcm1hbmNlX21hcmtlcl90aW1lIjowLCJldmVudF9uYW1lIjoicGxheWVyLnBlcmZvcm1hbmNlLm1hcmtlciIsImNsaWVudF90aW1lc3RhbXAiOjE3MTAzMzIwNzE2ODB9LHsiZXZlbnRfc2x1ZyI6IjE4ZTM3YmM0ZjAwYTk3LTA5ZTM2ZTlmOTNmY2M3LTY3M2Q1NTUxLTFkNGMwMC0xOGUzN2JjNGYwMTE1ZjQiLCJwZXJmb3JtYW5jZV9tYXJrZXJfbmFtZSI6InJ1bi1zdGFydCIsInBlcmZvcm1hbmNlX21hcmtlcl90aW1lIjoxMDU4LCJldmVudF9uYW1lIjoicGxheWVyLnBlcmZvcm1hbmNlLm1hcmtlciIsImNsaWVudF90aW1lc3RhbXAiOjE3MTAzMzIwNzE2ODJ9LHsiZXZlbnRfc2x1ZyI6IjE4ZTM3YmM0ZjAyNDI0LTBjZDE4YzI1OTczYjI0LTY3M2Q1NTUxLTFkNGMwMC0xOGUzN2JjNGYwMzE2NWUiLCJwZXJmb3JtYW5jZV9tYXJrZXJfbmFtZSI6ImRvbS1yZWFkeSIsInBlcmZvcm1hbmNlX21hcmtlcl90aW1lIjoxMDYwLCJldmVudF9uYW1lIjoicGxheWVyLnBlcmZvcm1hbmNlLm1hcmtlciIsImNsaWVudF90aW1lc3RhbXAiOjE3MTAzMzIwNzE2ODR9LHsiZXZlbnRfc2x1ZyI6IjE4ZTM3YmM0ZjBhZGZhLTA3ODUxZTQ1NmZmY2NhLTY3M2Q1NTUxLTFkNGMwMC0xOGUzN2JjNGYwYmVmYiIsInBlcmZvcm1hbmNlX21hcmtlcl9uYW1lIjoic3Bpbm5lci1zaG93biIsInBlcmZvcm1hbmNlX21hcmtlcl90aW1lIjoxMDY4LCJldmVudF9uYW1lIjoicGxheWVyLnBlcmZvcm1hbmNlLm1hcmtlciIsImNsaWVudF90aW1lc3RhbXAiOjE3MTAzMzIwNzE2OTJ9LHsiZXZlbnRfc2x1ZyI6IjE4ZTM3YmM0ZjIxM2MtMGI3ZWUxMjA1NGVkZDYtNjczZDU1NTEtMWQ0YzAwLTE4ZTM3YmM0ZjIyMTRlOCIsInBlcmZvcm1hbmNlX21hcmtlcl9uYW1lIjoiZG9jLXZlcnNpb24tbG9hZGVkIiwicGVyZm9ybWFuY2VfbWFya2VyX3RpbWUiOjEwOTEsImV2ZW50X25hbWUiOiJwbGF5ZXIucGVyZm9ybWFuY2UubWFya2VyIiwiY2xpZW50X3RpbWVzdGFtcCI6MTcxMDMzMjA3MTcxNX1dfQ%3D%3D&_=1710332070617
Domain
api.ceros.com
URL
https://api.ceros.com/a?data=eyJjb21tb24iOnsiYWNjb3VudF9zbHVnIjoiYml6emRlc2lnbiIsImNsaWVudF92ZXJzaW9uIjoxMSwidXNlcl90b2tlbiI6IjE4ZTM3YmM0ZWY4M2UtMDU5ZTU2MGVmZDJkZjktNjczZDU1NTEtMWQ0YzAwLTE4ZTM3YmM0ZWY5MTY3ZiIsInZpc2l0X3NsdWciOiIxOGUzN2JjNGVmYjEwNDctMDFkM2ViY2ZlMTgzNS02NzNkNTU1MS0xZDRjMDAtMThlMzdiYzRlZmMxNjhkIiwidXNlcl9jb25zZW50Ijp0cnVlLCJleHBlcmllbmNlX2FsaWFzIjoiY3RhLWxvZ2luLXNjcmVlbi1ob3JpenpvbiIsImV4cGVyaWVuY2Vfc2x1ZyI6ImV4cGVyaWVuY2UtNjQxY2IzMWFmMjc1OCIsImV4cGVyaWVuY2VfdmVyc2lvbl9zbHVnIjoiZXhwZXJpZW5jZS12ZXJzaW9uLTY1ZjAxMmFiNGQxNWUiLCJwcm9qZWN0X3NsdWciOiJjdGEtaG9yaXp6b24tbG9naW4tcGFnZSIsImN1cnJlbnRfbGF5b3V0IjoiZGVza3RvcCJ9LCJleHRlbmRlZF9jb21tb24iOnsiYnJvd3NlciI6IkNocm9tZSIsInRyaWFsIjpmYWxzZSwiYnJvd3Nlcl92ZXJzaW9uIjoiMTIyIiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjIuMC42MjYxLjExMSBTYWZhcmkvNTM3LjM2IiwiZGV2aWNlX3R5cGUiOiJkZXNrdG9wIiwicGxheWVyX3R5cGUiOiJodG1sNSIsImluaXRpYWxfb3JpZW50YXRpb24iOiJsYW5kc2NhcGUiLCJjb29raWVzX2VuYWJsZWQiOmZhbHNlLCJlbWJlZGRlZCI6dHJ1ZSwiaHR0cHMiOnRydWUsImRldmljZV9waXhlbF9yYXRpbyI6MSwib3MiOiJXaW5kb3dzIiwib3NfdmVyc2lvbiI6IjEwLjAiLCJyZWZlcnJlciI6Imh0dHBzOi8vYWVuYS5ob3Jpenpvbi5jbG91ZC8iLCJyZWZlcnJpbmdfZG9tYWluIjoiYWVuYS5ob3Jpenpvbi5jbG91ZCIsInNjcmVlbl93aWR0aCI6MTYwMCwic2NyZWVuX2hlaWdodCI6MTIwMCwiaW5pdGlhbF9zY2FsZSI6MC43ODQzMTM3MjU0OTAxOTYxLCJzY2FsZSI6MC43ODQzMTM3MjU0OTAxOTYxLCJ0aW1lem9uZSI6MCwiaW5pdGlhbF9yZWZlcnJlciI6Imh0dHBzOi8vYWVuYS5ob3Jpenpvbi5jbG91ZC8iLCJpbml0aWFsX3JlZmVycmluZ19kb21haW4iOiJhZW5hLmhvcml6em9uLmNsb3VkIn0sImV2ZW50cyI6W3siZXZlbnRfc2x1ZyI6IjE4ZTM3YmM1MjEyNmFiLTBiM2JjZjBhODBhZGUyLTY3M2Q1NTUxLTFkNGMwMC0xOGUzN2JjNTIxMzEwOGMiLCJwYWdlX3NsdWciOiJwYWdlLTY1ZjAxMmFiNGQxNzMiLCJwYWdlX251bSI6MSwiZXZlbnRfbmFtZSI6InBsYXllci5wYWdlLnZpZXciLCJjbGllbnRfdGltZXN0YW1wIjoxNzEwMzMyMDcyNDY4fSx7ImV2ZW50X3NsdWciOiIxOGUzN2JjNGYyYmU0Yy0wN2UyY2YzNjMyNmM1OC02NzNkNTU1MS0xZDRjMDAtMThlMzdiYzRmMmMxNDcwIiwicGVyZm9ybWFuY2VfbWFya2VyX25hbWUiOiJoaWdoLXByaW9yaXR5LWltYWdlcy1zdGFydC1sb2FkaW5nIiwicGVyZm9ybWFuY2VfbWFya2VyX3RpbWUiOjExMDEsImV2ZW50X25hbWUiOiJwbGF5ZXIucGVyZm9ybWFuY2UubWFya2VyIiwiY2xpZW50X3RpbWVzdGFtcCI6MTcxMDMzMjA3MTcyNX0seyJldmVudF9zbHVnIjoiMThlMzdiYzRmMmQ3MjMtMDFlZmIzMWFlNzM2ODYtNjczZDU1NTEtMWQ0YzAwLTE4ZTM3YmM0ZjJlMTA4MiIsInBlcmZvcm1hbmNlX21hcmtlcl9uYW1lIjoicHJpb3JpdHktcXVldWUtZW1wdGllZCIsInBlcmZvcm1hbmNlX21hcmtlcl90aW1lIjoxMTAzLCJldmVudF9uYW1lIjoicGxheWVyLnBlcmZvcm1hbmNlLm1hcmtlciIsImNsaWVudF90aW1lc3RhbXAiOjE3MTAzMzIwNzE3Mjd9LHsiZXZlbnRfc2x1ZyI6IjE4ZTM3YmM0ZjMyZjZiLTA3MTUzN2UzYWQ5Mjc2LTY3M2Q1NTUxLTFkNGMwMC0xOGUzN2JjNGYzMzEzNiIsInBlcmZvcm1hbmNlX21hcmtlcl9uYW1lIjoibG93LXByaW9yaXR5LWltYWdlcy1zdGFydC1sb2FkaW5nIiwicGVyZm9ybWFuY2VfbWFya2VyX3RpbWUiOjExMDgsImV2ZW50X25hbWUiOiJwbGF5ZXIucGVyZm9ybWFuY2UubWFya2VyIiwiY2xpZW50X3RpbWVzdGFtcCI6MTcxMDMzMjA3MTczMn0seyJldmVudF9zbHVnIjoiMThlMzdiYzRmNDk2MjgtMGIzZDBjMzYwOGVhZDUtNjczZDU1NTEtMWQ0YzAwLTE4ZTM3YmM0ZjRhZDIxIiwicGVyZm9ybWFuY2VfbWFya2VyX25hbWUiOiJiZWdpbi1wcmVyZW5kZXJpbmctcGFnZXMiLCJwZXJmb3JtYW5jZV9tYXJrZXJfdGltZSI6MTEzMSwiZXZlbnRfbmFtZSI6InBsYXllci5wZXJmb3JtYW5jZS5tYXJrZXIiLCJjbGllbnRfdGltZXN0YW1wIjoxNzEwMzMyMDcxNzU1fSx7ImV2ZW50X3NsdWciOiIxOGUzN2JjNGY2YTk5Yi0wOGI4YmNjOTIxMDIxNC02NzNkNTU1MS0xZDRjMDAtMThlMzdiYzRmNmIxNWM0IiwicGVyZm9ybWFuY2VfbWFya2VyX25hbWUiOiJhbGwtcGFnZXMtcHJlcmVuZGVyZWQiLCJwZXJmb3JtYW5jZV9tYXJrZXJfdGltZSI6MTE2NCwiZXZlbnRfbmFtZSI6InBsYXllci5wZXJmb3JtYW5jZS5tYXJrZXIiLCJjbGllbnRfdGltZXN0YW1wIjoxNzEwMzMyMDcxNzg4fV19&_=1710332070618

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI string| inputEventPatched object| parsley boolean| CEROS_SCROLL_PROXY_LOADED function| sendViewportPositionEvent

4 Cookies

Domain/Path Name / Value
aena.horizzon.cloud/ Name: BIZZ_SERVER_TOKEN
Value: eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImJpenpPYXV0aFN0YXRlIjoiZGE4MjA3OTdhYWZlZTE1NTY3NTdlYWVhNTI1MTU5Nzc5Mk1GVmhLbm0iLCJiaXp6T2F1dGhDbGllbnRJZCI6Imhvcml6em9uIiwiYml6elVzZXJBZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjIuMC42MjYxLjExMSBTYWZhcmkvNTM3LjM2IiwiYml6elJlbW90ZUFkZHJlc3MiOiI4OC42LjI0OS4xMjAiLCJiaXp6T2F1dGhSZWRpcmVjdFVyaSI6Imh0dHBzOi8vYWVuYS5ob3Jpenpvbi5jbG91ZC9jYWxsYmFjayIsInBhYzRqU2Vzc2lvbklkIjoiMWJjNjk2YjEtZGYwOS00MDhmLWE2ZTEtYmI4OWQzMjM3ZDA2IiwiYml6ek9hdXRoUmVzcG9uc2VUeXBlIjoiaWRfdG9rZW4gdG9rZW4iLCJiaXp6T2F1dGhOb25jZSI6Ijk5OGJhZGE4MGNkZTYxMmYwYzBlZWYxYzE1MmUzZjE4ZTlJcHZLWmR2In0sIm5iZiI6MTcxMDMzMjA2OCwiaWF0IjoxNzEwMzMyMDY4fQ.XzZpwnYW-8iiTrP9DA9piuTdWkyJDyw04_98-4cWY1Y
.aena.horizzon.cloud/ Name: pac4jCsrfToken
Value: 8b50d1d1bcba417ebb61b7ac67da4756
stats.bizzdesign.cloud/ Name: AWSALBCORS
Value: u7Ag8QUd+86rmW//XEofrAg4vEiZurLjRJqglUK+nJ3EbzBI9idYBNEYhejuhBLksyZryfBRnb88QV5mT1Lvrk7c69FVGW+C9lXHCwFb6nRyHSSD8KyyaKfgevk7
aena.horizzon.cloud/ Name: _pk_id.6.ebdd
Value: 9fcd25a0743727f0.1710332069.

7 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'battery'.
other warning URL: https://aena.horizzon.cloud/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'battery'.
other warning URL: https://aena.horizzon.cloud/auth/loginForm
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security warning URL: https://assets-s3-us-east-1.ceros.com/8.13.23/view.ceros.com/default/assets/player/applications/html5-player/bootstrap-optimized.js(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://view.ceros.com') does not match the recipient window's origin ('https://aena.horizzon.cloud').

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src aena.horizzon.cloud *.sentry.io https://status.bizzdesign.io/api/v2/summary.json automation-engine-reports.s3.eu-central-1.amazonaws.com amazonappstream: https://player.vimeo.com/ https://stats.bizzdesign.cloud https://e.userflow.com https://js.userflow.com wss://e.userflow.com blob:; script-src aena.horizzon.cloud 'sha256-oZhLbc2kO8b8oaYLrUc7uye1MgVKMyLtPqWR4WtKF+c=' https://js.userflow.com https://stats.bizzdesign.cloud; object-src 'none'; worker-src 'none'; style-src aena.horizzon.cloud 'unsafe-inline' https://js.userflow.com https://storage.googleapis.com/studio1-prod-blob/ fonts.googleapis.com; img-src aena.horizzon.cloud https://js.userflow.com https://storage.googleapis.com/studio1-prod-blob/ data: ; font-src aena.horizzon.cloud data: fonts.gstatic.com; frame-src aena.horizzon.cloud https://player.vimeo.com https://view.ceros.com/bizzdesign/cta-login-screen-horizzon; media-src https://storage.googleapis.com/studio1-prod-blob/;
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aena.horizzon.cloud
ajax.googleapis.com
api.ceros.com
assets-s3-us-east-1.ceros.com
cdn.intake-lr.com
media-s3-us-east-1.ceros.com
stats.bizzdesign.cloud
view.ceros.com
www.googletagmanager.com
api.ceros.com
stats.bizzdesign.cloud
104.18.32.29
104.18.33.190
104.18.40.252
13.33.187.102
142.250.185.202
142.250.186.136
172.67.157.170
3.161.82.88
011e3d1fb90cb32edae1bcdf827fa3a92178cef150ff888907b061ae618dde5a
0b82466a6fe31e0baf68cee789f451980ffd808f9425e045e8f205abc574e683
16323673554b74fbd629cdedaf2ffe9bbd2b469191f8aeb60453943b52fdc864
17349a8d7376131197f25ffad7309029a18b179c81dbb88a74f48b2e2ddfaf24
1d316943903a6d68cc383b83022fd9c4e0cc9a662bc62b5c1293b59dadcc5b5e
2355876d6489cf632e97827d1ea3f3495bf186433c31a4a5e4943bbfdfc66b21
23a14d302863302fd8372e57962d8f2a28b1e038bf1437d7a5de06301f71167a
2c32949b380a8e2de4d20de669d0573ba34d27f172a459886d434512fa2781cd
2dea4035f77031a35f930dd5ffd12db5f5cab458f69272c07d8968e1d289a247
34fe6cf348c572ccd2eda9a181066e06d49fbca1f20f158fa5edeca17dda01f5
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
37c35b291e404695a07564658d4293b267c41cb2a085057d323eb52a65d236ff
3b0a585ef0d7a06ed38fd133e0fdcf28cd5c2f9f2ac40114580f1dce13498123
40141122aa020db5e3a89e625edfe38f13f431b127e977ef8043c2e2098e7606
4767920ed86117e009fa75176243cc4a37c379491b89c5ee3f3b188ef06a2b36
4ce3b9fade47dc317ae53a686e40639b02e1e60b3211c5157845bb91c3390c8a
5c11a0405bfcca07e1a05baa52631f30ac97b8dba84e6fc2e92dfda853303291
5c8a9227db7adcc0d786ca1b98b75077f36b3c471d6e136b4431dacee5178a9f
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f
65de0a9836c00588563a70fea65cc79aa3d71feeb823bb39317ac56cbe3d622b
69786bd6683da42f04358af32f4a6bc7621a2756932461978e3510b75f932518
6e3fd3c3fedec9fded5a9493a3d261dc1e140e2bf77ba10b8f07242414a03bad
734e8a363399e29334b035158463bbce8a7de483cb4e2f4f26a4dcd247076816
75d817171eeebca260a59c8ed3138a4853da8cc42460c27ceed3dada7468e6f0
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
7c0373fe5d8766541f06b0c0422df58e1b9830f5b650b7af32fd057154b977c5
7cc5e4f0035eb6bccf9cb2ef9e9c1c289de34b84ba1bf6242af50626fea0a2ef
7eb46a9f2e17eec53fc683b3c84a9d3c23768efa320de6199e62d0528f97d81d
8ef8431ab651622118890beb2373f5917937a1be3545e0703e1f89295bb6c346
9b7b3d2365c3f26a9145d0ac62b49372b9f9e30c2f5740f181c1bb34f7bcca82
9f9c3f9271c8a42b4ccd0b4b749312813770e829df503c0f45b720248dd6841e
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
b6ff5602f45c62806c4c8b826b74f3668e4a42f465ce8c0f11e227a58d8c771a
ba5fe1d7ddb5d12b3b7f02fede76894c035b6ce11a50682d85ebd6ec8e117f48
d3f2a7c124a4a987cbf255a3579b9866789cc3e561d3ab7cb2d09bee40b137e0
d407fc4afea91fdf2c914a68319698810759ee1c30330d2bed616a7094d12397
e378d0f2ddad29300ea5a80d65ab3d165f6570358dd9daf3f2a963ee38222e45
e3db882b1f66a590c3efecfda38dee26ca485649a2a78462e035f4f6d9e9fb43
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f619dac7a65a742377859042634f38d1ac996ee20c2897bc5e73befb52957743
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f886516f3d41e9e7bd994c7f7a39a89cafae9483f90396cb0ddeafe8d1ea5e72
fe556f135a5f80437fbfc21f3c94e411af5297ddd3bd6b5280077c5e192708d3