mta-sts.square-analysis.io Open in urlscan Pro
52.157.242.135  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response mta-sts.square-analysis.io/	2 KB 2 KB	543ms 115ms	Document text/html	52.157.242.135 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://mta-sts.square-analysis.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.157.242.135 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash 629af7c378132503427d3e4dd7de386fb2c4b66872ab6551abc526a2178ea078 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 accept-language en-US,en;q=0.9 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cache-control no-cache, private content-encoding gzip content-type text/html; charset=UTF-8 date Tue, 02 Apr 2024 14:05:47 GMT server nginx vary Accept-Encoding x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 1; mode=block
GET H2	200	app.css mta-sts.square-analysis.io/css/	253 KB 37 KB	225ms 223ms	Stylesheet text/css	52.157.242.135 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://mta-sts.square-analysis.io/css/app.css?id=8710efed572a208395cb500bd8aae5ab Requested by Host: mta-sts.square-analysis.io URL: https://mta-sts.square-analysis.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.157.242.135 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash 9083ff2a1628cc3fe9ec51106a4dbf518dad09ea5fffdb0a2204f9c1aba57b85 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://mta-sts.square-analysis.io/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 02 Apr 2024 14:05:47 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Apr 2024 09:08:37 GMT server nginx etag W/"660bcb15-3f2ef" vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/css x-xss-protection 1; mode=block
GET H2	200	human8-logo.png mta-sts.square-analysis.io/img/	1 KB 2 KB	335ms 334ms	Image image/png	52.157.242.135 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://mta-sts.square-analysis.io/img/human8-logo.png?id=d05149f97dbc0cf5e475b3e34abddc6d Requested by Host: mta-sts.square-analysis.io URL: https://mta-sts.square-analysis.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.157.242.135 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash a5d22429ac7e73980fa9a24df9841620e59a7f4e68b0582a1fd6dd0ef5f71672 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://mta-sts.square-analysis.io/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 02 Apr 2024 14:05:47 GMT x-content-type-options nosniff last-modified Tue, 02 Apr 2024 09:08:37 GMT server nginx etag "660bcb15-5fc" x-frame-options SAMEORIGIN content-type image/png accept-ranges bytes content-length 1532 x-xss-protection 1; mode=block
GET H2	200	app.js Show response mta-sts.square-analysis.io/js/	2 MB 569 KB	335ms 334ms	Script application/javascript	52.157.242.135 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://mta-sts.square-analysis.io/js/app.js?id=f9528d32b7706331f8b3da0f8997bddd Requested by Host: mta-sts.square-analysis.io URL: https://mta-sts.square-analysis.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.157.242.135 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash 5ce41f9c726edcbcb0930a53025cc7116294dcd0e06483d6629443501a44f52d Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://mta-sts.square-analysis.io/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 02 Apr 2024 14:05:47 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Apr 2024 09:08:37 GMT server nginx etag W/"660bcb15-1c0181" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 x-xss-protection 1; mode=block
GET H2	200	css fonts.googleapis.com/	2 KB 959 B	136ms 55ms	Stylesheet text/css	2607:f8b0:4006:820::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Nunito Requested by Host: mta-sts.square-analysis.io URL: https://mta-sts.square-analysis.io/css/app.css?id=8710efed572a208395cb500bd8aae5ab Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:820::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ab535a911215b95d5c4be7dc2858f6f2cdbfaa716f0395759092bd4d768485cb Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://mta-sts.square-analysis.io/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Tue, 02 Apr 2024 14:05:47 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 02 Apr 2024 12:54:25 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 02 Apr 2024 14:05:47 GMT
GET H2	200	XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2 fonts.gstatic.com/s/nunito/v26/	16 KB 16 KB	117ms 37ms	Font font/woff2	2607:f8b0:4006:822::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/nunito/v26/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Nunito Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 923963e0a56b84c4438f2359121e855e147a01a78a2591c471179cfc9bf0e784 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://fonts.googleapis.com/ Origin https://mta-sts.square-analysis.io accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 09:11:23 GMT x-content-type-options nosniff age 536064 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16292 x-xss-protection 0 last-modified Thu, 14 Sep 2023 00:41:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 27 Mar 2025 09:11:23 GMT
GET H2	200	favicon.ico mta-sts.square-analysis.io/	0 182 B	111ms 110ms	Other image/x-icon	52.157.242.135 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://mta-sts.square-analysis.io/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.157.242.135 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://mta-sts.square-analysis.io/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 02 Apr 2024 14:05:48 GMT x-content-type-options nosniff last-modified Wed, 27 Mar 2024 11:14:53 GMT server nginx etag "6603ffad-0" x-frame-options SAMEORIGIN content-type image/x-icon accept-ranges bytes content-length 0 x-xss-protection 1; mode=block

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal string| environment object| webpackChunk function| _ function| Popper function| jQuery function| $ function| axios function| Vue function| flash function| clearFlashMessages object| cptable function| flatpickr boolean| DEBUG function| HTMLParser function| HTMLtoXML function| HTMLtoDOM

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			mta-sts.square-analysis.io/	1970-01-20 19:34:33	Name: XSRF-TOKEN Value: eyJpdiI6Inl5TFZhTS9UUmVGeGlxWGVxQnVhM3c9PSIsInZhbHVlIjoiYXdQcVhPSnRXNHFYVmtwTXhwRkZsRlY4bTk3RVRmdkdZc3NuVldhOHAxV3ZuTnBsZFhYOWNyUTkxSzJWL1F1WHcrTTVvbnpuNGNESUd5bW1nMjBYQzk0TE9sYkp2bmlLYWhOeS9odjhzWm9CcGpUaHp6ckV5TXFqcEZ3RnlialAiLCJtYWMiOiJmMTQwMzIzZDQwNmJjNGEzMGRjYzc4Njc3NzkwNjc2MmJjMzRkYzQwNjJlZWY0MTk0NGUxOWE5MzEyYzIxYWUxIiwidGFnIjoiIn0%3D
			mta-sts.square-analysis.io/	1970-01-20 19:34:33	Name: analysis_tools_emea_session Value: eyJpdiI6IjFoMDVvdVFaSFdiWExJVjU3Q29QWGc9PSIsInZhbHVlIjoiYUJidkNPWDlLMDNjdkZDblhFbXl6NDVubUpvUzkycXBTMldUZ3A5cS9vcmFHeWlnTUxMT0tLRDVRNHBmNmpPWGRpT2paazBDNkxML1lUQmVZaGZHKzZXS21pd2lhZ1B3L3ppWC8wNmh3VVFOZ0xXQnVqVEZrYXZsNDdWbXFWOXAiLCJtYWMiOiI2ZmQ1MGFlMWEzYTI0Yjk3YWZkNDFkNzBhYTQyYTg1ZjI4MjA3N2YyZjg2OWI3NzNmYTM5YzZhOGY1MDVjMmM2IiwidGFnIjoiIn0%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
mta-sts.square-analysis.io
2607:f8b0:4006:820::200a
2607:f8b0:4006:822::2003
52.157.242.135
5ce41f9c726edcbcb0930a53025cc7116294dcd0e06483d6629443501a44f52d
629af7c378132503427d3e4dd7de386fb2c4b66872ab6551abc526a2178ea078
9083ff2a1628cc3fe9ec51106a4dbf518dad09ea5fffdb0a2204f9c1aba57b85
923963e0a56b84c4438f2359121e855e147a01a78a2591c471179cfc9bf0e784
a5d22429ac7e73980fa9a24df9841620e59a7f4e68b0582a1fd6dd0ef5f71672
ab535a911215b95d5c4be7dc2858f6f2cdbfaa716f0395759092bd4d768485cb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855