accounts.thinkofliving.com

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 7 HTTP transactions. The main IP is 2606:4700:4400::ac40:9821, located in United States and belongs to CLOUDFLARENET, US. The main domain is accounts.thinkofliving.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 19th 2024. Valid for: a year.

This is the only time accounts.thinkofliving.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
2 9	2606:4700:440... 2606:4700:4400::ac40:9821		13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	1

9 2606:4700:4400::ac40:9821 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

accounts.thinkofliving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	thinkofliving.com 2 redirects accounts.thinkofliving.com	15 KB
7	1

	Domain	Requested by
9	accounts.thinkofliving.com	2 redirects accounts.thinkofliving.com
7	1

This site contains no links.

Subject Issuer	Validity	Valid
thinkofliving.com Cloudflare Inc ECC CA-3	`2024-01-19` - `2024-12-31`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://accounts.thinkofliving.com/
Frame ID: 1AFDEBD1A763C3C45E570EB457B4AC12
Requests: 5 HTTP requests in this frame

Frame: https://accounts.thinkofliving.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/a0d8959cb7d0/main.js
Frame ID: EA856F1CD4A68694347D1020AEFBA46B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

thinkofliving.com - Error

Page Statistics

7
Requests

71 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

15 kB
Transfer

37 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://accounts.thinkofliving.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://accounts.thinkofliving.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/a0d8959cb7d0/main.js

Request Chain 5

https://accounts.thinkofliving.com/cdn-cgi/challenge-platform/h/g/jsd/r/85cffda9c9605d94 HTTP 301
https://accounts.thinkofliving.com/cdn-cgi/challenge-platform/h/g/jsd/r/85cffda9c9605d94/

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
accounts.thinkofliving.com/ 2 KB
3 KB 295ms
220ms Document
text/html 2606:4700:4400::ac40:9821
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.thinkofliving.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9821 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

599a031239897e363b57be002f0788e1b22f7053ea864008522ade8297b73eb2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .pg4business.com;default-src 'self' 'unsafe-inline' https://.taboola.com/ https://.hotjar.com/ https://sdk.iad-03.braze.com/ https://stats.g.doubleclick.net/ https://www.google-analytics.com/ https://analytics.google.com https://www.googletagmanager.com https://analytics.tiktok.com/ .segment.io/ .segment.com/ https://.pg4business.com/;base-uri 'self';img-src 'self' data: https://www.google.com/ https://www.google-analytics.com/ https://.taboola.com/ https://googleads.g.doubleclick.net/ https://www.facebook.com/ https://sb.scorecardresearch.com/ https://www.google.com.sg/ https://www.google.com.my/ https://www.google.co.in/ www.googletagmanager.com https://.pg4business.com/;frame-src 'self' https://www.gstatic.com/ https://www.google.com/ https://www.googletagmanager.com/ https://www.facebook.com/ https://www.propertyguru.com.my/ https://tsdtocl.com/ http://tpc.googlesyndication.com/ https://.hotjar.com/ https://www.google-analytics.com/ https://.pg4business.com/;script-src 'self' 'unsafe-inline' https://unpkg.com/axios@0.27.2/dist/axios.min.js https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.googleadservices.com/ https://js.appboycdn.com/ https://connect.facebook.net/ https://sb.scorecardresearch.com/ https://googleads.g.doubleclick.net/ https://sdk.iad-03.braze.com/ http://tpc.googlesyndication.com/ https://www.facebook.com/ https://.taboola.com/ https://stats.g.doubleclick.net/ https://www.google.com/ http://.hotjar.com/ https://.hotjar.com/ https://www.gstatic.com/ https://tags.crwdcntrl.net https://analytics.google.com https://analytics.tiktok.com/ .segment.io/ .segment.com/ https://.pg4business.com/;style-src 'self' https: 'unsafe-inline';font-src 'self' https://fonts.gstatic.com/ https://s1.rui.au.reastatic.net/ https://assets-cdn.iproperty.com.my/ https://use.fontawesome.com/
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 85cffda9c9605d94-FRA
content-encoding: br
content-security-policy: frame-ancestors 'self' *.pg4business.com;default-src 'self' 'unsafe-inline' https://*.taboola.com/ https://*.hotjar.com/ https://sdk.iad-03.braze.com/ https://stats.g.doubleclick.net/ https://www.google-analytics.com/ https://analytics.google.com https://www.googletagmanager.com https://analytics.tiktok.com/ *.segment.io/ *.segment.com/ https://*.pg4business.com/;base-uri 'self';img-src 'self' data: https://www.google.com/ https://www.google-analytics.com/ https://*.taboola.com/ https://googleads.g.doubleclick.net/ https://www.facebook.com/ https://sb.scorecardresearch.com/ https://www.google.com.sg/ https://www.google.com.my/ https://www.google.co.in/ www.googletagmanager.com https://*.pg4business.com/;frame-src 'self' https://www.gstatic.com/ https://www.google.com/ https://www.googletagmanager.com/ https://www.facebook.com/ https://www.propertyguru.com.my/ https://tsdtocl.com/ http://tpc.googlesyndication.com/ https://*.hotjar.com/ https://www.google-analytics.com/ https://*.pg4business.com/;script-src 'self' 'unsafe-inline' https://unpkg.com/axios@0.27.2/dist/axios.min.js https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.googleadservices.com/ https://js.appboycdn.com/ https://connect.facebook.net/ https://sb.scorecardresearch.com/ https://googleads.g.doubleclick.net/ https://sdk.iad-03.braze.com/ http://tpc.googlesyndication.com/ https://www.facebook.com/ https://*.taboola.com/ https://stats.g.doubleclick.net/ https://www.google.com/ http://*.hotjar.com/ https://*.hotjar.com/ https://www.gstatic.com/ https://tags.crwdcntrl.net https://analytics.google.com https://analytics.tiktok.com/ *.segment.io/ *.segment.com/ https://*.pg4business.com/;style-src 'self' https: 'unsafe-inline';font-src 'self' https://fonts.gstatic.com/ https://s1.rui.au.reastatic.net/ https://assets-cdn.iproperty.com.my/ https://use.fontawesome.com/
content-type: text/html; charset=utf-8
date: Thu, 29 Feb 2024 09:48:19 GMT
expect-ct: max-age=0
expires: Thu, 29 Feb 2024 13:48:19 GMT
referrer-policy: no-referrer
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: c334e90a-f6ab-4517-87bf-82c201134e91#40248393
x-xss-protection: 0

GET
H2 200 pangea-variable.woff2
accounts.thinkofliving.com/assets/1707293165/font/tol/ 108 B
190 B 232ms
231ms Font
text/html 2606:4700:4400::ac40:9821
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.thinkofliving.com/assets/1707293165/font/tol/pangea-variable.woff2

Requested by

Host: accounts.thinkofliving.com
URL: https://accounts.thinkofliving.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9821 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

191927852999836873e2ca799b23ae34917ce92915b3156e49b5284b0a9ff824

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .pg4business.com;default-src 'self' 'unsafe-inline' https://.taboola.com/ https://.hotjar.com/ https://sdk.iad-03.braze.com/ https://stats.g.doubleclick.net/ https://www.google-analytics.com/ https://analytics.google.com https://www.googletagmanager.com https://analytics.tiktok.com/ .segment.io/ .segment.com/ https://.pg4business.com/;base-uri 'self';img-src 'self' data: https://www.google.com/ https://www.google-analytics.com/ https://.taboola.com/ https://googleads.g.doubleclick.net/ https://www.facebook.com/ https://sb.scorecardresearch.com/ https://www.google.com.sg/ https://www.google.com.my/ https://www.google.co.in/ www.googletagmanager.com https://.pg4business.com/;frame-src 'self' https://www.gstatic.com/ https://www.google.com/ https://www.googletagmanager.com/ https://www.facebook.com/ https://www.propertyguru.com.my/ https://tsdtocl.com/ http://tpc.googlesyndication.com/ https://.hotjar.com/ https://www.google-analytics.com/ https://.pg4business.com/;script-src 'self' 'unsafe-inline' https://unpkg.com/axios@0.27.2/dist/axios.min.js https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.googleadservices.com/ https://js.appboycdn.com/ https://connect.facebook.net/ https://sb.scorecardresearch.com/ https://googleads.g.doubleclick.net/ https://sdk.iad-03.braze.com/ http://tpc.googlesyndication.com/ https://www.facebook.com/ https://.taboola.com/ https://stats.g.doubleclick.net/ https://www.google.com/ http://.hotjar.com/ https://.hotjar.com/ https://www.gstatic.com/ https://tags.crwdcntrl.net https://analytics.google.com https://analytics.tiktok.com/ .segment.io/ .segment.com/ https://.pg4business.com/;style-src 'self' https: 'unsafe-inline';font-src 'self' https://fonts.gstatic.com/ https://s1.rui.au.reastatic.net/ https://assets-cdn.iproperty.com.my/ https://use.fontawesome.com/
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
Origin: https://accounts.thinkofliving.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 09:48:19 GMT
content-security-policy: frame-ancestors 'self' *.pg4business.com;default-src 'self' 'unsafe-inline' https://*.taboola.com/ https://*.hotjar.com/ https://sdk.iad-03.braze.com/ https://stats.g.doubleclick.net/ https://www.google-analytics.com/ https://analytics.google.com https://www.googletagmanager.com https://analytics.tiktok.com/ *.segment.io/ *.segment.com/ https://*.pg4business.com/;base-uri 'self';img-src 'self' data: https://www.google.com/ https://www.google-analytics.com/ https://*.taboola.com/ https://googleads.g.doubleclick.net/ https://www.facebook.com/ https://sb.scorecardresearch.com/ https://www.google.com.sg/ https://www.google.com.my/ https://www.google.co.in/ www.googletagmanager.com https://*.pg4business.com/;frame-src 'self' https://www.gstatic.com/ https://www.google.com/ https://www.googletagmanager.com/ https://www.facebook.com/ https://www.propertyguru.com.my/ https://tsdtocl.com/ http://tpc.googlesyndication.com/ https://*.hotjar.com/ https://www.google-analytics.com/ https://*.pg4business.com/;script-src 'self' 'unsafe-inline' https://unpkg.com/axios@0.27.2/dist/axios.min.js https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.googleadservices.com/ https://js.appboycdn.com/ https://connect.facebook.net/ https://sb.scorecardresearch.com/ https://googleads.g.doubleclick.net/ https://sdk.iad-03.braze.com/ http://tpc.googlesyndication.com/ https://www.facebook.com/ https://*.taboola.com/ https://stats.g.doubleclick.net/ https://www.google.com/ http://*.hotjar.com/ https://*.hotjar.com/ https://www.gstatic.com/ https://tags.crwdcntrl.net https://analytics.google.com https://analytics.tiktok.com/ *.segment.io/ *.segment.com/ https://*.pg4business.com/;style-src 'self' https: 'unsafe-inline';font-src 'self' https://fonts.gstatic.com/ https://s1.rui.au.reastatic.net/ https://assets-cdn.iproperty.com.my/ https://use.fontawesome.com/
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
content-encoding: br
x-dns-prefetch-control: on
x-xss-protection: 0
x-request-id: 5f935bf8-3025-42f1-9400-deb668e1ad57#125366478
referrer-policy: no-referrer
server: cloudflare
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Accept-Encoding
content-type: text/html; charset=utf-8
x-download-options: noopen
cf-ray: 85cffdab2a3b5d94-FRA

GET
H2 200 tol-login.css
accounts.thinkofliving.com/assets/1707293165/css/tol/ 16 KB
4 KB 210ms
210ms Stylesheet
text/css 2606:4700:4400::ac40:9821
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.thinkofliving.com/assets/1707293165/css/tol/tol-login.css

Requested by

Host: accounts.thinkofliving.com
URL: https://accounts.thinkofliving.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9821 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd85ba6fdc118c0167c8584a28b3f2afa24e2e786c05fdc10baa82cbcd6fb5d8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .pg4business.com;default-src 'self' 'unsafe-inline' https://.taboola.com/ https://.hotjar.com/ https://sdk.iad-03.braze.com/ https://stats.g.doubleclick.net/ https://www.google-analytics.com/ https://analytics.google.com https://www.googletagmanager.com https://analytics.tiktok.com/ .segment.io/ .segment.com/ https://.pg4business.com/;base-uri 'self';img-src 'self' data: https://www.google.com/ https://www.google-analytics.com/ https://.taboola.com/ https://googleads.g.doubleclick.net/ https://www.facebook.com/ https://sb.scorecardresearch.com/ https://www.google.com.sg/ https://www.google.com.my/ https://www.google.co.in/ www.googletagmanager.com https://.pg4business.com/;frame-src 'self' https://www.gstatic.com/ https://www.google.com/ https://www.googletagmanager.com/ https://www.facebook.com/ https://www.propertyguru.com.my/ https://tsdtocl.com/ http://tpc.googlesyndication.com/ https://.hotjar.com/ https://www.google-analytics.com/ https://.pg4business.com/;script-src 'self' 'unsafe-inline' https://unpkg.com/axios@0.27.2/dist/axios.min.js https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.googleadservices.com/ https://js.appboycdn.com/ https://connect.facebook.net/ https://sb.scorecardresearch.com/ https://googleads.g.doubleclick.net/ https://sdk.iad-03.braze.com/ http://tpc.googlesyndication.com/ https://www.facebook.com/ https://.taboola.com/ https://stats.g.doubleclick.net/ https://www.google.com/ http://.hotjar.com/ https://.hotjar.com/ https://www.gstatic.com/ https://tags.crwdcntrl.net https://analytics.google.com https://analytics.tiktok.com/ .segment.io/ .segment.com/ https://.pg4business.com/;style-src 'self' https: 'unsafe-inline';font-src 'self' https://fonts.gstatic.com/ https://s1.rui.au.reastatic.net/ https://assets-cdn.iproperty.com.my/ https://use.fontawesome.com/
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 09:48:19 GMT
content-security-policy: frame-ancestors 'self' *.pg4business.com;default-src 'self' 'unsafe-inline' https://*.taboola.com/ https://*.hotjar.com/ https://sdk.iad-03.braze.com/ https://stats.g.doubleclick.net/ https://www.google-analytics.com/ https://analytics.google.com https://www.googletagmanager.com https://analytics.tiktok.com/ *.segment.io/ *.segment.com/ https://*.pg4business.com/;base-uri 'self';img-src 'self' data: https://www.google.com/ https://www.google-analytics.com/ https://*.taboola.com/ https://googleads.g.doubleclick.net/ https://www.facebook.com/ https://sb.scorecardresearch.com/ https://www.google.com.sg/ https://www.google.com.my/ https://www.google.co.in/ www.googletagmanager.com https://*.pg4business.com/;frame-src 'self' https://www.gstatic.com/ https://www.google.com/ https://www.googletagmanager.com/ https://www.facebook.com/ https://www.propertyguru.com.my/ https://tsdtocl.com/ http://tpc.googlesyndication.com/ https://*.hotjar.com/ https://www.google-analytics.com/ https://*.pg4business.com/;script-src 'self' 'unsafe-inline' https://unpkg.com/axios@0.27.2/dist/axios.min.js https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.googleadservices.com/ https://js.appboycdn.com/ https://connect.facebook.net/ https://sb.scorecardresearch.com/ https://googleads.g.doubleclick.net/ https://sdk.iad-03.braze.com/ http://tpc.googlesyndication.com/ https://www.facebook.com/ https://*.taboola.com/ https://stats.g.doubleclick.net/ https://www.google.com/ http://*.hotjar.com/ https://*.hotjar.com/ https://www.gstatic.com/ https://tags.crwdcntrl.net https://analytics.google.com https://analytics.tiktok.com/ *.segment.io/ *.segment.com/ https://*.pg4business.com/;style-src 'self' https: 'unsafe-inline';font-src 'self' https://fonts.gstatic.com/ https://s1.rui.au.reastatic.net/ https://assets-cdn.iproperty.com.my/ https://use.fontawesome.com/
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
content-encoding: br
x-dns-prefetch-control: on
x-xss-protection: 0
x-request-id: ad038437-4aa4-4152-94c1-9e2e3036309d#125311285
referrer-policy: no-referrer
last-modified: Wed, 07 Feb 2024 08:06:05 GMT
server: cloudflare
etag: W/"419d-18d829a45c8"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 85cffdab2a395d94-FRA

GET
H2 200 tol-consumer-login.js Show response
accounts.thinkofliving.com/assets/1707293165/script/tol/ 2 KB
804 B 242ms
242ms Script
application/javascript 2606:4700:4400::ac40:9821
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.thinkofliving.com/assets/1707293165/script/tol/tol-consumer-login.js

Requested by

Host: accounts.thinkofliving.com
URL: https://accounts.thinkofliving.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9821 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

588e58b9e183ae708d6c960356297cd3c395258ea99b42f15b79e16d1e8ec5e1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .pg4business.com;default-src 'self' 'unsafe-inline' https://.taboola.com/ https://.hotjar.com/ https://sdk.iad-03.braze.com/ https://stats.g.doubleclick.net/ https://www.google-analytics.com/ https://analytics.google.com https://www.googletagmanager.com https://analytics.tiktok.com/ .segment.io/ .segment.com/ https://.pg4business.com/;base-uri 'self';img-src 'self' data: https://www.google.com/ https://www.google-analytics.com/ https://.taboola.com/ https://googleads.g.doubleclick.net/ https://www.facebook.com/ https://sb.scorecardresearch.com/ https://www.google.com.sg/ https://www.google.com.my/ https://www.google.co.in/ www.googletagmanager.com https://.pg4business.com/;frame-src 'self' https://www.gstatic.com/ https://www.google.com/ https://www.googletagmanager.com/ https://www.facebook.com/ https://www.propertyguru.com.my/ https://tsdtocl.com/ http://tpc.googlesyndication.com/ https://.hotjar.com/ https://www.google-analytics.com/ https://.pg4business.com/;script-src 'self' 'unsafe-inline' https://unpkg.com/axios@0.27.2/dist/axios.min.js https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.googleadservices.com/ https://js.appboycdn.com/ https://connect.facebook.net/ https://sb.scorecardresearch.com/ https://googleads.g.doubleclick.net/ https://sdk.iad-03.braze.com/ http://tpc.googlesyndication.com/ https://www.facebook.com/ https://.taboola.com/ https://stats.g.doubleclick.net/ https://www.google.com/ http://.hotjar.com/ https://.hotjar.com/ https://www.gstatic.com/ https://tags.crwdcntrl.net https://analytics.google.com https://analytics.tiktok.com/ .segment.io/ .segment.com/ https://.pg4business.com/;style-src 'self' https: 'unsafe-inline';font-src 'self' https://fonts.gstatic.com/ https://s1.rui.au.reastatic.net/ https://assets-cdn.iproperty.com.my/ https://use.fontawesome.com/
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 09:48:19 GMT
content-security-policy: frame-ancestors 'self' *.pg4business.com;default-src 'self' 'unsafe-inline' https://*.taboola.com/ https://*.hotjar.com/ https://sdk.iad-03.braze.com/ https://stats.g.doubleclick.net/ https://www.google-analytics.com/ https://analytics.google.com https://www.googletagmanager.com https://analytics.tiktok.com/ *.segment.io/ *.segment.com/ https://*.pg4business.com/;base-uri 'self';img-src 'self' data: https://www.google.com/ https://www.google-analytics.com/ https://*.taboola.com/ https://googleads.g.doubleclick.net/ https://www.facebook.com/ https://sb.scorecardresearch.com/ https://www.google.com.sg/ https://www.google.com.my/ https://www.google.co.in/ www.googletagmanager.com https://*.pg4business.com/;frame-src 'self' https://www.gstatic.com/ https://www.google.com/ https://www.googletagmanager.com/ https://www.facebook.com/ https://www.propertyguru.com.my/ https://tsdtocl.com/ http://tpc.googlesyndication.com/ https://*.hotjar.com/ https://www.google-analytics.com/ https://*.pg4business.com/;script-src 'self' 'unsafe-inline' https://unpkg.com/axios@0.27.2/dist/axios.min.js https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.googleadservices.com/ https://js.appboycdn.com/ https://connect.facebook.net/ https://sb.scorecardresearch.com/ https://googleads.g.doubleclick.net/ https://sdk.iad-03.braze.com/ http://tpc.googlesyndication.com/ https://www.facebook.com/ https://*.taboola.com/ https://stats.g.doubleclick.net/ https://www.google.com/ http://*.hotjar.com/ https://*.hotjar.com/ https://www.gstatic.com/ https://tags.crwdcntrl.net https://analytics.google.com https://analytics.tiktok.com/ *.segment.io/ *.segment.com/ https://*.pg4business.com/;style-src 'self' https: 'unsafe-inline';font-src 'self' https://fonts.gstatic.com/ https://s1.rui.au.reastatic.net/ https://assets-cdn.iproperty.com.my/ https://use.fontawesome.com/
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
content-encoding: br
x-dns-prefetch-control: on
x-xss-protection: 0
x-request-id: c1d2160f-f297-4daf-9114-9db25db898f7#125462492
referrer-policy: no-referrer
last-modified: Thu, 25 May 2023 10:19:53 GMT
server: cloudflare
etag: W/"818-188526c0d28"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 85cffdab4a4b5d94-FRA

GET
H2 200 logo-tol.svg
accounts.thinkofliving.com/assets/1707293165/img/tol/ 9 KB
4 KB 675ms
675ms Image
image/svg+xml 2606:4700:4400::ac40:9821
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://accounts.thinkofliving.com/assets/1707293165/img/tol/logo-tol.svg

Requested by

Host: accounts.thinkofliving.com
URL: https://accounts.thinkofliving.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9821 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc257f27a4aff7150097569023d1561e96f037a2eb9eff7a8629efaf342c442e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .pg4business.com;default-src 'self' 'unsafe-inline' https://.taboola.com/ https://.hotjar.com/ https://sdk.iad-03.braze.com/ https://stats.g.doubleclick.net/ https://www.google-analytics.com/ https://analytics.google.com https://www.googletagmanager.com https://analytics.tiktok.com/ .segment.io/ .segment.com/ https://.pg4business.com/;base-uri 'self';img-src 'self' data: https://www.google.com/ https://www.google-analytics.com/ https://.taboola.com/ https://googleads.g.doubleclick.net/ https://www.facebook.com/ https://sb.scorecardresearch.com/ https://www.google.com.sg/ https://www.google.com.my/ https://www.google.co.in/ www.googletagmanager.com https://.pg4business.com/;frame-src 'self' https://www.gstatic.com/ https://www.google.com/ https://www.googletagmanager.com/ https://www.facebook.com/ https://www.propertyguru.com.my/ https://tsdtocl.com/ http://tpc.googlesyndication.com/ https://.hotjar.com/ https://www.google-analytics.com/ https://.pg4business.com/;script-src 'self' 'unsafe-inline' https://unpkg.com/axios@0.27.2/dist/axios.min.js https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.googleadservices.com/ https://js.appboycdn.com/ https://connect.facebook.net/ https://sb.scorecardresearch.com/ https://googleads.g.doubleclick.net/ https://sdk.iad-03.braze.com/ http://tpc.googlesyndication.com/ https://www.facebook.com/ https://.taboola.com/ https://stats.g.doubleclick.net/ https://www.google.com/ http://.hotjar.com/ https://.hotjar.com/ https://www.gstatic.com/ https://tags.crwdcntrl.net https://analytics.google.com https://analytics.tiktok.com/ .segment.io/ .segment.com/ https://.pg4business.com/;style-src 'self' https: 'unsafe-inline';font-src 'self' https://fonts.gstatic.com/ https://s1.rui.au.reastatic.net/ https://assets-cdn.iproperty.com.my/ https://use.fontawesome.com/
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 09:48:19 GMT
content-security-policy: frame-ancestors 'self' *.pg4business.com;default-src 'self' 'unsafe-inline' https://*.taboola.com/ https://*.hotjar.com/ https://sdk.iad-03.braze.com/ https://stats.g.doubleclick.net/ https://www.google-analytics.com/ https://analytics.google.com https://www.googletagmanager.com https://analytics.tiktok.com/ *.segment.io/ *.segment.com/ https://*.pg4business.com/;base-uri 'self';img-src 'self' data: https://www.google.com/ https://www.google-analytics.com/ https://*.taboola.com/ https://googleads.g.doubleclick.net/ https://www.facebook.com/ https://sb.scorecardresearch.com/ https://www.google.com.sg/ https://www.google.com.my/ https://www.google.co.in/ www.googletagmanager.com https://*.pg4business.com/;frame-src 'self' https://www.gstatic.com/ https://www.google.com/ https://www.googletagmanager.com/ https://www.facebook.com/ https://www.propertyguru.com.my/ https://tsdtocl.com/ http://tpc.googlesyndication.com/ https://*.hotjar.com/ https://www.google-analytics.com/ https://*.pg4business.com/;script-src 'self' 'unsafe-inline' https://unpkg.com/axios@0.27.2/dist/axios.min.js https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.googleadservices.com/ https://js.appboycdn.com/ https://connect.facebook.net/ https://sb.scorecardresearch.com/ https://googleads.g.doubleclick.net/ https://sdk.iad-03.braze.com/ http://tpc.googlesyndication.com/ https://www.facebook.com/ https://*.taboola.com/ https://stats.g.doubleclick.net/ https://www.google.com/ http://*.hotjar.com/ https://*.hotjar.com/ https://www.gstatic.com/ https://tags.crwdcntrl.net https://analytics.google.com https://analytics.tiktok.com/ *.segment.io/ *.segment.com/ https://*.pg4business.com/;style-src 'self' https: 'unsafe-inline';font-src 'self' https://fonts.gstatic.com/ https://s1.rui.au.reastatic.net/ https://assets-cdn.iproperty.com.my/ https://use.fontawesome.com/
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
content-encoding: br
x-dns-prefetch-control: on
x-xss-protection: 0
x-request-id: 1e8d4bed-b104-4bf2-a166-3e8b4dea5874#125804804
referrer-policy: no-referrer
last-modified: Thu, 25 May 2023 10:19:53 GMT
server: cloudflare
etag: W/"2248-188526c0d28"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 85cffdab2a3d5d94-FRA

GET
H2

200

main.js Show response
accounts.thinkofliving.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/a0d8959cb7d0/ Frame EA85
Redirect Chain

https://accounts.thinkofliving.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://accounts.thinkofliving.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/a0d8959cb7d0/main.js

8 KB
4 KB

33ms
33ms

Script
application/javascript

2606:4700:4400::ac40:9821
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.thinkofliving.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/a0d8959cb7d0/main.js

Requested by

Host: accounts.thinkofliving.com
URL: https://accounts.thinkofliving.com/

Protocol

H2

Server

2606:4700:4400::ac40:9821 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8dc9eb92b1c810be9ff77f510353299203c902d2a306aef40b017e0f88ade409

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 09:48:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 85cffdad0b495d94-FRA

Redirect headers

location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/a0d8959cb7d0/main.js
access-control-allow-origin: *
date: Thu, 29 Feb 2024 09:48:19 GMT
cache-control: max-age=300, public
server: cloudflare
cf-ray: 85cffdacdb2e5d94-FRA
vary: accept-encoding

GET
H2

400

/ Show response
accounts.thinkofliving.com/cdn-cgi/challenge-platform/h/g/jsd/r/85cffda9c9605d94/ Frame EA85
Redirect Chain

https://accounts.thinkofliving.com/cdn-cgi/challenge-platform/h/g/jsd/r/85cffda9c9605d94
https://accounts.thinkofliving.com/cdn-cgi/challenge-platform/h/g/jsd/r/85cffda9c9605d94/

7 B
179 B

39ms
39ms

XHR
application/json

2606:4700:4400::ac40:9821
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.thinkofliving.com/cdn-cgi/challenge-platform/h/g/jsd/r/85cffda9c9605d94/
Requested by: Host: accounts.thinkofliving.com
URL: https://accounts.thinkofliving.com/
Protocol: H2
Server: 2606:4700:4400::ac40:9821 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1234d75178d892a133a410355a5a990cf75d2f33eba25d575943d4df632f3a4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

cf-chl-out: Izl4Vmra2ew+yUtkY5NKgg==$sbpqW62k9W+uL/mDYut3aA==
date: Thu, 29 Feb 2024 09:48:19 GMT
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 85cffdaddbc85d94-FRA
content-type: application/json

Redirect headers

location: /cdn-cgi/challenge-platform/h/g/jsd/r/85cffda9c9605d94/
date: Thu, 29 Feb 2024 09:48:19 GMT
cache-control: max-age=3600
server: cloudflare
cf-ray: 85cffdadaba95d94-FRA
vary: Accept-Encoding
expires: Thu, 29 Feb 2024 10:48:19 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.thinkofliving.com/	1970-01-20 18:46:41	Name: __cf_bm Value: Ed4u7HKaIb0mD4kj0rMt7VlpBzQDOD5EMC0xdLEwT8k-1709200099-1.0-AW81iezbIPCoPBO9wHCtPo94CDoJQauxDnpEDa5fn/dJtlA+z2mi0BbhnHcfv9zPzWzMu7z0wsnw/jZXumUKubY=

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://accounts.thinkofliving.com/cdn-cgi/challenge-platform/h/g/jsd/r/85cffda9c9605d94/ Message: Failed to load resource: the server responded with a status of 400 ()
javascript	warning	URL: https://accounts.thinkofliving.com/ Message: The resource https://accounts.thinkofliving.com/assets/1707293165/font/tol/pangea-variable.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' .pg4business.com;default-src 'self' 'unsafe-inline' https://.taboola.com/ https://.hotjar.com/ https://sdk.iad-03.braze.com/ https://stats.g.doubleclick.net/ https://www.google-analytics.com/ https://analytics.google.com https://www.googletagmanager.com https://analytics.tiktok.com/ .segment.io/ .segment.com/ https://.pg4business.com/;base-uri 'self';img-src 'self' data: https://www.google.com/ https://www.google-analytics.com/ https://.taboola.com/ https://googleads.g.doubleclick.net/ https://www.facebook.com/ https://sb.scorecardresearch.com/ https://www.google.com.sg/ https://www.google.com.my/ https://www.google.co.in/ www.googletagmanager.com https://.pg4business.com/;frame-src 'self' https://www.gstatic.com/ https://www.google.com/ https://www.googletagmanager.com/ https://www.facebook.com/ https://www.propertyguru.com.my/ https://tsdtocl.com/ http://tpc.googlesyndication.com/ https://.hotjar.com/ https://www.google-analytics.com/ https://.pg4business.com/;script-src 'self' 'unsafe-inline' https://unpkg.com/axios@0.27.2/dist/axios.min.js https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.googleadservices.com/ https://js.appboycdn.com/ https://connect.facebook.net/ https://sb.scorecardresearch.com/ https://googleads.g.doubleclick.net/ https://sdk.iad-03.braze.com/ http://tpc.googlesyndication.com/ https://www.facebook.com/ https://.taboola.com/ https://stats.g.doubleclick.net/ https://www.google.com/ http://.hotjar.com/ https://.hotjar.com/ https://www.gstatic.com/ https://tags.crwdcntrl.net https://analytics.google.com https://analytics.tiktok.com/ .segment.io/ .segment.com/ https://.pg4business.com/;style-src 'self' https: 'unsafe-inline';font-src 'self' https://fonts.gstatic.com/ https://s1.rui.au.reastatic.net/ https://assets-cdn.iproperty.com.my/ https://use.fontawesome.com/
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.thinkofliving.com
2606:4700:4400::ac40:9821
191927852999836873e2ca799b23ae34917ce92915b3156e49b5284b0a9ff824
588e58b9e183ae708d6c960356297cd3c395258ea99b42f15b79e16d1e8ec5e1
599a031239897e363b57be002f0788e1b22f7053ea864008522ade8297b73eb2
8dc9eb92b1c810be9ff77f510353299203c902d2a306aef40b017e0f88ade409
dc257f27a4aff7150097569023d1561e96f037a2eb9eff7a8629efaf342c442e
dd85ba6fdc118c0167c8584a28b3f2afa24e2e786c05fdc10baa82cbcd6fb5d8
f1234d75178d892a133a410355a5a990cf75d2f33eba25d575943d4df632f3a4

accounts.thinkofliving.com Open in urlscan Pro 2606:4700:4400::ac40:9821 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

7 Requests

71 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

15 kBTransfer

37 kBSize

1 Cookies

0 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

1 Cookies

2 Console Messages

Security Headers

Indicators

accounts.thinkofliving.com Open in urlscan Pro
2606:4700:4400::ac40:9821 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

71 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

15 kB
Transfer

37 kB
Size

1
Cookies

7 HTTP transactions
0 data transactions