verification.ltdphoenix.com Open in urlscan Pro
18.238.4.108  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response verification.ltdphoenix.com/	5 KB 2 KB	176ms 64ms	Document text/html	18.238.4.108 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://verification.ltdphoenix.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.238.4.108 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-4-108.phl51.r.cloudfront.net Software AmazonS3 / Resource Hash e06e089264c800088e1eb8436718f4ca9651382df39903d8c9ecee013debb57f Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 accept-language en-US,en;q=0.9 Response headers age 2119 content-encoding br content-type text/html date Tue, 26 Sep 2023 09:00:00 GMT etag W/"0debd56374ec3d80f08df3603603d27d" last-modified Thu, 14 Sep 2023 01:20:17 GMT server AmazonS3 vary Accept-Encoding via 1.1 134fb7548a823d9dbc3efc247941f8ec.cloudfront.net (CloudFront) x-amz-cf-id YNAisuURcsBCNM4Qiwl0ZJXKMllrSLgAmzOocn3IQD62-75_CjM30w== x-amz-cf-pop PHL51-P1 x-cache Hit from cloudfront
GET H2	200	main.a9e1b318.chunk.css verification.ltdphoenix.com/static/css/	4 KB 2 KB	72ms 71ms	Stylesheet text/css	18.238.4.108 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://verification.ltdphoenix.com/static/css/main.a9e1b318.chunk.css Requested by Host: verification.ltdphoenix.com URL: https://verification.ltdphoenix.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.238.4.108 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-4-108.phl51.r.cloudfront.net Software AmazonS3 / Resource Hash 42a7699f81a57e697705957c33bf416fcf7882262bb5edcf51475b8327ccff7a Request headers accept-language en-US,en;q=0.9 Referer https://verification.ltdphoenix.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 09:00:00 GMT content-encoding br via 1.1 134fb7548a823d9dbc3efc247941f8ec.cloudfront.net (CloudFront) last-modified Thu, 14 Sep 2023 01:20:17 GMT server AmazonS3 x-amz-cf-pop PHL51-P1 age 2118 etag W/"31d844458b59af2b6f2594cdf3ac2524" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css x-amz-cf-id fdfo5x4LJCEicVJ5K8PZUFFwiyun-a_edDjhtTQ-5mJjRL1vBmoYHg==
GET H2	200	11.c0fbb949.chunk.js Show response verification.ltdphoenix.com/static/js/	403 KB 111 KB	70ms 70ms	Script application/javascript	18.238.4.108 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://verification.ltdphoenix.com/static/js/11.c0fbb949.chunk.js Requested by Host: verification.ltdphoenix.com URL: https://verification.ltdphoenix.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.238.4.108 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-4-108.phl51.r.cloudfront.net Software AmazonS3 / Resource Hash 797903f2ec73fedf07eac3c339892187164e755ffd83c2ea8fe1d864f18254d2 Request headers accept-language en-US,en;q=0.9 Referer https://verification.ltdphoenix.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 09:00:01 GMT content-encoding br via 1.1 134fb7548a823d9dbc3efc247941f8ec.cloudfront.net (CloudFront) last-modified Thu, 14 Sep 2023 01:20:17 GMT server AmazonS3 x-amz-cf-pop PHL51-P1 age 2118 etag W/"85740a174808b13ac1af22f99d135dc8" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id NY01TiC1qtp9ivoiVGhqqxjveokLEMD5_7DbuSs-9bsZ2gOCcaY2-A==
GET H2	200	main.ef3e98bf.chunk.js Show response verification.ltdphoenix.com/static/js/	150 KB 29 KB	149ms 148ms	Script application/javascript	18.238.4.108 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://verification.ltdphoenix.com/static/js/main.ef3e98bf.chunk.js Requested by Host: verification.ltdphoenix.com URL: https://verification.ltdphoenix.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.238.4.108 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-4-108.phl51.r.cloudfront.net Software AmazonS3 / Resource Hash 4cdef036524beab10c6571050ef1e4cb5ce1259fd82140cdff06a66b24d14c66 Request headers accept-language en-US,en;q=0.9 Referer https://verification.ltdphoenix.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 09:00:00 GMT content-encoding br via 1.1 134fb7548a823d9dbc3efc247941f8ec.cloudfront.net (CloudFront) last-modified Thu, 14 Sep 2023 01:20:18 GMT server AmazonS3 x-amz-cf-pop PHL51-P1 age 2118 etag W/"d9ae2c3f347e664492827b1b41d8631f" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id tZONousHjzZ61ksY9EK57GaQFbSHPxhD9bqIYb9VYxYNhxt1-r79MA==
GET H2	200	css2 fonts.googleapis.com/	1 KB 866 B	114ms 45ms	Stylesheet text/css	2607:f8b0:4004:c06::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=VT323&display=swap Requested by Host: verification.ltdphoenix.com URL: https://verification.ltdphoenix.com/static/css/main.a9e1b318.chunk.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c06::5f , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d0d3ef139520233243274cdc34e72ad1f57d39c27768a236907fe89ca7fa0f77 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://verification.ltdphoenix.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 26 Sep 2023 09:35:18 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 26 Sep 2023 08:23:33 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 26 Sep 2023 09:35:18 GMT
GET H2	200	settings Show response cdn.segment.com/v1/projects/E2KncXg4B9F9WLBVcwVAWFE0WUHseBqr/	1 KB 1 KB	156ms 46ms	Fetch application/json	13.224.207.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/v1/projects/E2KncXg4B9F9WLBVcwVAWFE0WUHseBqr/settings Requested by Host: verification.ltdphoenix.com URL: https://verification.ltdphoenix.com/static/js/11.c0fbb949.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.207.4 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-207-4.phl50.r.cloudfront.net Software AmazonS3 / Resource Hash 982cd1f70068c2ed57f943e50a64e0134a356ddf98c891f2acbcbd40b923737f Request headers accept-language en-US,en;q=0.9 Referer https://verification.ltdphoenix.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers x-amz-version-id sKZFe19CtKVjETwKOtGG5UTM7vyzd6nW content-encoding br via 1.1 cf426d8f6e10e609055662f292295434.cloudfront.net (CloudFront) date Tue, 26 Sep 2023 07:17:00 GMT x-amz-cf-pop PHL50-C1 age 8299 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Mon, 09 May 2022 22:30:55 GMT server AmazonS3 etag W/"642505d5808113f00a6a0fe6802f6d79" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/json; charset=utf-8 access-control-allow-origin * cache-control public, max-age=10800 vary Accept-Encoding x-amz-cf-id 9D_kyi7VfIc2Fnd2ZsiYjKLMK4kt2Qcg7wZl7bwDzb-lk_po-86NLQ==
GET H2	200	heap-543395039.js Show response cdn.heapanalytics.com/js/	116 KB 37 KB	136ms 50ms	Script application/javascript	18.238.4.51 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.heapanalytics.com/js/heap-543395039.js Requested by Host: verification.ltdphoenix.com URL: https://verification.ltdphoenix.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.238.4.51 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-4-51.phl51.r.cloudfront.net Software nginx / Express Resource Hash e5cde39b931810cb0cc1f1c1e1af2483bd59c36af5a7e01ff9c090d8af47f691 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://verification.ltdphoenix.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 09:34:58 GMT content-encoding br via 1.1 33529157e9445af08b5b7d15e72166ea.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains server nginx x-amz-cf-pop PHL51-P1 age 20 x-powered-by Express etag W/"1cf65-C9VOj5oCK7kappjWuUhhP8EfCxY" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 cache-control public, max-age=120 alt-svc h3=":443"; ma=86400 x-amz-cf-id YGS5VyHpDsXSNU4REU-mudy_32KR_QHfRORm2p2Nohshs16tswWXkA==
GET H2	200	ajs-destination.8270964d.chunk.js Show response verification.ltdphoenix.com/static/js/	9 KB 3 KB	64ms 64ms	Script application/javascript	18.238.4.108 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://verification.ltdphoenix.com/static/js/ajs-destination.8270964d.chunk.js Requested by Host: verification.ltdphoenix.com URL: https://verification.ltdphoenix.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.238.4.108 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-4-108.phl51.r.cloudfront.net Software AmazonS3 / Resource Hash 9ab569ab9df38ab72b2c9901efcaffd2eae1e0f99436eff9309976bdf737757f Request headers accept-language en-US,en;q=0.9 Referer https://verification.ltdphoenix.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 09:00:01 GMT content-encoding br via 1.1 134fb7548a823d9dbc3efc247941f8ec.cloudfront.net (CloudFront) last-modified Thu, 14 Sep 2023 01:20:17 GMT server AmazonS3 x-amz-cf-pop PHL51-P1 age 2118 etag W/"e8967a11b129e3d23e5846219d1483e8" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id cJEuGjeRtgqq0ftzggVLnot_Y9WXDWiIEVQpUYQMe8iHEYH_IOuYPA==
GET H2	200	container.js Show response cdn.heapanalytics.com/js/replay/8688-Development-prod-heap/	9 KB 5 KB	48ms 47ms	Script application/javascript	18.238.4.51 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.heapanalytics.com/js/replay/8688-Development-prod-heap/container.js Requested by Host: cdn.heapanalytics.com URL: https://cdn.heapanalytics.com/js/heap-543395039.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.238.4.51 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-4-51.phl51.r.cloudfront.net Software AmazonS3 / Resource Hash aa86d05bc3437299261ded025096e92120908ac06b663b62b568533d7d0f8ef5 Request headers accept-language en-US,en;q=0.9 Referer https://verification.ltdphoenix.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers x-amz-version-id 0HLFI1C9Sge95rcST4Bz96fMUL6RfMvi content-encoding gzip via 1.1 33529157e9445af08b5b7d15e72166ea.cloudfront.net (CloudFront) date Tue, 26 Sep 2023 09:34:59 GMT x-amz-cf-pop PHL51-P1 age 20 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 content-length 4339 last-modified Wed, 13 Sep 2023 14:36:10 GMT server AmazonS3 etag "7efad9d52152854fd9cef727366734c6" content-type application/javascript cache-control public,max-age=86400 accept-ranges bytes x-amz-cf-id DCw0sn0vuqOP-ZJkk2bTqfHw8NBjKVH-BfZYiZqdD0noR6CP7oXqvA==
GET H2	200	schemaFilter.4c36d1ad.chunk.js Show response verification.ltdphoenix.com/static/js/	2 KB 1003 B	49ms 49ms	Script application/javascript	18.238.4.108 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://verification.ltdphoenix.com/static/js/schemaFilter.4c36d1ad.chunk.js Requested by Host: verification.ltdphoenix.com URL: https://verification.ltdphoenix.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.238.4.108 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-4-108.phl51.r.cloudfront.net Software AmazonS3 / Resource Hash 6f79e41e033005b781cd0222d8aec897915b45f01bf685f97e974e1f7968b13e Request headers accept-language en-US,en;q=0.9 Referer https://verification.ltdphoenix.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 09:00:02 GMT content-encoding br via 1.1 134fb7548a823d9dbc3efc247941f8ec.cloudfront.net (CloudFront) last-modified Thu, 14 Sep 2023 01:20:18 GMT server AmazonS3 x-amz-cf-pop PHL51-P1 age 2117 etag W/"b4ddba4b95f138e73995652f0ee87e7b" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id NEg8GVRKu7y1XTF-WWD9qdjf1hvh2x4e3JPHC_8SGtes0Luw6Mo0hg==
OPTIONS H2	200	releasesettings client-api.auryc.com/	0 0	315ms 48ms	Preflight	34.66.73.214 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://client-api.auryc.com/releasesettings?lib=Web Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.66.73.214 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 214.73.66.34.bc.googleusercontent.com Software istio-envoy / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 ; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept */* Access-Control-Request-Headers x-authorized-identity,x-authorized-token Access-Control-Request-Method GET Origin https://verification.ltdphoenix.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers x-authorized-identity, x-authorized-token access-control-allow-methods OPTIONS,HEAD,GET,PUT,POST,DELETE,PATCH access-control-allow-origin https://verification.ltdphoenix.com cache-control no-cache, no-store, max-age=0, must-revalidate content-length 0 date Tue, 26 Sep 2023 09:35:18 GMT expires 0 pragma no-cache server istio-envoy strict-transport-security max-age=31536000 ; includeSubDomains vary Origin,Access-Control-Request-Method,Access-Control-Request-Headers x-content-type-options nosniff x-envoy-upstream-service-time 1 x-frame-options DENY x-xss-protection 1; mode=block
GET H2	200	releasesettings Show response client-api.auryc.com/	2 B 169 B	98ms 97ms	XHR application/json	34.66.73.214 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://client-api.auryc.com/releasesettings?lib=Web Requested by Host: cdn.heapanalytics.com URL: https://cdn.heapanalytics.com/js/replay/8688-Development-prod-heap/container.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.66.73.214 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 214.73.66.34.bc.googleusercontent.com Software istio-envoy / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Security Headers Name Value Strict-Transport-Security max-age=31536000 ; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers x-authorized-identity 8688-Development-prod-heap Referer https://verification.ltdphoenix.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 x-authorized-token c4d29cb49901e7620df061297be67eb2 Response headers pragma no-cache strict-transport-security max-age=31536000 ; includeSubDomains content-encoding gzip x-content-type-options nosniff date Tue, 26 Sep 2023 09:35:18 GMT server istio-envoy vary accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding x-frame-options DENY content-type application/json access-control-allow-origin https://verification.ltdphoenix.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true x-envoy-upstream-service-time 3 x-xss-protection 1; mode=block expires 0
GET H3	200	auryc.lib.js Show response cdn.heapanalytics.com/js/replay/libs/latest/	693 KB 185 KB	40ms 39ms	Script application/javascript	18.238.4.51 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.heapanalytics.com/js/replay/libs/latest/auryc.lib.js Requested by Host: cdn.heapanalytics.com URL: https://cdn.heapanalytics.com/js/replay/8688-Development-prod-heap/container.js Protocol H3 Security QUIC, , AES_128_GCM Server 18.238.4.51 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-4-51.phl51.r.cloudfront.net Software AmazonS3 / Resource Hash 5d0b44e053aaf3022b7e7333433cb2dcca61ef1486f3730b4a02c89744a64cb3 Request headers accept-language en-US,en;q=0.9 Referer https://verification.ltdphoenix.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers x-amz-version-id EphvI0CvPZ5xOJsFnLKoBxVesViqpcud content-encoding gzip via 1.1 ca0fc43bc87ea655f66615a99ef77b4e.cloudfront.net (CloudFront) date Mon, 25 Sep 2023 22:06:19 GMT age 41340 x-amz-cf-pop PHL51-P1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 content-length 189150 last-modified Mon, 18 Sep 2023 22:05:33 GMT server AmazonS3 etag "1031f20eac5e30a6b8b1f757441f61df" content-type application/javascript cache-control max-age=86400 accept-ranges bytes x-amz-cf-id rf3_1akgKbDU_yvBH0xFDVaxBqV8sPv-qkpIUSoK4kELBYc7IB7pAw==
GET H2	200	siteconfig Show response client-api.auryc.com/	2 KB 1 KB	51ms 51ms	XHR application/json	34.66.73.214 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://client-api.auryc.com/siteconfig?lib=web Requested by Host: cdn.heapanalytics.com URL: https://cdn.heapanalytics.com/js/replay/libs/latest/auryc.lib.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.66.73.214 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 214.73.66.34.bc.googleusercontent.com Software istio-envoy / Resource Hash 08b0cab66e07b765c4f56b3e2d3697bca2675e84e14f42eca30fe85dde5ac3f8 Security Headers Name Value Strict-Transport-Security max-age=31536000 ; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers x-authorized-identity 8688-Development-prod-heap Referer https://verification.ltdphoenix.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 x-authorized-token c4d29cb49901e7620df061297be67eb2 Content-Type application/json Response headers pragma no-cache strict-transport-security max-age=31536000 ; includeSubDomains content-encoding gzip x-content-type-options nosniff date Tue, 26 Sep 2023 09:35:18 GMT server istio-envoy vary accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding x-frame-options DENY content-type application/json access-control-allow-origin https://verification.ltdphoenix.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true x-envoy-upstream-service-time 4 x-xss-protection 1; mode=block expires 0
OPTIONS H2	200	siteconfig client-api.auryc.com/	0 0	49ms 49ms	Preflight	34.66.73.214 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://client-api.auryc.com/siteconfig?lib=web Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.66.73.214 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 214.73.66.34.bc.googleusercontent.com Software istio-envoy / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 ; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept */* Access-Control-Request-Headers content-type,x-authorized-identity,x-authorized-token Access-Control-Request-Method GET Origin https://verification.ltdphoenix.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type, x-authorized-identity, x-authorized-token access-control-allow-methods OPTIONS,HEAD,GET,PUT,POST,DELETE,PATCH access-control-allow-origin https://verification.ltdphoenix.com cache-control no-cache, no-store, max-age=0, must-revalidate content-length 0 date Tue, 26 Sep 2023 09:35:18 GMT expires 0 pragma no-cache server istio-envoy strict-transport-security max-age=31536000 ; includeSubDomains vary Origin,Access-Control-Request-Method,Access-Control-Request-Headers x-content-type-options nosniff x-envoy-upstream-service-time 1 x-frame-options DENY x-xss-protection 1; mode=block
GET BLOB	200 OK	062970c6-2e3e-496c-b989-013c64afac81 https://verification.ltdphoenix.com/	85 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://verification.ltdphoenix.com/062970c6-2e3e-496c-b989-013c64afac81 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 3b272e43c528bdb75ea6aacc0fdd09ce62573a3849869f7ea80d532de6a8c57d Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Content-Length 85 Content-Type application/javascript
GET H2	200	h heapanalytics.com/	37 B 261 B	125ms 41ms	Image image/gif	18.210.113.196 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://heapanalytics.com/h?a=543395039&u=5277204062376752&v=3972055980769356&s=3577877408727325&b=web&tv=4.0&z=0&h=%2F&d=verification.ltdphoenix.com&t=Customer%20Verification&ts=1695720918555&srp=auryc%3A8688-Development-prod-heap%252F5343a90c7e160faf13a3aa4d7413cb92%252F1695720918555&sch=1200&scw=1600&st=1695720919455 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.210.113.196 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-210-113-196.compute-1.amazonaws.com Software nginx / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://verification.ltdphoenix.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Tue, 26 Sep 2023 09:35:19 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx etag W/"25-4iFqfptz9csCeTUceM5hwzR1zqc" content-type image/gif cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate content-length 37
GET BLOB	200 OK	34fad8e7-6fdc-44c5-bce9-882bf8209633 https://verification.ltdphoenix.com/	85 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://verification.ltdphoenix.com/34fad8e7-6fdc-44c5-bce9-882bf8209633 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 3b272e43c528bdb75ea6aacc0fdd09ce62573a3849869f7ea80d532de6a8c57d Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Content-Length 85 Content-Type application/javascript
OPTIONS H2	204	event mt.auryc.com/v1/	0 0	51ms 49ms	Preflight	34.66.73.214 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://mt.auryc.com/v1/event Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.66.73.214 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 214.73.66.34.bc.googleusercontent.com Software istio-envoy / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization,content-type,x-authorized-identity Access-Control-Request-Method POST Origin https://verification.ltdphoenix.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers access-control-allow-headers Origin,Content-Length,Content-Type,Authorization,X-Authorized-Identity,X-Authorized-Token,X-Message-Type,Payload-Type,Dnt access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS access-control-allow-origin * access-control-max-age 43200 date Tue, 26 Sep 2023 09:35:19 GMT server istio-envoy x-envoy-upstream-service-time 2

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| webpackJsonpinteraction-sensor string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| regeneratorRuntime number| 2f1acc6c3a606b082e5eef5e54414ffb object| heap string| __AURYC_JSLIB_PATH__ object| aurycReadyCb object| auryc object| aurycEventPropertiesCb boolean| aurycInit number| aurycLoadedTime object| aurycJsLibConfig function| launchAurycEventMarker object| aurycBehaviorAPI object| aurycRecordAPI object| aurycFeedbackAPI

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.ltdphoenix.com/	1970-01-21 00:29:58	Name: _hp2_id.543395039 Value: %7B%22userId%22%3A%225277204062376752%22%2C%22pageviewId%22%3A%223972055980769356%22%2C%22sessionId%22%3A%223577877408727325%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
			.ltdphoenix.com/	1970-01-21 00:38:00	Name: userty.core.p.0e1e68 Value: __2VySWQiOiI1MzQ1OWEwNTFiY2EzNGQ1NzdhYWU0NjNhYzI1MjVjNSJ9eyJ1c
			.ltdphoenix.com/	1969-12-31 23:59:59	Name: userty.core.s.0e1e68 Value: __SI6MTY5NTcyMjcxOTM2OSwic2lkIjoiNTM0M2E5MGM3ZTE2MGZhZjEzYTNhYTRkNzQxM2NiOTIiLCJzdCI6MTY5NTcyMDkxOTM2OSwicHYiOjEsInJlYWR5Ijp0cnVlLCJ3cyI6IntcIndcIjoxNjAwLFwiaFwiOjEyMDB9In0=eyJzZ
			.ltdphoenix.com/	1970-01-20 15:02:02	Name: _hp2_ses_props.543395039 Value: %7B%22ts%22%3A1695720918555%2C%22d%22%3A%22verification.ltdphoenix.com%22%2C%22h%22%3A%22%2F%22%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.heapanalytics.com
cdn.segment.com
client-api.auryc.com
fonts.googleapis.com
heapanalytics.com
mt.auryc.com
verification.ltdphoenix.com
13.224.207.4
18.210.113.196
18.238.4.108
18.238.4.51
2607:f8b0:4004:c06::5f
34.66.73.214
08b0cab66e07b765c4f56b3e2d3697bca2675e84e14f42eca30fe85dde5ac3f8
3b272e43c528bdb75ea6aacc0fdd09ce62573a3849869f7ea80d532de6a8c57d
42a7699f81a57e697705957c33bf416fcf7882262bb5edcf51475b8327ccff7a
4cdef036524beab10c6571050ef1e4cb5ce1259fd82140cdff06a66b24d14c66
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5d0b44e053aaf3022b7e7333433cb2dcca61ef1486f3730b4a02c89744a64cb3
6f79e41e033005b781cd0222d8aec897915b45f01bf685f97e974e1f7968b13e
797903f2ec73fedf07eac3c339892187164e755ffd83c2ea8fe1d864f18254d2
982cd1f70068c2ed57f943e50a64e0134a356ddf98c891f2acbcbd40b923737f
9ab569ab9df38ab72b2c9901efcaffd2eae1e0f99436eff9309976bdf737757f
aa86d05bc3437299261ded025096e92120908ac06b663b62b568533d7d0f8ef5
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
d0d3ef139520233243274cdc34e72ad1f57d39c27768a236907fe89ca7fa0f77
e06e089264c800088e1eb8436718f4ca9651382df39903d8c9ecee013debb57f
e5cde39b931810cb0cc1f1c1e1af2483bd59c36af5a7e01ff9c090d8af47f691