portal.abnormalsecurity.com Open in urlscan Pro
2600:9000:2190:fa00:18:8b75:35c0:93a1  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 33568 Show response portal.abnormalsecurity.com/home/cases/	2 KB 2 KB	1044ms 947ms	Document text/html	2600:9000:2190:fa00:18:8b75:35c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://portal.abnormalsecurity.com/home/cases/33568 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:2190:fa00:18:8b75:35c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 423e99cab887fd859a1bb9cc7a5895ebeb101931e2011e61e52eb70c8abe7cc4 Security Headers Name Value Content-Security-Policy frame-ancestors 'none' Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers :method GET :authority portal.abnormalsecurity.com :scheme https :path /home/cases/33568 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 content-type text/html content-length 1904 date Tue, 26 May 2020 23:45:11 GMT cache-control max-age=0,no-cache,no-store,must-revalidate last-modified Tue, 26 May 2020 19:06:39 GMT x-amz-version-id kpavLhGSQ6TLdiED2mntXEtAiGVA308W etag "2b5e5eb9b37c85c912fa61d7a7a92f36" server AmazonS3 strict-transport-security max-age=63072000; includeSubdomains; preload content-security-policy frame-ancestors 'none' x-content-type-options nosniff x-frame-options DENY x-xss-protection 1; mode=block referrer-policy same-origin x-cache Error from cloudfront via 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront) x-amz-cf-pop ZRH50-C1 x-amz-cf-id QQC8YVTdMzcHmxl7w9VP_H3Bcm0w8KXl5gGBhf2TFZzinEbTt8xA0A==
GET H2	200	pcr8umd.css use.typekit.net/	13 KB 2 KB	203ms 142ms	Stylesheet text/css	2a01:4a0:1338:28::c38a:ff0a NETZBETRIEB-GMBH
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/pcr8umd.css Requested by Host: portal.abnormalsecurity.com URL: https://portal.abnormalsecurity.com/home/cases/33568 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:4a0:1338:28::c38a:ff0a , Germany, ASN201011 (NETZBETRIEB-GMBH, DE), Reverse DNS Software nginx / Resource Hash 73f3ba78294c7fc2b2754ffd750f386901b86b6b40d861adc4544e1e756f5733 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; content-encoding gzip server nginx status 200 date Tue, 26 May 2020 23:45:10 GMT vary Accept-Encoding content-type text/css;charset=utf-8 access-control-allow-origin * cache-control private, max-age=600, stale-while-revalidate=604800 timing-allow-origin * content-length 1336
GET H2	200	runtime.9a600a69d8c432bd0880.js Show response portal.abnormalsecurity.com/	2 KB 3 KB	22ms 21ms	Script text/javascript	2600:9000:2190:fa00:18:8b75:35c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://portal.abnormalsecurity.com/runtime.9a600a69d8c432bd0880.js Requested by Host: portal.abnormalsecurity.com URL: https://portal.abnormalsecurity.com/home/cases/33568 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:2190:fa00:18:8b75:35c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash d14d37c84de9059031ac8ea671572070cd1511720d47aa5b103f2c0ca9a2c05e Security Headers Name Value Content-Security-Policy frame-ancestors 'none' Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://portal.abnormalsecurity.com/home/cases/33568 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 18 May 2020 12:38:54 GMT via 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront) x-content-type-options nosniff age 731176 x-cache Hit from cloudfront status 200 content-length 2478 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Sat, 16 May 2020 05:39:08 GMT server AmazonS3 x-frame-options DENY etag "9ebf7d3f03c673e288bbb3b5ff74e3d3" strict-transport-security max-age=63072000; includeSubdomains; preload content-type text/javascript cache-control max-age=31536000,public content-security-policy frame-ancestors 'none' x-amz-cf-pop ZRH50-C1 x-amz-cf-id LUcghGl0T2rzntaa8xLAepkYB_DYT5HMZsnmQQZebo_q_ee8c2dP5Q==
GET H2	200	vendors~main.436dc62b6a957509e079.chunk.js Show response portal.abnormalsecurity.com/	5 MB 5 MB	30ms 29ms	Script text/javascript	2600:9000:2190:fa00:18:8b75:35c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://portal.abnormalsecurity.com/vendors~main.436dc62b6a957509e079.chunk.js Requested by Host: portal.abnormalsecurity.com URL: https://portal.abnormalsecurity.com/home/cases/33568 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:2190:fa00:18:8b75:35c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8967e664d7d3d0bf5eebe516faf99206e1c3605680dd576eb9fc2091799015b3 Security Headers Name Value Content-Security-Policy frame-ancestors 'none' Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://portal.abnormalsecurity.com/home/cases/33568 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 26 May 2020 21:44:35 GMT via 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront) x-content-type-options nosniff age 7236 x-cache Hit from cloudfront status 200 content-length 5128188 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Tue, 26 May 2020 19:06:38 GMT server AmazonS3 x-frame-options DENY etag "a382074db76b8cf941e41439e1ce9b15" strict-transport-security max-age=63072000; includeSubdomains; preload x-amz-version-id t6VK9jkTYGlojPujdiVADOj30OAFROHu cache-control max-age=31536000,public content-security-policy frame-ancestors 'none' x-amz-cf-pop ZRH50-C1 content-type text/javascript x-amz-cf-id 80zw5k9VuhB3VSd4k1ekVxlEevKBFMn5ceES8FCyIWv_QP1epqJR9Q==
GET H2	200	main.5f5a23bb81523699ef85.chunk.js Show response portal.abnormalsecurity.com/	1 MB 1 MB	50ms 49ms	Script text/javascript	2600:9000:2190:fa00:18:8b75:35c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://portal.abnormalsecurity.com/main.5f5a23bb81523699ef85.chunk.js Requested by Host: portal.abnormalsecurity.com URL: https://portal.abnormalsecurity.com/home/cases/33568 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:2190:fa00:18:8b75:35c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 3623984d941247ff2b2bec0883f7e73f870b192aab5c18224a64b13dbab94f9a Security Headers Name Value Content-Security-Policy frame-ancestors 'none' Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://portal.abnormalsecurity.com/home/cases/33568 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 26 May 2020 21:44:35 GMT via 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront) x-content-type-options nosniff age 7236 x-cache Hit from cloudfront status 200 content-length 1176547 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Tue, 26 May 2020 19:06:38 GMT server AmazonS3 x-frame-options DENY etag "c34829f4ada36f81ec24670f522bd983" strict-transport-security max-age=63072000; includeSubdomains; preload x-amz-version-id 6JNe374sS0BLSGSN0OKw3YBnYSMOBjZ8 cache-control max-age=31536000,public content-security-policy frame-ancestors 'none' x-amz-cf-pop ZRH50-C1 content-type text/javascript x-amz-cf-id uioTNBeownHJkmD8d-83XItmQuiu7GhFk__47Ykaf_VNuN_HW4ttcg==
GET H/1.1	200 OK	p.css p.typekit.net/	5 B 334 B	22ms 6ms	Stylesheet text/css	2a02:26f0:6c00:285::19fd AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://p.typekit.net/p.css?s=1&k=pcr8umd&ht=tk&f=14032.14033.14034.14035.14036.14037.14038.14039.26893.26894.26897.26898.26909.26910.26913.26914.29382.29383&a=15030224&app=typekit&e=css Requested by Host: portal.abnormalsecurity.com URL: https://portal.abnormalsecurity.com/home/cases/33568 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:285::19fd , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software nginx / Resource Hash 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 26 May 2020 23:45:10 GMT Last-Modified Wed, 19 Feb 2020 17:40:31 GMT Server nginx ETag "5e4d730f-5" Content-Type text/css Access-Control-Allow-Origin * Cache-Control max-age=604800 Connection keep-alive Accept-Ranges bytes Content-Length 5 Expires Wed, 01 Apr 2020 20:42:23 GMT
GET H2	200	heap-1228124936.js Show response cdn.heapanalytics.com/js/	81 KB 34 KB	173ms 123ms	Script application/javascript	13.224.95.61 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.heapanalytics.com/js/heap-1228124936.js Requested by Host: portal.abnormalsecurity.com URL: https://portal.abnormalsecurity.com/home/cases/33568 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.95.61 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-95-61.zrh50.r.cloudfront.net Software nginx / Resource Hash af507125d7015fc6e8fa548b2186d0b23c004da5ab678c38e56e7d90a928c1c1 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 26 May 2020 23:45:11 GMT content-encoding gzip server nginx x-amz-cf-pop ZRH50-C1 etag W/"14338-8N0LKM3xrjWSFqfEbxLVBA" vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript; charset=utf-8 status 200 cache-control public, max-age=120 x-amz-cf-id SyUwKsU690OciOdgYIvKpy3EIl6kOrF5ieAglszFkH1LvMEtIR5Lhg== via 1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
GET H2	200	l use.typekit.net/af/2223ac/00000000000000003b9b0326/27/	28 KB 28 KB	53ms 5ms	Font application/font-woff2	2a01:4a0:1338:28::c38a:ff0a NETZBETRIEB-GMBH
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/2223ac/00000000000000003b9b0326/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3 Requested by Host: portal.abnormalsecurity.com URL: https://portal.abnormalsecurity.com/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:4a0:1338:28::c38a:ff0a , Germany, ASN201011 (NETZBETRIEB-GMBH, DE), Reverse DNS Software nginx / Resource Hash dc4e92a714d94538f91c4915476b34e930379281b8c4a31332fd596799f19539 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://use.typekit.net/pcr8umd.css Origin https://portal.abnormalsecurity.com Response headers date Tue, 26 May 2020 23:45:11 GMT server nginx etag "530b33da9436e4ff082d775cbaee0bbff25a12ec" status 200 content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 timing-allow-origin * content-length 28212
GET H2	200	l use.typekit.net/af/affdf5/00000000000000003b9b0328/27/	27 KB 27 KB	54ms 6ms	Font application/font-woff2	2a01:4a0:1338:28::c38a:ff0a NETZBETRIEB-GMBH
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/affdf5/00000000000000003b9b0328/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 Requested by Host: portal.abnormalsecurity.com URL: https://portal.abnormalsecurity.com/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:4a0:1338:28::c38a:ff0a , Germany, ASN201011 (NETZBETRIEB-GMBH, DE), Reverse DNS Software nginx / Resource Hash 267e58fd98a5d8f6f7158fd678f1f3c7656d7380ffb14b92b7f6b7a74b0fb856 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://use.typekit.net/pcr8umd.css Origin https://portal.abnormalsecurity.com Response headers date Tue, 26 May 2020 23:45:11 GMT server nginx etag "7b3ae799e5f61a91796c2692c8ca8d77ade2a4ca" status 200 content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 timing-allow-origin * content-length 27572
GET H2	200	h heapanalytics.com/	37 B 212 B	336ms 112ms	Image image/gif	34.204.184.98 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://heapanalytics.com/h?a=1228124936&u=6766279593686767&v=4726807938138218&s=4394912335902319&b=web&tv=4.0&z=0&h=%2Flogin&d=portal.abnormalsecurity.com&t=Abnormal%20Security&ts=1590536711723&st=1590536711724 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.204.184.98 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-204-184-98.compute-1.amazonaws.com Software nginx / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Tue, 26 May 2020 23:45:12 GMT server nginx etag W/"25-PqzQEyMQ6kTK11azeKO8Bw" content-type image/gif status 200 cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate content-length 37

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| heap object| webpackJsonp object| SENTRY_RELEASE object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| G2 object| __SENTRY__ object| d3 function| _

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.heapanalytics.com
heapanalytics.com
p.typekit.net
portal.abnormalsecurity.com
use.typekit.net
13.224.95.61
2600:9000:2190:fa00:18:8b75:35c0:93a1
2a01:4a0:1338:28::c38a:ff0a
2a02:26f0:6c00:285::19fd
34.204.184.98
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
267e58fd98a5d8f6f7158fd678f1f3c7656d7380ffb14b92b7f6b7a74b0fb856
3623984d941247ff2b2bec0883f7e73f870b192aab5c18224a64b13dbab94f9a
423e99cab887fd859a1bb9cc7a5895ebeb101931e2011e61e52eb70c8abe7cc4
73f3ba78294c7fc2b2754ffd750f386901b86b6b40d861adc4544e1e756f5733
8967e664d7d3d0bf5eebe516faf99206e1c3605680dd576eb9fc2091799015b3
af507125d7015fc6e8fa548b2186d0b23c004da5ab678c38e56e7d90a928c1c1
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
d14d37c84de9059031ac8ea671572070cd1511720d47aa5b103f2c0ca9a2c05e
dc4e92a714d94538f91c4915476b34e930379281b8c4a31332fd596799f19539