widget.staging.internal.efset.org Open in urlscan Pro
99.84.88.67  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response widget.staging.internal.efset.org/	522 B 897 B	274ms 173ms	Document text/html	99.84.88.67 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget.staging.internal.efset.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.88.67 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-88-67.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash 52fd55b39492fe0fcab40536d5ef276672d40508e8fee30600abbfa3fe18a110 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=86400 cache-control public, max-age=0, s-maxage=2 content-length 522 content-type text/html date Wed, 17 Jan 2024 03:23:11 GMT etag "1a1b9e2ca5c37b47c463ce863a4b10c4" last-modified Tue, 16 Jan 2024 15:49:33 GMT server AmazonS3 via 1.1 af3abf09293a5c762de5e451f8d6a912.cloudfront.net (CloudFront) x-amz-cf-id _eUyuBlE547lTc767WT1FQA3nNqQplQ0l2pIbcypRIktzUsFWn5iLA== x-amz-cf-pop MUC50-C1 x-cache Miss from cloudfront
GET H2	200	index-71b74051.js Show response widget.staging.internal.efset.org/assets/	1017 KB 303 KB	225ms 225ms	Script application/javascript	99.84.88.67 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget.staging.internal.efset.org/assets/index-71b74051.js Requested by Host: widget.staging.internal.efset.org URL: https://widget.staging.internal.efset.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.88.67 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-88-67.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash 3325a67d99af10a4efb346b2d17f1a21b967c660e225616cf9c993985f27dac2 Request headers Referer https://widget.staging.internal.efset.org/ Origin https://widget.staging.internal.efset.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 17 Jan 2024 03:23:11 GMT content-encoding gzip via 1.1 af3abf09293a5c762de5e451f8d6a912.cloudfront.net (CloudFront) last-modified Tue, 16 Jan 2024 15:49:33 GMT server AmazonS3 x-amz-cf-pop MUC50-C1 etag W/"d2c1f8fc205147fd11bc3c69b26f26bf" vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript cache-control public, max-age=0, s-maxage=2 alt-svc h3=":443"; ma=86400 x-amz-cf-id oicP8GQI9FQiXsq9MfTtY_VMJNap2IyQtPssjbvKQMgu-620TSEeKg==
GET H2	200	core-895d7f80.js Show response widget.staging.internal.efset.org/assets/	139 KB 45 KB	212ms 212ms	Script application/javascript	99.84.88.67 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget.staging.internal.efset.org/assets/core-895d7f80.js Requested by Host: widget.staging.internal.efset.org URL: https://widget.staging.internal.efset.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.88.67 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-88-67.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash e135e17e5d61925353d470cfc81d9ed4a22129af5d7d5f4e2356cf7d8c888321 Request headers Referer https://widget.staging.internal.efset.org/ Origin https://widget.staging.internal.efset.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 17 Jan 2024 03:23:11 GMT content-encoding gzip via 1.1 af3abf09293a5c762de5e451f8d6a912.cloudfront.net (CloudFront) last-modified Tue, 16 Jan 2024 15:49:33 GMT server AmazonS3 x-amz-cf-pop MUC50-C1 etag W/"c95821d114176415c3a367ef23d5feec" vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript cache-control public, max-age=0, s-maxage=2 alt-svc h3=":443"; ma=86400 x-amz-cf-id PP3xoZ4aYoUcHrNzHo8W6xSxvEDa2z2m63IsHMMsMYn3htfmWFu4cg==
GET H2	200	index-ef8ff63f.css widget.staging.internal.efset.org/assets/	50 KB 10 KB	179ms 179ms	Stylesheet text/css	99.84.88.67 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget.staging.internal.efset.org/assets/index-ef8ff63f.css Requested by Host: widget.staging.internal.efset.org URL: https://widget.staging.internal.efset.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.88.67 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-88-67.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash ef8ff63f818915ece1d79a8bebdba2d4d3c207aee8a5ed6b36f49cea3247dae0 Request headers accept-language de-DE,de;q=0.9 Referer https://widget.staging.internal.efset.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 17 Jan 2024 03:23:11 GMT content-encoding gzip via 1.1 af3abf09293a5c762de5e451f8d6a912.cloudfront.net (CloudFront) last-modified Tue, 16 Jan 2024 15:49:33 GMT server AmazonS3 x-amz-cf-pop MUC50-C1 etag W/"55a46a1866148ade4450f8e33f276d10" vary Accept-Encoding x-cache Miss from cloudfront content-type text/css cache-control public, max-age=0, s-maxage=2 alt-svc h3=":443"; ma=86400 x-amz-cf-id WcYbIEsOWdwEEUrVYUoyUoJSUUG5B7T7zNVc9IF6SAcqabGxsp9jAA==
GET H2	200	gtm.js Show response stg-analytics.efset.org/	299 KB 105 KB	1597ms 1283ms	Script application/javascript	2001:4860:4802:32::15 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stg-analytics.efset.org/gtm.js?id=GTM-K9TP9N2 Requested by Host: widget.staging.internal.efset.org URL: https://widget.staging.internal.efset.org/assets/index-71b74051.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 6257422477d2632428f562e1dd05a2912776d9109174056a1666dda24cf94b55 Request headers accept-language de-DE,de;q=0.9 Referer https://widget.staging.internal.efset.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 17 Jan 2024 03:23:13 GMT content-encoding gzip last-modified Wed, 17 Jan 2024 03:00:00 GMT server Google Frontend vary Accept-Encoding content-type application/javascript; charset=UTF-8 x-cloud-trace-context f4dcbe8dffcc06387de2551154a26e5f;o=1 cache-control private, max-age=900 content-length 106812 expires Wed, 17 Jan 2024 03:38:13 GMT
OPTIONS H2	200	datasource_entries api.storyblok.com/v2/cdn/	0 0	140ms 50ms	Preflight	99.84.88.48 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.storyblok.com/v2/cdn/datasource_entries?cv=1705461792&datasource=set-app-web-translations&dimension=en&page=1&per_page=1000&version=published&token=mOUFgBm3XAKThy1nr28KhQtt Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.88.48 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-88-48.muc50.r.cloudfront.net Software nginx/1.23.3 / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type,sb-agent,sb-agent-version Access-Control-Request-Method GET Origin https://widget.staging.internal.efset.org Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type,sb-agent,sb-agent-version access-control-allow-methods GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD access-control-allow-origin https://widget.staging.internal.efset.org access-control-expose-headers Api-Version, Token, Total, Per-Page access-control-max-age 7200 content-length 0 date Wed, 17 Jan 2024 03:23:11 GMT server nginx/1.23.3 via 1.1 fe36c7f30c8ef2853edecc43f320092c.cloudfront.net (CloudFront) x-amz-cf-id FFkzyHD7arI9WFhWlbUVtVLzNMiNeg-dHmjPe18TPmVm67z_nNLnXg== x-amz-cf-pop MUC50-C1 x-cache Miss from cloudfront
GET H2	200	datasource_entries Show response api.storyblok.com/v2/cdn/	39 KB 9 KB	120ms 120ms	Fetch application/json	99.84.88.48 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.storyblok.com/v2/cdn/datasource_entries?cv=1705461792&datasource=set-app-web-translations&dimension=en&page=1&per_page=1000&version=published&token=mOUFgBm3XAKThy1nr28KhQtt Requested by Host: widget.staging.internal.efset.org URL: https://widget.staging.internal.efset.org/assets/index-71b74051.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.88.48 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-88-48.muc50.r.cloudfront.net Software nginx/1.23.3 / Resource Hash 7eab812ad526e770e4817aa3b09a9022a01a6d4194c3b19d877295269355f062 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept application/json sb-agent SB-JS-CLIENT Referer https://widget.staging.internal.efset.org/ sb-agent-version 5.14.2 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 content-type application/json Response headers date Wed, 17 Jan 2024 03:23:11 GMT total 302 x-content-type-options nosniff content-encoding gzip x-permitted-cross-domain-policies none per-page 1000 via 1.1 fe36c7f30c8ef2853edecc43f320092c.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-C1 sb-be-version 1.99.1.D x-cache Miss from cloudfront x-xss-protection 1; mode=block x-request-id a55284c4-5dfc-433f-b4bc-013b9f52a0c8 x-runtime 0.067536 referrer-policy strict-origin-when-cross-origin server nginx/1.23.3 etag W/"7eab812ad526e770e4817aa3b09a9022" x-download-options noopen access-control-max-age 7200 access-control-allow-methods GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD content-type application/json; charset=utf-8 access-control-allow-origin https://widget.staging.internal.efset.org access-control-expose-headers Api-Version, Token, Total, Per-Page x-frame-options SAMEORIGIN access-control-allow-credentials true cache-control max-age=0, public, s-maxage=604800 vary Accept-Encoding,Origin x-amz-cf-id 1__i45oodKA11T1s8M8GSLLXv1iQzwN5-m6jFSvLpEBKFe6ilO6UrQ==
GET H2	200	datasource_entries Show response api.storyblok.com/v2/cdn/	25 KB 7 KB	99ms 99ms	Fetch application/json	99.84.88.48 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.storyblok.com/v2/cdn/datasource_entries?cv=1705461792&datasource=certificate-translations&dimension=en&page=1&per_page=1000&version=published&token=mOUFgBm3XAKThy1nr28KhQtt Requested by Host: widget.staging.internal.efset.org URL: https://widget.staging.internal.efset.org/assets/index-71b74051.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.88.48 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-88-48.muc50.r.cloudfront.net Software nginx/1.23.3 / Resource Hash dadbfaeb25c7ee4e7862bc26f4c320d1cf4c2e3a6b591349d0edef638542d8d9 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept application/json sb-agent SB-JS-CLIENT Referer https://widget.staging.internal.efset.org/ sb-agent-version 5.14.2 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 content-type application/json Response headers date Wed, 17 Jan 2024 03:23:11 GMT total 127 x-content-type-options nosniff content-encoding gzip x-permitted-cross-domain-policies none per-page 1000 via 1.1 fe36c7f30c8ef2853edecc43f320092c.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-C1 sb-be-version 1.99.1.D x-cache Miss from cloudfront x-xss-protection 1; mode=block x-request-id 2d52cfaf-93c4-42a8-a88c-efd86b48c0a7 x-runtime 0.043527 referrer-policy strict-origin-when-cross-origin server nginx/1.23.3 etag W/"dadbfaeb25c7ee4e7862bc26f4c320d1" x-download-options noopen access-control-max-age 7200 access-control-allow-methods GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD content-type application/json; charset=utf-8 access-control-allow-origin https://widget.staging.internal.efset.org access-control-expose-headers Api-Version, Token, Total, Per-Page x-frame-options SAMEORIGIN access-control-allow-credentials true cache-control max-age=0, public, s-maxage=604800 vary Accept-Encoding,Origin x-amz-cf-id St0nJ5XhDI1g2xcJDYvBjPwuqvaL6Sg-XjxvUbmni2j6kdgO_hrFYw==
OPTIONS H2	200	datasource_entries api.storyblok.com/v2/cdn/	0 0	53ms 53ms	Preflight	99.84.88.48 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.storyblok.com/v2/cdn/datasource_entries?cv=1705461792&datasource=certificate-translations&dimension=en&page=1&per_page=1000&version=published&token=mOUFgBm3XAKThy1nr28KhQtt Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.88.48 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-88-48.muc50.r.cloudfront.net Software nginx/1.23.3 / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type,sb-agent,sb-agent-version Access-Control-Request-Method GET Origin https://widget.staging.internal.efset.org Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type,sb-agent,sb-agent-version access-control-allow-methods GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD access-control-allow-origin https://widget.staging.internal.efset.org access-control-expose-headers Api-Version, Token, Total, Per-Page access-control-max-age 7200 content-length 0 date Wed, 17 Jan 2024 03:23:11 GMT server nginx/1.23.3 via 1.1 fe36c7f30c8ef2853edecc43f320092c.cloudfront.net (CloudFront) x-amz-cf-id Oxp_UH904VpmK9au6Wg_R9jRm7ZbL21VGe1WJgYCdRzRsOPlIgRgSQ== x-amz-cf-pop MUC50-C1 x-cache Miss from cloudfront
GET H2	200	js Show response stg-analytics.efset.org/gtag/	269 KB 105 KB	268ms 268ms	Script application/javascript	2001:4860:4802:32::15 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stg-analytics.efset.org/gtag/js?id=G-9FB9PZD23Q&l=dataLayer&cx=c&sign=af7eec96e4f093b59f5514e64d71b7372040dc135fe8ae4c20b10857c8c882ea_20240117 Requested by Host: stg-analytics.efset.org URL: https://stg-analytics.efset.org/gtm.js?id=GTM-K9TP9N2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 0784c45c4a041279f5d37c5421a11b96569a7fd9427a7935c737de8426bb07c3 Request headers accept-language de-DE,de;q=0.9 Referer https://widget.staging.internal.efset.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 17 Jan 2024 03:23:13 GMT content-encoding gzip server Google Frontend vary Accept-Encoding content-type application/javascript; charset=UTF-8 x-cloud-trace-context 3e9ed97069935ccf7ad2a43a354cca22 cache-control private, max-age=900 content-length 107232 expires Wed, 17 Jan 2024 03:38:13 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	212 KB 57 KB	120ms 40ms	Script application/x-javascript	2a03:2880:f083:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: stg-analytics.efset.org URL: https://stg-analytics.efset.org/gtm.js?id=GTM-K9TP9N2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 0c9cc88c27618b01e95063377382195b9062bdbef5eb1687e5881d3f318dbe63 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://widget.staging.internal.efset.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=() content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Wed, 17 Jan 2024 03:23:13 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 56915 x-xss-protection 0 reporting-endpoints pragma public x-fb-debug KuwwNuGT+zCcp0FCIHb5uzqKQFzMu90wVvR9+6mDjhYFt30aXdcocQCBwFx1zunIioTnMWc9fzNkI7D2ZJGEmQ== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), fullscreen=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	126ms 39ms	Script text/javascript	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: stg-analytics.efset.org URL: https://stg-analytics.efset.org/gtm.js?id=GTM-K9TP9N2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://widget.staging.internal.efset.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Wed, 17 Jan 2024 01:48:10 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 5703 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Wed, 17 Jan 2024 03:48:10 GMT
GET H2	200	linkid.js Show response www.google-analytics.com/plugins/ua/	2 KB 1 KB	41ms 41ms	Script text/javascript	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/plugins/ua/linkid.js Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://widget.staging.internal.efset.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 17 Jan 2024 02:51:48 GMT content-encoding br x-content-type-options nosniff age 1885 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 697 x-xss-protection 0 last-modified Fri, 30 Jun 2023 18:58:00 GMT server sffe vary Accept-Encoding report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Wed, 17 Jan 2024 03:51:48 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	3 B 220 B	46ms 46ms	XHR text/plain	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=621673337&t=pageview&_s=1&dl=https%3A%2F%2Fwidget.staging.internal.efset.org%2F&dp=%2F&ul=en-us&de=UTF-8&dt=EFSET&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEAjAAAAACAEK~&jid=1620617845&gjid=1855736149&cid=1730561731.1705461794&tid=UA-151204776-77&_gid=2119866355.1705461794&_r=1&_slc=1&gtm=45Fe41a0n81K9TP9N2v898377993&gcd=11l1l1l1l1&dma=0&cd10=widget.staging.internal.efset.org&cd11=https%3A%2F%2Fwidget.staging.internal.efset.org%2F&cd43=false&cd44=en&z=831954614 Requested by Host: widget.staging.internal.efset.org URL: https://widget.staging.internal.efset.org/assets/index-71b74051.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://widget.staging.internal.efset.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 17 Jan 2024 03:23:13 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://widget.staging.internal.efset.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	1505417093009580 Show response connect.facebook.net/signals/config/	133 KB 35 KB	107ms 107ms	Script application/x-javascript	2a03:2880:f083:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1505417093009580?v=2.9.140&r=stable&domain=widget.staging.internal.efset.org Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash a5497182bf67bb245e3fcbc1217b1f1c7fbc6a1fda7bec9a7edd41accb2a76d0 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://widget.staging.internal.efset.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=() content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Wed, 17 Jan 2024 03:23:13 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints pragma public x-fb-debug P1pm9rcXugh3Vu5jgpHqC5WdqrCEoEzuFsfIdfyfa9/aTWRZa3pbaaVGvKEsl/TL006Z8m/u1WPzazLwtFV78w== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	1065641840152352 Show response connect.facebook.net/signals/config/	133 KB 35 KB	102ms 101ms	Script application/x-javascript	2a03:2880:f083:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1065641840152352?v=2.9.140&r=stable&domain=widget.staging.internal.efset.org Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 53af2a3eb9146b72d16df8fe6a538cac40f2a4bd63c2dbad89d2097d6780077b Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://widget.staging.internal.efset.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=() content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Wed, 17 Jan 2024 03:23:13 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints pragma public x-fb-debug ww1vM1ABCFHh3Wy0WdVPh85AVJx9UrprYW4XN4XqOc7H1kmxpKGMcbc6HOKCcoh7ehb73KKhOZC4Xu9OeKnzZQ== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 185 B	120ms 40ms	Image text/plain	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1505417093009580&ev=PageView&dl=https%3A%2F%2Fwidget.staging.internal.efset.org%2F&rl=&if=false&ts=1705461794108&sw=1600&sh=1200&v=2.9.140&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1705461793909.2113469782&ler=empty&it=1705461793778&coo=false&tm=1&cdl=&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://widget.staging.internal.efset.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Wed, 17 Jan 2024 03:23:14 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/tr/	0 31 B	120ms 40ms	Image text/plain	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1065641840152352&ev=PageView&dl=https%3A%2F%2Fwidget.staging.internal.efset.org%2F&rl=&if=false&ts=1705461794108&sw=1600&sh=1200&v=2.9.140&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1705461793909.2113469782&ler=empty&it=1705461793778&coo=false&tm=1&cdl=&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://widget.staging.internal.efset.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Wed, 17 Jan 2024 03:23:14 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	collect Show response stg-analytics.efset.org/g/	65 B 562 B	196ms 196ms	XHR text/plain	2001:4860:4802:32::15 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stg-analytics.efset.org/g/collect?v=2&tid=G-9FB9PZD23Q&gtm=45he41a0v899744510&_p=1705461791579&gcd=11l1l1l1l1&dma=0&cid=1730561731.1705461794&ul=en-us&sr=1600x1200&_fplc=0&ur=&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&sst.uc=&sst.gcd=11l1l1l1l1&sst.tft=1705461791579&sst.sp=1&sst.em_event=1&_s=1&sid=1705461794&sct=1&seg=0&dl=https%3A%2F%2Fwidget.staging.internal.efset.org%2F&dt=EFSET&en=scroll&_fv=1&_ss=1&epn.percent_scrolled=90&tfd=3451&richsstsse Requested by Host: widget.staging.internal.efset.org URL: https://widget.staging.internal.efset.org/assets/index-71b74051.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://widget.staging.internal.efset.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 17 Jan 2024 03:23:14 GMT content-encoding gzip x-content-type-options nosniff server Google Frontend vary Accept-Encoding content-type text/plain access-control-allow-origin https://widget.staging.internal.efset.org x-cloud-trace-context aeb7925c7325ef0532b90f5300c62abf cache-control no-cache access-control-allow-credentials true content-length 90 expires Wed, 17 Jan 2024 03:23:14 GMT

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| DD_LOGS function| Buffer object| process object| global object| dataLayer object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data function| fbq function| _fbq object| _fbq_gtm_ids object| eventsListener object| dl string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.efset.org/	1970-01-20 17:45:48	Name: _gid Value: GA1.2.2119866355.1705461794
			.efset.org/	1970-01-20 17:44:21	Name: _gat_UA-151204776-77 Value: 1
			.efset.org/	1970-01-20 19:53:57	Name: _fbp Value: fb.1.1705461793909.2113469782
			.efset.org/	1970-01-21 03:20:21	Name: _ga_9FB9PZD23Q Value: GS1.1.1705461794.1.0.1705461794.0.0.0
			.efset.org/	1970-01-21 03:20:21	Name: _ga Value: GA1.1.1730561731.1705461794
			.efset.org/	1970-01-21 03:20:21	Name: FPID Value: FPID2.2.%2FhQTv7e9M%2BxhL9PdGnEpshBbtRbcV2mz8xGKUU%2FlVK0%3D.1705461794
			.efset.org/	1970-01-20 17:45:33	Name: FPLC Value: Kl4fkxyKzhrVnDwYzyiqJQuRDr0lfHnPoKIZFZ0Gxt1LaeMrqy2VLtjdoGrZfxDxlgHWvHix7zP8oByn9Ccf%2B7Yj9rrSYGVkoTPAZ4OYuDeqmzODEhc56zB0RRfO3g%3D%3D
			widget.staging.internal.efset.org/	1970-01-20 17:44:22	Name: _dd_s Value: logs=1&id=327d61d4-d0f9-43e7-a7c8-8e17ebbb105c&created=1705461791499&expire=1705462691499

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.storyblok.com
connect.facebook.net
stg-analytics.efset.org
widget.staging.internal.efset.org
www.facebook.com
www.google-analytics.com
2001:4860:4802:32::15
2a00:1450:4001:80b::200e
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
99.84.88.48
99.84.88.67
0784c45c4a041279f5d37c5421a11b96569a7fd9427a7935c737de8426bb07c3
0c9cc88c27618b01e95063377382195b9062bdbef5eb1687e5881d3f318dbe63
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
3325a67d99af10a4efb346b2d17f1a21b967c660e225616cf9c993985f27dac2
52fd55b39492fe0fcab40536d5ef276672d40508e8fee30600abbfa3fe18a110
53af2a3eb9146b72d16df8fe6a538cac40f2a4bd63c2dbad89d2097d6780077b
6257422477d2632428f562e1dd05a2912776d9109174056a1666dda24cf94b55
7eab812ad526e770e4817aa3b09a9022a01a6d4194c3b19d877295269355f062
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
a5497182bf67bb245e3fcbc1217b1f1c7fbc6a1fda7bec9a7edd41accb2a76d0
dadbfaeb25c7ee4e7862bc26f4c320d1cf4c2e3a6b591349d0edef638542d8d9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e135e17e5d61925353d470cfc81d9ed4a22129af5d7d5f4e2356cf7d8c888321
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
ef8ff63f818915ece1d79a8bebdba2d4d3c207aee8a5ed6b36f49cea3247dae0