account-dev.meethue.com Open in urlscan Pro
34.98.67.102  Public Scan

8 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response account-dev.meethue.com/	3 KB 2 KB	56ms 21ms	Document text/html	34.98.67.102 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://account-dev.meethue.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.67.102 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 102.67.98.34.bc.googleusercontent.com Software envoy / Resource Hash ea575939ab5cc906f1f6f53fb50bff4dc451721e259f73f2764fc2c82a4a74f1 Security Headers Name Value Content-Security-Policy default-src 'self' auth-dev.meethue.com; connect-src 'self' auth-dev.meethue.com https://emcm6kvdy6.execute-api.eu-west-1.amazonaws.com/default/eloqua_unsubscribe; frame-src 'self' auth-dev.meethue.com; img-src 'self' auth-dev.meethue.com data:; object-src 'none'; script-src 'self' auth-dev.meethue.com 'unsafe-inline'; style-src 'self' Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers content-security-policy default-src 'self' auth-dev.meethue.com; connect-src 'self' auth-dev.meethue.com https://emcm6kvdy6.execute-api.eu-west-1.amazonaws.com/default/eloqua_unsubscribe; frame-src 'self' auth-dev.meethue.com; img-src 'self' auth-dev.meethue.com data:; object-src 'none'; script-src 'self' auth-dev.meethue.com 'unsafe-inline'; style-src 'self' x-frame-options SAMEORIGIN strict-transport-security max-age=15552000; includeSubDomains x-download-options noopen x-content-type-options nosniff referrer-policy no-referrer x-xss-protection 1; mode=block permissions-policy interest-cohort=() vary Origin, Accept-Encoding accept-ranges bytes cache-control public, max-age=0 last-modified Mon, 22 Nov 2021 12:00:18 GMT etag W/"a6e-17d4784b1bc" content-type text/html; charset=UTF-8 content-encoding gzip date Mon, 22 Nov 2021 15:05:26 GMT x-envoy-upstream-service-time 1 x-cluster-backend heimdall-server server envoy via 1.1 google alt-svc clear
GET H2	200	2.6da15fdb.chunk.css account-dev.meethue.com/static/css/	3 KB 1 KB	24ms 23ms	Stylesheet text/css	34.98.67.102 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://account-dev.meethue.com/static/css/2.6da15fdb.chunk.css Requested by Host: account-dev.meethue.com URL: https://account-dev.meethue.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.67.102 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 102.67.98.34.bc.googleusercontent.com Software envoy / Resource Hash 97b33683aa112505e063b1a13f7b3a71ce826e4ce326c3ae6f8e0ae7d9013067 Security Headers Name Value Content-Security-Policy default-src 'self' auth-dev.meethue.com; connect-src 'self' auth-dev.meethue.com https://emcm6kvdy6.execute-api.eu-west-1.amazonaws.com/default/eloqua_unsubscribe; frame-src 'self' auth-dev.meethue.com; img-src 'self' auth-dev.meethue.com data:; object-src 'none'; script-src 'self' auth-dev.meethue.com 'unsafe-inline'; style-src 'self' Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains content-encoding gzip etag W/"a59-0" x-envoy-upstream-service-time 4 alt-svc clear x-xss-protection 1; mode=block content-security-policy default-src 'self' auth-dev.meethue.com; connect-src 'self' auth-dev.meethue.com https://emcm6kvdy6.execute-api.eu-west-1.amazonaws.com/default/eloqua_unsubscribe; frame-src 'self' auth-dev.meethue.com; img-src 'self' auth-dev.meethue.com data:; object-src 'none'; script-src 'self' auth-dev.meethue.com 'unsafe-inline'; style-src 'self' referrer-policy no-referrer last-modified Thu, 01 Jan 1970 00:00:00 GMT server envoy x-frame-options SAMEORIGIN date Mon, 22 Nov 2021 15:05:26 GMT x-download-options noopen vary Origin, Accept-Encoding content-type text/css; charset=UTF-8 via 1.1 google cache-control public, max-age=86400 permissions-policy interest-cohort=() x-cluster-backend heimdall-server accept-ranges bytes x-content-type-options nosniff
GET H2	200	main.63b0c4a6.chunk.css account-dev.meethue.com/static/css/	75 KB 15 KB	25ms 24ms	Stylesheet text/css	34.98.67.102 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://account-dev.meethue.com/static/css/main.63b0c4a6.chunk.css Requested by Host: account-dev.meethue.com URL: https://account-dev.meethue.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.67.102 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 102.67.98.34.bc.googleusercontent.com Software envoy / Resource Hash 9f5acbe16b2f03d901156f339de1e415983af575dd477553ce8c4973394f6214 Security Headers Name Value Content-Security-Policy default-src 'self' auth-dev.meethue.com; connect-src 'self' auth-dev.meethue.com https://emcm6kvdy6.execute-api.eu-west-1.amazonaws.com/default/eloqua_unsubscribe; frame-src 'self' auth-dev.meethue.com; img-src 'self' auth-dev.meethue.com data:; object-src 'none'; script-src 'self' auth-dev.meethue.com 'unsafe-inline'; style-src 'self' Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains content-encoding gzip etag W/"12b7f-0" x-envoy-upstream-service-time 5 alt-svc clear x-xss-protection 1; mode=block content-security-policy default-src 'self' auth-dev.meethue.com; connect-src 'self' auth-dev.meethue.com https://emcm6kvdy6.execute-api.eu-west-1.amazonaws.com/default/eloqua_unsubscribe; frame-src 'self' auth-dev.meethue.com; img-src 'self' auth-dev.meethue.com data:; object-src 'none'; script-src 'self' auth-dev.meethue.com 'unsafe-inline'; style-src 'self' referrer-policy no-referrer last-modified Thu, 01 Jan 1970 00:00:00 GMT server envoy x-frame-options SAMEORIGIN date Mon, 22 Nov 2021 15:05:26 GMT x-download-options noopen vary Origin, Accept-Encoding content-type text/css; charset=UTF-8 via 1.1 google cache-control public, max-age=86400 permissions-policy interest-cohort=() x-cluster-backend heimdall-server accept-ranges bytes x-content-type-options nosniff
GET H2	200	2.b83c386f.chunk.js Show response account-dev.meethue.com/static/js/	2 MB 477 KB	25ms 25ms	Script application/javascript	34.98.67.102 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://account-dev.meethue.com/static/js/2.b83c386f.chunk.js Requested by Host: account-dev.meethue.com URL: https://account-dev.meethue.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.67.102 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 102.67.98.34.bc.googleusercontent.com Software envoy / Resource Hash 77343272c62298e30f241333a041eb30f6a885674a845ec4c3bff0424dd949c2 Security Headers Name Value Content-Security-Policy default-src 'self' auth-dev.meethue.com; connect-src 'self' auth-dev.meethue.com https://emcm6kvdy6.execute-api.eu-west-1.amazonaws.com/default/eloqua_unsubscribe; frame-src 'self' auth-dev.meethue.com; img-src 'self' auth-dev.meethue.com data:; object-src 'none'; script-src 'self' auth-dev.meethue.com 'unsafe-inline'; style-src 'self' Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains content-encoding gzip etag W/"19b973-0" x-envoy-upstream-service-time 5 alt-svc clear x-xss-protection 1; mode=block content-security-policy default-src 'self' auth-dev.meethue.com; connect-src 'self' auth-dev.meethue.com https://emcm6kvdy6.execute-api.eu-west-1.amazonaws.com/default/eloqua_unsubscribe; frame-src 'self' auth-dev.meethue.com; img-src 'self' auth-dev.meethue.com data:; object-src 'none'; script-src 'self' auth-dev.meethue.com 'unsafe-inline'; style-src 'self' referrer-policy no-referrer last-modified Thu, 01 Jan 1970 00:00:00 GMT server envoy x-frame-options SAMEORIGIN date Mon, 22 Nov 2021 15:05:26 GMT x-download-options noopen vary Origin, Accept-Encoding content-type application/javascript; charset=UTF-8 via 1.1 google cache-control public, max-age=86400 permissions-policy interest-cohort=() x-cluster-backend heimdall-server accept-ranges bytes x-content-type-options nosniff
GET H2	200	main.22591729.chunk.js Show response account-dev.meethue.com/static/js/	834 KB 184 KB	27ms 27ms	Script application/javascript	34.98.67.102 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://account-dev.meethue.com/static/js/main.22591729.chunk.js Requested by Host: account-dev.meethue.com URL: https://account-dev.meethue.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.67.102 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 102.67.98.34.bc.googleusercontent.com Software envoy / Resource Hash c1f7bc73129faa8a5460051c2f0301af2e8775d92ef8905e3b5e331c50fa1dd8 Security Headers Name Value Content-Security-Policy default-src 'self' auth-dev.meethue.com; connect-src 'self' auth-dev.meethue.com https://emcm6kvdy6.execute-api.eu-west-1.amazonaws.com/default/eloqua_unsubscribe; frame-src 'self' auth-dev.meethue.com; img-src 'self' auth-dev.meethue.com data:; object-src 'none'; script-src 'self' auth-dev.meethue.com 'unsafe-inline'; style-src 'self' Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains content-encoding gzip etag W/"d068a-0" x-envoy-upstream-service-time 6 alt-svc clear x-xss-protection 1; mode=block content-security-policy default-src 'self' auth-dev.meethue.com; connect-src 'self' auth-dev.meethue.com https://emcm6kvdy6.execute-api.eu-west-1.amazonaws.com/default/eloqua_unsubscribe; frame-src 'self' auth-dev.meethue.com; img-src 'self' auth-dev.meethue.com data:; object-src 'none'; script-src 'self' auth-dev.meethue.com 'unsafe-inline'; style-src 'self' referrer-policy no-referrer last-modified Thu, 01 Jan 1970 00:00:00 GMT server envoy x-frame-options SAMEORIGIN date Mon, 22 Nov 2021 15:05:26 GMT x-download-options noopen vary Origin, Accept-Encoding content-type application/javascript; charset=UTF-8 via 1.1 google cache-control public, max-age=86400 permissions-policy interest-cohort=() x-cluster-backend heimdall-server accept-ranges bytes x-content-type-options nosniff
POST H2	200	track-interaction Show response account-dev.meethue.com/api/	2 B 237 B	18ms 17ms	Fetch text/plain	34.98.67.102 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://account-dev.meethue.com/api/track-interaction Requested by Host: account-dev.meethue.com URL: https://account-dev.meethue.com/static/js/2.b83c386f.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.67.102 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 102.67.98.34.bc.googleusercontent.com Software envoy / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Security Headers Name Value Content-Security-Policy default-src 'self' auth-dev.meethue.com; connect-src 'self' auth-dev.meethue.com https://emcm6kvdy6.execute-api.eu-west-1.amazonaws.com/default/eloqua_unsubscribe; frame-src 'self' auth-dev.meethue.com; img-src 'self' auth-dev.meethue.com data:; object-src 'none'; script-src 'self' auth-dev.meethue.com 'unsafe-inline'; style-src 'self' Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept application/vnd.heimdall.v1+json Referer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type application/vnd.heimdall.v1+json Response headers strict-transport-security max-age=15552000; includeSubDomains via 1.1 google x-content-type-options nosniff x-envoy-upstream-service-time 2 x-cluster-backend heimdall-server alt-svc clear content-length 2 x-xss-protection 1; mode=block referrer-policy no-referrer server envoy date Mon, 22 Nov 2021 15:05:26 GMT x-download-options noopen x-frame-options SAMEORIGIN content-type text/plain; charset=utf-8 access-control-allow-origin https://account-dev.meethue.com vary Accept-Encoding permissions-policy interest-cohort=() etag "2-nOO9QiTIwXgNtWtBJezz8kv3SLc" content-security-policy default-src 'self' auth-dev.meethue.com; connect-src 'self' auth-dev.meethue.com https://emcm6kvdy6.execute-api.eu-west-1.amazonaws.com/default/eloqua_unsubscribe; frame-src 'self' auth-dev.meethue.com; img-src 'self' auth-dev.meethue.com data:; object-src 'none'; script-src 'self' auth-dev.meethue.com 'unsafe-inline'; style-src 'self' hue-trace-id 13c63433-0ecf-45ab-8f85-23c1086379ac access-control-expose-headers grpc-status,grpc-message
GET H2	200	config Show response account-dev.meethue.com/api/	19 KB 3 KB	21ms 21ms	Fetch application/vnd.heimdall.v1+json	34.98.67.102 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://account-dev.meethue.com/api/config Requested by Host: account-dev.meethue.com URL: https://account-dev.meethue.com/static/js/2.b83c386f.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.67.102 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 102.67.98.34.bc.googleusercontent.com Software envoy / Resource Hash e7ebdf88c6eb543ab6ecb7c0de768f24f42a12820dfa6454438675ef6da313b2 Security Headers Name Value Content-Security-Policy default-src 'self' auth-dev.meethue.com; connect-src 'self' auth-dev.meethue.com https://emcm6kvdy6.execute-api.eu-west-1.amazonaws.com/default/eloqua_unsubscribe; frame-src 'self' auth-dev.meethue.com; img-src 'self' auth-dev.meethue.com data:; object-src 'none'; script-src 'self' auth-dev.meethue.com 'unsafe-inline'; style-src 'self' Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept application/vnd.heimdall.v1+json Referer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains content-encoding gzip x-content-type-options nosniff x-envoy-upstream-service-time 3 x-cluster-backend heimdall-server alt-svc clear x-xss-protection 1; mode=block referrer-policy no-referrer server envoy date Mon, 22 Nov 2021 15:05:26 GMT x-download-options noopen x-frame-options SAMEORIGIN content-type application/vnd.heimdall.v1+json; charset=utf-8 via 1.1 google vary Accept, Accept-Encoding permissions-policy interest-cohort=() etag "4c33-eI6NZnmqnn+cAgSqTkVVxbOFg7g" content-security-policy default-src 'self' auth-dev.meethue.com; connect-src 'self' auth-dev.meethue.com https://emcm6kvdy6.execute-api.eu-west-1.amazonaws.com/default/eloqua_unsubscribe; frame-src 'self' auth-dev.meethue.com; img-src 'self' auth-dev.meethue.com data:; object-src 'none'; script-src 'self' auth-dev.meethue.com 'unsafe-inline'; style-src 'self' hue-trace-id bf30f3c2-bf3c-4eb1-94c5-29b24e1de60c
GET H2	200	logo_philips.5ceaa20a.svg account-dev.meethue.com/static/media/	1 KB 675 B	33ms 33ms	Image image/svg+xml	34.98.67.102 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://account-dev.meethue.com/static/media/logo_philips.5ceaa20a.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.67.102 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 102.67.98.34.bc.googleusercontent.com Software envoy / Resource Hash b96df9f2661e7e30c3693b1808608300750a594b58f46251f12641f4960f8f11 Security Headers Name Value Content-Security-Policy default-src 'self' auth-dev.meethue.com; connect-src 'self' auth-dev.meethue.com https://emcm6kvdy6.execute-api.eu-west-1.amazonaws.com/default/eloqua_unsubscribe; frame-src 'self' auth-dev.meethue.com; img-src 'self' auth-dev.meethue.com data:; object-src 'none'; script-src 'self' auth-dev.meethue.com 'unsafe-inline'; style-src 'self' Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains content-encoding gzip etag W/"43c-0" x-envoy-upstream-service-time 2 alt-svc clear x-xss-protection 1; mode=block content-security-policy default-src 'self' auth-dev.meethue.com; connect-src 'self' auth-dev.meethue.com https://emcm6kvdy6.execute-api.eu-west-1.amazonaws.com/default/eloqua_unsubscribe; frame-src 'self' auth-dev.meethue.com; img-src 'self' auth-dev.meethue.com data:; object-src 'none'; script-src 'self' auth-dev.meethue.com 'unsafe-inline'; style-src 'self' referrer-policy no-referrer last-modified Thu, 01 Jan 1970 00:00:00 GMT server envoy x-frame-options SAMEORIGIN date Mon, 22 Nov 2021 15:05:26 GMT x-download-options noopen vary Origin, Accept-Encoding content-type image/svg+xml via 1.1 google cache-control public, max-age=86400 permissions-policy interest-cohort=() x-cluster-backend heimdall-server accept-ranges bytes x-content-type-options nosniff
GET DATA	200 OK	truncated /	6 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e096fb3144c0f4446a9946b9f4f8ff4ca1cdf414049ec050fb5f9dcc1a17538f Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/png
GET H2	200	logo_hue.f3292cc2.svg account-dev.meethue.com/static/media/	8 KB 2 KB	35ms 34ms	Image image/svg+xml	34.98.67.102 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://account-dev.meethue.com/static/media/logo_hue.f3292cc2.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.67.102 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 102.67.98.34.bc.googleusercontent.com Software envoy / Resource Hash 939695504b916842e3ecb778f2db38d562ba52b600c4cd2fbcac138556a69ef5 Security Headers Name Value Content-Security-Policy default-src 'self' auth-dev.meethue.com; connect-src 'self' auth-dev.meethue.com https://emcm6kvdy6.execute-api.eu-west-1.amazonaws.com/default/eloqua_unsubscribe; frame-src 'self' auth-dev.meethue.com; img-src 'self' auth-dev.meethue.com data:; object-src 'none'; script-src 'self' auth-dev.meethue.com 'unsafe-inline'; style-src 'self' Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains content-encoding gzip etag W/"1f84-0" x-envoy-upstream-service-time 2 alt-svc clear x-xss-protection 1; mode=block content-security-policy default-src 'self' auth-dev.meethue.com; connect-src 'self' auth-dev.meethue.com https://emcm6kvdy6.execute-api.eu-west-1.amazonaws.com/default/eloqua_unsubscribe; frame-src 'self' auth-dev.meethue.com; img-src 'self' auth-dev.meethue.com data:; object-src 'none'; script-src 'self' auth-dev.meethue.com 'unsafe-inline'; style-src 'self' referrer-policy no-referrer last-modified Thu, 01 Jan 1970 00:00:00 GMT server envoy x-frame-options SAMEORIGIN date Mon, 22 Nov 2021 15:05:26 GMT x-download-options noopen vary Origin, Accept-Encoding content-type image/svg+xml via 1.1 google cache-control public, max-age=86400 permissions-policy interest-cohort=() x-cluster-backend heimdall-server accept-ranges bytes x-content-type-options nosniff
GET DATA	200 OK	truncated /	286 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash dee787deb5a8392cff7fd180bc999d78818cfdd0502cf602ddd21cf3bddfec9f Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	CentraleSans-Bold.5cdac922.woff account-dev.meethue.com/static/media/	70 KB 70 KB	44ms 43ms	Font font/woff	34.98.67.102 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://account-dev.meethue.com/static/media/CentraleSans-Bold.5cdac922.woff Requested by Host: account-dev.meethue.com URL: https://account-dev.meethue.com/static/css/main.63b0c4a6.chunk.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.67.102 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 102.67.98.34.bc.googleusercontent.com Software envoy / Resource Hash bef4bd4e874eab6b20942194a6e57d5064eb0c7b5ccf1786b82b313dba6d4afb Security Headers Name Value Content-Security-Policy default-src 'self' auth-dev.meethue.com; connect-src 'self' auth-dev.meethue.com https://emcm6kvdy6.execute-api.eu-west-1.amazonaws.com/default/eloqua_unsubscribe; frame-src 'self' auth-dev.meethue.com; img-src 'self' auth-dev.meethue.com data:; object-src 'none'; script-src 'self' auth-dev.meethue.com 'unsafe-inline'; style-src 'self' Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer Origin https://account-dev.meethue.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains via 1.1 google etag W/"1186c-0" x-envoy-upstream-service-time 3 alt-svc clear content-length 71788 x-xss-protection 1; mode=block content-security-policy default-src 'self' auth-dev.meethue.com; connect-src 'self' auth-dev.meethue.com https://emcm6kvdy6.execute-api.eu-west-1.amazonaws.com/default/eloqua_unsubscribe; frame-src 'self' auth-dev.meethue.com; img-src 'self' auth-dev.meethue.com data:; object-src 'none'; script-src 'self' auth-dev.meethue.com 'unsafe-inline'; style-src 'self' referrer-policy no-referrer last-modified Thu, 01 Jan 1970 00:00:00 GMT server envoy x-frame-options SAMEORIGIN date Mon, 22 Nov 2021 15:05:26 GMT x-download-options noopen vary Origin content-type font/woff access-control-allow-origin https://account-dev.meethue.com access-control-expose-headers grpc-status,grpc-message cache-control public, max-age=86400 permissions-policy interest-cohort=() x-cluster-backend heimdall-server accept-ranges bytes x-content-type-options nosniff
GET H2	200	CentraleSans-Book.a4508762.woff account-dev.meethue.com/static/media/	70 KB 71 KB	42ms 41ms	Font font/woff	34.98.67.102 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://account-dev.meethue.com/static/media/CentraleSans-Book.a4508762.woff Requested by Host: account-dev.meethue.com URL: https://account-dev.meethue.com/static/css/main.63b0c4a6.chunk.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.67.102 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 102.67.98.34.bc.googleusercontent.com Software envoy / Resource Hash 1f07f9dc8cca9df8091ebfba0c64e846c61f1cacd927756e6690f6050bdcf067 Security Headers Name Value Content-Security-Policy default-src 'self' auth-dev.meethue.com; connect-src 'self' auth-dev.meethue.com https://emcm6kvdy6.execute-api.eu-west-1.amazonaws.com/default/eloqua_unsubscribe; frame-src 'self' auth-dev.meethue.com; img-src 'self' auth-dev.meethue.com data:; object-src 'none'; script-src 'self' auth-dev.meethue.com 'unsafe-inline'; style-src 'self' Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer Origin https://account-dev.meethue.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains via 1.1 google etag W/"1198c-0" x-envoy-upstream-service-time 3 alt-svc clear content-length 72076 x-xss-protection 1; mode=block content-security-policy default-src 'self' auth-dev.meethue.com; connect-src 'self' auth-dev.meethue.com https://emcm6kvdy6.execute-api.eu-west-1.amazonaws.com/default/eloqua_unsubscribe; frame-src 'self' auth-dev.meethue.com; img-src 'self' auth-dev.meethue.com data:; object-src 'none'; script-src 'self' auth-dev.meethue.com 'unsafe-inline'; style-src 'self' referrer-policy no-referrer last-modified Thu, 01 Jan 1970 00:00:00 GMT server envoy x-frame-options SAMEORIGIN date Mon, 22 Nov 2021 15:05:26 GMT x-download-options noopen vary Origin content-type font/woff access-control-allow-origin https://account-dev.meethue.com access-control-expose-headers grpc-status,grpc-message cache-control public, max-age=86400 permissions-policy interest-cohort=() x-cluster-backend heimdall-server accept-ranges bytes x-content-type-options nosniff
GET H2	200	philips-global-icon-font.b85429fb.woff account-dev.meethue.com/static/media/	52 KB 52 KB	42ms 42ms	Font font/woff	34.98.67.102 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://account-dev.meethue.com/static/media/philips-global-icon-font.b85429fb.woff Requested by Host: account-dev.meethue.com URL: https://account-dev.meethue.com/static/css/main.63b0c4a6.chunk.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.67.102 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 102.67.98.34.bc.googleusercontent.com Software envoy / Resource Hash 94c0fc6bb9eccba0338d247362dccea288604f31199512aa3bf6691e9dfac390 Security Headers Name Value Content-Security-Policy default-src 'self' auth-dev.meethue.com; connect-src 'self' auth-dev.meethue.com https://emcm6kvdy6.execute-api.eu-west-1.amazonaws.com/default/eloqua_unsubscribe; frame-src 'self' auth-dev.meethue.com; img-src 'self' auth-dev.meethue.com data:; object-src 'none'; script-src 'self' auth-dev.meethue.com 'unsafe-inline'; style-src 'self' Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer Origin https://account-dev.meethue.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains via 1.1 google etag W/"cf90-0" x-envoy-upstream-service-time 3 alt-svc clear content-length 53136 x-xss-protection 1; mode=block content-security-policy default-src 'self' auth-dev.meethue.com; connect-src 'self' auth-dev.meethue.com https://emcm6kvdy6.execute-api.eu-west-1.amazonaws.com/default/eloqua_unsubscribe; frame-src 'self' auth-dev.meethue.com; img-src 'self' auth-dev.meethue.com data:; object-src 'none'; script-src 'self' auth-dev.meethue.com 'unsafe-inline'; style-src 'self' referrer-policy no-referrer last-modified Thu, 01 Jan 1970 00:00:00 GMT server envoy x-frame-options SAMEORIGIN date Mon, 22 Nov 2021 15:05:26 GMT x-download-options noopen vary Origin content-type font/woff access-control-allow-origin https://account-dev.meethue.com access-control-expose-headers grpc-status,grpc-message cache-control public, max-age=86400 permissions-policy interest-cohort=() x-cluster-backend heimdall-server accept-ranges bytes x-content-type-options nosniff

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| webpackJsonpheimdall-client function| setImmediate function| clearImmediate object| regeneratorRuntime string| RaygunObject function| rg4js object| TraceKit object| webVitals function| raygunUtilityFactory function| raygunNetworkTrackingFactory function| raygunBreadcrumbsFactory function| raygunCoreWebVitalFactory object| Raygun object| proto function| _

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' auth-dev.meethue.com; connect-src 'self' auth-dev.meethue.com https://emcm6kvdy6.execute-api.eu-west-1.amazonaws.com/default/eloqua_unsubscribe; frame-src 'self' auth-dev.meethue.com; img-src 'self' auth-dev.meethue.com data:; object-src 'none'; script-src 'self' auth-dev.meethue.com 'unsafe-inline'; style-src 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account-dev.meethue.com
34.98.67.102
1f07f9dc8cca9df8091ebfba0c64e846c61f1cacd927756e6690f6050bdcf067
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
77343272c62298e30f241333a041eb30f6a885674a845ec4c3bff0424dd949c2
939695504b916842e3ecb778f2db38d562ba52b600c4cd2fbcac138556a69ef5
94c0fc6bb9eccba0338d247362dccea288604f31199512aa3bf6691e9dfac390
97b33683aa112505e063b1a13f7b3a71ce826e4ce326c3ae6f8e0ae7d9013067
9f5acbe16b2f03d901156f339de1e415983af575dd477553ce8c4973394f6214
b96df9f2661e7e30c3693b1808608300750a594b58f46251f12641f4960f8f11
bef4bd4e874eab6b20942194a6e57d5064eb0c7b5ccf1786b82b313dba6d4afb
c1f7bc73129faa8a5460051c2f0301af2e8775d92ef8905e3b5e331c50fa1dd8
dee787deb5a8392cff7fd180bc999d78818cfdd0502cf602ddd21cf3bddfec9f
e096fb3144c0f4446a9946b9f4f8ff4ca1cdf414049ec050fb5f9dcc1a17538f
e7ebdf88c6eb543ab6ecb7c0de768f24f42a12820dfa6454438675ef6da313b2
ea575939ab5cc906f1f6f53fb50bff4dc451721e259f73f2764fc2c82a4a74f1