urlscan.io logo urlscan.io
SecurityTrails logo

app.roaring.io Open in urlscan Pro
2600:9000:236e:a400:8:5877:d200:93a1  Public Scan

Go To Rescan Add Verdict Report
URL: https://app.roaring.io/login
Submission: On December 13 via manual from NO — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 15 HTTP transactions. The main IP is 2600:9000:236e:a400:8:5877:d200:93a1, located in United States and belongs to AMAZON-02, US. The main domain is app.roaring.io.
TLS certificate: Issued by Amazon on January 8th 2021. Valid for: a year.
This is the only time app.roaring.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

4    2600:9000:236e:a400:8:5877:d200:93a1 (United States)

ASN16509 (AMAZON-02, US)
app.roaring.io
2    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    13.32.99.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-47.fra60.r.cloudfront.net
widget.intercom.io
3    18.66.139.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-109.fra60.r.cloudfront.net
js.intercomcdn.com
2    2600:9000:223c:ee00:1:3cb1:f900:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.roaring.io
Domain Requested by
4 app.roaring.io app.roaring.io
3 js.intercomcdn.com widget.intercom.io
2 assets.roaring.io app.roaring.io
2 connect.facebook.net app.roaring.io
connect.facebook.net
2 www.googletagmanager.com app.roaring.io
1 widget.intercom.io 1 redirects
1 www.google-analytics.com www.googletagmanager.com
1 fonts.googleapis.com app.roaring.io
15 8

This site contains links to these domains. Also see Links.

Domain
roaring.io
help.roaring.io
Subject Issuer Validity Valid
*.roaring.io
Amazon		 2021-01-08 -
2022-02-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-09-21 -
2021-12-20		 3 months crt.sh
*.intercomcdn.com
Amazon		 2021-03-01 -
2022-03-30		 a year crt.sh

This page contains 2 frames:

Primary Page: https://app.roaring.io/login
Frame ID: 8289A307D1A8DAB66B5B4C4BF79AF232
Requests: 13 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.b1f046bf.js
Frame ID: 20AEA973E14A2A21A4AF902847003720
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Roaring

Page Statistics

15
Requests

93 %
HTTPS

75 %
IPv6

7
Domains

8
Subdomains

7
IPs

2
Countries

1164 kB
Transfer

1953 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://widget.intercom.io/widget/izlc381t HTTP 302
  • https://js.intercomcdn.com/shim.latest.js

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
app.roaring.io/ 		11 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.roaring.io/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:a400:8:5877:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8499e5d9eef452a4c8db9bc07bc9b46bb3e532b0620575e60fdc9fecc396ec1f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html
content-length
10982
date
Mon, 13 Dec 2021 14:49:41 GMT
last-modified
Wed, 08 Dec 2021 13:59:01 GMT
etag
"356ed350a3948838b12096c508b009e2"
cache-control
public,must-revalidate,proxy-revalidate,max-age=0,no-store,no-cache
accept-ranges
bytes
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
referrer-policy
same-origin
x-cache
Error from cloudfront
via
1.1 00746b020527dcdbeca0dab6f6de299b.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
nsa8Tst8TSVpCjNjGJCDyVYwcr86PQ5v_Mb48AE0SPJzIYCeiZntiQ==
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-84002038-4
Requested by
Host: app.roaring.io
URL: https://app.roaring.io/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c4bdfe5b2ad79b592d1f17bdd1959d37fd949b669d92d09da8f4c644360183c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 14:49:40 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36247
x-xss-protection
0
last-modified
Mon, 13 Dec 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 13 Dec 2021 14:49:40 GMT
css
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500
Requested by
Host: app.roaring.io
URL: https://app.roaring.io/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 13 Dec 2021 14:36:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 13 Dec 2021 14:49:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 13 Dec 2021 14:49:40 GMT
main.f1c3cf95.chunk.css
app.roaring.io/2.0.5/static/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.roaring.io/2.0.5/static/css/main.f1c3cf95.chunk.css
Requested by
Host: app.roaring.io
URL: https://app.roaring.io/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:a400:8:5877:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dcde2531e4615e48f47f0b84abe927e7ff0f3f7c9b73bf499b1e0834209293b1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.roaring.io/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 14:49:41 GMT
via
1.1 00746b020527dcdbeca0dab6f6de299b.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
content-length
1657
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 08 Dec 2021 13:59:01 GMT
server
AmazonS3
x-frame-options
DENY
etag
"17f260d1f12bb1adb4ff3e3586d49f56"
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
text/css
cache-control
public,must-revalidate,proxy-revalidate,max-age=0,no-store,no-cache
accept-ranges
bytes
x-amz-cf-id
Lg-3pWSownDpKVr5QJG0vMdqd21ttLlE0HOoU_Y7munNe58-SfDn2w==
26.af298b4f.chunk.js
app.roaring.io/2.0.5/static/js/ 		616 KB
617 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.roaring.io/2.0.5/static/js/26.af298b4f.chunk.js
Requested by
Host: app.roaring.io
URL: https://app.roaring.io/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:a400:8:5877:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b932b9709c8468a06cfe1901d5edac5a82b96f77cf0cd254208c4405d4d9b8ce
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.roaring.io/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 14:49:41 GMT
via
1.1 00746b020527dcdbeca0dab6f6de299b.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
content-length
630686
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 08 Dec 2021 13:59:04 GMT
server
AmazonS3
x-frame-options
DENY
etag
"b3d94ff5e3b2105757cb6a17f54f511b"
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
application/javascript
cache-control
public,must-revalidate,proxy-revalidate,max-age=0,no-store,no-cache
accept-ranges
bytes
x-amz-cf-id
xniNXGS_o5XzHEGcIkEe_hPkJpFoJ58-I4UrD756aaL4MVGV1tOtVw==
main.3f9fe02d.chunk.js
app.roaring.io/2.0.5/static/js/ 		91 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.roaring.io/2.0.5/static/js/main.3f9fe02d.chunk.js
Requested by
Host: app.roaring.io
URL: https://app.roaring.io/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:a400:8:5877:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9cb247ad03093f713fb1cbaa422ee3b653b867cada4a5d69b80891c2522792be
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.roaring.io/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 14:49:41 GMT
via
1.1 00746b020527dcdbeca0dab6f6de299b.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
content-length
92709
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 08 Dec 2021 13:59:07 GMT
server
AmazonS3
x-frame-options
DENY
etag
"e69a64174dd78ba107234b0f3d4e089b"
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
application/javascript
cache-control
public,must-revalidate,proxy-revalidate,max-age=0,no-store,no-cache
accept-ranges
bytes
x-amz-cf-id
wWq8o-BKVOxRINnQpOVX7DCvAgkFgsJfJmXdDA6sZpLMZFX3MiNF2A==
gtm.js
www.googletagmanager.com/ 		167 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KVTHLSF
Requested by
Host: app.roaring.io
URL: https://app.roaring.io/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
54389fc6340787da87bc686e793d1df1d3150ea5fc3eaab3cef6fe151a8ae96c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 14:49:40 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61489
x-xss-protection
0
last-modified
Mon, 13 Dec 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 13 Dec 2021 14:49:40 GMT
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: app.roaring.io
URL: https://app.roaring.io/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
kWl483s6hgnqU1Q70/3GDCpQ8hOa1/UMdDDyX5oek/i6JKk6htJbeeM0AF5JbiBZVW6DT/caxBAs/a2XVKchIw==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 13 Dec 2021 14:49:40 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
660795711193080
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/660795711193080?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
34f7271e759347800be9a0173e57a3ff536f62249359ec3a856e5783d72430ca
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
JiBhEoi5ar4XeyJMlDMPRqTu6pqr9yvCNXR4LXDIagiRKIHO7mNyiAUv0Jg9p52afv1TNm7jrxsETAgpPwIxAA==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 13 Dec 2021 14:49:40 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-84002038-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6514
date
Mon, 13 Dec 2021 13:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 13 Dec 2021 15:01:06 GMT
shim.latest.js
js.intercomcdn.com/
Redirect Chain
  • https://widget.intercom.io/widget/izlc381t
  • https://js.intercomcdn.com/shim.latest.js
18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Server
18.66.139.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-109.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bf494bb8fb4e03f13573eea561c1138861b5b2259430ab89e0e533d61958af69

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 13 Dec 2021 14:45:49 GMT
content-encoding
gzip
last-modified
Mon, 13 Dec 2021 14:00:45 GMT
server
AmazonS3
age
233
etag
"c46bb128174a526e5d8ddae091a7e337"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 ba67e20db38657ee5cb05d05b3da9d71.cloudfront.net (CloudFront)
cache-control
max-age=300, s-maxage=300, public
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
6065
x-amz-cf-id
nsC30_6ErUfSqPRTdLAS7vfdcMmNvidQRPFT_YoIwhdMdosI4HeUmg==

Redirect headers

date
Thu, 11 Nov 2021 18:14:56 GMT
via
1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
server
AmazonS3
age
2752486
x-cache
Hit from cloudfront
location
https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop
FRA60-P3
content-length
0
x-amz-cf-id
_2eY4Xx3soWvFQ7gv420RjVOsNSCmpWjdHbKsxagEJVT7c7RPGcFrg==
translation.json
assets.roaring.io/locales/en/ 		44 KB
44 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.roaring.io/locales/en/translation.json?v=63
Requested by
Host: app.roaring.io
URL: https://app.roaring.io/2.0.5/static/js/26.af298b4f.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:ee00:1:3cb1:f900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0bfadc2585fd1adafa28c1e5753fa4322ac45fed3b17524c97f9e6a906896714

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 14:49:41 GMT
via
1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
last-modified
Thu, 09 Dec 2021 08:49:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
etag
"304176b96bd6641f94c4abca3d1650cd"
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
45042
x-amz-cf-id
SkHO8lpWHB2EwRraymKWxMWdmQFRdvgvcPYpZKMiYTz9LZNie5TCqQ==
translation.json
assets.roaring.io/locales/sv/ 		44 KB
45 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.roaring.io/locales/sv/translation.json?v=63
Requested by
Host: app.roaring.io
URL: https://app.roaring.io/2.0.5/static/js/26.af298b4f.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:ee00:1:3cb1:f900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e4b653fa2aaad3d0d78ddab69f925f09b469ca132e26ad962e1d29bd30e53550

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 06:16:42 GMT
via
1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
last-modified
Thu, 09 Dec 2021 08:50:09 GMT
server
AmazonS3
age
30780
etag
"717d16518b8bc0b9cd4ac0c4dc01450a"
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
45447
x-amz-cf-id
HSCXCfeO8a8Aut04UoFBFNAfrZLZUHhKl-Lsox27__CIJVGha635cA==
frame-modern.b1f046bf.js
js.intercomcdn.com/ Frame 20AE 		290 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.b1f046bf.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/izlc381t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-109.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8fef7cc051ac1809d88146543d14b5d4d97eeeb18378fcee9ffb52fd31540230

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 13 Dec 2021 14:00:49 GMT
content-encoding
gzip
last-modified
Mon, 13 Dec 2021 13:59:25 GMT
server
AmazonS3
age
2933
etag
"69f7b57d9f28953f4b6adafea183bd1f"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 ba67e20db38657ee5cb05d05b3da9d71.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
78800
x-amz-cf-id
GRlnanleZmficu-7bg7orE2w7JsHq_gupM8OUMTUmASNOnKktbfCcA==
vendor-modern.72859c98.js
js.intercomcdn.com/ Frame 20AE 		125 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.72859c98.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/izlc381t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-109.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5f6432ff28f2e45fa5679c8ebd2582cab948a7f855e4ef115efdcb95068d89d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 13 Dec 2021 13:52:58 GMT
content-encoding
gzip
last-modified
Fri, 10 Dec 2021 15:47:22 GMT
server
AmazonS3
age
3404
etag
"afc77303a9ea6f710b86574e4acd701b"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 ba67e20db38657ee5cb05d05b3da9d71.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
38751
x-amz-cf-id
iavzlRT6CnAg9YgHUPl50Nnm-j7zy9LmtoLpHAlKE-v-JsJ8__-HWQ==

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| gtag object| dataLayer function| fbq function| _fbq string| _intercomAppId function| Intercom object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| postscribe object| google_tag_manager_external object| gaplugins object| gaGlobal object| gaData object| webpackJsonproaring-app function| __intercomAssignLocation

2 Cookies

Domain/Path Name / Value
.roaring.io/ Name: _ga
Value: GA1.2.443189056.1639406980
.roaring.io/ Name: _gid
Value: GA1.2.770443433.1639406980

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.roaring.io
assets.roaring.io
connect.facebook.net
fonts.googleapis.com
js.intercomcdn.com
widget.intercom.io
www.google-analytics.com
www.googletagmanager.com
13.32.99.47
18.66.139.109
2600:9000:223c:ee00:1:3cb1:f900:93a1
2600:9000:236e:a400:8:5877:d200:93a1
2a00:1450:4001:810::2008
2a00:1450:4001:829::200a
2a00:1450:4001:830::200e
2a03:2880:f01c:8012:face:b00c:0:3
0bfadc2585fd1adafa28c1e5753fa4322ac45fed3b17524c97f9e6a906896714
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
34f7271e759347800be9a0173e57a3ff536f62249359ec3a856e5783d72430ca
54389fc6340787da87bc686e793d1df1d3150ea5fc3eaab3cef6fe151a8ae96c
8499e5d9eef452a4c8db9bc07bc9b46bb3e532b0620575e60fdc9fecc396ec1f
8fef7cc051ac1809d88146543d14b5d4d97eeeb18378fcee9ffb52fd31540230
9cb247ad03093f713fb1cbaa422ee3b653b867cada4a5d69b80891c2522792be
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b932b9709c8468a06cfe1901d5edac5a82b96f77cf0cd254208c4405d4d9b8ce
bf494bb8fb4e03f13573eea561c1138861b5b2259430ab89e0e533d61958af69
c4bdfe5b2ad79b592d1f17bdd1959d37fd949b669d92d09da8f4c644360183c8
c5f6432ff28f2e45fa5679c8ebd2582cab948a7f855e4ef115efdcb95068d89d
dcde2531e4615e48f47f0b84abe927e7ff0f3f7c9b73bf499b1e0834209293b1
e4b653fa2aaad3d0d78ddab69f925f09b469ca132e26ad962e1d29bd30e53550