app.threatconnect.com Open in urlscan Pro
54.242.52.27 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://app.threatconnect.com/auth/incident/incident.xhtml?incident=4548148089#/
Effective URL:
https://app.threatconnect.com/auth/incident/incident.xhtml?incident=4548148089
Submission: On May 07 via api (May 7th 2024, 1:31:07 pm UTC) from DE — Scanned from DE

Summary HTTP 38 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 38 HTTP transactions. The main IP is 54.242.52.27, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is app.threatconnect.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on December 24th 2023. Valid for: a year.

This is the only time app.threatconnect.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	54.242.52.27 54.242.52.27	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c04::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
38	8

26 54.242.52.27 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-242-52-27.compute-1.amazonaws.com

app.threatconnect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	threatconnect.com app.threatconnect.com	435 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	22 KB
2	google.de www.google.de — Cisco Umbrella Rank: 7810	126 B
2	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 3095	320 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 89	408 B
2	gstatic.com fonts.gstatic.com	297 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	93 KB
38	7

	Domain	Requested by
26	app.threatconnect.com	app.threatconnect.com
3	www.google-analytics.com	app.threatconnect.com www.google-analytics.com
2	www.google.de
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	fonts.gstatic.com	app.threatconnect.com
1	region1.analytics.google.com	www.googletagmanager.com
1	www.google.com
1	www.googletagmanager.com	www.google-analytics.com
38	8

This site contains links to these domains. Also see Links.

Domain
www.threatconnect.com

Subject Issuer	Validity	Valid
*.threatconnect.com Amazon RSA 2048 M02	`2023-12-24` - `2025-01-22`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://app.threatconnect.com/auth/incident/incident.xhtml?incident=4548148089
Frame ID: 633AFA36B2721C132A7388FEAFA530CB
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ThreatConnect Log in to your account | Threat Intelligence | ThreatConnect

Detected technologies

D3 (JavaScript Graphics) Expand

Overall confidence: 100%
Detected patterns

/d3(?:\. v\d+)?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

38
Requests

100 %
HTTPS

88 %
IPv6

7
Domains

8
Subdomains

8
IPs

3
Countries

847 kB
Transfer

2687 kB
Size

7
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.threatconnect.com/contact
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.threatconnect.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.threatconnect.com/terms-of-service
Title: Terms of Service

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request incident.xhtml Show response
app.threatconnect.com/auth/incident/ 20 KB
6 KB 438ms
143ms Document
text/html 54.242.52.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.threatconnect.com/auth/incident/incident.xhtml?incident=4548148089

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.242.52.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-242-52-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e5333d9cc47ad1c46289960fe5e8c4535cbb1b5b66c5c4132e2a6bd3e05a1b7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-Store,no-Cache
content-encoding: gzip
content-length: 5253
content-type: text/html;charset=UTF-8
date: Tue, 07 May 2024 13:31:01 GMT
expires: 0
pragma: no-Cache
server: nginx
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 core-layout.css.xhtml
app.threatconnect.com/javax.faces.resource/css/ 16 KB
4 KB 156ms
152ms Stylesheet
text/css 54.242.52.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.threatconnect.com/javax.faces.resource/css/core-layout.css.xhtml?ln=rio-layout

Requested by

Host: app.threatconnect.com
URL: https://app.threatconnect.com/auth/incident/incident.xhtml?incident=4548148089

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.242.52.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-242-52-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

faed8ad0401db21396a39b2ff4649beee2fef790072f060060320d28ce560809

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.threatconnect.com/auth/incident/incident.xhtml?incident=4548148089
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma
date: Tue, 07 May 2024 13:31:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000;
last-modified: Mon, 26 Feb 2024 12:52:50 GMT
server: nginx
etag: W/"16318-1708951970000"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800
content-length: 3144
x-xss-protection: 1; mode=block
expires: Tue, 07 May 2024 14:31:01 GMT

GET
H2 200 rio-font.css.xhtml
app.threatconnect.com/javax.faces.resource/css/ 29 KB
5 KB 183ms
179ms Stylesheet
text/css 54.242.52.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.threatconnect.com/javax.faces.resource/css/rio-font.css.xhtml?ln=rio-layout

Requested by

Host: app.threatconnect.com
URL: https://app.threatconnect.com/auth/incident/incident.xhtml?incident=4548148089

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.242.52.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-242-52-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bbcac95895ff8a6bd9476429288b39c3b3e6ba9bf01f68d3025d8b7eb626c75f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.threatconnect.com/auth/incident/incident.xhtml?incident=4548148089
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma
date: Tue, 07 May 2024 13:31:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000;
last-modified: Mon, 26 Feb 2024 12:52:50 GMT
server: nginx
etag: W/"29663-1708951970000"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800
content-length: 4949
x-xss-protection: 1; mode=block
expires: Tue, 07 May 2024 14:31:01 GMT

GET
H2 200 font-awesome.css.xhtml
app.threatconnect.com/javax.faces.resource/css/ 29 KB
6 KB 274ms
270ms Stylesheet
text/css 54.242.52.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.threatconnect.com/javax.faces.resource/css/font-awesome.css.xhtml?ln=rio-layout

Requested by

Host: app.threatconnect.com
URL: https://app.threatconnect.com/auth/incident/incident.xhtml?incident=4548148089

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.242.52.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-242-52-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

473d8103c1970d6511be221fee15ed3c2daf3b391a7ae298e5759ffeb3578c66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.threatconnect.com/auth/incident/incident.xhtml?incident=4548148089
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma
date: Tue, 07 May 2024 13:31:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000;
last-modified: Mon, 26 Feb 2024 12:52:50 GMT
server: nginx
etag: W/"29146-1708951970000"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800
content-length: 5904
x-xss-protection: 1; mode=block
expires: Tue, 07 May 2024 14:31:01 GMT

GET
H2 200 rio-layout.css.xhtml
app.threatconnect.com/javax.faces.resource/css/ 26 KB
4 KB 276ms
273ms Stylesheet
text/css 54.242.52.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.threatconnect.com/javax.faces.resource/css/rio-layout.css.xhtml?ln=rio-layout

Requested by

Host: app.threatconnect.com
URL: https://app.threatconnect.com/auth/incident/incident.xhtml?incident=4548148089

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.242.52.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-242-52-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

aa84049bb1d4cf2c707d1fc6b4358dcda4b9362b66374226957936b638f105ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.threatconnect.com/auth/incident/incident.xhtml?incident=4548148089
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma
date: Tue, 07 May 2024 13:31:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000;
last-modified: Mon, 26 Feb 2024 17:52:56 GMT
server: nginx
etag: W/"26301-1708969976000"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800
content-length: 3717
x-xss-protection: 1; mode=block
expires: Tue, 07 May 2024 14:31:01 GMT

GET
H2 200 theme.css.xhtml
app.threatconnect.com/javax.faces.resource/theme/ 161 KB
19 KB 322ms
318ms Stylesheet
text/css 54.242.52.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.threatconnect.com/javax.faces.resource/theme/theme.css.xhtml?ln=css

Requested by

Host: app.threatconnect.com
URL: https://app.threatconnect.com/auth/incident/incident.xhtml?incident=4548148089

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.242.52.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-242-52-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

32da12b3a157c5cf74d0dcd1b3a3f6e0074219ae6a698a3d26ce0ea9d42558d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.threatconnect.com/auth/incident/incident.xhtml?incident=4548148089
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma
date: Tue, 07 May 2024 13:31:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000;
last-modified: Mon, 26 Feb 2024 14:28:16 GMT
server: nginx
etag: W/"161482-1708957696000"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800
x-xss-protection: 1; mode=block
expires: Tue, 07 May 2024 14:31:01 GMT

GET
H2 200 layout-variables.css.xhtml
app.threatconnect.com/javax.faces.resource/ 3 KB
1 KB 275ms
272ms Stylesheet
text/css 54.242.52.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.threatconnect.com/javax.faces.resource/layout-variables.css.xhtml?ln=css

Requested by

Host: app.threatconnect.com
URL: https://app.threatconnect.com/auth/incident/incident.xhtml?incident=4548148089

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.242.52.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-242-52-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

8a7d78d1fc94242e132ce6406e13441d6af054ac898fa1667b5a1545425c5627

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.threatconnect.com/auth/incident/incident.xhtml?incident=4548148089
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma
date: Tue, 07 May 2024 13:31:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000;
last-modified: Mon, 26 Feb 2024 12:52:50 GMT
server: nginx
etag: W/"2572-1708951970000"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800
content-length: 639
x-xss-protection: 1; mode=block
expires: Tue, 07 May 2024 14:31:01 GMT

GET
H2 200 theme-variables.css.xhtml
app.threatconnect.com/javax.faces.resource/ 5 KB
2 KB 300ms
297ms Stylesheet
text/css 54.242.52.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.threatconnect.com/javax.faces.resource/theme-variables.css.xhtml?ln=css

Requested by

Host: app.threatconnect.com
URL: https://app.threatconnect.com/auth/incident/incident.xhtml?incident=4548148089

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.242.52.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-242-52-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

1e60543fb6fc48979f7cdabf12ff6c74f82885270df45a045abe73c605504596

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.threatconnect.com/auth/incident/incident.xhtml?incident=4548148089
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma
date: Tue, 07 May 2024 13:31:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000;
last-modified: Mon, 26 Feb 2024 12:52:50 GMT
server: nginx
etag: W/"4915-1708951970000"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800
content-length: 1357
x-xss-protection: 1; mode=block
expires: Tue, 07 May 2024 14:31:01 GMT

GET
H2 200 tc-theme.css.xhtml
app.threatconnect.com/javax.faces.resource/theme/ 259 KB
37 KB 537ms
534ms Stylesheet
text/css 54.242.52.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.threatconnect.com/javax.faces.resource/theme/tc-theme.css.xhtml?ln=css

Requested by

Host: app.threatconnect.com
URL: https://app.threatconnect.com/auth/incident/incident.xhtml?incident=4548148089

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.242.52.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-242-52-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

ba80e11d38d69e419780ba2d49a60ae270dbebae4cae1c04734657464d46b8ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.threatconnect.com/auth/incident/incident.xhtml?incident=4548148089
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma
date: Tue, 07 May 2024 13:31:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000;
last-modified: Mon, 26 Feb 2024 18:49:00 GMT
server: nginx
etag: W/"263530-1708973340000"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800
x-xss-protection: 1; mode=block
expires: Tue, 07 May 2024 14:31:01 GMT

GET
H2 200 tooltipster.css.xhtml
app.threatconnect.com/javax.faces.resource/blueprints/ 9 KB
2 KB 274ms
271ms Stylesheet
text/css 54.242.52.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.threatconnect.com/javax.faces.resource/blueprints/tooltipster.css.xhtml?ln=css

Requested by

Host: app.threatconnect.com
URL: https://app.threatconnect.com/auth/incident/incident.xhtml?incident=4548148089

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.242.52.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-242-52-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

dcdfc284946fc1d88b4df8ee6f1dcc5d9743c8f2e658b7ace0151e56f98b3c87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.threatconnect.com/auth/incident/incident.xhtml?incident=4548148089
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma
date: Tue, 07 May 2024 13:31:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000;
last-modified: Mon, 26 Feb 2024 12:52:50 GMT
server: nginx
etag: W/"8982-1708951970000"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800
content-length: 1659
x-xss-protection: 1; mode=block
expires: Tue, 07 May 2024 14:31:01 GMT

GET
H2 200 components.css.xhtml
app.threatconnect.com/javax.faces.resource/ 89 KB
15 KB 536ms
533ms Stylesheet
text/css 54.242.52.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.threatconnect.com/javax.faces.resource/components.css.xhtml?ln=primefaces&v=6.2.12

Requested by

Host: app.threatconnect.com
URL: https://app.threatconnect.com/auth/incident/incident.xhtml?incident=4548148089

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.242.52.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-242-52-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

b3bfafd398763071e9f405926ca4ce29e0a4eacd89404631d1249ac9c9664398

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.threatconnect.com/auth/incident/incident.xhtml?incident=4548148089
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma
date: Tue, 07 May 2024 13:31:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000;
last-modified: Wed, 10 Apr 2024 06:55:00 GMT
server: nginx
etag: W/"90586-1712732100087"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800
content-length: 15010
x-xss-protection: 1; mode=block
expires: Tue, 07 May 2024 14:31:01 GMT

GET
H2 200 jquery.js.xhtml Show response
app.threatconnect.com/javax.faces.resource/jquery/ 87 KB
31 KB 419ms
416ms Script
application/javascript 54.242.52.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.threatconnect.com/javax.faces.resource/jquery/jquery.js.xhtml?ln=primefaces&v=6.2.12

Requested by

Host: app.threatconnect.com
URL: https://app.threatconnect.com/auth/incident/incident.xhtml?incident=4548148089

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.242.52.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-242-52-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.threatconnect.com/auth/incident/incident.xhtml?incident=4548148089
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma
date: Tue, 07 May 2024 13:31:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000;
last-modified: Mon, 26 Feb 2024 12:52:50 GMT
server: nginx
etag: W/"89475-1708951970000"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800
x-xss-protection: 1; mode=block
expires: Tue, 07 May 2024 14:31:01 GMT

GET
H2 200 core.js.xhtml Show response
app.threatconnect.com/javax.faces.resource/ 30 KB
10 KB 439ms
437ms Script
application/javascript 54.242.52.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.threatconnect.com/javax.faces.resource/core.js.xhtml?ln=primefaces&v=6.2.12

Requested by

Host: app.threatconnect.com
URL: https://app.threatconnect.com/auth/incident/incident.xhtml?incident=4548148089

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.242.52.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-242-52-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c4f3a75cfb855e851d7cc3c6e4ae483ec7c434839f9f6c6d3b875bf835dda4d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.threatconnect.com/auth/incident/incident.xhtml?incident=4548148089
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma
date: Tue, 07 May 2024 13:31:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000;
last-modified: Wed, 10 Apr 2024 06:55:00 GMT
server: nginx
etag: W/"30706-1712732100087"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800
content-length: 9753
x-xss-protection: 1; mode=block
expires: Tue, 07 May 2024 14:31:01 GMT

GET
H2 200 components.js.xhtml Show response
app.threatconnect.com/javax.faces.resource/ 412 KB
86 KB 440ms
438ms Script
application/javascript 54.242.52.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.threatconnect.com/javax.faces.resource/components.js.xhtml?ln=primefaces&v=6.2.12

Requested by

Host: app.threatconnect.com
URL: https://app.threatconnect.com/auth/incident/incident.xhtml?incident=4548148089

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.242.52.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-242-52-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

929046a49eea29240e96c1c25945d0c81e3a23c737b563bc993892fd24b89204

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.threatconnect.com/auth/incident/incident.xhtml?incident=4548148089
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma
date: Tue, 07 May 2024 13:31:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000;
last-modified: Wed, 10 Apr 2024 06:55:00 GMT
server: nginx
etag: W/"421721-1712732100087"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800
x-xss-protection: 1; mode=block
expires: Tue, 07 May 2024 14:31:01 GMT

GET
H2 200 jquery-plugins.js.xhtml Show response
app.threatconnect.com/javax.faces.resource/jquery/ 258 KB
71 KB 438ms
436ms Script
application/javascript 54.242.52.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.threatconnect.com/javax.faces.resource/jquery/jquery-plugins.js.xhtml?ln=primefaces&v=6.2.12

Requested by

Host: app.threatconnect.com
URL: https://app.threatconnect.com/auth/incident/incident.xhtml?incident=4548148089

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.242.52.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-242-52-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

367f650af17eac2dbf60a895e0164c08f7fbb2d92870d3b0192509cf7a7d219a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.threatconnect.com/auth/incident/incident.xhtml?incident=4548148089
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma
date: Tue, 07 May 2024 13:31:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000;
last-modified: Wed, 10 Apr 2024 06:55:00 GMT
server: nginx
etag: W/"264093-1712732100087"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800
x-xss-protection: 1; mode=block
expires: Tue, 07 May 2024 14:31:01 GMT

GET
H2 200 scrollpanel.css.xhtml
app.threatconnect.com/javax.faces.resource/scrollpanel/ 1 KB
1014 B 418ms
416ms Stylesheet
text/css 54.242.52.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.threatconnect.com/javax.faces.resource/scrollpanel/scrollpanel.css.xhtml?ln=primefaces&v=6.2.12

Requested by

Host: app.threatconnect.com
URL: https://app.threatconnect.com/auth/incident/incident.xhtml?incident=4548148089

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.242.52.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-242-52-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

7c2e34bc4ed3ac8b250cc4454b26daabf8a139a80c3a2986988cbc454fc861a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.threatconnect.com/auth/incident/incident.xhtml?incident=4548148089
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma
date: Tue, 07 May 2024 13:31:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000;
last-modified: Wed, 10 Apr 2024 06:55:00 GMT
server: nginx
etag: W/"1092-1712732100087"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800
content-length: 372
x-xss-protection: 1; mode=block
expires: Tue, 07 May 2024 14:31:01 GMT

GET
H2 200 scrollpanel.js.xhtml Show response
app.threatconnect.com/javax.faces.resource/scrollpanel/ 16 KB
6 KB 438ms
436ms Script
application/javascript 54.242.52.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.threatconnect.com/javax.faces.resource/scrollpanel/scrollpanel.js.xhtml?ln=primefaces&v=6.2.12

Requested by

Host: app.threatconnect.com
URL: https://app.threatconnect.com/auth/incident/incident.xhtml?incident=4548148089

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.242.52.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-242-52-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f1ca242c6c2209c3e007cf27299a2b23063e67433df1bfe6d7e5f296261f346d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.threatconnect.com/auth/incident/incident.xhtml?incident=4548148089
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma
date: Tue, 07 May 2024 13:31:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000;
last-modified: Wed, 10 Apr 2024 06:55:00 GMT
server: nginx
etag: W/"16023-1712732100087"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800
content-length: 5210
x-xss-protection: 1; mode=block
expires: Tue, 07 May 2024 14:31:01 GMT

GET
H2 200 jquery.tooltipster.min.js.xhtml Show response
app.threatconnect.com/javax.faces.resource/ 17 KB
5 KB 439ms
437ms Script
application/javascript 54.242.52.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.threatconnect.com/javax.faces.resource/jquery.tooltipster.min.js.xhtml?ln=scripts

Requested by

Host: app.threatconnect.com
URL: https://app.threatconnect.com/auth/incident/incident.xhtml?incident=4548148089

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.242.52.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-242-52-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

95e9e3ea5a0771d7eeead1503d41cde92d8eec6da0bfbc97fcff4e9d173c967a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.threatconnect.com/auth/incident/incident.xhtml?incident=4548148089
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma
date: Tue, 07 May 2024 13:31:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000;
last-modified: Mon, 26 Feb 2024 12:52:50 GMT
server: nginx
etag: W/"17523-1708951970000"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800
content-length: 4850
x-xss-protection: 1; mode=block
expires: Tue, 07 May 2024 14:31:01 GMT

GET
H2 200 d3.min.js.xhtml Show response
app.threatconnect.com/javax.faces.resource/ 148 KB
53 KB 390ms
388ms Script
application/javascript 54.242.52.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.threatconnect.com/javax.faces.resource/d3.min.js.xhtml?ln=scripts

Requested by

Host: app.threatconnect.com
URL: https://app.threatconnect.com/auth/incident/incident.xhtml?incident=4548148089

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.242.52.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-242-52-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

a643b74067e8e03f8fc5eec9494c79b87aa6e33ccd953902b31d23e0463c69f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.threatconnect.com/auth/incident/incident.xhtml?incident=4548148089
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma
date: Tue, 07 May 2024 13:31:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000;
last-modified: Mon, 26 Feb 2024 12:52:50 GMT
server: nginx
etag: W/"151143-1708951970000"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800
x-xss-protection: 1; mode=block
expires: Tue, 07 May 2024 14:31:01 GMT

GET
H2 200 tcl-global.css
app.threatconnect.com/ng/dist/tc-ui/ 113 KB
17 KB 416ms
415ms Stylesheet
text/css 54.242.52.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.threatconnect.com/ng/dist/tc-ui/tcl-global.css

Requested by

Host: app.threatconnect.com
URL: https://app.threatconnect.com/auth/incident/incident.xhtml?incident=4548148089

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.242.52.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-242-52-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

099d9cc620c09db9bd46a4fb96de2b2eb7644b114fa8283d43f03ac9f0a3957f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.threatconnect.com/auth/incident/incident.xhtml?incident=4548148089
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 13:31:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000;
last-modified: Mon, 26 Feb 2024 18:54:24 GMT
server: nginx
content-type: text/css
accept-ranges: bytes
content-length: 16384

GET
H2 200 tc-save-redirect.js Show response
app.threatconnect.com/resources/scripts/ 371 B
726 B 320ms
319ms Script
application/javascript 54.242.52.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.threatconnect.com/resources/scripts/tc-save-redirect.js

Requested by

Host: app.threatconnect.com
URL: https://app.threatconnect.com/auth/incident/incident.xhtml?incident=4548148089

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.242.52.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-242-52-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

3fe23a0ccc20590ab6e42df8a2a5b46df2ec6cd459e36caf88e06d9d11a24704

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.threatconnect.com/auth/incident/incident.xhtml?incident=4548148089
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 13:31:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000;
last-modified: Mon, 26 Feb 2024 12:52:50 GMT
server: nginx
content-type: application/javascript
accept-ranges: bytes
content-length: 210

GET
H2 200 ThreatConnect-Mark-CMYK.svg.xhtml
app.threatconnect.com/javax.faces.resource/ 3 KB
3 KB 438ms
437ms Image
image/svg+xml 54.242.52.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.threatconnect.com/javax.faces.resource/ThreatConnect-Mark-CMYK.svg.xhtml?ln=images

Requested by

Host: app.threatconnect.com
URL: https://app.threatconnect.com/auth/incident/incident.xhtml?incident=4548148089

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.242.52.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-242-52-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

d8b524c2a137244b3ec64aacfa7c07ec61fddc3418ecebee74826dcb096fe236

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.threatconnect.com/auth/incident/incident.xhtml?incident=4548148089
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma
date: Tue, 07 May 2024 13:31:01 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
last-modified: Mon, 26 Feb 2024 12:52:50 GMT
server: nginx
etag: W/"2883-1708951970000"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=604800
x-xss-protection: 1; mode=block
expires: Tue, 07 May 2024 14:31:01 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 148ms
19ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: app.threatconnect.com
URL: https://app.threatconnect.com/auth/incident/incident.xhtml?incident=4548148089

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.threatconnect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 07 May 2024 12:07:49 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4993
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 07 May 2024 14:07:49 GMT

GET
H2 200 logo-mark-white.svg.xhtml
app.threatconnect.com/javax.faces.resource/ 2 KB
2 KB 134ms
134ms Image
image/svg+xml 54.242.52.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.threatconnect.com/javax.faces.resource/logo-mark-white.svg.xhtml?ln=images

Requested by

Host: app.threatconnect.com
URL: https://app.threatconnect.com/javax.faces.resource/theme/tc-theme.css.xhtml?ln=css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.242.52.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-242-52-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

749ab411edc11a9638c93218971bbb31e4a4d6fd56e925208eb9d42de7631157

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.threatconnect.com/javax.faces.resource/theme/tc-theme.css.xhtml?ln=css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma
date: Tue, 07 May 2024 13:31:02 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
last-modified: Mon, 26 Feb 2024 12:52:50 GMT
server: nginx
etag: W/"1881-1708951970000"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=604800
content-length: 1881
x-xss-protection: 1; mode=block
expires: Tue, 07 May 2024 14:31:02 GMT

GET
H2 200 logo-site-rgb-white.svg.xhtml
app.threatconnect.com/javax.faces.resource/ 8 KB
8 KB 136ms
136ms Image
image/svg+xml 54.242.52.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.threatconnect.com/javax.faces.resource/logo-site-rgb-white.svg.xhtml?ln=images

Requested by

Host: app.threatconnect.com
URL: https://app.threatconnect.com/javax.faces.resource/theme/tc-theme.css.xhtml?ln=css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.242.52.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-242-52-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

ce14d4796d826e09b38282c17d9b94982e5a950307d0c6f57dd48e175c02b24c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.threatconnect.com/javax.faces.resource/theme/tc-theme.css.xhtml?ln=css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma
date: Tue, 07 May 2024 13:31:02 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
last-modified: Mon, 26 Feb 2024 17:52:56 GMT
server: nginx
etag: W/"7923-1708969976000"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=604800
x-xss-protection: 1; mode=block
expires: Tue, 07 May 2024 14:31:02 GMT

GET
H2 200 UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuI6fMZg.ttf
fonts.gstatic.com/s/inter/v13/ 301 KB
153 KB 141ms
20ms Font
font/ttf 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuI6fMZg.ttf

Requested by

Host: app.threatconnect.com
URL: https://app.threatconnect.com/ng/dist/tc-ui/tcl-global.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d33da2943679688897cc0ee5c0326c9e3e7e5aadfd96c36ced976d6a3e9f5f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.threatconnect.com/
Origin: https://app.threatconnect.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 20:27:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 320583
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 156397
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:22:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 May 2025 20:27:59 GMT

GET
H2 200 threatconnect.woff2.xhtml
app.threatconnect.com/javax.faces.resource/fonts/ThreatConnect/ 36 KB
36 KB 134ms
134ms Font
application/font-woff2 54.242.52.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.threatconnect.com/javax.faces.resource/fonts/ThreatConnect/threatconnect.woff2.xhtml

Requested by

Host: app.threatconnect.com
URL: https://app.threatconnect.com/javax.faces.resource/theme/tc-theme.css.xhtml?ln=css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.242.52.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-242-52-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

56124d03f8b7976a3f14a0504b7230951a82ef56c4dfc26c2b5994070b8a7117

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.threatconnect.com/javax.faces.resource/theme/tc-theme.css.xhtml?ln=css
Origin: https://app.threatconnect.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma
date: Tue, 07 May 2024 13:31:02 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
last-modified: Mon, 26 Feb 2024 12:52:50 GMT
server: nginx
etag: W/"36552-1708951970000"
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
cache-control: max-age=604800
x-xss-protection: 1; mode=block
expires: Tue, 07 May 2024 14:31:02 GMT

GET
H2 200 UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuLyfMZg.ttf
fonts.gstatic.com/s/inter/v13/ 296 KB
144 KB 161ms
41ms Font
font/ttf 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuLyfMZg.ttf

Requested by

Host: app.threatconnect.com
URL: https://app.threatconnect.com/ng/dist/tc-ui/tcl-global.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02c6d2ce3eb535653060cf6105c31551ba740750a7fd8a3e084d8864d82b888d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.threatconnect.com/
Origin: https://app.threatconnect.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 05:41:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28180
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146840
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:44:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 May 2025 05:41:22 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.threatconnect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 13:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1554
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 07 May 2024 14:05:08 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
224 B 27ms
27ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1115849837&t=pageview&_s=1&dl=https%3A%2F%2Fapp.threatconnect.com%2Fauth%2Fincident%2Fincident.xhtml%3Fincident%3D4548148089&ul=de-de&de=UTF-8&dt=ThreatConnect%20Log%20in%20to%20your%20account%20%7C%20Threat%20Intelligence%20%7C%20ThreatConnect&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAgEAjAAAAACAAI~&jid=1130064585&gjid=1758236185&cid=2119757123.1715088662&tid=UA-58112700-1&_gid=169310379.1715088662&_slc=1&z=1440581601

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5eca0296cc028d7cd1693be2bb345d38ec62d93b3ddcabc79a5e1f24a54737a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://app.threatconnect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 May 2024 13:31:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.threatconnect.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
352 B 92ms
28ms XHR
text/plain 2a00:1450:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-58112700-1&cid=2119757123.1715088662&jid=1130064585&gjid=1758236185&_gid=169310379.1715088662&_u=KGBAgEAjAAAAAGAAI~&z=1380711667

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://app.threatconnect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 07 May 2024 13:31:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.threatconnect.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 favicon.png
app.threatconnect.com/resources/images/ 2 KB
2 KB 128ms
126ms Other
image/png 54.242.52.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.threatconnect.com/resources/images/favicon.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.242.52.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-242-52-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

ddd4af618f627c0e5738834c3a02d2c4cab00fe88fcd317cf349e29c773f1ed5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.threatconnect.com/auth/incident/incident.xhtml?incident=4548148089
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 13:31:02 GMT
strict-transport-security: max-age=31536000;
last-modified: Mon, 26 Feb 2024 17:52:56 GMT
server: nginx
accept-ranges: bytes
content-length: 1662
content-type: image/png

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 261 KB
93 KB 107ms
49ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QM2PFG3Y3L&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8d89183782cd8d4ddef36ea17a088372bd82656ee40f1d58c1d7daa8ad66c6d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.threatconnect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 13:31:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94492
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 07 May 2024 13:31:02 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 83ms
43ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-58112700-1&cid=2119757123.1715088662&jid=1130064585&_u=KGBAgEAjAAAAAGAAI~&z=2010047386

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.threatconnect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 07 May 2024 13:31:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 74ms
44ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-58112700-1&cid=2119757123.1715088662&jid=1130064585&_u=KGBAgEAjAAAAAGAAI~&z=2010047386

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.threatconnect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 07 May 2024 13:31:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
257 B 80ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-QM2PFG3Y3L&_ng=1&gtm=45je4510v9134485151za200&_p=1715088662331&_gaz=1&gcd=13l3l3l2l2&npa=0&dma_cps=sypham&dma=1&ul=de-de&sr=1600x1200&cid=2119757123.1715088662&ir=1&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fapp.threatconnect.com%2Fauth%2Fincident%2Fincident.xhtml%3Fincident%3D4548148089&dt=ThreatConnect%20Log%20in%20to%20your%20account%20%7C%20Threat%20Intelligence%20%7C%20ThreatConnect&sid=1715088662&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1531
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QM2PFG3Y3L&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.threatconnect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 07 May 2024 13:31:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.threatconnect.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 28ms
27ms Ping
text/plain 2a00:1450:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ng=1&tid=G-QM2PFG3Y3L&cid=2119757123.1715088662&gtm=45je4510v9134485151za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l2&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QM2PFG3Y3L&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.threatconnect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 07 May 2024 13:31:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.threatconnect.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 42ms
42ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ng=1&tid=G-QM2PFG3Y3L&cid=2119757123.1715088662&gtm=45je4510v9134485151za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l2&npa=0&z=1273323467

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.threatconnect.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 07 May 2024 13:31:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
app.threatconnect.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: KfjS5fHKvzGfmjkb26WakyCStACbpgpPN5aR8FKs6MHe56WQmw_CVbyBb3OUub5AxqiUhHNfZPt3HBTiuZVoTKT-6QHrDmAd1q4dPsp_mSRpD0hzK-VbITc-njz5ybfjPo9_xOml08zCcxDmQ9YtE8c4XfUKB1DdTkfClYm9O4g_.3d144c51b6c6
.threatconnect.com/	1970-01-21 06:00:48	Name: _ga Value: GA1.2.2119757123.1715088662
.threatconnect.com/	1970-01-20 20:26:15	Name: _gid Value: GA1.2.169310379.1715088662
.threatconnect.com/	1970-01-20 20:24:48	Name: _gat Value: 1
app.threatconnect.com/	1970-01-20 20:34:53	Name: AWSALB Value: jgHdafK4MT5ZbWOUdDHJAhSVfsweVt0/axA9ulszP+deNEJBVa3gTL2WPTOx3b94hQdxR3Iwj2TfzeseCnHvAvEvCo03FOYpXbHsfydWKIlUr5r48aNtHKc+aOE9
app.threatconnect.com/	1970-01-20 20:34:53	Name: AWSALBCORS Value: jgHdafK4MT5ZbWOUdDHJAhSVfsweVt0/axA9ulszP+deNEJBVa3gTL2WPTOx3b94hQdxR3Iwj2TfzeseCnHvAvEvCo03FOYpXbHsfydWKIlUr5r48aNtHKc+aOE9
.threatconnect.com/	1970-01-21 06:00:48	Name: _ga_QM2PFG3Y3L Value: GS1.2.1715088662.1.0.1715088662.60.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.threatconnect.com
fonts.gstatic.com
region1.analytics.google.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
2001:4860:4802:34::36
2a00:1450:4001:803::200e
2a00:1450:4001:812::2003
2a00:1450:4001:827::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82f::2008
2a00:1450:400c:c04::9d
54.242.52.27
02c6d2ce3eb535653060cf6105c31551ba740750a7fd8a3e084d8864d82b888d
099d9cc620c09db9bd46a4fb96de2b2eb7644b114fa8283d43f03ac9f0a3957f
1e60543fb6fc48979f7cdabf12ff6c74f82885270df45a045abe73c605504596
32da12b3a157c5cf74d0dcd1b3a3f6e0074219ae6a698a3d26ce0ea9d42558d0
367f650af17eac2dbf60a895e0164c08f7fbb2d92870d3b0192509cf7a7d219a
3fe23a0ccc20590ab6e42df8a2a5b46df2ec6cd459e36caf88e06d9d11a24704
473d8103c1970d6511be221fee15ed3c2daf3b391a7ae298e5759ffeb3578c66
56124d03f8b7976a3f14a0504b7230951a82ef56c4dfc26c2b5994070b8a7117
5eca0296cc028d7cd1693be2bb345d38ec62d93b3ddcabc79a5e1f24a54737a5
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f
749ab411edc11a9638c93218971bbb31e4a4d6fd56e925208eb9d42de7631157
7c2e34bc4ed3ac8b250cc4454b26daabf8a139a80c3a2986988cbc454fc861a0
7d33da2943679688897cc0ee5c0326c9e3e7e5aadfd96c36ced976d6a3e9f5f3
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8a7d78d1fc94242e132ce6406e13441d6af054ac898fa1667b5a1545425c5627
8d89183782cd8d4ddef36ea17a088372bd82656ee40f1d58c1d7daa8ad66c6d7
929046a49eea29240e96c1c25945d0c81e3a23c737b563bc993892fd24b89204
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
95e9e3ea5a0771d7eeead1503d41cde92d8eec6da0bfbc97fcff4e9d173c967a
a643b74067e8e03f8fc5eec9494c79b87aa6e33ccd953902b31d23e0463c69f6
aa84049bb1d4cf2c707d1fc6b4358dcda4b9362b66374226957936b638f105ce
b3bfafd398763071e9f405926ca4ce29e0a4eacd89404631d1249ac9c9664398
ba80e11d38d69e419780ba2d49a60ae270dbebae4cae1c04734657464d46b8ec
bbcac95895ff8a6bd9476429288b39c3b3e6ba9bf01f68d3025d8b7eb626c75f
c4f3a75cfb855e851d7cc3c6e4ae483ec7c434839f9f6c6d3b875bf835dda4d6
ce14d4796d826e09b38282c17d9b94982e5a950307d0c6f57dd48e175c02b24c
d8b524c2a137244b3ec64aacfa7c07ec61fddc3418ecebee74826dcb096fe236
dcdfc284946fc1d88b4df8ee6f1dcc5d9743c8f2e658b7ace0151e56f98b3c87
ddd4af618f627c0e5738834c3a02d2c4cab00fe88fcd317cf349e29c773f1ed5
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5333d9cc47ad1c46289960fe5e8c4535cbb1b5b66c5c4132e2a6bd3e05a1b7b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ca242c6c2209c3e007cf27299a2b23063e67433df1bfe6d7e5f296261f346d
faed8ad0401db21396a39b2ff4649beee2fef790072f060060320d28ce560809

app.threatconnect.com Open in urlscan Pro 54.242.52.27 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

38 Requests

100 %HTTPS

88 %IPv6

7 Domains

8 Subdomains

8 IPs

3 Countries

847 kBTransfer

2687 kBSize

7 Cookies

3 Outgoing links

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

app.threatconnect.com Open in urlscan Pro
54.242.52.27 Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

100 %
HTTPS

88 %
IPv6

7
Domains

8
Subdomains

8
IPs

3
Countries

847 kB
Transfer

2687 kB
Size

7
Cookies

38 HTTP transactions
0 data transactions