threatintelligenceplatform.com Open in urlscan Pro
2606:4700:20::ac43:4739 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD
Submission: On July 28 via api (July 28th 2020, 2:59:11 am UTC) from DE

Summary HTTP 50 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 18 IPs in 8 countries across 14 domains to perform 50 HTTP transactions. The main IP is 2606:4700:20::ac43:4739, located in United States and belongs to CLOUDFLARENET, US. The main domain is threatintelligenceplatform.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 7th 2020. Valid for: a year.

This is the only time threatintelligenceplatform.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	2606:4700:20:... 2606:4700:20::ac43:4739	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2606:4700::68... 2606:4700::6810:85e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	207.21.195.85 207.21.195.85	13768 (COGECO-PEER1) (COGECO-PEER1)
1	2a00:1450:400... 2a00:1450:4001:81f::200a	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:815::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:28c::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	147.75.100.245 147.75.100.245	54825 (PACKET) (PACKET)
1	51.140.39.77 51.140.39.77	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:400c:c0a::9b	15169 (GOOGLE) (GOOGLE)
1 2	2a05:f500:10:... 2a05:f500:10:101::b93f:9105	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:3::621 2a04:4e42:3::621	54113 (FASTLY) (FASTLY)
2	104.26.7.186 104.26.7.186	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:81d::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE)
3	2607:f2d8:1:2... 2607:f2d8:1:23::2	18450 (WEBNX) (WEBNX)
1	34.254.3.164 34.254.3.164	16509 (AMAZON-02) (AMAZON-02)
50	18

18 2606:4700:20::ac43:4739 (United States)

ASN13335 (CLOUDFLARENET, US)

threatintelligenceplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6810:85e5 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.21.195.85 (Canada)

ASN13768 (COGECO-PEER1, CA)
PTR: partner.domaining.com

partner.domaining.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:815::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:28c::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 147.75.100.245 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress2

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.140.39.77 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

secure.perk0mean.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:10:101::b93f:9105 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.7.186 (United States)

ASN13335 (CLOUDFLARENET, US)

www.amcharts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81d::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f2d8:1:23::2 (United States)

ASN18450 (WEBNX, US)

api.threatintelligenceplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.254.3.164 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-3-164.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	threatintelligenceplatform.com threatintelligenceplatform.com api.threatintelligenceplatform.com	309 KB
8	cloudflare.com ajax.cloudflare.com cdnjs.cloudflare.com	119 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	163 KB
4	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com	89 KB
3	google.com www.google.com	545 B
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	2 KB
2	amcharts.com www.amcharts.com	101 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
1	polyfill.io cdn.polyfill.io	583 B
1	doubleclick.net stats.g.doubleclick.net	99 B
1	perk0mean.com secure.perk0mean.com	403 B
1	licdn.com snap.licdn.com	2 KB
1	googleapis.com fonts.googleapis.com	911 B
1	domaining.com partner.domaining.com	10 KB
50	14

	Domain	Requested by
18	threatintelligenceplatform.com	threatintelligenceplatform.com ajax.cloudflare.com
7	cdnjs.cloudflare.com	ajax.cloudflare.com
3	api.threatintelligenceplatform.com	cdnjs.cloudflare.com
3	www.google.com	ajax.cloudflare.com www.gstatic.com
3	fonts.gstatic.com	threatintelligenceplatform.com
2	www.amcharts.com	ajax.cloudflare.com
2	px.ads.linkedin.com	1 redirects threatintelligenceplatform.com
2	www.google-analytics.com	1 redirects threatintelligenceplatform.com
1	in.hotjar.com	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	www.gstatic.com	www.google.com
1	script.hotjar.com	static.hotjar.com
1	cdn.polyfill.io	ajax.cloudflare.com
1	www.linkedin.com	1 redirects
1	stats.g.doubleclick.net	threatintelligenceplatform.com
1	secure.perk0mean.com	ajax.cloudflare.com
1	static.hotjar.com	threatintelligenceplatform.com
1	snap.licdn.com	threatintelligenceplatform.com
1	fonts.googleapis.com	threatintelligenceplatform.com
1	partner.domaining.com	threatintelligenceplatform.com
1	ajax.cloudflare.com	threatintelligenceplatform.com
50	21

This site contains links to these domains. Also see Links.

Domain
mexichemcorp.com
www.amcharts.com
www.mexichemcorp.com
mx01.ionos.mx
mx00.ionos.mx
ns1124.ui-dns.biz
ns1046.ui-dns.com
ns1051.ui-dns.org
ns1110.ui-dns.de
0800network.com
0818.eu
1-a-kommunikation.de
1-bsc-giessen.de
1000brentfordmen.com
1000et1vues.com
1000gotas.com
1000thabor.fr
1001entreprises.fr
101prod.com
www.domaining.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-07` - `2021-07-07`	a year	crt.sh
cloudflare.com Cloudflare Inc ECC CA-3	`2020-07-04` - `2021-07-04`	a year	crt.sh
partner.domaining.com Sectigo RSA Domain Validation Secure Server CA	`2020-02-04` - `2022-02-03`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2020-06-17` - `2020-09-15`	3 months	crt.sh
secure.norm0care.com Sectigo RSA Domain Validation Secure Server CA	`2020-03-03` - `2021-05-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2020-03-04` - `2020-09-04`	6 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-07-08` - `2021-04-17`	9 months	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2020-06-18` - `2020-09-16`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.threatintelligenceplatform.com COMODO RSA Domain Validation Secure Server CA	`2017-10-17` - `2020-10-16`	3 years	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2020-06-16` - `2020-09-14`	3 months	crt.sh
*.hotjar.com Amazon	`2019-09-27` - `2020-10-27`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD
Frame ID: 882BC474CBEE2475953F1CDE5B0BA6E9
Requests: 48 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 2FA20C8F0F46104E33D8DEC1EE22B85F
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc7L2EUAAAAANVoe3FQqoC0RjmlZt1C-y634SCZ&co=aHR0cHM6Ly90aHJlYXRpbnRlbGxpZ2VuY2VwbGF0Zm9ybS5jb206NDQz&hl=en&v=r8WWNwsCvXtk22_oRSVCCZx9&size=invisible&badge=bottomright&cb=gmcf63xhpwn6
Frame ID: 26CBAFB422862632EA7BBC1C7D07C24D
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=r8WWNwsCvXtk22_oRSVCCZx9&k=6Lc7L2EUAAAAANVoe3FQqoC0RjmlZt1C-y634SCZ&cb=7udn1cl72rkn
Frame ID: B1355C38571086AA3BF4380AC81C2C74
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

50
Requests

100 %
HTTPS

72 %
IPv6

14
Domains

21
Subdomains

18
IPs

8
Countries

813 kB
Transfer

2628 kB
Size

0
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: http://mexichemcorp.com/
Title: mexichemcorp.com

Search URL Search Domain Scan URL

URL: http://www.amcharts.com/javascript-maps/
Title: JS map by amCharts

Search URL Search Domain Scan URL

URL: http://www.mexichemcorp.com/
Title: www.mexichemcorp.com

Search URL Search Domain Scan URL

URL: http://mx01.ionos.mx/
Title: mx01.ionos.mx

Search URL Search Domain Scan URL

URL: http://mx00.ionos.mx/
Title: mx00.ionos.mx

Search URL Search Domain Scan URL

URL: http://ns1124.ui-dns.biz/
Title: ns1124.ui-dns.biz

Search URL Search Domain Scan URL

URL: http://ns1046.ui-dns.com/
Title: ns1046.ui-dns.com

Search URL Search Domain Scan URL

URL: http://ns1051.ui-dns.org/
Title: ns1051.ui-dns.org

Search URL Search Domain Scan URL

URL: http://ns1110.ui-dns.de/
Title: ns1110.ui-dns.de

Search URL Search Domain Scan URL

URL: http://0800network.com/
Title: 0800network.com

Search URL Search Domain Scan URL

URL: http://0818.eu/
Title: 0818.eu

Search URL Search Domain Scan URL

URL: http://1-a-kommunikation.de/
Title: 1-a-kommunikation.de

Search URL Search Domain Scan URL

URL: http://1-bsc-giessen.de/
Title: 1-bsc-giessen.de

Search URL Search Domain Scan URL

URL: http://1000brentfordmen.com/
Title: 1000brentfordmen.com

Search URL Search Domain Scan URL

URL: http://1000et1vues.com/
Title: 1000et1vues.com

Search URL Search Domain Scan URL

URL: http://1000gotas.com/
Title: 1000gotas.com

Search URL Search Domain Scan URL

URL: http://1000thabor.fr/
Title: 1000thabor.fr

Search URL Search Domain Scan URL

URL: http://1001entreprises.fr/
Title: 1001entreprises.fr

Search URL Search Domain Scan URL

URL: http://101prod.com/
Title: 101prod.com

Search URL Search Domain Scan URL

URL: https://www.domaining.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=54393046&t=pageview&_s=1&dl=https%3A%2F%2Fthreatintelligenceplatform.com%2Freport%2Fmexichemcorp.com%2FVI8rBpYgrD&ul=en-us&de=UTF-8&dt=Website%20Analysis%20of%20mexichemcorp.com%20-%20Threat%20Intelligence%20Platform&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=321602832&gjid=1156261033&cid=2018953909.1595905122&tid=UA-104654692-1&_gid=273934282.1595905122&_r=1&z=1805251111 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-104654692-1&cid=2018953909.1595905122&jid=321602832&_gid=273934282.1595905122&gjid=1156261033&_v=j83&z=1805251111

Request Chain 15

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=167604&url=https%3A%2F%2Fthreatintelligenceplatform.com%2Freport%2Fmexichemcorp.com%2FVI8rBpYgrD&time=1595905122475 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D167604%26url%3Dhttps%253A%252F%252Fthreatintelligenceplatform.com%252Freport%252Fmexichemcorp.com%252FVI8rBpYgrD%26time%3D1595905122475%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=167604&url=https%3A%2F%2Fthreatintelligenceplatform.com%2Freport%2Fmexichemcorp.com%2FVI8rBpYgrD&time=1595905122475&liSync=true

50 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request VI8rBpYgrD Show response
threatintelligenceplatform.com/report/mexichemcorp.com/ 55 KB
24 KB 901ms
849ms Document
text/html 2606:4700:20::ac43:4739
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4739 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90becca85ee5cadf8e04892c62ecf554376b5717cdc4a96b5a7b23c4ff577752

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: threatintelligenceplatform.com
:scheme: https
:path: /report/mexichemcorp.com/VI8rBpYgrD
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 28 Jul 2020 02:58:42 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=df6530051925f0508b20b69cdb69c30921595905121; expires=Thu, 27-Aug-20 02:58:41 GMT; path=/; domain=.threatintelligenceplatform.com; HttpOnly; SameSite=Lax XSRF-TOKEN=eyJpdiI6IlE1cFhaamZHdDhEUTRLM3pEcUd1Mnc9PSIsInZhbHVlIjoiSHNPeEpCb01Vdk85M0QxcStzRnZac1p3emJ4ZEx3UlVTWjRRYnlrXC9qQ1FJTHV3dFwvcFVudTdnOVVkajJSdVRKYVlIdXhmcHVUWktCNm5PZkoxTXFyZz09IiwibWFjIjoiZjlmMjE1OTEwNTliMmYwNGZlNGYxZDYzMzUyMjFjOWY3MjgyZjRlOWJjNmJkNjUzMmY2ZjZkMzQwNTIwZjFjMCJ9; expires=Tue, 28-Jul-2020 04:58:41 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6IldUVkhLMUlEYytaXC9odDJQemN2OXNBPT0iLCJ2YWx1ZSI6IlZ5ak84SnB6aUhSTG4wRnFGUnpoS2xRNVwvWGxBNTAya2tmTkFHWUVXZkdtekxNbkE1ZDhPVE52bUxZT05DOVdQb0tPa3AwVVJZZXRUXC9ybVg3STZxMnc9PSIsIm1hYyI6IjYxMzdhOTNhOTFhZjhmM2JmNjg5ZmYzMTcwZDEyN2U4Y2Y4ZTQ0NmYxMGU1MmM0NmY2M2I0NTQ0YjVmNTA1NjEifQ%3D%3D; expires=Tue, 28-Jul-2020 04:58:41 GMT; Max-Age=7200; path=/; HttpOnly
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
cf-cache-status: DYNAMIC
cf-request-id: 0434f4b437000006257c0ba200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5b9b570058eb0625-FRA
content-encoding: br

GET
H2 200 master.css
threatintelligenceplatform.com/css/ 276 KB
39 KB 20ms
18ms Stylesheet
text/css 2606:4700:20::ac43:4739
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://threatintelligenceplatform.com/css/master.css?id=2df87b5a6506de7c8a56

Requested by

Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4739 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32647e81620c29b880f24c0cdce4cdd83a14a72f02f3a7ef356dc6a88e90ee88

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 02:58:42 GMT
content-encoding: br
cf-cache-status: HIT
age: 1991
cf-polished: origSize=282578
status: 200
cf-request-id: 0434f4b796000006257c0dc200000001
last-modified: Thu, 28 Nov 2019 09:54:09 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5ddf9941-44fd2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
expires: Tue, 28 Jul 2020 14:25:31 GMT
cache-control: max-age=2678400
cf-ray: 5b9b5705bfc70625-FRA
cf-bgj: minify

GET
H2 200 report.css
threatintelligenceplatform.com/css/ 6 KB
2 KB 12ms
9ms Stylesheet
text/css 2606:4700:20::ac43:4739
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://threatintelligenceplatform.com/css/report.css?ver=10914

Requested by

Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4739 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a1b75661561dc5dd500cd6654a69d331eabd9ede20c6579c136ae8aac82cd3c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 02:58:42 GMT
content-encoding: br
cf-cache-status: HIT
x-original-content-length: 6015
age: 34270
cf-polished: origSize=6015
status: 200
cf-request-id: 0434f4b796000006257c0dd200000001
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5c10caba-177f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2678400
cf-ray: 5b9b5705bfc90625-FRA
expires: Mon, 27 Jul 2020 22:43:14 GMT

GET
H2 200 popUpInfoModal.css
threatintelligenceplatform.com/css/ 4 KB
1 KB 12ms
10ms Stylesheet
text/css 2606:4700:20::ac43:4739
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://threatintelligenceplatform.com/css/popUpInfoModal.css?ver=10914

Requested by

Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4739 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2937d3e363b43a8560349d8415de3a64955014c3451367846763a71709d092b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 02:58:42 GMT
content-encoding: br
cf-cache-status: HIT
age: 2113
cf-polished: origSize=4123
status: 200
cf-request-id: 0434f4b796000006257c0de200000001
last-modified: Tue, 08 May 2018 11:21:57 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5af18855-101b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
expires: Tue, 28 Jul 2020 14:23:29 GMT
cache-control: max-age=2678400
cf-ray: 5b9b5705bfca0625-FRA
cf-bgj: minify

GET
H2 200 reportMap.css
threatintelligenceplatform.com/css/ 6 KB
1 KB 12ms
10ms Stylesheet
text/css 2606:4700:20::ac43:4739
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://threatintelligenceplatform.com/css/reportMap.css?ver=10914

Requested by

Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4739 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

840f71f49d83d9f89d69da3c7b2c98ad3c85583746a2e5a2a6a55326c452a411

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 02:58:42 GMT
content-encoding: br
cf-cache-status: HIT
age: 2113
cf-polished: origSize=6003
status: 200
cf-request-id: 0434f4b797000006257c0df200000001
last-modified: Mon, 13 May 2019 06:02:35 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5cd9087b-1773"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
expires: Tue, 28 Jul 2020 14:23:29 GMT
cache-control: max-age=2678400
cf-ray: 5b9b5705bfcb0625-FRA
cf-bgj: minify

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
4 KB 9ms
7ms Script
application/javascript 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 02:58:42 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Thu, 23 Jul 2020 16:13:23 GMT
server: cloudflare
etag: W/"5f19b723-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 5b9b5705bfeb176a-FRA
cf-request-id: 0434f4b7970000176afc9f9200000001
expires: Thu, 30 Jul 2020 02:58:42 GMT

GET
H2 200 queued-logo.png
threatintelligenceplatform.com/images/ 5 KB
5 KB 10ms
9ms Image
image/png 2606:4700:20::ac43:4739
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://threatintelligenceplatform.com/images/queued-logo.png

Requested by

Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4739 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be3fbc8568387ab22698d6e7e19c8c6c76b4743ab500c9c37518a72c08657efa

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 02:58:42 GMT
cf-cache-status: HIT
age: 2113
cf-polished: pngoptimizer, origSize=8027
status: 200
content-length: 5287
cf-request-id: 0434f4b7ab000006257c0e2200000001
last-modified: Fri, 18 Aug 2017 08:49:19 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5996aa0f-1f5b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
expires: Tue, 28 Jul 2020 14:23:29 GMT
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 5b9b5705dfef0625-FRA
cf-bgj: imgq:85

GET
H2 200 excellence-180x45.gif
partner.domaining.com/award/ 9 KB
10 KB 425ms
134ms Image
image/gif 207.21.195.85
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.domaining.com/award/excellence-180x45.gif
Requested by: Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 207.21.195.85 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: partner.domaining.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 01ea09ab3189de1ac9a5cbd0d9b0c52b3611c6590a44e1a56ef3446b2cd058d1

Request headers

Referer: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 02:58:42 GMT
last-modified: Tue, 15 Mar 2011 08:55:34 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "cea618bfeee2cb1:0"
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
status: 200
accept-ranges: bytes
content-type: image/gif
content-length: 9717

GET
H2 200 ammap.css
threatintelligenceplatform.com/js/ammap/ 1009 B
450 B 9ms
9ms Stylesheet
text/css 2606:4700:20::ac43:4739
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://threatintelligenceplatform.com/js/ammap/ammap.css

Requested by

Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4739 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0c228671f96a720f70df44a388e030df52f8d74a246702adbcad4197127d6a8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 02:58:42 GMT
content-encoding: br
cf-cache-status: HIT
age: 2113
cf-polished: origSize=1265
status: 200
cf-request-id: 0434f4b7a3000006257c0e0200000001
last-modified: Fri, 19 Jan 2018 15:16:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5a620be4-4f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
expires: Tue, 28 Jul 2020 14:23:29 GMT
cache-control: max-age=2678400
cf-ray: 5b9b5705dfe30625-FRA
cf-bgj: minify

GET
H2 200 css
fonts.googleapis.com/ 9 KB
911 B 22ms
22ms Stylesheet
text/css 2a00:1450:4001:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,300,400,700

Requested by

Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bdd6c9be5f6c8df413940bb4336b6debb8bf4a5459bf10ba8fd1ba61a1c63115

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 28 Jul 2020 02:15:16 GMT
server: ESF
date: Tue, 28 Jul 2020 02:58:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Jul 2020 02:58:42 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 1500
date: Tue, 28 Jul 2020 02:33:42 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Tue, 28 Jul 2020 04:33:42 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 3 KB
2 KB 7ms
6ms Script
application/x-javascript 2a02:26f0:6c00:28c::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28c::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 28 Jul 2020 02:58:42 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Oct 2019 16:41:31 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=26251
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1576

GET
H2 200 hotjar-945748.js Show response
static.hotjar.com/c/ 3 KB
2 KB 96ms
33ms Script
application/javascript 147.75.100.245
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-945748.js?sv=6

Requested by

Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.100.245 Central, Hong Kong, ASN54825 (PACKET, US),

Reverse DNS

pkt-ams-k2-shared-ingress2

Software

Resource Hash

720fb7bb66fb08b9cfec985eb82deaf81e6040757e42c2e8b018962ac71acd50

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 02:58:42 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: application/javascript
section-io-tag: hotjarjs
age: 357
status: 200
section-io-cache: Hit
vary: Accept-Encoding
content-length: 1533
cache-control: max-age=60
etag: W/306606a9dc866729106f5f2f3b364bd9
access-control-max-age: 600
section-io-origin-status: 304
access-control-allow-origin: *
x-cache-hit: 1
section-io-origin-time-seconds: 0.024
accept-ranges: bytes
section-io-id: b1e052a5b29380a77b10a699dc3e52e3
section-origin-responded: true

GET
H/1.1 200
OK 172412.js Show response
secure.perk0mean.com/js/ 16 B
403 B 217ms
35ms Script
text/javascript 51.140.39.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.perk0mean.com/js/172412.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.140.39.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: dd8a4362e18759915e1bfce06fd0666f9f8fc17b60e7737963a4194e3a3b58b2

Request headers

Referer: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Tue, 28 Jul 2020 02:58:41 GMT
Content-Encoding: gzip
Server: Kestrel
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: no-store, must-revalidate
Transfer-Encoding: chunked
Expires: 0

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=54393046&t=pageview&_s=1&dl=https%3A%2F%2Fthreatintelligenceplatform.com%2Freport%2Fmexichemcorp.com%2FVI8rBpYgrD&ul=en-us&de=UTF-8&dt=Websit...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-104654692-1&cid=2018953909.1595905122&jid=321602832&_gid=273934282.1595905122&gjid=1156261033&_v=j83&z=1805251111

35 B
99 B

15ms
14ms

Image
image/gif

2a00:1450:400c:c0a::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-104654692-1&cid=2018953909.1595905122&jid=321602832&_gid=273934282.1595905122&gjid=1156261033&_v=j83&z=1805251111

Requested by

Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 28 Jul 2020 02:58:42 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Jul 2020 02:58:42 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-104654692-1&cid=2018953909.1595905122&jid=321602832&_gid=273934282.1595905122&gjid=1156261033&_v=j83&z=1805251111
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 419
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 85 KB
29 KB 16ms
15ms Script
application/javascript 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 28 Jul 2020 02:58:42 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 8209172
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0434f4b8a50000176afca06200000001
served-in-seconds: 0.003
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:21:00 GMT
server: cloudflare
etag: W/"5afd497c-1538f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 5b9b5707699e176a-FRA
expires: Sun, 18 Jul 2021 02:58:42 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=167604&url=https%3A%2F%2Fthreatintelligenceplatform.com%2Freport%2Fmexichemcorp.com%2FVI8rBpYgrD&time=1595905122475
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D167604%26url%3Dhttps%253A%252F%252Fthreatintelligenceplatform.com%252Freport%252F...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=167604&url=https%3A%2F%2Fthreatintelligenceplatform.com%2Freport%2Fmexichemcorp.com%2FVI8rBpYgrD&time=1595905122475&liSync=true

0
41 B

113ms
112ms

Image
application/javascript

2a05:f500:10:101::b93f:9105
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=167604&url=https%3A%2F%2Fthreatintelligenceplatform.com%2Freport%2Fmexichemcorp.com%2FVI8rBpYgrD&time=1595905122475&liSync=true
Requested by: Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash

Request headers

Referer: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 02:58:42 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
status: 200
x-li-proto: http/2
x-li-pop: prod-efr5
content-type: application/javascript
content-length: 0
x-li-uuid: 1Qpw8EDLJRZAZ4uiXysAAA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-content-type-options: nosniff
linkedin-action: 1
status: 302
content-length: 0
x-li-uuid: QKV77EDLJRZQLqq5vCoAAA==
pragma: no-cache
x-li-pop: afd-prod-lva1
x-msedge-ref: Ref A: 1B509E35F9414F2097D2ED9BE48AC14E Ref B: FRAEDGE1118 Ref C: 2020-07-28T02:58:42Z
x-frame-options: sameorigin
date: Tue, 28 Jul 2020 02:58:41 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=2592000
x-li-fabric: prod-lva1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=167604&url=https%3A%2F%2Fthreatintelligenceplatform.com%2Freport%2Fmexichemcorp.com%2FVI8rBpYgrD&time=1595905122475&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
DATA 200
OK truncated
/ 15 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b576a47ff3225552f7f4d4541a0f39cba95328856ebd0af7a53c095e6b8876bc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 BG-header.jpg
threatintelligenceplatform.com/images/ 9 KB
9 KB 13ms
13ms Image
image/jpeg 2606:4700:20::ac43:4739
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://threatintelligenceplatform.com/images/BG-header.jpg?1f4787a810697f48ffe10df556741a83

Requested by

Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4739 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab6833ad59358ad200484ef36cd6faf7872538c390005c4eece109ef97b5f757

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatintelligenceplatform.com/css/master.css?id=2df87b5a6506de7c8a56
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 02:58:42 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2112
cf-polished: status=not_needed
status: 200
content-length: 8941
cf-request-id: 0434f4b8c9000006257c0eb200000001
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "5c18ea64-22ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 5b9b5707aa400625-FRA
expires: Tue, 28 Jul 2020 12:53:28 GMT

GET
H2 200 fontawesome-webfont.woff2
threatintelligenceplatform.com/fonts/vendor/font-awesome/ 75 KB
76 KB 654ms
654ms Font
application/octet-stream 2606:4700:20::ac43:4739
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://threatintelligenceplatform.com/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e

Requested by

Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4739 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatintelligenceplatform.com/css/master.css?id=2df87b5a6506de7c8a56
Origin: https://threatintelligenceplatform.com

Response headers

date: Tue, 28 Jul 2020 02:58:43 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
status: 200
content-length: 77160
cf-request-id: 0434f4b8cb000006257c0ec200000001
last-modified: Tue, 18 Dec 2018 12:39:00 GMT
server: cloudflare
etag: "5c18ea64-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
cache-control: max-age=2678400, s-maxage=10
accept-ranges: bytes
cf-ray: 5b9b5707aa430625-FRA
expires: Tue, 28 Jul 2020 14:58:43 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 37ms
36ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:100,300,400,700
Origin: https://threatintelligenceplatform.com

Response headers

date: Sat, 11 Jul 2020 09:25:45 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 1445577
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Sun, 11 Jul 2021 09:25:45 GMT

GET
H2 200 KFOkCnqEu92Fr1MmgVxIIzIXKMny.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 37ms
36ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOkCnqEu92Fr1MmgVxIIzIXKMny.woff2

Requested by

Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

969d3b8c3b846ba9d4dd5fa3936ec2c610f4f9f67f6f880cc9b00ebda3414083

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:100,300,400,700
Origin: https://threatintelligenceplatform.com

Response headers

date: Wed, 08 Jul 2020 18:00:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:40 GMT
server: sffe
age: 1673868
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10984
x-xss-protection: 0
expires: Thu, 08 Jul 2021 18:00:54 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 36ms
36ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:100,300,400,700
Origin: https://threatintelligenceplatform.com

Response headers

date: Fri, 12 Jun 2020 13:44:12 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 3935670
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Sat, 12 Jun 2021 13:44:12 GMT

GET
H2 200 polyfill.min.js Show response
cdn.polyfill.io/v2/ 222 B
583 B 23ms
6ms Script
text/javascript 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 6612907
detected-user-agent: Chrome Mobile/83.0.4103
status: 200
request_came_from_shield: FRA
server-timing: HIT, fastly;desc="Edge time";dur=0, HIT, fastly;desc="Edge time";dur=0
content-length: 126
referrer-policy: origin-when-cross-origin
last-modified: Tue, 12 May 2020 13:13:14 GMT
date: Tue, 28 Jul 2020 02:58:42 GMT
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/83.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 modules.37c2e0d4d37c46633a9b.js Show response
script.hotjar.com/ 425 KB
87 KB 117ms
39ms Script
application/javascript 147.75.100.245
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.hotjar.com/modules.37c2e0d4d37c46633a9b.js
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-945748.js?sv=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.100.245 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress2
Software: /
Resource Hash: 6d24726eca1a25f05215bea04501dc99c4605f43881197391bac0425a022e3c4

Request headers

Referer: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 02:58:42 GMT
content-encoding: br
age: 45709
status: 200
section-io-cache: Hit
content-length: 88910
last-modified: Mon, 27 Jul 2020 14:12:53 GMT
etag: "de9c5242ee0aac5ac2e3c151fd547922"
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.026
section-io-id: 818f812b3cb13ef151ad1c5a2289f3b8
accept-ranges: bytes
content-type: application/javascript
section-origin-responded: true

GET
H2 200 box2dForMap.js Show response
threatintelligenceplatform.com/js/ 2 KB
689 B 15ms
12ms Script
application/javascript 2606:4700:20::ac43:4739
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://threatintelligenceplatform.com/js/box2dForMap.js?ver=10914

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4739 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cd2a78107b2738610e334c7e34591cd5f6de12234c3f9f593af742be90e6c70

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 02:58:42 GMT
content-encoding: br
cf-cache-status: HIT
age: 2112
status: 200
cf-bgj: minify
cf-request-id: 0434f4b944000006257c0f1200000001
last-modified: Fri, 05 Apr 2019 10:37:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5ca72ff3-69d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 5b9b57086b580625-FRA
expires: Tue, 28 Jul 2020 14:23:30 GMT

GET
H2 200 reportMap.js Show response
threatintelligenceplatform.com/js/ 5 KB
2 KB 15ms
12ms Script
application/javascript 2606:4700:20::ac43:4739
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://threatintelligenceplatform.com/js/reportMap.js?ver=10914

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4739 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4455960bf701ccb5440c16b0b0e5fa240dcb07c12f917aa4db90d0f85de5aaa5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 02:58:42 GMT
content-encoding: br
cf-cache-status: HIT
x-original-content-length: 5497
age: 2112
status: 200
cf-request-id: 0434f4b944000006257c0f2200000001
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5ca72ff3-1579"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 5b9b57086b590625-FRA
expires: Tue, 28 Jul 2020 14:23:30 GMT

GET
H2 200 geopoint.js Show response
threatintelligenceplatform.com/js/geopoint/ 1 KB
680 B 14ms
11ms Script
application/javascript 2606:4700:20::ac43:4739
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://threatintelligenceplatform.com/js/geopoint/geopoint.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4739 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60cbe25dd5209cee8011a8c943bb631fb1fa7aa341d49e0a5a06f5b2b9568bbb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 02:58:42 GMT
content-encoding: br
cf-cache-status: HIT
x-original-content-length: 1324
age: 2112
status: 200
cf-request-id: 0434f4b944000006257c0f3200000001
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5a620be4-52c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 5b9b57086b5a0625-FRA
expires: Tue, 28 Jul 2020 14:23:30 GMT

GET
H2 200 Box2dWeb-2.1.a.3.min.js Show response
www.amcharts.com/lib/box2d/ 220 KB
43 KB 704ms
643ms Script
application/x-javascript 104.26.7.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amcharts.com/lib/box2d/Box2dWeb-2.1.a.3.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.7.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 161c240927acb1f66059684b5feb7c0e9fe17823a32f39a65cc575aacaae8df2

Request headers

Referer: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 02:58:43 GMT
content-encoding: br
cf-cache-status: EXPIRED
status: 200
cf-request-id: 0434f4b98a00000c2d2e2b9200000001
last-modified: Wed, 21 Nov 2018 14:13:02 GMT
server: cloudflare
etag: W/"36ea7-5bf567ee-d9c4509621e3efe9;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 5b9b5708dc430c2d-AMS
expires: Tue, 04 Aug 2020 02:58:43 GMT

GET
H2 200 ammap.js Show response
threatintelligenceplatform.com/js/ammap/ 164 KB
46 KB 19ms
16ms Script
application/javascript 2606:4700:20::ac43:4739
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://threatintelligenceplatform.com/js/ammap/ammap.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4739 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e247e06091d6a90acf1e640b5743f7e99252a15b0572a3dd8da23246439887a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 02:58:42 GMT
content-encoding: br
cf-cache-status: HIT
age: 2112
cf-polished: origSize=168087
status: 200
cf-request-id: 0434f4b944000006257c0f4200000001
last-modified: Fri, 19 Jan 2018 15:16:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5a620be4-29097"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
expires: Tue, 28 Jul 2020 14:23:30 GMT
cache-control: max-age=2678400
cf-ray: 5b9b57086b5d0625-FRA
cf-bgj: minify

GET
H2 200 worldLow.js Show response
www.amcharts.com/lib/3/maps/js/ 147 KB
58 KB 103ms
41ms Script
application/x-javascript 104.26.7.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amcharts.com/lib/3/maps/js/worldLow.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.7.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f73ff9347818e52f3254609240310eb94b39d3f6b0063d43a003a8c9ec8278

Request headers

Referer: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 02:58:42 GMT
content-encoding: br
cf-cache-status: HIT
age: 3066
cf-polished: origSize=158496
status: 200
cf-request-id: 0434f4b98a00000c2d2e2ba200000001
last-modified: Mon, 06 May 2019 10:50:30 GMT
server: cloudflare
etag: W/"26b20-5cd01176-5f5f1494994760b3;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
access-control-allow-origin: *
expires: Tue, 04 Aug 2020 02:58:42 GMT
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 5b9b5708dc440c2d-AMS
cf-bgj: minify

GET
H2 200 dataloader.min.js Show response
cdnjs.cloudflare.com/ajax/libs/amcharts/3.21.12/plugins/dataloader/ 7 KB
3 KB 16ms
13ms Script
application/javascript 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/amcharts/3.21.12/plugins/dataloader/dataloader.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cae7bac7f1593451b941d21a66cd560612bf29a1678be4019d5d579cfd4994d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 02:58:42 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 23397756
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0434f4b9440000176afca0b200000001
served-in-seconds: 0.000
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:15:20 GMT
server: cloudflare
etag: W/"5afd4828-1a8b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 5b9b57086ab1176a-FRA
expires: Sun, 18 Jul 2021 02:58:42 GMT

GET
H2 200 light.js Show response
cdnjs.cloudflare.com/ajax/libs/amcharts/3.21.12/themes/ 4 KB
1 KB 17ms
14ms Script
application/javascript 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/amcharts/3.21.12/themes/light.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffc75d0151232d7702d70e1a72854de57a69df4f0099e61abaf6bfc2cde8f121

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 02:58:42 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 9862833
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0434f4b9440000176afca0c200000001
served-in-seconds: 0.000
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:15:20 GMT
server: cloudflare
etag: W/"5afd4828-f1f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 5b9b57086ab3176a-FRA
expires: Sun, 18 Jul 2021 02:58:42 GMT

GET
H2 200 amcharts.js Show response
cdnjs.cloudflare.com/ajax/libs/amcharts/3.21.12/ 206 KB
60 KB 27ms
24ms Script
application/javascript 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/amcharts/3.21.12/amcharts.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0565aeb9d15b05a3874a3d1f0fe1e366d8849f8e4f40d97e03312b279c026368

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 02:58:42 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 14581185
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0434f4b9450000176afca0d200000001
served-in-seconds: 0.005
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:15:20 GMT
server: cloudflare
etag: W/"5afd4828-336bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 5b9b57086ab5176a-FRA
expires: Sun, 18 Jul 2021 02:58:42 GMT

GET
H2 200 clipboard.min.js Show response
cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.7.1/ 11 KB
3 KB 15ms
13ms Script
application/javascript 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.7.1/clipboard.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 02:58:42 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 23399346
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0434f4b9450000176afca0e200000001
served-in-seconds: 0.001
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:18:33 GMT
server: cloudflare
etag: W/"5afd48e9-2aa5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 5b9b57086ab7176a-FRA
expires: Sun, 18 Jul 2021 02:58:42 GMT

GET
H2 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.22.1/ 50 KB
16 KB 17ms
15ms Script
application/javascript 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.22.1/moment.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f74b7103124df51dc2c0e42e93da8bc7bce703f34f9f82a6820edd81022f76a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 02:58:42 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 7259864
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0434f4b9450000176afca0f200000001
served-in-seconds: 0.002
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:23:06 GMT
server: cloudflare
etag: W/"5afd49fa-c9b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 5b9b57086ab8176a-FRA
expires: Sun, 18 Jul 2021 02:58:42 GMT

GET
H2 200 dictionary.js Show response
threatintelligenceplatform.com/js/lang/ 172 KB
24 KB 18ms
15ms Script
application/javascript 2606:4700:20::ac43:4739
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://threatintelligenceplatform.com/js/lang/dictionary.js?ver=10914

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4739 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bb95e1e47a43da0449f186fc7f12b2a421822fee6af8ec1370db42a181cf823

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 02:58:42 GMT
content-encoding: br
cf-cache-status: HIT
age: 2112
status: 200
cf-bgj: minify
cf-request-id: 0434f4b945000006257c0f5200000001
last-modified: Tue, 03 Mar 2020 06:14:43 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5e5df5d3-2af5f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 5b9b57086b620625-FRA
expires: Tue, 28 Jul 2020 14:23:30 GMT

GET
H2 200 report.js Show response
threatintelligenceplatform.com/js/ 16 KB
5 KB 14ms
12ms Script
application/javascript 2606:4700:20::ac43:4739
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://threatintelligenceplatform.com/js/report.js?ver=10914

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4739 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4578ee16184cc1570aeae20e023a59acc3e5426b1339f310c2500e4f07bbf961

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 02:58:42 GMT
content-encoding: br
cf-cache-status: HIT
age: 2112
status: 200
cf-bgj: minify
cf-request-id: 0434f4b945000006257c0f6200000001
last-modified: Fri, 05 Apr 2019 10:37:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5ca72ff3-402c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 5b9b57086b640625-FRA
expires: Tue, 28 Jul 2020 14:23:30 GMT

GET
H2 200 jquery-migrate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.0.0/ 7 KB
3 KB 16ms
14ms Script
application/javascript 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.0.0/jquery-migrate.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26494360e0db8345fef2c3e22a47055116f9cfb46f94d308684dd1036cfdeefc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 02:58:42 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 14841642
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0434f4b9450000176afca10200000001
served-in-seconds: 0.000
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:20:12 GMT
server: cloudflare
etag: W/"5afd494c-1bab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 5b9b57086ab9176a-FRA
expires: Sun, 18 Jul 2021 02:58:42 GMT

GET
H2 200 master.js Show response
threatintelligenceplatform.com/js/ 148 KB
41 KB 22ms
20ms Script
application/javascript 2606:4700:20::ac43:4739
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://threatintelligenceplatform.com/js/master.js?id=df15fbce26621287cd29

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4739 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63ed7bbdf669e89969d700ce49763e38b49f6ef65fc1446b660ac33e08dbc013

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 02:58:42 GMT
content-encoding: br
cf-cache-status: HIT
x-original-content-length: 151239
age: 2112
status: 200
cf-request-id: 0434f4b945000006257c0f7200000001
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5ddf9941-24ec7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 5b9b57086b660625-FRA
expires: Tue, 28 Jul 2020 14:23:30 GMT

GET
H2 200 commonFunctions.js Show response
threatintelligenceplatform.com/js/helpers/ 4 KB
1 KB 13ms
11ms Script
application/javascript 2606:4700:20::ac43:4739
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://threatintelligenceplatform.com/js/helpers/commonFunctions.js?ver=10914

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4739 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07952b863c7aa90962cffe8328b51d18d204d83c4602759a25549553f2cf80b2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 02:58:42 GMT
content-encoding: br
cf-cache-status: HIT
x-original-content-length: 4172
age: 22955
status: 200
cf-request-id: 0434f4b945000006257c0f8200000001
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5d39a210-104c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 5b9b57086b680625-FRA
expires: Tue, 28 Jul 2020 08:36:07 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 674 B
545 B 18ms
16ms Script
text/javascript 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fa3d7a81033aa528fcb9e450d51011de199b00b03693595d186eb78191653fd4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 02:58:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 446
x-xss-protection: 1; mode=block
expires: Tue, 28 Jul 2020 02:58:42 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/r8WWNwsCvXtk22_oRSVCCZx9/ 330 KB
130 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/r8WWNwsCvXtk22_oRSVCCZx9/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61394e856497a7705a004cb627296445fe074d1f78b10ab81071915059b5a926

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 20 Jul 2020 16:39:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 20 Jul 2020 04:04:52 GMT
server: sffe
age: 641963
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133183
x-xss-protection: 0
expires: Tue, 20 Jul 2021 16:39:20 GMT

GET
H/1.1 200
OK VI8rBpYgrD Show response
api.threatintelligenceplatform.com/api/reports/ 19 KB
5 KB 210ms
210ms XHR
application/json 2607:f2d8:1:23::2
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL

https://api.threatintelligenceplatform.com/api/reports/VI8rBpYgrD

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2607:f2d8:1:23::2 , United States, ASN18450 (WEBNX, US),

Reverse DNS

Software

nginx /

Resource Hash

3ddcf4899239d396938c5dc2e8e8e146a85648953d05a922510eb44305908ae2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json
Referer: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 28 Jul 2020 02:58:43 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
Content-Type: application/json
Access-Control-Allow-Origin: *
X-RateLimit-Remaining: 179
Cache-Control: no-cache, private
Transfer-Encoding: chunked
X-RateLimit-Limit: 180
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers

POST
H2 204 ngx_pagespeed_beacon Show response
threatintelligenceplatform.com/ 0
105 B 644ms
643ms XHR
text/plain 2606:4700:20::ac43:4739
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://threatintelligenceplatform.com/ngx_pagespeed_beacon?url=https%3A%2F%2Fthreatintelligenceplatform.com%2Freport%2Fmexichemcorp.com%2FVI8rBpYgrD

Requested by

Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4739 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 28 Jul 2020 02:58:44 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
status: 204
cache-control: max-age=0, no-cache
cf-ray: 5b9b570d29d80625-FRA
cf-request-id: 0434f4bc38000006257c10e200000001

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 2FA2 0
0 107ms
35ms Document
text/html 147.75.100.245
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-945748.js?sv=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.100.245 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress2
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD

Response headers

status: 200
date: Tue, 28 Jul 2020 02:58:43 GMT
content-type: text/html
content-length: 851
last-modified: Mon, 27 Jul 2020 17:12:24 GMT
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control: max-age=31536000
content-encoding: br
section-io-origin-status: 200
section-io-origin-time-seconds: 0.031
section-origin-responded: true
age: 6356
vary: Accept-Encoding
section-io-cache: Hit
accept-ranges: bytes
section-io-id: 1f96c0573a75c30ba28231cdfd86d001

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame 26CB 0
0 30ms
30ms Document
text/html 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc7L2EUAAAAANVoe3FQqoC0RjmlZt1C-y634SCZ&co=aHR0cHM6Ly90aHJlYXRpbnRlbGxpZ2VuY2VwbGF0Zm9ybS5jb206NDQz&hl=en&v=r8WWNwsCvXtk22_oRSVCCZx9&size=invisible&badge=bottomright&cb=gmcf63xhpwn6

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/r8WWNwsCvXtk22_oRSVCCZx9/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wP7ACcgHWS/SgCdOkdCNDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Lc7L2EUAAAAANVoe3FQqoC0RjmlZt1C-y634SCZ&co=aHR0cHM6Ly90aHJlYXRpbnRlbGxpZ2VuY2VwbGF0Zm9ybS5jb206NDQz&hl=en&v=r8WWNwsCvXtk22_oRSVCCZx9&size=invisible&badge=bottomright&cb=gmcf63xhpwn6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 28 Jul 2020 02:58:43 GMT
content-security-policy: script-src 'report-sample' 'nonce-wP7ACcgHWS/SgCdOkdCNDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10261
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/945748/ 178 B
320 B 138ms
48ms XHR
application/json 34.254.3.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/945748/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.37c2e0d4d37c46633a9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.3.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-3-164.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd

Request headers

Referer: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Tue, 28 Jul 2020 02:58:43 GMT
content-encoding: br
status: 200
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true

GET
H2 200 bframe
www.google.com/recaptcha/api2/ Frame B135 0
0 61ms
60ms Document
text/html 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=r8WWNwsCvXtk22_oRSVCCZx9&k=6Lc7L2EUAAAAANVoe3FQqoC0RjmlZt1C-y634SCZ&cb=7udn1cl72rkn

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/r8WWNwsCvXtk22_oRSVCCZx9/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-p1zaXHpvpU9QjBzFZVthxw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=r8WWNwsCvXtk22_oRSVCCZx9&k=6Lc7L2EUAAAAANVoe3FQqoC0RjmlZt1C-y634SCZ&cb=7udn1cl72rkn
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 28 Jul 2020 02:58:43 GMT
content-security-policy: script-src 'report-sample' 'nonce-p1zaXHpvpU9QjBzFZVthxw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1176
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK VI8rBpYgrD Show response
api.threatintelligenceplatform.com/api/reports/ 19 KB
5 KB 213ms
212ms XHR
application/json 2607:f2d8:1:23::2
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL

https://api.threatintelligenceplatform.com/api/reports/VI8rBpYgrD

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2607:f2d8:1:23::2 , United States, ASN18450 (WEBNX, US),

Reverse DNS

Software

nginx /

Resource Hash

3ddcf4899239d396938c5dc2e8e8e146a85648953d05a922510eb44305908ae2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json
Referer: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 28 Jul 2020 02:58:44 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
Content-Type: application/json
Access-Control-Allow-Origin: *
X-RateLimit-Remaining: 178
Cache-Control: no-cache, private
Transfer-Encoding: chunked
X-RateLimit-Limit: 180
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers

GET
H/1.1 200
OK VI8rBpYgrD.png
api.threatintelligenceplatform.com/storage/screenshots/thumbnails/ 20 KB
20 KB 641ms
316ms Image
image/png 2607:f2d8:1:23::2
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.threatintelligenceplatform.com/storage/screenshots/thumbnails/VI8rBpYgrD.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2607:f2d8:1:23::2 , United States, ASN18450 (WEBNX, US),

Reverse DNS

Software

nginx /

Resource Hash

4de5421ebf2bb8096d696ceb117244d10c95357e5f918e079b94f099200dfbca

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatintelligenceplatform.com/report/mexichemcorp.com/VI8rBpYgrD
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 28 Jul 2020 02:58:44 GMT
Last-Modified: Tue, 28 Jul 2020 02:23:42 GMT
Server: nginx
ETag: "5f1f8c2e-4fe2"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20450

Verdicts & Comments Add Verdict or Comment

139 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.0.0/jquery-migrate.min.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.cloudflare.com
api.threatintelligenceplatform.com
cdn.polyfill.io
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
in.hotjar.com
partner.domaining.com
px.ads.linkedin.com
script.hotjar.com
secure.perk0mean.com
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
threatintelligenceplatform.com
vars.hotjar.com
www.amcharts.com
www.google-analytics.com
www.google.com
www.gstatic.com
www.linkedin.com
104.26.7.186
147.75.100.245
207.21.195.85
2606:4700:20::ac43:4739
2606:4700::6810:85e5
2607:f2d8:1:23::2
2620:1ec:21::14
2a00:1450:4001:806::2003
2a00:1450:4001:815::200e
2a00:1450:4001:819::2003
2a00:1450:4001:81d::2004
2a00:1450:4001:81f::200a
2a00:1450:400c:c0a::9b
2a02:26f0:6c00:28c::25ea
2a04:4e42:3::621
2a05:f500:10:101::b93f:9105
34.254.3.164
51.140.39.77
01ea09ab3189de1ac9a5cbd0d9b0c52b3611c6590a44e1a56ef3446b2cd058d1
0565aeb9d15b05a3874a3d1f0fe1e366d8849f8e4f40d97e03312b279c026368
07952b863c7aa90962cffe8328b51d18d204d83c4602759a25549553f2cf80b2
08f73ff9347818e52f3254609240310eb94b39d3f6b0063d43a003a8c9ec8278
0bb95e1e47a43da0449f186fc7f12b2a421822fee6af8ec1370db42a181cf823
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
161c240927acb1f66059684b5feb7c0e9fe17823a32f39a65cc575aacaae8df2
26494360e0db8345fef2c3e22a47055116f9cfb46f94d308684dd1036cfdeefc
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2f74b7103124df51dc2c0e42e93da8bc7bce703f34f9f82a6820edd81022f76a
32647e81620c29b880f24c0cdce4cdd83a14a72f02f3a7ef356dc6a88e90ee88
3ddcf4899239d396938c5dc2e8e8e146a85648953d05a922510eb44305908ae2
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
4455960bf701ccb5440c16b0b0e5fa240dcb07c12f917aa4db90d0f85de5aaa5
4578ee16184cc1570aeae20e023a59acc3e5426b1339f310c2500e4f07bbf961
4de5421ebf2bb8096d696ceb117244d10c95357e5f918e079b94f099200dfbca
4e247e06091d6a90acf1e640b5743f7e99252a15b0572a3dd8da23246439887a
5cd2a78107b2738610e334c7e34591cd5f6de12234c3f9f593af742be90e6c70
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
60cbe25dd5209cee8011a8c943bb631fb1fa7aa341d49e0a5a06f5b2b9568bbb
61394e856497a7705a004cb627296445fe074d1f78b10ab81071915059b5a926
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd
63ed7bbdf669e89969d700ce49763e38b49f6ef65fc1446b660ac33e08dbc013
6d24726eca1a25f05215bea04501dc99c4605f43881197391bac0425a022e3c4
720fb7bb66fb08b9cfec985eb82deaf81e6040757e42c2e8b018962ac71acd50
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
840f71f49d83d9f89d69da3c7b2c98ad3c85583746a2e5a2a6a55326c452a411
90becca85ee5cadf8e04892c62ecf554376b5717cdc4a96b5a7b23c4ff577752
969d3b8c3b846ba9d4dd5fa3936ec2c610f4f9f67f6f880cc9b00ebda3414083
9a1b75661561dc5dd500cd6654a69d331eabd9ede20c6579c136ae8aac82cd3c
a2937d3e363b43a8560349d8415de3a64955014c3451367846763a71709d092b
ab6833ad59358ad200484ef36cd6faf7872538c390005c4eece109ef97b5f757
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b576a47ff3225552f7f4d4541a0f39cba95328856ebd0af7a53c095e6b8876bc
bdd6c9be5f6c8df413940bb4336b6debb8bf4a5459bf10ba8fd1ba61a1c63115
be3fbc8568387ab22698d6e7e19c8c6c76b4743ab500c9c37518a72c08657efa
cae7bac7f1593451b941d21a66cd560612bf29a1678be4019d5d579cfd4994d2
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
dd8a4362e18759915e1bfce06fd0666f9f8fc17b60e7737963a4194e3a3b58b2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0c228671f96a720f70df44a388e030df52f8d74a246702adbcad4197127d6a8
fa3d7a81033aa528fcb9e450d51011de199b00b03693595d186eb78191653fd4
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
ffc75d0151232d7702d70e1a72854de57a69df4f0099e61abaf6bfc2cde8f121

threatintelligenceplatform.com Open in urlscan Pro 2606:4700:20::ac43:4739 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

50 Requests

100 %HTTPS

72 %IPv6

14 Domains

21 Subdomains

18 IPs

8 Countries

813 kBTransfer

2628 kBSize

0 Cookies

20 Outgoing links

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

threatintelligenceplatform.com Open in urlscan Pro
2606:4700:20::ac43:4739 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

100 %
HTTPS

72 %
IPv6

14
Domains

21
Subdomains

18
IPs

8
Countries

813 kB
Transfer

2628 kB
Size

0
Cookies

50 HTTP transactions
1 data transactions