urlscan.io logo urlscan.io
SecurityTrails logo

aloricainc.humanity.com Open in urlscan Pro
13.224.189.48  Public Scan

Go To Rescan Add Verdict Report
URL: https://aloricainc.humanity.com/app/dashboard/
Submission: On September 27 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 26 HTTP transactions. The main IP is 13.224.189.48, located in United States and belongs to AMAZON-02, US. The main domain is aloricainc.humanity.com.
TLS certificate: Issued by Amazon on May 13th 2022. Valid for: a year.
This is the only time aloricainc.humanity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 13.224.189.48 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 151.101.194.137 54113 (FASTLY)
1 1 13.224.189.35 16509 (AMAZON-02)
3 18.66.147.3 16509 (AMAZON-02)
2 162.247.241.14 23467 (NEWRELIC-...)
1 107.21.231.73 14618 (AMAZON-AES)
26 8
8    13.224.189.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-48.fra2.r.cloudfront.net
aloricainc.humanity.com
4    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
5    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    13.224.189.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-35.fra2.r.cloudfront.net
widget.intercom.io
3    18.66.147.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-3.fra60.r.cloudfront.net
js.intercomcdn.com
2    162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
1    107.21.231.73 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-231-73.compute-1.amazonaws.com
api-iam.intercom.io
Apex Domain
Subdomains		 Transfer
8 humanity.com
aloricainc.humanity.com
276 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
613 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
25 KB
3 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 1846
193 KB
2 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 215
1 KB
2 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 1834
api-iam.intercom.io — Cisco Umbrella Rank: 2386
5 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 326
18 KB
26 7
Domain Requested by
8 aloricainc.humanity.com aloricainc.humanity.com
5 www.gstatic.com aloricainc.humanity.com
www.google.com
4 www.google.com aloricainc.humanity.com
www.google.com
3 js.intercomcdn.com widget.intercom.io
2 bam.nr-data.net aloricainc.humanity.com
2 fonts.gstatic.com aloricainc.humanity.com
1 api-iam.intercom.io js.intercomcdn.com
1 widget.intercom.io 1 redirects
1 js-agent.newrelic.com aloricainc.humanity.com
26 9

This site contains links to these domains. Also see Links.

Domain
www.humanity.com
Subject Issuer Validity Valid
*.humanity.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-07-10 -
2023-08-11		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-10 -
2023-02-10		 a year crt.sh
*.intercomcdn.com
Amazon		 2022-01-30 -
2023-02-28		 a year crt.sh
*.intercom.com
Amazon		 2022-03-16 -
2023-04-14		 a year crt.sh

This page contains 4 frames:

Primary Page: https://aloricainc.humanity.com/app/dashboard/
Frame ID: 1F5565C58018685CD23585B0F5B3E552
Requests: 16 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lelv00UAAAAAKn8M5l16Q6gi_8HbATp10Dovt_K&co=aHR0cHM6Ly9hbG9yaWNhaW5jLmh1bWFuaXR5LmNvbTo0NDM.&hl=de&v=ovmhLiigaw4D9ujHYlHcKKhP&size=normal&cb=r3fnhfapn1wd
Frame ID: 7D86075E51CFC810F4856323799E99C6
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=ovmhLiigaw4D9ujHYlHcKKhP&k=6Lelv00UAAAAAKn8M5l16Q6gi_8HbATp10Dovt_K
Frame ID: 54DCAC22B69ED9F4DAD5423BF5C54FF9
Requests: 3 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.f42d0978.js
Frame ID: B6ED065AAAE60F104E73BAC05910BFAD
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Online Employee Scheduling Software | Workforce Management

Detected technologies

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

26
Requests

96 %
HTTPS

33 %
IPv6

7
Domains

9
Subdomains

8
IPs

2
Countries

1130 kB
Transfer

3094 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://widget.intercom.io/widget/APP_ID HTTP 302
  • https://js.intercomcdn.com/shim.latest.js

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
aloricainc.humanity.com/app/dashboard/ 		47 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aloricainc.humanity.com/app/dashboard/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-48.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
7889a530eb199317ef78588066cf9601172ebffaf5888b53451e7ca392f1b67e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-expose-headers
x-csrf-token
cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
15207
content-type
text/html; charset=UTF-8
date
Tue, 27 Sep 2022 12:50:20 GMT
server
nginx
vary
X-Real-IP,Accept-Encoding
via
1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
x-amz-cf-id
dXaD0BXmnHd2wfDpjqTD1De-9Z8ne7-hx6v10Wd8pfswv46vrGLwUQ==
x-amz-cf-pop
FRA2-C1
x-backend
ecs.humanity.com
x-be-uuid
0202d3f8-eccf-4e45-a3f4-c7590ac66bca
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
homepage.css
aloricainc.humanity.com/layout/static/ 		205 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aloricainc.humanity.com/layout/static/homepage.css?v=de2654836f0f07aa17c77b3ce44958152b18cdf7
Requested by
Host: aloricainc.humanity.com
URL: https://aloricainc.humanity.com/app/dashboard/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-48.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
9546aa8f1700f135337613ed9795567f4e18dfdf00115720674ee4747daec8aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aloricainc.humanity.com/app/dashboard/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:50:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-backend
ecs.humanity.com
age
3373
x-cache
Hit from cloudfront
content-length
37860
x-xss-protection
1; mode=block
last-modified
Wed, 14 Sep 2022 10:21:12 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"334fe-5e8a07ceef600-gzip"
x-download-options
noopen
vary
Accept-Encoding
content-type
text/css
via
1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
access-control-expose-headers
x-csrf-token
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
C9q3UJ4t0cIocnB3EnpGUaar-5x5-OqDhB-aUudkfutf3zws51OmVg==
external.js
aloricainc.humanity.com/layout/static/ 		375 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aloricainc.humanity.com/layout/static/external.js?v=de2654836f0f07aa17c77b3ce44958152b18cdf7
Requested by
Host: aloricainc.humanity.com
URL: https://aloricainc.humanity.com/app/dashboard/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-48.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
6f3669fbe1a805ca069781d8c3a995a7c013467d4a31581f60263e9588bcab77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aloricainc.humanity.com/app/dashboard/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:50:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-backend
ecs.humanity.com
age
3358
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Wed, 14 Sep 2022 10:20:01 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"5dc63-5e8a078b39640-gzip"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript
via
1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
access-control-expose-headers
x-csrf-token
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
HUhF9WKH88gauOMpIl6Cs2gP1hNqqdR3yjUTKsY6EMq_8fjmK22mQg==
homepage.js
aloricainc.humanity.com/layout/static/ 		53 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aloricainc.humanity.com/layout/static/homepage.js?v=de2654836f0f07aa17c77b3ce44958152b18cdf7
Requested by
Host: aloricainc.humanity.com
URL: https://aloricainc.humanity.com/app/dashboard/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-48.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
da920654418af62c4f332f365270de3751821eb4168ce84281d67bacbba900ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aloricainc.humanity.com/app/dashboard/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 06:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-backend
ecs.humanity.com
age
33062
x-cache
Hit from cloudfront
content-length
18188
x-xss-protection
1; mode=block
last-modified
Wed, 14 Sep 2022 10:20:01 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"d52f-5e8a078b39640-gzip"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript
via
1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
access-control-expose-headers
x-csrf-token
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
TflZoMRX_SupHBmZstfnKBvkIwV64SuOouYj-ouggwKL8rIXYLWP2Q==
login.css
aloricainc.humanity.com/layout/static/ 		154 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aloricainc.humanity.com/layout/static/login.css?v=de2654836f0f07aa17c77b3ce44958152b18cdf7
Requested by
Host: aloricainc.humanity.com
URL: https://aloricainc.humanity.com/app/dashboard/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-48.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
9a8b288011a24f8648f26f54255f64417f163106fef952c04bcac29a0b03d697
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aloricainc.humanity.com/app/dashboard/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:50:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-backend
ecs.humanity.com
age
3373
x-cache
Hit from cloudfront
content-length
28452
x-xss-protection
1; mode=block
last-modified
Wed, 14 Sep 2022 10:20:01 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"268ea-5e8a078b39640-gzip"
x-download-options
noopen
vary
Accept-Encoding
content-type
text/css
via
1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
access-control-expose-headers
x-csrf-token
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
-tAwOoR0pZJGftPCOnB5i6srLX2DE84GAaW85vl8k1IqDkCAAkCBsA==
login.js
aloricainc.humanity.com/layout/static/ 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aloricainc.humanity.com/layout/static/login.js?v=de2654836f0f07aa17c77b3ce44958152b18cdf7
Requested by
Host: aloricainc.humanity.com
URL: https://aloricainc.humanity.com/app/dashboard/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-48.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
d00e330e4d62b471d21af970610d7132a7011938e7d7491197f62ca8ad03a728
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aloricainc.humanity.com/app/dashboard/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:50:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-backend
ecs.humanity.com
age
3373
x-cache
Hit from cloudfront
content-length
15157
x-xss-protection
1; mode=block
last-modified
Wed, 14 Sep 2022 10:20:01 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"a3fe-5e8a078b39640-gzip"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript
via
1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
access-control-expose-headers
x-csrf-token
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
x8qazOxDE4y8-RCT7TeEkUF_BzkX6cAYDiV5lI0A4KHgHf7qf7u8jw==
api.js
www.google.com/recaptcha/ 		912 B
992 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=initializeCaptcha&render=explicit
Requested by
Host: aloricainc.humanity.com
URL: https://aloricainc.humanity.com/app/dashboard/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f9eef5a331478ca0d6432c85f61a37c7810f01aaf6431cbdcf922cc99d02a801
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aloricainc.humanity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:50:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
579
x-xss-protection
1; mode=block
expires
Tue, 27 Sep 2022 12:50:21 GMT
large_345518-logos_5b64548b4cc058.44055065.png
aloricainc.humanity.com/logos/ 		243 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aloricainc.humanity.com/logos/large_345518-logos_5b64548b4cc058.44055065.png
Requested by
Host: aloricainc.humanity.com
URL: https://aloricainc.humanity.com/app/dashboard/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-48.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1fb8ea5cd16e027fc12e8345454a514e2f28f4f54b2847acd74ca8a6da55d7e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aloricainc.humanity.com/app/dashboard/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:50:20 GMT
via
1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
ZjX1zpSRjJUOjRNKYed-ScMcjKDHK6nchlJ_WJmjG5EtZsd0UFFXmA==
x-cache
Error from cloudfront
content-type
application/xml
recaptcha__de.js
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/ 		391 KB
157 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__de.js
Requested by
Host: aloricainc.humanity.com
URL: https://aloricainc.humanity.com/app/dashboard/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ad74b30972057e9efc8dd2c5d013ed97938050ceab38f1209780d584bcd6fb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aloricainc.humanity.com/
Origin
https://aloricainc.humanity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:46:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
235
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
159555
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 04:01:43 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Sep 2023 12:46:26 GMT
KFOlCnqEu92Fr1MmSU5fBBc9.ttf
fonts.gstatic.com/s/roboto/v30/ 		35 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc9.ttf
Requested by
Host: aloricainc.humanity.com
URL: https://aloricainc.humanity.com/layout/static/homepage.css?v=de2654836f0f07aa17c77b3ce44958152b18cdf7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4501b0c41bd6ffd12d34114eed5113b9e136f5f1715d7b4348dd1ccb570470f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aloricainc.humanity.com/
Origin
https://aloricainc.humanity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 23:02:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49657
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20847
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Sep 2023 23:02:44 GMT
KFOmCnqEu92Fr1Mu4mxP.ttf
fonts.gstatic.com/s/roboto/v30/ 		35 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxP.ttf
Requested by
Host: aloricainc.humanity.com
URL: https://aloricainc.humanity.com/layout/static/homepage.css?v=de2654836f0f07aa17c77b3ce44958152b18cdf7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9ef021078603005c0b08fba881f1a7eb62ef213238021f3e8a4a00daa60b9d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aloricainc.humanity.com/
Origin
https://aloricainc.humanity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 05:10:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27617
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20776
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Sep 2023 05:10:04 GMT
HumanityIcons.ttf
aloricainc.humanity.com/app/layout/fonts/ 		53 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://aloricainc.humanity.com/app/layout/fonts/HumanityIcons.ttf?fw6y17
Requested by
Host: aloricainc.humanity.com
URL: https://aloricainc.humanity.com/layout/static/login.css?v=de2654836f0f07aa17c77b3ce44958152b18cdf7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-48.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
50dd16b8a8b89c6b29d7f1513435e543da876361aeadac1d72038a9f4eb2d307
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://aloricainc.humanity.com/layout/static/login.css?v=de2654836f0f07aa17c77b3ce44958152b18cdf7
Origin
https://aloricainc.humanity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 04:47:25 GMT
via
1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-backend
ecs.humanity.com
age
28976
x-cache
Hit from cloudfront
content-length
54332
x-xss-protection
1; mode=block
last-modified
Wed, 14 Sep 2022 10:20:00 GMT
server
nginx
etag
"d43c-5e8a078a45400"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
font/ttf
access-control-expose-headers
x-csrf-token
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
a2rvPeGmzmMlKWTeNUzVpivs9WAXltmH7gPmW6FYt4JD-2eHH57Rsw==
anchor
www.google.com/recaptcha/api2/ Frame 7D86 		43 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lelv00UAAAAAKn8M5l16Q6gi_8HbATp10Dovt_K&co=aHR0cHM6Ly9hbG9yaWNhaW5jLmh1bWFuaXR5LmNvbTo0NDM.&hl=de&v=ovmhLiigaw4D9ujHYlHcKKhP&size=normal&cb=r3fnhfapn1wd
Requested by
Host: aloricainc.humanity.com
URL: https://aloricainc.humanity.com/app/dashboard/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b6e514cc76e992088f9d32ea96d7ab599ac2f29219e1c4ca0a70c7db354bdc7c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YDNU_a9OGTmzsHzWSDRRlQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://aloricainc.humanity.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
23314
content-security-policy
script-src 'report-sample' 'nonce-YDNU_a9OGTmzsHzWSDRRlQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 27 Sep 2022 12:50:21 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/ Frame 7D86 		52 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lelv00UAAAAAKn8M5l16Q6gi_8HbATp10Dovt_K&co=aHR0cHM6Ly9hbG9yaWNhaW5jLmh1bWFuaXR5LmNvbTo0NDM.&hl=de&v=ovmhLiigaw4D9ujHYlHcKKhP&size=normal&cb=r3fnhfapn1wd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 09:50:32 GMT
x-content-type-options
nosniff
age
10789
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52762
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 04:01:43 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Sep 2023 09:50:32 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/ Frame 7D86 		391 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lelv00UAAAAAKn8M5l16Q6gi_8HbATp10Dovt_K&co=aHR0cHM6Ly9hbG9yaWNhaW5jLmh1bWFuaXR5LmNvbTo0NDM.&hl=de&v=ovmhLiigaw4D9ujHYlHcKKhP&size=normal&cb=r3fnhfapn1wd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ad74b30972057e9efc8dd2c5d013ed97938050ceab38f1209780d584bcd6fb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:46:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
235
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
159555
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 04:01:43 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Sep 2023 12:46:26 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 7D86 		102 B
133 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=ovmhLiigaw4D9ujHYlHcKKhP
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lelv00UAAAAAKn8M5l16Q6gi_8HbATp10Dovt_K&co=aHR0cHM6Ly9hbG9yaWNhaW5jLmh1bWFuaXR5LmNvbTo0NDM.&hl=de&v=ovmhLiigaw4D9ujHYlHcKKhP&size=normal&cb=r3fnhfapn1wd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4b424d73a944f41d95c60333c46cb5a2791d2c7dc225e4c6410c36a0ee92fe43
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lelv00UAAAAAKn8M5l16Q6gi_8HbATp10Dovt_K&co=aHR0cHM6Ly9hbG9yaWNhaW5jLmh1bWFuaXR5LmNvbTo0NDM.&hl=de&v=ovmhLiigaw4D9ujHYlHcKKhP&size=normal&cb=r3fnhfapn1wd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:50:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111
x-xss-protection
1; mode=block
expires
Tue, 27 Sep 2022 12:50:21 GMT
nr-spa-1216.min.js
js-agent.newrelic.com/ 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1216.min.js
Requested by
Host: aloricainc.humanity.com
URL: https://aloricainc.humanity.com/app/dashboard/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aloricainc.humanity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-encoding
gzip
etag
"63e2df852d15ab21d7ff8fc4363222e8"
x-amz-request-id
G3KFPVCN8YNTXH50
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
18216
x-amz-id-2
tAu6Bn1ZIXl3oOFdA99wBbvl4B5k9x4HUuY+yHxi1gSDuAiQ8dsY6p1L2pd/4eB409hsM7w2iD8=
x-served-by
cache-hhn4030-HHN
last-modified
Thu, 14 Apr 2022 16:45:57 GMT
server
AmazonS3
x-timer
S1664283022.906529,VS0,VE0
date
Tue, 27 Sep 2022 12:50:21 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
8898
shim.latest.js
js.intercomcdn.com/
Redirect Chain
  • https://widget.intercom.io/widget/APP_ID
  • https://js.intercomcdn.com/shim.latest.js
18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Server
18.66.147.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-3.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4df64a1e7e7a424db6679c8e9834ee693480de1f6d5d7774a68345dc2e5f212e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aloricainc.humanity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
4fN6rdrbEQAxIwy6jMvX9zZgUDZefq8t
content-encoding
gzip
etag
"d70c9c109d9656a3703e3932a892ae97"
age
199
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
vary
Accept-Encoding
content-length
6173
last-modified
Tue, 27 Sep 2022 11:41:55 GMT
server
AmazonS3
date
Tue, 27 Sep 2022 12:47:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=UTF-8
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
cache-control
max-age=300, s-maxage=300, public
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-amz-cf-id
jzmPH4wrwSn2zp0a6ZeUy7lxsnu4kJYdhC73S1OnU88Jw4fiCG1OeQ==

Redirect headers

date
Tue, 27 Sep 2022 11:30:42 GMT
via
1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
server
AmazonS3
age
4780
x-cache
Hit from cloudfront
location
https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop
FRA2-C1
content-length
0
x-amz-cf-id
ZE9z6vwa7Tj0y9STx9bXRJY0Q8rCeLm_KXPtD4dxnjT14Zb-P0BFlA==
bframe
www.google.com/recaptcha/api2/ Frame 54DC 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=ovmhLiigaw4D9ujHYlHcKKhP&k=6Lelv00UAAAAAKn8M5l16Q6gi_8HbATp10Dovt_K
Requested by
Host: aloricainc.humanity.com
URL: https://aloricainc.humanity.com/app/dashboard/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
16ed1b7b33cd8e3a2b7a59c83d6fae6a22db55a4d9f7ee1231dcf3dbec8c868c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KfohIvWKeq_rySyNLICB7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://aloricainc.humanity.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1113
content-security-policy
script-src 'report-sample' 'nonce-KfohIvWKeq_rySyNLICB7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 27 Sep 2022 12:50:21 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
3a87bc3634
bam.nr-data.net/1/ 		49 B
615 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/3a87bc3634?a=519443915&v=1216.487a282&to=MVYBMRNXVxBSB0YKWwgcIBASQlYOHCN3Nw4HQxNLBVdKC1ELUxFQ&rst=1440&ck=1&ref=https://aloricainc.humanity.com/app/dashboard/&ap=22&be=638&fe=1391&dc=794&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1664283020485,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:83,%22c%22:83,%22s%22:90,%22ce%22:105,%22rq%22:105,%22rp%22:616,%22rpe%22:617,%22dl%22:618,%22di%22:794,%22ds%22:794,%22de%22:794,%22dc%22:1390,%22l%22:1390,%22le%22:1392%7D,%22navigation%22:%7B%7D%7D&fp=826&fcp=826&at=HREWR1tNGwpDO1MHUBRWEBZDDBtSC1EcUQVVHVJQVBgIVQdGT08WBxFZHhxL&jsonp=NREUM.setToken
Requested by
Host: aloricainc.humanity.com
URL: https://aloricainc.humanity.com/app/dashboard/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aloricainc.humanity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 12:50:22 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
access-control-allow-credentials
true
CF-Ray
75145d575ff49968-FRA
frame-modern.f42d0978.js
js.intercomcdn.com/ Frame B6ED 		429 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.f42d0978.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/APP_ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-3.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6e7103ddef0b0e060e1d2e28e78659e730b2c988a055b847a1dd8ff825e6501d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 11:42:01 GMT
content-encoding
gzip
age
4101
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
119923
last-modified
Tue, 27 Sep 2022 11:40:37 GMT
server
AmazonS3
etag
"f50b14ba47b30bd3fdf99fe8ce0a0e18"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-version-id
.DlRJTvMw5ryoyGnhhZ3L5yu6Lfs0CZF
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-type
application/javascript; charset=UTF-8
x-amz-cf-id
pXqilX05EFHBo4IID_ofwV9z5LV8rMywqiUzA5p1hN_sZ9n-PCt2BQ==
vendor-modern.06d8cc88.js
js.intercomcdn.com/ Frame B6ED 		219 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.06d8cc88.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/APP_ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-3.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4a43bd6496e90ee4bec087a1f1be303515b6013519ee74d5edcf4418272d25ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
7l4nTvk4uGKPKi1EwIfz6UIXQ7L8IXZs
content-encoding
gzip
etag
"ee53367269d2c6fdbb67e3c89200e500"
age
6444
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
vary
Accept-Encoding
content-length
69354
last-modified
Tue, 27 Sep 2022 09:01:24 GMT
server
AmazonS3
date
Tue, 27 Sep 2022 11:02:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=UTF-8
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-amz-cf-id
VowG6r_jIQcB9Rs_MviOiNsa56V_O_OnzFWLTFVFSC5qxODX6qPEbg==
styles__ltr.css
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/ Frame 54DC 		52 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=ovmhLiigaw4D9ujHYlHcKKhP&k=6Lelv00UAAAAAKn8M5l16Q6gi_8HbATp10Dovt_K
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 09:50:32 GMT
x-content-type-options
nosniff
age
10790
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52762
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 04:01:43 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Sep 2023 09:50:32 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/ Frame 54DC 		391 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=ovmhLiigaw4D9ujHYlHcKKhP&k=6Lelv00UAAAAAKn8M5l16Q6gi_8HbATp10Dovt_K
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ad74b30972057e9efc8dd2c5d013ed97938050ceab38f1209780d584bcd6fb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:46:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
236
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
159555
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 04:01:43 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Sep 2023 12:46:26 GMT
ping
api-iam.intercom.io/messenger/web/ Frame B6ED 		51 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.f42d0978.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.21.231.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-231-73.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b524e6ce88a342b6ec26ed4e1ab52e9adb2519a71526a4203c8b02c6e4cd4fed
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 27 Sep 2022 12:50:23 GMT
content-encoding
gzip
x-ami-version
ami-0cfcfd89bf8b8e104
status
200 OK
strict-transport-security
max-age=31556952; includeSubDomains; preload
vary
Accept,Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
0000apc4sc7gsc1minbg
x-runtime
0.644301
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"b524e6ce88a342b6ec26ed4e1ab52e9a"
x-ratelimit-remaining
13320
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://aloricainc.humanity.com
x-intercom-version
0c4fd0b628ee38189f5b19052dc91e01bd6e5692
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-ratelimit-reset
1664283030
x-ratelimit-limit
13333
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-content-type-options
nosniff
3a87bc3634
bam.nr-data.net/events/1/ 		24 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/3a87bc3634?a=519443915&v=1216.487a282&to=MVYBMRNXVxBSB0YKWwgcIBASQlYOHCN3Nw4HQxNLBVdKC1ELUxFQ&rst=1834&ck=1&ref=https://aloricainc.humanity.com/app/dashboard/
Requested by
Host: aloricainc.humanity.com
URL: https://aloricainc.humanity.com/app/dashboard/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://aloricainc.humanity.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
content-type
text/plain

Response headers

Date
Tue, 27 Sep 2022 12:50:22 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://aloricainc.humanity.com
access-control-allow-credentials
true
Connection
keep-alive
CF-Ray
75145d597bf29968-FRA
Content-Length
24

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| NREUM object| newrelic function| __nr_require string| _nowTimestamp_ number| _Today_ string| _base_ string| _cookieDomain_ string| _static_ string| _avatars_ string| _noimg_ string| _icon_ string| _images_ string| _domainName_ string| _csrfToken_ string| _sentryJsDsn_ string| _googleApiKey_ string| _segmentKey_ string| _googleReCaptchaKey_ string| _application_env_ boolean| stIsIE number| _timer function| dean_addEvent function| removeEvent function| handleEvent function| fixEvent function| forEach function| $ function| jQuery object| sorttable object| params object| gt function| _ function| pgettext function| ngettext function| npgettext object| i18n function| _s function| _p function| _sd function| _pd boolean| isCaptchaRequired function| pulse function| closeModal function| showModal function| _status function| clearStatus function| LoginUser function| toggleSSOLogin function| LoginWithSSO function| validateDomainName function| RequestAccess function| isValidEmail function| SendMessage function| GetCarriers function| SendSMS function| getCookie function| ModalDomainTrail function| ModalDomainClean function| isValidPhone function| initializeCaptcha function| shutdownIntercomSession function| insert_text object| Forum object| StorageService function| DOMPurify function| Gettext function| DynamicUrl function| configSetup function| getCsrfTokenName function| getEnvDomain object| Config object| Sentry object| DOMPurifyService object| ObjectAssign object| Raven object| Placeholders object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| goBack function| requestAccess object| intercomSettings function| Intercom object| recaptcha object| closure_lm_243677 function| __intercomAssignLocation

4 Cookies

Domain/Path Name / Value
.humanity.com/ Name: PHPSESSID
Value: uhct54d1d84vv51uecuteloe01
.nr-data.net/ Name: JSESSIONID
Value: c94311a98beba094
.humanity.com/ Name: intercom-id-vakp3efi
Value: 23b33e1b-ee86-47fd-898c-45bf223e50a7
.humanity.com/ Name: intercom-session-vakp3efi
Value:

1 Console Messages

Source Level URL
Text
network error URL: https://aloricainc.humanity.com/logos/large_345518-logos_5b64548b4cc058.44055065.png
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aloricainc.humanity.com
api-iam.intercom.io
bam.nr-data.net
fonts.gstatic.com
js-agent.newrelic.com
js.intercomcdn.com
widget.intercom.io
www.google.com
www.gstatic.com
107.21.231.73
13.224.189.35
13.224.189.48
151.101.194.137
162.247.241.14
18.66.147.3
2a00:1450:4001:800::2003
2a00:1450:4001:811::2004
2a00:1450:4001:829::2003
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
16ed1b7b33cd8e3a2b7a59c83d6fae6a22db55a4d9f7ee1231dcf3dbec8c868c
1fb8ea5cd16e027fc12e8345454a514e2f28f4f54b2847acd74ca8a6da55d7e3
4501b0c41bd6ffd12d34114eed5113b9e136f5f1715d7b4348dd1ccb570470f9
4a43bd6496e90ee4bec087a1f1be303515b6013519ee74d5edcf4418272d25ac
4b424d73a944f41d95c60333c46cb5a2791d2c7dc225e4c6410c36a0ee92fe43
4df64a1e7e7a424db6679c8e9834ee693480de1f6d5d7774a68345dc2e5f212e
50dd16b8a8b89c6b29d7f1513435e543da876361aeadac1d72038a9f4eb2d307
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe
6e7103ddef0b0e060e1d2e28e78659e730b2c988a055b847a1dd8ff825e6501d
6f3669fbe1a805ca069781d8c3a995a7c013467d4a31581f60263e9588bcab77
7889a530eb199317ef78588066cf9601172ebffaf5888b53451e7ca392f1b67e
8ad74b30972057e9efc8dd2c5d013ed97938050ceab38f1209780d584bcd6fb3
9546aa8f1700f135337613ed9795567f4e18dfdf00115720674ee4747daec8aa
9a8b288011a24f8648f26f54255f64417f163106fef952c04bcac29a0b03d697
a9ef021078603005c0b08fba881f1a7eb62ef213238021f3e8a4a00daa60b9d6
b524e6ce88a342b6ec26ed4e1ab52e9adb2519a71526a4203c8b02c6e4cd4fed
b6e514cc76e992088f9d32ea96d7ab599ac2f29219e1c4ca0a70c7db354bdc7c
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
d00e330e4d62b471d21af970610d7132a7011938e7d7491197f62ca8ad03a728
da920654418af62c4f332f365270de3751821eb4168ce84281d67bacbba900ed
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
f9eef5a331478ca0d6432c85f61a37c7810f01aaf6431cbdcf922cc99d02a801