app.picussecurity.com Open in urlscan Pro
13.248.128.213 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://app.picussecurity.com/scv/redirect/simulation/46059/run/154047/threat/2267/display/20874/action/19204/node/2/tab/mitig...
Effective URL:
https://app.picussecurity.com/scv/redirect/simulation/46059/run/154047/threat/2267/display/20874/action/19204/node/2/tab/mitig...
Submission: On December 01 via manual (December 1st 2023, 3:48:16 pm UTC) from IN — Scanned from DE

Summary HTTP 44 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 15 IPs in 2 countries across 11 domains to perform 44 HTTP transactions. The main IP is 13.248.128.213, located in United States and belongs to AMAZON-02, US. The main domain is app.picussecurity.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on April 9th 2023. Valid for: a year.

This is the only time app.picussecurity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	76.223.0.74 76.223.0.74	16509 (AMAZON-02) (AMAZON-02)
20	13.248.128.213 13.248.128.213	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	99.86.159.100 99.86.159.100	16509 (AMAZON-02) (AMAZON-02)
1	108.156.60.88 108.156.60.88	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:e4:... 2606:4700:e4::ac40:af06	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.165.227.74 18.165.227.74	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.160.212.41 3.160.212.41	16509 (AMAZON-02) (AMAZON-02)
1	18.65.39.85 18.65.39.85	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:e4:... 2606:4700:e4::ac40:ae06	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.226.44.160 3.226.44.160	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
2	54.231.227.249 54.231.227.249	16509 (AMAZON-02) (AMAZON-02)
2	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
44	15

1 76.223.0.74 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: afea95d23159a7aa2.awsglobalaccelerator.com

app.picussecurity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 13.248.128.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: afea95d23159a7aa2.awsglobalaccelerator.com

app.picussecurity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.159.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-159-100.mxp64.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.60.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-60-88.ams1.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e4::ac40:af06 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.popt.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.165.227.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-227-74.lhr61.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.160.212.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-212-41.mxp53.r.cloudfront.net

surveystats.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.65.39.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-85.ams1.r.cloudfront.net

www.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e4::ac40:ae06 (United States)

ASN13335 (CLOUDFLARENET, US)

display.popt.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.226.44.160 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-44-160.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.231.227.249 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

picus-digital-cdn.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	picussecurity.com 1 redirects app.picussecurity.com	2 MB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	42 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 700 script.hotjar.com — Cisco Umbrella Rank: 933 www.hotjar.com — Cisco Umbrella Rank: 50667	126 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	280 KB
3	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 878 heapanalytics.com — Cisco Umbrella Rank: 784	42 KB
2	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 225	1 KB
2	amazonaws.com picus-digital-cdn.s3.amazonaws.com	274 KB
2	popt.in cdn.popt.in — Cisco Umbrella Rank: 27974 display.popt.in — Cisco Umbrella Rank: 27965	54 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 590	19 KB
1	hotjar.io surveystats.hotjar.io — Cisco Umbrella Rank: 27564	483 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	28 KB
44	11

	Domain	Requested by
21	app.picussecurity.com	1 redirects app.picussecurity.com
4	www.google-analytics.com	app.picussecurity.com
4	www.googletagmanager.com	app.picussecurity.com
2	bam.nr-data.net	app.picussecurity.com
2	picus-digital-cdn.s3.amazonaws.com	app.picussecurity.com
2	heapanalytics.com	app.picussecurity.com
2	script.hotjar.com	app.picussecurity.com
1	js-agent.newrelic.com	app.picussecurity.com
1	display.popt.in	app.picussecurity.com
1	www.hotjar.com	app.picussecurity.com
1	surveystats.hotjar.io	app.picussecurity.com
1	cdnjs.cloudflare.com	app.picussecurity.com
1	cdn.popt.in	app.picussecurity.com
1	static.hotjar.com	app.picussecurity.com
1	cdn.heapanalytics.com	app.picussecurity.com
44	15

This site contains links to these domains. Also see Links.

Domain
picussecurity.com
www.picussecurity.com
landing.picus.io
www.linkedin.com
twitter.com
picus.medium.com

Subject Issuer	Validity	Valid
app.picussecurity.com Amazon RSA 2048 M02	`2023-04-09` - `2024-05-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
cdn.heapanalytics.com Amazon RSA 2048 M01	`2023-06-29` - `2024-07-27`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
popt.in E1	`2023-11-10` - `2024-02-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.hotjar.io Amazon RSA 2048 M02	`2023-06-18` - `2024-07-16`	a year	crt.sh
heapanalytics.com Amazon RSA 2048 M02	`2023-11-09` - `2024-12-08`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-03`	9 months	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://app.picussecurity.com/scv/redirect/simulation/46059/run/154047/threat/2267/display/20874/action/19204/node/2/tab/mitigations
Frame ID: F82C42CC00C1D5C3CAC04B8F9D0A0E93
Requests: 44 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Automated Adversary Simulation: Improve your cyber resilience

Page URL History Show full URLs

http://app.picussecurity.com/scv/redirect/simulation/46059/run/154047/threat/2267/display/20874/action/19... HTTP 301
https://app.picussecurity.com/scv/redirect/simulation/46059/run/154047/threat/2267/display/20874/action/19... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

44
Requests

100 %
HTTPS

31 %
IPv6

11
Domains

15
Subdomains

15
IPs

2
Countries

3424 kB
Transfer

10258 kB
Size

18
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://picussecurity.com/hubfs/PicusPlatform_LegalDocuments/EULA.pdf
Title: EULA

Search URL Search Domain Scan URL

URL: https://www.picussecurity.com/hubfs/PicusPlatform_LegalDocuments/Policy.pdf
Title: Privacy Policy.

Search URL Search Domain Scan URL

URL: https://picussecurity.com/resource/tag/article
Title: Blog

Search URL Search Domain Scan URL

URL: https://landing.picus.io/about-us
Title: About

Search URL Search Domain Scan URL

URL: https://picussecurity.com/upgrade-your-platform
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/picus-security

Search URL Search Domain Scan URL

URL: https://twitter.com/PicusSecurity

Search URL Search Domain Scan URL

URL: https://picus.medium.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://app.picussecurity.com/scv/redirect/simulation/46059/run/154047/threat/2267/display/20874/action/19204/node/2/tab/mitigations HTTP 301
https://app.picussecurity.com/scv/redirect/simulation/46059/run/154047/threat/2267/display/20874/action/19204/node/2/tab/mitigations Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request mitigations Show response
app.picussecurity.com/scv/redirect/simulation/46059/run/154047/threat/2267/display/20874/action/19204/node/2/tab/
Redirect Chain

http://app.picussecurity.com/scv/redirect/simulation/46059/run/154047/threat/2267/display/20874/action/19204/node/2/tab/mitigations
https://app.picussecurity.com/scv/redirect/simulation/46059/run/154047/threat/2267/display/20874/action/19204/node/2/tab/mitigations

3 KB
2 KB

298ms
99ms

Document
text/html

13.248.128.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.picussecurity.com/scv/redirect/simulation/46059/run/154047/threat/2267/display/20874/action/19204/node/2/tab/mitigations

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.128.213 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

afea95d23159a7aa2.awsglobalaccelerator.com

Software

nginx /

Resource Hash

8d0c441c4c7b5727937c621fe9b8a6010d32b2bb5962f9116b6540064ec290fa

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .picus.io picussecurity.com .picussecurity.com https://www.googletagmanager.com/ https://picus-digital-cdn.s3.amazonaws.com/ https://www.google-analytics.com/ .popt.in/ https://cdn.heapanalytics.com https://heapanalytics.com .heapanalytics.com .hotjar.com .hotjar.io .newrelic.com .cloudflare.com .nr-data.net pcsdl.com .pcsdl.com wss://ws.hotjar.com; style-src 'self' https://heapanalytics.com 'unsafe-inline'; img-src * 'self' data: https: https://heapanalytics.com; form-action 'self'; frame-ancestors 'self'; object-src 'none';upgrade-insecure-requests;
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-security-policy: default-src 'self' *.picus.io picussecurity.com *.picussecurity.com https://www.googletagmanager.com/ https://picus-digital-cdn.s3.amazonaws.com/ https://www.google-analytics.com/ *.popt.in/ https://cdn.heapanalytics.com https://heapanalytics.com *.heapanalytics.com *.hotjar.com *.hotjar.io *.newrelic.com *.cloudflare.com *.nr-data.net pcsdl.com *.pcsdl.com wss://ws.hotjar.com; style-src 'self' https://heapanalytics.com 'unsafe-inline'; img-src * 'self' data: https: https://heapanalytics.com; form-action 'self'; frame-ancestors 'self'; object-src 'none';upgrade-insecure-requests;
content-type: text/html
date: Fri, 01 Dec 2023 15:48:10 GMT
etag: W/"6569ed9f-a2a"
last-modified: Fri, 01 Dec 2023 14:28:47 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=16070400; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 0

Redirect headers

Connection: keep-alive
Content-Length: 134
Content-Type: text/html
Date: Fri, 01 Dec 2023 15:48:09 GMT
Location: https://app.picussecurity.com:443/scv/redirect/simulation/46059/run/154047/threat/2267/display/20874/action/19204/node/2/tab/mitigations
Server: awselb/2.0

GET
H2 200 third-party.js Show response
app.picussecurity.com/picus-scripts/ 1 KB
1 KB 99ms
99ms Script
application/javascript 13.248.128.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.picussecurity.com/picus-scripts/third-party.js

Requested by

Host: app.picussecurity.com
URL: https://app.picussecurity.com/scv/redirect/simulation/46059/run/154047/threat/2267/display/20874/action/19204/node/2/tab/mitigations

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.128.213 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

afea95d23159a7aa2.awsglobalaccelerator.com

Software

nginx /

Resource Hash

1bd5cb69e4e769c82540813b5aba6022db001ee2efc9f222bd595724a33ce917

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .picus.io picussecurity.com .picussecurity.com https://www.googletagmanager.com/ https://picus-digital-cdn.s3.amazonaws.com/ https://www.google-analytics.com/ .popt.in/ https://cdn.heapanalytics.com https://heapanalytics.com .heapanalytics.com .hotjar.com .hotjar.io .newrelic.com .cloudflare.com .nr-data.net pcsdl.com .pcsdl.com wss://ws.hotjar.com; style-src 'self' https://heapanalytics.com 'unsafe-inline'; img-src * 'self' data: https: https://heapanalytics.com; form-action 'self'; frame-ancestors 'self'; object-src 'none';upgrade-insecure-requests;
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.picussecurity.com/scv/redirect/simulation/46059/run/154047/threat/2267/display/20874/action/19204/node/2/tab/mitigations
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:48:10 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.picus.io picussecurity.com *.picussecurity.com https://www.googletagmanager.com/ https://picus-digital-cdn.s3.amazonaws.com/ https://www.google-analytics.com/ *.popt.in/ https://cdn.heapanalytics.com https://heapanalytics.com *.heapanalytics.com *.hotjar.com *.hotjar.io *.newrelic.com *.cloudflare.com *.nr-data.net pcsdl.com *.pcsdl.com wss://ws.hotjar.com; style-src 'self' https://heapanalytics.com 'unsafe-inline'; img-src * 'self' data: https: https://heapanalytics.com; form-action 'self'; frame-ancestors 'self'; object-src 'none';upgrade-insecure-requests;
last-modified: Fri, 01 Dec 2023 14:20:03 GMT
server: nginx
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
etag: W/"6569eb93-4d6"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: no-cache
x-xss-protection: 0

GET
H2 200 main.d7b20963.js Show response
app.picussecurity.com/static/js/ 7 MB
2 MB 107ms
106ms Script
application/javascript 13.248.128.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.picussecurity.com/static/js/main.d7b20963.js

Requested by

Host: app.picussecurity.com
URL: https://app.picussecurity.com/scv/redirect/simulation/46059/run/154047/threat/2267/display/20874/action/19204/node/2/tab/mitigations

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.128.213 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

afea95d23159a7aa2.awsglobalaccelerator.com

Software

nginx /

Resource Hash

39b16c519eed117794593e4fa087b22fd4a70ac7334d0fb5eec322d998dfb473

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .picus.io picussecurity.com .picussecurity.com https://www.googletagmanager.com/ https://picus-digital-cdn.s3.amazonaws.com/ https://www.google-analytics.com/ .popt.in/ https://cdn.heapanalytics.com https://heapanalytics.com .heapanalytics.com .hotjar.com .hotjar.io .newrelic.com .cloudflare.com .nr-data.net pcsdl.com .pcsdl.com wss://ws.hotjar.com; style-src 'self' https://heapanalytics.com 'unsafe-inline'; img-src * 'self' data: https: https://heapanalytics.com; form-action 'self'; frame-ancestors 'self'; object-src 'none';upgrade-insecure-requests;
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.picussecurity.com/scv/redirect/simulation/46059/run/154047/threat/2267/display/20874/action/19204/node/2/tab/mitigations
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:48:10 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.picus.io picussecurity.com *.picussecurity.com https://www.googletagmanager.com/ https://picus-digital-cdn.s3.amazonaws.com/ https://www.google-analytics.com/ *.popt.in/ https://cdn.heapanalytics.com https://heapanalytics.com *.heapanalytics.com *.hotjar.com *.hotjar.io *.newrelic.com *.cloudflare.com *.nr-data.net pcsdl.com *.pcsdl.com wss://ws.hotjar.com; style-src 'self' https://heapanalytics.com 'unsafe-inline'; img-src * 'self' data: https: https://heapanalytics.com; form-action 'self'; frame-ancestors 'self'; object-src 'none';upgrade-insecure-requests;
content-encoding: gzip
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 01 Dec 2023 14:28:47 GMT
server: nginx
etag: W/"6569ed9f-723c57"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31531237, public
expires: Sat, 30 Nov 2024 14:28:47 GMT

GET
H2 200 main.60ff979e.css
app.picussecurity.com/static/css/ 310 KB
45 KB 104ms
104ms Stylesheet
text/css 13.248.128.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.picussecurity.com/static/css/main.60ff979e.css

Requested by

Host: app.picussecurity.com
URL: https://app.picussecurity.com/scv/redirect/simulation/46059/run/154047/threat/2267/display/20874/action/19204/node/2/tab/mitigations

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.128.213 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

afea95d23159a7aa2.awsglobalaccelerator.com

Software

nginx /

Resource Hash

340fad526fc21fd21c1baee912228855a8f2ba3c872f0ff9cf4986d119ea2c78

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .picus.io picussecurity.com .picussecurity.com https://www.googletagmanager.com/ https://picus-digital-cdn.s3.amazonaws.com/ https://www.google-analytics.com/ .popt.in/ https://cdn.heapanalytics.com https://heapanalytics.com .heapanalytics.com .hotjar.com .hotjar.io .newrelic.com .cloudflare.com .nr-data.net pcsdl.com .pcsdl.com wss://ws.hotjar.com; style-src 'self' https://heapanalytics.com 'unsafe-inline'; img-src * 'self' data: https: https://heapanalytics.com; form-action 'self'; frame-ancestors 'self'; object-src 'none';upgrade-insecure-requests;
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.picussecurity.com/scv/redirect/simulation/46059/run/154047/threat/2267/display/20874/action/19204/node/2/tab/mitigations
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:48:10 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.picus.io picussecurity.com *.picussecurity.com https://www.googletagmanager.com/ https://picus-digital-cdn.s3.amazonaws.com/ https://www.google-analytics.com/ *.popt.in/ https://cdn.heapanalytics.com https://heapanalytics.com *.heapanalytics.com *.hotjar.com *.hotjar.io *.newrelic.com *.cloudflare.com *.nr-data.net pcsdl.com *.pcsdl.com wss://ws.hotjar.com; style-src 'self' https://heapanalytics.com 'unsafe-inline'; img-src * 'self' data: https: https://heapanalytics.com; form-action 'self'; frame-ancestors 'self'; object-src 'none';upgrade-insecure-requests;
content-encoding: gzip
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 01 Dec 2023 14:28:47 GMT
server: nginx
etag: W/"6569ed9f-4d6fe"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31531237, public
expires: Sat, 30 Nov 2024 14:28:47 GMT

GET
H2 200 mastercard-favicon.js Show response
app.picussecurity.com/picus-scripts/ 330 B
1 KB 181ms
180ms Script
application/javascript 13.248.128.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.picussecurity.com/picus-scripts/mastercard-favicon.js

Requested by

Host: app.picussecurity.com
URL: https://app.picussecurity.com/picus-scripts/third-party.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.128.213 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

afea95d23159a7aa2.awsglobalaccelerator.com

Software

nginx /

Resource Hash

698646ac6f06ab5a94036070bfe9b165c46e23704cbc51c143bce10375ec8f99

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .picus.io picussecurity.com .picussecurity.com https://www.googletagmanager.com/ https://picus-digital-cdn.s3.amazonaws.com/ https://www.google-analytics.com/ .popt.in/ https://cdn.heapanalytics.com https://heapanalytics.com .heapanalytics.com .hotjar.com .hotjar.io .newrelic.com .cloudflare.com .nr-data.net pcsdl.com .pcsdl.com wss://ws.hotjar.com; style-src 'self' https://heapanalytics.com 'unsafe-inline'; img-src * 'self' data: https: https://heapanalytics.com; form-action 'self'; frame-ancestors 'self'; object-src 'none';upgrade-insecure-requests;
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.picussecurity.com/scv/redirect/simulation/46059/run/154047/threat/2267/display/20874/action/19204/node/2/tab/mitigations
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:48:10 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.picus.io picussecurity.com *.picussecurity.com https://www.googletagmanager.com/ https://picus-digital-cdn.s3.amazonaws.com/ https://www.google-analytics.com/ *.popt.in/ https://cdn.heapanalytics.com https://heapanalytics.com *.heapanalytics.com *.hotjar.com *.hotjar.io *.newrelic.com *.cloudflare.com *.nr-data.net pcsdl.com *.pcsdl.com wss://ws.hotjar.com; style-src 'self' https://heapanalytics.com 'unsafe-inline'; img-src * 'self' data: https: https://heapanalytics.com; form-action 'self'; frame-ancestors 'self'; object-src 'none';upgrade-insecure-requests;
last-modified: Fri, 01 Dec 2023 14:20:03 GMT
server: nginx
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
etag: W/"6569eb93-14a"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: no-cache
x-xss-protection: 0

GET
H2 200 heap.js Show response
app.picussecurity.com/picus-scripts/ 1 KB
1 KB 185ms
184ms Script
application/javascript 13.248.128.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.picussecurity.com/picus-scripts/heap.js

Requested by

Host: app.picussecurity.com
URL: https://app.picussecurity.com/picus-scripts/third-party.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.128.213 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

afea95d23159a7aa2.awsglobalaccelerator.com

Software

nginx /

Resource Hash

62b0ca06cdec7dfd3f17dc0d68701384cf99cc269228bf98e2c4cdb059f9bd14

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .picus.io picussecurity.com .picussecurity.com https://www.googletagmanager.com/ https://picus-digital-cdn.s3.amazonaws.com/ https://www.google-analytics.com/ .popt.in/ https://cdn.heapanalytics.com https://heapanalytics.com .heapanalytics.com .hotjar.com .hotjar.io .newrelic.com .cloudflare.com .nr-data.net pcsdl.com .pcsdl.com wss://ws.hotjar.com; style-src 'self' https://heapanalytics.com 'unsafe-inline'; img-src * 'self' data: https: https://heapanalytics.com; form-action 'self'; frame-ancestors 'self'; object-src 'none';upgrade-insecure-requests;
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.picussecurity.com/scv/redirect/simulation/46059/run/154047/threat/2267/display/20874/action/19204/node/2/tab/mitigations
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:48:10 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.picus.io picussecurity.com *.picussecurity.com https://www.googletagmanager.com/ https://picus-digital-cdn.s3.amazonaws.com/ https://www.google-analytics.com/ *.popt.in/ https://cdn.heapanalytics.com https://heapanalytics.com *.heapanalytics.com *.hotjar.com *.hotjar.io *.newrelic.com *.cloudflare.com *.nr-data.net pcsdl.com *.pcsdl.com wss://ws.hotjar.com; style-src 'self' https://heapanalytics.com 'unsafe-inline'; img-src * 'self' data: https: https://heapanalytics.com; form-action 'self'; frame-ancestors 'self'; object-src 'none';upgrade-insecure-requests;
last-modified: Fri, 01 Dec 2023 14:20:03 GMT
server: nginx
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
etag: W/"6569eb93-469"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: no-cache
x-xss-protection: 0

GET
H2 200 hotjar.js Show response
app.picussecurity.com/picus-scripts/ 649 B
1 KB 182ms
182ms Script
application/javascript 13.248.128.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.picussecurity.com/picus-scripts/hotjar.js

Requested by

Host: app.picussecurity.com
URL: https://app.picussecurity.com/picus-scripts/third-party.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.128.213 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

afea95d23159a7aa2.awsglobalaccelerator.com

Software

nginx /

Resource Hash

138bee220f8e49a0a2a08e4490739a0bfe24c5deda944586a50edc5fd83a0cb0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .picus.io picussecurity.com .picussecurity.com https://www.googletagmanager.com/ https://picus-digital-cdn.s3.amazonaws.com/ https://www.google-analytics.com/ .popt.in/ https://cdn.heapanalytics.com https://heapanalytics.com .heapanalytics.com .hotjar.com .hotjar.io .newrelic.com .cloudflare.com .nr-data.net pcsdl.com .pcsdl.com wss://ws.hotjar.com; style-src 'self' https://heapanalytics.com 'unsafe-inline'; img-src * 'self' data: https: https://heapanalytics.com; form-action 'self'; frame-ancestors 'self'; object-src 'none';upgrade-insecure-requests;
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.picussecurity.com/scv/redirect/simulation/46059/run/154047/threat/2267/display/20874/action/19204/node/2/tab/mitigations
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:48:10 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.picus.io picussecurity.com *.picussecurity.com https://www.googletagmanager.com/ https://picus-digital-cdn.s3.amazonaws.com/ https://www.google-analytics.com/ *.popt.in/ https://cdn.heapanalytics.com https://heapanalytics.com *.heapanalytics.com *.hotjar.com *.hotjar.io *.newrelic.com *.cloudflare.com *.nr-data.net pcsdl.com *.pcsdl.com wss://ws.hotjar.com; style-src 'self' https://heapanalytics.com 'unsafe-inline'; img-src * 'self' data: https: https://heapanalytics.com; form-action 'self'; frame-ancestors 'self'; object-src 'none';upgrade-insecure-requests;
last-modified: Fri, 01 Dec 2023 14:20:03 GMT
server: nginx
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
etag: W/"6569eb93-289"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: no-cache
x-xss-protection: 0

GET
H2 200 poptin.js Show response
app.picussecurity.com/picus-scripts/ 496 B
1 KB 183ms
182ms Script
application/javascript 13.248.128.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.picussecurity.com/picus-scripts/poptin.js

Requested by

Host: app.picussecurity.com
URL: https://app.picussecurity.com/picus-scripts/third-party.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.128.213 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

afea95d23159a7aa2.awsglobalaccelerator.com

Software

nginx /

Resource Hash

e40f669cb2f591861191dca313973d494bef90a3e5fe090a32469d2761690a97

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .picus.io picussecurity.com .picussecurity.com https://www.googletagmanager.com/ https://picus-digital-cdn.s3.amazonaws.com/ https://www.google-analytics.com/ .popt.in/ https://cdn.heapanalytics.com https://heapanalytics.com .heapanalytics.com .hotjar.com .hotjar.io .newrelic.com .cloudflare.com .nr-data.net pcsdl.com .pcsdl.com wss://ws.hotjar.com; style-src 'self' https://heapanalytics.com 'unsafe-inline'; img-src * 'self' data: https: https://heapanalytics.com; form-action 'self'; frame-ancestors 'self'; object-src 'none';upgrade-insecure-requests;
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.picussecurity.com/scv/redirect/simulation/46059/run/154047/threat/2267/display/20874/action/19204/node/2/tab/mitigations
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:48:10 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.picus.io picussecurity.com *.picussecurity.com https://www.googletagmanager.com/ https://picus-digital-cdn.s3.amazonaws.com/ https://www.google-analytics.com/ *.popt.in/ https://cdn.heapanalytics.com https://heapanalytics.com *.heapanalytics.com *.hotjar.com *.hotjar.io *.newrelic.com *.cloudflare.com *.nr-data.net pcsdl.com *.pcsdl.com wss://ws.hotjar.com; style-src 'self' https://heapanalytics.com 'unsafe-inline'; img-src * 'self' data: https: https://heapanalytics.com; form-action 'self'; frame-ancestors 'self'; object-src 'none';upgrade-insecure-requests;
last-modified: Fri, 01 Dec 2023 14:20:03 GMT
server: nginx
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
etag: W/"6569eb93-1f0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: no-cache
x-xss-protection: 0

GET
H2 200 new-relic.js Show response
app.picussecurity.com/picus-scripts/ 50 KB
14 KB 185ms
185ms Script
application/javascript 13.248.128.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.picussecurity.com/picus-scripts/new-relic.js

Requested by

Host: app.picussecurity.com
URL: https://app.picussecurity.com/picus-scripts/third-party.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.128.213 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

afea95d23159a7aa2.awsglobalaccelerator.com

Software

nginx /

Resource Hash

8464e8fe8a0053aa086011c7e1c7d6dd24d5525bf48775d4df36a4e1147a2adc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .picus.io picussecurity.com .picussecurity.com https://www.googletagmanager.com/ https://picus-digital-cdn.s3.amazonaws.com/ https://www.google-analytics.com/ .popt.in/ https://cdn.heapanalytics.com https://heapanalytics.com .heapanalytics.com .hotjar.com .hotjar.io .newrelic.com .cloudflare.com .nr-data.net pcsdl.com .pcsdl.com wss://ws.hotjar.com; style-src 'self' https://heapanalytics.com 'unsafe-inline'; img-src * 'self' data: https: https://heapanalytics.com; form-action 'self'; frame-ancestors 'self'; object-src 'none';upgrade-insecure-requests;
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.picussecurity.com/scv/redirect/simulation/46059/run/154047/threat/2267/display/20874/action/19204/node/2/tab/mitigations
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:48:10 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.picus.io picussecurity.com *.picussecurity.com https://www.googletagmanager.com/ https://picus-digital-cdn.s3.amazonaws.com/ https://www.google-analytics.com/ *.popt.in/ https://cdn.heapanalytics.com https://heapanalytics.com *.heapanalytics.com *.hotjar.com *.hotjar.io *.newrelic.com *.cloudflare.com *.nr-data.net pcsdl.com *.pcsdl.com wss://ws.hotjar.com; style-src 'self' https://heapanalytics.com 'unsafe-inline'; img-src * 'self' data: https: https://heapanalytics.com; form-action 'self'; frame-ancestors 'self'; object-src 'none';upgrade-insecure-requests;
last-modified: Fri, 01 Dec 2023 14:20:03 GMT
server: nginx
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
etag: W/"6569eb93-c915"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: no-cache
x-xss-protection: 0

GET
H2 200 google-tag-manager.js Show response
app.picussecurity.com/picus-scripts/ 661 B
1 KB 184ms
183ms Script
application/javascript 13.248.128.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.picussecurity.com/picus-scripts/google-tag-manager.js

Requested by

Host: app.picussecurity.com
URL: https://app.picussecurity.com/picus-scripts/third-party.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.128.213 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

afea95d23159a7aa2.awsglobalaccelerator.com

Software

nginx /

Resource Hash

9968a2134a8a4e074c570283b0eb93342d4a0e70a769c5547e9dc6b99c69391f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .picus.io picussecurity.com .picussecurity.com https://www.googletagmanager.com/ https://picus-digital-cdn.s3.amazonaws.com/ https://www.google-analytics.com/ .popt.in/ https://cdn.heapanalytics.com https://heapanalytics.com .heapanalytics.com .hotjar.com .hotjar.io .newrelic.com .cloudflare.com .nr-data.net pcsdl.com .pcsdl.com wss://ws.hotjar.com; style-src 'self' https://heapanalytics.com 'unsafe-inline'; img-src * 'self' data: https: https://heapanalytics.com; form-action 'self'; frame-ancestors 'self'; object-src 'none';upgrade-insecure-requests;
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.picussecurity.com/scv/redirect/simulation/46059/run/154047/threat/2267/display/20874/action/19204/node/2/tab/mitigations
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:48:10 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.picus.io picussecurity.com *.picussecurity.com https://www.googletagmanager.com/ https://picus-digital-cdn.s3.amazonaws.com/ https://www.google-analytics.com/ *.popt.in/ https://cdn.heapanalytics.com https://heapanalytics.com *.heapanalytics.com *.hotjar.com *.hotjar.io *.newrelic.com *.cloudflare.com *.nr-data.net pcsdl.com *.pcsdl.com wss://ws.hotjar.com; style-src 'self' https://heapanalytics.com 'unsafe-inline'; img-src * 'self' data: https: https://heapanalytics.com; form-action 'self'; frame-ancestors 'self'; object-src 'none';upgrade-insecure-requests;
last-modified: Fri, 01 Dec 2023 14:20:03 GMT
server: nginx
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
etag: W/"6569eb93-295"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: no-cache
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
68 KB 224ms
71ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-37993489-5

Requested by

Host: app.picussecurity.com
URL: https://app.picussecurity.com/picus-scripts/third-party.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f76d75be64d8a82216ab51a00d6a5e493550521369d490e5b169a2b54bab7187

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.picussecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:48:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69034
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Dec 2023 15:48:10 GMT

GET
H2 200 heap-250908550.js Show response
cdn.heapanalytics.com/js/ 152 KB
42 KB 276ms
128ms Script
application/javascript 99.86.159.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-250908550.js

Requested by

Host: app.picussecurity.com
URL: https://app.picussecurity.com/picus-scripts/heap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.159.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-159-100.mxp64.r.cloudfront.net

Software

nginx / Express

Resource Hash

cac3ef54e96c4169a3dad4237fd740a4b780eab70b680a3f2d86de5709dc9af5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.picussecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:47:59 GMT
content-encoding: br
via: 1.1 0c978a13e60975108c0dd1f18364108e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
x-amz-cf-pop: MXP64-C2
age: 11
x-powered-by: Express
etag: W/"25fd8-v1E97IlH4ag9LOD5Ysi9mhcZ7rw"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=120
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: ZqyE3bgomg2GGcffvtYrloLmskZhL3Iptber8zl5wAkNx8WIq8SRig==

GET
H2 200 hotjar-1797415.js Show response
static.hotjar.com/c/ 13 KB
5 KB 81ms
51ms Script
application/javascript 108.156.60.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1797415.js?sv=6

Requested by

Host: app.picussecurity.com
URL: https://app.picussecurity.com/picus-scripts/hotjar.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.156.60.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-60-88.ams1.r.cloudfront.net

Software

Resource Hash

94ff9c5505d8e80c68b1b74c8e400edd29e8541e3804ced57a1c8dff544cfa5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.picussecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Fri, 01 Dec 2023 15:48:10 GMT
via: 1.1 1b575b46b9e4dd6b829accb4ea728b00.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
etag: W/9dd4e9652347a79f59da2cb0dba72293
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: kMnySWPhc0giHtSUTfh11CHCe2RjdyuExfqvP6SU4Cc5San8DOoZmw==

GET
H2 200 pixel.js Show response
cdn.popt.in/ 228 KB
50 KB 171ms
34ms Script
text/javascript 2606:4700:e4::ac40:af06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.popt.in/pixel.js?id=64d678615e3d0
Requested by: Host: app.picussecurity.com
URL: https://app.picussecurity.com/picus-scripts/poptin.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:af06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7de67691670ca758a843b95cb49120e77b7f27b7977a02b55554a9cfac57bee8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.picussecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:48:10 GMT
x-amz-version-id: mju7k3bTZOelmiAFBFpeUEGBkJnDanI5
via: 1.1 a769201928d4a671d76c2aeb231718ae.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: CDG52-P1
age: 6052
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Nov 2023 12:06:59 GMT
server: cloudflare
etag: W/"fb257afa85eb3e034737467fdaebea89"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZXaJwb6Pcx3wbOksHXJq%2FhOqgWvkc67i9thjrpd0clSpxcH2Ms5JvJ%2FCVq5qU6xGg54UnZxpz6oaycOgV1mIdV7klvApe%2F1zfgFlHaytBeJ5Lk6%2FWD8t16ZMLMiPc0z3aRohoGXqTMmUuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1800
cf-ray: 82ec790e0cf3f1a8-CDG
x-amz-cf-id: zUEldFPTQV3l_gSpTo9I4-KHoDlTJvfYD1Ywdo928TEgDHwKkG1Q4w==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 138 KB
52 KB 301ms
152ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5TXBNZG

Requested by

Host: app.picussecurity.com
URL: https://app.picussecurity.com/picus-scripts/new-relic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c18c01cbd6d9e1e7fdd51a75e7cf3c7bfcead97f42e6ea2fff803395d51dff51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.picussecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:48:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53059
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Dec 2023 15:48:10 GMT

GET
H2 200 modules.28e3191d8757c557b4b7.js Show response
script.hotjar.com/ 227 KB
57 KB 83ms
18ms Script
application/javascript 18.165.227.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.28e3191d8757c557b4b7.js

Requested by

Host: app.picussecurity.com
URL: https://app.picussecurity.com/picus-scripts/new-relic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.165.227.74 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-165-227-74.lhr61.r.cloudfront.net

Software

Resource Hash

77a17bd55486aef26d2fbbe92b56672398378b1ad7ba7975c79742b4772d52b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.picussecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:01:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 cf06367867cca885a1ab8df1ff57f98c.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P5
age: 697624
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 57395
last-modified: Thu, 23 Nov 2023 14:00:23 GMT
etag: "1ab24a53e715dcb189ab626bacc0e88b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: W8Ekmm6zYPLFjY1PkOXhch7NQqiTWRhwHYN-HyHtVz59_Vy8gNtduA==

GET
H2 200 survey-v2.64e305243013f5474f9d.js Show response
script.hotjar.com/ 274 KB
64 KB 21ms
20ms Script
application/javascript 18.165.227.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/survey-v2.64e305243013f5474f9d.js

Requested by

Host: app.picussecurity.com
URL: https://app.picussecurity.com/picus-scripts/new-relic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.165.227.74 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-165-227-74.lhr61.r.cloudfront.net

Software

Resource Hash

294d8c32cbf67a2934d57a9c1a071c974d61e8267726717e019b00105f84d7a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.picussecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 14:48:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 cf06367867cca885a1ab8df1ff57f98c.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P5
age: 3604
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 64477
last-modified: Fri, 01 Dec 2023 14:47:41 GMT
etag: "6c074e07777579883f4cbfec4e24a249"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: _qHwbLNzdpZmGAr96JgxGkKK0rnfYAQ6q83kUO_BzqE-L2BYpz-Fyg==

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/ 87 KB
28 KB 52ms
22ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js

Requested by

Host: app.picussecurity.com
URL: https://app.picussecurity.com/picus-scripts/new-relic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.picussecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:48:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 308519
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27964
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-15d95"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7iKWZL1Z9Eo6apDKGEsKD9dCpyGWGzfr%2FffJvKYN%2BKJSsEkc734RfhZvyV3J6IatdbIi5oIoWANKHg1o5WeyGS38%2FvmSK%2FHTfYn4SZeqfOMHxFg8oQ2dZ84lcbidjrCi5bJIYudWYIvb8OdgCezq%2FfKU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82ec790eca5bbb49-FRA
expires: Wed, 20 Nov 2024 15:48:10 GMT

GET
H2 200 hit Show response
surveystats.hotjar.io/ 0
483 B 60ms
15ms XHR
binary/octet-stream 3.160.212.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://surveystats.hotjar.io/hit?id=902799&device=desktop
Requested by: Host: app.picussecurity.com
URL: https://app.picussecurity.com/picus-scripts/new-relic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.212.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-212-41.mxp53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.picussecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 12:21:06 GMT
x-amz-version-id: null
via: 1.1 3bbd9c639a192694d597e09ea3006bce.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP53-P3
age: 1481225
x-cache: Hit from cloudfront
content-length: 0
last-modified: Wed, 27 Jan 2021 15:23:17 GMT
server: AmazonS3
etag: "d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public,max-age=0
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: P4lGZSd3O5zAtKi1gPW7Gk1uErXEeCZuuuO4CjifwqwB8qbutevtYw==

GET
H2 200 hotjar-logo-small.svg
www.hotjar.com/images/ 590 B
1006 B 67ms
17ms Image
image/svg+xml 18.65.39.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hotjar.com/images/hotjar-logo-small.svg

Requested by

Host: app.picussecurity.com
URL: https://app.picussecurity.com/scv/redirect/simulation/46059/run/154047/threat/2267/display/20874/action/19204/node/2/tab/mitigations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-85.ams1.r.cloudfront.net

Software

Resource Hash

08d62e0e4313d2131430a8baa41ef30eed43cd8f00a152f52495de19a1fdbf32

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.picussecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 03:47:33 GMT
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 19f569e782b5b925c41d8bc4e292cc7a.cloudfront.net (CloudFront)
last-modified: Fri, 08 Sep 2023 16:46:31 GMT
x-amz-cf-pop: AMS1-P1
age: 7041637
etag: W/"24e-18a75b01e58"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=31536000, stale-while-revalidate
accept-ranges: bytes
content-length: 590
x-amz-cf-id: AHPjiMyzB6u0Gr0-vCziaU8Y9G6m6w3HGfQ0r3sxnZdfICTGeEPthg==

GET
H2 200 64d678615e3d0 Show response
display.popt.in/APIRequest/ 105 B
3 KB 248ms
202ms XHR
application/json 2606:4700:e4::ac40:ae06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://display.popt.in/APIRequest/64d678615e3d0?domain=https%3A%2F%2Fapp.picussecurity.com%2Fscv%2Fredirect%2Fsimulation%2F46059%2Frun%2F154047%2Fthreat%2F2267%2Fdisplay%2F20874%2Faction%2F19204%2Fnode%2F2%2Ftab%2Fmitigations&referrer=&previous_url=&cookies=%20poptin_old_user%3Dtrue%20poptin_user_id%3D0.njswsr9e4u%20poptin_previous_url%3D%20poptin_new_user%3Dtrue%20poptin_viewed_session%3Dfalse%20&triggers=&cc=false&if_mobile=false&page_title=Automated%20Adversary%20Simulation%3A%20Improve%20your%20cyber%20resilience&origin_landing_page=https%3A%2F%2Fapp.picussecurity.com%2Fscv%2Fredirect%2Fsimulation%2F46059%2Frun%2F154047%2Fthreat%2F2267%2Fdisplay%2F20874%2Faction%2F19204%2Fnode%2F2%2Ftab%2Fmitigations&if_page_refreshed=false&poptin_viewed_url=https%3A%2F%2Fapp.picussecurity.com%2Fscv%2Fredirect%2Fsimulation%2F46059%2Frun%2F154047%2Fthreat%2F2267%2Fdisplay%2F20874%2Faction%2F19204%2Fnode%2F2%2Ftab%2Fmitigations&previous_visited_pages=&shopify_customer_id=0&cart_total_items=0&cart_total_price=0&cart_products_ids_list=&cart_products_org_ids_list=

Requested by

Host: app.picussecurity.com
URL: https://app.picussecurity.com/picus-scripts/new-relic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e4::ac40:ae06 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e837b8912928cb37df2250ed75c1c8b380aad2a62efe07672fd7b063a489cb3f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://bc.popt.in https://.mybigcommerce.com https://.jumpseller.com https://.myshopline.com https://.myshopify.com https://*.grisynava.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://app.picussecurity.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:48:10 GMT
content-security-policy: frame-ancestors https://bc.popt.in https://*.mybigcommerce.com https://*.jumpseller.com https://*.myshopline.com https://*.myshopify.com https://*.grisynava.com
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6TmCUjfoQJQkeYL5Mo22yHoGD%2B4MxvWJB87jBmbG09ciMZ9AWrjVEaXywUC6V2cYa4ZYltANT4Kj%2FrJ5HVGiEQ2JznlS%2F5wl5KfyFSRpD5vw97wd1Y1WmykSywFpk%2BeF1Z%2B3%2BH%2F9NuJjy0HUgoQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=0, must-revalidate, no-store, nocache, private
access-control-allow-credentials: true
cf-ray: 82ec790f5f250498-CDG
access-control-allow-headers: Origin, Content-Type
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 h
heapanalytics.com/ 37 B
261 B 300ms
99ms Image
image/gif 3.226.44.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=250908550&u=6441993672374909&v=8962046015457151&s=4686124767238987&b=web&tv=4.0&z=0&h=%2Fscv%2Fredirect%2Fsimulation%2F46059%2Frun%2F154047%2Fthreat%2F2267%2Fdisplay%2F20874%2Faction%2F19204%2Fnode%2F2%2Ftab%2Fmitigations&d=app.picussecurity.com&t=Automated%20Adversary%20Simulation%3A%20Improve%20your%20cyber%20resilience&ts=1701445690729&st=1701445690733

Requested by

Host: app.picussecurity.com
URL: https://app.picussecurity.com/scv/redirect/simulation/46059/run/154047/threat/2267/display/20874/action/19204/node/2/tab/mitigations

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.226.44.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-226-44-160.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.picussecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 15:48:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 179ms
56ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: app.picussecurity.com
URL: https://app.picussecurity.com/picus-scripts/new-relic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.picussecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 01 Dec 2023 15:22:36 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1534
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 01 Dec 2023 17:22:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 224 KB
79 KB 72ms
72ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-R2XB0TMBFC&l=dataLayer&cx=c

Requested by

Host: app.picussecurity.com
URL: https://app.picussecurity.com/picus-scripts/new-relic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5f956df916cbc781f3d01039e5df0d85afef2c95400e4d9140409081b8d525a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.picussecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:48:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81214
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 01 Dec 2023 15:48:10 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
163 B 63ms
63ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=667051893&t=pageview&_s=1&dl=https%3A%2F%2Fapp.picussecurity.com%2Fscv%2Fredirect%2Fsimulation%2F46059%2Frun%2F154047%2Fthreat%2F2267%2Fdisplay%2F20874%2Faction%2F19204%2Fnode%2F2%2Ftab%2Fmitigations&ul=en-us&de=UTF-8&dt=Automated%20Adversary%20Simulation%3A%20Improve%20your%20cyber%20resilience&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=824016958&gjid=1426629255&cid=513660290.1701445691&tid=UA-37993489-5&_gid=66141553.1701445691&_r=1&_slc=1&gtm=45He3bt0n815TXBNZG&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1893393964

Requested by

Host: app.picussecurity.com
URL: https://app.picussecurity.com/picus-scripts/new-relic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

902c54e14370c9e463ec21d96fcab38bf416d78a5e506366e7bae844890fa7e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.picussecurity.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 15:48:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.picussecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 56ms
56ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=667051893&t=pageview&_s=1&dl=https%3A%2F%2Fapp.picussecurity.com%2Fscv%2Fredirect%2Fsimulation%2F46059%2Frun%2F154047%2Fthreat%2F2267%2Fdisplay%2F20874%2Faction%2F19204%2Fnode%2F2%2Ftab%2Fmitigations&ul=en-us&de=UTF-8&dt=Automated%20Adversary%20Simulation%3A%20Improve%20your%20cyber%20resilience&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAACAAI~&jid=&gjid=&cid=513660290.1701445691&tid=UA-37993489-5&_gid=66141553.1701445691&gtm=45He3bt0n815TXBNZG&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1105316609

Requested by

Host: app.picussecurity.com
URL: https://app.picussecurity.com/scv/redirect/simulation/46059/run/154047/threat/2267/display/20874/action/19204/node/2/tab/mitigations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.picussecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 00:08:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 56405
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 228 KB
81 KB 73ms
73ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-R2XB0TMBFC&cx=c&_slc=1

Requested by

Host: app.picussecurity.com
URL: https://app.picussecurity.com/picus-scripts/new-relic.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

85f7b7205c844d094c400faab95494ced9643f1a5ac6d8699ee87efae67354a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.picussecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:48:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82981
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 01 Dec 2023 15:48:11 GMT

GET
H2 200 nr-spa-1216.min.js Show response
js-agent.newrelic.com/ 49 KB
19 KB 28ms
7ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1216.min.js

Requested by

Host: app.picussecurity.com
URL: https://app.picussecurity.com/picus-scripts/new-relic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.picussecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: MElzWumrf8lREc3kORDlSWHVtEZAK4m8
content-encoding: br
via: 1.1 varnish
date: Fri, 01 Dec 2023 15:48:11 GMT
strict-transport-security: max-age=300
x-amz-request-id: 32QYX7CYP3SVBZFW
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 19141
x-amz-id-2: zpeR4hGaPEJ8N7wSToPc/Hl82I0OLylMeS61mx1asKAiLpidjrtRXbureUy+SXI/0YTrVdkpkJA=
x-served-by: cache-fra-eddf8230110-FRA
last-modified: Wed, 18 Oct 2023 21:31:16 GMT
server: AmazonS3
x-timer: S1701445692.658279,VS0,VE0
etag: "63e2df852d15ab21d7ff8fc4363222e8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 194330

GET
H2 200 environment Show response
app.picussecurity.com/api/v2/ 490 B
1 KB 100ms
100ms XHR
application/json 13.248.128.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.picussecurity.com/api/v2/environment

Requested by

Host: app.picussecurity.com
URL: https://app.picussecurity.com/picus-scripts/new-relic.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.128.213 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

afea95d23159a7aa2.awsglobalaccelerator.com

Software

Resource Hash

2ca1e08d2a5559a13edc5024fa03b5f477c3499fc16d91dc6cc0927d733ef6e3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .picus.io picussecurity.com .picussecurity.com https://www.googletagmanager.com/ https://picus-digital-cdn.s3.amazonaws.com/ https://www.google-analytics.com/ https://aws.amazon.com/ .popt.in/ https://cdn.heapanalytics.com https://heapanalytics.com .heapanalytics.com .hotjar.com .hotjar.io .newrelic.com .cloudflare.com .nr-data.net pcsdl.com .pcsdl.com wss://ws.hotjar.com; style-src 'self' https://heapanalytics.com 'unsafe-inline'; img-src * 'self' data: https: https://heapanalytics.com; form-action 'self'; frame-ancestors 'self'; object-src 'none';upgrade-insecure-requests;
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.picussecurity.com/scv/redirect/simulation/46059/run/154047/threat/2267/display/20874/action/19204/node/2/tab/mitigations
tracestate: 2698403@nr=0-1-2698403-1103150886-82f32d498cde402c----1701445691634
traceparent: 00-c051ad90ed00b38d00695871ab7dcc32-82f32d498cde402c-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI2OTg0MDMiLCJhcCI6IjExMDMxNTA4ODYiLCJpZCI6IjgyZjMyZDQ5OGNkZTQwMmMiLCJ0ciI6ImMwNTFhZDkwZWQwMGIzOGQwMDY5NTg3MWFiN2RjYzMyIiwidGkiOjE3MDE0NDU2OTE2MzR9fQ==

Response headers

date: Fri, 01 Dec 2023 15:48:11 GMT
content-security-policy: default-src 'self' *.picus.io picussecurity.com *.picussecurity.com https://www.googletagmanager.com/ https://picus-digital-cdn.s3.amazonaws.com/ https://www.google-analytics.com/ https://aws.amazon.com/ *.popt.in/ https://cdn.heapanalytics.com https://heapanalytics.com *.heapanalytics.com *.hotjar.com *.hotjar.io *.newrelic.com *.cloudflare.com *.nr-data.net pcsdl.com *.pcsdl.com wss://ws.hotjar.com; style-src 'self' https://heapanalytics.com 'unsafe-inline'; img-src * 'self' data: https: https://heapanalytics.com; form-action 'self'; frame-ancestors 'self'; object-src 'none';upgrade-insecure-requests;
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=315360000; includeSubdomains
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
content-length: 490
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK whats-new.json Show response
picus-digital-cdn.s3.amazonaws.com/whats-new-prod/ 136 KB
137 KB 377ms
137ms XHR
application/json 54.231.227.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://picus-digital-cdn.s3.amazonaws.com/whats-new-prod/whats-new.json
Requested by: Host: app.picussecurity.com
URL: https://app.picussecurity.com/picus-scripts/new-relic.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.227.249 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 05b446700e22588bc7f4231c745d57f134d49fa03b92c5e7e77a3057fa22e465

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.picussecurity.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Fri, 01 Dec 2023 15:48:12 GMT
x-amz-version-id: vJxVOry4uIvEBjIpYVMdk7aApV.q2xpQ
Last-Modified: Wed, 29 Nov 2023 07:37:10 GMT
Server: AmazonS3
x-amz-request-id: X1QC6PV26Q6DD1TD
ETag: "5984dfb8f88f12e176d4dda10bf7dbe0"
x-amz-server-side-encryption: AES256
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Length: 139580
x-amz-id-2: gah8H1f9tuDQUCFW+oO6du3ECfpTEs1/h1X0tqj+OTLyK9UTNov8bW64uGMTShFNGPWapETAs2c=

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: app.picussecurity.com
URL: https://app.picussecurity.com/picus-scripts/new-relic.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.picussecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 01 Dec 2023 15:22:36 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1535
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 01 Dec 2023 17:22:36 GMT

POST
H2 401 refresh-token Show response
app.picussecurity.com/api/v2/auth/ 81 B
945 B 101ms
100ms XHR
application/json 13.248.128.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.picussecurity.com/api/v2/auth/refresh-token

Requested by

Host: app.picussecurity.com
URL: https://app.picussecurity.com/picus-scripts/new-relic.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.128.213 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

afea95d23159a7aa2.awsglobalaccelerator.com

Software

Resource Hash

628909df5ff73da0a5b1e04e1bb0a7a5e56daf8b6089cf7641ebe94d9199797a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .picus.io picussecurity.com .picussecurity.com https://www.googletagmanager.com/ https://picus-digital-cdn.s3.amazonaws.com/ https://www.google-analytics.com/ https://aws.amazon.com/ .popt.in/ https://cdn.heapanalytics.com https://heapanalytics.com .heapanalytics.com .hotjar.com .hotjar.io .newrelic.com .cloudflare.com .nr-data.net pcsdl.com .pcsdl.com wss://ws.hotjar.com; style-src 'self' https://heapanalytics.com 'unsafe-inline'; img-src * 'self' data: https: https://heapanalytics.com; form-action 'self'; frame-ancestors 'self'; object-src 'none';upgrade-insecure-requests;
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

tracestate: 2698403@nr=0-1-2698403-1103150886-2dd3e140ab2cd32b----1701445691639
traceparent: 00-3286a2c5633ace9dd18409b3ce82fa46-2dd3e140ab2cd32b-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI2OTg0MDMiLCJhcCI6IjExMDMxNTA4ODYiLCJpZCI6IjJkZDNlMTQwYWIyY2QzMmIiLCJ0ciI6IjMyODZhMmM1NjMzYWNlOWRkMTg0MDliM2NlODJmYTQ2IiwidGkiOjE3MDE0NDU2OTE2Mzl9fQ==
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://app.picussecurity.com/scv/redirect/simulation/46059/run/154047/threat/2267/display/20874/action/19204/node/2/tab/mitigations

Response headers

date: Fri, 01 Dec 2023 15:48:11 GMT
content-security-policy: default-src 'self' *.picus.io picussecurity.com *.picussecurity.com https://www.googletagmanager.com/ https://picus-digital-cdn.s3.amazonaws.com/ https://www.google-analytics.com/ https://aws.amazon.com/ *.popt.in/ https://cdn.heapanalytics.com https://heapanalytics.com *.heapanalytics.com *.hotjar.com *.hotjar.io *.newrelic.com *.cloudflare.com *.nr-data.net pcsdl.com *.pcsdl.com wss://ws.hotjar.com; style-src 'self' https://heapanalytics.com 'unsafe-inline'; img-src * 'self' data: https: https://heapanalytics.com; form-action 'self'; frame-ancestors 'self'; object-src 'none';upgrade-insecure-requests;
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=315360000; includeSubdomains
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-ratelimit-remaining: 29
content-type: application/json; charset=utf-8
x-ratelimit-reset: 1701445721
x-ratelimit-limit: 30
content-length: 81
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK NRJS-5581dcec5d247dec3ec Show response
bam.nr-data.net/1/ 56 B
627 B 347ms
265ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-5581dcec5d247dec3ec?a=1103150886&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=2445&ck=1&ref=https://app.picussecurity.com/scv/redirect/simulation/46059/run/154047/threat/2267/display/20874/action/19204/node/2/tab/mitigations&be=1195&fe=2411&dc=2362&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1701445689221,%22n%22:0,%22f%22:605,%22dn%22:613,%22dne%22:613,%22c%22:613,%22s%22:621,%22ce%22:804,%22rq%22:804,%22rp%22:903,%22rpe%22:904,%22dl%22:905,%22di%22:1204,%22ds%22:2363,%22de%22:2363,%22dc%22:2411,%22l%22:2411,%22le%22:2411%7D,%22navigation%22:%7B%7D%7D&fp=1477&fcp=1477&jsonp=NREUM.setToken
Requested by: Host: app.picussecurity.com
URL: https://app.picussecurity.com/picus-scripts/new-relic.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.picussecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Fri, 01 Dec 2023 15:48:12 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
CF-Ray: 82ec79157e734daa-FRA

POST
H2 200 disable-token Show response
app.picussecurity.com/api/v2/auth/ 76 B
851 B 101ms
101ms XHR
application/json 13.248.128.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.picussecurity.com/api/v2/auth/disable-token

Requested by

Host: app.picussecurity.com
URL: https://app.picussecurity.com/picus-scripts/new-relic.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.128.213 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

afea95d23159a7aa2.awsglobalaccelerator.com

Software

Resource Hash

573ec88e2609b0e07a081b1ebca4f879064e8498407f302ae2aa0ed47332f43f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .picus.io picussecurity.com .picussecurity.com https://www.googletagmanager.com/ https://picus-digital-cdn.s3.amazonaws.com/ https://www.google-analytics.com/ https://aws.amazon.com/ .popt.in/ https://cdn.heapanalytics.com https://heapanalytics.com .heapanalytics.com .hotjar.com .hotjar.io .newrelic.com .cloudflare.com .nr-data.net pcsdl.com .pcsdl.com wss://ws.hotjar.com; style-src 'self' https://heapanalytics.com 'unsafe-inline'; img-src * 'self' data: https: https://heapanalytics.com; form-action 'self'; frame-ancestors 'self'; object-src 'none';upgrade-insecure-requests;
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

tracestate: 2698403@nr=0-1-2698403-1103150886-784d0d8d17d0d8ef----1701445691750
traceparent: 00-3701bfe26714fdb0bf63a88e14ee4815-784d0d8d17d0d8ef-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI2OTg0MDMiLCJhcCI6IjExMDMxNTA4ODYiLCJpZCI6Ijc4NGQwZDhkMTdkMGQ4ZWYiLCJ0ciI6IjM3MDFiZmUyNjcxNGZkYjBiZjYzYTg4ZTE0ZWU0ODE1IiwidGkiOjE3MDE0NDU2OTE3NTB9fQ==
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://app.picussecurity.com/scv/redirect/simulation/46059/run/154047/threat/2267/display/20874/action/19204/node/2/tab/mitigations

Response headers

date: Fri, 01 Dec 2023 15:48:11 GMT
content-security-policy: default-src 'self' *.picus.io picussecurity.com *.picussecurity.com https://www.googletagmanager.com/ https://picus-digital-cdn.s3.amazonaws.com/ https://www.google-analytics.com/ https://aws.amazon.com/ *.popt.in/ https://cdn.heapanalytics.com https://heapanalytics.com *.heapanalytics.com *.hotjar.com *.hotjar.io *.newrelic.com *.cloudflare.com *.nr-data.net pcsdl.com *.pcsdl.com wss://ws.hotjar.com; style-src 'self' https://heapanalytics.com 'unsafe-inline'; img-src * 'self' data: https: https://heapanalytics.com; form-action 'self'; frame-ancestors 'self'; object-src 'none';upgrade-insecure-requests;
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=315360000; includeSubdomains
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-ratelimit-remaining: 29
content-type: application/json; charset=utf-8
x-ratelimit-reset: 1701445721
x-ratelimit-limit: 30
content-length: 76
x-xss-protection: 1; mode=block

GET
H2 200 3631.922f31d5.chunk.js Show response
app.picussecurity.com/static/js/ 14 KB
6 KB 100ms
99ms Script
application/javascript 13.248.128.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.picussecurity.com/static/js/3631.922f31d5.chunk.js

Requested by

Host: app.picussecurity.com
URL: https://app.picussecurity.com/picus-scripts/new-relic.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.128.213 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

afea95d23159a7aa2.awsglobalaccelerator.com

Software

nginx /

Resource Hash

04c04b38a8af2daaf1c8f5fee427371842a782be3f8442f52e21a1eec6d6d520

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .picus.io picussecurity.com .picussecurity.com https://www.googletagmanager.com/ https://picus-digital-cdn.s3.amazonaws.com/ https://www.google-analytics.com/ .popt.in/ https://cdn.heapanalytics.com https://heapanalytics.com .heapanalytics.com .hotjar.com .hotjar.io .newrelic.com .cloudflare.com .nr-data.net pcsdl.com .pcsdl.com wss://ws.hotjar.com; style-src 'self' https://heapanalytics.com 'unsafe-inline'; img-src * 'self' data: https: https://heapanalytics.com; form-action 'self'; frame-ancestors 'self'; object-src 'none';upgrade-insecure-requests;
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.picussecurity.com/signin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:48:11 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.picus.io picussecurity.com *.picussecurity.com https://www.googletagmanager.com/ https://picus-digital-cdn.s3.amazonaws.com/ https://www.google-analytics.com/ *.popt.in/ https://cdn.heapanalytics.com https://heapanalytics.com *.heapanalytics.com *.hotjar.com *.hotjar.io *.newrelic.com *.cloudflare.com *.nr-data.net pcsdl.com *.pcsdl.com wss://ws.hotjar.com; style-src 'self' https://heapanalytics.com 'unsafe-inline'; img-src * 'self' data: https: https://heapanalytics.com; form-action 'self'; frame-ancestors 'self'; object-src 'none';upgrade-insecure-requests;
content-encoding: gzip
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 01 Dec 2023 14:28:47 GMT
server: nginx
etag: W/"6569ed9f-3610"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31531236, public
expires: Sat, 30 Nov 2024 14:28:47 GMT

GET
H2 200 environment Show response
app.picussecurity.com/api/v2/ 490 B
1 KB 100ms
100ms XHR
application/json 13.248.128.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.picussecurity.com/api/v2/environment

Requested by

Host: app.picussecurity.com
URL: https://app.picussecurity.com/picus-scripts/new-relic.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.128.213 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

afea95d23159a7aa2.awsglobalaccelerator.com

Software

Resource Hash

2ca1e08d2a5559a13edc5024fa03b5f477c3499fc16d91dc6cc0927d733ef6e3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .picus.io picussecurity.com .picussecurity.com https://www.googletagmanager.com/ https://picus-digital-cdn.s3.amazonaws.com/ https://www.google-analytics.com/ https://aws.amazon.com/ .popt.in/ https://cdn.heapanalytics.com https://heapanalytics.com .heapanalytics.com .hotjar.com .hotjar.io .newrelic.com .cloudflare.com .nr-data.net pcsdl.com .pcsdl.com wss://ws.hotjar.com; style-src 'self' https://heapanalytics.com 'unsafe-inline'; img-src * 'self' data: https: https://heapanalytics.com; form-action 'self'; frame-ancestors 'self'; object-src 'none';upgrade-insecure-requests;
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.picussecurity.com/signin
tracestate: 2698403@nr=0-1-2698403-1103150886-6a65b60c2d71b24f----1701445691867
traceparent: 00-ccff1ba13edcd7959b902bc6a919d44f-6a65b60c2d71b24f-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI2OTg0MDMiLCJhcCI6IjExMDMxNTA4ODYiLCJpZCI6IjZhNjViNjBjMmQ3MWIyNGYiLCJ0ciI6ImNjZmYxYmExM2VkY2Q3OTU5YjkwMmJjNmE5MTlkNDRmIiwidGkiOjE3MDE0NDU2OTE4Njd9fQ==

Response headers

date: Fri, 01 Dec 2023 15:48:11 GMT
content-security-policy: default-src 'self' *.picus.io picussecurity.com *.picussecurity.com https://www.googletagmanager.com/ https://picus-digital-cdn.s3.amazonaws.com/ https://www.google-analytics.com/ https://aws.amazon.com/ *.popt.in/ https://cdn.heapanalytics.com https://heapanalytics.com *.heapanalytics.com *.hotjar.com *.hotjar.io *.newrelic.com *.cloudflare.com *.nr-data.net pcsdl.com *.pcsdl.com wss://ws.hotjar.com; style-src 'self' https://heapanalytics.com 'unsafe-inline'; img-src * 'self' data: https: https://heapanalytics.com; form-action 'self'; frame-ancestors 'self'; object-src 'none';upgrade-insecure-requests;
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=315360000; includeSubdomains
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
content-length: 490
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK whats-new.json Show response
picus-digital-cdn.s3.amazonaws.com/whats-new-prod/ 136 KB
137 KB 337ms
132ms XHR
application/json 54.231.227.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://picus-digital-cdn.s3.amazonaws.com/whats-new-prod/whats-new.json
Requested by: Host: app.picussecurity.com
URL: https://app.picussecurity.com/picus-scripts/new-relic.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.227.249 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 05b446700e22588bc7f4231c745d57f134d49fa03b92c5e7e77a3057fa22e465

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.picussecurity.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Fri, 01 Dec 2023 15:48:13 GMT
x-amz-version-id: vJxVOry4uIvEBjIpYVMdk7aApV.q2xpQ
Last-Modified: Wed, 29 Nov 2023 07:37:10 GMT
Server: AmazonS3
x-amz-request-id: 4YG8NZ0BN1P25A2H
ETag: "5984dfb8f88f12e176d4dda10bf7dbe0"
x-amz-server-side-encryption: AES256
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Length: 139580
x-amz-id-2: 34h4Plqq8W4JOLt0MYUD7lFXMqxMv8scNmQsXlupfVA/rxpei90H9KUvtWoPMKcSIIf5K4iJywA=

GET
H2 200 h
heapanalytics.com/ 37 B
260 B 98ms
98ms Image
image/gif 3.226.44.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=250908550&u=6441993672374909&v=2049165552837897&s=4686124767238987&b=web&tv=4.0&z=2&h=%2Fsignin&d=app.picussecurity.com&t=Automated%20Adversary%20Simulation%3A%20Improve%20your%20cyber%20resilience&ts=1701445691871&pr=%2Fscv%2Fredirect%2Fsimulation%2F46059%2Frun%2F154047%2Fthreat%2F2267%2Fdisplay%2F20874%2Faction%2F19204%2Fnode%2F2%2Ftab%2Fmitigations&sp=ts&sp=1701445690729&sp=d&sp=app.picussecurity.com&sp=h&sp=%2Fscv%2Fredirect%2Fsimulation%2F46059%2Frun%2F154047%2Fthreat%2F2267%2Fdisplay%2F20874%2Faction%2F19204%2Fnode%2F2%2Ftab%2Fmitigations&st=1701445691872

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.226.44.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-226-44-160.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.picussecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 15:48:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 RedHatDisplay-Bold.c7f567b89d936394a904.ttf
app.picussecurity.com/static/media/ 75 KB
36 KB 104ms
103ms Font
application/octet-stream 13.248.128.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.picussecurity.com/static/media/RedHatDisplay-Bold.c7f567b89d936394a904.ttf

Requested by

Host: app.picussecurity.com
URL: https://app.picussecurity.com/static/css/main.60ff979e.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.128.213 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

afea95d23159a7aa2.awsglobalaccelerator.com

Software

nginx /

Resource Hash

7ced35dd69ce94daa73ec8f4d1d1a833b41966112163066b3e4a44f55093a3b0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .picus.io picussecurity.com .picussecurity.com https://www.googletagmanager.com/ https://picus-digital-cdn.s3.amazonaws.com/ https://www.google-analytics.com/ .popt.in/ https://cdn.heapanalytics.com https://heapanalytics.com .heapanalytics.com .hotjar.com .hotjar.io .newrelic.com .cloudflare.com .nr-data.net pcsdl.com .pcsdl.com wss://ws.hotjar.com; style-src 'self' https://heapanalytics.com 'unsafe-inline'; img-src * 'self' data: https: https://heapanalytics.com; form-action 'self'; frame-ancestors 'self'; object-src 'none';upgrade-insecure-requests;
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://app.picussecurity.com/static/css/main.60ff979e.css
Origin: https://app.picussecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:48:12 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.picus.io picussecurity.com *.picussecurity.com https://www.googletagmanager.com/ https://picus-digital-cdn.s3.amazonaws.com/ https://www.google-analytics.com/ *.popt.in/ https://cdn.heapanalytics.com https://heapanalytics.com *.heapanalytics.com *.hotjar.com *.hotjar.io *.newrelic.com *.cloudflare.com *.nr-data.net pcsdl.com *.pcsdl.com wss://ws.hotjar.com; style-src 'self' https://heapanalytics.com 'unsafe-inline'; img-src * 'self' data: https: https://heapanalytics.com; form-action 'self'; frame-ancestors 'self'; object-src 'none';upgrade-insecure-requests;
content-encoding: gzip
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 01 Dec 2023 14:28:47 GMT
server: nginx
etag: W/"6569ed9f-12abc"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
cache-control: max-age=31531235, public
expires: Sat, 30 Nov 2024 14:28:47 GMT

GET
H2 200 Inter-Medium.abc74264e0406c68ea90.woff2
app.picussecurity.com/static/media/ 104 KB
104 KB 101ms
101ms Font
font/woff2 13.248.128.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.picussecurity.com/static/media/Inter-Medium.abc74264e0406c68ea90.woff2

Requested by

Host: app.picussecurity.com
URL: https://app.picussecurity.com/static/css/main.60ff979e.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.128.213 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

afea95d23159a7aa2.awsglobalaccelerator.com

Software

nginx /

Resource Hash

a4e1e7e6c1021f0f62e6f5878d260e7fd69171a110f92306257f1b01240caccd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .picus.io picussecurity.com .picussecurity.com https://www.googletagmanager.com/ https://picus-digital-cdn.s3.amazonaws.com/ https://www.google-analytics.com/ .popt.in/ https://cdn.heapanalytics.com https://heapanalytics.com .heapanalytics.com .hotjar.com .hotjar.io .newrelic.com .cloudflare.com .nr-data.net pcsdl.com .pcsdl.com wss://ws.hotjar.com; style-src 'self' https://heapanalytics.com 'unsafe-inline'; img-src * 'self' data: https: https://heapanalytics.com; form-action 'self'; frame-ancestors 'self'; object-src 'none';upgrade-insecure-requests;
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://app.picussecurity.com/static/css/main.60ff979e.css
Origin: https://app.picussecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:48:12 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.picus.io picussecurity.com *.picussecurity.com https://www.googletagmanager.com/ https://picus-digital-cdn.s3.amazonaws.com/ https://www.google-analytics.com/ *.popt.in/ https://cdn.heapanalytics.com https://heapanalytics.com *.heapanalytics.com *.hotjar.com *.hotjar.io *.newrelic.com *.cloudflare.com *.nr-data.net pcsdl.com *.pcsdl.com wss://ws.hotjar.com; style-src 'self' https://heapanalytics.com 'unsafe-inline'; img-src * 'self' data: https: https://heapanalytics.com; form-action 'self'; frame-ancestors 'self'; object-src 'none';upgrade-insecure-requests;
content-encoding: gzip
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 01 Dec 2023 14:28:47 GMT
server: nginx
etag: W/"6569ed9f-1a0e0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: max-age=31531235, public
expires: Sat, 30 Nov 2024 14:28:47 GMT

GET
H2 200 Inter-Regular.7c370fde6764d889efe6.woff2
app.picussecurity.com/static/media/ 98 KB
98 KB 107ms
106ms Font
font/woff2 13.248.128.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.picussecurity.com/static/media/Inter-Regular.7c370fde6764d889efe6.woff2

Requested by

Host: app.picussecurity.com
URL: https://app.picussecurity.com/static/css/main.60ff979e.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.128.213 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

afea95d23159a7aa2.awsglobalaccelerator.com

Software

nginx /

Resource Hash

c342b1b7f7d19be1429fef29bf3af6d9e8c3e21aba846e082cdee1db8a530c83

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .picus.io picussecurity.com .picussecurity.com https://www.googletagmanager.com/ https://picus-digital-cdn.s3.amazonaws.com/ https://www.google-analytics.com/ .popt.in/ https://cdn.heapanalytics.com https://heapanalytics.com .heapanalytics.com .hotjar.com .hotjar.io .newrelic.com .cloudflare.com .nr-data.net pcsdl.com .pcsdl.com wss://ws.hotjar.com; style-src 'self' https://heapanalytics.com 'unsafe-inline'; img-src * 'self' data: https: https://heapanalytics.com; form-action 'self'; frame-ancestors 'self'; object-src 'none';upgrade-insecure-requests;
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://app.picussecurity.com/static/css/main.60ff979e.css
Origin: https://app.picussecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:48:12 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.picus.io picussecurity.com *.picussecurity.com https://www.googletagmanager.com/ https://picus-digital-cdn.s3.amazonaws.com/ https://www.google-analytics.com/ *.popt.in/ https://cdn.heapanalytics.com https://heapanalytics.com *.heapanalytics.com *.hotjar.com *.hotjar.io *.newrelic.com *.cloudflare.com *.nr-data.net pcsdl.com *.pcsdl.com wss://ws.hotjar.com; style-src 'self' https://heapanalytics.com 'unsafe-inline'; img-src * 'self' data: https: https://heapanalytics.com; form-action 'self'; frame-ancestors 'self'; object-src 'none';upgrade-insecure-requests;
content-encoding: gzip
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 01 Dec 2023 14:28:47 GMT
server: nginx
etag: W/"6569ed9f-1871c"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: max-age=31531235, public
expires: Sat, 30 Nov 2024 14:28:47 GMT

GET
H2 200 Inter-SemiBold.d5e2bcf860731fb43a76.woff2
app.picussecurity.com/static/media/ 105 KB
105 KB 109ms
108ms Font
font/woff2 13.248.128.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.picussecurity.com/static/media/Inter-SemiBold.d5e2bcf860731fb43a76.woff2

Requested by

Host: app.picussecurity.com
URL: https://app.picussecurity.com/static/css/main.60ff979e.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.128.213 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

afea95d23159a7aa2.awsglobalaccelerator.com

Software

nginx /

Resource Hash

af44b8a232c6946b5d4ced0df202e29f1330f66a2587b581826fd561bda24fad

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .picus.io picussecurity.com .picussecurity.com https://www.googletagmanager.com/ https://picus-digital-cdn.s3.amazonaws.com/ https://www.google-analytics.com/ .popt.in/ https://cdn.heapanalytics.com https://heapanalytics.com .heapanalytics.com .hotjar.com .hotjar.io .newrelic.com .cloudflare.com .nr-data.net pcsdl.com .pcsdl.com wss://ws.hotjar.com; style-src 'self' https://heapanalytics.com 'unsafe-inline'; img-src * 'self' data: https: https://heapanalytics.com; form-action 'self'; frame-ancestors 'self'; object-src 'none';upgrade-insecure-requests;
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://app.picussecurity.com/static/css/main.60ff979e.css
Origin: https://app.picussecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:48:12 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.picus.io picussecurity.com *.picussecurity.com https://www.googletagmanager.com/ https://picus-digital-cdn.s3.amazonaws.com/ https://www.google-analytics.com/ *.popt.in/ https://cdn.heapanalytics.com https://heapanalytics.com *.heapanalytics.com *.hotjar.com *.hotjar.io *.newrelic.com *.cloudflare.com *.nr-data.net pcsdl.com *.pcsdl.com wss://ws.hotjar.com; style-src 'self' https://heapanalytics.com 'unsafe-inline'; img-src * 'self' data: https: https://heapanalytics.com; form-action 'self'; frame-ancestors 'self'; object-src 'none';upgrade-insecure-requests;
content-encoding: gzip
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 01 Dec 2023 14:28:47 GMT
server: nginx
etag: W/"6569ed9f-1a2e0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: max-age=31531235, public
expires: Sat, 30 Nov 2024 14:28:47 GMT

GET
H2 200 mobile-signin.08aadce568476cfa7274840ad2d074b3.svg
app.picussecurity.com/static/media/ 2 KB
1 KB 105ms
105ms Image
image/svg+xml 13.248.128.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.picussecurity.com/static/media/mobile-signin.08aadce568476cfa7274840ad2d074b3.svg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.128.213 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

afea95d23159a7aa2.awsglobalaccelerator.com

Software

nginx /

Resource Hash

054063529b9f896d7910d1b6b089331bb47364aaf0526d5b17ac3d54757b6b99

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .picus.io picussecurity.com .picussecurity.com https://www.googletagmanager.com/ https://picus-digital-cdn.s3.amazonaws.com/ https://www.google-analytics.com/ .popt.in/ https://cdn.heapanalytics.com https://heapanalytics.com .heapanalytics.com .hotjar.com .hotjar.io .newrelic.com .cloudflare.com .nr-data.net pcsdl.com .pcsdl.com wss://ws.hotjar.com; style-src 'self' https://heapanalytics.com 'unsafe-inline'; img-src * 'self' data: https: https://heapanalytics.com; form-action 'self'; frame-ancestors 'self'; object-src 'none';upgrade-insecure-requests;
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.picussecurity.com/signin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:48:12 GMT
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.picus.io picussecurity.com *.picussecurity.com https://www.googletagmanager.com/ https://picus-digital-cdn.s3.amazonaws.com/ https://www.google-analytics.com/ *.popt.in/ https://cdn.heapanalytics.com https://heapanalytics.com *.heapanalytics.com *.hotjar.com *.hotjar.io *.newrelic.com *.cloudflare.com *.nr-data.net pcsdl.com *.pcsdl.com wss://ws.hotjar.com; style-src 'self' https://heapanalytics.com 'unsafe-inline'; img-src * 'self' data: https: https://heapanalytics.com; form-action 'self'; frame-ancestors 'self'; object-src 'none';upgrade-insecure-requests;
content-encoding: gzip
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 01 Dec 2023 14:28:47 GMT
server: nginx
etag: W/"6569ed9f-67d"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31531235, public
expires: Sat, 30 Nov 2024 14:28:47 GMT

POST
H/1.1 200
OK NRJS-5581dcec5d247dec3ec Show response
bam.nr-data.net/events/1/ 24 B
409 B 269ms
268ms XHR
image/gif 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/NRJS-5581dcec5d247dec3ec?a=1103150886&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=2808&ck=1&ref=https://app.picussecurity.com/signin
Requested by: Host: app.picussecurity.com
URL: https://app.picussecurity.com/picus-scripts/new-relic.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://app.picussecurity.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

Date: Fri, 01 Dec 2023 15:48:12 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://app.picussecurity.com
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 82ec791739374daa-FRA
Content-Length: 24

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.picussecurity.com/	1970-01-21 01:23:01	Name: _hjSessionUser_1797415 Value: eyJpZCI6ImVkMzk3OTFkLTRhZTctNWIzOS1iNzhjLTg0YTdkNzc4YTA2ZiIsImNyZWF0ZWQiOjE3MDE0NDU2OTA2MzEsImV4aXN0aW5nIjpmYWxzZX0=
.picussecurity.com/	1970-01-20 16:37:27	Name: _hjFirstSeen Value: 1
.picussecurity.com/	1970-01-20 16:37:27	Name: _hjIncludedInSessionSample_1797415 Value: 0
.picussecurity.com/	1970-01-20 16:37:27	Name: _hjSession_1797415 Value: eyJpZCI6IjA1MzBkOWI1LTI5OWEtNDViNi1iZjE3LTIyYTYzZDZiZmFmMCIsImNyZWF0ZWQiOjE3MDE0NDU2OTA2MzIsImluU2FtcGxlIjpmYWxzZSwic2Vzc2lvbml6ZXJCZXRhRW5hYmxlZCI6ZmFsc2V9
.picussecurity.com/	1970-01-20 16:37:27	Name: _hjAbsoluteSessionInProgress Value: 0
app.picussecurity.com/	1970-01-20 16:40:18	Name: poptin_old_user Value: true
app.picussecurity.com/	1970-01-21 01:23:01	Name: poptin_user_id Value: 0.njswsr9e4u
app.picussecurity.com/	1970-01-20 16:37:25	Name: poptin_previous_url Value:
app.picussecurity.com/	1970-01-21 01:23:01	Name: poptin_user_ip Value: 2a03:1b20:6:f011::7e
app.picussecurity.com/	1970-01-20 16:37:27	Name: poptin_session Value: true
app.picussecurity.com/	1970-01-20 17:20:37	Name: poptin_c_visitor Value: true
.picussecurity.com/	1970-01-21 02:13:25	Name: _ga Value: GA1.2.513660290.1701445691
.picussecurity.com/	1970-01-20 16:38:52	Name: _gid Value: GA1.2.66141553.1701445691
.picussecurity.com/	1970-01-20 16:37:25	Name: _gat_UA-37993489-5 Value: 1
.picussecurity.com/	1970-01-20 16:37:27	Name: _hp2_ses_props.250908550 Value: %7B%22ts%22%3A1701445690729%2C%22d%22%3A%22app.picussecurity.com%22%2C%22h%22%3A%22%2Fscv%2Fredirect%2Fsimulation%2F46059%2Frun%2F154047%2Fthreat%2F2267%2Fdisplay%2F20874%2Faction%2F19204%2Fnode%2F2%2Ftab%2Fmitigations%22%7D
.app.picussecurity.com/	1969-12-31 23:59:59	Name: session_id Value: e0f0d2e8-c4bb-449a-a383-d6bd7452ac38
.picussecurity.com/	1970-01-21 02:05:23	Name: _hp2_id.250908550 Value: %7B%22userId%22%3A%226441993672374909%22%2C%22pageviewId%22%3A%222049165552837897%22%2C%22sessionId%22%3A%224686124767238987%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 40d5b986b30be824

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://app.picussecurity.com/api/v2/auth/refresh-token Message: Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' .picus.io picussecurity.com .picussecurity.com https://www.googletagmanager.com/ https://picus-digital-cdn.s3.amazonaws.com/ https://www.google-analytics.com/ .popt.in/ https://cdn.heapanalytics.com https://heapanalytics.com .heapanalytics.com .hotjar.com .hotjar.io .newrelic.com .cloudflare.com .nr-data.net pcsdl.com .pcsdl.com wss://ws.hotjar.com; style-src 'self' https://heapanalytics.com 'unsafe-inline'; img-src * 'self' data: https: https://heapanalytics.com; form-action 'self'; frame-ancestors 'self'; object-src 'none';upgrade-insecure-requests;
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.picussecurity.com
bam.nr-data.net
cdn.heapanalytics.com
cdn.popt.in
cdnjs.cloudflare.com
display.popt.in
heapanalytics.com
js-agent.newrelic.com
picus-digital-cdn.s3.amazonaws.com
script.hotjar.com
static.hotjar.com
surveystats.hotjar.io
www.google-analytics.com
www.googletagmanager.com
www.hotjar.com
108.156.60.88
13.248.128.213
151.101.66.137
162.247.241.14
18.165.227.74
18.65.39.85
2606:4700::6811:180e
2606:4700:e4::ac40:ae06
2606:4700:e4::ac40:af06
2a00:1450:4001:800::200e
2a00:1450:4001:80f::2008
3.160.212.41
3.226.44.160
54.231.227.249
76.223.0.74
99.86.159.100
04c04b38a8af2daaf1c8f5fee427371842a782be3f8442f52e21a1eec6d6d520
054063529b9f896d7910d1b6b089331bb47364aaf0526d5b17ac3d54757b6b99
05b446700e22588bc7f4231c745d57f134d49fa03b92c5e7e77a3057fa22e465
08d62e0e4313d2131430a8baa41ef30eed43cd8f00a152f52495de19a1fdbf32
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
138bee220f8e49a0a2a08e4490739a0bfe24c5deda944586a50edc5fd83a0cb0
1bd5cb69e4e769c82540813b5aba6022db001ee2efc9f222bd595724a33ce917
294d8c32cbf67a2934d57a9c1a071c974d61e8267726717e019b00105f84d7a7
2ca1e08d2a5559a13edc5024fa03b5f477c3499fc16d91dc6cc0927d733ef6e3
340fad526fc21fd21c1baee912228855a8f2ba3c872f0ff9cf4986d119ea2c78
39b16c519eed117794593e4fa087b22fd4a70ac7334d0fb5eec322d998dfb473
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe
573ec88e2609b0e07a081b1ebca4f879064e8498407f302ae2aa0ed47332f43f
5f956df916cbc781f3d01039e5df0d85afef2c95400e4d9140409081b8d525a5
628909df5ff73da0a5b1e04e1bb0a7a5e56daf8b6089cf7641ebe94d9199797a
62b0ca06cdec7dfd3f17dc0d68701384cf99cc269228bf98e2c4cdb059f9bd14
698646ac6f06ab5a94036070bfe9b165c46e23704cbc51c143bce10375ec8f99
77a17bd55486aef26d2fbbe92b56672398378b1ad7ba7975c79742b4772d52b1
7ced35dd69ce94daa73ec8f4d1d1a833b41966112163066b3e4a44f55093a3b0
7de67691670ca758a843b95cb49120e77b7f27b7977a02b55554a9cfac57bee8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8464e8fe8a0053aa086011c7e1c7d6dd24d5525bf48775d4df36a4e1147a2adc
85f7b7205c844d094c400faab95494ced9643f1a5ac6d8699ee87efae67354a7
8d0c441c4c7b5727937c621fe9b8a6010d32b2bb5962f9116b6540064ec290fa
902c54e14370c9e463ec21d96fcab38bf416d78a5e506366e7bae844890fa7e0
94ff9c5505d8e80c68b1b74c8e400edd29e8541e3804ced57a1c8dff544cfa5e
9968a2134a8a4e074c570283b0eb93342d4a0e70a769c5547e9dc6b99c69391f
a4e1e7e6c1021f0f62e6f5878d260e7fd69171a110f92306257f1b01240caccd
af44b8a232c6946b5d4ced0df202e29f1330f66a2587b581826fd561bda24fad
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c18c01cbd6d9e1e7fdd51a75e7cf3c7bfcead97f42e6ea2fff803395d51dff51
c342b1b7f7d19be1429fef29bf3af6d9e8c3e21aba846e082cdee1db8a530c83
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
cac3ef54e96c4169a3dad4237fd740a4b780eab70b680a3f2d86de5709dc9af5
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40f669cb2f591861191dca313973d494bef90a3e5fe090a32469d2761690a97
e837b8912928cb37df2250ed75c1c8b380aad2a62efe07672fd7b063a489cb3f
f76d75be64d8a82216ab51a00d6a5e493550521369d490e5b169a2b54bab7187
f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d

app.picussecurity.com Open in urlscan Pro 13.248.128.213 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

44 Requests

100 %HTTPS

31 %IPv6

11 Domains

15 Subdomains

15 IPs

2 Countries

3424 kBTransfer

10258 kBSize

18 Cookies

8 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

app.picussecurity.com Open in urlscan Pro
13.248.128.213 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

100 %
HTTPS

31 %
IPv6

11
Domains

15
Subdomains

15
IPs

2
Countries

3424 kB
Transfer

10258 kB
Size

18
Cookies

44 HTTP transactions
0 data transactions