urlscan.io logo urlscan.io
SecurityTrails logo

app.hoopla.net Open in urlscan Pro
3.231.199.202  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://click.hoopla.net/ls/click?upn=GBnd5rSI9475n9dUGsKcyBGuWWOH8bEyYbp2jv9TQQ-2Bly7dkLM-2BvY8JUyq5kObCs2drIPj1e9i7pFMW...
Effective URL: https://app.hoopla.net/configuration/google
Submission: On August 18 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 12 domains to perform 30 HTTP transactions. The main IP is 3.231.199.202, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is app.hoopla.net.
TLS certificate: Issued by Amazon on July 3rd 2021. Valid for: a year.
This is the only time app.hoopla.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    167.89.115.120 (Herndon, United States)

ASN11377 (SENDGRID, US)
PTR: o16789115x120.outbound-mail.sendgrid.net
click.hoopla.net
13    3.231.199.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-231-199-202.compute-1.amazonaws.com
app.hoopla.net
1    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
www.googleadservices.com
1    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    104.16.114.53 (United States)

ASN13335 (CLOUDFLARENET, US)
js.recurly.com
1    104.109.59.42 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-59-42.deploy.static.akamaitechnologies.com
cdn.walkme.com
2    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
www.gstatic.com
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    13.224.102.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-3.zrh50.r.cloudfront.net
widget.intercom.io
3    13.224.102.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-102.zrh50.r.cloudfront.net
js.intercomcdn.com
1    2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Domain Requested by
13 app.hoopla.net app.hoopla.net
3 js.intercomcdn.com widget.intercom.io
2 www.google-analytics.com app.hoopla.net
www.google-analytics.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com app.hoopla.net
2 www.google.com app.hoopla.net
1 www.google.de
1 stats.g.doubleclick.net www.google-analytics.com
1 widget.intercom.io 1 redirects
1 www.gstatic.com www.google.com
1 cdn.walkme.com app.hoopla.net
1 js.recurly.com app.hoopla.net
1 www.googleadservices.com app.hoopla.net
1 click.hoopla.net 1 redirects
30 14

This site contains links to these domains. Also see Links.

Domain
motivate.hoopla.net
www.hoopla.net
Subject Issuer Validity Valid
*.hoopla.net
Amazon		 2021-07-03 -
2022-08-01		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.recurly.com
DigiCert SHA2 High Assurance Server CA		 2020-04-21 -
2022-06-03		 2 years crt.sh
walkme.com
DigiCert SHA2 Secure Server CA		 2021-06-29 -
2022-05-26		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.intercomcdn.com
Amazon		 2021-03-01 -
2022-03-30		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://app.hoopla.net/configuration/google
Frame ID: 033C9B302D33BB9316D86EC8A737CC58
Requests: 28 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.f944375b.js
Frame ID: C73B665EB1419E6FDE123BD91551DF47
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://click.hoopla.net/ls/click?upn=GBnd5rSI9475n9dUGsKcyBGuWWOH8bEyYbp2jv9TQQ-2Bly7dkLM-2BvY8JUyq5... HTTP 302
    https://app.hoopla.net/configuration/google Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

30
Requests

100 %
HTTPS

53 %
IPv6

12
Domains

14
Subdomains

13
IPs

3
Countries

3757 kB
Transfer

11620 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://click.hoopla.net/ls/click?upn=GBnd5rSI9475n9dUGsKcyBGuWWOH8bEyYbp2jv9TQQ-2Bly7dkLM-2BvY8JUyq5kObCs2drIPj1e9i7pFMWSp7POqw-3D-3DN0p4_1IKVUksl68KaUl-2BArXGlLGY1cvfz1pJyYP-2FEFGEfzZ89BMv0eSG94impRiNOHPFSWMNxM3OTZW6H8gItLTMDzF8-2F9JfObFI7X-2B9CYWZs88B1hbfJpGjskARaZwWeiqBmVBlWRzy8E5qF-2F-2BBwB1TyerBCNvmxh-2B5rP9saX1ffVWB0wp-2BsDUioOrj-2FI5sa2SlfK8TeqeYda4oNUtzBlm1WwYeyd8-2F3y4GKcuibqcP5K8-2FKX0-2BUxtk22DHnNB6X1faM HTTP 302
    https://app.hoopla.net/configuration/google Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://widget.intercom.io/widget/k3gsp6x0 HTTP 302
  • https://js.intercomcdn.com/shim.latest.js

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set google
app.hoopla.net/configuration/
Redirect Chain
  • http://click.hoopla.net/ls/click?upn=GBnd5rSI9475n9dUGsKcyBGuWWOH8bEyYbp2jv9TQQ-2Bly7dkLM-2BvY8JUyq5kObCs2drIPj1e9i7pFMWSp7POqw-3D-3DN0p4_1IKVUksl68KaUl-2BArXGlLGY1cvfz1pJyYP-2FEFGEfzZ89BMv0eSG94im...
  • https://app.hoopla.net/configuration/google
4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.hoopla.net/configuration/google
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.231.199.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-199-202.compute-1.amazonaws.com
Software
/
Resource Hash
2b585dce1e01f2227dc242678d4421409b1064890e4abbdaeab9d3d32616f7da
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://teams.microsoft.com/ https://*.hoopla.net https://*.salesforce.com https://*.force.com
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
app.hoopla.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control
no-cache
Content-Encoding
gzip
Content-Security-Policy
frame-ancestors 'self' https://teams.microsoft.com/ https://*.hoopla.net https://*.salesforce.com https://*.force.com
Content-Type
text/html
Date
Wed, 18 Aug 2021 13:36:26 GMT
ETag
W/"6108292b-1173"
Last-Modified
Mon, 02 Aug 2021 17:19:39 GMT
Set-Cookie
B=Ck2GwWEdDNogsQAJBDaQAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=hoopla.net; secure; httponly; path=/
Strict-Transport-Security
max-age=31536000; includeSubdomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
Content-Length
2005
Connection
keep-alive

Redirect headers

Server
nginx
Date
Wed, 18 Aug 2021 13:36:25 GMT
Content-Type
text/html; charset=utf-8
Content-Length
66
Connection
keep-alive
Location
https://app.hoopla.net/configuration/google
X-Robots-Tag
noindex, nofollow
app-99174996d664c6985f63.css
app.hoopla.net/styles/ 		1 MB
199 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.hoopla.net/styles/app-99174996d664c6985f63.css
Requested by
Host: app.hoopla.net
URL: https://app.hoopla.net/configuration/google
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.231.199.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-199-202.compute-1.amazonaws.com
Software
/
Resource Hash
0cd889fd5c476a42cc83dd84b11e48dd78bd1f489a5c6bf28dbbe07715e7ddd6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://teams.microsoft.com/ https://*.hoopla.net https://*.salesforce.com https://*.force.com
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
app.hoopla.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://app.hoopla.net/configuration/google
Cookie
B=Ck2GwWEdDNogsQAJBDaQAg==
Connection
keep-alive
Referer
https://app.hoopla.net/configuration/google
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' https://teams.microsoft.com/ https://*.hoopla.net https://*.salesforce.com https://*.force.com
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 02 Aug 2021 17:19:39 GMT
ETag
W/"6108292b-105464"
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
Content-Type
text/css
Cache-Control
max-age=315360000
Date
Wed, 18 Aug 2021 13:36:26 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains
transfer-encoding
chunked
X-XSS-Protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
spinner.svg
app.hoopla.net/assets/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.hoopla.net/assets/images/spinner.svg
Requested by
Host: app.hoopla.net
URL: https://app.hoopla.net/configuration/google
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.231.199.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-199-202.compute-1.amazonaws.com
Software
/
Resource Hash
08da7e11d9ee3dbe2e4579447c23295fffba901cdf58336e54affc3a2e9b2e3d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://teams.microsoft.com/ https://*.hoopla.net https://*.salesforce.com https://*.force.com
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
app.hoopla.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://app.hoopla.net/configuration/google
Cookie
B=Ck2GwWEdDNogsQAJBDaQAg==
Connection
keep-alive
Referer
https://app.hoopla.net/configuration/google
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' https://teams.microsoft.com/ https://*.hoopla.net https://*.salesforce.com https://*.force.com
X-Content-Type-Options
nosniff
Last-Modified
Mon, 02 Aug 2021 17:19:39 GMT
ETag
"6108292b-885"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Connection
keep-alive
Date
Wed, 18 Aug 2021 13:36:26 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains
Accept-Ranges
bytes
Content-Length
2181
X-XSS-Protection
1; mode=block
conversion_async.js
www.googleadservices.com/pagead/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: app.hoopla.net
URL: https://app.hoopla.net/configuration/google
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
bb5bbc1eafc85aaad6dab04ab6fb0ae00b7d9d2166dba5bdb36c3a15ba8c22cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.hoopla.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 13:36:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13986
x-xss-protection
0
server
cafe
etag
18170976018000584025
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 18 Aug 2021 13:36:26 GMT
api.js
www.google.com/recaptcha/ 		915 B
672 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=explicit&onload=vcRecaptchaApiLoaded
Requested by
Host: app.hoopla.net
URL: https://app.hoopla.net/configuration/google
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
caf2536467a2542d5ddb0f6dc1159f6ac41c389a50b39be92ce5017c8940d14d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.hoopla.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 13:36:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
580
x-xss-protection
1; mode=block
expires
Wed, 18 Aug 2021 13:36:26 GMT
recurly.js
js.recurly.com/v3/ 		64 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.recurly.com/v3/recurly.js
Requested by
Host: app.hoopla.net
URL: https://app.hoopla.net/configuration/google
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.114.53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
236747fd5eab4ef90fc0a565b00a198929b683b7877564dbbed5ad8883739d38
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://app.hoopla.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 13:36:26 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
3052
last-modified
Thu, 01 Oct 2020 14:46:39 GMT
server
cloudflare
etag
W/"5f75ebcf-ff78"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 google
cache-control
public, max-age=14400
access-control-allow-credentials
false
cf-ray
680b87f378920221-ZRH
expires
Wed, 18 Aug 2021 17:36:26 GMT
app-acbc3a5cd450c420a39c.js
app.hoopla.net/scripts/ 		9 MB
3 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.hoopla.net/scripts/app-acbc3a5cd450c420a39c.js
Requested by
Host: app.hoopla.net
URL: https://app.hoopla.net/configuration/google
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.231.199.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-199-202.compute-1.amazonaws.com
Software
/
Resource Hash
731070c99058245c066264661f6f9c5a0a41691c54728b6492958be523e6331b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://teams.microsoft.com/ https://*.hoopla.net https://*.salesforce.com https://*.force.com
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
app.hoopla.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://app.hoopla.net/configuration/google
Cookie
B=Ck2GwWEdDNogsQAJBDaQAg==
Connection
keep-alive
Referer
https://app.hoopla.net/configuration/google
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' https://teams.microsoft.com/ https://*.hoopla.net https://*.salesforce.com https://*.force.com
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 02 Aug 2021 17:19:39 GMT
ETag
W/"6108292b-942a28"
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
Content-Type
application/x-javascript
Cache-Control
max-age=315360000
Date
Wed, 18 Aug 2021 13:36:26 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains
transfer-encoding
chunked
X-XSS-Protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
walkme_1cd2687f5d4a46c7873d86714c50e993_https.js
cdn.walkme.com/users/1cd2687f5d4a46c7873d86714c50e993/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/1cd2687f5d4a46c7873d86714c50e993/walkme_1cd2687f5d4a46c7873d86714c50e993_https.js
Requested by
Host: app.hoopla.net
URL: https://app.hoopla.net/configuration/google
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.59.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-59-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
https://app.hoopla.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
css
fonts.googleapis.com/ 		2 KB
487 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700
Requested by
Host: app.hoopla.net
URL: https://app.hoopla.net/styles/app-99174996d664c6985f63.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bc78176b4c15aa7ca9293569bc175161863bfc1f145dd5f066a978968ad34760
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://app.hoopla.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 18 Aug 2021 12:59:52 GMT
server
ESF
date
Wed, 18 Aug 2021 13:36:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 18 Aug 2021 13:36:26 GMT
css
fonts.googleapis.com/ 		2 KB
632 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&subset=latin,latin-ext
Requested by
Host: app.hoopla.net
URL: https://app.hoopla.net/styles/app-99174996d664c6985f63.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
99155f31d46dc469aa872ce824309fae9210fb9357f463b889d617b85b35eb61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://app.hoopla.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 18 Aug 2021 12:48:40 GMT
server
ESF
date
Wed, 18 Aug 2021 13:36:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 18 Aug 2021 13:36:26 GMT
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://app.hoopla.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 00:36:37 GMT
x-content-type-options
nosniff
age
133189
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23248
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:18:53 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 00:36:37 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: app.hoopla.net
URL: https://app.hoopla.net/configuration/google
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app.hoopla.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
1365
date
Wed, 18 Aug 2021 13:13:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Wed, 18 Aug 2021 15:13:41 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/JF4U2g-hvLrBJ_UxdbKj92gN/ 		341 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/JF4U2g-hvLrBJ_UxdbKj92gN/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit&onload=vcRecaptchaApiLoaded
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aea0613bc3e7ee6394796116296f9ca5d04a47487c331814b71341bc00bb3456
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://app.hoopla.net
Referer
https://app.hoopla.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 12:30:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3937
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
136003
x-xss-protection
0
last-modified
Fri, 13 Aug 2021 09:02:09 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 18 Aug 2022 12:30:49 GMT
shim.latest.js
js.intercomcdn.com/
Redirect Chain
  • https://widget.intercom.io/widget/k3gsp6x0
  • https://js.intercomcdn.com/shim.latest.js
18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-102.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8784e7283c1a527e9c19ceb258bb86aff64843b1abac8e1cd22a77a0445193ff

Request headers

Referer
https://app.hoopla.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 18 Aug 2021 13:33:36 GMT
content-encoding
gzip
last-modified
Wed, 18 Aug 2021 13:13:31 GMT
server
AmazonS3
age
173
etag
"e52cc13684c5fadd6b1364eac5a151a8"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
cache-control
max-age=300, s-maxage=300, public
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-length
5933
x-amz-cf-id
xjg9zcKb3R7mI3WL_nmbzklAxO3oQV09U8ioM586RDVbDJJepkaPVg==

Redirect headers

date
Sun, 25 Jul 2021 02:27:41 GMT
via
1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
server
AmazonS3
age
2113727
x-cache
Hit from cloudfront
location
https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop
ZRH50-C1
content-length
0
x-amz-cf-id
rhkS6CVqFyPOgMpG72v3skBg6zIqW_Vkaa1rf6uodOK1kmV6ns0yDw==
token
app.hoopla.net/api/oauth2/ 		80 B
757 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.hoopla.net/api/oauth2/token
Requested by
Host: app.hoopla.net
URL: https://app.hoopla.net/scripts/app-acbc3a5cd450c420a39c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.231.199.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-199-202.compute-1.amazonaws.com
Software
/
Resource Hash
ef9f51a3dbe12173d3ec4e47d187d44c3acac5037ca397007450589f42477b1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
Origin
https://app.hoopla.net
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Authorization
null
X-Hoopla-Ua
Hoopla-Web/27.1
Sec-Fetch-Dest
empty
Cookie
B=Ck2GwWEdDNogsQAJBDaQAg==; _ga=GA1.2.262517292.1629293787; _gid=GA1.2.167907972.1629293787
Connection
keep-alive
X-Request-ID
9891349d-b6ed-4fa3-ab6d-9e61ce915cf8
X-Hoopla-Accept-Timezone
Europe/Berlin
Pragma
no-cache
Host
app.hoopla.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
application/json, text/plain, */*
Cache-Control
no-cache
Referer
https://app.hoopla.net/configuration/google
Sec-Fetch-Site
same-origin
X-Hoopla-Accept-Timezone
Europe/Berlin
Accept
application/json, text/plain, */*
Referer
https://app.hoopla.net/configuration/google
Authorization
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Hoopla-Ua
Hoopla-Web/27.1
X-Request-ID
9891349d-b6ed-4fa3-ab6d-9e61ce915cf8

Response headers

Date
Wed, 18 Aug 2021 13:36:28 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Access-Control-Allow-Origin
*
transfer-encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
9891349d-b6ed-4fa3-ab6d-9e61ce915cf8
X-Runtime
0.003777
Referrer-Policy
strict-origin-when-cross-origin
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
application/vnd.net.hoopla.error+json
Pragma
no-cache
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Expires
0
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=787270998&t=pageview&_s=1&dl=https%3A%2F%2Fapp.hoopla.net%2Fconfiguration%2Fgoogle&dp=%2Flogin&ul=en-us&de=UTF-8&dt=Hoopla&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEDAAEABAAAAAC~&jid=644973105&gjid=1563889273&cid=262517292.1629293787&tid=UA-10896674-3&_gid=167907972.1629293787&_r=1&_slc=1&z=332914264
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://app.hoopla.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 13:36:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.hoopla.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
logo_dark.png
app.hoopla.net/assets/images/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.hoopla.net/assets/images/logo_dark.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.231.199.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-199-202.compute-1.amazonaws.com
Software
/
Resource Hash
b852a6858a5ec49061d4ee8c6602ae32107a68ac6b3734b5fac73394c6442734
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://teams.microsoft.com/ https://*.hoopla.net https://*.salesforce.com https://*.force.com
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
app.hoopla.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://app.hoopla.net/login
Cookie
B=Ck2GwWEdDNogsQAJBDaQAg==; _ga=GA1.2.262517292.1629293787; _gid=GA1.2.167907972.1629293787; _gat=1
Connection
keep-alive
Referer
https://app.hoopla.net/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' https://teams.microsoft.com/ https://*.hoopla.net https://*.salesforce.com https://*.force.com
X-Content-Type-Options
nosniff
Last-Modified
Mon, 02 Aug 2021 17:19:39 GMT
ETag
"6108292b-4c2f"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
keep-alive
Date
Wed, 18 Aug 2021 13:36:28 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains
Accept-Ranges
bytes
Content-Length
19503
X-XSS-Protection
1; mode=block
upgrade-badge.svg
app.hoopla.net/assets/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.hoopla.net/assets/images/upgrade-badge.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.231.199.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-199-202.compute-1.amazonaws.com
Software
/
Resource Hash
2f2f16a0f9431f1a18899c224ee78d0cbbae7654cdbb5b12f97c82d05054f4d4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://teams.microsoft.com/ https://*.hoopla.net https://*.salesforce.com https://*.force.com
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
app.hoopla.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://app.hoopla.net/login
Cookie
B=Ck2GwWEdDNogsQAJBDaQAg==; _ga=GA1.2.262517292.1629293787; _gid=GA1.2.167907972.1629293787; _gat=1
Connection
keep-alive
Referer
https://app.hoopla.net/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' https://teams.microsoft.com/ https://*.hoopla.net https://*.salesforce.com https://*.force.com
X-Content-Type-Options
nosniff
Last-Modified
Mon, 02 Aug 2021 17:19:40 GMT
ETag
"6108292c-e20"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Connection
keep-alive
Date
Wed, 18 Aug 2021 13:36:28 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains
Accept-Ranges
bytes
Content-Length
3616
X-XSS-Protection
1; mode=block
talkdesk-dark-grey.png
app.hoopla.net/assets/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.hoopla.net/assets/images/talkdesk-dark-grey.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.231.199.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-199-202.compute-1.amazonaws.com
Software
/
Resource Hash
28314889db05f6cd1298a42c481f725b3d0ebda606d987c65c3a8551a4f523dc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://teams.microsoft.com/ https://*.hoopla.net https://*.salesforce.com https://*.force.com
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
app.hoopla.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://app.hoopla.net/login
Cookie
B=Ck2GwWEdDNogsQAJBDaQAg==; _ga=GA1.2.262517292.1629293787; _gid=GA1.2.167907972.1629293787; _gat=1
Connection
keep-alive
Referer
https://app.hoopla.net/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' https://teams.microsoft.com/ https://*.hoopla.net https://*.salesforce.com https://*.force.com
X-Content-Type-Options
nosniff
Last-Modified
Mon, 02 Aug 2021 17:19:40 GMT
ETag
"6108292c-4bd"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
keep-alive
Date
Wed, 18 Aug 2021 13:36:28 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains
Accept-Ranges
bytes
Content-Length
1213
X-XSS-Protection
1; mode=block
salesforce-brands.svg
app.hoopla.net/assets/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.hoopla.net/assets/images/salesforce-brands.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.231.199.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-199-202.compute-1.amazonaws.com
Software
/
Resource Hash
8d261763f935379d769a36539930c4bd31dd3d16dbaacf5d60f4e197831f7b9f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://teams.microsoft.com/ https://*.hoopla.net https://*.salesforce.com https://*.force.com
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
app.hoopla.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://app.hoopla.net/login
Cookie
B=Ck2GwWEdDNogsQAJBDaQAg==; _ga=GA1.2.262517292.1629293787; _gid=GA1.2.167907972.1629293787; _gat=1
Connection
keep-alive
Referer
https://app.hoopla.net/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' https://teams.microsoft.com/ https://*.hoopla.net https://*.salesforce.com https://*.force.com
X-Content-Type-Options
nosniff
Last-Modified
Mon, 02 Aug 2021 17:19:40 GMT
ETag
"6108292c-1042"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Connection
keep-alive
Date
Wed, 18 Aug 2021 13:36:28 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains
Accept-Ranges
bytes
Content-Length
4162
X-XSS-Protection
1; mode=block
microsoft-brands.svg
app.hoopla.net/assets/images/ 		470 B
993 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.hoopla.net/assets/images/microsoft-brands.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.231.199.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-199-202.compute-1.amazonaws.com
Software
/
Resource Hash
be3bfb70f7bffc46e70fc726547963c5cff4439bd5074d0dd960846c5ee52455
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://teams.microsoft.com/ https://*.hoopla.net https://*.salesforce.com https://*.force.com
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
app.hoopla.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://app.hoopla.net/login
Cookie
B=Ck2GwWEdDNogsQAJBDaQAg==; _ga=GA1.2.262517292.1629293787; _gid=GA1.2.167907972.1629293787; _gat=1
Connection
keep-alive
Referer
https://app.hoopla.net/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' https://teams.microsoft.com/ https://*.hoopla.net https://*.salesforce.com https://*.force.com
X-Content-Type-Options
nosniff
Last-Modified
Mon, 02 Aug 2021 17:19:40 GMT
ETag
"6108292c-1d6"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Connection
keep-alive
Date
Wed, 18 Aug 2021 13:36:28 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains
Accept-Ranges
bytes
Content-Length
470
X-XSS-Protection
1; mode=block
collect
stats.g.doubleclick.net/j/ 		4 B
87 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-10896674-3&cid=262517292.1629293787&jid=644973105&gjid=1563889273&_gid=167907972.1629293787&_u=KEDAAEAAAAAAAC~&z=818816663
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app.hoopla.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 18 Aug 2021 13:36:28 GMT
content-type
text/plain
access-control-allow-origin
https://app.hoopla.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://app.hoopla.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 00:29:48 GMT
x-content-type-options
nosniff
age
133600
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22992
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:18:57 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 00:29:48 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-10896674-3&cid=262517292.1629293787&jid=644973105&_u=KEDAAEAAAAAAAC~&z=2140947748
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.hoopla.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 13:36:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-10896674-3&cid=262517292.1629293787&jid=644973105&_u=KEDAAEAAAAAAAC~&z=2140947748
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.hoopla.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 13:36:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
frame-modern.f944375b.js
js.intercomcdn.com/ Frame C73B 		255 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.f944375b.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/k3gsp6x0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-102.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3870244e66860e2824c8f5fb2c52aae242b3ee8be57a3fcb914381caa1f7a35f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 18 Aug 2021 13:13:36 GMT
content-encoding
gzip
last-modified
Wed, 18 Aug 2021 13:05:47 GMT
server
AmazonS3
age
1373
etag
"6cde1eb049743893b1b4face137b4985"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-length
69617
x-amz-cf-id
uAkG6z4yDi22knwUVJcIm9JAIp5HsLOhr8Mb6_FDasZhM-sp9ExbGA==
vendor-modern.3699935e.js
js.intercomcdn.com/ Frame C73B 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.3699935e.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/k3gsp6x0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-102.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9db4b788178d5d00f8d4aa2596bfe4890517a3344daf685f4e49c69f340b45b4

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 18 Aug 2021 12:19:55 GMT
content-encoding
gzip
last-modified
Wed, 18 Aug 2021 10:12:45 GMT
server
AmazonS3
age
4594
etag
"ff868f5ea81722f31b700749c2575515"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-length
38575
x-amz-cf-id
Nog8TROsbSur1Bgfs3xBhNJLD9FYjL3ua6rnt3OkzmGmhKTCkeQP_w==
token
app.hoopla.net/api/oauth2/ 		667 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.hoopla.net/api/oauth2/token
Requested by
Host: app.hoopla.net
URL: https://app.hoopla.net/scripts/app-acbc3a5cd450c420a39c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.231.199.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-199-202.compute-1.amazonaws.com
Software
/
Resource Hash
63515fdc6c4414cbe481e8c3e11de7f0fcc370e1be938a9780e8127d02ead9aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
Origin
https://app.hoopla.net
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Authorization
null
X-Hoopla-Ua
Hoopla-Web/27.1
Sec-Fetch-Dest
empty
Cookie
B=Ck2GwWEdDNogsQAJBDaQAg==; _ga=GA1.2.262517292.1629293787; _gid=GA1.2.167907972.1629293787; _gat=1
Connection
keep-alive
Content-Length
128
X-Request-ID
8b9f6ae0-8a73-4620-abd1-58f43702853a
X-Hoopla-Accept-Timezone
Europe/Berlin
Pragma
no-cache
Host
app.hoopla.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=UTF-8
Accept
application/json, text/plain, */*
Cache-Control
no-cache
Referer
https://app.hoopla.net/login
Sec-Fetch-Site
same-origin
X-Hoopla-Accept-Timezone
Europe/Berlin
Authorization
null
X-Hoopla-Ua
Hoopla-Web/27.1
Content-Type
application/json;charset=UTF-8
Accept
application/json, text/plain, */*
Referer
https://app.hoopla.net/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Request-ID
8b9f6ae0-8a73-4620-abd1-58f43702853a

Response headers

Date
Wed, 18 Aug 2021 13:36:28 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
431
X-XSS-Protection
1; mode=block
X-Request-Id
8b9f6ae0-8a73-4620-abd1-58f43702853a
X-Runtime
0.017405
Referrer-Policy
strict-origin-when-cross-origin
X-Frame-Options
SAMEORIGIN
ETag
W/"57b0280bf6031058de9433ed32cfeebd"
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Pragma
no-cache
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Expires
0
token
app.hoopla.net/api/oauth2/ 		0
802 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.hoopla.net/api/oauth2/token
Requested by
Host: app.hoopla.net
URL: https://app.hoopla.net/scripts/app-acbc3a5cd450c420a39c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.231.199.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-199-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
Origin
https://app.hoopla.net
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Authorization
BEARER 33c84ce1a91a489a08274e01/6f3e12ed4a12a4b8ffc3e1d479d61dcaf806d1a8f728f4ec0026b8bb9d7021676012c61fdcb7737c85044e5260fa00e768fb06e8a4890ff7c03c7c42df9eefdb1c3105e5b940fa1c586adca777a853a2fffa4565ac86b51a038a6e7d0142d388a930a6ec1271bdf3/e809c24fe71c595d2f8a7d7e6b8c5002
X-Hoopla-Ua
Hoopla-Web/27.1
Sec-Fetch-Dest
empty
Cookie
B=Ck2GwWEdDNogsQAJBDaQAg==; _ga=GA1.2.262517292.1629293787; _gid=GA1.2.167907972.1629293787; _gat=1; hooplaApp.access_token=%22BEARER%2033c84ce1a91a489a08274e01%2F6f3e12ed4a12a4b8ffc3e1d479d61dcaf806d1a8f728f4ec0026b8bb9d7021676012c61fdcb7737c85044e5260fa00e768fb06e8a4890ff7c03c7c42df9eefdb1c3105e5b940fa1c586adca777a853a2fffa4565ac86b51a038a6e7d0142d388a930a6ec1271bdf3%2Fe809c24fe71c595d2f8a7d7e6b8c5002%22
Connection
keep-alive
X-Request-ID
389a9bf7-aefe-4438-8c58-b5fa11334bf4
X-Hoopla-Accept-Timezone
Europe/Berlin
Pragma
no-cache
Host
app.hoopla.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
application/json, text/plain, */*
Cache-Control
no-cache
Referer
https://app.hoopla.net/login
Sec-Fetch-Site
same-origin
X-Hoopla-Accept-Timezone
Europe/Berlin
Accept
application/json, text/plain, */*
Referer
https://app.hoopla.net/login
Authorization
BEARER 33c84ce1a91a489a08274e01/6f3e12ed4a12a4b8ffc3e1d479d61dcaf806d1a8f728f4ec0026b8bb9d7021676012c61fdcb7737c85044e5260fa00e768fb06e8a4890ff7c03c7c42df9eefdb1c3105e5b940fa1c586adca777a853a2fffa4565ac86b51a038a6e7d0142d388a930a6ec1271bdf3/e809c24fe71c595d2f8a7d7e6b8c5002
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Hoopla-Ua
Hoopla-Web/27.1
X-Request-ID
389a9bf7-aefe-4438-8c58-b5fa11334bf4

Response headers

Date
Wed, 18 Aug 2021 13:36:28 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Access-Control-Allow-Origin
*
Authorization
Bearer 84728c749259f6ea2ec4f001/509b9bd37c0d1a39efaf614908f6a612e06e8ad06d3257e63d9f744794dd9b9c698bd12d055133481b6b928341dee82520eb3092892ee50ee99f73510a2283a4cfdc010a96e55eac584a2e6ea9a959a3ea26beaf11bfa15ff83e1cac310911a9ef0aff783e830ea7/b94e0ff97768876d4e2ebad6abc5e1a0
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
389a9bf7-aefe-4438-8c58-b5fa11334bf4
X-Runtime
0.004241
Referrer-Policy
strict-origin-when-cross-origin
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Pragma
no-cache
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Expires
0
fa-solid-900.woff2
app.hoopla.net/fonts/ 		120 KB
120 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.hoopla.net/fonts/fa-solid-900.woff2
Requested by
Host: app.hoopla.net
URL: https://app.hoopla.net/styles/app-99174996d664c6985f63.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.231.199.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-199-202.compute-1.amazonaws.com
Software
/
Resource Hash
b6d00d0897323042a306c66cffc46ec8620612b5b9e2a4768e1d6e6bb8583746
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://teams.microsoft.com/ https://*.hoopla.net https://*.salesforce.com https://*.force.com
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://app.hoopla.net
Accept-Encoding
gzip, deflate, br
Host
app.hoopla.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://app.hoopla.net/styles/app-99174996d664c6985f63.css
Cookie
B=Ck2GwWEdDNogsQAJBDaQAg==; _ga=GA1.2.262517292.1629293787; _gid=GA1.2.167907972.1629293787; _gat=1
Connection
keep-alive
Origin
https://app.hoopla.net
Referer
https://app.hoopla.net/styles/app-99174996d664c6985f63.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' https://teams.microsoft.com/ https://*.hoopla.net https://*.salesforce.com https://*.force.com
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 02 Aug 2021 17:19:39 GMT
ETag
W/"6108292b-1e0ec"
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain
Connection
keep-alive
Date
Wed, 18 Aug 2021 13:36:28 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains
transfer-encoding
chunked
X-XSS-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| INTERCOM_APP_ID function| Intercom string| env object| _walkmeConfig string| GoogleAnalyticsObject function| ga function| GooglemKTybQhCsO function| google_trackConversion function| vcRecaptchaApiLoaded object| recurly object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| recaptcha object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| angular object| angulartics function| Croppie function| _ object| Select2 function| SearchIndex function| $ object| FontAwesomeConfig object| ___FONT_AWESOME___ function| $clamp object| vcRecaptchaApiLoadedCallback object| hoopla function| __intercomAssignLocation

4 Cookies

Domain/Path Name / Value
.hoopla.net/ Name: _gat
Value: 1
.hoopla.net/ Name: _gid
Value: GA1.2.167907972.1629293787
.hoopla.net/ Name: _ga
Value: GA1.2.262517292.1629293787
.hoopla.net/ Name: B
Value: Ck2GwWEdDNogsQAJBDaQAg==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://teams.microsoft.com/ https://*.hoopla.net https://*.salesforce.com https://*.force.com
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.hoopla.net
cdn.walkme.com
click.hoopla.net
fonts.googleapis.com
fonts.gstatic.com
js.intercomcdn.com
js.recurly.com
stats.g.doubleclick.net
widget.intercom.io
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.gstatic.com
104.109.59.42
104.16.114.53
13.224.102.102
13.224.102.3
142.250.185.66
167.89.115.120
2a00:1450:4001:802::2003
2a00:1450:4001:808::200e
2a00:1450:4001:809::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:812::2003
2a00:1450:4001:812::2004
2a00:1450:4001:829::200a
2a00:1450:400c:c04::9b
3.231.199.202
08da7e11d9ee3dbe2e4579447c23295fffba901cdf58336e54affc3a2e9b2e3d
0cd889fd5c476a42cc83dd84b11e48dd78bd1f489a5c6bf28dbbe07715e7ddd6
236747fd5eab4ef90fc0a565b00a198929b683b7877564dbbed5ad8883739d38
28314889db05f6cd1298a42c481f725b3d0ebda606d987c65c3a8551a4f523dc
2b585dce1e01f2227dc242678d4421409b1064890e4abbdaeab9d3d32616f7da
2f2f16a0f9431f1a18899c224ee78d0cbbae7654cdbb5b12f97c82d05054f4d4
3870244e66860e2824c8f5fb2c52aae242b3ee8be57a3fcb914381caa1f7a35f
63515fdc6c4414cbe481e8c3e11de7f0fcc370e1be938a9780e8127d02ead9aa
731070c99058245c066264661f6f9c5a0a41691c54728b6492958be523e6331b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8784e7283c1a527e9c19ceb258bb86aff64843b1abac8e1cd22a77a0445193ff
8d261763f935379d769a36539930c4bd31dd3d16dbaacf5d60f4e197831f7b9f
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a
99155f31d46dc469aa872ce824309fae9210fb9357f463b889d617b85b35eb61
9db4b788178d5d00f8d4aa2596bfe4890517a3344daf685f4e49c69f340b45b4
aea0613bc3e7ee6394796116296f9ca5d04a47487c331814b71341bc00bb3456
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b6d00d0897323042a306c66cffc46ec8620612b5b9e2a4768e1d6e6bb8583746
b852a6858a5ec49061d4ee8c6602ae32107a68ac6b3734b5fac73394c6442734
bb5bbc1eafc85aaad6dab04ab6fb0ae00b7d9d2166dba5bdb36c3a15ba8c22cf
bc78176b4c15aa7ca9293569bc175161863bfc1f145dd5f066a978968ad34760
be3bfb70f7bffc46e70fc726547963c5cff4439bd5074d0dd960846c5ee52455
caf2536467a2542d5ddb0f6dc1159f6ac41c389a50b39be92ce5017c8940d14d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9f51a3dbe12173d3ec4e47d187d44c3acac5037ca397007450589f42477b1c