URL: https://user.firmanza.com/
Submission: On November 01 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 14 HTTP transactions. The main IP is 138.68.0.113, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is user.firmanza.com.
TLS certificate: Issued by R3 on August 16th 2021. Valid for: 3 months.
This is the only time user.firmanza.com was scanned on urlscan.io!

urlscan.io Verdict: No classification


Live information

Domain & IP information

IP Address AS Autonomous System
7 138.68.0.113 14061 (DIGITALOC...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
14 4
Domain Requested by
7 user.firmanza.com user.firmanza.com
3 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com user.firmanza.com
cdn.jsdelivr.net
1 cdn.jsdelivr.net user.firmanza.com
14 4

This site contains no links.

Subject Issuer Validity Valid
user.firmanza.com
R3
2021-08-16 -
2021-11-14
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2021-10-04 -
2021-12-27
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-07-03 -
2022-07-02
a year crt.sh
*.gstatic.com
GTS CA 1C3
2021-10-04 -
2021-12-27
3 months crt.sh

This page contains 1 frames:

Primary Page: https://user.firmanza.com/
Frame ID: E829FC6FA95493EC5C9FCE7973C5361F
Requests: 14 HTTP requests in this frame

Screenshot

Page Title

Firmanza - Tu firma de confianza

Page Statistics

14
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

789 kB
Transfer

3643 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
user.firmanza.com/
2 KB
2 KB
Document
General
Full URL
https://user.firmanza.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.68.0.113 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
465057257ecd7eadbbda1118c7fce83291292f43f429fb7178c170dda71ef9ad
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx
Date
Mon, 01 Nov 2021 16:21:46 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=20
Accept-Ranges
bytes
Cache-Control
public, max-age=0
Last-Modified
Mon, 01 Nov 2021 15:22:27 GMT
ETag
W/"9d2-17cdc183738"
Vary
Accept-Encoding
Content-Encoding
gzip
Strict-Transport-Security
max-age=15552000; includeSubDomains; preload
X-Frame-Options
DENY
X-Content-Type-Options
nosniff
css
fonts.googleapis.com/
3 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Pathway+Gothic+One|Roboto
Requested by
Host: user.firmanza.com
URL: https://user.firmanza.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4769e1cb8788c20b0827f01348eaf48271bb0a2369ec48faebecfe1f6e6d6e58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://user.firmanza.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 16:21:46 GMT
server
ESF
date
Mon, 01 Nov 2021 16:21:46 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Mon, 01 Nov 2021 16:21:46 GMT
semantic.min.css
cdn.jsdelivr.net/npm/fomantic-ui@2.8.5/dist/
1 MB
155 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/fomantic-ui@2.8.5/dist/semantic.min.css
Requested by
Host: user.firmanza.com
URL: https://user.firmanza.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0e9270115715a4dddb923faad0d44a57fd613501a9330704804989e1fa4841b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://user.firmanza.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 16:21:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
532011
x-jsd-version
2.8.5
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19167-FRA, cache-mxp6960-MXP
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"14c174-V1vgC936KaChumlIdNQsWmvXB+g"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6a7675446f93599b-MXP
2.601094c6.chunk.css
user.firmanza.com/static/css/
106 KB
21 KB
Stylesheet
General
Full URL
https://user.firmanza.com/static/css/2.601094c6.chunk.css
Requested by
Host: user.firmanza.com
URL: https://user.firmanza.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.68.0.113 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
9d18c252f23efe0dff14dee838f73b7c8c0aaf47c77daacaf567da2b39beaca1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://user.firmanza.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 16:21:46 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 01 Nov 2021 15:22:27 GMT
Server
nginx
X-Frame-Options
DENY
ETag
W/"1a9bb-17cdc183738"
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=0
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=15552000; includeSubDomains; preload
Accept-Ranges
bytes
Keep-Alive
timeout=20
main.02395df5.chunk.css
user.firmanza.com/static/css/
2 KB
2 KB
Stylesheet
General
Full URL
https://user.firmanza.com/static/css/main.02395df5.chunk.css
Requested by
Host: user.firmanza.com
URL: https://user.firmanza.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.68.0.113 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
052e0ce07a636b5e0c01a5daf26d2fae9fcb35bdcb165ae3cebe380c24f222e0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://user.firmanza.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 16:21:46 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 01 Nov 2021 15:22:27 GMT
Server
nginx
X-Frame-Options
DENY
ETag
W/"9c6-17cdc183738"
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=0
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=15552000; includeSubDomains; preload
Accept-Ranges
bytes
Keep-Alive
timeout=20
2.12b5c020.chunk.js
user.firmanza.com/static/js/
2 MB
445 KB
Script
General
Full URL
https://user.firmanza.com/static/js/2.12b5c020.chunk.js
Requested by
Host: user.firmanza.com
URL: https://user.firmanza.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.68.0.113 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
3bd7501de4bf4e350d44b5569c3e974cb0becb645adf7a895c377437ada49032
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://user.firmanza.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 16:21:46 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 01 Nov 2021 15:22:27 GMT
Server
nginx
X-Frame-Options
DENY
ETag
W/"1b3b4e-17cdc183738"
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=15552000; includeSubDomains; preload
Accept-Ranges
bytes
Keep-Alive
timeout=20
main.3f00ba5a.chunk.js
user.firmanza.com/static/js/
332 KB
57 KB
Script
General
Full URL
https://user.firmanza.com/static/js/main.3f00ba5a.chunk.js
Requested by
Host: user.firmanza.com
URL: https://user.firmanza.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.68.0.113 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
a90fe8558fc2bf86048ba05e47cb9520cead7b521339cc51543c22c24662a5ce
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://user.firmanza.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 16:21:46 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 01 Nov 2021 15:22:27 GMT
Server
nginx
X-Frame-Options
DENY
ETag
W/"52f4d-17cdc183738"
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=15552000; includeSubDomains; preload
Accept-Ranges
bytes
Keep-Alive
timeout=20
css
fonts.googleapis.com/
3 KB
549 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin&display=swap
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/fomantic-ui@2.8.5/dist/semantic.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
68b77f1363ae1b9f3f63a27604899825aedd740499a1363968c6f03378d4fde5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.jsdelivr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 15:28:31 GMT
server
ESF
date
Mon, 01 Nov 2021 16:21:46 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Mon, 01 Nov 2021 16:21:46 GMT
css
fonts.googleapis.com/
3 KB
532 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin
Requested by
Host: user.firmanza.com
URL: https://user.firmanza.com/static/css/2.601094c6.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d5f1c76620875851a634bc5349bc3177c262f6bfbfb5fcfa7c7b1ff91d1bd36d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://user.firmanza.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 15:09:25 GMT
server
ESF
date
Mon, 01 Nov 2021 16:21:46 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Mon, 01 Nov 2021 16:21:46 GMT
firmanza.svg
user.firmanza.com/
28 KB
10 KB
Image
General
Full URL
https://user.firmanza.com/firmanza.svg
Requested by
Host: user.firmanza.com
URL: https://user.firmanza.com/signin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.68.0.113 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
d7b14a60bb8b3cf4d0a30a3e76fd20913c92a100f792dac61f209820aa81d59d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://user.firmanza.com/signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 16:21:47 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 01 Nov 2021 15:21:32 GMT
Server
nginx
X-Frame-Options
DENY
ETag
W/"7164-17cdc176060"
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
image/svg+xml
Cache-Control
public, max-age=0
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=15552000; includeSubDomains; preload
Accept-Ranges
bytes
Keep-Alive
timeout=20
MwQrbgD32-KAvjkYGNUUxAtW7pEBwx-tS1Zf.woff2
fonts.gstatic.com/s/pathwaygothicone/v9/
7 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/pathwaygothicone/v9/MwQrbgD32-KAvjkYGNUUxAtW7pEBwx-tS1Zf.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Pathway+Gothic+One|Roboto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74cfed846ce71a3bef9b0a3e0e2c90fe441f0c909edd717f5b0c1957ef27bf18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://user.firmanza.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 03:47:44 GMT
x-content-type-options
nosniff
age
477243
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7620
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 05:21:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 27 Oct 2022 03:47:44 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/
22 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://user.firmanza.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 10:51:57 GMT
x-content-type-options
nosniff
age
106190
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22992
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:18:57 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Mon, 31 Oct 2022 10:51:57 GMT
icons.38c6d8ba.woff2
user.firmanza.com/static/media/
39 KB
40 KB
Font
General
Full URL
https://user.firmanza.com/static/media/icons.38c6d8ba.woff2
Requested by
Host: user.firmanza.com
URL: https://user.firmanza.com/static/css/2.601094c6.chunk.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.68.0.113 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
434466b59545a8a1cac6ddb38197cdc6b35995a98c3f3812fb88d61b1c300dd3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://user.firmanza.com/static/css/2.601094c6.chunk.css
Origin
https://user.firmanza.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 16:21:47 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 01 Nov 2021 15:22:27 GMT
Server
nginx
ETag
W/"9cd4-17cdc183738"
X-Frame-Options
DENY
Connection
keep-alive
Content-Type
font/woff2
Cache-Control
public, max-age=0
Strict-Transport-Security
max-age=15552000; includeSubDomains; preload
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
40148
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/
23 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://user.firmanza.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 12:11:32 GMT
x-content-type-options
nosniff
age
360615
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:19:01 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 28 Oct 2022 12:11:32 GMT

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| webpackJsonpfirmanza-user-react object| regeneratorRuntime boolean| _pdfjsCompatibilityChecked object| __localeData__

2 Cookies

Domain/Path Name / Value
.firmanza.com/ Name: firmanza.user.sid
Value: s%3A2oT-OK72W8YkDLG99Yzkh5xnhMBc58zA.31N0fSytWFGLKXltd9INjVio7sEBv6YKPHWyOg2rpFs
.firmanza.com/ Name: firmanza.user.csrf
Value: 2jV8rPJK-MSoBLNQNP3CDP4RmWsHgUTjNLTA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY