URL: https://cublox.com/
Submission Tags: phishingrod
Submission: On March 26 via api from DE — Scanned from GB

Summary

This website contacted 7 IPs in 4 countries across 6 domains to perform 23 HTTP transactions. The main IP is 206.189.117.237, located in Slough, United Kingdom and belongs to DIGITALOCEAN-ASN, US. The main domain is cublox.com.
TLS certificate: Issued by R3 on March 20th 2024. Valid for: 3 months.
This is the only time cublox.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 206.189.117.237 14061 (DIGITALOC...)
1 104.17.25.14 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
2 104.16.86.20 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
23 7
Apex Domain
Subdomains
Transfer
14 cublox.com
cublox.com
987 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 112
ajax.googleapis.com — Cisco Umbrella Rank: 728
32 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 449
48 KB
1 gstatic.com
fonts.gstatic.com
241 KB
1 securityscorecard.com
securityscorecard.com — Cisco Umbrella Rank: 886387
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 389
6 KB
23 6
Domain Requested by
14 cublox.com cublox.com
3 fonts.googleapis.com cublox.com
2 cdn.jsdelivr.net cublox.com
1 fonts.gstatic.com fonts.googleapis.com
1 securityscorecard.com cublox.com
1 ajax.googleapis.com cublox.com
1 cdnjs.cloudflare.com cublox.com
23 7

This site contains links to these domains. Also see Links.

Domain
api-reference.straal.com
dashboard.cublox.com
kyc.cublox.com
portal.cublox.com
www.finteva.com
Subject Issuer Validity Valid
cublox.com
R3
2024-03-20 -
2024-06-18
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-07-03 -
2024-07-02
a year crt.sh
upload.video.google.com
GTS CA 1C3
2024-02-26 -
2024-05-20
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2024-02-26 -
2024-05-20
3 months crt.sh

This page contains 2 frames:

Primary Page: https://cublox.com/
Frame ID: 9B5203461738DB1591A9C83F62C59505
Requests: 22 HTTP requests in this frame

Frame: https://securityscorecard.com/security-rating/badge/cublox.com
Frame ID: B47C7AB5DCA8DF66DEB163F002DFF86F
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Cublox Ltd.

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

23
Requests

100 %
HTTPS

57 %
IPv6

6
Domains

7
Subdomains

7
IPs

4
Countries

1314 kB
Transfer

1599 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
cublox.com/
13 KB
4 KB
Document
General
Full URL
https://cublox.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
206.189.117.237 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f8f11b812995bf41fbdc5c838834b8ed89e8a4d189833914547390c5448ed342
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com https://cdnjs.cloudflare.com; script-src 'self' https://cdn.jsdelivr.net https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://fonts.googleapis.com; frame-src 'self' https://securityscorecard.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-GB,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-security-policy
default-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com https://cdnjs.cloudflare.com; script-src 'self' https://cdn.jsdelivr.net https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://fonts.googleapis.com; frame-src 'self' https://securityscorecard.com;
content-type
text/html
date
Tue, 26 Mar 2024 13:41:30 GMT
etag
W/"65fad3b6-328c"
expires
0
last-modified
Wed, 20 Mar 2024 12:16:54 GMT
pragma
no-cache
server
nginx/1.18.0 (Ubuntu)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
normalize.css
cublox.com/css/
6 KB
7 KB
Stylesheet
General
Full URL
https://cublox.com/css/normalize.css
Requested by
Host: cublox.com
URL: https://cublox.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
206.189.117.237 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
580818700724d42d7fcc4979b0197971fca1c6d2e0286769237a0ac897df5512
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com https://cdnjs.cloudflare.com; script-src 'self' https://cdn.jsdelivr.net https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://fonts.googleapis.com; frame-src 'self' https://securityscorecard.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://cublox.com/
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 26 Mar 2024 13:41:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com https://cdnjs.cloudflare.com; script-src 'self' https://cdn.jsdelivr.net https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://fonts.googleapis.com; frame-src 'self' https://securityscorecard.com;
last-modified
Tue, 21 Nov 2023 11:11:32 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"655c9064-17fa"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
6138
x-xss-protection
1; mode=block
expires
0
style.css
cublox.com/css/
26 KB
27 KB
Stylesheet
General
Full URL
https://cublox.com/css/style.css?6
Requested by
Host: cublox.com
URL: https://cublox.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
206.189.117.237 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d8025731bd12a18f9e0f5a636a763219e7fd541c1bbd554c8a9bebab1faf36af
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com https://cdnjs.cloudflare.com; script-src 'self' https://cdn.jsdelivr.net https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://fonts.googleapis.com; frame-src 'self' https://securityscorecard.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://cublox.com/
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 26 Mar 2024 13:41:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com https://cdnjs.cloudflare.com; script-src 'self' https://cdn.jsdelivr.net https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://fonts.googleapis.com; frame-src 'self' https://securityscorecard.com;
last-modified
Mon, 08 Jan 2024 09:57:36 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"659bc710-6968"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
26984
x-xss-protection
1; mode=block
expires
0
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/
30 KB
6 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: cublox.com
URL: https://cublox.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://cublox.com/
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 13:41:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
585168
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lrmfy0nktIfdo0caE8Tthbakw76ZQFhY03bw5xnFkY507vfS39FmPOX7m7k%2Bg7a%2FUZqTHq6358vrdhih9ZDSkw0biSBQzSZdOHnmNlYWV6vY9KP22RKYmZOZRz4LdmB7656C1n9Y"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
86a78f004d116361-LHR
expires
Sun, 16 Mar 2025 13:41:30 GMT
css2
fonts.googleapis.com/
696 B
538 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@24,400,0,0
Requested by
Host: cublox.com
URL: https://cublox.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6d8a064669dc2d2a74d556a8482ec8ba0c959b65eb30aad18d1ac6b43d772570
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://cublox.com/
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 26 Mar 2024 13:41:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 26 Mar 2024 13:41:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 26 Mar 2024 13:41:30 GMT
css
fonts.googleapis.com/
4 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700&subset=latin-ext
Requested by
Host: cublox.com
URL: https://cublox.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
396bd1ab182a204c8c227c5d6aef6cbe3a3481500e816635b408da715695dfa1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://cublox.com/
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 26 Mar 2024 13:41:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 26 Mar 2024 13:08:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 26 Mar 2024 13:41:30 GMT
css2
fonts.googleapis.com/
25 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Kanit:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: cublox.com
URL: https://cublox.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1f7ec1da301a588a6d7063c62b33d1e18bec6374631fb15bd94ba30a49af54be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://cublox.com/
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 26 Mar 2024 13:41:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 26 Mar 2024 13:15:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 26 Mar 2024 13:41:30 GMT
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/
152 KB
24 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css
Requested by
Host: cublox.com
URL: https://cublox.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.86.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://cublox.com/
Origin
https://cublox.com
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 13:41:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
382675
x-jsd-version
5.0.2
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230097-FRA, cache-lga21934-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nU7oCE9yGMwjAj1i620cfgPUNYTZa%2FGBAZl3tT2D%2FFEXaJFTWOHtoAvbC6fSxKDA2l6z4noyB25y0HFL3jgFIrX6B06953Yp%2FbMdCZL9V%2B4h12lqyivEIgCgLrtlNuZo%2Bzk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
86a78f00584edc9b-LHR
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/
77 KB
23 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js
Requested by
Host: cublox.com
URL: https://cublox.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.86.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://cublox.com/
Origin
https://cublox.com
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 13:41:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
682345
x-jsd-version
5.0.2
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230080-FRA, cache-lga21921-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"13397-kBFpUnUH/55mLPZNjjYfNZMIlw0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VtotiSQn%2F87Z3A7XOrfbYnX8rQPoRiNrtgdrxfsCOCJN1xqG4ujOHFIv3%2B3XNfXhGqCSMF7Xyd2QlUQOIq%2Bi0RZerSDnJveGr69uwiReFulQuoWKhauLK64%2FvUpgD2hMioI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
86a78f00584cdc9b-LHR
bootstrap-rfs.css
cublox.com/css/
787 B
1 KB
Stylesheet
General
Full URL
https://cublox.com/css/bootstrap-rfs.css
Requested by
Host: cublox.com
URL: https://cublox.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
206.189.117.237 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8df2e10e4889520b86535f23c152b743e9c3005cff47cb00af67e2058c2d5e53
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com https://cdnjs.cloudflare.com; script-src 'self' https://cdn.jsdelivr.net https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://fonts.googleapis.com; frame-src 'self' https://securityscorecard.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://cublox.com/
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 26 Mar 2024 13:41:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com https://cdnjs.cloudflare.com; script-src 'self' https://cdn.jsdelivr.net https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://fonts.googleapis.com; frame-src 'self' https://securityscorecard.com;
last-modified
Tue, 21 Nov 2023 11:11:32 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"655c9064-313"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
787
x-xss-protection
1; mode=block
expires
0
logo1.png
cublox.com/images/logo/
19 KB
20 KB
Image
General
Full URL
https://cublox.com/images/logo/logo1.png
Requested by
Host: cublox.com
URL: https://cublox.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
206.189.117.237 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f00b6005fe6fde1b4bfa407ccfac7a067c874f9c48a945285ad48e873c2fa7d1
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com https://cdnjs.cloudflare.com; script-src 'self' https://cdn.jsdelivr.net https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://fonts.googleapis.com; frame-src 'self' https://securityscorecard.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://cublox.com/
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 26 Mar 2024 13:41:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com https://cdnjs.cloudflare.com; script-src 'self' https://cdn.jsdelivr.net https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://fonts.googleapis.com; frame-src 'self' https://securityscorecard.com;
last-modified
Tue, 21 Nov 2023 11:11:32 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"655c9064-4bc5"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
19397
x-xss-protection
1; mode=block
expires
0
71.png
cublox.com/images/menu/
142 KB
143 KB
Image
General
Full URL
https://cublox.com/images/menu/71.png
Requested by
Host: cublox.com
URL: https://cublox.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
206.189.117.237 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a1123ab9c1aa431f3445ef096960cf14e98c99a85677024e004fa09421edacc0
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com https://cdnjs.cloudflare.com; script-src 'self' https://cdn.jsdelivr.net https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://fonts.googleapis.com; frame-src 'self' https://securityscorecard.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://cublox.com/
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 26 Mar 2024 13:41:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com https://cdnjs.cloudflare.com; script-src 'self' https://cdn.jsdelivr.net https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://fonts.googleapis.com; frame-src 'self' https://securityscorecard.com;
last-modified
Thu, 23 Nov 2023 11:47:26 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"655f3bce-238e7"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
145639
x-xss-protection
1; mode=block
expires
0
72.png
cublox.com/images/menu/
138 KB
138 KB
Image
General
Full URL
https://cublox.com/images/menu/72.png
Requested by
Host: cublox.com
URL: https://cublox.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
206.189.117.237 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ffc157309859a7adf2b651492ebf8e980fd163e3f99e4701730cd3e8aa95b8b2
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com https://cdnjs.cloudflare.com; script-src 'self' https://cdn.jsdelivr.net https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://fonts.googleapis.com; frame-src 'self' https://securityscorecard.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://cublox.com/
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 26 Mar 2024 13:41:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com https://cdnjs.cloudflare.com; script-src 'self' https://cdn.jsdelivr.net https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://fonts.googleapis.com; frame-src 'self' https://securityscorecard.com;
last-modified
Thu, 23 Nov 2023 11:47:26 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"655f3bce-2266d"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
140909
x-xss-protection
1; mode=block
expires
0
73.png
cublox.com/images/menu/
246 KB
247 KB
Image
General
Full URL
https://cublox.com/images/menu/73.png
Requested by
Host: cublox.com
URL: https://cublox.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
206.189.117.237 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
19e6839dcc75151f27b04edbbaad97095dbc5decbcd7bfdc7c603d93dfa5a087
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com https://cdnjs.cloudflare.com; script-src 'self' https://cdn.jsdelivr.net https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://fonts.googleapis.com; frame-src 'self' https://securityscorecard.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://cublox.com/
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 26 Mar 2024 13:41:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com https://cdnjs.cloudflare.com; script-src 'self' https://cdn.jsdelivr.net https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://fonts.googleapis.com; frame-src 'self' https://securityscorecard.com;
last-modified
Thu, 23 Nov 2023 11:47:26 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"655f3bce-3d9f4"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
252404
x-xss-protection
1; mode=block
expires
0
cublox_logo_100x100.png
cublox.com/images/
7 KB
7 KB
Image
General
Full URL
https://cublox.com/images/cublox_logo_100x100.png
Requested by
Host: cublox.com
URL: https://cublox.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
206.189.117.237 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2664402f7b6d2b0a8204a8647b82980d62386d832dce7d8feddb18f63da7bdb0
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com https://cdnjs.cloudflare.com; script-src 'self' https://cdn.jsdelivr.net https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://fonts.googleapis.com; frame-src 'self' https://securityscorecard.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://cublox.com/
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 26 Mar 2024 13:41:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com https://cdnjs.cloudflare.com; script-src 'self' https://cdn.jsdelivr.net https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://fonts.googleapis.com; frame-src 'self' https://securityscorecard.com;
last-modified
Thu, 23 Nov 2023 08:45:48 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"655f113c-1a92"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
6802
x-xss-protection
1; mode=block
expires
0
phon2.png
cublox.com/images/
342 KB
343 KB
Image
General
Full URL
https://cublox.com/images/phon2.png
Requested by
Host: cublox.com
URL: https://cublox.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
206.189.117.237 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2fd98bd1e08c8476411783d1168ee8d4b69c29939979d255c2eb8f797edab0a9
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com https://cdnjs.cloudflare.com; script-src 'self' https://cdn.jsdelivr.net https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://fonts.googleapis.com; frame-src 'self' https://securityscorecard.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://cublox.com/
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 26 Mar 2024 13:41:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com https://cdnjs.cloudflare.com; script-src 'self' https://cdn.jsdelivr.net https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://fonts.googleapis.com; frame-src 'self' https://securityscorecard.com;
last-modified
Wed, 22 Nov 2023 13:41:51 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"655e051f-559a0"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
350624
x-xss-protection
1; mode=block
expires
0
APay.png
cublox.com/images/pay/
5 KB
5 KB
Image
General
Full URL
https://cublox.com/images/pay/APay.png
Requested by
Host: cublox.com
URL: https://cublox.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
206.189.117.237 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0b25020006b8c697862feca9094f68b1deffd0afa5c0b40f480dfdf90aff27e2
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com https://cdnjs.cloudflare.com; script-src 'self' https://cdn.jsdelivr.net https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://fonts.googleapis.com; frame-src 'self' https://securityscorecard.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://cublox.com/
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 26 Mar 2024 13:41:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com https://cdnjs.cloudflare.com; script-src 'self' https://cdn.jsdelivr.net https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://fonts.googleapis.com; frame-src 'self' https://securityscorecard.com;
last-modified
Fri, 16 Feb 2024 08:18:08 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"65cf1a40-123b"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
4667
x-xss-protection
1; mode=block
expires
0
GPay.png
cublox.com/images/pay/
33 KB
34 KB
Image
General
Full URL
https://cublox.com/images/pay/GPay.png
Requested by
Host: cublox.com
URL: https://cublox.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
206.189.117.237 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
510b0d3f2370083584fbfdc0d2978f0858beec21b1311e5d01c80780f207f3cb
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com https://cdnjs.cloudflare.com; script-src 'self' https://cdn.jsdelivr.net https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://fonts.googleapis.com; frame-src 'self' https://securityscorecard.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://cublox.com/
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 26 Mar 2024 13:41:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com https://cdnjs.cloudflare.com; script-src 'self' https://cdn.jsdelivr.net https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://fonts.googleapis.com; frame-src 'self' https://securityscorecard.com;
last-modified
Fri, 16 Feb 2024 08:18:08 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"65cf1a40-8562"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
34146
x-xss-protection
1; mode=block
expires
0
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.4/
82 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
Requested by
Host: cublox.com
URL: https://cublox.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://cublox.com/
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 18:30:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69075
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29725
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 25 Mar 2025 18:30:15 GMT
lib.js
cublox.com/assets/js/
2 KB
3 KB
Script
General
Full URL
https://cublox.com/assets/js/lib.js
Requested by
Host: cublox.com
URL: https://cublox.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
206.189.117.237 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b30e1c0fd31dc572da3a843b57729629efd460fcbac17bbd02441674a5b2ab22
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com https://cdnjs.cloudflare.com; script-src 'self' https://cdn.jsdelivr.net https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://fonts.googleapis.com; frame-src 'self' https://securityscorecard.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://cublox.com/
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 26 Mar 2024 13:41:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com https://cdnjs.cloudflare.com; script-src 'self' https://cdn.jsdelivr.net https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://fonts.googleapis.com; frame-src 'self' https://securityscorecard.com;
last-modified
Tue, 21 Nov 2023 11:11:32 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"655c9064-7f7"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
2039
x-xss-protection
1; mode=block
expires
0
cublox.com
securityscorecard.com/security-rating/badge/ Frame B47C
0
0
Document
General
Full URL
https://securityscorecard.com/security-rating/badge/cublox.com
Requested by
Host: cublox.com
URL: https://cublox.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:e250 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Next.js
Resource Hash
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'self' https://*; default-src *.crazyegg.com; object-src 'none'; img-src 'self' *.crazyegg.com blob: data: https:; media-src 'self' mediastream: https://*.qualified.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.heapanalytics.com *.crazyegg.com https://www.datadoghq-browser-agent.com blob: data: https:; style-src 'self' 'unsafe-inline' https://*.qualified.com https:; font-src 'self' securityscorecard.com securityscorecard.camp instant.securityscorecard.com *.auryc.com instant.securityscorecard.camp data: https:; frame-src 'self' https://*.qualified.com https:; connect-src 'self' securityscorecard.com securityscorecard.camp instant.securityscorecard.com *.crazyegg.com https://*.qualified.com wss://*.qualified.com *.auryc.com https://*.browser-intake-datadoghq.com https:; base-uri 'self'; form-action 'self' https:; worker-src blob:; child-src https://*.qualified.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cublox.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-GB,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
13485
cache-control
public, max-age=2592000, stale-if-error=86400
cf-apo-via
tcache
cf-cache-status
HIT
cf-ray
86a78f01ed3e773e-LHR
content-encoding
br
content-security-policy
block-all-mixed-content; frame-ancestors 'self' https://*; default-src *.crazyegg.com; object-src 'none'; img-src 'self' *.crazyegg.com blob: data: https:; media-src 'self' mediastream: https://*.qualified.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.heapanalytics.com *.crazyegg.com https://www.datadoghq-browser-agent.com blob: data: https:; style-src 'self' 'unsafe-inline' https://*.qualified.com https:; font-src 'self' securityscorecard.com securityscorecard.camp instant.securityscorecard.com *.auryc.com instant.securityscorecard.camp data: https:; frame-src 'self' https://*.qualified.com https:; connect-src 'self' securityscorecard.com securityscorecard.camp instant.securityscorecard.com *.crazyegg.com https://*.qualified.com wss://*.qualified.com *.auryc.com https://*.browser-intake-datadoghq.com https:; base-uri 'self'; form-action 'self' https:; worker-src blob:; child-src https://*.qualified.com;
content-type
text/html; charset=utf-8
date
Tue, 26 Mar 2024 13:41:30 GMT
permissions-policy
fullscreen 'self' https://*.securityscorecard.com https://securityscorecard.com; geolocation 'self' https://securityscorecard.com; camera 'none';
referrer-policy
no-referrer-when-downgrade
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
Next.js
x-xss-protection
1; mode=block
kJF1BvYX7BgnkSrUwT8OhrdQw4oELdPIeeII9v6oDMzByHX9rA6RzaxHMPdY43zj-jCxv3fzvRNU22ZXGJpEpjC_1v-p_4MrImHCIJIZrDCvHOej.woff2
fonts.gstatic.com/s/materialsymbolsoutlined/v170/
240 KB
241 KB
Font
General
Full URL
https://fonts.gstatic.com/s/materialsymbolsoutlined/v170/kJF1BvYX7BgnkSrUwT8OhrdQw4oELdPIeeII9v6oDMzByHX9rA6RzaxHMPdY43zj-jCxv3fzvRNU22ZXGJpEpjC_1v-p_4MrImHCIJIZrDCvHOej.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@24,400,0,0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
156e9c691b5722ffd7e65124fb7f54768d8af7e5dcb649f325e98e8e26991e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://cublox.com
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 08:05:39 GMT
x-content-type-options
nosniff
age
20151
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
245764
x-xss-protection
0
last-modified
Wed, 20 Mar 2024 16:07:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Mar 2025 08:05:39 GMT
favicon.ico
cublox.com/images/
7 KB
7 KB
Other
General
Full URL
https://cublox.com/images/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
206.189.117.237 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2664402f7b6d2b0a8204a8647b82980d62386d832dce7d8feddb18f63da7bdb0
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com https://cdnjs.cloudflare.com; script-src 'self' https://cdn.jsdelivr.net https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://fonts.googleapis.com; frame-src 'self' https://securityscorecard.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://cublox.com/
accept-language
en-GB,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 26 Mar 2024 13:41:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com https://cdnjs.cloudflare.com; script-src 'self' https://cdn.jsdelivr.net https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://fonts.googleapis.com; frame-src 'self' https://securityscorecard.com;
last-modified
Tue, 21 Nov 2023 11:11:32 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"655c9064-1a92"
x-frame-options
SAMEORIGIN
content-type
image/x-icon
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
6802
x-xss-protection
1; mode=block
expires
0

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onpagereveal number| uidEvent object| bootstrap function| $ function| jQuery function| printmsg function| scrollFunction

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com https://cdnjs.cloudflare.com; script-src 'self' https://cdn.jsdelivr.net https://ajax.googleapis.com https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://fonts.googleapis.com; frame-src 'self' https://securityscorecard.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
cublox.com
fonts.googleapis.com
fonts.gstatic.com
securityscorecard.com
104.16.86.20
104.17.25.14
206.189.117.237
2606:4700::6810:e250
2a00:1450:4001:803::200a
2a00:1450:4001:80e::200a
2a00:1450:4001:829::2003
0b25020006b8c697862feca9094f68b1deffd0afa5c0b40f480dfdf90aff27e2
156e9c691b5722ffd7e65124fb7f54768d8af7e5dcb649f325e98e8e26991e14
19e6839dcc75151f27b04edbbaad97095dbc5decbcd7bfdc7c603d93dfa5a087
1f7ec1da301a588a6d7063c62b33d1e18bec6374631fb15bd94ba30a49af54be
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
2664402f7b6d2b0a8204a8647b82980d62386d832dce7d8feddb18f63da7bdb0
2fd98bd1e08c8476411783d1168ee8d4b69c29939979d255c2eb8f797edab0a9
396bd1ab182a204c8c227c5d6aef6cbe3a3481500e816635b408da715695dfa1
510b0d3f2370083584fbfdc0d2978f0858beec21b1311e5d01c80780f207f3cb
580818700724d42d7fcc4979b0197971fca1c6d2e0286769237a0ac897df5512
6d8a064669dc2d2a74d556a8482ec8ba0c959b65eb30aad18d1ac6b43d772570
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
8df2e10e4889520b86535f23c152b743e9c3005cff47cb00af67e2058c2d5e53
a1123ab9c1aa431f3445ef096960cf14e98c99a85677024e004fa09421edacc0
b30e1c0fd31dc572da3a843b57729629efd460fcbac17bbd02441674a5b2ab22
d8025731bd12a18f9e0f5a636a763219e7fd541c1bbd554c8a9bebab1faf36af
f00b6005fe6fde1b4bfa407ccfac7a067c874f9c48a945285ad48e873c2fa7d1
f8f11b812995bf41fbdc5c838834b8ed89e8a4d189833914547390c5448ed342
ffc157309859a7adf2b651492ebf8e980fd163e3f99e4701730cd3e8aa95b8b2