urlscan.io logo urlscan.io
SecurityTrails logo

labs.withsecure.com Open in urlscan Pro
52.210.153.134  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://labs.withsecure.com/
Effective URL: https://labs.withsecure.com/
Submission: On July 29 via manual from DO — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 4 domains to perform 22 HTTP transactions. The main IP is 52.210.153.134, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is labs.withsecure.com.
TLS certificate: Issued by Amazon on June 14th 2022. Valid for: a year.
This is the only time labs.withsecure.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 15 52.210.153.134 16509 (AMAZON-02)
1 2a00:1450:401... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 65.9.66.112 16509 (AMAZON-02)
1 99.86.4.91 16509 (AMAZON-02)
1 18.66.15.25 16509 (AMAZON-02)
1 18.202.39.101 16509 (AMAZON-02)
22 8
15    52.210.153.134 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-153-134.eu-west-1.compute.amazonaws.com
labs.withsecure.com
1    2a00:1450:4014:80f::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    65.9.66.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-112.fra56.r.cloudfront.net
static.hotjar.com
1    99.86.4.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-91.fra6.r.cloudfront.net
script.hotjar.com
1    18.66.15.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-25.vie50.r.cloudfront.net
vars.hotjar.com
1    18.202.39.101 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-39-101.eu-west-1.compute.amazonaws.com
in.hotjar.com
Apex Domain
Subdomains		 Transfer
15 withsecure.com
labs.withsecure.com
260 KB
4 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 637
script.hotjar.com — Cisco Umbrella Rank: 795
vars.hotjar.com — Cisco Umbrella Rank: 874
in.hotjar.com — Cisco Umbrella Rank: 1519
ws28.hotjar.com Failed
68 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
20 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 93
48 KB
22 4
Domain Requested by
15 labs.withsecure.com 1 redirects labs.withsecure.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 in.hotjar.com script.hotjar.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com labs.withsecure.com
1 www.googletagmanager.com labs.withsecure.com
0 ws28.hotjar.com Failed script.hotjar.com
22 8

This site contains links to these domains. Also see Links.

Domain
www.withsecure.com
github.com
www.linkedin.com
twitter.com
Subject Issuer Validity Valid
labs.prd.condev.fsapi.com
Amazon		 2022-06-14 -
2023-07-13		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh

This page contains 2 frames:

Primary Page: https://labs.withsecure.com/
Frame ID: 534C377A164E6992C707C32D45066205
Requests: 21 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-0004cb77850b00d4aa7e1e08ff61e8f0.html
Frame ID: 863EC3647F39D4025B425B87950B6C70
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Welcome to WithSecure Labs - Cyber security research and development

Page URL History Show full URLs

  1. http://labs.withsecure.com/ HTTP 301
    https://labs.withsecure.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

22
Requests

95 %
HTTPS

29 %
IPv6

4
Domains

8
Subdomains

8
IPs

3
Countries

395 kB
Transfer

741 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://labs.withsecure.com/ HTTP 301
    https://labs.withsecure.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
labs.withsecure.com/
Redirect Chain
  • http://labs.withsecure.com/
  • https://labs.withsecure.com/
16 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://labs.withsecure.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.153.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-153-134.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
92e4f6142074144cea164f6c313223410a7d2c3907a5939ffa58975c8b55c064
Security Headers
Name Value
Content-Security-Policy Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com/ https://www.google-analytics.com https://ssl.google-analytics.com https://static.hotjar.com http://script.hotjar.com; connect-src 'self' https://www.google-analytics.com https://in.hotjar.com https://surveystats.hotjar.io; img-src 'self' data: www.googletagmanager.com https://www.google-analytics.com https://script.hotjar.com; style-src 'self' 'unsafe-inline'; frame-ancestors 'self'; connect-src: https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
4568
Content-Security-Policy
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com/ https://www.google-analytics.com https://ssl.google-analytics.com https://static.hotjar.com http://script.hotjar.com; connect-src 'self' https://www.google-analytics.com https://in.hotjar.com https://surveystats.hotjar.io; img-src 'self' data: www.googletagmanager.com https://www.google-analytics.com https://script.hotjar.com; style-src 'self' 'unsafe-inline'; frame-ancestors 'self'; connect-src: https://www.google-analytics.com;
Content-Type
text/html; charset=utf-8
Date
Fri, 29 Jul 2022 19:25:19 GMT
Server
Apache/2.4.41 (Ubuntu)
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-UA-Compatible
IE=edge
cache-control
no-cache, must-revalidate, no-transform
vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
236
Content-Type
text/html; charset=iso-8859-1
Date
Fri, 29 Jul 2022 19:25:18 GMT
Location
https://labs.withsecure.com/
Server
Apache/2.4.41 (Ubuntu)
style.css
labs.withsecure.com/_resources/themes/labs/css/ 		29 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://labs.withsecure.com/_resources/themes/labs/css/style.css?m=1658834164
Requested by
Host: labs.withsecure.com
URL: https://labs.withsecure.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.153.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-153-134.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
88de35f85c8046367fa266dd8572e8d693ba3fa2afd73e35b8257b4b21bdc03d
Security Headers
Name Value
Content-Security-Policy Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com/ https://www.google-analytics.com https://ssl.google-analytics.com https://static.hotjar.com http://script.hotjar.com; connect-src 'self' https://www.google-analytics.com https://in.hotjar.com https://surveystats.hotjar.io; img-src 'self' data: www.googletagmanager.com https://www.google-analytics.com https://script.hotjar.com; style-src 'self' 'unsafe-inline'; frame-ancestors 'self'; connect-src: https://www.google-analytics.com;
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.withsecure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com/ https://www.google-analytics.com https://ssl.google-analytics.com https://static.hotjar.com http://script.hotjar.com; connect-src 'self' https://www.google-analytics.com https://in.hotjar.com https://surveystats.hotjar.io; img-src 'self' data: www.googletagmanager.com https://www.google-analytics.com https://script.hotjar.com; style-src 'self' 'unsafe-inline'; frame-ancestors 'self'; connect-src: https://www.google-analytics.com;
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 26 Jul 2022 11:16:04 GMT
Server
Apache/2.4.41 (Ubuntu)
Date
Fri, 29 Jul 2022 19:25:19 GMT
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Cache-Control
no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5617
prism.css
labs.withsecure.com/_resources/themes/labs/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://labs.withsecure.com/_resources/themes/labs/css/prism.css?m=1658834164
Requested by
Host: labs.withsecure.com
URL: https://labs.withsecure.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.153.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-153-134.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
650ee6b5f55b6f5d6a322bfe83bfef1045d8375306df4ca5dd7ebdde84a107d0
Security Headers
Name Value
Content-Security-Policy Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com/ https://www.google-analytics.com https://ssl.google-analytics.com https://static.hotjar.com http://script.hotjar.com; connect-src 'self' https://www.google-analytics.com https://in.hotjar.com https://surveystats.hotjar.io; img-src 'self' data: www.googletagmanager.com https://www.google-analytics.com https://script.hotjar.com; style-src 'self' 'unsafe-inline'; frame-ancestors 'self'; connect-src: https://www.google-analytics.com;
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.withsecure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com/ https://www.google-analytics.com https://ssl.google-analytics.com https://static.hotjar.com http://script.hotjar.com; connect-src 'self' https://www.google-analytics.com https://in.hotjar.com https://surveystats.hotjar.io; img-src 'self' data: www.googletagmanager.com https://www.google-analytics.com https://script.hotjar.com; style-src 'self' 'unsafe-inline'; frame-ancestors 'self'; connect-src: https://www.google-analytics.com;
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 26 Jul 2022 11:16:04 GMT
Server
Apache/2.4.41 (Ubuntu)
Date
Fri, 29 Jul 2022 19:25:19 GMT
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Cache-Control
no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
940
withsecure-labs-logo.svg
labs.withsecure.com/_resources/themes/labs/images/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://labs.withsecure.com/_resources/themes/labs/images/withsecure-labs-logo.svg
Requested by
Host: labs.withsecure.com
URL: https://labs.withsecure.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.153.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-153-134.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
e016d75f0cdf79c1fc9cd0cc7e01d2ac3414119faf20894d3de468e352f5eb04
Security Headers
Name Value
Content-Security-Policy Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com/ https://www.google-analytics.com https://ssl.google-analytics.com https://static.hotjar.com http://script.hotjar.com; connect-src 'self' https://www.google-analytics.com https://in.hotjar.com https://surveystats.hotjar.io; img-src 'self' data: www.googletagmanager.com https://www.google-analytics.com https://script.hotjar.com; style-src 'self' 'unsafe-inline'; frame-ancestors 'self'; connect-src: https://www.google-analytics.com;
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.withsecure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com/ https://www.google-analytics.com https://ssl.google-analytics.com https://static.hotjar.com http://script.hotjar.com; connect-src 'self' https://www.google-analytics.com https://in.hotjar.com https://surveystats.hotjar.io; img-src 'self' data: www.googletagmanager.com https://www.google-analytics.com https://script.hotjar.com; style-src 'self' 'unsafe-inline'; frame-ancestors 'self'; connect-src: https://www.google-analytics.com;
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 26 Jul 2022 11:16:04 GMT
Server
Apache/2.4.41 (Ubuntu)
Date
Fri, 29 Jul 2022 19:25:19 GMT
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1335
scripts.js
labs.withsecure.com/_resources/themes/labs/javascript/ 		0
924 B 		Script
General
Check archive.org
Download Go to
Full URL
https://labs.withsecure.com/_resources/themes/labs/javascript/scripts.js?m=1658834164
Requested by
Host: labs.withsecure.com
URL: https://labs.withsecure.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.153.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-153-134.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com/ https://www.google-analytics.com https://ssl.google-analytics.com https://static.hotjar.com http://script.hotjar.com; connect-src 'self' https://www.google-analytics.com https://in.hotjar.com https://surveystats.hotjar.io; img-src 'self' data: www.googletagmanager.com https://www.google-analytics.com https://script.hotjar.com; style-src 'self' 'unsafe-inline'; frame-ancestors 'self'; connect-src: https://www.google-analytics.com;
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.withsecure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com/ https://www.google-analytics.com https://ssl.google-analytics.com https://static.hotjar.com http://script.hotjar.com; connect-src 'self' https://www.google-analytics.com https://in.hotjar.com https://surveystats.hotjar.io; img-src 'self' data: www.googletagmanager.com https://www.google-analytics.com https://script.hotjar.com; style-src 'self' 'unsafe-inline'; frame-ancestors 'self'; connect-src: https://www.google-analytics.com;
X-Content-Type-Options
nosniff
Last-Modified
Tue, 26 Jul 2022 11:16:04 GMT
Server
Apache/2.4.41 (Ubuntu)
Date
Fri, 29 Jul 2022 19:25:19 GMT
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
prism.min.js
labs.withsecure.com/_resources/themes/labs/javascript/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://labs.withsecure.com/_resources/themes/labs/javascript/prism.min.js?m=1658834164
Requested by
Host: labs.withsecure.com
URL: https://labs.withsecure.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.153.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-153-134.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
6aac67e9d027869bfb5bb6195cd932929b87c73bc390991904c05f114622cb8d
Security Headers
Name Value
Content-Security-Policy Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com/ https://www.google-analytics.com https://ssl.google-analytics.com https://static.hotjar.com http://script.hotjar.com; connect-src 'self' https://www.google-analytics.com https://in.hotjar.com https://surveystats.hotjar.io; img-src 'self' data: www.googletagmanager.com https://www.google-analytics.com https://script.hotjar.com; style-src 'self' 'unsafe-inline'; frame-ancestors 'self'; connect-src: https://www.google-analytics.com;
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.withsecure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com/ https://www.google-analytics.com https://ssl.google-analytics.com https://static.hotjar.com http://script.hotjar.com; connect-src 'self' https://www.google-analytics.com https://in.hotjar.com https://surveystats.hotjar.io; img-src 'self' data: www.googletagmanager.com https://www.google-analytics.com https://script.hotjar.com; style-src 'self' 'unsafe-inline'; frame-ancestors 'self'; connect-src: https://www.google-analytics.com;
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 26 Jul 2022 11:16:04 GMT
Server
Apache/2.4.41 (Ubuntu)
Date
Fri, 29 Jul 2022 19:25:19 GMT
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13349
gtm.js
www.googletagmanager.com/ 		124 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KD9T85H
Requested by
Host: labs.withsecure.com
URL: https://labs.withsecure.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4014:80f::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
701069d96c0035cbd827efb6e2138055e229f72ede9104893e2c5c5db17519e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.withsecure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 29 Jul 2022 19:25:19 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48377
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 29 Jul 2022 19:25:19 GMT
withsecure-labs-logo.svg
labs.withsecure.com/_resources/themes/labs/images/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://labs.withsecure.com/_resources/themes/labs/images/withsecure-labs-logo.svg?1658833694937
Requested by
Host: labs.withsecure.com
URL: https://labs.withsecure.com/_resources/themes/labs/css/style.css?m=1658834164
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.153.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-153-134.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
e016d75f0cdf79c1fc9cd0cc7e01d2ac3414119faf20894d3de468e352f5eb04
Security Headers
Name Value
Content-Security-Policy Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com/ https://www.google-analytics.com https://ssl.google-analytics.com https://static.hotjar.com http://script.hotjar.com; connect-src 'self' https://www.google-analytics.com https://in.hotjar.com https://surveystats.hotjar.io; img-src 'self' data: www.googletagmanager.com https://www.google-analytics.com https://script.hotjar.com; style-src 'self' 'unsafe-inline'; frame-ancestors 'self'; connect-src: https://www.google-analytics.com;
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.withsecure.com/_resources/themes/labs/css/style.css?m=1658834164
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com/ https://www.google-analytics.com https://ssl.google-analytics.com https://static.hotjar.com http://script.hotjar.com; connect-src 'self' https://www.google-analytics.com https://in.hotjar.com https://surveystats.hotjar.io; img-src 'self' data: www.googletagmanager.com https://www.google-analytics.com https://script.hotjar.com; style-src 'self' 'unsafe-inline'; frame-ancestors 'self'; connect-src: https://www.google-analytics.com;
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 26 Jul 2022 11:16:04 GMT
Server
Apache/2.4.41 (Ubuntu)
Date
Fri, 29 Jul 2022 19:25:19 GMT
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1335
poligon-background.png
labs.withsecure.com/_resources/themes/labs/images/ 		114 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://labs.withsecure.com/_resources/themes/labs/images/poligon-background.png?1658833694937
Requested by
Host: labs.withsecure.com
URL: https://labs.withsecure.com/_resources/themes/labs/css/style.css?m=1658834164
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.153.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-153-134.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
4eb2afa4a45d51b0f2d891de2ebca5900298e0658262baf8bb5ab7a2dc096b08
Security Headers
Name Value
Content-Security-Policy Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com/ https://www.google-analytics.com https://ssl.google-analytics.com https://static.hotjar.com http://script.hotjar.com; connect-src 'self' https://www.google-analytics.com https://in.hotjar.com https://surveystats.hotjar.io; img-src 'self' data: www.googletagmanager.com https://www.google-analytics.com https://script.hotjar.com; style-src 'self' 'unsafe-inline'; frame-ancestors 'self'; connect-src: https://www.google-analytics.com;
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.withsecure.com/_resources/themes/labs/css/style.css?m=1658834164
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com/ https://www.google-analytics.com https://ssl.google-analytics.com https://static.hotjar.com http://script.hotjar.com; connect-src 'self' https://www.google-analytics.com https://in.hotjar.com https://surveystats.hotjar.io; img-src 'self' data: www.googletagmanager.com https://www.google-analytics.com https://script.hotjar.com; style-src 'self' 'unsafe-inline'; frame-ancestors 'self'; connect-src: https://www.google-analytics.com;
X-Content-Type-Options
nosniff
Last-Modified
Tue, 26 Jul 2022 11:16:04 GMT
Server
Apache/2.4.41 (Ubuntu)
Date
Fri, 29 Jul 2022 19:25:19 GMT
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
116251
linkedin-blue.svg
labs.withsecure.com/_resources/themes/labs/images/ 		450 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://labs.withsecure.com/_resources/themes/labs/images/linkedin-blue.svg?1658833694937
Requested by
Host: labs.withsecure.com
URL: https://labs.withsecure.com/_resources/themes/labs/css/style.css?m=1658834164
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.153.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-153-134.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
f02a4e6736855759c2ebc18958474b70dfa672aca7f3c8a91d6e82d9103f1201
Security Headers
Name Value
Content-Security-Policy Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com/ https://www.google-analytics.com https://ssl.google-analytics.com https://static.hotjar.com http://script.hotjar.com; connect-src 'self' https://www.google-analytics.com https://in.hotjar.com https://surveystats.hotjar.io; img-src 'self' data: www.googletagmanager.com https://www.google-analytics.com https://script.hotjar.com; style-src 'self' 'unsafe-inline'; frame-ancestors 'self'; connect-src: https://www.google-analytics.com;
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.withsecure.com/_resources/themes/labs/css/style.css?m=1658834164
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com/ https://www.google-analytics.com https://ssl.google-analytics.com https://static.hotjar.com http://script.hotjar.com; connect-src 'self' https://www.google-analytics.com https://in.hotjar.com https://surveystats.hotjar.io; img-src 'self' data: www.googletagmanager.com https://www.google-analytics.com https://script.hotjar.com; style-src 'self' 'unsafe-inline'; frame-ancestors 'self'; connect-src: https://www.google-analytics.com;
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 26 Jul 2022 11:16:04 GMT
Server
Apache/2.4.41 (Ubuntu)
Date
Fri, 29 Jul 2022 19:25:19 GMT
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
317
twitter-blue.svg
labs.withsecure.com/_resources/themes/labs/images/ 		962 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://labs.withsecure.com/_resources/themes/labs/images/twitter-blue.svg?1658833694937
Requested by
Host: labs.withsecure.com
URL: https://labs.withsecure.com/_resources/themes/labs/css/style.css?m=1658834164
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.153.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-153-134.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
43cb9bb13340f5fdf025c6de10b35af3b45cd344a86a397f49e65cd0a195eafc
Security Headers
Name Value
Content-Security-Policy Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com/ https://www.google-analytics.com https://ssl.google-analytics.com https://static.hotjar.com http://script.hotjar.com; connect-src 'self' https://www.google-analytics.com https://in.hotjar.com https://surveystats.hotjar.io; img-src 'self' data: www.googletagmanager.com https://www.google-analytics.com https://script.hotjar.com; style-src 'self' 'unsafe-inline'; frame-ancestors 'self'; connect-src: https://www.google-analytics.com;
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.withsecure.com/_resources/themes/labs/css/style.css?m=1658834164
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com/ https://www.google-analytics.com https://ssl.google-analytics.com https://static.hotjar.com http://script.hotjar.com; connect-src 'self' https://www.google-analytics.com https://in.hotjar.com https://surveystats.hotjar.io; img-src 'self' data: www.googletagmanager.com https://www.google-analytics.com https://script.hotjar.com; style-src 'self' 'unsafe-inline'; frame-ancestors 'self'; connect-src: https://www.google-analytics.com;
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 26 Jul 2022 11:16:04 GMT
Server
Apache/2.4.41 (Ubuntu)
Date
Fri, 29 Jul 2022 19:25:19 GMT
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
577
github-blue.svg
labs.withsecure.com/_resources/themes/labs/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://labs.withsecure.com/_resources/themes/labs/images/github-blue.svg?1658833694937
Requested by
Host: labs.withsecure.com
URL: https://labs.withsecure.com/_resources/themes/labs/css/style.css?m=1658834164
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.153.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-153-134.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
cc85ccbfbde2fe8ca49c38c444217f3978a1bdef259c239a500e9fe2e17cd3c8
Security Headers
Name Value
Content-Security-Policy Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com/ https://www.google-analytics.com https://ssl.google-analytics.com https://static.hotjar.com http://script.hotjar.com; connect-src 'self' https://www.google-analytics.com https://in.hotjar.com https://surveystats.hotjar.io; img-src 'self' data: www.googletagmanager.com https://www.google-analytics.com https://script.hotjar.com; style-src 'self' 'unsafe-inline'; frame-ancestors 'self'; connect-src: https://www.google-analytics.com;
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.withsecure.com/_resources/themes/labs/css/style.css?m=1658834164
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com/ https://www.google-analytics.com https://ssl.google-analytics.com https://static.hotjar.com http://script.hotjar.com; connect-src 'self' https://www.google-analytics.com https://in.hotjar.com https://surveystats.hotjar.io; img-src 'self' data: www.googletagmanager.com https://www.google-analytics.com https://script.hotjar.com; style-src 'self' 'unsafe-inline'; frame-ancestors 'self'; connect-src: https://www.google-analytics.com;
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 26 Jul 2022 11:16:04 GMT
Server
Apache/2.4.41 (Ubuntu)
Date
Fri, 29 Jul 2022 19:25:19 GMT
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
739
FSecureSansWeb-Regular.woff
labs.withsecure.com/_resources/themes/labs/webfonts/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://labs.withsecure.com/_resources/themes/labs/webfonts/FSecureSansWeb-Regular.woff?1658833694937
Requested by
Host: labs.withsecure.com
URL: https://labs.withsecure.com/_resources/themes/labs/css/style.css?m=1658834164
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.153.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-153-134.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
c3782d937e5c709771750e1a5dec25c7bb7e727173343e7cd74b982558b23287
Security Headers
Name Value
Content-Security-Policy Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com/ https://www.google-analytics.com https://ssl.google-analytics.com https://static.hotjar.com http://script.hotjar.com; connect-src 'self' https://www.google-analytics.com https://in.hotjar.com https://surveystats.hotjar.io; img-src 'self' data: www.googletagmanager.com https://www.google-analytics.com https://script.hotjar.com; style-src 'self' 'unsafe-inline'; frame-ancestors 'self'; connect-src: https://www.google-analytics.com;
X-Content-Type-Options nosniff

Request headers

Referer
https://labs.withsecure.com/_resources/themes/labs/css/style.css?m=1658834164
Origin
https://labs.withsecure.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com/ https://www.google-analytics.com https://ssl.google-analytics.com https://static.hotjar.com http://script.hotjar.com; connect-src 'self' https://www.google-analytics.com https://in.hotjar.com https://surveystats.hotjar.io; img-src 'self' data: www.googletagmanager.com https://www.google-analytics.com https://script.hotjar.com; style-src 'self' 'unsafe-inline'; frame-ancestors 'self'; connect-src: https://www.google-analytics.com;
X-Content-Type-Options
nosniff
Last-Modified
Tue, 26 Jul 2022 11:16:04 GMT
Server
Apache/2.4.41 (Ubuntu)
Date
Fri, 29 Jul 2022 19:25:19 GMT
Vary
Accept-Encoding
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Cache-Control
no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35420
FSecureSansWeb-Headline.woff
labs.withsecure.com/_resources/themes/labs/webfonts/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://labs.withsecure.com/_resources/themes/labs/webfonts/FSecureSansWeb-Headline.woff?1658833694937
Requested by
Host: labs.withsecure.com
URL: https://labs.withsecure.com/_resources/themes/labs/css/style.css?m=1658834164
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.153.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-153-134.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
8da0a6ab42fdc8cfd7967a23237e92157bf7a14fbb54b256903bb245add37f39
Security Headers
Name Value
Content-Security-Policy Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com/ https://www.google-analytics.com https://ssl.google-analytics.com https://static.hotjar.com http://script.hotjar.com; connect-src 'self' https://www.google-analytics.com https://in.hotjar.com https://surveystats.hotjar.io; img-src 'self' data: www.googletagmanager.com https://www.google-analytics.com https://script.hotjar.com; style-src 'self' 'unsafe-inline'; frame-ancestors 'self'; connect-src: https://www.google-analytics.com;
X-Content-Type-Options nosniff

Request headers

Referer
https://labs.withsecure.com/_resources/themes/labs/css/style.css?m=1658834164
Origin
https://labs.withsecure.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com/ https://www.google-analytics.com https://ssl.google-analytics.com https://static.hotjar.com http://script.hotjar.com; connect-src 'self' https://www.google-analytics.com https://in.hotjar.com https://surveystats.hotjar.io; img-src 'self' data: www.googletagmanager.com https://www.google-analytics.com https://script.hotjar.com; style-src 'self' 'unsafe-inline'; frame-ancestors 'self'; connect-src: https://www.google-analytics.com;
X-Content-Type-Options
nosniff
Last-Modified
Tue, 26 Jul 2022 11:16:04 GMT
Server
Apache/2.4.41 (Ubuntu)
Date
Fri, 29 Jul 2022 19:25:19 GMT
Vary
Accept-Encoding
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Cache-Control
no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
36036
FSecureSansWeb-Bold.woff
labs.withsecure.com/_resources/themes/labs/webfonts/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://labs.withsecure.com/_resources/themes/labs/webfonts/FSecureSansWeb-Bold.woff?1658833694937
Requested by
Host: labs.withsecure.com
URL: https://labs.withsecure.com/_resources/themes/labs/css/style.css?m=1658834164
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.153.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-153-134.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
26d4fd7a5ac9c1fa4e6684d13138493725786bfe6046677a6fae82dabcc41f3a
Security Headers
Name Value
Content-Security-Policy Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com/ https://www.google-analytics.com https://ssl.google-analytics.com https://static.hotjar.com http://script.hotjar.com; connect-src 'self' https://www.google-analytics.com https://in.hotjar.com https://surveystats.hotjar.io; img-src 'self' data: www.googletagmanager.com https://www.google-analytics.com https://script.hotjar.com; style-src 'self' 'unsafe-inline'; frame-ancestors 'self'; connect-src: https://www.google-analytics.com;
X-Content-Type-Options nosniff

Request headers

Referer
https://labs.withsecure.com/_resources/themes/labs/css/style.css?m=1658834164
Origin
https://labs.withsecure.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com/ https://www.google-analytics.com https://ssl.google-analytics.com https://static.hotjar.com http://script.hotjar.com; connect-src 'self' https://www.google-analytics.com https://in.hotjar.com https://surveystats.hotjar.io; img-src 'self' data: www.googletagmanager.com https://www.google-analytics.com https://script.hotjar.com; style-src 'self' 'unsafe-inline'; frame-ancestors 'self'; connect-src: https://www.google-analytics.com;
X-Content-Type-Options
nosniff
Last-Modified
Tue, 26 Jul 2022 11:16:04 GMT
Server
Apache/2.4.41 (Ubuntu)
Date
Fri, 29 Jul 2022 19:25:19 GMT
Vary
Accept-Encoding
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Cache-Control
no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
36172
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KD9T85H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.withsecure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
1399
date
Fri, 29 Jul 2022 19:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 29 Jul 2022 21:02:00 GMT
hotjar-2964848.js
static.hotjar.com/c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2964848.js?sv=6
Requested by
Host: labs.withsecure.com
URL: https://labs.withsecure.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-112.fra56.r.cloudfront.net
Software
/
Resource Hash
50677da42dafdffacc8ac075e29fcb1fbb54653bd7690a2b9cf0de2f0c80ffbe
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.withsecure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-C1
x-cache-hit
1
date
Fri, 29 Jul 2022 19:25:19 GMT
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-amz-cf-id
wqumsTMC4QWqefjngH31T0NWJjPJTv9FlXGGG4uY1qeAt9_Sk3F9yA==
etag
W/f2eba9d5305ac363b3a34f4514bc997c
collect
www.google-analytics.com/j/ 		1 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1733148901&t=pageview&_s=1&dl=https%3A%2F%2Flabs.withsecure.com%2F&ul=en-us&de=UTF-8&dt=Welcome%20to%20WithSecure%20Labs%20-%20Cyber%20security%20research%20and%20development&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAAC~&jid=980079503&gjid=1877527653&cid=197871753.1659122720&tid=UA-44275937-52&_gid=506621154.1659122720&_r=1&gtm=2wg7r0KD9T85H&z=1677670272
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://labs.withsecure.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Jul 2022 19:25:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://labs.withsecure.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.311bafb9406f6ba6bebc.js
script.hotjar.com/ 		246 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.311bafb9406f6ba6bebc.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2964848.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-91.fra6.r.cloudfront.net
Software
/
Resource Hash
6dd840095807404d43062ce2afdf5e14b5d1c9262dbd7d726372861b0cfbfedb
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.withsecure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 29 Jul 2022 09:17:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
36493
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains
content-length
64600
access-control-allow-origin
*
last-modified
Fri, 29 Jul 2022 09:16:08 GMT
etag
"45663d5a8b5e0ae258fd8063655953c6"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
-2QEQJPd8SfXVr0Ohoy59daoxi6sQI68h5d5cSuget86AUXR-fKHEg==
box-0004cb77850b00d4aa7e1e08ff61e8f0.html
vars.hotjar.com/ Frame 863E 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-0004cb77850b00d4aa7e1e08ff61e8f0.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2964848.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-25.vie50.r.cloudfront.net
Software
/
Resource Hash
cbbfda74ce57788b9a3877e57fb6ccd91c2e8db043acc08b0091a4ee7509f489
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://labs.withsecure.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1228392
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 15 Jul 2022 14:12:07 GMT
etag
"d2caf2e569940c65a88268a169f3facf"
last-modified
Fri, 15 Jul 2022 14:11:55 GMT
strict-transport-security
max-age=86400; includeSubDomains
vary
Accept-Encoding
via
1.1 452b7761b1eb87a22cbc4ec546224f1a.cloudfront.net (CloudFront)
x-amz-cf-id
ad5LkrJv9dXJmZTHFm3n5nyc85DZjdSxgTC48ag7eTZuAV8Rgbm85g==
x-amz-cf-pop
VIE50-P1
x-cache
Hit from cloudfront
x-robots-tag
none
visit-data
in.hotjar.com/api/v2/client/sites/2964848/ 		148 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/2964848/visit-data?sv=6
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.311bafb9406f6ba6bebc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.39.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-39-101.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c9d4bf2b35d1dd9ac94b5f8b06e69b5b8acdc0e41d372770ecfd37eca82d61ca

Request headers

Referer
https://labs.withsecure.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Fri, 29 Jul 2022 19:25:20 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
content
ws28.hotjar.com/api/v2/sites/2964848/recordings/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ws28.hotjar.com
URL
https://ws28.hotjar.com/api/v2/sites/2964848/recordings/content

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings object| _self object| Prism object| gaplugins object| gaGlobal object| gaData object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules

9 Cookies

Domain/Path Name / Value
.withsecure.com/ Name: _ga
Value: GA1.2.197871753.1659122720
.withsecure.com/ Name: _gid
Value: GA1.2.506621154.1659122720
.withsecure.com/ Name: _gat_UA-44275937-52
Value: 1
.withsecure.com/ Name: _hjSessionUser_2964848
Value: eyJpZCI6ImE5NGExM2NlLThiYTAtNTJkOC04NWE5LTJmY2VkMDE0NzI2ZCIsImNyZWF0ZWQiOjE2NTkxMjI3MTk3MjQsImV4aXN0aW5nIjpmYWxzZX0=
.withsecure.com/ Name: _hjFirstSeen
Value: 1
labs.withsecure.com/ Name: _hjIncludedInSessionSample
Value: 1
.withsecure.com/ Name: _hjSession_2964848
Value: eyJpZCI6IjAwZmI0MTk2LTc1YjYtNGU5My04Y2VlLTA5YWU5MTM0ZTllZSIsImNyZWF0ZWQiOjE2NTkxMjI3MjA0NzIsImluU2FtcGxlIjp0cnVlfQ==
labs.withsecure.com/ Name: _hjIncludedInPageviewSample
Value: 1
.withsecure.com/ Name: _hjAbsoluteSessionInProgress
Value: 0

10 Console Messages

Source Level URL
Text
security error URL: https://labs.withsecure.com/
Message:
The Content-Security-Policy directive name 'Content-Security-Policy:' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://labs.withsecure.com/
Message:
The Content-Security-Policy directive name 'connect-src:' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://static.hotjar.com/c/hotjar-2964848.js?sv=6(Line 2)
Message:
The Content-Security-Policy directive name 'Content-Security-Policy:' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://static.hotjar.com/c/hotjar-2964848.js?sv=6(Line 2)
Message:
The Content-Security-Policy directive name 'connect-src:' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://script.hotjar.com/modules.311bafb9406f6ba6bebc.js
Message:
The Content-Security-Policy directive name 'Content-Security-Policy:' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://script.hotjar.com/modules.311bafb9406f6ba6bebc.js
Message:
The Content-Security-Policy directive name 'connect-src:' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://script.hotjar.com/modules.311bafb9406f6ba6bebc.js
Message:
The Content-Security-Policy directive name 'Content-Security-Policy:' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://script.hotjar.com/modules.311bafb9406f6ba6bebc.js
Message:
The Content-Security-Policy directive name 'connect-src:' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://script.hotjar.com/modules.311bafb9406f6ba6bebc.js(Line 1)
Message:
Refused to connect to 'wss://ws28.hotjar.com/api/v2/client/ws' because it violates the following Content Security Policy directive: "connect-src 'self' https://www.google-analytics.com https://in.hotjar.com https://surveystats.hotjar.io".
security error URL: https://script.hotjar.com/modules.311bafb9406f6ba6bebc.js(Line 1)
Message:
Refused to connect to 'https://ws28.hotjar.com/api/v2/sites/2964848/recordings/content' because it violates the following Content Security Policy directive: "connect-src 'self' https://www.google-analytics.com https://in.hotjar.com https://surveystats.hotjar.io".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com/ https://www.google-analytics.com https://ssl.google-analytics.com https://static.hotjar.com http://script.hotjar.com; connect-src 'self' https://www.google-analytics.com https://in.hotjar.com https://surveystats.hotjar.io; img-src 'self' data: www.googletagmanager.com https://www.google-analytics.com https://script.hotjar.com; style-src 'self' 'unsafe-inline'; frame-ancestors 'self'; connect-src: https://www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

in.hotjar.com
labs.withsecure.com
script.hotjar.com
static.hotjar.com
vars.hotjar.com
ws28.hotjar.com
www.google-analytics.com
www.googletagmanager.com
ws28.hotjar.com
18.202.39.101
18.66.15.25
2a00:1450:4001:80e::200e
2a00:1450:4014:80f::2008
52.210.153.134
65.9.66.112
99.86.4.91
26d4fd7a5ac9c1fa4e6684d13138493725786bfe6046677a6fae82dabcc41f3a
43cb9bb13340f5fdf025c6de10b35af3b45cd344a86a397f49e65cd0a195eafc
4eb2afa4a45d51b0f2d891de2ebca5900298e0658262baf8bb5ab7a2dc096b08
50677da42dafdffacc8ac075e29fcb1fbb54653bd7690a2b9cf0de2f0c80ffbe
650ee6b5f55b6f5d6a322bfe83bfef1045d8375306df4ca5dd7ebdde84a107d0
6aac67e9d027869bfb5bb6195cd932929b87c73bc390991904c05f114622cb8d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dd840095807404d43062ce2afdf5e14b5d1c9262dbd7d726372861b0cfbfedb
701069d96c0035cbd827efb6e2138055e229f72ede9104893e2c5c5db17519e0
88de35f85c8046367fa266dd8572e8d693ba3fa2afd73e35b8257b4b21bdc03d
8da0a6ab42fdc8cfd7967a23237e92157bf7a14fbb54b256903bb245add37f39
92e4f6142074144cea164f6c313223410a7d2c3907a5939ffa58975c8b55c064
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
c3782d937e5c709771750e1a5dec25c7bb7e727173343e7cd74b982558b23287
c9d4bf2b35d1dd9ac94b5f8b06e69b5b8acdc0e41d372770ecfd37eca82d61ca
cbbfda74ce57788b9a3877e57fb6ccd91c2e8db043acc08b0091a4ee7509f489
cc85ccbfbde2fe8ca49c38c444217f3978a1bdef259c239a500e9fe2e17cd3c8
e016d75f0cdf79c1fc9cd0cc7e01d2ac3414119faf20894d3de468e352f5eb04
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f02a4e6736855759c2ebc18958474b70dfa672aca7f3c8a91d6e82d9103f1201