support.roofre.com Open in urlscan Pro
3.222.127.200  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response support.roofre.com/	10 KB 11 KB	493ms 185ms	Document text/html	3.222.127.200 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://support.roofre.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.222.127.200 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-222-127-200.compute-1.amazonaws.com Software / Resource Hash 3a09ff3cd2a6db2a61a01253f2c143ec9a64df6ccf5114c893917776cad18a63 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-length 10673 content-type text/html; charset=utf-8 date Mon, 09 May 2022 13:54:40 GMT last-modified Mon, 09 May 2022 13:51:02 GMT
GET H2	200	public.min.893e3cbd447062b9099e1cbe7b34353b8e0d21e40e1070516bb94b33d8e138e5.css support.roofre.com/css/	20 KB 20 KB	186ms 185ms	Stylesheet text/css	3.222.127.200 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://support.roofre.com/css/public.min.893e3cbd447062b9099e1cbe7b34353b8e0d21e40e1070516bb94b33d8e138e5.css Requested by Host: support.roofre.com URL: https://support.roofre.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.222.127.200 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-222-127-200.compute-1.amazonaws.com Software / Resource Hash 893e3cbd447062b9099e1cbe7b34353b8e0d21e40e1070516bb94b33d8e138e5 Request headers accept-language de-DE,de;q=0.9 Referer https://support.roofre.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Mon, 09 May 2022 13:54:40 GMT last-modified Mon, 09 May 2022 13:47:27 GMT content-length 20816 content-type text/css; charset=utf-8
GET H2	200	application.min.277a5500eb587e13d3a977d4f88ce1f0b2797d1de04d7e0eb01e0066bdd057c0.js Show response support.roofre.com/js/	49 KB 49 KB	268ms 268ms	Script text/javascript	3.222.127.200 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://support.roofre.com/js/application.min.277a5500eb587e13d3a977d4f88ce1f0b2797d1de04d7e0eb01e0066bdd057c0.js Requested by Host: support.roofre.com URL: https://support.roofre.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.222.127.200 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-222-127-200.compute-1.amazonaws.com Software / Resource Hash 277a5500eb587e13d3a977d4f88ce1f0b2797d1de04d7e0eb01e0066bdd057c0 Request headers accept-language de-DE,de;q=0.9 Referer https://support.roofre.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Mon, 09 May 2022 13:54:40 GMT last-modified Mon, 09 May 2022 13:51:03 GMT content-length 50361 content-type text/javascript; charset=utf-8
GET H2	200	css fonts.googleapis.com/	6 KB 1 KB	58ms 23ms	Stylesheet text/css	2a00:1450:4001:812::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700 Requested by Host: support.roofre.com URL: https://support.roofre.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 321809287b203ca429c44529b6d75d46e6181f66ee8b18011cae1908983e029d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://support.roofre.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 09 May 2022 13:51:21 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Mon, 09 May 2022 13:54:39 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 09 May 2022 13:54:39 GMT
GET H2	200	2a3baee1bf-a2b5ad2e541a272d5dd6.png cdn.livechat-static.com/api/file/kb/file/13808187/	20 KB 20 KB	591ms 379ms	Image image/png	104.104.52.66 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.livechat-static.com/api/file/kb/file/13808187/2a3baee1bf-a2b5ad2e541a272d5dd6.png Requested by Host: support.roofre.com URL: https://support.roofre.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.104.52.66 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-104-52-66.deploy.static.akamaitechnologies.com Software / Resource Hash 3e6a54ff179cd86d2b9da73e0acf2b34c2baef9bdeffbecf3fdece771e80f68c Request headers accept-language de-DE,de;q=0.9 Referer https://support.roofre.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers access-control-allow-origin * date Mon, 09 May 2022 13:54:40 GMT cache-control private, max-age=86400 content-length 20317 content-type image/png
GET H2	200	kb-logo.svg support.roofre.com/	7 KB 7 KB	204ms 204ms	Image image/svg+xml	3.222.127.200 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://support.roofre.com/kb-logo.svg Requested by Host: support.roofre.com URL: https://support.roofre.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.222.127.200 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-222-127-200.compute-1.amazonaws.com Software / Resource Hash 007c3db8ec180f112079853e916b18c8d067904f9498fa628fe339d27b8d70af Request headers accept-language de-DE,de;q=0.9 Referer https://support.roofre.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Mon, 09 May 2022 13:54:40 GMT last-modified Mon, 09 May 2022 13:47:27 GMT content-length 6899 content-type image/svg+xml
GET H2	200	tracking.js Show response cdn.livechatinc.com/	79 KB 24 KB	227ms 16ms	Script application/javascript	104.104.52.66 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.livechatinc.com/tracking.js Requested by Host: support.roofre.com URL: https://support.roofre.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.104.52.66 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-104-52-66.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash dcc80cf9208cda624cd3920deefd9e6236d46daf916c7d81a05761d407f23eb2 Request headers accept-language de-DE,de;q=0.9 Referer https://support.roofre.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers x-amz-version-id RbDAU7VStgtnTp3ybmHJdLO1V35BrZLw content-encoding br last-modified Mon, 09 May 2022 12:47:07 GMT server AmazonS3 x-amz-cf-pop MXP63-P1 etag W/"25e62c1ae52944d65ed5f1ba808f8fd4" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=28800 date Mon, 09 May 2022 13:54:39 GMT content-length 24052 x-amz-cf-id RiEuT4sQ0HprQpntlol3kWMKnBTVtivimWz_VAUEkLjvQcNprW8VLA== expires Mon, 09 May 2022 21:54:39 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	69ms 23ms	Script text/javascript	2a00:1450:4001:812::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: support.roofre.com URL: https://support.roofre.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://support.roofre.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Apr 2022 21:02:38 GMT server Golfe2 age 1189 date Mon, 09 May 2022 13:34:50 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Mon, 09 May 2022 15:34:50 GMT
GET DATA	200 OK	truncated /	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 27f949291f549e5e2d4ed149266c9dfbc61ce6175f37b93df0db88107f8ba9b8 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 fonts.gstatic.com/s/sourcesanspro/v21/	13 KB 13 KB	52ms 15ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://support.roofre.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Wed, 04 May 2022 19:25:00 GMT x-content-type-options nosniff age 412179 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12924 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:02:31 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 04 May 2023 19:25:00 GMT
GET H2	200	6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 fonts.gstatic.com/s/sourcesanspro/v21/	13 KB 13 KB	64ms 27ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://support.roofre.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Wed, 04 May 2022 19:23:45 GMT x-content-type-options nosniff age 412254 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13036 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:04:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 04 May 2023 19:23:45 GMT
GET H2	200	6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 fonts.gstatic.com/s/sourcesanspro/v21/	13 KB 13 KB	54ms 18ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://support.roofre.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Wed, 04 May 2022 19:24:52 GMT x-content-type-options nosniff age 412187 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13052 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:09:03 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 04 May 2023 19:24:52 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	2 B 209 B	21ms 20ms	XHR text/plain	2a00:1450:4001:812::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1801927450&t=pageview&_s=1&dl=https%3A%2F%2Fsupport.roofre.com%2F&ul=en-us&de=UTF-8&dt=Home%20Page%20%7C%20ROOF%20Real%20Estate%20Help%20Center&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=1963556511&gjid=1008814660&cid=1024002462.1652104479&tid=UA-106220232-3&_gid=1529701190.1652104479&_r=1&_slc=1&z=158673537 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://support.roofre.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 09 May 2022 13:54:39 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://support.roofre.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	get_dynamic_configuration Show response api.livechatinc.com/v3.3/customer/action/	226 B 437 B	197ms 167ms	Script application/javascript	23.213.161.206 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=13808187&url=https%3A%2F%2Fsupport.roofre.com%2F&channel_type=code&jsonp=__56syzdh5cx9 Requested by Host: cdn.livechatinc.com URL: https://cdn.livechatinc.com/tracking.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.206 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-206.deploy.static.akamaitechnologies.com Software / Resource Hash a592f8760c07a1764e4198e605b8fb27225724c36f944907a243e6d3a264d3da Security Headers Name Value Content-Security-Policy frame-ancestors https://support.roofre.com/; X-Frame-Options allow-from https://support.roofre.com/ Request headers accept-language de-DE,de;q=0.9 Referer https://support.roofre.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers content-security-policy frame-ancestors https://support.roofre.com/; vary Accept-Encoding x-frame-options allow-from https://support.roofre.com/ date Mon, 09 May 2022 13:54:39 GMT content-length 226 legacy 2023-06-30 content-type application/javascript; charset=UTF-8
GET H2	200	get_configuration Show response api.livechatinc.com/v3.3/customer/action/	5 KB 2 KB	174ms 174ms	Script application/javascript	23.213.161.206 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=13808187&version=50.1.1.441.1.11.1.9.2.1.2.4&group_id=0&jsonp=__lc_static_config Requested by Host: cdn.livechatinc.com URL: https://cdn.livechatinc.com/tracking.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.206 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-206.deploy.static.akamaitechnologies.com Software / Resource Hash 6a45f6d5aff5b3cfd2ab2f5d0aae72e13e29bba8ed25687f1e454c230976ab50 Request headers accept-language de-DE,de;q=0.9 Referer https://support.roofre.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Mon, 09 May 2022 13:54:40 GMT content-encoding gzip vary Accept-Encoding content-type application/javascript; charset=UTF-8 legacy 2023-06-30 cache-control public, max-age=600 content-length 1698 expires Mon, 09 May 2022 14:04:40 GMT
GET H2	200	open_chat Show response secure.livechatinc.com/customer/action/ Frame DE37	4 KB 2 KB	183ms 153ms	Document text/html	23.213.161.206 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://secure.livechatinc.com/customer/action/open_chat?license_id=13808187&group=0&embedded=1&widget_version=3&unique_groups=0 Requested by Host: cdn.livechatinc.com URL: https://cdn.livechatinc.com/tracking.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.206 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-206.deploy.static.akamaitechnologies.com Software / Resource Hash 5e8256bb2d16785b2be489c28a62112a39cee2bdf17c3a3e6e7bc00be740444e Request headers Referer https://support.roofre.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-length 1985 content-type text/html; charset=utf-8 date Mon, 09 May 2022 13:54:40 GMT vary Accept-Encoding
GET H2	200	get_localization Show response api.livechatinc.com/v3.3/customer/action/	11 KB 4 KB	380ms 380ms	Script application/javascript	23.213.161.206 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://api.livechatinc.com/v3.3/customer/action/get_localization?license_id=13808187&version=ff93808ef52c6dd040640c4853b854bd&language=en&group_id=0&jsonp=__lc_localization Requested by Host: cdn.livechatinc.com URL: https://cdn.livechatinc.com/tracking.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.206 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-206.deploy.static.akamaitechnologies.com Software / Resource Hash 4dbfef10d4d6893abb724637f9d54d1db71f14d858bd96f4286acbe52828182f Request headers accept-language de-DE,de;q=0.9 Referer https://support.roofre.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Mon, 09 May 2022 13:54:40 GMT content-encoding gzip vary Accept-Encoding content-type application/javascript; charset=UTF-8 legacy 2023-06-30 cache-control public, max-age=600 content-length 3776 expires Mon, 09 May 2022 14:04:40 GMT
GET H3	200	css fonts.googleapis.com/ Frame DE37	5 KB 710 B	55ms 24ms	Stylesheet text/css	2a00:1450:4001:812::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap Requested by Host: secure.livechatinc.com URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=13808187&group=0&embedded=1&widget_version=3&unique_groups=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 077a261532ab28b65cc68f41d94a6940dd6dbb78797cc05291aef68ae4f8ae60 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://secure.livechatinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 09 May 2022 13:06:05 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Mon, 09 May 2022 13:54:40 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 09 May 2022 13:54:40 GMT
GET H2	200	0.15fb1a69.chunk.js Show response cdn.livechatinc.com/widget/static/js/ Frame DE37	208 KB 68 KB	17ms 16ms	Script application/javascript	104.104.52.66 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.livechatinc.com/widget/static/js/0.15fb1a69.chunk.js Requested by Host: secure.livechatinc.com URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=13808187&group=0&embedded=1&widget_version=3&unique_groups=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.104.52.66 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-104-52-66.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 1eb7f96550baa7122111f189a87c107d654f037f92b6c6f305a2ec4925de238e Request headers accept-language de-DE,de;q=0.9 Referer https://secure.livechatinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers x-amz-version-id 86bJfdBwIYbEsHS0KhR0VEcn3IKNjCyV content-encoding gzip last-modified Thu, 14 Apr 2022 10:07:27 GMT server AmazonS3 x-amz-cf-pop MXP64-C1 etag W/"e1c5ae761b035e078f16539c7a724199" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 date Mon, 09 May 2022 13:54:40 GMT content-length 69251 x-amz-cf-id Sn4UdSTvWkN4xLgmKeMXQxdFm3pffdIwbjuwEA7DrDH_7DADoqfeNQ== expires Tue, 09 May 2023 13:54:40 GMT
GET H2	200	2.cfcaf31c.chunk.js Show response cdn.livechatinc.com/widget/static/js/ Frame DE37	218 KB 62 KB	36ms 36ms	Script application/javascript	104.104.52.66 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.livechatinc.com/widget/static/js/2.cfcaf31c.chunk.js Requested by Host: secure.livechatinc.com URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=13808187&group=0&embedded=1&widget_version=3&unique_groups=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.104.52.66 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-104-52-66.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 468c139eadb67c474f5cf5ed00fc117ab07298284b55c1dee696236c8f085806 Request headers accept-language de-DE,de;q=0.9 Referer https://secure.livechatinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers x-amz-version-id brd0wPPM5.aLIcQHuAe6lW.kaBDXniO6 content-encoding br last-modified Thu, 28 Apr 2022 12:44:59 GMT server AmazonS3 x-amz-cf-pop MXP63-P1 etag W/"ae006549d13fe0e4c037c6bcad6ec22c" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 date Mon, 09 May 2022 13:54:40 GMT content-length 63082 x-amz-cf-id LBLuuc27cnG_r4kXWbYR1YbMiD0StEEh07s79NDPzvWMt-TFe17L7w== expires Tue, 09 May 2023 13:54:40 GMT
GET H2	200	iframe.604acec1.chunk.js Show response cdn.livechatinc.com/widget/static/js/ Frame DE37	408 KB 110 KB	39ms 39ms	Script application/javascript	104.104.52.66 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.livechatinc.com/widget/static/js/iframe.604acec1.chunk.js Requested by Host: secure.livechatinc.com URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=13808187&group=0&embedded=1&widget_version=3&unique_groups=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.104.52.66 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-104-52-66.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash cede93e7b44fbc11d14e0349512310b2e872bef08b2833700f4ecf32c2eae5e2 Request headers accept-language de-DE,de;q=0.9 Referer https://secure.livechatinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers x-amz-version-id POuhgHA1zA3S1LJ4kedserWDCHq_Ana2 content-encoding br last-modified Mon, 09 May 2022 12:47:10 GMT server AmazonS3 x-amz-cf-pop MXP64-C1 etag W/"a3e3dc953e32870a71d5ef655eee0135" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 date Mon, 09 May 2022 13:54:40 GMT content-length 111691 x-amz-cf-id l3thAQvu2TaRbYZiKLk7dFpwyZ9zvwVv3iUyt8pnxIgrskOKKTzw4Q== expires Tue, 09 May 2023 13:54:40 GMT
GET H3	200	o-0IIpQlx3QUlC5A4PNr5TRA.woff2 fonts.gstatic.com/s/notosans/v26/ Frame DE37	13 KB 13 KB	52ms 21ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/notosans/v26/o-0IIpQlx3QUlC5A4PNr5TRA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://secure.livechatinc.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Thu, 05 May 2022 10:24:32 GMT x-content-type-options nosniff age 358208 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12860 x-xss-protection 0 last-modified Thu, 31 Mar 2022 06:16:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 05 May 2023 10:24:32 GMT
GET H3	200	o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2 fonts.gstatic.com/s/notosans/v26/ Frame DE37	12 KB 12 KB	48ms 18ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/notosans/v26/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://secure.livechatinc.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Thu, 05 May 2022 10:24:32 GMT x-content-type-options nosniff age 358208 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12684 x-xss-protection 0 last-modified Thu, 31 Mar 2022 06:17:35 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 05 May 2023 10:24:32 GMT
POST H2	200	token Show response accounts.livechatinc.com/customer/ Frame DE37	138 B 1 KB	234ms 151ms	XHR application/json	23.213.161.206 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://accounts.livechatinc.com/customer/token Requested by Host: cdn.livechatinc.com URL: https://cdn.livechatinc.com/widget/static/js/0.15fb1a69.chunk.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.206 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-206.deploy.static.akamaitechnologies.com Software / Resource Hash 626a9ede250569e9df1b240f89c4e706c4f06ea213977481a0af16cb8b409e84 Request headers Referer https://secure.livechatinc.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Mon, 09 May 2022 13:54:40 GMT content-type application/json access-control-allow-origin https://secure.livechatinc.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true content-length 138 expires Fri, 01 Jan 1990 00:00:00 GMT

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails string| host function| isInIframe object| KB object| __lc string| GoogleAnalyticsObject function| ga object| header object| search object| footer object| content undefined| momentData undefined| momentIcon object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| sprintf function| vsprintf function| moment boolean| __lc_inited object| LC_API

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.accounts.livechatinc.com/v2/customer/token	1970-01-20 20:26:16	Name: __lc_cid Value: 5c349a59-6e5b-410a-5c3c-2368857761da
			.accounts.livechatinc.com/v2/customer/token	1970-01-20 20:26:16	Name: __lc_cst Value: e2e5d10ee0e3875154b848fbc7125bcb0c587815e1d4c37bac014106791a3ea9819b892d1c9fd7f19211350d2b4be723acb73376720dd115cd90c51f07e7
			.accounts.livechatinc.com/customer/token	1970-01-20 20:26:16	Name: __lc_cid Value: 5c349a59-6e5b-410a-5c3c-2368857761da
			.accounts.livechatinc.com/customer/token	1970-01-20 20:26:16	Name: __lc_cst Value: e2e5d10ee0e3875154b848fbc7125bcb0c587815e1d4c37bac014106791a3ea9819b892d1c9fd7f19211350d2b4be723acb73376720dd115cd90c51f07e7
			.support.roofre.com/	1970-01-20 20:26:16	Name: _ga Value: GA1.3.1024002462.1652104479
			.support.roofre.com/	1970-01-20 02:56:30	Name: _gid Value: GA1.3.1529701190.1652104479
			.support.roofre.com/	1970-01-20 02:55:04	Name: _gat_KnowledgeBaseTracker Value: 1
			cdn.livechat-static.com/	1969-12-31 23:59:59	Name: FASID Value: FA2-DAL10|YnkdI

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.livechatinc.com
api.livechatinc.com
cdn.livechat-static.com
cdn.livechatinc.com
fonts.googleapis.com
fonts.gstatic.com
secure.livechatinc.com
support.roofre.com
www.google-analytics.com
104.104.52.66
23.213.161.206
2a00:1450:4001:809::2003
2a00:1450:4001:812::200a
2a00:1450:4001:812::200e
3.222.127.200
007c3db8ec180f112079853e916b18c8d067904f9498fa628fe339d27b8d70af
077a261532ab28b65cc68f41d94a6940dd6dbb78797cc05291aef68ae4f8ae60
1eb7f96550baa7122111f189a87c107d654f037f92b6c6f305a2ec4925de238e
277a5500eb587e13d3a977d4f88ce1f0b2797d1de04d7e0eb01e0066bdd057c0
27f949291f549e5e2d4ed149266c9dfbc61ce6175f37b93df0db88107f8ba9b8
321809287b203ca429c44529b6d75d46e6181f66ee8b18011cae1908983e029d
3a09ff3cd2a6db2a61a01253f2c143ec9a64df6ccf5114c893917776cad18a63
3e6a54ff179cd86d2b9da73e0acf2b34c2baef9bdeffbecf3fdece771e80f68c
468c139eadb67c474f5cf5ed00fc117ab07298284b55c1dee696236c8f085806
4dbfef10d4d6893abb724637f9d54d1db71f14d858bd96f4286acbe52828182f
5e8256bb2d16785b2be489c28a62112a39cee2bdf17c3a3e6e7bc00be740444e
626a9ede250569e9df1b240f89c4e706c4f06ea213977481a0af16cb8b409e84
6a45f6d5aff5b3cfd2ab2f5d0aae72e13e29bba8ed25687f1e454c230976ab50
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
893e3cbd447062b9099e1cbe7b34353b8e0d21e40e1070516bb94b33d8e138e5
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a592f8760c07a1764e4198e605b8fb27225724c36f944907a243e6d3a264d3da
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac
cede93e7b44fbc11d14e0349512310b2e872bef08b2833700f4ecf32c2eae5e2
dcc80cf9208cda624cd3920deefd9e6236d46daf916c7d81a05761d407f23eb2