URL: https://www.m.xgramm.com/
Submission: On December 22 via api from US — Scanned from US

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 15 HTTP transactions. The main IP is 162.55.31.172, located in Mammelzen, Germany and belongs to HETZNER-AS Hetzner Online GmbH, DE. The main domain is www.m.xgramm.com.
TLS certificate: Issued by R10 on December 21st 2024. Valid for: 3 months.
This is the only time www.m.xgramm.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 162.55.31.172 24940 (HETZNER-A...)
1 192.229.173.207 15133 (EDGECAST)
1 104.17.25.14 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
6 6 67.199.248.11 396982 (GOOGLE-CL...)
2 185.199.111.133 54113 (FASTLY)
4 4 2620:100:601c... 19679 (DROPBOX)
2 2620:100:601c... 19679 (DROPBOX)
2 185.199.109.133 54113 (FASTLY)
15 8
Apex Domain
Subdomains
Transfer
6 bit.ly
bit.ly — Cisco Umbrella Rank: 7701
1007 B
6 xgramm.com
www.m.xgramm.com
xgramm.com
228 KB
4 dropbox.com
www.dropbox.com — Cisco Umbrella Rank: 3241
7 KB
4 githubusercontent.com
avatars0.githubusercontent.com — Cisco Umbrella Rank: 192166
avatars3.githubusercontent.com — Cisco Umbrella Rank: 96246
44 KB
2 dropboxusercontent.com
ucc11d5bcb63cabbb3acee45d3cc.dl.dropboxusercontent.com
uc9fd2f823a834d2a368e9f89d2c.dl.dropboxusercontent.com
808 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
844 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
15 KB
1 w3schools.com
www.w3schools.com — Cisco Umbrella Rank: 21781
5 KB
15 8

This site contains no links.

Subject Issuer Validity Valid
www.adm.xgramm.com
R10
2024-12-21 -
2025-03-21
3 months crt.sh
*.w3schools.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-04-03 -
2025-05-04
a year crt.sh
cdnjs.cloudflare.com
WE1
2024-11-26 -
2025-02-24
3 months crt.sh
upload.video.google.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
xgramm.com
R10
2024-10-25 -
2025-01-23
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.m.xgramm.com/
Frame ID: E4B17DC4B758D5BB55EE0D19FD59A620
Requests: 15 HTTP requests in this frame

Screenshot

Page Title

React App

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

15
Requests

60 %
HTTPS

33 %
IPv6

8
Domains

11
Subdomains

8
IPs

3
Countries

1102 kB
Transfer

1778 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://bit.ly/kent-c-dodds HTTP 301
  • https://avatars0.githubusercontent.com/u/1500684?s=460&v=4
Request Chain 9
  • https://bit.ly/sage-adebayo HTTP 301
  • https://www.dropbox.com/s/nd8z3hxuo3ahauk/segun_adebayo.jpg?dl=1 HTTP 302
  • https://www.dropbox.com/scl/fi/lrngyrwfxorg4b02tupdk/segun_adebayo.jpg?rlkey=g39fzf0dsga8et333lx726ooy&dl=1 HTTP 302
  • https://ucc11d5bcb63cabbb3acee45d3cc.dl.dropboxusercontent.com/cd/0/get/CgvOEwrM8-jqVuDHFa_on5v6XJK-kMXMQ4EjWpJ_QB_eM8TBM4EMLJXXlO85dH4mPocejSMPaSpyWAtWXaQlYNBmgKx3W_cQmCogkRXsvRBLAzkX4d7ny1OUkn9rt0ebN0E/file?dl=1
Request Chain 10
  • https://bit.ly/ryan-florence HTTP 301
  • https://avatars3.githubusercontent.com/u/100200?s=460&v=4
Request Chain 12
  • https://bit.ly/kent-c-dodds HTTP 301
  • https://avatars0.githubusercontent.com/u/1500684?s=460&v=4
Request Chain 13
  • https://bit.ly/ryan-florence HTTP 301
  • https://avatars3.githubusercontent.com/u/100200?s=460&v=4
Request Chain 14
  • https://bit.ly/sage-adebayo HTTP 301
  • https://www.dropbox.com/s/nd8z3hxuo3ahauk/segun_adebayo.jpg?dl=1 HTTP 302
  • https://www.dropbox.com/scl/fi/lrngyrwfxorg4b02tupdk/segun_adebayo.jpg?rlkey=g39fzf0dsga8et333lx726ooy&dl=1 HTTP 302
  • https://uc9fd2f823a834d2a368e9f89d2c.dl.dropboxusercontent.com/cd/0/get/Cgs6aoOWpwPy_fd_9dmAtfD3y_Y3E49PkUljGIIAbOve49mJ3wFOx-qtVpR_fOWWCCTZk4oQ8hE0IIIRDIulzkK1bfm2bbWnL-85317XjGQGnPgtKg9W04BAvm09wLqclec/file?dl=1

15 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.m.xgramm.com/
989 B
712 B
Document
General
Full URL
https://www.m.xgramm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.31.172 Mammelzen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
rs9.rcnoc.com
Software
LiteSpeed /
Resource Hash
522bcc055e6d84a0080afa522f1169a3971448d4e8323166a4db3373961c88fc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
458
content-type
text/html
date
Sun, 22 Dec 2024 00:58:37 GMT
last-modified
Sat, 21 Dec 2024 16:36:22 GMT
server
LiteSpeed
vary
Accept-Encoding
w3.css
www.w3schools.com/w3css/4/
23 KB
5 KB
Stylesheet
General
Full URL
https://www.w3schools.com/w3css/4/w3.css
Requested by
Host: www.m.xgramm.com
URL: https://www.m.xgramm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.173.207 New York, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mid/878F) / ASP.NET
Resource Hash
c4f2aba13970ecf8303fb9329f97c8824861569273b0aa27acce48abc61d04f5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://mycourses.w3schools.com https://pathfinder.w3schools.com;
X-Content-Security-Policy frame-ancestors 'self' https://mycourses.w3schools.com https://pathfinder.w3schools.com;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.m.xgramm.com/

Response headers

x-powered-by
ASP.NET
content-security-policy
frame-ancestors 'self' https://mycourses.w3schools.com https://pathfinder.w3schools.com;
cache-control
public,max-age=31536000,public
content-encoding
gzip
etag
"0b47fd28253db1:0+gzip"
age
47975
x-content-security-policy
frame-ancestors 'self' https://mycourses.w3schools.com https://pathfinder.w3schools.com;
accept-ranges
bytes
x-cache
HIT
content-length
5256
date
Sun, 22 Dec 2024 00:58:37 GMT
content-type
text/css
last-modified
Sat, 21 Dec 2024 08:32:08 GMT
server
ECS (mid/878F)
vary
Accept-Encoding
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/
82 KB
15 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css
Requested by
Host: www.m.xgramm.com
URL: https://www.m.xgramm.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a361e7885c36bacb3fd9cb068da207c3b9329962cac022d06e28923939f575e8
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.m.xgramm.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"619c057b-3a02"
age
142586
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XlC3Z3JT7IOFX1KcOCKTSXTUa1ZrumE5uIZfvr0FGYTX58fgjL4Tktb1qLDocnAGg4dL7TmAdAT8xhDz9uHJx21AM41EjgwlGHYcO1xwQUUF%2Fg0oc9PF78LIkErd8l3W7HpuMAdO"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Fri, 12 Dec 2025 00:58:37 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sun, 22 Dec 2024 00:58:37 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 22 Nov 2021 21:02:51 GMT
vary
Accept-Encoding
priority
u=0,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8f5c2a1f6a47da2b-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
14850
server
cloudflare
css2
fonts.googleapis.com/
631 B
844 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@20..48,100..700,0..1,-50..200
Requested by
Host: www.m.xgramm.com
URL: https://www.m.xgramm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
794a78ea2c9e04f9dcf3582566723f748611864d45d82e4883eeda0af4d69d95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.m.xgramm.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 22 Dec 2024 00:58:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 22 Dec 2024 00:58:37 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 22 Dec 2024 00:58:37 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
main.5e578594.js
www.m.xgramm.com/static/js/
747 KB
219 KB
Script
General
Full URL
https://www.m.xgramm.com/static/js/main.5e578594.js
Requested by
Host: www.m.xgramm.com
URL: https://www.m.xgramm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.31.172 Mammelzen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
rs9.rcnoc.com
Software
LiteSpeed /
Resource Hash
2d1c743c64b10b996332083a1f8a9df0433a17ece6b609dad30d6549de64fbdf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.m.xgramm.com/

Response headers

content-encoding
br
accept-ranges
bytes
content-length
223685
date
Sun, 22 Dec 2024 00:58:37 GMT
content-type
text/javascript
last-modified
Sat, 21 Dec 2024 16:38:48 GMT
vary
Accept-Encoding
server
LiteSpeed
main.673a1346.css
www.m.xgramm.com/static/css/
21 KB
4 KB
Stylesheet
General
Full URL
https://www.m.xgramm.com/static/css/main.673a1346.css
Requested by
Host: www.m.xgramm.com
URL: https://www.m.xgramm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.31.172 Mammelzen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
rs9.rcnoc.com
Software
LiteSpeed /
Resource Hash
bcc5864b0fe1d742614bfb81ba3d7c434c063dab4c04871078fbe7b09fa21f4a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.m.xgramm.com/

Response headers

cache-control
public, max-age=604800
content-encoding
br
expires
Sun, 29 Dec 2024 00:58:37 GMT
accept-ranges
bytes
content-length
4263
date
Sun, 22 Dec 2024 00:58:37 GMT
content-type
text/css
last-modified
Sat, 21 Dec 2024 16:38:48 GMT
vary
Accept-Encoding
server
LiteSpeed
truncated
/
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f7f8f7d85735ab4fba7b9f9f63650f2e2d7b8e33801633f48319bdc7a2a46785

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpg
feed.php
xgramm.com/xgramm_backend/main/
0
0
Preflight
General
Full URL
https://xgramm.com/xgramm_backend/main/feed.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.31.172 Mammelzen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
rs9.rcnoc.com
Software
LiteSpeed / PHP/8.3.14
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.m.xgramm.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Authorization
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 22 Dec 2024 00:58:38 GMT
server
LiteSpeed
x-powered-by
PHP/8.3.14
feed.php
xgramm.com/xgramm_backend/main/
6 KB
1 KB
Fetch
General
Full URL
https://xgramm.com/xgramm_backend/main/feed.php
Requested by
Host: www.m.xgramm.com
URL: https://www.m.xgramm.com/static/js/main.5e578594.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.31.172 Mammelzen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
rs9.rcnoc.com
Software
LiteSpeed / PHP/8.3.14
Resource Hash
8d3d66c6419f759ed7005cc2697d4693552379991395251be9bbb21b16fdb026

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.m.xgramm.com/

Response headers

content-encoding
br
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-length
977
date
Sun, 22 Dec 2024 00:58:39 GMT
content-type
application/json
x-powered-by
PHP/8.3.14
vary
Accept-Encoding
server
LiteSpeed
access-control-allow-headers
Content-Type, Authorization
1500684
avatars0.githubusercontent.com/u/
Redirect Chain
  • https://bit.ly/kent-c-dodds
  • https://avatars0.githubusercontent.com/u/1500684?s=460&v=4
20 KB
21 KB
Image
General
Full URL
https://avatars0.githubusercontent.com/u/1500684?s=460&v=4
Protocol
H2
Server
185.199.111.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-111-133.github.com
Software
/
Resource Hash
f32cdb050f5160b19411041d678e28d9ac7865e08793ec60310e28c06e860007
Security Headers
Name Value
Content-Security-Policy default-src 'none'
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.m.xgramm.com/

Response headers

x-fastly-request-id
54987fb6b01880acb14a50f4ca3c11a402182265
etag
"cf20a588d124629e7c946e7e9cd3a16140c6f086fab0ee5f87bb4fce19d2d6ca"
x-content-type-options
nosniff
x-github-request-id
C8D9:2AD2D3:17C881:19ED49:67618599
expires
Sun, 22 Dec 2024 01:03:38 GMT
x-cache
HIT
date
Sun, 22 Dec 2024 00:58:38 GMT
content-type
image/jpeg
last-modified
Tue, 05 Oct 2021 04:30:26 GMT
x-served-by
cache-mia-kmia1760093-MIA
x-cache-hits
0
x-frame-options
deny
strict-transport-security
max-age=31557600
vary
Authorization,Accept-Encoding
content-security-policy
default-src 'none'
cache-control
max-age=300
timing-allow-origin
https://github.com
x-timer
S1734829119.703720,VS0,VE1
source-age
384677
cross-origin-resource-policy
cross-origin
x-github-tenant
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
20501
x-xss-protection
1; mode=block

Redirect headers

content-security-policy
referrer always;
cache-control
private, max-age=90
location
https://avatars0.githubusercontent.com/u/1500684?s=460&v=4
referrer-policy
unsafe-url
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
115
date
Sun, 22 Dec 2024 00:58:38 GMT
content-type
text/html; charset=utf-8
server
nginx
file
ucc11d5bcb63cabbb3acee45d3cc.dl.dropboxusercontent.com/cd/0/get/CgvOEwrM8-jqVuDHFa_on5v6XJK-kMXMQ4EjWpJ_QB_eM8TBM4EMLJXXlO85dH4mPocejSMPaSpyWAtWXaQlYNBmgKx3W_cQmCogkRXsvRBLAzkX4d7ny1OUkn9rt0ebN0E/
Redirect Chain
  • https://bit.ly/sage-adebayo
  • https://www.dropbox.com/s/nd8z3hxuo3ahauk/segun_adebayo.jpg?dl=1
  • https://www.dropbox.com/scl/fi/lrngyrwfxorg4b02tupdk/segun_adebayo.jpg?rlkey=g39fzf0dsga8et333lx726ooy&dl=1
  • https://ucc11d5bcb63cabbb3acee45d3cc.dl.dropboxusercontent.com/cd/0/get/CgvOEwrM8-jqVuDHFa_on5v6XJK-kMXMQ4EjWpJ_QB_eM8TBM4EMLJXXlO85dH4mPocejSMPaSpyWAtWXaQlYNBmgKx3W_cQmCogkRXsvRBLAzkX4d7ny1OUkn9rt...
404 KB
404 KB
Image
General
Full URL
https://ucc11d5bcb63cabbb3acee45d3cc.dl.dropboxusercontent.com/cd/0/get/CgvOEwrM8-jqVuDHFa_on5v6XJK-kMXMQ4EjWpJ_QB_eM8TBM4EMLJXXlO85dH4mPocejSMPaSpyWAtWXaQlYNBmgKx3W_cQmCogkRXsvRBLAzkX4d7ny1OUkn9rt0ebN0E/file?dl=1
Protocol
H2
Server
2620:100:601c:15::a27d:60f , United States, ASN19679 (DROPBOX, US),
Reverse DNS
Software
envoy /
Resource Hash
5fcbff3d282a938724ed59febea1d7f6bb47b268790c3b8d64bd02e03d74ab25
Security Headers
Name Value
Content-Security-Policy sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy sandbox
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.m.xgramm.com/

Response headers

x-robots-tag
noindex, nofollow, noimageindex
etag
1450d
x-content-type-options
nosniff
date
Sun, 22 Dec 2024 00:58:39 GMT
x-server-response-time
260
content-type
application/binary
content-disposition
attachment; filename="segun_adebayo.jpg"; filename*=UTF-8''segun_adebayo.jpg
vary
Origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
sandbox
cache-control
max-age=60
x-dropbox-response-origin
far_remote
pragma
public
x-content-security-policy
sandbox
x-webkit-csp
sandbox
referrer-policy
no-referrer
accept-ranges
bytes
x-dropbox-request-id
173c611e333242e09ca1f46bcbb1b94b
content-length
413354
server
envoy

Redirect headers

x-robots-tag
noindex, nofollow, noimageindex
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
date
Sun, 22 Dec 2024 00:58:39 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.dropbox.com ; form-action https://docs.google.com/document/fsip/ https://docs.google.com/spreadsheets/fsip/ https://docs.google.com/presentation/fsip/ https://docs.sandbox.google.com/document/fsip/ https://docs.sandbox.google.com/spreadsheets/fsip/ https://docs.sandbox.google.com/presentation/fsip/ https://*.purple.officeapps.live-int.com https://officeapps-df.live.com https://*.officeapps-df.live.com https://officeapps.live.com https://*.officeapps.live.com https://paper.dropbox.com/cloud-docs/edit 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ https://onedrive.live.com/picker ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; script-src 'unsafe-eval' 'inline-speculation-rules' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js https://www.paypal.com/sdk/js 'nonce-Yp/998V6RBP8OLLvLOOIwqnf3So=' ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; img-src https://* data: blob: ; font-src https://* data: ; base-uri 'self' ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js https://www.dropbox.com/service_worker.js blob: ; media-src https://* blob: ; default-src https://www.dropbox.com/playlist/ https://www.dropbox.com/v/s/playlist/ https://*.dropboxusercontent.com/p/hls_master_playlist/ https://*.dropboxusercontent.com/p/hls_playlist/ ; connect-src https://* ws://127.0.0.1:*/ws blob: wss://dsimports.dropbox.com/, report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-dynamic ; script-src 'unsafe-eval' 'strict-dynamic' 'nonce-Yp/998V6RBP8OLLvLOOIwqnf3So=' 'nonce-gdO0bVXabQWc4+lNwKkLE0og4NQ='
cache-control
no-cache, no-store
location
https://ucc11d5bcb63cabbb3acee45d3cc.dl.dropboxusercontent.com/cd/0/get/CgvOEwrM8-jqVuDHFa_on5v6XJK-kMXMQ4EjWpJ_QB_eM8TBM4EMLJXXlO85dH4mPocejSMPaSpyWAtWXaQlYNBmgKx3W_cQmCogkRXsvRBLAzkX4d7ny1OUkn9rt0ebN0E/file?dl=1#
x-dropbox-response-origin
far_remote
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
x-dropbox-request-id
b4881a65af0445ecb55928a903afbff2
content-length
17
x-xss-protection
1; mode=block
server
envoy
100200
avatars3.githubusercontent.com/u/
Redirect Chain
  • https://bit.ly/ryan-florence
  • https://avatars3.githubusercontent.com/u/100200?s=460&v=4
23 KB
24 KB
Image
General
Full URL
https://avatars3.githubusercontent.com/u/100200?s=460&v=4
Protocol
H2
Server
185.199.109.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-133.github.com
Software
/
Resource Hash
ec8ab1567385693bc96f3cd4525344edb6376e6999ab9a76de7903e02d6319ab
Security Headers
Name Value
Content-Security-Policy default-src 'none'
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.m.xgramm.com/

Response headers

x-fastly-request-id
ef7da23858b10066d28d78605e2e3d34764de4e5
etag
"488faa1815eae58abeda54d8f786eda8779802f5e0b23a49ff2e668e917dd923"
x-content-type-options
nosniff
x-github-request-id
8E77:24F001:5ACEF1:64675E:675C218C
expires
Sun, 22 Dec 2024 01:03:38 GMT
x-cache
HIT
date
Sun, 22 Dec 2024 00:58:38 GMT
content-type
image/jpeg
last-modified
Fri, 26 Jan 2024 03:20:32 GMT
x-served-by
cache-mia-kmia1760097-MIA
x-cache-hits
0
x-frame-options
deny
strict-transport-security
max-age=31557600
vary
Authorization,Accept-Encoding
content-security-policy
default-src 'none'
cache-control
max-age=300
timing-allow-origin
https://github.com
x-timer
S1734829119.702782,VS0,VE2
source-age
737970
cross-origin-resource-policy
cross-origin
x-github-tenant
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
23590
x-xss-protection
1; mode=block

Redirect headers

content-security-policy
referrer always;
cache-control
private, max-age=90
location
https://avatars3.githubusercontent.com/u/100200?s=460&v=4
referrer-policy
unsafe-url
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
114
date
Sun, 22 Dec 2024 00:58:38 GMT
content-type
text/html; charset=utf-8
server
nginx
favicon.ico
www.m.xgramm.com/
4 KB
4 KB
Other
General
Full URL
https://www.m.xgramm.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.55.31.172 Mammelzen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
rs9.rcnoc.com
Software
LiteSpeed /
Resource Hash
3d10f7da6c603178340081668c4ac5b3ae9743ca9a262ab0fcd312fbb9f48bdd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.m.xgramm.com/login

Response headers

cache-control
public, max-age=604800
content-encoding
br
expires
Sun, 29 Dec 2024 00:58:38 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
3664
date
Sun, 22 Dec 2024 00:58:38 GMT
content-type
image/x-icon
last-modified
Wed, 23 Oct 2024 02:09:04 GMT
vary
Accept-Encoding
server
LiteSpeed
1500684
avatars0.githubusercontent.com/u/
Redirect Chain
  • https://bit.ly/kent-c-dodds
  • https://avatars0.githubusercontent.com/u/1500684?s=460&v=4
20 KB
0
Image
General
Full URL
https://avatars0.githubusercontent.com/u/1500684?s=460&v=4
Protocol
H2
Server
185.199.111.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-111-133.github.com
Software
/
Resource Hash
f32cdb050f5160b19411041d678e28d9ac7865e08793ec60310e28c06e860007
Security Headers
Name Value
Content-Security-Policy default-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.m.xgramm.com/

Response headers

x-fastly-request-id
54987fb6b01880acb14a50f4ca3c11a402182265
etag
"cf20a588d124629e7c946e7e9cd3a16140c6f086fab0ee5f87bb4fce19d2d6ca"
x-content-type-options
nosniff
x-github-request-id
C8D9:2AD2D3:17C881:19ED49:67618599
expires
Sun, 22 Dec 2024 01:03:38 GMT
x-cache
HIT
date
Sun, 22 Dec 2024 00:58:38 GMT
content-type
image/jpeg
last-modified
Tue, 05 Oct 2021 04:30:26 GMT
x-served-by
cache-mia-kmia1760093-MIA
x-cache-hits
0
x-frame-options
deny
source-age
384677
vary
Authorization,Accept-Encoding
content-security-policy
default-src 'none'
cache-control
max-age=300
timing-allow-origin
https://github.com
x-timer
S1734829119.703720,VS0,VE1
cross-origin-resource-policy
cross-origin
x-github-tenant
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
20501
x-xss-protection
1; mode=block

Redirect headers

content-security-policy
referrer always;
cache-control
private, max-age=90
location
https://avatars0.githubusercontent.com/u/1500684?s=460&v=4
referrer-policy
unsafe-url
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
115
date
Sun, 22 Dec 2024 00:58:38 GMT
content-type
text/html; charset=utf-8
server
nginx
100200
avatars3.githubusercontent.com/u/
Redirect Chain
  • https://bit.ly/ryan-florence
  • https://avatars3.githubusercontent.com/u/100200?s=460&v=4
23 KB
0
Image
General
Full URL
https://avatars3.githubusercontent.com/u/100200?s=460&v=4
Protocol
H2
Server
185.199.109.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-133.github.com
Software
/
Resource Hash
ec8ab1567385693bc96f3cd4525344edb6376e6999ab9a76de7903e02d6319ab
Security Headers
Name Value
Content-Security-Policy default-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.m.xgramm.com/

Response headers

x-fastly-request-id
ef7da23858b10066d28d78605e2e3d34764de4e5
etag
"488faa1815eae58abeda54d8f786eda8779802f5e0b23a49ff2e668e917dd923"
x-content-type-options
nosniff
x-github-request-id
8E77:24F001:5ACEF1:64675E:675C218C
expires
Sun, 22 Dec 2024 01:03:38 GMT
x-cache
HIT
date
Sun, 22 Dec 2024 00:58:38 GMT
content-type
image/jpeg
last-modified
Fri, 26 Jan 2024 03:20:32 GMT
x-served-by
cache-mia-kmia1760097-MIA
x-cache-hits
0
x-frame-options
deny
source-age
737970
vary
Authorization,Accept-Encoding
content-security-policy
default-src 'none'
cache-control
max-age=300
timing-allow-origin
https://github.com
x-timer
S1734829119.702782,VS0,VE2
cross-origin-resource-policy
cross-origin
x-github-tenant
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
23590
x-xss-protection
1; mode=block

Redirect headers

content-security-policy
referrer always;
cache-control
private, max-age=90
location
https://avatars3.githubusercontent.com/u/100200?s=460&v=4
referrer-policy
unsafe-url
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
114
date
Sun, 22 Dec 2024 00:58:38 GMT
content-type
text/html; charset=utf-8
server
nginx
file
uc9fd2f823a834d2a368e9f89d2c.dl.dropboxusercontent.com/cd/0/get/Cgs6aoOWpwPy_fd_9dmAtfD3y_Y3E49PkUljGIIAbOve49mJ3wFOx-qtVpR_fOWWCCTZk4oQ8hE0IIIRDIulzkK1bfm2bbWnL-85317XjGQGnPgtKg9W04BAvm09wLqclec/
Redirect Chain
  • https://bit.ly/sage-adebayo
  • https://www.dropbox.com/s/nd8z3hxuo3ahauk/segun_adebayo.jpg?dl=1
  • https://www.dropbox.com/scl/fi/lrngyrwfxorg4b02tupdk/segun_adebayo.jpg?rlkey=g39fzf0dsga8et333lx726ooy&dl=1
  • https://uc9fd2f823a834d2a368e9f89d2c.dl.dropboxusercontent.com/cd/0/get/Cgs6aoOWpwPy_fd_9dmAtfD3y_Y3E49PkUljGIIAbOve49mJ3wFOx-qtVpR_fOWWCCTZk4oQ8hE0IIIRDIulzkK1bfm2bbWnL-85317XjGQGnPgtKg9W04BAvm09w...
404 KB
404 KB
Image
General
Full URL
https://uc9fd2f823a834d2a368e9f89d2c.dl.dropboxusercontent.com/cd/0/get/Cgs6aoOWpwPy_fd_9dmAtfD3y_Y3E49PkUljGIIAbOve49mJ3wFOx-qtVpR_fOWWCCTZk4oQ8hE0IIIRDIulzkK1bfm2bbWnL-85317XjGQGnPgtKg9W04BAvm09wLqclec/file?dl=1
Protocol
H2
Server
2620:100:601c:15::a27d:60f , United States, ASN19679 (DROPBOX, US),
Reverse DNS
Software
envoy /
Resource Hash
5fcbff3d282a938724ed59febea1d7f6bb47b268790c3b8d64bd02e03d74ab25
Security Headers
Name Value
Content-Security-Policy sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy sandbox
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.m.xgramm.com/

Response headers

x-robots-tag
noindex, nofollow, noimageindex
etag
1450d
x-content-type-options
nosniff
date
Sun, 22 Dec 2024 00:58:40 GMT
x-server-response-time
229
content-type
application/binary
content-disposition
attachment; filename="segun_adebayo.jpg"; filename*=UTF-8''segun_adebayo.jpg
vary
Origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
sandbox
cache-control
max-age=60
x-dropbox-response-origin
far_remote
pragma
public
x-content-security-policy
sandbox
x-webkit-csp
sandbox
referrer-policy
no-referrer
accept-ranges
bytes
x-dropbox-request-id
40bfbc1cd4b04d648baf615a54a74dd0
content-length
413354
server
envoy

Redirect headers

x-robots-tag
noindex, nofollow, noimageindex
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
date
Sun, 22 Dec 2024 00:58:40 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
connect-src https://* ws://127.0.0.1:*/ws blob: wss://dsimports.dropbox.com/ ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; script-src 'unsafe-eval' 'inline-speculation-rules' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js https://www.paypal.com/sdk/js 'nonce-Yp/998V6RBP8OLLvLOOIwqnf3So=' ; base-uri 'self' ; frame-ancestors 'self' https://*.dropbox.com ; img-src https://* data: blob: ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; font-src https://* data: ; media-src https://* blob: ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; form-action https://docs.google.com/document/fsip/ https://docs.google.com/spreadsheets/fsip/ https://docs.google.com/presentation/fsip/ https://docs.sandbox.google.com/document/fsip/ https://docs.sandbox.google.com/spreadsheets/fsip/ https://docs.sandbox.google.com/presentation/fsip/ https://*.purple.officeapps.live-int.com https://officeapps-df.live.com https://*.officeapps-df.live.com https://officeapps.live.com https://*.officeapps.live.com https://paper.dropbox.com/cloud-docs/edit 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ https://onedrive.live.com/picker ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js https://www.dropbox.com/service_worker.js blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; default-src https://www.dropbox.com/playlist/ https://www.dropbox.com/v/s/playlist/ https://*.dropboxusercontent.com/p/hls_master_playlist/ https://*.dropboxusercontent.com/p/hls_playlist/, report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-dynamic ; script-src 'unsafe-eval' 'strict-dynamic' 'nonce-Yp/998V6RBP8OLLvLOOIwqnf3So=' 'nonce-gdO0bVXabQWc4+lNwKkLE0og4NQ='
cache-control
no-cache, no-store
location
https://uc9fd2f823a834d2a368e9f89d2c.dl.dropboxusercontent.com/cd/0/get/Cgs6aoOWpwPy_fd_9dmAtfD3y_Y3E49PkUljGIIAbOve49mJ3wFOx-qtVpR_fOWWCCTZk4oQ8hE0IIIRDIulzkK1bfm2bbWnL-85317XjGQGnPgtKg9W04BAvm09wLqclec/file?dl=1#
x-dropbox-response-origin
far_remote
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
x-dropbox-request-id
af26c499d5874bbc868ba61d483574be
content-length
17
x-xss-protection
1; mode=block
server
envoy

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackChunkxgramm_frontend string| __reactRouterVersion object| __framePainter

4 Cookies

Domain/Path Name / Value
www.dropbox.com/ Name: gvc
Value: NTUzMDUwMzQ4ODA4Nzk4NzU1ODY1OTY3ODYzMzA3Mjg4NjU1NTc=
.dropbox.com/ Name: t
Value: AZxGHHjOlWpP27RYbWJMvGJJ
www.dropbox.com/ Name: __Host-js_csrf
Value: AZxGHHjOlWpP27RYbWJMvGJJ
www.dropbox.com/ Name: __Host-logged-out-session
Value: ChAKaetCtYSufkTL812kWXGfEL7InbsGGi5BTHd4MXJkN21KaWRRam9hUzdEZndYWk1hWm5NS01CcjZQNW1tY25HSnJ4UzlB

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://www.m.xgramm.com/login
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o