urlscan.io logo urlscan.io
SecurityTrails logo

bugcrowd.com Open in urlscan Pro
2606:4700:10::6814:4ef  Public Scan

Go To Rescan Add Verdict Report
URL: https://bugcrowd.com/Salah-Mosbah
Submission: On March 08 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 1 countries across 9 domains to perform 31 HTTP transactions. The main IP is 2606:4700:10::6814:4ef, located in United States and belongs to CLOUDFLARENET, US. The main domain is bugcrowd.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on November 3rd 2020. Valid for: a year.
This is the only time bugcrowd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 2606:4700:10:... 13335 (CLOUDFLAR...)
10 2606:4700:10:... 13335 (CLOUDFLAR...)
1 13.226.156.92 16509 (AMAZON-02)
2 2600:1901:0:7... 15169 (GOOGLE)
1 13.226.158.149 16509 (AMAZON-02)
1 35.155.235.224 16509 (AMAZON-02)
1 1 13.226.159.60 16509 (AMAZON-02)
5 13.226.159.83 16509 (AMAZON-02)
1 13.226.159.68 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 3.209.197.155 14618 (AMAZON-AES)
1 75.2.88.188 16509 (AMAZON-02)
31 12
7    2606:4700:10::6814:4ef (United States)

ASN13335 (CLOUDFLARENET, US)
bugcrowd.com
10    2606:4700:10::6814:3c23 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.bugcrowdusercontent.com
logos.bugcrowdusercontent.com
1    13.226.156.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-156-92.dus51.r.cloudfront.net
d2wy8f7a9ursnm.cloudfront.net
2    2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
sessions.bugsnag.com
1    13.226.158.149 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-158-149.dus51.r.cloudfront.net
cdn.segment.com
1    35.155.235.224 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-155-235-224.us-west-2.compute.amazonaws.com
api.segment.io
1    13.226.159.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-60.dus51.r.cloudfront.net
widget.intercom.io
5    13.226.159.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-83.dus51.r.cloudfront.net
js.intercomcdn.com
1    13.226.159.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-68.dus51.r.cloudfront.net
cdn.heapanalytics.com
1    2606:4700:10::ac43:24f6 (United States)

ASN13335 (CLOUDFLARENET, US)
crowdicons.bugcrowdusercontent.com
1    3.209.197.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-197-155.compute-1.amazonaws.com
heapanalytics.com
1    75.2.88.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: ad8b87a22ce463223.awsglobalaccelerator.com
api-iam.intercom.io
Domain Requested by
7 logos.bugcrowdusercontent.com bugcrowd.com
7 bugcrowd.com d2wy8f7a9ursnm.cloudfront.net
bugcrowd.com
5 js.intercomcdn.com bugcrowd.com
widget.intercom.io
js.intercomcdn.com
3 assets.bugcrowdusercontent.com bugcrowd.com
2 sessions.bugsnag.com d2wy8f7a9ursnm.cloudfront.net
1 api-iam.intercom.io js.intercomcdn.com
1 heapanalytics.com bugcrowd.com
1 crowdicons.bugcrowdusercontent.com bugcrowd.com
1 cdn.heapanalytics.com cdn.segment.com
1 widget.intercom.io 1 redirects
1 api.segment.io cdn.segment.com
1 cdn.segment.com bugcrowd.com
1 d2wy8f7a9ursnm.cloudfront.net bugcrowd.com
31 13

This site contains links to these domains. Also see Links.

Domain
www.bugcrowd.com
forum.bugcrowd.com
www.linkedin.com
twitter.com
www.facebook.com
www.youtube.com
Subject Issuer Validity Valid
bugcrowd.com
DigiCert SHA2 Extended Validation Server CA		 2020-11-03 -
2021-12-03		 a year crt.sh
bugcrowdusercontent.com
DigiCert SHA2 Extended Validation Server CA		 2020-12-16 -
2022-01-15		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2020-05-26 -
2021-04-21		 a year crt.sh
*.bugsnag.com
Sectigo RSA Domain Validation Secure Server CA		 2020-05-18 -
2021-05-18		 a year crt.sh
*.segment.com
DigiCert SHA2 Secure Server CA		 2020-06-12 -
2021-07-27		 a year crt.sh
*.intercomcdn.com
Amazon		 2021-03-01 -
2022-03-30		 a year crt.sh
cdn.heapanalytics.com
Amazon		 2020-09-24 -
2021-10-26		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-10 -
2021-08-10		 a year crt.sh
heapanalytics.com
Amazon		 2020-12-24 -
2022-01-22		 a year crt.sh
*.intercom.com
Amazon		 2020-05-13 -
2021-06-13		 a year crt.sh

This page contains 2 frames:

Primary Page: https://bugcrowd.com/Salah-Mosbah
Frame ID: BE77679487F928F2CD8E0514AF66CFE1
Requests: 28 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.3eee425d.js
Frame ID: 8BDD82358BDCBAF13016DE03C2261EB3
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 50%
Detected patterns
  • meta csrf-param /^authenticity_token$/i
Overall confidence: 50%
Detected patterns
  • meta csrf-param /^authenticity_token$/i
Overall confidence: 100%
Detected patterns
  • script /\/bugsnag.*\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /heap-\d+\.js/i
Overall confidence: 100%
Detected patterns
  • script /cdn\.segment\.com\/analytics\.js/i

Page Statistics

31
Requests

100 %
HTTPS

33 %
IPv6

9
Domains

13
Subdomains

12
IPs

1
Countries

2243 kB
Transfer

7523 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://widget.intercom.io/widget/ovg5emkk HTTP 302
  • https://js.intercomcdn.com/shim.latest.js

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Salah-Mosbah
bugcrowd.com/ 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bugcrowd.com/Salah-Mosbah
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:4ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d445b396a52cbce51d056f97773137677aa80dffb0bf717796b6f0e42386e67
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'self' d6tizftlrpuof.cloudfront.net; block-all-mixed-content; connect-src 'self' *.heapanalytics.com heapanalytics.com *.intercom.io *.intercomcdn.com *.segment.io wss://*.intercom.io syndication.twitter.com notify.bugsnag.com sessions.bugsnag.com bugcrowd-attachments-us-east-1-production.s3.us-east-1.amazonaws.com bugcrowd-attachments-us-east-1-production.s3.amazonaws.com; font-src data: assets.bugcrowdusercontent.com *.heapanalytics.com heapanalytics.com *.intercomcdn.com; form-action 'self'; frame-src 'self' *.facebook.com *.twitter.com www.youtube.com d6tizftlrpuof.cloudfront.net; img-src 'self' data: *.bugcrowdusercontent.com *.facebook.com *.google-analytics.com *.heapanalytics.com heapanalytics.com *.intercomassets.com *.intercomcdn.com *.twitter.com *.wp.com t.co platform.slack-edge.com notify.bugsnag.com assets.pentesterlab.com *.usabilla.com; media-src 'self' js.intercomcdn.com; script-src 'strict-dynamic' 'self' assets.bugcrowdusercontent.com *.facebook.com *.facebook.net *.google-analytics.com *.heapanalytics.com heapanalytics.com *.intercom.io *.intercomcdn.com *.segment.com *.twitter.com api.usemessages.com d2wy8f7a9ursnm.cloudfront.net 'nonce-YRpgQT3UOmrbRP7irMSStBvEumGDAlzcc1AgS/e6pZc=' 'unsafe-inline'; style-src 'unsafe-inline' assets.bugcrowdusercontent.com; upgrade-insecure-requests; report-uri /csp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
bugcrowd.com
:scheme
https
:path
/Salah-Mosbah
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 16:38:49 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d974aea3435e3b9d0b4f7bb707add0bf61615221528; expires=Wed, 07-Apr-21 16:38:48 GMT; path=/; domain=.bugcrowd.com; HttpOnly; SameSite=Lax _crowdcontrol_session=Sjl5ZlBYSTJEbTgrWmdYM1Ztb2VuOXh2WXdTNWpjQVpBQWlyME54Z1ZwSlZNVkcyMUpmWlIxcEcxNEd2NWxRMU1yS3g2NjdkQnVNVVhqWEdUd25odmFKVmxjeGVZSnJqcHVISzVZLzNzWUtQMFV4dnM4TmVVcC9UVE04ZFJmSVp5VHVtZGZqYTljeGkyc0VXTVVhYkR3PT0tLXFHMFhPeHcvWXlCYTBUVXFsMTQ5QWc9PQ%3D%3D--1ee40dcec387c15c0b2ea3417e6dfae60341794a; path=/; secure; HttpOnly; SameSite=Lax
etag
W/"5d445b396a52cbce51d056f977731376"
cache-control
max-age=0, private, must-revalidate
x-request-id
b5ee3c3c-4a24-4692-9b34-25f5c537b2dd
x-runtime
0.233116
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-download-options
noopen
x-permitted-cross-domain-policies
none
referrer-policy
strict-origin-when-cross-origin
content-security-policy
default-src 'none'; base-uri 'self' d6tizftlrpuof.cloudfront.net; block-all-mixed-content; connect-src 'self' *.heapanalytics.com heapanalytics.com *.intercom.io *.intercomcdn.com *.segment.io wss://*.intercom.io syndication.twitter.com notify.bugsnag.com sessions.bugsnag.com bugcrowd-attachments-us-east-1-production.s3.us-east-1.amazonaws.com bugcrowd-attachments-us-east-1-production.s3.amazonaws.com; font-src data: assets.bugcrowdusercontent.com *.heapanalytics.com heapanalytics.com *.intercomcdn.com; form-action 'self'; frame-src 'self' *.facebook.com *.twitter.com www.youtube.com d6tizftlrpuof.cloudfront.net; img-src 'self' data: *.bugcrowdusercontent.com *.facebook.com *.google-analytics.com *.heapanalytics.com heapanalytics.com *.intercomassets.com *.intercomcdn.com *.twitter.com *.wp.com t.co platform.slack-edge.com notify.bugsnag.com assets.pentesterlab.com *.usabilla.com; media-src 'self' js.intercomcdn.com; script-src 'strict-dynamic' 'self' assets.bugcrowdusercontent.com *.facebook.com *.facebook.net *.google-analytics.com *.heapanalytics.com heapanalytics.com *.intercom.io *.intercomcdn.com *.segment.com *.twitter.com api.usemessages.com d2wy8f7a9ursnm.cloudfront.net 'nonce-YRpgQT3UOmrbRP7irMSStBvEumGDAlzcc1AgS/e6pZc=' 'unsafe-inline'; style-src 'unsafe-inline' assets.bugcrowdusercontent.com; upgrade-insecure-requests; report-uri /csp
x-varnish
393290
age
0
cf-cache-status
DYNAMIC
cf-request-id
08b44db0b2000063f5b9065000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
62cd7efab90163f5-FRA
content-encoding
gzip
application-d951ac1c.css
assets.bugcrowdusercontent.com/packs/css/ 		659 KB
97 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.bugcrowdusercontent.com/packs/css/application-d951ac1c.css
Requested by
Host: bugcrowd.com
URL: https://bugcrowd.com/Salah-Mosbah
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:3c23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95f02a16a7c0829445717c148bc56e35d6bff8c6a00c7b04e3a688d6d9516592

Request headers

Referer
https://bugcrowd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 16:38:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 04 Mar 2021 16:25:52 GMT
server
cloudflare
age
6127
etag
W/"bcfcd3cf0707140fd770d030707f715a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
62cd7eff2c8e2b4d-FRA
cf-request-id
08b44db37900002b4d5bae3000000001
bugsnag.min.js
d2wy8f7a9ursnm.cloudfront.net/v4/ 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2wy8f7a9ursnm.cloudfront.net/v4/bugsnag.min.js
Requested by
Host: bugcrowd.com
URL: https://bugcrowd.com/Salah-Mosbah
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.156.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-92.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b25a37870e2a2df1197250f5e9befbbcc689663262ffacd7f53ccd0693411525

Request headers

Referer
https://bugcrowd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Feb 2021 01:10:45 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 01 Aug 2018 09:43:25 GMT
Server
AmazonS3
Age
2734085
ETag
W/"bcae2fab7aadf79a0f44f171109e4a9e"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript; charset=UTF-8
Via
1.1 a67be963c7536322e9a591e428e62d28.cloudfront.net (CloudFront)
Cache-Control
public, max-age=315360000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
DUS51-C1
X-Amz-Cf-Id
1RRnIDm8YXLKDQBVONbnfRHiKcjRDKtp-CGrwZY5bys-IY9CkXd0Jg==
logo-full.min-ffef5e4dc1c44a8705ad8947f770bdd4.svg
assets.bugcrowdusercontent.com/packs/media/images/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.bugcrowdusercontent.com/packs/media/images/logo-full.min-ffef5e4dc1c44a8705ad8947f770bdd4.svg
Requested by
Host: bugcrowd.com
URL: https://bugcrowd.com/Salah-Mosbah
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:3c23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f97006dcf19add73b5e13c546156587a79b449417c6c2581bfb92fc4aae1bbcc

Request headers

Referer
https://bugcrowd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 16:38:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 06 Nov 2020 19:27:54 GMT
server
cloudflare
age
10399457
etag
W/"ffef5e4dc1c44a8705ad8947f770bdd4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
62cd7eff8d2a2b4d-FRA
cf-request-id
08b44db3b400002b4d76805000000001
application-4620ce41e1d839020bdf.js
assets.bugcrowdusercontent.com/packs/js/ 		4 MB
965 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bugcrowdusercontent.com/packs/js/application-4620ce41e1d839020bdf.js
Requested by
Host: bugcrowd.com
URL: https://bugcrowd.com/Salah-Mosbah
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:3c23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e88dfdc83a5b9e7913087e8cff9bea3c68109132cc66d6b7dbef1894fd6f0eec

Request headers

Referer
https://bugcrowd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 16:38:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 08 Mar 2021 04:00:28 GMT
server
cloudflare
age
44840
etag
W/"195ee2e8af4d1206e86b11848a155960"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
62cd7eff5ceb2b4d-FRA
cf-request-id
08b44db39a00002b4d212f7000000001
/
sessions.bugsnag.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Protocol
H2
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin
https://bugcrowd.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
date
Mon, 08 Mar 2021 16:38:49 GMT
content-length
0
via
1.1 google
alt-svc
clear
/
sessions.bugsnag.com/ 		21 B
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Requested by
Host: d2wy8f7a9ursnm.cloudfront.net
URL: https://d2wy8f7a9ursnm.cloudfront.net/v4/bugsnag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1.0
Referer
https://bugcrowd.com/
Bugsnag-Sent-At
2021-03-08T16:38:49.529Z
Bugsnag-Api-Key
1abbd896a93c9cf3e0784ea585f4c690
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 08 Mar 2021 16:38:49 GMT
via
1.1 google
bugsnag-session-uuid
fcdb2394-4943-44a1-8fa0-97e76f27000b
alt-svc
clear
content-length
21
content-type
application/json
analytics.min.js
cdn.segment.com/analytics.js/v1/7iC2Ms9O4Tlb7fMJtg8R9glrGmIPhuFy/ 		364 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/7iC2Ms9O4Tlb7fMJtg8R9glrGmIPhuFy/analytics.min.js
Requested by
Host: bugcrowd.com
URL: https://bugcrowd.com/Salah-Mosbah
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-149.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8c9bd41b330a272ec532d196fe5c8a1c6fc97a64bb6bed476a7c36a34ab2f4b2

Request headers

Referer
https://bugcrowd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
GB5oET3O9EYlzBtlonfU7q_JAhay2rIp
content-encoding
gzip
etag
"b175ccb871dbb073bec1a6df8bd5a220"
age
61
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
68811
access-control-allow-origin
*
last-modified
Fri, 05 Mar 2021 17:58:07 GMT
server
AmazonS3
date
Mon, 08 Mar 2021 16:37:49 GMT
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
via
1.1 c51e3be89c14e3f859ea898f7e36eced.cloudfront.net (CloudFront)
cache-control
public, max-age=120
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-amz-cf-id
Dt_epsg2YP-o3scsRLwNLFtYYUs8F99VpRfIRjsWbv-vr9dFRW4QTw==
truncated
/ 		168 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
96d044c8f6b997e4c075904080129d0e8890ebbcbacb0985bd783d1b07830f3f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa56d1d5705d9b14c79475c7aea45727c040ba78972bace4532ccf23a815650e

Request headers

Origin
https://bugcrowd.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
p
api.segment.io/v1/ 		21 B
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/7iC2Ms9O4Tlb7fMJtg8R9glrGmIPhuFy/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.235.224 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-235-224.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer
https://bugcrowd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://bugcrowd.com
date
Mon, 08 Mar 2021 16:38:50 GMT
content-length
21
vary
Origin
content-type
application/json
shim.latest.js
js.intercomcdn.com/
Redirect Chain
  • https://widget.intercom.io/widget/ovg5emkk
  • https://js.intercomcdn.com/shim.latest.js
16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/shim.latest.js
Requested by
Host: bugcrowd.com
URL: https://bugcrowd.com/Salah-Mosbah
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-83.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f310c86428452818a333b3d277ece166dc1bc4aa596719b5bcdd4ac3e6092f67

Request headers

Referer
https://bugcrowd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 08 Mar 2021 16:36:21 GMT
content-encoding
gzip
last-modified
Mon, 08 Mar 2021 15:11:15 GMT
server
AmazonS3
age
150
etag
"3854543c7f2a9119ff589c2373d2f442"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 a67be963c7536322e9a591e428e62d28.cloudfront.net (CloudFront)
cache-control
max-age=300, s-maxage=300, public
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
5597
x-amz-cf-id
IZOCxfN7S4npMlP3ABVFnKxxGvgQ1xDfGVHxakYAN1-TveVTWxT8XQ==

Redirect headers

date
Sat, 06 Mar 2021 23:14:28 GMT
via
1.1 8ad073ef904d92431b3428f3430707af.cloudfront.net (CloudFront)
server
AmazonS3
age
149062
x-cache
Hit from cloudfront
location
https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop
DUS51-C1
content-length
0
x-amz-cf-id
M4DYD9c1P07kbSZfkFIQkxPU2J8hVgkDhdknON_r1I4TPyt4-xBxVg==
heap-351079185.js
cdn.heapanalytics.com/js/ 		100 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.heapanalytics.com/js/heap-351079185.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/7iC2Ms9O4Tlb7fMJtg8R9glrGmIPhuFy/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-68.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
849e2e8efd14f65e824672b0f4940c7a1fbe29ac5523ec96ab8cee9ee8f38fc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://bugcrowd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 16:38:49 GMT
content-encoding
gzip
server
nginx
x-amz-cf-pop
DUS51-C1
etag
W/"1918c-X0wzolBlOHCs5JAPMBRu+g"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 5cd60f530cdafe284762767565aa2747.cloudfront.net (CloudFront)
cache-control
public, max-age=120
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-id
a-feE99Qn8agSoY4bbRSA4IcDPJXOzb132AZ-DSFlxjFs4C0rXFCWA==
profile_widgets
bugcrowd.com/Salah-Mosbah/ 		14 B
764 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bugcrowd.com/Salah-Mosbah/profile_widgets
Requested by
Host: d2wy8f7a9ursnm.cloudfront.net
URL: https://d2wy8f7a9ursnm.cloudfront.net/v4/bugsnag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:4ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f116ce064296bb68f5adc78f16e0298efd4a0db15077406976147f6ce69a5b8
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' *.heapanalytics.com heapanalytics.com *.intercom.io *.intercomcdn.com *.segment.io wss://*.intercom.io syndication.twitter.com notify.bugsnag.com sessions.bugsnag.com bugcrowd-attachments-us-east-1-production.s3.us-east-1.amazonaws.com bugcrowd-attachments-us-east-1-production.s3.amazonaws.com; font-src data: assets.bugcrowdusercontent.com *.heapanalytics.com heapanalytics.com *.intercomcdn.com; form-action 'self'; frame-src 'self' *.facebook.com *.twitter.com www.youtube.com; img-src 'self' data: *.bugcrowdusercontent.com *.facebook.com *.google-analytics.com *.heapanalytics.com heapanalytics.com *.intercomassets.com *.intercomcdn.com *.twitter.com *.wp.com t.co platform.slack-edge.com notify.bugsnag.com; media-src 'self' js.intercomcdn.com; script-src 'strict-dynamic' 'self' assets.bugcrowdusercontent.com *.facebook.com *.facebook.net *.google-analytics.com *.heapanalytics.com heapanalytics.com *.intercom.io *.intercomcdn.com *.segment.com *.twitter.com api.usemessages.com d2wy8f7a9ursnm.cloudfront.net; style-src 'unsafe-inline' assets.bugcrowdusercontent.com; upgrade-insecure-requests; report-uri /csp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bugcrowd.com/Salah-Mosbah
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 16:38:50 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
age
0
cf-ray
62cd7f03da4463f5-FRA
content-length
14
x-xss-protection
1; mode=block
x-request-id
e3ccbc6a-5bd4-4f7b-aff5-0a813f5bb5c7
x-runtime
0.032119
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"7f116ce064296bb68f5adc78f16e0298"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-download-options
noopen
x-varnish
229441
cache-control
max-age=0, private, must-revalidate
content-security-policy
default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' *.heapanalytics.com heapanalytics.com *.intercom.io *.intercomcdn.com *.segment.io wss://*.intercom.io syndication.twitter.com notify.bugsnag.com sessions.bugsnag.com bugcrowd-attachments-us-east-1-production.s3.us-east-1.amazonaws.com bugcrowd-attachments-us-east-1-production.s3.amazonaws.com; font-src data: assets.bugcrowdusercontent.com *.heapanalytics.com heapanalytics.com *.intercomcdn.com; form-action 'self'; frame-src 'self' *.facebook.com *.twitter.com www.youtube.com; img-src 'self' data: *.bugcrowdusercontent.com *.facebook.com *.google-analytics.com *.heapanalytics.com heapanalytics.com *.intercomassets.com *.intercomcdn.com *.twitter.com *.wp.com t.co platform.slack-edge.com notify.bugsnag.com; media-src 'self' js.intercomcdn.com; script-src 'strict-dynamic' 'self' assets.bugcrowdusercontent.com *.facebook.com *.facebook.net *.google-analytics.com *.heapanalytics.com heapanalytics.com *.intercom.io *.intercomcdn.com *.segment.com *.twitter.com api.usemessages.com d2wy8f7a9ursnm.cloudfront.net; style-src 'unsafe-inline' assets.bugcrowdusercontent.com; upgrade-insecure-requests; report-uri /csp
cf-request-id
08b44db665000063f5b9b61000000001
accept-ranges
bytes
content-type
application/json; charset=utf-8
4f34fa7d-ae50-46ce-8a47-532ae337d3e4.json
bugcrowd.com/researcher_profile/achievements/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bugcrowd.com/researcher_profile/achievements/4f34fa7d-ae50-46ce-8a47-532ae337d3e4.json
Requested by
Host: d2wy8f7a9ursnm.cloudfront.net
URL: https://d2wy8f7a9ursnm.cloudfront.net/v4/bugsnag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:4ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bc1a019e6f377b4af4dee00e207e57fb3f9ce45d2216ca07a62d7b759d81121
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' *.heapanalytics.com heapanalytics.com *.intercom.io *.intercomcdn.com *.segment.io wss://*.intercom.io syndication.twitter.com notify.bugsnag.com sessions.bugsnag.com bugcrowd-attachments-us-east-1-production.s3.us-east-1.amazonaws.com bugcrowd-attachments-us-east-1-production.s3.amazonaws.com; font-src data: assets.bugcrowdusercontent.com *.heapanalytics.com heapanalytics.com *.intercomcdn.com; form-action 'self'; frame-src 'self' *.facebook.com *.twitter.com www.youtube.com; img-src 'self' data: *.bugcrowdusercontent.com *.facebook.com *.google-analytics.com *.heapanalytics.com heapanalytics.com *.intercomassets.com *.intercomcdn.com *.twitter.com *.wp.com t.co platform.slack-edge.com notify.bugsnag.com; media-src 'self' js.intercomcdn.com; script-src 'strict-dynamic' 'self' assets.bugcrowdusercontent.com *.facebook.com *.facebook.net *.google-analytics.com *.heapanalytics.com heapanalytics.com *.intercom.io *.intercomcdn.com *.segment.com *.twitter.com api.usemessages.com d2wy8f7a9ursnm.cloudfront.net; style-src 'unsafe-inline' assets.bugcrowdusercontent.com; upgrade-insecure-requests; report-uri /csp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bugcrowd.com/Salah-Mosbah
X-CSRF-Token
HGWGMPK70aTKi6XEAkduXq9k+lVKAYIQ8YdRvV9HTlRdHioj+f4ppId2JDAcTlfsK4BdOdJnkjLE5espaLfygg==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 08 Mar 2021 16:38:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
age
0
cf-ray
62cd7f03da4563f5-FRA
x-xss-protection
1; mode=block
x-request-id
7c09d4a0-35f5-48f7-b3c7-264f34f0a490
x-runtime
0.938099
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1bc1a019e6f377b4af4dee00e207e57f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-download-options
noopen
x-varnish
623116
cache-control
max-age=0, private, must-revalidate
content-security-policy
default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' *.heapanalytics.com heapanalytics.com *.intercom.io *.intercomcdn.com *.segment.io wss://*.intercom.io syndication.twitter.com notify.bugsnag.com sessions.bugsnag.com bugcrowd-attachments-us-east-1-production.s3.us-east-1.amazonaws.com bugcrowd-attachments-us-east-1-production.s3.amazonaws.com; font-src data: assets.bugcrowdusercontent.com *.heapanalytics.com heapanalytics.com *.intercomcdn.com; form-action 'self'; frame-src 'self' *.facebook.com *.twitter.com www.youtube.com; img-src 'self' data: *.bugcrowdusercontent.com *.facebook.com *.google-analytics.com *.heapanalytics.com heapanalytics.com *.intercomassets.com *.intercomcdn.com *.twitter.com *.wp.com t.co platform.slack-edge.com notify.bugsnag.com; media-src 'self' js.intercomcdn.com; script-src 'strict-dynamic' 'self' assets.bugcrowdusercontent.com *.facebook.com *.facebook.net *.google-analytics.com *.heapanalytics.com heapanalytics.com *.intercom.io *.intercomcdn.com *.segment.com *.twitter.com api.usemessages.com d2wy8f7a9ursnm.cloudfront.net; style-src 'unsafe-inline' assets.bugcrowdusercontent.com; upgrade-insecure-requests; report-uri /csp
cf-request-id
08b44db666000063f5c8a30000000001
content-type
application/json; charset=utf-8
4f34fa7d-ae50-46ce-8a47-532ae337d3e4.json
bugcrowd.com/researcher_profile/statistics/ 		4 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bugcrowd.com/researcher_profile/statistics/4f34fa7d-ae50-46ce-8a47-532ae337d3e4.json
Requested by
Host: d2wy8f7a9ursnm.cloudfront.net
URL: https://d2wy8f7a9ursnm.cloudfront.net/v4/bugsnag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:4ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74d0f5d0aa79092b016015735b3e756d7eee782650c8db2396b379747a98ee9a
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' *.heapanalytics.com heapanalytics.com *.intercom.io *.intercomcdn.com *.segment.io wss://*.intercom.io syndication.twitter.com notify.bugsnag.com sessions.bugsnag.com bugcrowd-attachments-us-east-1-production.s3.us-east-1.amazonaws.com bugcrowd-attachments-us-east-1-production.s3.amazonaws.com; font-src data: assets.bugcrowdusercontent.com *.heapanalytics.com heapanalytics.com *.intercomcdn.com; form-action 'self'; frame-src 'self' *.facebook.com *.twitter.com www.youtube.com; img-src 'self' data: *.bugcrowdusercontent.com *.facebook.com *.google-analytics.com *.heapanalytics.com heapanalytics.com *.intercomassets.com *.intercomcdn.com *.twitter.com *.wp.com t.co platform.slack-edge.com notify.bugsnag.com; media-src 'self' js.intercomcdn.com; script-src 'strict-dynamic' 'self' assets.bugcrowdusercontent.com *.facebook.com *.facebook.net *.google-analytics.com *.heapanalytics.com heapanalytics.com *.intercom.io *.intercomcdn.com *.segment.com *.twitter.com api.usemessages.com d2wy8f7a9ursnm.cloudfront.net; style-src 'unsafe-inline' assets.bugcrowdusercontent.com; upgrade-insecure-requests; report-uri /csp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bugcrowd.com/Salah-Mosbah
X-CSRF-Token
HGWGMPK70aTKi6XEAkduXq9k+lVKAYIQ8YdRvV9HTlRdHioj+f4ppId2JDAcTlfsK4BdOdJnkjLE5espaLfygg==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 08 Mar 2021 16:38:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
age
0
cf-ray
62cd7f03da4663f5-FRA
x-xss-protection
1; mode=block
x-request-id
942fb4a4-c69e-49b1-ab85-14bf35ae6f99
x-runtime
0.067148
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"74d0f5d0aa79092b016015735b3e756d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-download-options
noopen
x-varnish
230967
cache-control
max-age=0, private, must-revalidate
content-security-policy
default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' *.heapanalytics.com heapanalytics.com *.intercom.io *.intercomcdn.com *.segment.io wss://*.intercom.io syndication.twitter.com notify.bugsnag.com sessions.bugsnag.com bugcrowd-attachments-us-east-1-production.s3.us-east-1.amazonaws.com bugcrowd-attachments-us-east-1-production.s3.amazonaws.com; font-src data: assets.bugcrowdusercontent.com *.heapanalytics.com heapanalytics.com *.intercomcdn.com; form-action 'self'; frame-src 'self' *.facebook.com *.twitter.com www.youtube.com; img-src 'self' data: *.bugcrowdusercontent.com *.facebook.com *.google-analytics.com *.heapanalytics.com heapanalytics.com *.intercomassets.com *.intercomcdn.com *.twitter.com *.wp.com t.co platform.slack-edge.com notify.bugsnag.com; media-src 'self' js.intercomcdn.com; script-src 'strict-dynamic' 'self' assets.bugcrowdusercontent.com *.facebook.com *.facebook.net *.google-analytics.com *.heapanalytics.com heapanalytics.com *.intercom.io *.intercomcdn.com *.segment.com *.twitter.com api.usemessages.com d2wy8f7a9ursnm.cloudfront.net; style-src 'unsafe-inline' assets.bugcrowdusercontent.com; upgrade-insecure-requests; report-uri /csp
cf-request-id
08b44db666000063f5bf9df000000001
content-type
application/json; charset=utf-8
4f34fa7dae5046ce8a47532ae337d3e4.png
crowdicons.bugcrowdusercontent.com/c/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crowdicons.bugcrowdusercontent.com/c/4f34fa7dae5046ce8a47532ae337d3e4.png
Requested by
Host: bugcrowd.com
URL: https://bugcrowd.com/Salah-Mosbah
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:24f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0da15183b9c8216268fc24ed9acfa24a276a8452c0a4ce33d015d3c30ad9c951
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bugcrowd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 16:38:50 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
HIT
server
cloudflare
age
3335
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31556952
accept-ranges
bytes
cf-ray
62cd7f041b844ec1-FRA
content-length
5554
cf-request-id
08b44db69000004ec15600b000000001
small_f1763fc0dd28d4b92461e21df24df08f_arlo.jpg
logos.bugcrowdusercontent.com/logos/2656/3c60/046ea0d2/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logos.bugcrowdusercontent.com/logos/2656/3c60/046ea0d2/small_f1763fc0dd28d4b92461e21df24df08f_arlo.jpg
Requested by
Host: bugcrowd.com
URL: https://bugcrowd.com/Salah-Mosbah
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:3c23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02057941eb2887f10b98a8c5b65405f22bad436a4355f8be6c497a79a6f3ae51

Request headers

Referer
https://bugcrowd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 16:38:50 GMT
via
1.1 a050a32e30453f07ede7fc20c9326306.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
24342
x-cache
Hit from cloudfront
content-length
11403
cf-request-id
08b44db67b00002b4d44b4d000000001
last-modified
Tue, 08 May 2018 17:52:05 GMT
server
cloudflare
etag
"64a760355c5b39af39e60fb0045bc101"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=315576000
x-amz-cf-pop
LHR62-C5
accept-ranges
bytes
cf-ray
62cd7f03fca72b4d-FRA
x-amz-cf-id
uagj8z5iDIq2WHrsAPa510lETZucoYAXI_DD3dlTdGCIxqnTmbzi6g==
cf-bgj
h2pri
small_f4992db42d5ff3276ec6a08eed5ca3f2_e457956fb36daff0b32724bd483f49f9_centrify_logo.jpg
logos.bugcrowdusercontent.com/logos/b5df/bed5/dfce6a18/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logos.bugcrowdusercontent.com/logos/b5df/bed5/dfce6a18/small_f4992db42d5ff3276ec6a08eed5ca3f2_e457956fb36daff0b32724bd483f49f9_centrify_logo.jpg
Requested by
Host: bugcrowd.com
URL: https://bugcrowd.com/Salah-Mosbah
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:3c23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbfe8f32c497591f8e1fae195f56d3f0db4325ae846d58185a56b10a4f62b564

Request headers

Referer
https://bugcrowd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 16:38:50 GMT
via
1.1 2fc0d20914c32e5cd76477ed042298d1.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
2497953
x-cache
Hit from cloudfront
content-length
12029
cf-request-id
08b44db67b00002b4d319a1000000001
last-modified
Wed, 22 Mar 2017 18:47:07 GMT
server
cloudflare
etag
"dd42b505bd7602e69fc096d68055d887"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=315576000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
cf-ray
62cd7f03fca22b4d-FRA
x-amz-cf-id
2RpJ8whNBSnwoNdq9Cqm02sHkZWuIWTmyNXxOYljXXF_kxICIaAn8g==
cf-bgj
h2pri
small_42c35f74a1b7ede92978e5caed56d3e7_Untitled.jpg
logos.bugcrowdusercontent.com/logos/749c/face/61362a72/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logos.bugcrowdusercontent.com/logos/749c/face/61362a72/small_42c35f74a1b7ede92978e5caed56d3e7_Untitled.jpg
Requested by
Host: bugcrowd.com
URL: https://bugcrowd.com/Salah-Mosbah
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:3c23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a984767521d4ad530aacf502a9f7b62856de7011575eebf28faaaae64d2e223

Request headers

Referer
https://bugcrowd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 16:38:50 GMT
via
1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
1329860
x-cache
Hit from cloudfront
content-length
9426
cf-request-id
08b44db67b00002b4d481d5000000001
last-modified
Wed, 30 Aug 2017 18:51:41 GMT
server
cloudflare
etag
"8c4f8615fef577337fab32de592b2b47"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=315576000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
cf-ray
62cd7f03fca82b4d-FRA
x-amz-cf-id
OkWTH3sqrvr64KTVaT7yYHQFdBN2gUEbT491TMNmLSmiiSUP3kGlMA==
cf-bgj
h2pri
small_a084ef88871ab71cb439a35764619fd5_simple_cmyk_color.png
logos.bugcrowdusercontent.com/logos/249e/0e1b/37f594ce/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logos.bugcrowdusercontent.com/logos/249e/0e1b/37f594ce/small_a084ef88871ab71cb439a35764619fd5_simple_cmyk_color.png
Requested by
Host: bugcrowd.com
URL: https://bugcrowd.com/Salah-Mosbah
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:3c23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
203dddebca20b021a8f021c6d27abadb4eb0d8ac225fcea8f3281e677a2c3e32

Request headers

Referer
https://bugcrowd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 16:38:50 GMT
via
1.1 7cbbe7c1ce97c17d13c405bf29da748d.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
3337
x-cache
Miss from cloudfront
content-length
9193
cf-request-id
08b44db67a00002b4d0a842000000001
last-modified
Fri, 30 Dec 2016 17:31:35 GMT
server
cloudflare
etag
"49dfaad314576b10e8817a9f670a7737"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315576000
x-amz-cf-pop
WAW50-C1
accept-ranges
bytes
cf-ray
62cd7f03fc9e2b4d-FRA
x-amz-cf-id
hnG_JVWiWXy06yWCJYR9XolPORdeX4VbYe0t42t2I2-o-gzqoKQn3Q==
small_a89b171577cbc92b68aab5bf350dcbc0_ibotta-squarelogo-1473450047681.png
logos.bugcrowdusercontent.com/logos/9c25/03f5/d73ce457/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logos.bugcrowdusercontent.com/logos/9c25/03f5/d73ce457/small_a89b171577cbc92b68aab5bf350dcbc0_ibotta-squarelogo-1473450047681.png
Requested by
Host: bugcrowd.com
URL: https://bugcrowd.com/Salah-Mosbah
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:3c23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b27fccb53f03ae2ebf5a651aed66f9f0bc9e20a288c0d62ad82b3170928a07ee

Request headers

Referer
https://bugcrowd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 16:38:50 GMT
via
1.1 3dd91613764eafe7ad199013ce202443.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
358362
x-cache
Hit from cloudfront
content-length
5659
cf-request-id
08b44db67b00002b4d2131d000000001
last-modified
Wed, 28 Dec 2016 20:29:48 GMT
server
cloudflare
etag
"09b6248ad0e098b0185ff336395ae5b4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315576000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
cf-ray
62cd7f03fca62b4d-FRA
x-amz-cf-id
gTo6DzoIlBA36gvtRidK7t8zHNv21sFmAo3ac4wI-svEvafFZlHASA==
small_3cfe7f72d541d0a8bb443038b7c3a181_Caffeine1024.png
logos.bugcrowdusercontent.com/logos/65d9/e1a6/2e828c1b/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logos.bugcrowdusercontent.com/logos/65d9/e1a6/2e828c1b/small_3cfe7f72d541d0a8bb443038b7c3a181_Caffeine1024.png
Requested by
Host: bugcrowd.com
URL: https://bugcrowd.com/Salah-Mosbah
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:3c23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abdb13b747cbe9b0466c8d07eecfaf2eb99a7d329536b1587060bc73260655b3

Request headers

Referer
https://bugcrowd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 16:38:50 GMT
via
1.1 3c2fca5c3988bc152e874a83fac74f4a.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
348996
x-cache
Hit from cloudfront
content-length
3774
cf-request-id
08b44db67b00002b4d0227d000000001
last-modified
Thu, 23 Jul 2020 23:14:41 GMT
server
cloudflare
etag
"d1c1a71dd51d1e6617b19137dd4e2faa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315576000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
cf-ray
62cd7f03fca42b4d-FRA
x-amz-cf-id
HJPt7yCDjkynxlfrjdoiZnH2FCNgFbw-N690lq6Ps3EVRfT-mhj1Wg==
small_304f52b9b7950071eab424634aac1e12_humblered.png
logos.bugcrowdusercontent.com/logos/8dcf/5be6/2c2cec76/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logos.bugcrowdusercontent.com/logos/8dcf/5be6/2c2cec76/small_304f52b9b7950071eab424634aac1e12_humblered.png
Requested by
Host: bugcrowd.com
URL: https://bugcrowd.com/Salah-Mosbah
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:3c23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13f1d13021561a4c4e1c293cbcaa5a920e1bf1454d4efc3485db825aa6bdac87

Request headers

Referer
https://bugcrowd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 16:38:50 GMT
via
1.1 5e71ebbd3e768e1e564c88b3632039d8.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
3337
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
content-length
5647
cf-request-id
08b44db69200002b4d2131e000000001
last-modified
Mon, 25 Jan 2016 21:44:10 GMT
server
cloudflare
etag
"b7c894fb854f1d8b44f9c98d31439895"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=14400
x-amz-cf-pop
WAW50-C1
accept-ranges
bytes
cf-ray
62cd7f041cd12b4d-FRA
x-amz-cf-id
a-zJU2BU67XQF-LMqeAzhgxXWa_HcC9PDHC9Zz7Fw9SRkPRiMN2f4A==
default_banner-b2e8be1197e6ba1e88f912d3024172ba.png
bugcrowd.com/packs/media/images/researcher-profile/ 		552 KB
553 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bugcrowd.com/packs/media/images/researcher-profile/default_banner-b2e8be1197e6ba1e88f912d3024172ba.png
Requested by
Host: bugcrowd.com
URL: https://bugcrowd.com/Salah-Mosbah
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:4ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5a411907e35530804aa2892379255ea84945d09478345e6833a0e1ed5913bae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bugcrowd.com/Salah-Mosbah
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 16:38:50 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
10481531
content-type
image/png
vary
Accept-Encoding
content-length
565553
cf-request-id
08b44db66d000063f5b4139000000001
last-modified
Fri, 06 Nov 2020 19:27:54 GMT
server
cloudflare
etag
"b2e8be1197e6ba1e88f912d3024172ba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-varnish
132167
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
62cd7f03da4963f5-FRA
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6ed5f6db9b4be49ebf18b5cc2873369361e0eced573d1021f3baabe2b1c2ad8b

Request headers

Referer
https://bugcrowd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
h
heapanalytics.com/ 		37 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/h?a=351079185&u=5263259780843795&v=8899369802755002&s=4083163818276044&b=web&tv=4.0&z=0&h=%2FSalah-Mosbah&d=bugcrowd.com&t=Your%20Elastic%20Security%20Team%2C%20better%20security%20testing%20through%20bug%20bounties%20and%20managed%20security%20programs%20%7C%20Bugcrowd&ts=1615221530545&st=1615221530546
Requested by
Host: bugcrowd.com
URL: https://bugcrowd.com/Salah-Mosbah
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.197.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-197-155.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://bugcrowd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 16:38:50 GMT
server
nginx
etag
W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
frame-modern.3eee425d.js
js.intercomcdn.com/ Frame 8BDD 		247 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.3eee425d.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/ovg5emkk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-83.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7bebfeee8c16008d94ed534cc397d6b7cd5bad2798b47a9ed90564c46943b9ed

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 08 Mar 2021 15:11:21 GMT
content-encoding
gzip
last-modified
Mon, 08 Mar 2021 15:05:31 GMT
server
AmazonS3
age
5250
etag
"34af441e492fe58e98bc545f84454398"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 a67be963c7536322e9a591e428e62d28.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
67854
x-amz-cf-id
k_8FXXA_D85jGCH_Ey2WFKPWH9WVrbIqxrpGt6NOFnOjzRntdOe5HQ==
vendor-modern.c4b9303b.js
js.intercomcdn.com/ Frame 8BDD 		123 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.c4b9303b.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/ovg5emkk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-83.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08b7a2e506cea7f2808a59e807b3f3682b0555bb319379a16d1fe21cd73b1d3d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 08 Mar 2021 16:00:20 GMT
content-encoding
gzip
last-modified
Thu, 04 Mar 2021 10:43:55 GMT
server
AmazonS3
age
2311
etag
"aca42783513f845ac188e1caaf2b3ba8"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 a67be963c7536322e9a591e428e62d28.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
38313
x-amz-cf-id
N2TVK_msQDeM-25NIxKokG2-UDhQgrjEY5hMsZACfR2vIwWW8SJGNg==
ping
api-iam.intercom.io/messenger/web/ Frame 8BDD 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.3eee425d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.88.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ad8b87a22ce463223.awsglobalaccelerator.com
Software
nginx /
Resource Hash
8af91884a741c176fb9db7fcebee9c3cea46de851eadee2c67cedfa1a82a50a8
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 08 Mar 2021 16:38:51 GMT
content-encoding
gzip
x-ami-version
ami-04b949e354e67e20b
status
200 OK
strict-transport-security
max-age=31556952; includeSubDomains; preload
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
0006ich6o8g7plfq6940
x-runtime
0.527772
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"8af91884a741c176fb9db7fcebee9c3c"
x-ratelimit-remaining
19932
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bugcrowd.com
x-intercom-version
dcbdbd2c4b759eb58673d475d376981ef53be5f0
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-ratelimit-reset
1615221540
x-ratelimit-limit
20000
access-control-allow-headers
Content-Type
x-content-type-options
nosniff
level-3-bf253b3d3390ef9ee75710d44c90f268.svg
bugcrowd.com/packs/media/images/achievements/submission-shogun/ 		81 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bugcrowd.com/packs/media/images/achievements/submission-shogun/level-3-bf253b3d3390ef9ee75710d44c90f268.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:4ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49c589f5d0c5bf5d54d9e86888e1f400dfb3b3151d230da8a09ed537badce7a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bugcrowd.com/Salah-Mosbah
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 16:38:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
373088
vary
Accept-Encoding
cf-request-id
08b44dbc1d000063f5c81eb000000001
x-varnish
98602
last-modified
Tue, 02 Mar 2021 21:03:51 GMT
server
cloudflare
etag
W/"bf253b3d3390ef9ee75710d44c90f268"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
62cd7f0cfbc463f5-FRA
level-3-7a5db402bbcc768fe16cb042d447beb6.svg
bugcrowd.com/packs/media/images/achievements/bounty-bee/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bugcrowd.com/packs/media/images/achievements/bounty-bee/level-3-7a5db402bbcc768fe16cb042d447beb6.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:4ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ced6e1eb36294bce900a56cc4dac3a83e4d6b081bcbd9a0fc7d29b57c544547
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bugcrowd.com/Salah-Mosbah
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 16:38:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
5630939
vary
Accept-Encoding
cf-request-id
08b44dbc1d000063f5bf9fc000000001
x-varnish
918193
last-modified
Thu, 31 Dec 2020 05:22:49 GMT
server
cloudflare
etag
W/"7a5db402bbcc768fe16cb042d447beb6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
62cd7f0cfbc563f5-FRA
vendors~app-modern.257e5d56.js
js.intercomcdn.com/ Frame 8BDD 		323 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendors~app-modern.257e5d56.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.3eee425d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-83.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a4cacb52fd8f9cf1cf5a024cd14e0fafc0e465fd612393a987738a26aa422e4b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 08 Mar 2021 15:39:50 GMT
content-encoding
gzip
last-modified
Mon, 01 Mar 2021 14:25:51 GMT
server
AmazonS3
age
3548
etag
"73e03cee2bfaea6e367366d779272eb5"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 a67be963c7536322e9a591e428e62d28.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
98686
x-amz-cf-id
KNrINwCFEWmX49tkmesFaJNjHWGAy0XwF0uWBiyOecIR1xhC0KaUQA==
app-modern.613ae8f7.js
js.intercomcdn.com/ Frame 8BDD 		664 KB
157 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/app-modern.613ae8f7.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.3eee425d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-83.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
406087f14f5856520c28c5d118440d77b91915945ec677f2f69a44a0dcaf7e20

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 08 Mar 2021 15:45:57 GMT
content-encoding
gzip
last-modified
Thu, 04 Mar 2021 10:43:55 GMT
server
AmazonS3
age
3181
etag
"818508f7a1f286ea5a28ac0d580d2a25"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 a67be963c7536322e9a591e428e62d28.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
159759
x-amz-cf-id
wp5jbLJUOutpno4FI1n3QFgQCepy_JBu0uK_xigwHgrijVe6ZmHxig==

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| bugsnag object| bugsnagClient object| analytics function| Intercom object| heap function| normalize function| setImmediate function| clearImmediate object| regeneratorRuntime function| jQuery function| $ boolean| _rails_loaded object| __SECRET_EMOTION__ object| core function| Mousetrap function| SVGPathSeg function| SVGPathSegClosePath function| SVGPathSegMovetoAbs function| SVGPathSegMovetoRel function| SVGPathSegLinetoAbs function| SVGPathSegLinetoRel function| SVGPathSegCurvetoCubicAbs function| SVGPathSegCurvetoCubicRel function| SVGPathSegCurvetoQuadraticAbs function| SVGPathSegCurvetoQuadraticRel function| SVGPathSegArcAbs function| SVGPathSegArcRel function| SVGPathSegLinetoHorizontalAbs function| SVGPathSegLinetoHorizontalRel function| SVGPathSegLinetoVerticalAbs function| SVGPathSegLinetoVerticalRel function| SVGPathSegCurvetoCubicSmoothAbs function| SVGPathSegCurvetoCubicSmoothRel function| SVGPathSegCurvetoQuadraticSmoothAbs function| SVGPathSegCurvetoQuadraticSmoothRel function| SVGPathSegList object| d3 object| __REDUX_GLOBAL_STORE__ function| __intercomAssignLocation

5 Cookies

Domain/Path Name / Value
bugcrowd.com/ Name: _crowdcontrol_session
Value: UDhUSXJ6WmUvM2pFWlU4eGJ5VXgzVk1DVXE1ZVhHWHU0WWhUY2JEMkNPU3RsNDNVQXRsbVBQYXBiUlhXT1FFUktwZGxIVU1hQ0EzNW4yc3M3Qmh1dnZjR1hMZUNkNVg0ek5VQUZDWG50MjFhd1ZxeFhzLzkxSUg3QWVEbnU0aXBJY0dvbzZRdmEwa2VTUkNDVjNmTTl3PT0tLU5VYWd0ZGRNbFVoeDRRaWN3U0xBWVE9PQ%3D%3D--20db80b948db5b3b998579b6f317c54110df9471
.bugcrowd.com/ Name: _hp2_ses_props.351079185
Value: %7B%22ts%22%3A1615221530545%2C%22d%22%3A%22bugcrowd.com%22%2C%22h%22%3A%22%2FSalah-Mosbah%22%7D
.bugcrowd.com/ Name: _hp2_id.351079185
Value: %7B%22userId%22%3A%225263259780843795%22%2C%22pageviewId%22%3A%228899369802755002%22%2C%22sessionId%22%3A%224083163818276044%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.bugcrowd.com/ Name: ajs_anonymous_id
Value: %22746e8889-d4ce-4840-ad23-a25be7526643%22
.bugcrowd.com/ Name: __cfduid
Value: d974aea3435e3b9d0b4f7bb707add0bf61615221528

1 Console Messages

Source Level URL
Text
console-api debug URL: https://d2wy8f7a9ursnm.cloudfront.net/v4/bugsnag.min.js(Line 1)
Message:
[bugsnag] Loaded!

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'none'; base-uri 'self' d6tizftlrpuof.cloudfront.net; block-all-mixed-content; connect-src 'self' *.heapanalytics.com heapanalytics.com *.intercom.io *.intercomcdn.com *.segment.io wss://*.intercom.io syndication.twitter.com notify.bugsnag.com sessions.bugsnag.com bugcrowd-attachments-us-east-1-production.s3.us-east-1.amazonaws.com bugcrowd-attachments-us-east-1-production.s3.amazonaws.com; font-src data: assets.bugcrowdusercontent.com *.heapanalytics.com heapanalytics.com *.intercomcdn.com; form-action 'self'; frame-src 'self' *.facebook.com *.twitter.com www.youtube.com d6tizftlrpuof.cloudfront.net; img-src 'self' data: *.bugcrowdusercontent.com *.facebook.com *.google-analytics.com *.heapanalytics.com heapanalytics.com *.intercomassets.com *.intercomcdn.com *.twitter.com *.wp.com t.co platform.slack-edge.com notify.bugsnag.com assets.pentesterlab.com *.usabilla.com; media-src 'self' js.intercomcdn.com; script-src 'strict-dynamic' 'self' assets.bugcrowdusercontent.com *.facebook.com *.facebook.net *.google-analytics.com *.heapanalytics.com heapanalytics.com *.intercom.io *.intercomcdn.com *.segment.com *.twitter.com api.usemessages.com d2wy8f7a9ursnm.cloudfront.net 'nonce-YRpgQT3UOmrbRP7irMSStBvEumGDAlzcc1AgS/e6pZc=' 'unsafe-inline'; style-src 'unsafe-inline' assets.bugcrowdusercontent.com; upgrade-insecure-requests; report-uri /csp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
api.segment.io
assets.bugcrowdusercontent.com
bugcrowd.com
cdn.heapanalytics.com
cdn.segment.com
crowdicons.bugcrowdusercontent.com
d2wy8f7a9ursnm.cloudfront.net
heapanalytics.com
js.intercomcdn.com
logos.bugcrowdusercontent.com
sessions.bugsnag.com
widget.intercom.io
13.226.156.92
13.226.158.149
13.226.159.60
13.226.159.68
13.226.159.83
2600:1901:0:7a0b::
2606:4700:10::6814:3c23
2606:4700:10::6814:4ef
2606:4700:10::ac43:24f6
3.209.197.155
35.155.235.224
75.2.88.188
02057941eb2887f10b98a8c5b65405f22bad436a4355f8be6c497a79a6f3ae51
08b7a2e506cea7f2808a59e807b3f3682b0555bb319379a16d1fe21cd73b1d3d
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0da15183b9c8216268fc24ed9acfa24a276a8452c0a4ce33d015d3c30ad9c951
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
13f1d13021561a4c4e1c293cbcaa5a920e1bf1454d4efc3485db825aa6bdac87
1bc1a019e6f377b4af4dee00e207e57fb3f9ce45d2216ca07a62d7b759d81121
203dddebca20b021a8f021c6d27abadb4eb0d8ac225fcea8f3281e677a2c3e32
406087f14f5856520c28c5d118440d77b91915945ec677f2f69a44a0dcaf7e20
49c589f5d0c5bf5d54d9e86888e1f400dfb3b3151d230da8a09ed537badce7a7
5d445b396a52cbce51d056f97773137677aa80dffb0bf717796b6f0e42386e67
6ed5f6db9b4be49ebf18b5cc2873369361e0eced573d1021f3baabe2b1c2ad8b
74d0f5d0aa79092b016015735b3e756d7eee782650c8db2396b379747a98ee9a
7a984767521d4ad530aacf502a9f7b62856de7011575eebf28faaaae64d2e223
7bebfeee8c16008d94ed534cc397d6b7cd5bad2798b47a9ed90564c46943b9ed
7f116ce064296bb68f5adc78f16e0298efd4a0db15077406976147f6ce69a5b8
849e2e8efd14f65e824672b0f4940c7a1fbe29ac5523ec96ab8cee9ee8f38fc4
8af91884a741c176fb9db7fcebee9c3cea46de851eadee2c67cedfa1a82a50a8
8c9bd41b330a272ec532d196fe5c8a1c6fc97a64bb6bed476a7c36a34ab2f4b2
95f02a16a7c0829445717c148bc56e35d6bff8c6a00c7b04e3a688d6d9516592
96d044c8f6b997e4c075904080129d0e8890ebbcbacb0985bd783d1b07830f3f
9ced6e1eb36294bce900a56cc4dac3a83e4d6b081bcbd9a0fc7d29b57c544547
a4cacb52fd8f9cf1cf5a024cd14e0fafc0e465fd612393a987738a26aa422e4b
aa56d1d5705d9b14c79475c7aea45727c040ba78972bace4532ccf23a815650e
abdb13b747cbe9b0466c8d07eecfaf2eb99a7d329536b1587060bc73260655b3
b25a37870e2a2df1197250f5e9befbbcc689663262ffacd7f53ccd0693411525
b27fccb53f03ae2ebf5a651aed66f9f0bc9e20a288c0d62ad82b3170928a07ee
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
cbfe8f32c497591f8e1fae195f56d3f0db4325ae846d58185a56b10a4f62b564
e5a411907e35530804aa2892379255ea84945d09478345e6833a0e1ed5913bae
e88dfdc83a5b9e7913087e8cff9bea3c68109132cc66d6b7dbef1894fd6f0eec
f310c86428452818a333b3d277ece166dc1bc4aa596719b5bcdd4ac3e6092f67
f97006dcf19add73b5e13c546156587a79b449417c6c2581bfb92fc4aae1bbcc