beaglesecurity.com Open in urlscan Pro
143.204.215.24 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://shorturl.at/lFJNT
Effective URL:
https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html
Submission: On September 29 via manual (September 29th 2022, 11:34:15 am UTC) from US — Scanned from DE

Summary HTTP 80 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 16 IPs in 5 countries across 12 domains to perform 80 HTTP transactions. The main IP is 143.204.215.24, located in United States and belongs to AMAZON-02, US. The main domain is beaglesecurity.com.
TLS certificate: Issued by Amazon on April 1st 2022. Valid for: a year.

This is the only time beaglesecurity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	2606:4700:303... 2606:4700:3037::ac43:ab5a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 46	143.204.215.24 143.204.215.24	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
3	185.180.12.68 185.180.12.68	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
3	108.138.7.32 108.138.7.32	16509 (AMAZON-02) (AMAZON-02)
2	52.147.219.53 52.147.219.53	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	34.231.184.123 34.231.184.123	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80a::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:600... 2a04:4e42:600::282	54113 (FASTLY) (FASTLY)
6	63.33.126.66 63.33.126.66	16509 (AMAZON-02) (AMAZON-02)
2	52.19.205.206 52.19.205.206	() ()
80	16

2 2606:4700:3037::ac43:ab5a (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

shorturl.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.shorturl.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 143.204.215.24 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-24.fra53.r.cloudfront.net

beaglesecurity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.180.12.68 (Vienna, Austria)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-731.bunnyinfra.net

cdn.convertbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.7.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-32.fra56.r.cloudfront.net

cdn-app.continual.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.147.219.53 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

api.beaglesecurity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.231.184.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-184-123.compute-1.amazonaws.com

app.convertbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 63.33.126.66 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-126-66.eu-west-1.compute.amazonaws.com

app.continual.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.19.205.206 (None, )

ASN- ()

wss-pr.continual.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	beaglesecurity.com 1 redirects beaglesecurity.com api.beaglesecurity.com	1 MB
11	continual.ly cdn-app.continual.ly — Cisco Umbrella Rank: 168585 app.continual.ly — Cisco Umbrella Rank: 168937 wss-pr.continual.ly	101 KB
6	convertbox.com cdn.convertbox.com — Cisco Umbrella Rank: 25487 app.convertbox.com — Cisco Umbrella Rank: 25149	157 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 28	20 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 41	4 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6301	564 B
2	google.com www.google.com — Cisco Umbrella Rank: 2	564 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 79	469 B
2	gstatic.com fonts.gstatic.com	43 KB
2	shorturl.at 2 redirects shorturl.at — Cisco Umbrella Rank: 163584 www.shorturl.at — Cisco Umbrella Rank: 187496	1 KB
1	polyfill.io polyfill.io — Cisco Umbrella Rank: 1306	417 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64
80	12

	Domain	Requested by
46	beaglesecurity.com	1 redirects beaglesecurity.com
6	app.continual.ly	cdn-app.continual.ly
3	app.convertbox.com	cdn.convertbox.com
3	cdn-app.continual.ly	beaglesecurity.com cdn-app.continual.ly app.continual.ly
3	www.google-analytics.com	beaglesecurity.com www.google-analytics.com
3	cdn.convertbox.com	beaglesecurity.com cdn.convertbox.com
3	fonts.googleapis.com	beaglesecurity.com cdn.convertbox.com cdn-app.continual.ly
2	wss-pr.continual.ly	cdn-app.continual.ly
2	www.google.de	beaglesecurity.com
2	www.google.com	beaglesecurity.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	api.beaglesecurity.com	beaglesecurity.com
2	fonts.gstatic.com	fonts.googleapis.com
1	polyfill.io	cdn.convertbox.com
1	www.googletagmanager.com	beaglesecurity.com
1	www.shorturl.at	1 redirects
1	shorturl.at	1 redirects
80	17

This site contains links to these domains. Also see Links.

Domain
help.beaglesecurity.com
www.facebook.com
twitter.com
www.linkedin.com

Subject Issuer	Validity	Valid
*.beaglesecurity.com Amazon	`2022-04-01` - `2023-04-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
cdn.convertbox.com R3	`2022-09-19` - `2022-12-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.continual.ly Amazon	`2022-07-09` - `2023-08-07`	a year	crt.sh
api.beaglesecurity.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-01` - `2023-10-02`	a year	crt.sh
convertbox.com Amazon	`2022-07-27` - `2023-08-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-03-08` - `2023-04-09`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html
Frame ID: 6CD8131E0D1E935794C856D54686410B
Requests: 91 HTTP requests in this frame

Frame: https://app.continual.ly/chat/empty-state
Frame ID: EC58A9003A2781B6164EE50B9483D252
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hardening Server Security By Implementing Security Headers

Page URL History Show full URLs

http://shorturl.at/lFJNT HTTP 301
https://www.shorturl.at/lFJNT HTTP 302
https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html Page URL

Detected technologies

Prototype (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

80
Requests

99 %
HTTPS

56 %
IPv6

12
Domains

17
Subdomains

16
IPs

5
Countries

1765 kB
Transfer

3486 kB
Size

4
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://help.beaglesecurity.com/
Title: Help Center

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

Search URL Search Domain Scan URL

URL: https://twitter.com/MohanManindar

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/manieendar-mohan-861a36186/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/beaglesecure/

Search URL Search Domain Scan URL

URL: https://twitter.com/beaglesecure

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/beaglesecurity/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://shorturl.at/lFJNT HTTP 301
https://www.shorturl.at/lFJNT HTTP 302
https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://beaglesecurity.com/blog/images/Zero-day-400%E2%80%931png HTTP 301
https://beaglesecurity.com/images/Zero-day-400%E2%80%931png/

80 HTTP transactions
17 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request hardening-server-security-by-implementing-security-headers.html Show response
beaglesecurity.com/blog/article/
Redirect Chain

http://shorturl.at/lFJNT
https://www.shorturl.at/lFJNT
https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

62 KB
11 KB

412ms
297ms

Document
text/html

143.204.215.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-24.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

fb9174684c54d7db97c091eede29f9fad89697dc55fc9bf6590fd591a2fdf86c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=0, s-maxage=2
content-encoding: gzip
content-type: text/html
date: Thu, 29 Sep 2022 11:34:10 GMT
etag: W/"f71068338a15b539acb75dcb21e5acfd"
last-modified: Tue, 27 Sep 2022 14:37:47 GMT
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 19ae496eb414e9373ed8ce49d0fdbba2.cloudfront.net (CloudFront), 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-id: BSim5hDluDoHTg7xQLmHfTc_Q5CSWVEqaQoQKEFteCL1lMRcL7WoAQ==
x-amz-cf-pop: IAD79-C1 FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7524686f4b95bbaf-FRA
content-type: text/html; charset=UTF-8
date: Thu, 29 Sep 2022 11:34:08 GMT
location: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ywxeoCH8sq31Y2du%2Fng66%2BSvZhPu6vWCdHvATWa3w88kRAxUknIVnARxoRgMdPJ0FhP0jTcho3rAvFiPCjQdK6QhI8U%2Bo3spAyxcQRq%2BwHwSUChb%2B85pWrKw2UUhWU3rf7QxSu9w99SN%2FKsmtAY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block

GET
H2 200 vulnerabilities-index2.css
beaglesecurity.com/blog/css/ 139 KB
24 KB 523ms
522ms Stylesheet
text/css 143.204.215.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://beaglesecurity.com/blog/css/vulnerabilities-index2.css

Requested by

Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-24.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

244881532c7e2d2048834528429e1da97a8ba3c220381f323a30345c9d8e32ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:34:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: IAD55-P4, FRA53-C1
x-amz-server-side-encryption: AES256
via: 1.1 e20259e84d7d881ed453b1f0e4f9a4c6.cloudfront.net (CloudFront), 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 14:37:47 GMT
server: AmazonS3
etag: W/"0e6d22b9d6ebbded40b150aa2417cfc4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: jlHoWVZn5sRlxIUDQGLBrNK_4T_Ixr8Hd-AQBxEKcCGb1ZLguwB1fQ==

GET
H2 200 blog78872AAA8C66619B881B9BD7B4C0B137D53530bcdh.css
beaglesecurity.com/blog/css/ 208 KB
45 KB 255ms
255ms Stylesheet
text/css 143.204.215.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://beaglesecurity.com/blog/css/blog78872AAA8C66619B881B9BD7B4C0B137D53530bcdh.css

Requested by

Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-24.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

281e0f16da5ec9060bfcf7a9aa8f2e00873fbd2395443b7cb1e4ea761d32daf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:34:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: IAD66-C2, FRA53-C1
x-amz-server-side-encryption: AES256
via: 1.1 a3cc6ada872dd8799739f0e62dddda7c.cloudfront.net (CloudFront), 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 14:37:47 GMT
server: AmazonS3
etag: W/"4fad0f7d2e7670e09b2bf3deaa514129"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: X4EIjiUimInH2GZBncHIyVKucd6DqXuduuV6OGm7bQdPdYcRJvMLyg==

GET
H2 200 css
fonts.googleapis.com/ 12 KB
1 KB 137ms
48ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,400,500|Roboto:400,500|Rubik:400,500)

Requested by

Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

52590177d051678730bad1b26908c004c6546dfc6876525f76c40a9453e4d220

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 29 Sep 2022 11:34:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 29 Sep 2022 11:34:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Sep 2022 11:34:09 GMT

GET
H2 200 jquery.min.js Show response
beaglesecurity.com/blog/js/ 129 KB
41 KB 341ms
340ms Script
application/javascript 143.204.215.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://beaglesecurity.com/blog/js/jquery.min.js

Requested by

Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-24.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

273173d6e40ca977e9f172d03076a04daff1aa112cb9a90a260e9bc5ac63c570

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:34:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: IAD55-P4, FRA53-C1
x-amz-server-side-encryption: AES256
via: 1.1 e20259e84d7d881ed453b1f0e4f9a4c6.cloudfront.net (CloudFront), 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 14:37:53 GMT
server: AmazonS3
etag: W/"35e6595cc67030c0e074e238a7f2b7ca"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: zkF7zvU7JALpwsMmpaR4auYoOaU8O27-tK57dTgWHXpR_xgcb9r-AA==

GET
H2 200 header_blog_banner.png
beaglesecurity.com/blog/images/ 102 KB
103 KB 367ms
339ms Image
image/png 143.204.215.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beaglesecurity.com/blog/images/header_blog_banner.png

Requested by

Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-24.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

203d7181e96e33ee296c2f0370a4e5ca32e5c381332ff9d351c17234f60badcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:34:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 e7803a00a023f1e04faef1ed4f572ace.cloudfront.net (CloudFront), 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P4, FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 104734
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 14:37:49 GMT
server: AmazonS3
etag: "f56e62a0263a4455cf1b9ceb2effbae8"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
x-amz-cf-id: xnViMOd0gJP81FSI3A9N8Jan4PZzv5HL4ljvQz5DsdhB8SsEVi8DdQ==

GET
H2 200 header_img.png
beaglesecurity.com/blog/images/ 56 KB
56 KB 306ms
275ms Image
image/png 143.204.215.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beaglesecurity.com/blog/images/header_img.png

Requested by

Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-24.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d028cc1d75a514a11550a675be233378de77c809fb0819e03564ad88b89661e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:34:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 d1dad7d3c339d87d553c26a84c9ca5d2.cloudfront.net (CloudFront), 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P4, FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 56876
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 14:37:49 GMT
server: AmazonS3
etag: "c351054d724d731aa917ce5c10186e10"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
x-amz-cf-id: KOQDLHyXOkI9412TejbweOSaQDQw_aI8uZJxS2K9sfj7w9Uji2IYDQ==

GET
H2 200 blog_diagram.png
beaglesecurity.com/blog/images/ 22 KB
23 KB 298ms
268ms Image
image/png 143.204.215.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beaglesecurity.com/blog/images/blog_diagram.png

Requested by

Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-24.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

3c18aa43e1ca4aa6c3e5316a608b0171614c95bb23ec88a4a42fa840fba18b57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:34:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 25e2963eb5d8a7965bc8b98c455aab48.cloudfront.net (CloudFront), 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD66-C2, FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 22777
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 14:37:48 GMT
server: AmazonS3
etag: "1605371e9347d0a9ac4dcaf4baf005bb"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
x-amz-cf-id: VL0tic6XtVFPwFI5fgDuPl5ctuPqWL_hisLt8EsPNhJeGFRdwigFDQ==

GET
H2 200 heder_post1.png
beaglesecurity.com/blog/images/ 16 KB
17 KB 290ms
261ms Image
image/png 143.204.215.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beaglesecurity.com/blog/images/heder_post1.png

Requested by

Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-24.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d28424eedbba774257820f99d91281f57ccb6ad63907f8bd5ed3e95c4c612c60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:34:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 5e85a7e9f75a591c64db206ef2e2a17c.cloudfront.net (CloudFront), 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P4, FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 16346
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 14:37:49 GMT
server: AmazonS3
etag: "f09bc7f16b35020d0de4f2669d035a65"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
x-amz-cf-id: Z2T0Z1w_E_TxvP89VI9GocPWns4TfUYDg26K2kVpUj-kSk5XMsYdQg==

GET
H2 200 heder_img9.png
beaglesecurity.com/blog/images/ 40 KB
41 KB 276ms
248ms Image
image/png 143.204.215.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beaglesecurity.com/blog/images/heder_img9.png

Requested by

Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-24.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e5b258d5a02731bdcfbcfa87ac52155f161ff4b44019d5956772d206d97d2857

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:34:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 477f2815176dbf316918cf19d9dc3eb6.cloudfront.net (CloudFront), 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P4, FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 41258
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 14:37:49 GMT
server: AmazonS3
etag: "fd6e5387249e2a30a6303679e9d715f7"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
x-amz-cf-id: THzrW6JrKwFDpHvezp-hjcM5vGSMUsXGwNBWhCC9o27_rZKXwM0eew==

GET
H2 200 header_img10.png
beaglesecurity.com/blog/images/ 7 KB
8 KB 477ms
450ms Image
image/png 143.204.215.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beaglesecurity.com/blog/images/header_img10.png

Requested by

Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-24.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

18dd74cfc289078792ddb9493db0ccbfa063c16f22499fffcbc9393ddd1d4863

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:34:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 6d5b0fa46ef77b2ff227bdbcee6603ee.cloudfront.net (CloudFront), 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P4, FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 7129
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 14:37:49 GMT
server: AmazonS3
etag: "2c2c9712cbbdd3259a50cfff26bac164"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
x-amz-cf-id: LmsjLuUYzxmRoav2K5Hpo_j2hOX3XVFvwdDk7hBCZgs_eST6FrWK7A==

GET
H2 200 header_img2.png
beaglesecurity.com/blog/images/ 24 KB
25 KB 413ms
386ms Image
image/png 143.204.215.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beaglesecurity.com/blog/images/header_img2.png

Requested by

Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-24.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f98c2cd7829cde23a541be4a31279245ceb530ec56cc2dfb022ba3887ab94cd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:34:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 6ba47df044361b708e00c6d6274556cc.cloudfront.net (CloudFront), 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD79-C1, FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 25075
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 14:37:49 GMT
server: AmazonS3
etag: "4ec3cafa5d6bc2c3179a07ed6b67ec41"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
x-amz-cf-id: 4txM00m8122bq0fjIqTeQ2bSBp1UL_uiMdmVQmSx8LllColPnygRaQ==

GET
H2 200 header_img3.png
beaglesecurity.com/blog/images/ 3 KB
4 KB 332ms
306ms Image
image/png 143.204.215.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beaglesecurity.com/blog/images/header_img3.png

Requested by

Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-24.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f8140bde9f12b6897f5ea25decb656e98d4ef9f29094e2054fc223a433f23dd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:34:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 41bff299fdda9786ca0451ad8ebed114.cloudfront.net (CloudFront), 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P4, FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 3171
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 14:37:49 GMT
server: AmazonS3
etag: "4b070a463516b44d9a3de65e223698b5"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
x-amz-cf-id: bTrDJc53uVTa3yDIhZgsc5ot0hM0-zXfKklx1hriRPhiNlDEFDR2Zw==

GET
H2 200 header_img4.png
beaglesecurity.com/blog/images/ 19 KB
20 KB 409ms
384ms Image
image/png 143.204.215.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beaglesecurity.com/blog/images/header_img4.png

Requested by

Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-24.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

74ecaae6ee86b65e8b467c713c9b8177a3fb655bfdb8ded1e8a90bffeaaedff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:34:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 d4c915561282ddbdd32f1872279fb546.cloudfront.net (CloudFront), 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD66-C2, FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 19694
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 14:37:49 GMT
server: AmazonS3
etag: "5536156e23733f2a0e33b1e16a98e546"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
x-amz-cf-id: cAK_1CX4HqULCLLes-ytAa7zhaDLG0APZSIj-Iss7_FRpM8DUcbjag==

GET
H2 200 header_img5.png
beaglesecurity.com/blog/images/ 2 KB
3 KB 345ms
320ms Image
image/png 143.204.215.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beaglesecurity.com/blog/images/header_img5.png

Requested by

Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-24.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

1c12af96ae3f3c0573743a2b2d9ffbbac9a032276a918cf7c7e11a3a9dc3c839

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:34:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 3aec3b44fb976422e513a356ccd76eb8.cloudfront.net (CloudFront), 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P4, FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 2271
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 14:37:49 GMT
server: AmazonS3
etag: "f00cc62dd36bb4c5b702b95937099d38"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
x-amz-cf-id: Fye4_vsze7y_DL8VQymIDEbLuMH7a_2OSLM_onicpKQ59aL9oEfeFg==

GET
H2 200 header_img6.png
beaglesecurity.com/blog/images/ 21 KB
22 KB 356ms
332ms Image
image/png 143.204.215.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beaglesecurity.com/blog/images/header_img6.png

Requested by

Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-24.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c7c9c153eb6e8cd061a6017c09141c0340e752fafe197751584fd449e4f03b66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:34:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 170caffbbbc9abe2c5fd15f4f58b75b4.cloudfront.net (CloudFront), 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P4, FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 21454
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 14:37:49 GMT
server: AmazonS3
etag: "e9a9ff8de27fd28ccf4f5a70431e2d6c"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
x-amz-cf-id: gcbwVQEyamTemvX9OKQ7C1gKVf2PBhp48XzMQHSHKtXRiRxXp9NCZA==

GET
H2 200 header_img7.png
beaglesecurity.com/blog/images/ 5 KB
5 KB 343ms
320ms Image
image/png 143.204.215.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beaglesecurity.com/blog/images/header_img7.png

Requested by

Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-24.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0bff9649b7e276cab41e1e267e7bf6b1849aa6fde2b71e7344081ef9c4d968f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:34:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 2896f6be77233cf3f24b7a1aaae1c6f2.cloudfront.net (CloudFront), 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P4, FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 4927
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 14:37:49 GMT
server: AmazonS3
etag: "4774543bd71f2c4706e166597a5f20c8"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
x-amz-cf-id: VRQd6yjUUPAOrmdLUS-WCY2YtQt5iWOXMRdzGCv0FPaxp7AS0O57sQ==

GET
H2 200 header_img11.png
beaglesecurity.com/blog/images/ 20 KB
21 KB 402ms
380ms Image
image/png 143.204.215.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beaglesecurity.com/blog/images/header_img11.png

Requested by

Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-24.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

3fec2275db250496ed7f2e038ad2649f6428dacc3583e15e6de58645d836af36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:34:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 170caffbbbc9abe2c5fd15f4f58b75b4.cloudfront.net (CloudFront), 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P4, FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 20704
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 14:37:49 GMT
server: AmazonS3
etag: "6086aadfe40cd229757b72c69f75f818"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
x-amz-cf-id: KdIuVt4Uq_M7oqgWp404-lUwLC74Z0V242Y1FcFXKnJDhq4jFQnyqQ==

GET
H2 200 manu.jpg
beaglesecurity.com/blog/images/ 25 KB
25 KB 568ms
546ms Image
image/jpeg 143.204.215.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beaglesecurity.com/blog/images/manu.jpg

Requested by

Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-24.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b65415e74b1038b671424fe33ec16f187c346b9c7ca4aee8878970eaec08ad2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:34:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 a5f3f63e5cb1bdf37811b61ad2c25cbc.cloudfront.net (CloudFront), 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P4, FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 25300
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 14:37:50 GMT
server: AmazonS3
etag: "b0535f83d482aa7bd81382551f5b3db5"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
x-amz-cf-id: E3JHtu1EhlrY7TQnM583S5SWL-rDslMXA7GHtxKPe3sIqk4hCT3zhw==

GET
H2 200 arrow.svg
beaglesecurity.com/blog/images/ 141 B
709 B 467ms
446ms Image
image/svg+xml 143.204.215.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beaglesecurity.com/blog/images/arrow.svg

Requested by

Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-24.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

9315a05b675669ff8fafd63197450a8fd6bb2b04ba616aff2df54ddacb688292

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:34:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 420b04515afbec0c45b59617f13f792a.cloudfront.net (CloudFront), 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P4, FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 141
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 14:37:47 GMT
server: AmazonS3
etag: "9b229100c5936b4a165094d553dba071"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
x-amz-cf-id: m4zPnK2wNKe3smND4x7tTegCCTW--nBmzQU9kC5ZoehqaGxWD1l62w==

GET
H2

200

/
beaglesecurity.com/images/Zero-day-400%E2%80%931png/
Redirect Chain

https://beaglesecurity.com/blog/images/Zero-day-400%E2%80%931png
https://beaglesecurity.com/images/Zero-day-400%E2%80%931png/

9 KB
9 KB

212ms
212ms

Image
text/html

143.204.215.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beaglesecurity.com/images/Zero-day-400%E2%80%931png/

Requested by

Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

Protocol

Server

143.204.215.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-24.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .razorpay.com https://player.vimeo.com/video/332465104 https://api.beaglesecurity.com; script-src 'self' 'sha256-lCK8kbtszNy7OV+52eCq5Yg81sFTULdntdRwxa1qAks=' 'sha256-Hmf++03+BrxkuiUFdG1u2bwHGxtoGD3/emzipNmyHbY=' 'sha256-pmsez5EB4YS4iy2LRhgYPNiKFxBthp18r5w1zn3ZK18=' 'sha256-VgDho05hC+rk0IX3lT6HJhxX6zJpgyu3mbHLITHfmcY=' 'sha256-K1kqbxq6xEWDbKJnxuGIZYl9JoQ07SJg30R4Ov121ds=' 'sha256-aFA24LbKIm4lrULoEbrYHat912KT8ByBJOVD3B51Ny0=' 'sha256-d4B6lEcrQsH2tDreZ1+2hVvLUSPz8dDJpezNUNiGN8g=' 'sha256-dcoyENHLRJOqmCiAMxmejwGnbj1/EQeIReoabjyXfOk=' 'sha256-s4Tl9efBX9yC1agAVbv8+UbhjxialxvuBXXGN0ccWnw=' 'sha256-O6piNkhLv4BI/Oje+MccCmgUSrS1sIp+CMaOsvD/VWU=' 'sha256-IQcKtbEkORZCy5EW64OMP+BXcjFvuq1sNjV0AWR3wXI=' 'sha256-EuSF9nDoO2/apGbQXHYet70rcVmpsNoSes9CySNhKiU=' 'sha256-5S99q6jndgj/1QLrMHPEn/sfbwqtpAGEbSC6puBBLyw=' 'sha256-2up2rgdKW53euQ/PmcTNamzJ4fC5/hmGeXi+S6BqhmQ=' 'sha256-Q6P3i9ZW/n4n8judmhBQWdBfH/yGZTE99EvQjEZ7buw=' 'sha256-hbK0IJI0CPR8zvQTzVACwYnyCVXqsDcLl6ahExgrl3I=' 'sha256-Nh5rLaITzbj1bkShjVfkMCAdJol0s3MB8Jom9aql4lA=' 'sha256-8BPc/aL/sb1jHRlhs98xuIVmSmQ1UC6+3LzgiuYHAf4=' 'sha256-JRAnnU+ku9/OT2YubvF51TZiGeMLv2Xh0Il+7EgxDHs=' 'sha256-tfsXwF1Cp9L0bnO6G55S+SGu4Vs9O7LF0+D8mt2xsUE=' 'sha256-tWwO0SPQcHPaJlQIjKhoB8w+raYPVAL0whO096WPp50=' 'sha256-ELAbYTVOFTEj5Z29tDhug4oItWLjXWowv2IUKiClwto=' 'sha256-skGwnBkKEs2wmEsd9Jao5KpX5IvLLCw7t9j7J0BaqDU=' 'sha256-lryhFdx83rwhw+frTJ97KCtC5yzzEJUJl540HzesTb0=' 'sha256-A0bRfGBvhuYbRVWrrRXC3Raek876F+1obUbOT4M9QHY=' 'sha256-jpl973GjmMJ51DOXLJOac0JcbYcyUPSYzFuMQIcPf2k=' 'sha256-cCNodUHb8k/L3WM2fsPzJ8+IFKtUIA9si2BqeY2Y6js=' 'sha256-bc9sDjcH2obDRdnS9VJR7ccHdYfDNBNMZmMg8VPJsuU=' 'sha256-CgNMB2rkAuKdKuoLkKOgc/Ibm5N1mox9s6uzZsza6So=' 'sha256-AV7TGJ8VNpHzjDmjgKsKYErIv464z4jYAp23SAfobuc=' https://assets.ewebinar.com https://grow.clearbitjs.com https://tracking.g2crowd.com/ https://.clarity.ms https://polyfill.io https://cdn.convertbox.com https://.crisp.chat https://snap.licdn.com/ https://app.getreditus.com/ https://app.getreditus.net/ https://assets.calendly.com https://widget.frill.co/v1/widget.js https://www.googleapis.com/ https://.firebaseio.com/ https://beagle-279123-default-rtdb.firebaseio.com https://.intercom.io https://js.intercomcdn.com https://js.stripe.com https://cdnjs.cloudflare.com https://player.vimeo.com/api/player.js https://cdn.jsdelivr.net https://checkout.razorpay.com https://beaglesecurity.disqus.com https://.adroll.com https://connect.facebook.net/ https://d.adroll.mgr.consensu.org https://www.googletagmanager.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' https://cdn.convertbox.com https://.crisp.chat https://cdnjs.cloudflare.com https://assets.calendly.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net https://fonts.googleapis.com; img-src https://grow.clearbitjs.com https://c.bing.com https://p.adsymptotic.com https://www.linkedin.com https://.crisp.chat https://tracking.g2crowd.com https://c.clarity.ms/ https://px.ads.linkedin.com https://app.getreditus.com/ https://app.getreditus.net https://assets.calendly.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://.intercom-attachments-5.com https://.intercom-attachments-6.com https://.intercom-attachments-9.com https://www.gravatar.com https://secure.gravatar.com https://i2.wp.com https://www.facebook.com https://.adroll.com .atlassian.net https://cdn.beaglesecurity.com .amazonaws.com .google.com https://www.google.co.in https://platform.slack-edge.com https://avatars.slack-edge.com https://stats.g.doubleclick.net https://www.google-analytics.com 'self' data:; font-src https://cdn.convertbox.com https://.crisp.chat https://js.intercomcdn.com http://fonts.intercomcdn.com https://fonts.googleapis.com https://fonts.gstatic.com 'self' data:; object-src none; require-sri-for script style; frame-src https://beagle.plutio.com/ https://calendly.com/ https://www.youtube.com https://api.razorpay.com https://player.vimeo.com https://js.stripe.com https://www.googletagmanager.com/ https://widget.frill.co/; connect-src https://api.ewebinar.com/ https://beaglesecurity.ewebinar.com https://.adroll.com/ https://app.convertbox.com https://cdn.convertbox.com wss://.crisp.chat https://.crisp.chat https://.clarity.ms https://identitytoolkit.googleapis.com https://www.googleapis.com/ wss://*.firebaseio.com https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://api.beaglesecurity.com wss://api.beaglesecurity.com; base-uri 'self' https://api.beaglesecurity.com; form-action 'self' https://intercom.help https://api-iam.intercom.io https://api.beaglesecurity.com; media-src 'self' https://js.intercomcdn.com; child-src 'self' https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com;
Strict-Transport-Security	max-age=315360000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:34:11 GMT
content-security-policy: default-src 'self' *.razorpay.com https://player.vimeo.com/video/332465104 https://api.beaglesecurity.com; script-src 'self' 'sha256-lCK8kbtszNy7OV+52eCq5Yg81sFTULdntdRwxa1qAks=' 'sha256-Hmf++03+BrxkuiUFdG1u2bwHGxtoGD3/emzipNmyHbY=' 'sha256-pmsez5EB4YS4iy2LRhgYPNiKFxBthp18r5w1zn3ZK18=' 'sha256-VgDho05hC+rk0IX3lT6HJhxX6zJpgyu3mbHLITHfmcY=' 'sha256-K1kqbxq6xEWDbKJnxuGIZYl9JoQ07SJg30R4Ov121ds=' 'sha256-aFA24LbKIm4lrULoEbrYHat912KT8ByBJOVD3B51Ny0=' 'sha256-d4B6lEcrQsH2tDreZ1+2hVvLUSPz8dDJpezNUNiGN8g=' 'sha256-dcoyENHLRJOqmCiAMxmejwGnbj1/EQeIReoabjyXfOk=' 'sha256-s4Tl9efBX9yC1agAVbv8+UbhjxialxvuBXXGN0ccWnw=' 'sha256-O6piNkhLv4BI/Oje+MccCmgUSrS1sIp+CMaOsvD/VWU=' 'sha256-IQcKtbEkORZCy5EW64OMP+BXcjFvuq1sNjV0AWR3wXI=' 'sha256-EuSF9nDoO2/apGbQXHYet70rcVmpsNoSes9CySNhKiU=' 'sha256-5S99q6jndgj/1QLrMHPEn/sfbwqtpAGEbSC6puBBLyw=' 'sha256-2up2rgdKW53euQ/PmcTNamzJ4fC5/hmGeXi+S6BqhmQ=' 'sha256-Q6P3i9ZW/n4n8judmhBQWdBfH/yGZTE99EvQjEZ7buw=' 'sha256-hbK0IJI0CPR8zvQTzVACwYnyCVXqsDcLl6ahExgrl3I=' 'sha256-Nh5rLaITzbj1bkShjVfkMCAdJol0s3MB8Jom9aql4lA=' 'sha256-8BPc/aL/sb1jHRlhs98xuIVmSmQ1UC6+3LzgiuYHAf4=' 'sha256-JRAnnU+ku9/OT2YubvF51TZiGeMLv2Xh0Il+7EgxDHs=' 'sha256-tfsXwF1Cp9L0bnO6G55S+SGu4Vs9O7LF0+D8mt2xsUE=' 'sha256-tWwO0SPQcHPaJlQIjKhoB8w+raYPVAL0whO096WPp50=' 'sha256-ELAbYTVOFTEj5Z29tDhug4oItWLjXWowv2IUKiClwto=' 'sha256-skGwnBkKEs2wmEsd9Jao5KpX5IvLLCw7t9j7J0BaqDU=' 'sha256-lryhFdx83rwhw+frTJ97KCtC5yzzEJUJl540HzesTb0=' 'sha256-A0bRfGBvhuYbRVWrrRXC3Raek876F+1obUbOT4M9QHY=' 'sha256-jpl973GjmMJ51DOXLJOac0JcbYcyUPSYzFuMQIcPf2k=' 'sha256-cCNodUHb8k/L3WM2fsPzJ8+IFKtUIA9si2BqeY2Y6js=' 'sha256-bc9sDjcH2obDRdnS9VJR7ccHdYfDNBNMZmMg8VPJsuU=' 'sha256-CgNMB2rkAuKdKuoLkKOgc/Ibm5N1mox9s6uzZsza6So=' 'sha256-AV7TGJ8VNpHzjDmjgKsKYErIv464z4jYAp23SAfobuc=' https://assets.ewebinar.com https://grow.clearbitjs.com https://tracking.g2crowd.com/ https://*.clarity.ms https://polyfill.io https://cdn.convertbox.com https://*.crisp.chat https://snap.licdn.com/ https://app.getreditus.com/ https://app.getreditus.net/ https://assets.calendly.com https://widget.frill.co/v1/widget.js https://www.googleapis.com/ https://*.firebaseio.com/ https://beagle-279123-default-rtdb.firebaseio.com https://*.intercom.io https://js.intercomcdn.com https://js.stripe.com https://cdnjs.cloudflare.com https://player.vimeo.com/api/player.js https://cdn.jsdelivr.net https://checkout.razorpay.com https://beaglesecurity.disqus.com https://*.adroll.com https://connect.facebook.net/ https://d.adroll.mgr.consensu.org https://www.googletagmanager.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' https://cdn.convertbox.com https://*.crisp.chat https://cdnjs.cloudflare.com https://assets.calendly.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net https://fonts.googleapis.com; img-src https://grow.clearbitjs.com https://c.bing.com https://p.adsymptotic.com https://www.linkedin.com https://*.crisp.chat https://tracking.g2crowd.com https://c.clarity.ms/ https://px.ads.linkedin.com https://app.getreditus.com/ https://app.getreditus.net https://assets.calendly.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://www.gravatar.com https://secure.gravatar.com https://i2.wp.com https://www.facebook.com https://*.adroll.com *.atlassian.net https://cdn.beaglesecurity.com *.amazonaws.com *.google.com https://www.google.co.in https://platform.slack-edge.com https://avatars.slack-edge.com https://stats.g.doubleclick.net https://www.google-analytics.com 'self' data:; font-src https://cdn.convertbox.com https://*.crisp.chat https://js.intercomcdn.com http://fonts.intercomcdn.com https://fonts.googleapis.com https://fonts.gstatic.com 'self' data:; object-src none; require-sri-for script style; frame-src https://beagle.plutio.com/ https://calendly.com/ https://www.youtube.com https://api.razorpay.com https://player.vimeo.com https://js.stripe.com https://www.googletagmanager.com/ https://widget.frill.co/; connect-src https://api.ewebinar.com/ https://beaglesecurity.ewebinar.com https://*.adroll.com/ https://app.convertbox.com https://cdn.convertbox.com wss://*.crisp.chat https://*.crisp.chat https://*.clarity.ms https://identitytoolkit.googleapis.com https://www.googleapis.com/ wss://*.firebaseio.com https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://api.beaglesecurity.com wss://api.beaglesecurity.com; base-uri 'self' https://api.beaglesecurity.com; form-action 'self' https://intercom.help https://api-iam.intercom.io https://api.beaglesecurity.com; media-src 'self' https://js.intercomcdn.com; child-src 'self' https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com;
content-encoding: gzip
strict-transport-security: max-age=315360000; includeSubDomains; preload
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin
last-modified: Thu, 29 Sep 2022 09:27:16 GMT
server: AmazonS3
etag: W/"9cb4041bb9d40c85f9654560f4a3a306"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: kgu__j4CO0qYTEPXRolBktvdEfRj59ztm4iN83BBiguEAgbfBjKpaQ==

Redirect headers

date: Thu, 29 Sep 2022 11:34:09 GMT
via: 1.1 2cfc0bae5f623e4a6a6bc0939f1d71c8.cloudfront.net (CloudFront), 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: IAD66-C2, FRA53-C1
x-cache: Miss from cloudfront
content-type: application/xml
location: /images/Zero-day-400%E2%80%931png/
content-length: 0
x-amz-cf-id: yg_YtChxV-B5cP15aLBlut9NPyfA3PynISMYvyeBZgszi4haHVMnEQ==

GET
H2 200 Zero-day-400.png
beaglesecurity.com/blog/images/ 6 KB
6 KB 403ms
383ms Image
image/png 143.204.215.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beaglesecurity.com/blog/images/Zero-day-400.png

Requested by

Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-24.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

6a46391c2208f4f5af05b4fe8cdf612ef8d1ac55e8bac89d4d3fbaa424b8fc80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:34:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 27dc27c157f4b42ae253527f76742be4.cloudfront.net (CloudFront), 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P4, FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 5988
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 14:37:52 GMT
server: AmazonS3
etag: "247dabcb243c6ea7356086bd31cd5179"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
x-amz-cf-id: xHhJ0rytEHeUiIyiTLjw_JH2X4_xAOeOZybTalY-hRBG2z2pfPEMsA==

GET
H2 200 DevSecOps_400.png
beaglesecurity.com/blog/images/ 17 KB
18 KB 333ms
313ms Image
image/png 143.204.215.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beaglesecurity.com/blog/images/DevSecOps_400.png

Requested by

Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-24.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ecf4072cd8e32c9ebd8b78743a66a6a54913f2e2cb02c382a60eae2b3f520253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:34:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 2cfc0bae5f623e4a6a6bc0939f1d71c8.cloudfront.net (CloudFront), 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD66-C2, FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 17519
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 14:37:49 GMT
server: AmazonS3
etag: "b21076f739a52c73161c632f4a75fd3f"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
x-amz-cf-id: wu5h35vQxEvcJTIE1h5A7WXMzMwIjgLsaWn6xwICgWlw31rFmVyEVw==

GET
H2 200 G2_400_1.png
beaglesecurity.com/blog/images/ 46 KB
46 KB 356ms
337ms Image
image/png 143.204.215.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beaglesecurity.com/blog/images/G2_400_1.png

Requested by

Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-24.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4b889cda6e8e57a8d442327357932726bdc739922a7483d2d6b696a5b37f43cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:34:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 f92491812e422470607f365e923929b4.cloudfront.net (CloudFront), 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD79-C1, FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 46920
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 14:37:49 GMT
server: AmazonS3
etag: "864b022156d11383bc4158909e49dd29"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
x-amz-cf-id: 9UuPu84T5b-qC0KLq5sHuxGhleO9-8pj1frnM6G3LfzCSGNNuZXSpg==

GET
H2 200 Login_400_1.png
beaglesecurity.com/blog/images/ 58 KB
59 KB 343ms
325ms Image
image/png 143.204.215.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beaglesecurity.com/blog/images/Login_400_1.png

Requested by

Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-24.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

1c4d9abe3e72ae85cd748d09ed9749400c10324925d2b8e765ac30e77e36393a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:34:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 6d5b0fa46ef77b2ff227bdbcee6603ee.cloudfront.net (CloudFront), 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P4, FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 59586
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 14:37:50 GMT
server: AmazonS3
etag: "36a47bd077ef8aa47a9da59c16630a23"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
x-amz-cf-id: Ar6tppF2rsIMdqN6HM0dci-yZU--ou22T5LseHeATnFcSehEIxYmhQ==

GET
H2 200 Spring4Shell_Vulnerability_400.png
beaglesecurity.com/blog/images/ 23 KB
24 KB 443ms
426ms Image
image/png 143.204.215.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beaglesecurity.com/blog/images/Spring4Shell_Vulnerability_400.png

Requested by

Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-24.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e2a92ed1a00101b2f9ee8ac363b52f796cbc8feb0619e7c665a41d62862eb413

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:34:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 53c349fc522efbb2ef351788548039c0.cloudfront.net (CloudFront), 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD66-C2, FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 23794
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 14:37:51 GMT
server: AmazonS3
etag: "6849f7334458607618dcb928b9a6b4ad"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
x-amz-cf-id: 3fsblJvXybcxXtfIp2fEbAVcBiKoSxrTN-p40JelAZD1DtGrWtY5Lg==

GET
H2 200 Zoom_400.png
beaglesecurity.com/blog/images/ 68 KB
69 KB 460ms
444ms Image
image/png 143.204.215.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beaglesecurity.com/blog/images/Zoom_400.png

Requested by

Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-24.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

fcb0188b5a827b516c891432f35d214ea84a285c59618937154a5babf93b66fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:34:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 ddd3d8441374ce62d11d031216138152.cloudfront.net (CloudFront), 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P4, FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 69740
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 14:37:53 GMT
server: AmazonS3
etag: "08de7ce131286eb399b4344f20a65161"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
x-amz-cf-id: vecmikIw69tlTlCCqIpA--3Iqgie9pxdmcso85MXzwhl_Bak-XUbLA==

GET
H2 200 Web_Application_Security__400.png
beaglesecurity.com/blog/images/ 97 KB
97 KB 383ms
368ms Image
image/png 143.204.215.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beaglesecurity.com/blog/images/Web_Application_Security__400.png

Requested by

Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-24.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

182630ed60280838626e137484eb102b382cf28bc277c43559c2bef3cdee0a30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:34:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 39174a6a452e175e6e614ff396a4ca4e.cloudfront.net (CloudFront), 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD79-C1, FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 98844
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 14:37:53 GMT
server: AmazonS3
etag: "61a83a5a6aafd2def69cd16350172dc5"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
x-amz-cf-id: hRuCHUyly1i24zJyGs7iP2JDm_v0YGsh-UhqAa_DgZskxw51VhBGiw==

GET
H2 200 login_400.png
beaglesecurity.com/blog/images/ 6 KB
7 KB 320ms
306ms Image
image/png 143.204.215.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beaglesecurity.com/blog/images/login_400.png

Requested by

Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-24.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c5dfa4f683dc2b6527546bee05ca21704a4934d29723a63ead23b2453b85f49b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:34:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 1df382f2345322fac115f7931b894fda.cloudfront.net (CloudFront), 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD79-C1, FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 6122
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 14:37:50 GMT
server: AmazonS3
etag: "b6f42e9e431d0190c9911a70dadcdef2"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
x-amz-cf-id: fDLyl7xF6Hi43b24UB1Vhq7fyFKaQSlR9VHnjo1YazLOMr9RGtf35w==

GET
H2 200 WEBINAR_400-1.png
beaglesecurity.com/blog/images/ 20 KB
21 KB 306ms
292ms Image
image/png 143.204.215.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beaglesecurity.com/blog/images/WEBINAR_400-1.png

Requested by

Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-24.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e295d553999d012069dbb2f71ba7bc4cf89995fa5abda024cbc99685112eedf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:34:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 bae9b5cf91e37b01cfae8886aa7bf606.cloudfront.net (CloudFront), 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P4, FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 20560
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 14:37:52 GMT
server: AmazonS3
etag: "dfbf26a2a9ecee5d5b6810bf6374d4e6"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
x-amz-cf-id: kxM1HCVCA0IV3sdu8bGk-hXqw0IbZ2MjdZWCMYgpiyud6oGQFL8fRw==

GET
H2 200 Shiftleft_400.png
beaglesecurity.com/blog/images/ 150 KB
151 KB 377ms
364ms Image
image/png 143.204.215.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beaglesecurity.com/blog/images/Shiftleft_400.png

Requested by

Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-24.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f0641714680629a6e1af17e8e785b2dd7bac5e6f89e58ec2cf71920e7718c7ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:34:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 170caffbbbc9abe2c5fd15f4f58b75b4.cloudfront.net (CloudFront), 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P4, FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 153484
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 14:37:51 GMT
server: AmazonS3
etag: "8bd7c67abfd4be20abb55f057d0b391b"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
x-amz-cf-id: CJ3ISs6tHx_w0rBA0UEv_YTyoncmnmS9J2JL_WXZ72Y1DxJv89Gumg==

GET
H2 200 penetration_testing_400.png
beaglesecurity.com/blog/images/ 53 KB
53 KB 433ms
421ms Image
image/png 143.204.215.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beaglesecurity.com/blog/images/penetration_testing_400.png

Requested by

Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-24.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f6678bd94c196bfb8eee3b50811b81785fb0f3d3b9c426c793407fd1c0bea3dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:34:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 b8682e9104d4ce1d04554da301dc9d64.cloudfront.net (CloudFront), 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P4, FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 53886
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 14:37:50 GMT
server: AmazonS3
etag: "92c4b143340d9ad58c2603a73f4a60ca"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
x-amz-cf-id: pH7kOWh6B1IJOzthWLHEHC_xN2rEc2DVOVU9vTmEbBE9BJD3wtVdzQ==

GET
H2 200 Top50_400.png
beaglesecurity.com/blog/images/ 38 KB
38 KB 397ms
384ms Image
image/png 143.204.215.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beaglesecurity.com/blog/images/Top50_400.png

Requested by

Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-24.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

8c1dc697715560e29484de9ed60045222c64f779e347eba4dd95b996066188a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:34:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 6d5b0fa46ef77b2ff227bdbcee6603ee.cloudfront.net (CloudFront), 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P4, FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 38584
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 14:37:51 GMT
server: AmazonS3
etag: "a3666d6c52df38f8307552aaaaadbf8a"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
x-amz-cf-id: sSlDLPOzQdKn69V1G7RX9N9ibEt9wCV0rxq571-7H70twf_XLI8o9A==

GET
H2 200 ModSecurity_400.png
beaglesecurity.com/blog/images/ 5 KB
5 KB 343ms
332ms Image
image/png 143.204.215.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beaglesecurity.com/blog/images/ModSecurity_400.png

Requested by

Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-24.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

de67d2cec6c072e9645ad18d40181a2b8530decab4e6bbebfd0e1961f67ad434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:34:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 d4c915561282ddbdd32f1872279fb546.cloudfront.net (CloudFront), 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD66-C2, FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 4751
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 14:37:50 GMT
server: AmazonS3
etag: "696fa01158f8f878aaacdefb5ab5eb11"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
x-amz-cf-id: qvHk2uIV32EMcHJQMkSXMrI1D3Sb6Bg7FSnKM4zw0WkIdQ8VhG1AJg==

GET
H2 200 C-400-Polkit.png
beaglesecurity.com/blog/images/ 57 KB
58 KB 361ms
350ms Image
image/png 143.204.215.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beaglesecurity.com/blog/images/C-400-Polkit.png

Requested by

Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-24.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

088d9c7edf1ea0b2d67ce37367d6fbb4bf87e522e7d261b34ec65046b143f20b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:34:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 0af050b863ec46156a524df4e5d86692.cloudfront.net (CloudFront), 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P4, FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 58871
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 14:37:49 GMT
server: AmazonS3
etag: "92b85b8a0a1c1a8230dcd0f4b4b50150"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
x-amz-cf-id: Y9ddnp5rtBrbZKLqhEZ-yED480oUvNy6y3LcACbEUWuPfdiDP_LndQ==

GET
H2 200 Web_cache_400.png
beaglesecurity.com/blog/images/ 5 KB
6 KB 445ms
434ms Image
image/png 143.204.215.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beaglesecurity.com/blog/images/Web_cache_400.png

Requested by

Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-24.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

3b3effd4b57fbc967a987c5044047155125a2f4528d2a35fb3ee3e833a1dc166

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:34:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 ddd3d8441374ce62d11d031216138152.cloudfront.net (CloudFront), 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P4, FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 5206
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 14:37:52 GMT
server: AmazonS3
etag: "c8e1e9f84b6bcb7741e60111d9bc0e9e"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
x-amz-cf-id: Fb9jGBzpUMfZ5BIGK29IuVrGPdRa10eNAki0pKTkheyp9Wft1H6xdg==

GET
H2 200 badge_new_400.png
beaglesecurity.com/blog/images/ 40 KB
41 KB 370ms
360ms Image
image/png 143.204.215.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beaglesecurity.com/blog/images/badge_new_400.png

Requested by

Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-24.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d974a46e6c78283ddd40393bbe87b3094685acf5c00f9810c31e1cf839a692b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:34:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 19ae496eb414e9373ed8ce49d0fdbba2.cloudfront.net (CloudFront), 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD79-C1, FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 41463
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 14:37:47 GMT
server: AmazonS3
etag: "de42ec0b16085c540ffcca434ed71afd"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
x-amz-cf-id: Y7E_tFcaYN3c5y6ajjBaAZ4i3yBkTArzV1tpyWEnrrDtdFDg1INooQ==

GET
H2 200 data_breaches_400.png
beaglesecurity.com/blog/images/ 22 KB
23 KB 319ms
309ms Image
image/png 143.204.215.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beaglesecurity.com/blog/images/data_breaches_400.png

Requested by

Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-24.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ac38e246533d08609d44fd296cc4c0be71a15ea821633473cf4bf9deb791c02a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:34:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 b3169f8fae0104e39a0a9728b6537e08.cloudfront.net (CloudFront), 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P4, FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 22951
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 14:37:48 GMT
server: AmazonS3
etag: "abd2c20978cfd4ed00a6ab01a021f1f3"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
x-amz-cf-id: MUTSBIhZhV45GwKCu_8KQTFIOgVTG2C9-HPtsbTiQOhNW-A0BwANfg==

GET
H2 200 OWASP_2021_400_2.png
beaglesecurity.com/blog/images/ 12 KB
13 KB 431ms
421ms Image
image/png 143.204.215.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beaglesecurity.com/blog/images/OWASP_2021_400_2.png

Requested by

Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-24.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

41105f956885b07a13a2f7de1eb08457a702b992c036a7df41d025d10881e41a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:34:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 5e85a7e9f75a591c64db206ef2e2a17c.cloudfront.net (CloudFront), 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P4, FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 12575
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 14:37:50 GMT
server: AmazonS3
etag: "fdae055b713b4c0e2b1c260ea70a3fc1"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
x-amz-cf-id: 1cUsDUTC6IKCETuqClFbamyCqnsaw4_68wD1F8JfW6_VgcQP2_Hcuw==

GET
H2 200 Web_cache_poisoning_400.png
beaglesecurity.com/blog/images/ 41 KB
42 KB 391ms
381ms Image
image/png 143.204.215.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beaglesecurity.com/blog/images/Web_cache_poisoning_400.png

Requested by

Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-24.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5c570f4f43b55c259e56df88406fa01ca76431c537a97af1bd1e6e9b1aeb82b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:34:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 6ba47df044361b708e00c6d6274556cc.cloudfront.net (CloudFront), 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD79-C1, FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 41970
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 14:37:53 GMT
server: AmazonS3
etag: "3748544aca773f2774a00cf23bd362ad"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
x-amz-cf-id: zKqLBDTtUe4XZW12YC8tPNiyRFCoWRiLIo9-Wb0kolLFOlvMrKuOiw==

GET
H2 200 log4j_400_8.png
beaglesecurity.com/blog/images/ 25 KB
25 KB 306ms
297ms Image
image/png 143.204.215.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beaglesecurity.com/blog/images/log4j_400_8.png

Requested by

Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-24.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

62243caa9ff855887d2c923e40dc70ac9f653a5ba540b010fc3a8a46221dd98d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:34:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 170caffbbbc9abe2c5fd15f4f58b75b4.cloudfront.net (CloudFront), 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P4, FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 25157
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 14:37:50 GMT
server: AmazonS3
etag: "d6f796c7fd18dd0da89e8d9812ac7c74"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
x-amz-cf-id: dUHLkuTWIwnHuQSFlG2Jr5rNiCNQRVixEVBfgucL_ElQ6e2f3POXAw==

GET
H2 200 youtube_400.png
beaglesecurity.com/blog/images/ 26 KB
27 KB 331ms
322ms Image
image/png 143.204.215.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beaglesecurity.com/blog/images/youtube_400.png

Requested by

Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-24.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

7c64bd44a9999e7cb373d132eb1849ad4af247c1a0d673d8a9ee759d11a159eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:34:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 94defde799a43ca420136e37bc3758dc.cloudfront.net (CloudFront), 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P4, FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 26612
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 14:37:52 GMT
server: AmazonS3
etag: "f49768ef079b8412be14ec43883d1e5f"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
x-amz-cf-id: y9rsY27rxwWvaQmrAioX4iJ5sUlmn1ROg33hDctFlei0eNLdjElC_w==

GET
H2 200 dome_400.png
beaglesecurity.com/blog/images/ 5 KB
5 KB 316ms
307ms Image
image/png 143.204.215.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beaglesecurity.com/blog/images/dome_400.png

Requested by

Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-24.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

1adc6c99c2738274f925498b26d34c984598136b899e7463a790751be7229161

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:34:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 ddd3d8441374ce62d11d031216138152.cloudfront.net (CloudFront), 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P4, FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 4637
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 14:37:49 GMT
server: AmazonS3
etag: "23706287649c664d1c27a7dfdf91c8e3"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
x-amz-cf-id: EAIJLuEwLPQ56z4LDD_UQCI6bvzmBdXYKCyzDftdU7fnSBULzIjm5w==

GET
H2 200 search.min.js Show response
beaglesecurity.com/blog/js/ 4 KB
2 KB 266ms
265ms Script
application/javascript 143.204.215.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://beaglesecurity.com/blog/js/search.min.js

Requested by

Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-24.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4522b33684953372d728aee9f778ca2c866812cceec6acf83fa3be1e01cd23f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:34:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: IAD55-P4, FRA53-C1
x-amz-server-side-encryption: AES256
via: 1.1 e7803a00a023f1e04faef1ed4f572ace.cloudfront.net (CloudFront), 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 14:37:52 GMT
server: AmazonS3
etag: W/"52779e9961392548b0f0e9b50ded837b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: o5Rd91NAfvZmRWOWG_J3P00koNOEKxovdO1qVHgSsG7WJwl_ysg-2w==

GET
H2 200 main78872AAA8C66619B881B9BD7B4C0B137D53530Ecdh.js Show response
beaglesecurity.com/blog/js/ 18 KB
5 KB 239ms
238ms Script
application/javascript 143.204.215.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://beaglesecurity.com/blog/js/main78872AAA8C66619B881B9BD7B4C0B137D53530Ecdh.js

Requested by

Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-24.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d0516fc0e10501e057a362fbf199605f81ffbdd2d353f77be8bd1be40785729e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:34:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: IAD55-P4, FRA53-C1
x-amz-server-side-encryption: AES256
via: 1.1 e7803a00a023f1e04faef1ed4f572ace.cloudfront.net (CloudFront), 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 14:37:52 GMT
server: AmazonS3
etag: W/"6e54d14455755afb0d665bbc08e9d9f2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: O3_kjL36yNEryDOxu3_g8impxFccAgy94wV-0DhEb0oXy476W7wHFQ==

GET
H2 404 gtm.js
www.googletagmanager.com/ 0
0 149ms
53ms Script
text/html 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.googletagmanager.com/gtm.js?id=GTM-N5TS2RJ
Requested by: Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H2 200 embed.js Show response
cdn.convertbox.com/convertbox/js/ 3 KB
2 KB 210ms
44ms Script
application/javascript 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.convertbox.com/convertbox/js/embed.js
Requested by: Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT-731 /
Resource Hash: e8548e68a845ea4998a36c690829772b8c8176e4b4bbf00ac77615bc4b282f84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:34:10 GMT
content-encoding: br
cdn-edgestorageid: 731
cdn-cachedat: 05/19/2022 21:22:29
cdn-pullzone: 53020
last-modified: Thu, 19 May 2022 21:17:10 GMT
server: BunnyCDN-AT-731
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"6286b3d6-c3c"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 0efa3f5e-1cdb-4f24-96b0-16bfe6c0cf31
cache-control: public, max-age=31919000
cdn-requestid: 3ae080e2bf7a16bc29f90b40cee82846
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 28ac49ba20cacebb0b3bd9ee4b4c49135c5f9d10767699fe7e45b2d9fc171073

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 269 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ebfa07fd08eced58a372c3353dfdac581d5e3819c1e2bb678610ecbf80be5024

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 376 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 416fd907a4588e25b772e1b99c67bf0041344053fc72d9516934b5bc4dd58781

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 175ms
51ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,500|Roboto:400,500|Rubik:400,500)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://beaglesecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 09:20:18 GMT
x-content-type-options: nosniff
age: 267232
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Sep 2023 09:20:18 GMT

GET
DATA 200
OK truncated
/ 435 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 14a7ef5f93962d7561c1db9ec825ef9d6476bc85af472f377b37d4be0cbce743

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 369 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 24686689348666a8e9fc1cf85e6c9a9e5f83581a1a6c2d43d61ca1f327b29e68

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 700 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 632e17385e393bb6503e09e8088eb52e251ec64a29ec04f8fea593e28cd6b992

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 571 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d65800b963e122417cab4887a7abb3b11947ebe05328b016138478ca4a41cc9f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77b765f002a116c81008c3072ee51509a190a79715f79c3bfe6047b6e4abef64

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 703 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8a91523f14ec6969d10c9ca71b06b8ed6b12d66c663495175fd0d3dfcd4a4730

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 574 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb0e84e60215f7d012fafc12b051d72c02bde5497905a8e1116d2d8911326fb2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 381 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31432c8e4a5126667ca88e9368e508e01ac755965b8e95c3170d34f25fa57d0f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d77d111cbda0233df01d835db86fcc243a443666025492e8736fcf5488cc63b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 867 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ec87bae21d60c8062fa5df218a7278dc0146b66bd0bd4f07eea5252732c9a38d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5993a42423c84d774021c2585531b3d8cb0c44287e994f7225d99b7d0a427379

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5eb074cf21c0efb8ed8f57142f6739c0ae5dcb156070d6be5536157fb6af26a8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 search.json Show response
beaglesecurity.com/blog/ 474 KB
93 KB 244ms
244ms XHR
application/json 143.204.215.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://beaglesecurity.com/blog/search.json

Requested by

Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/js/search.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-24.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

bd66b43441439db9cf98e69ada25135bbc95957e2212606563ff19671f7201c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:34:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: IAD55-P4, FRA53-C1
x-amz-server-side-encryption: AES256
via: 1.1 305fa1d7f9df4e42edba1bba6d0ebb56.cloudfront.net (CloudFront), 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 14:37:53 GMT
server: AmazonS3
etag: W/"107427507a15f098a3c618ec5952f69f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: RjcQ0KhfJtJpBmKS6dH3uCHfrrHBoXxzYpEhRYMoEYBU_xxIKJP98g==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 126ms
37ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 29 Sep 2022 11:15:57 GMT
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 1093
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Thu, 29 Sep 2022 13:15:57 GMT

GET
H2 200 continually-embed.latest.min.js Show response
cdn-app.continual.ly/js/embed/ 49 KB
14 KB 204ms
68ms Script
application/javascript 108.138.7.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-app.continual.ly/js/embed/continually-embed.latest.min.js

Requested by

Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/js/main78872AAA8C66619B881B9BD7B4C0B137D53530Ecdh.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.32 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-32.fra56.r.cloudfront.net

Software

Apache/2.4.48 () OpenSSL/1.0.2k-fips /

Resource Hash

5e06c92f55fb919fe0e7bc0534bbb9767f6749931cd2408d9ef70bca48568018

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:34:10 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: master-only
via: 1.1 c3fc8d1fb362a6655af993732c376dc4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 23 Sep 2022 06:49:08 GMT
server: Apache/2.4.48 () OpenSSL/1.0.2k-fips
etag: W/"c251-5e95293188100"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-amz-cf-id: P_ckxg27TH7LF_FvMps7rkk7owgqFUVoZ7nYqOAmEp8g6obx4ARp3g==
expires: 0

GET
DATA 200
OK truncated
/ 268 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c7e2cc9733c3cd5fca8357153c43a9f30125a6b069e076119ebbadf943ae7309

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 267 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 58bbec531c427ddbbd85db9e8ff63dbfe9b2d23adb2fd6e14ae8d02b16c77abc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H/1.1 200 blogview Show response
api.beaglesecurity.com/v1/ 15 B
872 B 129ms
129ms XHR
application/json 52.147.219.53
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.beaglesecurity.com/v1/blogview

Requested by

Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/js/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.147.219.53 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

405e8e6ccceccccebd108c75a72c49f50d185df97c4c51de1dff107c6058e984

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beaglesecurity.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 29 Sep 2022 11:34:10 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, DELETE
Content-Type: application/json
Access-Control-Allow-Origin: https://beaglesecurity.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
X-Frame-Options: DENY
Access-Control-Allow-Headers: Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, X-Auth-Token, Authorization, Response-Type, Accept
vary: accept-encoding
Expires: 0

OPTIONS
H/1.1 200 blogview
api.beaglesecurity.com/v1/ Frame 0
0 496ms
124ms Preflight 52.147.219.53
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.beaglesecurity.com/v1/blogview

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.147.219.53 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://beaglesecurity.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, X-Auth-Token, Authorization, Response-Type, Accept
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, DELETE
Access-Control-Allow-Origin: https://beaglesecurity.com
Access-Control-Max-Age: 3600
Allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Thu, 29 Sep 2022 11:34:10 GMT
Expires: 0
Pragma: no-cache
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK user Show response
app.convertbox.com/embed/ 0
367 B 543ms
142ms XHR
text/html 34.231.184.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.convertbox.com/embed/user?uuid=4e1bf165-3c24-4713-aaa1-9129799a63d0

Requested by

Host: cdn.convertbox.com
URL: https://cdn.convertbox.com/convertbox/js/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.231.184.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-231-184-123.compute-1.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 11:34:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.20.0
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, private
Connection: keep-alive
Content-Length: 20
X-XSS-Protection: 1; mode=block

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
211 B 50ms
49ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=636331452&t=pageview&_s=1&dl=https%3A%2F%2Fbeaglesecurity.com%2Fblog%2Farticle%2Fhardening-server-security-by-implementing-security-headers.html&ul=en-us&de=UTF-8&dt=Hardening%20Server%20Security%20By%20Implementing%20Security%20Headers&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1631421026&gjid=494642355&cid=81737157.1664451250&tid=UA-88448692-2&_gid=2132643094.1664451250&_r=1&_slc=1&z=1041746705

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://beaglesecurity.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 11:34:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://beaglesecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 141ms
47ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-88448692-2&cid=81737157.1664451250&jid=1631421026&gjid=494642355&_gid=2132643094.1664451250&_u=IEBAAEAAAAAAAC~&z=1083484793

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://beaglesecurity.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 29 Sep 2022 11:34:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://beaglesecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 211ms
88ms Image
image/gif 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-88448692-2&cid=81737157.1664451250&jid=1631421026&_u=IEBAAEAAAAAAAC~&z=214404514

Requested by

Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 11:34:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 152ms
69ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-88448692-2&cid=81737157.1664451250&jid=1631421026&_u=IEBAAEAAAAAAAC~&z=214404514

Requested by

Host: beaglesecurity.com
URL: https://beaglesecurity.com/blog/article/hardening-server-security-by-implementing-security-headers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 11:34:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK mix-manifest.json Show response
app.convertbox.com/ 4 KB
1 KB 124ms
123ms XHR
application/json 34.231.184.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.convertbox.com/mix-manifest.json?1664451251
Requested by: Host: cdn.convertbox.com
URL: https://cdn.convertbox.com/convertbox/js/embed.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.231.184.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-231-184-123.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 8eb3aaedf0825f47e933af0b4fc66a0a6a2945e68842e55935af733a9a607f97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 11:34:10 GMT
Content-Encoding: gzip
Last-Modified: Sun, 17 Jul 2022 22:20:21 GMT
Server: nginx/1.20.0
ETag: W/"62d48b25-f99"
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 1013

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 101 B
417 B 150ms
58ms Script
text/javascript 2a04:4e42:600::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://polyfill.io/v3/polyfill.min.js?flags=gated%7Calways&rum=true&features=Array.prototype.entries%2CArray.prototype.forEach%2CArray.prototype.includes%2CNodeList.prototype.forEach%2CObject.values%2CPromise%2CString.prototype.includes%2CSymbol%2CSymbol.iterator%2CObject.assign%2CArray.from%2CArray.isArray%2CArray.of%2CArray.prototype.findIndex%2CArray.prototype.indexOf%2CArray.prototype.keys%2CArray.prototype.values%2CString.prototype.%40%40iterator%2CArray.prototype.%40%40iterator%2CArray.prototype.find%2CArray.prototype.filter%2CObject.defineProperty%2CObject.defineProperties%2CObject.entries%2CObject.keys
Requested by: Host: cdn.convertbox.com
URL: https://cdn.convertbox.com/convertbox/js/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:34:10 GMT
content-encoding: br
last-modified: Wed, 28 Sep 2022 20:23:49 GMT
age: 0
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser: chrome/106.0.0
server-timing: cache-hhn4075, PASS, fastly;desc="Edge time";dur=18
accept-ranges: bytes
content-length: 94

GET
H2 200 embed-core.js Show response
cdn.convertbox.com//convertbox/js/ 519 KB
138 KB 45ms
45ms Script
application/javascript 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.convertbox.com//convertbox/js/embed-core.js?id=d52f4c09a24bf2889838
Requested by: Host: cdn.convertbox.com
URL: https://cdn.convertbox.com/convertbox/js/embed.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT-731 /
Resource Hash: 1ac45add80ea63b7d6b0ce78678a28ae818218e25c7d7eb0631de430c81a6bbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:34:11 GMT
content-encoding: br
cdn-edgestorageid: 731
cdn-cachedat: 05/19/2022 21:22:49
cdn-pullzone: 53020
last-modified: Thu, 19 May 2022 21:17:10 GMT
server: BunnyCDN-AT-731
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"6286b3d6-81cb8"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 0efa3f5e-1cdb-4f24-96b0-16bfe6c0cf31
cache-control: public, max-age=31919000
cdn-requestid: e6cae7b23483faefb7732a22d942bb38
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 bars-preview.css
cdn.convertbox.com//static/css/ 114 KB
15 KB 44ms
44ms Stylesheet
text/css 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.convertbox.com//static/css/bars-preview.css?id=ab2ba8b6c88b5623a24f
Requested by: Host: cdn.convertbox.com
URL: https://cdn.convertbox.com//convertbox/js/embed-core.js?id=d52f4c09a24bf2889838
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT-731 /
Resource Hash: 5c2ca5a5a428797a83e8904f08003886fdc6ab8fefe50a85095fa81bdc2aadbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:34:11 GMT
content-encoding: br
cdn-edgestorageid: 731
cdn-cachedat: 05/19/2022 21:22:30
cdn-pullzone: 53020
last-modified: Thu, 19 May 2022 21:17:10 GMT
server: BunnyCDN-AT-731
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"6286b3d6-1c699"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 0efa3f5e-1cdb-4f24-96b0-16bfe6c0cf31
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 6e24fc4bf2141a2da10e27a9ec0192d6
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

POST
H/1.1 200
OK box Show response
app.convertbox.com/embed/ 109 B
456 B 156ms
155ms XHR
application/json 34.231.184.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.convertbox.com/embed/box

Requested by

Host: cdn.convertbox.com
URL: https://cdn.convertbox.com//convertbox/js/embed-core.js?id=d52f4c09a24bf2889838

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.231.184.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-231-184-123.compute-1.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

4330e8c2380afbf9f65a09db26106197e1df9ca55a24c1c9e00caa7c94e72d40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://beaglesecurity.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryBWqYRUSBov0APFGm

Response headers

Date: Thu, 29 Sep 2022 11:34:11 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.20.0
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, private
Connection: keep-alive
Content-Length: 116
X-XSS-Protection: 1; mode=block

GET
H3 200 css
fonts.googleapis.com/ 18 KB
2 KB 126ms
47ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.convertbox.com
URL: https://cdn.convertbox.com//static/css/bars-preview.css?id=ab2ba8b6c88b5623a24f

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

234d75586acc92594509e97110b4944668cbac1feae3b66e000076bad9123656

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.convertbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 29 Sep 2022 11:34:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 29 Sep 2022 11:33:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Sep 2022 11:34:11 GMT

GET
H3 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v25/ 12 KB
12 KB 155ms
51ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://beaglesecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 09:44:34 GMT
x-content-type-options: nosniff
age: 6577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12708
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Sep 2023 09:44:34 GMT

GET
H2 200 continually-embed.latest.min.css
cdn-app.continual.ly/css/embed/ 64 KB
9 KB 41ms
40ms Stylesheet
text/css 108.138.7.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-app.continual.ly/css/embed/continually-embed.latest.min.css

Requested by

Host: cdn-app.continual.ly
URL: https://cdn-app.continual.ly/js/embed/continually-embed.latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.32 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-32.fra56.r.cloudfront.net

Software

Apache/2.4.48 () OpenSSL/1.0.2k-fips /

Resource Hash

afbeefd10baecd35822d7166b6c068d2e06cf0910e44b61024bdb3e7a66b7a7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 29 Sep 2022 06:06:19 GMT
via: 1.1 c3fc8d1fb362a6655af993732c376dc4.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P6
age: 19674
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 23 Sep 2022 06:48:27 GMT
server: Apache/2.4.48 () OpenSSL/1.0.2k-fips
etag: W/"1019c-5e95290a6e4c0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-amz-cf-id: 6NO4mSfM_6EvB8k6oeLniZVeiJQk5gJDgiaqsaLmFxLYBy9tG_6l_A==

GET
H2 200 custom.css
app.continual.ly/css/jp3r7v4kgyen/ 0
4 KB 393ms
272ms Stylesheet
text/css 63.33.126.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.continual.ly/css/jp3r7v4kgyen/custom.css?1

Requested by

Host: cdn-app.continual.ly
URL: https://cdn-app.continual.ly/js/embed/continually-embed.latest.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.33.126.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-33-126-66.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.48 () OpenSSL/1.0.2k-fips /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:34:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains
server: Apache/2.4.48 () OpenSSL/1.0.2k-fips
x-permitted-cross-domain-policies: master-only
referrer-policy: no-referrer-when-downgrade
content-security-policy-report-only: default-src 'self' https://backend.helpshelf.co/stats/event/log/ https://wss-pr.continual.ly:6001 https://wss-pr.continual.ly:6001 https://wss-pr.continual.ly wss://wss-pr.continual.ly:6001 wss://wss-pr.continual.ly wss://wss.conversation.continual.ly:6001 wss://wss.conversation.continual.ly https://wss.conversation.continual.ly:6001 https://wss.conversation.continual.ly wss://hornets.swarmcdn.com https://d3hb14vkzrxvla.cloudfront.net https://api.getdrip.com/ https://tag.getdrip.com/ https://api.segment.io/ https://cdn.segment.com/ https://www.youtube.com https://*.vimeo.com https://*.vimeocdn.com https://*.wistia.net https://app.continual.ly/ https://app.staging.continual.ly/ https://cdn-app.staging.continual.ly/ https://cdn-app.continual.ly/ https://continually.supporthero.io https://d29l98y0pmei9d.cloudfront.net https://fonts.gstatic.com/ hotjar.com wss://*.hotjar.com/ https://script.hotjar.com/ https://hotjar.com/ https://*.hotjar.com/ https://notify.bugsnag.com/ https://cdn.amplitude.com/ https://s3-eu-west-1.amazonaws.com/assets-production-continually/ https://s3-eu-west-1.amazonaws.com/assets-continually/ https://api.amplitude.com/ https://fullstory.com/ https://*.fullstory.com/ https://www.google-analytics.com/ https://*.facebook.com/ https://*.facebook.net/ https://sentry.io/ https://checkout.stripe.com/ https://*.smartlook.com https://*.smartlook.cloud https://gateway.onboardflow.com/ https://*.swarmcdn.com/;child-src blob:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net/ https://media.onboardflow.com/ https://*.smartlook.com https://*.smartlook.cloud https://beacon-v2.helpscout.net https://script.tapfiliate.com https://s3.amazonaws.com/helpshelf-production/ https://cdn.headwayapp.co https://optimize.google.com https://assets.swarmcdn.com https://wss-pr.continual.ly:6001 https://wss-pr.continual.ly wss://wss-pr.continual.ly:6001 wss://wss-pr.continual.ly wss://wss.conversation.continual.ly:6001 wss://wss.conversation.continual.ly https://wss.conversation.continual.ly:6001 https://wss.conversation.continual.ly wss://hornets.swarmcdn.com https://api.getdrip.com/ https://tag.getdrip.com/ https://api.segment.io/ https://cdn.segment.com/ https://app.continual.ly/ https://app.staging.continual.ly/ https://cdn-app.staging.continual.ly/ https://cdn-app.continual.ly/ https://continually.supporthero.io https://d29l98y0pmei9d.cloudfront.net https://d14jnfavjicsbe.cloudfront.net wss://*.hotjar.com/ https://script.hotjar.com/ https://hotjar.com/ https://*.hotjar.com/ https://cdn.amplitude.com/ https://www.google-analytics.com/ https://*.facebook.net/ https://fullstory.com/ https://*.fullstory.com/ https://d24n15hnbwhuhn.cloudfront.net https://cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/ https://cdn.ravenjs.com/3.17.0/raven.min.js https://sentry.io/api/embed/error-page/ https://browser.sentry-cdn.com/5.1.1/ https://js.stripe.com/ https://checkout.stripe.com/ https://cdn.nolt.io/ https://*.swarmcdn.com/ https://www.googletagmanager.com/ https://www.clickcease.com/;font-src 'self' data: https://fonts.gstatic.com https://pro.fontawesome.com/ https://cdn-app.staging.continual.ly/ https://cdn-app.continual.ly/ https://use.fontawesome.com/ https://assets.swarmcdn.com/;img-src * 'self' data: https://*.cloudinary.com https://optimize.google.com https://www.google-analytics.com https://*.facebook.net/ https://cdn-app.staging.continual.ly/ https://images.unsplash.com https://cdn-app.continual.ly/ https://continual.ly/ https://media.giphy.com https://d29l98y0pmei9d.cloudfront.net https://cdn-assets.continual.ly https://s3-eu-west-1.amazonaws.com/assets-production-continually/ https://s3-eu-west-1.amazonaws.com/assets-continually/ https://www.google-analytics.com/ https://secure.gravatar.com https://pbs.twimg.com/;style-src 'self' 'unsafe-inline' https://pro.fontawesome.com/ https://app.continual.ly/ https://app.staging.continual.ly/ https://cdn-app.staging.continual.ly/ https://cdn-app.continual.ly/ https://use.fontawesome.com/ https://fonts.gstatic.com/ https://optimize.google.com https://fonts.googleapis.com/ https://checkout.stripe.com/ https://assets.swarmcdn.com/;frame-src tel: https://s3.amazonaws.com/helpshelf-production/ https://continually.supporthero.io https://app.staging.continual.ly https://app.continual.ly https://headway-widget.net https://optimize.google.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://js.stripe.com/ https://checkout.stripe.com/ https://feedback.continual.ly/;object-src https://cdn-app.staging.continual.ly/ https://cdn-app.continual.ly/;media-src * https://cdn-app.staging.continual.ly/ https://cdn-app.continual.ly/;report-uri https://continually.report-uri.io/r/default/csp/enforce;
x-frame-options: sameorigin
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: must-revalidate, no-cache, private
vary: Accept-Encoding,X-Forwarded-Proto
x-xss-protection: 1; mode=block
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 empty-state Show response
app.continual.ly/chat/ Frame EC58 2 KB
5 KB 255ms
155ms Document
text/html 63.33.126.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.continual.ly/chat/empty-state

Requested by

Host: cdn-app.continual.ly
URL: https://cdn-app.continual.ly/js/embed/continually-embed.latest.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.33.126.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-33-126-66.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.48 () OpenSSL/1.0.2k-fips /

Resource Hash

ef05728fd8be4b2109df415bd25257e6ca71338e6c6ef3bb83558ea2321ad4d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://beaglesecurity.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, private
content-encoding: gzip
content-security-policy-report-only: default-src 'self' https://backend.helpshelf.co/stats/event/log/ https://wss-pr.continual.ly:6001 https://wss-pr.continual.ly:6001 https://wss-pr.continual.ly wss://wss-pr.continual.ly:6001 wss://wss-pr.continual.ly wss://wss.conversation.continual.ly:6001 wss://wss.conversation.continual.ly https://wss.conversation.continual.ly:6001 https://wss.conversation.continual.ly wss://hornets.swarmcdn.com https://d3hb14vkzrxvla.cloudfront.net https://api.getdrip.com/ https://tag.getdrip.com/ https://api.segment.io/ https://cdn.segment.com/ https://www.youtube.com https://*.vimeo.com https://*.vimeocdn.com https://*.wistia.net https://app.continual.ly/ https://app.staging.continual.ly/ https://cdn-app.staging.continual.ly/ https://cdn-app.continual.ly/ https://continually.supporthero.io https://d29l98y0pmei9d.cloudfront.net https://fonts.gstatic.com/ hotjar.com wss://*.hotjar.com/ https://script.hotjar.com/ https://hotjar.com/ https://*.hotjar.com/ https://notify.bugsnag.com/ https://cdn.amplitude.com/ https://s3-eu-west-1.amazonaws.com/assets-production-continually/ https://s3-eu-west-1.amazonaws.com/assets-continually/ https://api.amplitude.com/ https://fullstory.com/ https://*.fullstory.com/ https://www.google-analytics.com/ https://*.facebook.com/ https://*.facebook.net/ https://sentry.io/ https://checkout.stripe.com/ https://*.smartlook.com https://*.smartlook.cloud https://gateway.onboardflow.com/ https://*.swarmcdn.com/;child-src blob:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net/ https://media.onboardflow.com/ https://*.smartlook.com https://*.smartlook.cloud https://beacon-v2.helpscout.net https://script.tapfiliate.com https://s3.amazonaws.com/helpshelf-production/ https://cdn.headwayapp.co https://optimize.google.com https://assets.swarmcdn.com https://wss-pr.continual.ly:6001 https://wss-pr.continual.ly wss://wss-pr.continual.ly:6001 wss://wss-pr.continual.ly wss://wss.conversation.continual.ly:6001 wss://wss.conversation.continual.ly https://wss.conversation.continual.ly:6001 https://wss.conversation.continual.ly wss://hornets.swarmcdn.com https://api.getdrip.com/ https://tag.getdrip.com/ https://api.segment.io/ https://cdn.segment.com/ https://app.continual.ly/ https://app.staging.continual.ly/ https://cdn-app.staging.continual.ly/ https://cdn-app.continual.ly/ https://continually.supporthero.io https://d29l98y0pmei9d.cloudfront.net https://d14jnfavjicsbe.cloudfront.net wss://*.hotjar.com/ https://script.hotjar.com/ https://hotjar.com/ https://*.hotjar.com/ https://cdn.amplitude.com/ https://www.google-analytics.com/ https://*.facebook.net/ https://fullstory.com/ https://*.fullstory.com/ https://d24n15hnbwhuhn.cloudfront.net https://cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/ https://cdn.ravenjs.com/3.17.0/raven.min.js https://sentry.io/api/embed/error-page/ https://browser.sentry-cdn.com/5.1.1/ https://js.stripe.com/ https://checkout.stripe.com/ https://cdn.nolt.io/ https://*.swarmcdn.com/ https://www.googletagmanager.com/ https://www.clickcease.com/;font-src 'self' data: https://fonts.gstatic.com https://pro.fontawesome.com/ https://cdn-app.staging.continual.ly/ https://cdn-app.continual.ly/ https://use.fontawesome.com/ https://assets.swarmcdn.com/;img-src * 'self' data: https://*.cloudinary.com https://optimize.google.com https://www.google-analytics.com https://*.facebook.net/ https://cdn-app.staging.continual.ly/ https://images.unsplash.com https://cdn-app.continual.ly/ https://continual.ly/ https://media.giphy.com https://d29l98y0pmei9d.cloudfront.net https://cdn-assets.continual.ly https://s3-eu-west-1.amazonaws.com/assets-production-continually/ https://s3-eu-west-1.amazonaws.com/assets-continually/ https://www.google-analytics.com/ https://secure.gravatar.com https://pbs.twimg.com/;style-src 'self' 'unsafe-inline' https://pro.fontawesome.com/ https://app.continual.ly/ https://app.staging.continual.ly/ https://cdn-app.staging.continual.ly/ https://cdn-app.continual.ly/ https://use.fontawesome.com/ https://fonts.gstatic.com/ https://optimize.google.com https://fonts.googleapis.com/ https://checkout.stripe.com/ https://assets.swarmcdn.com/;frame-src tel: https://s3.amazonaws.com/helpshelf-production/ https://continually.supporthero.io https://app.staging.continual.ly https://app.continual.ly https://headway-widget.net https://optimize.google.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://js.stripe.com/ https://checkout.stripe.com/ https://feedback.continual.ly/;object-src https://cdn-app.staging.continual.ly/ https://cdn-app.continual.ly/;media-src * https://cdn-app.staging.continual.ly/ https://cdn-app.continual.ly/;report-uri https://continually.report-uri.io/r/default/csp/enforce;
content-type: text/html; charset=UTF-8
date: Thu, 29 Sep 2022 11:34:14 GMT
referrer-policy: no-referrer-when-downgrade
server: Apache/2.4.48 () OpenSSL/1.0.2k-fips
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding,X-Forwarded-Proto
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block

POST
H2 200 jp3r7v4kgyen Show response
app.continual.ly/team-settings/ 821 B
5 KB 174ms
173ms XHR
application/json 63.33.126.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.continual.ly/team-settings/jp3r7v4kgyen

Requested by

Host: cdn-app.continual.ly
URL: https://cdn-app.continual.ly/js/embed/continually-embed.latest.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.33.126.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-33-126-66.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.48 () OpenSSL/1.0.2k-fips /

Resource Hash

296e80bcf20cf4501802ea2186926e7b5217aa82e6a135a8812667dee997c616

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://beaglesecurity.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-type: application/json

Response headers

date: Thu, 29 Sep 2022 11:34:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains
server: Apache/2.4.48 () OpenSSL/1.0.2k-fips
x-permitted-cross-domain-policies: master-only
referrer-policy: no-referrer-when-downgrade
content-security-policy-report-only: default-src 'self' https://backend.helpshelf.co/stats/event/log/ https://wss-pr.continual.ly:6001 https://wss-pr.continual.ly:6001 https://wss-pr.continual.ly wss://wss-pr.continual.ly:6001 wss://wss-pr.continual.ly wss://wss.conversation.continual.ly:6001 wss://wss.conversation.continual.ly https://wss.conversation.continual.ly:6001 https://wss.conversation.continual.ly wss://hornets.swarmcdn.com https://d3hb14vkzrxvla.cloudfront.net https://api.getdrip.com/ https://tag.getdrip.com/ https://api.segment.io/ https://cdn.segment.com/ https://www.youtube.com https://*.vimeo.com https://*.vimeocdn.com https://*.wistia.net https://app.continual.ly/ https://app.staging.continual.ly/ https://cdn-app.staging.continual.ly/ https://cdn-app.continual.ly/ https://continually.supporthero.io https://d29l98y0pmei9d.cloudfront.net https://fonts.gstatic.com/ hotjar.com wss://*.hotjar.com/ https://script.hotjar.com/ https://hotjar.com/ https://*.hotjar.com/ https://notify.bugsnag.com/ https://cdn.amplitude.com/ https://s3-eu-west-1.amazonaws.com/assets-production-continually/ https://s3-eu-west-1.amazonaws.com/assets-continually/ https://api.amplitude.com/ https://fullstory.com/ https://*.fullstory.com/ https://www.google-analytics.com/ https://*.facebook.com/ https://*.facebook.net/ https://sentry.io/ https://checkout.stripe.com/ https://*.smartlook.com https://*.smartlook.cloud https://gateway.onboardflow.com/ https://*.swarmcdn.com/;child-src blob:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net/ https://media.onboardflow.com/ https://*.smartlook.com https://*.smartlook.cloud https://beacon-v2.helpscout.net https://script.tapfiliate.com https://s3.amazonaws.com/helpshelf-production/ https://cdn.headwayapp.co https://optimize.google.com https://assets.swarmcdn.com https://wss-pr.continual.ly:6001 https://wss-pr.continual.ly wss://wss-pr.continual.ly:6001 wss://wss-pr.continual.ly wss://wss.conversation.continual.ly:6001 wss://wss.conversation.continual.ly https://wss.conversation.continual.ly:6001 https://wss.conversation.continual.ly wss://hornets.swarmcdn.com https://api.getdrip.com/ https://tag.getdrip.com/ https://api.segment.io/ https://cdn.segment.com/ https://app.continual.ly/ https://app.staging.continual.ly/ https://cdn-app.staging.continual.ly/ https://cdn-app.continual.ly/ https://continually.supporthero.io https://d29l98y0pmei9d.cloudfront.net https://d14jnfavjicsbe.cloudfront.net wss://*.hotjar.com/ https://script.hotjar.com/ https://hotjar.com/ https://*.hotjar.com/ https://cdn.amplitude.com/ https://www.google-analytics.com/ https://*.facebook.net/ https://fullstory.com/ https://*.fullstory.com/ https://d24n15hnbwhuhn.cloudfront.net https://cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/ https://cdn.ravenjs.com/3.17.0/raven.min.js https://sentry.io/api/embed/error-page/ https://browser.sentry-cdn.com/5.1.1/ https://js.stripe.com/ https://checkout.stripe.com/ https://cdn.nolt.io/ https://*.swarmcdn.com/ https://www.googletagmanager.com/ https://www.clickcease.com/;font-src 'self' data: https://fonts.gstatic.com https://pro.fontawesome.com/ https://cdn-app.staging.continual.ly/ https://cdn-app.continual.ly/ https://use.fontawesome.com/ https://assets.swarmcdn.com/;img-src * 'self' data: https://*.cloudinary.com https://optimize.google.com https://www.google-analytics.com https://*.facebook.net/ https://cdn-app.staging.continual.ly/ https://images.unsplash.com https://cdn-app.continual.ly/ https://continual.ly/ https://media.giphy.com https://d29l98y0pmei9d.cloudfront.net https://cdn-assets.continual.ly https://s3-eu-west-1.amazonaws.com/assets-production-continually/ https://s3-eu-west-1.amazonaws.com/assets-continually/ https://www.google-analytics.com/ https://secure.gravatar.com https://pbs.twimg.com/;style-src 'self' 'unsafe-inline' https://pro.fontawesome.com/ https://app.continual.ly/ https://app.staging.continual.ly/ https://cdn-app.staging.continual.ly/ https://cdn-app.continual.ly/ https://use.fontawesome.com/ https://fonts.gstatic.com/ https://optimize.google.com https://fonts.googleapis.com/ https://checkout.stripe.com/ https://assets.swarmcdn.com/;frame-src tel: https://s3.amazonaws.com/helpshelf-production/ https://continually.supporthero.io https://app.staging.continual.ly https://app.continual.ly https://headway-widget.net https://optimize.google.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://js.stripe.com/ https://checkout.stripe.com/ https://feedback.continual.ly/;object-src https://cdn-app.staging.continual.ly/ https://cdn-app.continual.ly/;media-src * https://cdn-app.staging.continual.ly/ https://cdn-app.continual.ly/;report-uri https://continually.report-uri.io/r/default/csp/enforce;
x-frame-options: sameorigin
content-type: application/json
access-control-allow-origin: *
cache-control: must-revalidate, no-cache, private
vary: Accept-Encoding,X-Forwarded-Proto
x-xss-protection: 1; mode=block
expires: Sat, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 200 jp3r7v4kgyen
app.continual.ly/team-settings/ Frame 0
0 207ms
99ms Preflight
text/css 63.33.126.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.continual.ly/team-settings/jp3r7v4kgyen

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.33.126.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-33-126-66.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.48 () OpenSSL/1.0.2k-fips /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://beaglesecurity.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, X-Socket-Id, X-CSRF-TOKEN
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/css;charset=UTF-8
date: Thu, 29 Sep 2022 11:34:14 GMT
referrer-policy: no-referrer-when-downgrade
server: Apache/2.4.48 () OpenSSL/1.0.2k-fips
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding,X-Forwarded-Proto
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block

GET
H2 200 conversation.min.css
cdn-app.continual.ly/css/ Frame EC58 342 KB
59 KB 45ms
45ms Stylesheet
text/css 108.138.7.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-app.continual.ly/css/conversation.min.css?bust=9d08a34ccde2f673fe0c4ceb7177f09c

Requested by

Host: app.continual.ly
URL: https://app.continual.ly/chat/empty-state

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.32 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-32.fra56.r.cloudfront.net

Software

Apache/2.4.48 () OpenSSL/1.0.2k-fips /

Resource Hash

1f039f6aac690a01998e11759ab1f15ffbfd7da90f66248b7c6743f870ddbff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.continual.ly/chat/empty-state
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 29 Sep 2022 05:15:18 GMT
via: 1.1 c3fc8d1fb362a6655af993732c376dc4.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P6
age: 22740
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 23 Sep 2022 06:48:27 GMT
server: Apache/2.4.48 () OpenSSL/1.0.2k-fips
etag: W/"55666-5e95290a6e4c0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-amz-cf-id: XmfBFsyazHvGCzYQysHQpjxIBeF-PZQoW2kKro0ltv02pNdu2JkkdQ==

GET
H3 200 css
fonts.googleapis.com/ Frame EC58 17 KB
987 B 48ms
47ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i&display=swap&subset=cyrillic,greek

Requested by

Host: cdn-app.continual.ly
URL: https://cdn-app.continual.ly/css/conversation.min.css?bust=9d08a34ccde2f673fe0c4ceb7177f09c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b253ef3fe01bdd1dbcf682caf6954cbf64877cf67955b085f18fd896809d7e83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn-app.continual.ly/css/conversation.min.css?bust=9d08a34ccde2f673fe0c4ceb7177f09c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 29 Sep 2022 11:34:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 29 Sep 2022 11:28:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Sep 2022 11:34:14 GMT

OPTIONS
H2 200 jp3r7v4kgyen
app.continual.ly/conversation/ Frame 0
0 84ms
84ms Preflight
text/css 63.33.126.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.continual.ly/conversation/jp3r7v4kgyen

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.33.126.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-33-126-66.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.48 () OpenSSL/1.0.2k-fips /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://beaglesecurity.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, X-Socket-Id, X-CSRF-TOKEN
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/css;charset=UTF-8
date: Thu, 29 Sep 2022 11:34:14 GMT
referrer-policy: no-referrer-when-downgrade
server: Apache/2.4.48 () OpenSSL/1.0.2k-fips
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding,X-Forwarded-Proto
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block

POST
H2 200 jp3r7v4kgyen Show response
app.continual.ly/conversation/ 7 KB
6 KB 130ms
130ms XHR
application/json 63.33.126.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.continual.ly/conversation/jp3r7v4kgyen

Requested by

Host: cdn-app.continual.ly
URL: https://cdn-app.continual.ly/js/embed/continually-embed.latest.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.33.126.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-33-126-66.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.48 () OpenSSL/1.0.2k-fips /

Resource Hash

a43bf2e028a041afa71ed76d585fbb7dbda16eb9fca2fcf9846c57d910ad4074

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://beaglesecurity.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-type: application/json

Response headers

date: Thu, 29 Sep 2022 11:34:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains
server: Apache/2.4.48 () OpenSSL/1.0.2k-fips
x-permitted-cross-domain-policies: master-only
referrer-policy: no-referrer-when-downgrade
content-security-policy-report-only: default-src 'self' https://backend.helpshelf.co/stats/event/log/ https://wss-pr.continual.ly:6001 https://wss-pr.continual.ly:6001 https://wss-pr.continual.ly wss://wss-pr.continual.ly:6001 wss://wss-pr.continual.ly wss://wss.conversation.continual.ly:6001 wss://wss.conversation.continual.ly https://wss.conversation.continual.ly:6001 https://wss.conversation.continual.ly wss://hornets.swarmcdn.com https://d3hb14vkzrxvla.cloudfront.net https://api.getdrip.com/ https://tag.getdrip.com/ https://api.segment.io/ https://cdn.segment.com/ https://www.youtube.com https://*.vimeo.com https://*.vimeocdn.com https://*.wistia.net https://app.continual.ly/ https://app.staging.continual.ly/ https://cdn-app.staging.continual.ly/ https://cdn-app.continual.ly/ https://continually.supporthero.io https://d29l98y0pmei9d.cloudfront.net https://fonts.gstatic.com/ hotjar.com wss://*.hotjar.com/ https://script.hotjar.com/ https://hotjar.com/ https://*.hotjar.com/ https://notify.bugsnag.com/ https://cdn.amplitude.com/ https://s3-eu-west-1.amazonaws.com/assets-production-continually/ https://s3-eu-west-1.amazonaws.com/assets-continually/ https://api.amplitude.com/ https://fullstory.com/ https://*.fullstory.com/ https://www.google-analytics.com/ https://*.facebook.com/ https://*.facebook.net/ https://sentry.io/ https://checkout.stripe.com/ https://*.smartlook.com https://*.smartlook.cloud https://gateway.onboardflow.com/ https://*.swarmcdn.com/;child-src blob:;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net/ https://media.onboardflow.com/ https://*.smartlook.com https://*.smartlook.cloud https://beacon-v2.helpscout.net https://script.tapfiliate.com https://s3.amazonaws.com/helpshelf-production/ https://cdn.headwayapp.co https://optimize.google.com https://assets.swarmcdn.com https://wss-pr.continual.ly:6001 https://wss-pr.continual.ly wss://wss-pr.continual.ly:6001 wss://wss-pr.continual.ly wss://wss.conversation.continual.ly:6001 wss://wss.conversation.continual.ly https://wss.conversation.continual.ly:6001 https://wss.conversation.continual.ly wss://hornets.swarmcdn.com https://api.getdrip.com/ https://tag.getdrip.com/ https://api.segment.io/ https://cdn.segment.com/ https://app.continual.ly/ https://app.staging.continual.ly/ https://cdn-app.staging.continual.ly/ https://cdn-app.continual.ly/ https://continually.supporthero.io https://d29l98y0pmei9d.cloudfront.net https://d14jnfavjicsbe.cloudfront.net wss://*.hotjar.com/ https://script.hotjar.com/ https://hotjar.com/ https://*.hotjar.com/ https://cdn.amplitude.com/ https://www.google-analytics.com/ https://*.facebook.net/ https://fullstory.com/ https://*.fullstory.com/ https://d24n15hnbwhuhn.cloudfront.net https://cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/ https://cdn.ravenjs.com/3.17.0/raven.min.js https://sentry.io/api/embed/error-page/ https://browser.sentry-cdn.com/5.1.1/ https://js.stripe.com/ https://checkout.stripe.com/ https://cdn.nolt.io/ https://*.swarmcdn.com/ https://www.googletagmanager.com/ https://www.clickcease.com/;font-src 'self' data: https://fonts.gstatic.com https://pro.fontawesome.com/ https://cdn-app.staging.continual.ly/ https://cdn-app.continual.ly/ https://use.fontawesome.com/ https://assets.swarmcdn.com/;img-src * 'self' data: https://*.cloudinary.com https://optimize.google.com https://www.google-analytics.com https://*.facebook.net/ https://cdn-app.staging.continual.ly/ https://images.unsplash.com https://cdn-app.continual.ly/ https://continual.ly/ https://media.giphy.com https://d29l98y0pmei9d.cloudfront.net https://cdn-assets.continual.ly https://s3-eu-west-1.amazonaws.com/assets-production-continually/ https://s3-eu-west-1.amazonaws.com/assets-continually/ https://www.google-analytics.com/ https://secure.gravatar.com https://pbs.twimg.com/;style-src 'self' 'unsafe-inline' https://pro.fontawesome.com/ https://app.continual.ly/ https://app.staging.continual.ly/ https://cdn-app.staging.continual.ly/ https://cdn-app.continual.ly/ https://use.fontawesome.com/ https://fonts.gstatic.com/ https://optimize.google.com https://fonts.googleapis.com/ https://checkout.stripe.com/ https://assets.swarmcdn.com/;frame-src tel: https://s3.amazonaws.com/helpshelf-production/ https://continually.supporthero.io https://app.staging.continual.ly https://app.continual.ly https://headway-widget.net https://optimize.google.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://js.stripe.com/ https://checkout.stripe.com/ https://feedback.continual.ly/;object-src https://cdn-app.staging.continual.ly/ https://cdn-app.continual.ly/;media-src * https://cdn-app.staging.continual.ly/ https://cdn-app.continual.ly/;report-uri https://continually.report-uri.io/r/default/csp/enforce;
x-frame-options: sameorigin
content-type: application/json
access-control-allow-origin: *
cache-control: must-revalidate, no-cache, private
vary: Accept-Encoding,X-Forwarded-Proto
x-xss-protection: 1; mode=block
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 / Show response
wss-pr.continual.ly/socket.io/ 101 B
246 B 215ms
57ms XHR
application/octet-stream 52.19.205.206

General

Check archive.org

Show headers Download Go to

Full URL: https://wss-pr.continual.ly:6001/socket.io/?EIO=3&transport=polling&t=1664451254526.4478
Requested by: Host: cdn-app.continual.ly
URL: https://cdn-app.continual.ly/js/embed/continually-embed.latest.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.205.206 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ecfa7e6f3722da11f19ef6b71063cd7c49c2a962ab5aae4d3de7b7d3dbca25f

Request headers

Accept: */*
Referer: https://beaglesecurity.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin: https://beaglesecurity.com
date: Thu, 29 Sep 2022 11:34:14 GMT
access-control-allow-credentials: true
content-length: 101
content-type: application/octet-stream

POST
H2 200 / Show response
wss-pr.continual.ly/socket.io/ 2 B
135 B 60ms
60ms XHR
text/html 52.19.205.206

General

Check archive.org

Show headers Download Go to

Full URL: https://wss-pr.continual.ly:6001/socket.io/?EIO=3&transport=polling&t=1664451254526.4478_1&sid=TlOK6XdumbscoVq7phYL
Requested by: Host: cdn-app.continual.ly
URL: https://cdn-app.continual.ly/js/embed/continually-embed.latest.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.205.206 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept: */*
Referer: https://beaglesecurity.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://beaglesecurity.com
date: Thu, 29 Sep 2022 11:34:14 GMT
access-control-allow-credentials: true
content-length: 2
content-type: text/html

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 46ms
44ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=636331452&t=event&ni=1&_s=1&dl=https%3A%2F%2Fbeaglesecurity.com%2Fblog%2Farticle%2Fhardening-server-security-by-implementing-security-headers.html&ul=en-us&de=UTF-8&dt=Hardening%20Server%20Security%20By%20Implementing%20Security%20Headers&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Continually%20Conversations&ea=Widget%20shown&_u=KEDAAEABAAAAAC~&jid=1996062480&gjid=668952273&cid=81737157.1664451250&tid=UA-88448692-2&_gid=2132643094.1664451250&_r=1&z=603163855

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://beaglesecurity.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 11:34:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://beaglesecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 151ms
48ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-88448692-2&cid=81737157.1664451250&jid=1996062480&gjid=668952273&_gid=2132643094.1664451250&_u=KEDAAEABAAAAAC~&z=1866024571

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://beaglesecurity.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 29 Sep 2022 11:34:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://beaglesecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 192ms
87ms Image
image/gif 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-88448692-2&cid=81737157.1664451250&jid=1996062480&_u=KEDAAEABAAAAAC~&z=727712455

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 11:34:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 140ms
62ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-88448692-2&cid=81737157.1664451250&jid=1996062480&_u=KEDAAEABAAAAAC~&z=727712455

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beaglesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 11:34:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.beaglesecurity.com/	1970-01-20 15:56:51	Name: _ga Value: GA1.2.81737157.1664451250
.beaglesecurity.com/	1970-01-20 06:22:17	Name: _gid Value: GA1.2.2132643094.1664451250
.beaglesecurity.com/	1970-01-20 06:20:51	Name: _gat Value: 1
beaglesecurity.com/	1970-01-20 15:06:27	Name: continually_user_id Value: qynmk4n236r4

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-N5TS2RJ Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.beaglesecurity.com
app.continual.ly
app.convertbox.com
beaglesecurity.com
cdn-app.continual.ly
cdn.convertbox.com
fonts.googleapis.com
fonts.gstatic.com
polyfill.io
shorturl.at
stats.g.doubleclick.net
wss-pr.continual.ly
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.shorturl.at
108.138.7.32
143.204.215.24
185.180.12.68
2606:4700:3037::ac43:ab5a
2a00:1450:4001:82a::2008
2a00:1450:4001:82a::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2003
2a00:1450:400c:c00::9c
2a00:1450:400d:80a::2003
2a00:1450:400d:80a::2004
2a04:4e42:600::282
34.231.184.123
52.147.219.53
52.19.205.206
63.33.126.66
088d9c7edf1ea0b2d67ce37367d6fbb4bf87e522e7d261b34ec65046b143f20b
0bff9649b7e276cab41e1e267e7bf6b1849aa6fde2b71e7344081ef9c4d968f7
14a7ef5f93962d7561c1db9ec825ef9d6476bc85af472f377b37d4be0cbce743
182630ed60280838626e137484eb102b382cf28bc277c43559c2bef3cdee0a30
18dd74cfc289078792ddb9493db0ccbfa063c16f22499fffcbc9393ddd1d4863
1ac45add80ea63b7d6b0ce78678a28ae818218e25c7d7eb0631de430c81a6bbe
1adc6c99c2738274f925498b26d34c984598136b899e7463a790751be7229161
1c12af96ae3f3c0573743a2b2d9ffbbac9a032276a918cf7c7e11a3a9dc3c839
1c4d9abe3e72ae85cd748d09ed9749400c10324925d2b8e765ac30e77e36393a
1f039f6aac690a01998e11759ab1f15ffbfd7da90f66248b7c6743f870ddbff1
203d7181e96e33ee296c2f0370a4e5ca32e5c381332ff9d351c17234f60badcb
234d75586acc92594509e97110b4944668cbac1feae3b66e000076bad9123656
244881532c7e2d2048834528429e1da97a8ba3c220381f323a30345c9d8e32ec
24686689348666a8e9fc1cf85e6c9a9e5f83581a1a6c2d43d61ca1f327b29e68
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
273173d6e40ca977e9f172d03076a04daff1aa112cb9a90a260e9bc5ac63c570
281e0f16da5ec9060bfcf7a9aa8f2e00873fbd2395443b7cb1e4ea761d32daf3
28ac49ba20cacebb0b3bd9ee4b4c49135c5f9d10767699fe7e45b2d9fc171073
296e80bcf20cf4501802ea2186926e7b5217aa82e6a135a8812667dee997c616
31432c8e4a5126667ca88e9368e508e01ac755965b8e95c3170d34f25fa57d0f
3b3effd4b57fbc967a987c5044047155125a2f4528d2a35fb3ee3e833a1dc166
3c18aa43e1ca4aa6c3e5316a608b0171614c95bb23ec88a4a42fa840fba18b57
3ecfa7e6f3722da11f19ef6b71063cd7c49c2a962ab5aae4d3de7b7d3dbca25f
3fec2275db250496ed7f2e038ad2649f6428dacc3583e15e6de58645d836af36
405e8e6ccceccccebd108c75a72c49f50d185df97c4c51de1dff107c6058e984
41105f956885b07a13a2f7de1eb08457a702b992c036a7df41d025d10881e41a
416fd907a4588e25b772e1b99c67bf0041344053fc72d9516934b5bc4dd58781
4330e8c2380afbf9f65a09db26106197e1df9ca55a24c1c9e00caa7c94e72d40
4522b33684953372d728aee9f778ca2c866812cceec6acf83fa3be1e01cd23f7
4b889cda6e8e57a8d442327357932726bdc739922a7483d2d6b696a5b37f43cb
52590177d051678730bad1b26908c004c6546dfc6876525f76c40a9453e4d220
58bbec531c427ddbbd85db9e8ff63dbfe9b2d23adb2fd6e14ae8d02b16c77abc
5993a42423c84d774021c2585531b3d8cb0c44287e994f7225d99b7d0a427379
5c2ca5a5a428797a83e8904f08003886fdc6ab8fefe50a85095fa81bdc2aadbb
5c570f4f43b55c259e56df88406fa01ca76431c537a97af1bd1e6e9b1aeb82b8
5e06c92f55fb919fe0e7bc0534bbb9767f6749931cd2408d9ef70bca48568018
5eb074cf21c0efb8ed8f57142f6739c0ae5dcb156070d6be5536157fb6af26a8
62243caa9ff855887d2c923e40dc70ac9f653a5ba540b010fc3a8a46221dd98d
632e17385e393bb6503e09e8088eb52e251ec64a29ec04f8fea593e28cd6b992
6a46391c2208f4f5af05b4fe8cdf612ef8d1ac55e8bac89d4d3fbaa424b8fc80
74ecaae6ee86b65e8b467c713c9b8177a3fb655bfdb8ded1e8a90bffeaaedff1
77b765f002a116c81008c3072ee51509a190a79715f79c3bfe6047b6e4abef64
7c64bd44a9999e7cb373d132eb1849ad4af247c1a0d673d8a9ee759d11a159eb
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8a91523f14ec6969d10c9ca71b06b8ed6b12d66c663495175fd0d3dfcd4a4730
8c1dc697715560e29484de9ed60045222c64f779e347eba4dd95b996066188a9
8eb3aaedf0825f47e933af0b4fc66a0a6a2945e68842e55935af733a9a607f97
9315a05b675669ff8fafd63197450a8fd6bb2b04ba616aff2df54ddacb688292
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
a43bf2e028a041afa71ed76d585fbb7dbda16eb9fca2fcf9846c57d910ad4074
ac38e246533d08609d44fd296cc4c0be71a15ea821633473cf4bf9deb791c02a
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afbeefd10baecd35822d7166b6c068d2e06cf0910e44b61024bdb3e7a66b7a7f
b253ef3fe01bdd1dbcf682caf6954cbf64877cf67955b085f18fd896809d7e83
b65415e74b1038b671424fe33ec16f187c346b9c7ca4aee8878970eaec08ad2f
bd66b43441439db9cf98e69ada25135bbc95957e2212606563ff19671f7201c1
c5dfa4f683dc2b6527546bee05ca21704a4934d29723a63ead23b2453b85f49b
c7c9c153eb6e8cd061a6017c09141c0340e752fafe197751584fd449e4f03b66
c7e2cc9733c3cd5fca8357153c43a9f30125a6b069e076119ebbadf943ae7309
d028cc1d75a514a11550a675be233378de77c809fb0819e03564ad88b89661e8
d0516fc0e10501e057a362fbf199605f81ffbdd2d353f77be8bd1be40785729e
d28424eedbba774257820f99d91281f57ccb6ad63907f8bd5ed3e95c4c612c60
d65800b963e122417cab4887a7abb3b11947ebe05328b016138478ca4a41cc9f
d77d111cbda0233df01d835db86fcc243a443666025492e8736fcf5488cc63b4
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
d974a46e6c78283ddd40393bbe87b3094685acf5c00f9810c31e1cf839a692b8
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de67d2cec6c072e9645ad18d40181a2b8530decab4e6bbebfd0e1961f67ad434
e295d553999d012069dbb2f71ba7bc4cf89995fa5abda024cbc99685112eedf4
e2a92ed1a00101b2f9ee8ac363b52f796cbc8feb0619e7c665a41d62862eb413
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b258d5a02731bdcfbcfa87ac52155f161ff4b44019d5956772d206d97d2857
e8548e68a845ea4998a36c690829772b8c8176e4b4bbf00ac77615bc4b282f84
ebfa07fd08eced58a372c3353dfdac581d5e3819c1e2bb678610ecbf80be5024
ec87bae21d60c8062fa5df218a7278dc0146b66bd0bd4f07eea5252732c9a38d
ecf4072cd8e32c9ebd8b78743a66a6a54913f2e2cb02c382a60eae2b3f520253
ef05728fd8be4b2109df415bd25257e6ca71338e6c6ef3bb83558ea2321ad4d6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0641714680629a6e1af17e8e785b2dd7bac5e6f89e58ec2cf71920e7718c7ef
f6678bd94c196bfb8eee3b50811b81785fb0f3d3b9c426c793407fd1c0bea3dc
f8140bde9f12b6897f5ea25decb656e98d4ef9f29094e2054fc223a433f23dd6
f98c2cd7829cde23a541be4a31279245ceb530ec56cc2dfb022ba3887ab94cd9
fb0e84e60215f7d012fafc12b051d72c02bde5497905a8e1116d2d8911326fb2
fb9174684c54d7db97c091eede29f9fad89697dc55fc9bf6590fd591a2fdf86c
fcb0188b5a827b516c891432f35d214ea84a285c59618937154a5babf93b66fc

beaglesecurity.com Open in urlscan Pro 143.204.215.24 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

80 Requests

99 %HTTPS

56 %IPv6

12 Domains

17 Subdomains

16 IPs

5 Countries

1765 kBTransfer

3486 kBSize

4 Cookies

9 Outgoing links

Page URL History

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 17 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

beaglesecurity.com Open in urlscan Pro
143.204.215.24 Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

99 %
HTTPS

56 %
IPv6

12
Domains

17
Subdomains

16
IPs

5
Countries

1765 kB
Transfer

3486 kB
Size

4
Cookies

80 HTTP transactions
17 data transactions