Submitted URL: https://t.co/h4eZ8e5ebx
Effective URL: https://www.maltego.com/covid19-licenses-application/
Submission: On March 31 via manual from IN

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 19 HTTP transactions. The main IP is 2a03:b0c0:3:d0::d24:5001, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is www.maltego.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on February 16th 2020. Valid for: 3 months.
This is the only time www.maltego.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.244.42.197 13414 (TWITTER)
8 2a03:b0c0:3:d... 14061 (DIGITALOC...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.109.76.19 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2620:1ec:bdf::10 8068 (MICROSOFT...)
19 9
Domain Requested by
8 www.maltego.com t.co
www.maltego.com
3 cdnjs.cloudflare.com www.maltego.com
2 consent.cookiebot.com www.googletagmanager.com
consent.cookiebot.com
2 fonts.gstatic.com www.maltego.com
1 forms.office.com www.maltego.com
1 www.googletagmanager.com www.maltego.com
1 fonts.googleapis.com www.maltego.com
1 t.co
19 8
Subject Issuer Validity Valid
t.co
DigiCert SHA2 High Assurance Server CA
2020-03-05 -
2021-03-02
a year crt.sh
maltego.com
Let's Encrypt Authority X3
2020-02-16 -
2020-05-16
3 months crt.sh
*.storage.googleapis.com
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-12-05 -
2020-06-12
6 months crt.sh
*.google-analytics.com
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months crt.sh
forms.office.com
Microsoft IT TLS CA 4
2019-02-26 -
2021-02-26
2 years crt.sh
*.google.com
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months crt.sh
consent.cookiebot.com
Go Daddy Secure Certificate Authority - G2
2019-01-14 -
2021-01-08
2 years crt.sh

This page contains 2 frames:

Primary Page: https://www.maltego.com/covid19-licenses-application/
Frame ID: 879504411C2021CCB82C020F06BB7BD1
Requests: 21 HTTP requests in this frame

Frame: https://forms.office.com/Pages/ResponsePage.aspx?id=RF3nWSN9EEO3yKeF4G7mYGNktv4K0yVIlRDpl_SYgIdUMEdGMEs4NzFTUVpOMFVINFgxRlVNREFEQi4u&embed=true
Frame ID: 24D0601F66A0AB0FA8811FEF6E4575D1
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://t.co/h4eZ8e5ebx Page URL
  2. https://www.maltego.com/covid19-licenses-application/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

19
Requests

100 %
HTTPS

75 %
IPv6

8
Domains

8
Subdomains

9
IPs

3
Countries

197 kB
Transfer

637 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.co/h4eZ8e5ebx Page URL
  2. https://www.maltego.com/covid19-licenses-application/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
h4eZ8e5ebx
t.co/
315 B
506 B
Document
General
Full URL
https://t.co/h4eZ8e5ebx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
c094eb7992106e95425bd34c96404ee3c6a273d436e8314b0bbe15a017899d18
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Request headers

:method
GET
:authority
t.co
:scheme
https
:path
/h4eZ8e5ebx
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

status
200
cache-control
private,max-age=300
content-encoding
gzip
content-length
196
content-type
text/html; charset=utf-8
date
Tue, 31 Mar 2020 19:59:25 GMT
expires
Tue, 31 Mar 2020 20:04:25 GMT
server
tsa_o
set-cookie
muc=db2e7291-fff9-4989-a8dd-89cdb08c266c; Max-Age=63072000; Expires=Thu, 31 Mar 2022 19:59:25 GMT; Domain=t.co; Secure; SameSite=None
strict-transport-security
max-age=0
vary
Origin
x-connection-hash
39b1d52eab72cf469690f2cd53f0a7c9
x-response-time
124
x-xss-protection
0
Primary Request /
www.maltego.com/covid19-licenses-application/
15 KB
5 KB
Document
General
Full URL
https://www.maltego.com/covid19-licenses-application/
Requested by
Host: t.co
URL: https://t.co/h4eZ8e5ebx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::d24:5001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
a1c50bf8dfb632b0de0404eddbde5afd35e1353728ac6510b3ffccb02d699ea9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
www.maltego.com
:scheme
https
:path
/covid19-licenses-application/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://t.co/h4eZ8e5ebx
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Referer
https://t.co/h4eZ8e5ebx

Response headers

status
200
cache-control
public, max-age=0, must-revalidate
content-type
text/html; charset=UTF-8
date
Tue, 31 Mar 2020 10:17:14 GMT
etag
"3bc68ae5a291deac4f3f244df822bdde-ssl-df"
strict-transport-security
max-age=31536000
content-encoding
gzip
content-length
4880
age
34932
server
Netlify
vary
Accept-Encoding
x-nf-request-id
7b80d41e-e0c1-405f-b38f-b0ea0db92eba-35785497
css
fonts.googleapis.com/
13 KB
1006 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,700,800&display=swap
Requested by
Host: www.maltego.com
URL: https://www.maltego.com/covid19-licenses-application/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ae5488ca14a63553b75c3a76150229a55a65267a1de90ede6d50f96a58982d52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.maltego.com/covid19-licenses-application/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 31 Mar 2020 19:59:26 GMT
server
ESF
date
Tue, 31 Mar 2020 19:59:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 31 Mar 2020 19:59:26 GMT
bootstrap-grid.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.3.1/css/
47 KB
5 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.3.1/css/bootstrap-grid.min.css
Requested by
Host: www.maltego.com
URL: https://www.maltego.com/covid19-licenses-application/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fd02f47413390d668599552bc8ddc87eb9ffd9e62ceb22971bb32915a61c0f5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://www.maltego.com/covid19-licenses-application/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Tue, 31 Mar 2020 19:59:26 GMT
content-encoding
br
cf-cache-status
HIT
age
13178975
cf-ray
57cca69c08bfbeab-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Fri, 15 Feb 2019 18:45:50 GMT
server
cloudflare
etag
W/"5c6708de-bd68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Sun, 21 Mar 2021 19:59:26 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.001
main.min.70abfcecec4bf2ac42065af35837b374beeb11f7c607d024287d9858df037d0c.css
www.maltego.com/scss/
70 KB
13 KB
Stylesheet
General
Full URL
https://www.maltego.com/scss/main.min.70abfcecec4bf2ac42065af35837b374beeb11f7c607d024287d9858df037d0c.css
Requested by
Host: www.maltego.com
URL: https://www.maltego.com/covid19-licenses-application/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::d24:5001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
70abfcecec4bf2ac42065af35837b374beeb11f7c607d024287d9858df037d0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.maltego.com/covid19-licenses-application/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

x-nf-request-id
7b80d41e-e0c1-405f-b38f-b0ea0db92eba-35785516
date
Tue, 31 Mar 2020 08:37:09 GMT
content-encoding
gzip
server
Netlify
age
40937
etag
"244d3681bb92c12e035cf09504f7233b-ssl-df"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
status
200
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
13280
Maltego-Logo-Horizontal-White.png
www.maltego.com/img/maltego-logo/
14 KB
14 KB
Image
General
Full URL
https://www.maltego.com/img/maltego-logo/Maltego-Logo-Horizontal-White.png
Requested by
Host: www.maltego.com
URL: https://www.maltego.com/covid19-licenses-application/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::d24:5001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
b6149dffed0e287f86b762b9149de01a89ce02ee49ce3ab6a6ae54837836222f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.maltego.com/covid19-licenses-application/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-nf-request-id
7b80d41e-e0c1-405f-b38f-b0ea0db92eba-35785517
date
Tue, 31 Mar 2020 08:37:10 GMT
server
Netlify
age
40936
etag
"0474b3ad041c5cbf07b3eb633a421e37-ssl"
strict-transport-security
max-age=31536000
content-type
image/png
status
200
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
content-length
14051
Maltego%20Text%20only%20white.svg
www.maltego.com/img/maltego-logo/
2 KB
942 B
Image
General
Full URL
https://www.maltego.com/img/maltego-logo/Maltego%20Text%20only%20white.svg
Requested by
Host: www.maltego.com
URL: https://www.maltego.com/covid19-licenses-application/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::d24:5001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
f8086fae93455669e62e1bb2f8664c700c3eede250d4f775b49de9a3f86fe2dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.maltego.com/covid19-licenses-application/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-nf-request-id
7b80d41e-e0c1-405f-b38f-b0ea0db92eba-35785518
date
Tue, 31 Mar 2020 08:37:10 GMT
content-encoding
gzip
server
Netlify
age
40936
etag
"1f3cc42a5b3084c350eabefaced197e0-ssl-df"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
822
keyboard_arrow_down-24px.svg
www.maltego.com/img/icons/
195 B
283 B
Image
General
Full URL
https://www.maltego.com/img/icons/keyboard_arrow_down-24px.svg
Requested by
Host: www.maltego.com
URL: https://www.maltego.com/covid19-licenses-application/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::d24:5001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
52110d9e374efb16cb1693dc1eb2c9a1050a9205811528c11a04e372e0f03cab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.maltego.com/covid19-licenses-application/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-nf-request-id
7b80d41e-e0c1-405f-b38f-b0ea0db92eba-35785529
date
Tue, 31 Mar 2020 08:37:10 GMT
content-encoding
gzip
server
Netlify
age
40936
etag
"b54462a7655f135feffc483ca036712b-ssl-df"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
173
linkedin.png
www.maltego.com/img/icons/
5 KB
5 KB
Image
General
Full URL
https://www.maltego.com/img/icons/linkedin.png
Requested by
Host: www.maltego.com
URL: https://www.maltego.com/covid19-licenses-application/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::d24:5001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
b5839d0d2b386113adca98e4e3ad9a7885553c5543f91bf0588fad44fc42469e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.maltego.com/covid19-licenses-application/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-nf-request-id
7b80d41e-e0c1-405f-b38f-b0ea0db92eba-35785530
date
Tue, 31 Mar 2020 08:37:11 GMT
server
Netlify
age
40935
etag
"7d7a58809a6e6a0a16a95483a37e9811-ssl"
strict-transport-security
max-age=31536000
content-type
image/png
status
200
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
content-length
4998
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/
86 KB
30 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: www.maltego.com
URL: https://www.maltego.com/covid19-licenses-application/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://www.maltego.com/covid19-licenses-application/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 31 Mar 2020 19:59:26 GMT
content-encoding
br
cf-cache-status
HIT
age
21643901
cf-ray
57cca69c18d7beab-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Wed, 01 May 2019 21:45:59 GMT
server
cloudflare
etag
W/"5cca1397-15851"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sun, 21 Mar 2021 19:59:26 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.003
hammer.min.js
cdnjs.cloudflare.com/ajax/libs/hammer.js/2.0.8/
20 KB
7 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/hammer.js/2.0.8/hammer.min.js
Requested by
Host: www.maltego.com
URL: https://www.maltego.com/covid19-licenses-application/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7953631f0e54794d2352a3cfa591c0914d73e14f90141058e3cf16bee7939bcf
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://www.maltego.com/covid19-licenses-application/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 31 Mar 2020 19:59:26 GMT
content-encoding
br
cf-cache-status
HIT
age
30318703
cf-ray
57cca69c28d9beab-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:20:11 GMT
server
cloudflare
etag
W/"5afd494b-511d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sun, 21 Mar 2021 19:59:26 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.078
jquery.hammer.js
www.maltego.com/js/
1 KB
583 B
Script
General
Full URL
https://www.maltego.com/js/jquery.hammer.js
Requested by
Host: www.maltego.com
URL: https://www.maltego.com/covid19-licenses-application/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::d24:5001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
6b4217a981adb6dc476993007feed2b3c3264db189595ffcf885241f04997a01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.maltego.com/covid19-licenses-application/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-nf-request-id
7b80d41e-e0c1-405f-b38f-b0ea0db92eba-35785527
date
Tue, 31 Mar 2020 08:37:09 GMT
content-encoding
gzip
server
Netlify
age
40937
etag
"346c81aa1f9e1ed0b09b559f33c913c3-ssl-df"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
457
main-bundle.min.f93b359421d843609a54dd533171e1fdf83830ceb3f571415e204345654521cc.js
www.maltego.com/js/
8 KB
3 KB
Script
General
Full URL
https://www.maltego.com/js/main-bundle.min.f93b359421d843609a54dd533171e1fdf83830ceb3f571415e204345654521cc.js
Requested by
Host: www.maltego.com
URL: https://www.maltego.com/covid19-licenses-application/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::d24:5001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
f93b359421d843609a54dd533171e1fdf83830ceb3f571415e204345654521cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.maltego.com/covid19-licenses-application/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-nf-request-id
7b80d41e-e0c1-405f-b38f-b0ea0db92eba-35785528
date
Tue, 31 Mar 2020 08:37:10 GMT
content-encoding
gzip
server
Netlify
age
40936
etag
"e2041e55e45b14e77c6f205c99f41a8f-ssl-df"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
2870
gtm.js
www.googletagmanager.com/
138 KB
40 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TDD765M
Requested by
Host: www.maltego.com
URL: https://www.maltego.com/covid19-licenses-application/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
43f001a5447c684c706006ae96bbc5435203d4d00c71363ef163bdde2a968898
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.maltego.com/covid19-licenses-application/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 31 Mar 2020 19:59:26 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
40868
x-xss-protection
0
last-modified
Tue, 31 Mar 2020 18:44:45 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 31 Mar 2020 19:59:26 GMT
ResponsePage.aspx
forms.office.com/Pages/ Frame 24D0
0
0
Document
General
Full URL
https://forms.office.com/Pages/ResponsePage.aspx?id=RF3nWSN9EEO3yKeF4G7mYGNktv4K0yVIlRDpl_SYgIdUMEdGMEs4NzFTUVpOMFVINFgxRlVNREFEQi4u&embed=true
Requested by
Host: www.maltego.com
URL: https://www.maltego.com/covid19-licenses-application/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.76.19 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
forms.office.com
:scheme
https
:path
/Pages/ResponsePage.aspx?id=RF3nWSN9EEO3yKeF4G7mYGNktv4K0yVIlRDpl_SYgIdUMEdGMEs4NzFTUVpOMFVINFgxRlVNREFEQi4u&embed=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://www.maltego.com/covid19-licenses-application/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://www.maltego.com/covid19-licenses-application/

Response headers

status
200
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-length
6272
content-type
text/html; charset=utf-8
content-encoding
gzip
expires
0
vary
Accept-Encoding
server
x-routingofficecluster
neu-000.forms.office.com
x-routingofficefe
FormsSingleBox_IN_7
x-routingofficeversion
16.0.12725.34201
x-routingsessionid
a35b147d-ad07-4875-8d14-4337e3bdacc7
x-routingcorrelationid
9d692c3c-46f1-4536-a8be-e9d99b728093
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie
DcLcid=ui=1033&data=1033; expires=Tue, 30-Jun-2020 19:59:26 GMT; path=/; samesite=none; secure; HttpOnly __RequestVerificationToken=eCEP7wEZ9FRGEy-CKt41qh_9PtjikDSLBuUp2v_IkJyE3XUD1v5Z0B_clyPAGJUM81isxeE1ycXye0fHAUZl2wtC7jY1; path=/; samesite=none; secure; HttpOnly AADNonce.forms=415fd521-d1ad-43d1-a009-f5c7f99bdf5f.637212815662301628; domain=forms.office.com; path=/; samesite=none; secure; HttpOnly
x-correlationid
9d692c3c-46f1-4536-a8be-e9d99b728093
x-usersessionid
a35b147d-ad07-4875-8d14-4337e3bdacc7
x-officefe
FormsSingleBox_IN_7
x-officeversion
16.0.12725.34201
x-officecluster
neu-000.forms.office.com
x-failurereason
MissingCookieOrToken
link
<https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
x-aspnet-version
x-powered-by
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 31 Mar 2020 19:59:25 GMT
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9e979bff0b321bde439c6cab79f4407543244bf574f8c239b32e0e236404286c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: www.maltego.com
URL: https://www.maltego.com/covid19-licenses-application/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,700,800&display=swap
Origin
https://www.maltego.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 10 Mar 2020 17:00:48 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:31:11 GMT
server
sffe
age
1825118
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9080
x-xss-protection
0
expires
Wed, 10 Mar 2021 17:00:48 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: www.maltego.com
URL: https://www.maltego.com/covid19-licenses-application/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,700,800&display=swap
Origin
https://www.maltego.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 28 Mar 2020 00:54:51 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
327875
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9132
x-xss-protection
0
expires
Sun, 28 Mar 2021 00:54:51 GMT
uc.js
consent.cookiebot.com/
67 KB
22 KB
Script
General
Full URL
https://consent.cookiebot.com/uc.js?cbid=e99de070-62c7-4293-b5ab-cc9ab7bf4197
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDD765M
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
26983857222be2f9c6c47b8e9a34772e447f847069c2af729eb6bc2f5813ccc7

Request headers

Referer
https://www.maltego.com/covid19-licenses-application/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 31 Mar 2020 19:59:25 GMT
content-encoding
gzip
last-modified
Tue, 31 Mar 2020 10:04:46 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"65a8c5ce437d61:0"
vary
Accept-Encoding
x-cache
TCP_HIT
content-type
application/javascript
status
200
cache-control
public,max-age=1200
x-azure-ref
0HqGDXgAAAADXRd+YYp9uRqq3GJxVFfi+RlJBRURHRTEwMTMAMzRmYzcyNzUtYmE5My00YmMzLWI3YTUtMjZmYWVhNTkwOTM1
x-azure-ref-originshield
09aCDXgAAAAC5ZrKuLGB6RLc2GHMs9uZLQU1TRURHRTA1MDcAMzRmYzcyNzUtYmE5My00YmMzLWI3YTUtMjZmYWVhNTkwOTM1
accept-ranges
bytes
content-length
21933
cc.js
consent.cookiebot.com/e99de070-62c7-4293-b5ab-cc9ab7bf4197/
129 KB
33 KB
Script
General
Full URL
https://consent.cookiebot.com/e99de070-62c7-4293-b5ab-cc9ab7bf4197/cc.js?renew=false&referer=www.maltego.com&dnt=false&forceshow=false&cbid=e99de070-62c7-4293-b5ab-cc9ab7bf4197&whitelabel=false&brandid=CookieConsent&framework=
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=e99de070-62c7-4293-b5ab-cc9ab7bf4197
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
e546fa15a3428ab6e7ece8659a6255fcadb6f1c5317a42a601401dafcaa4ba5d

Request headers

Referer
https://www.maltego.com/covid19-licenses-application/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 31 Mar 2020 19:59:25 GMT
content-encoding
gzip
last-modified
Tue, 31 Mar 2020 19:59:26 GMT
x-aspnet-version
4.0.30319
access-control-allow-origin
*
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/x-javascript; charset=utf-8
status
200
cache-control
public, max-age=7200
x-azure-ref
0HqGDXgAAAADi4Jd+BvCEQLNB+HVETG/DRlJBRURHRTEwMTMAMzRmYzcyNzUtYmE5My00YmMzLWI3YTUtMjZmYWVhNTkwOTM1
access-control-allow-headers
cache-control, expires, Access-Control-Allow-Headers, Origin, Pragma, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, bustcache
content-length
33148
truncated
/
921 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
15c001519dc1296f39660e3857f63ee90b0196835ec033c7026435de0cb752ce

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
973 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
feeff1b73fc856bbaa909aecd74cd3918a41d2f0642b773831da45ad969317e9

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| dataLayer function| $ function| jQuery function| Hammer function| getUrlVars object| $standardPricing object| google_tag_manager function| __uspapi function| addUspapiLocatorFrame function| __handleUspapiMessage object| CookieConsent object| CookieControl object| Cookiebot boolean| iframeReady object| CookiebotDialog object| CookieConsentDialog object| that object| cookieTable number| j

5 Cookies

Domain/Path Name / Value
.office.com/ Name: MUID
Value: 387415E1B8C36EB334651B7FB9B26FC9
.forms.office.com/ Name: AADNonce.forms
Value: 415fd521-d1ad-43d1-a009-f5c7f99bdf5f.637212815662301628
forms.office.com/ Name: MSFPC
Value: GUID=6138a7f9312a44c8be232d7e9e747ff6&HASH=6138&LV=202003&V=4&LU=1585684766752
forms.office.com/ Name: __RequestVerificationToken
Value: eCEP7wEZ9FRGEy-CKt41qh_9PtjikDSLBuUp2v_IkJyE3XUD1v5Z0B_clyPAGJUM81isxeE1ycXye0fHAUZl2wtC7jY1
forms.office.com/ Name: DcLcid
Value: ui=1033&data=1033

1 Console Messages

Source Level URL
Text
console-api log URL: https://www.maltego.com/js/main-bundle.min.f93b359421d843609a54dd533171e1fdf83830ceb3f571415e204345654521cc.js(Line 40)
Message:
https://t.co/h4eZ8e5ebx

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
consent.cookiebot.com
fonts.googleapis.com
fonts.gstatic.com
forms.office.com
t.co
www.googletagmanager.com
www.maltego.com
104.244.42.197
2606:4700::6811:4104
2620:1ec:bdf::10
2a00:1450:4001:800::2008
2a00:1450:4001:820::2003
2a00:1450:4001:821::200a
2a03:b0c0:3:d0::d24:5001
52.109.76.19
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0fd02f47413390d668599552bc8ddc87eb9ffd9e62ceb22971bb32915a61c0f5
15c001519dc1296f39660e3857f63ee90b0196835ec033c7026435de0cb752ce
26983857222be2f9c6c47b8e9a34772e447f847069c2af729eb6bc2f5813ccc7
43f001a5447c684c706006ae96bbc5435203d4d00c71363ef163bdde2a968898
52110d9e374efb16cb1693dc1eb2c9a1050a9205811528c11a04e372e0f03cab
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
6b4217a981adb6dc476993007feed2b3c3264db189595ffcf885241f04997a01
70abfcecec4bf2ac42065af35837b374beeb11f7c607d024287d9858df037d0c
7953631f0e54794d2352a3cfa591c0914d73e14f90141058e3cf16bee7939bcf
9e979bff0b321bde439c6cab79f4407543244bf574f8c239b32e0e236404286c
a1c50bf8dfb632b0de0404eddbde5afd35e1353728ac6510b3ffccb02d699ea9
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
ae5488ca14a63553b75c3a76150229a55a65267a1de90ede6d50f96a58982d52
b5839d0d2b386113adca98e4e3ad9a7885553c5543f91bf0588fad44fc42469e
b6149dffed0e287f86b762b9149de01a89ce02ee49ce3ab6a6ae54837836222f
c094eb7992106e95425bd34c96404ee3c6a273d436e8314b0bbe15a017899d18
e546fa15a3428ab6e7ece8659a6255fcadb6f1c5317a42a601401dafcaa4ba5d
f8086fae93455669e62e1bb2f8664c700c3eede250d4f775b49de9a3f86fe2dd
f93b359421d843609a54dd533171e1fdf83830ceb3f571415e204345654521cc
feeff1b73fc856bbaa909aecd74cd3918a41d2f0642b773831da45ad969317e9