urlscan.io logo urlscan.io
SecurityTrails logo

capture.odro.io Open in urlscan Pro
52.18.254.116  Public Scan

Go To Rescan Add Verdict Report
URL: https://capture.odro.io/b/l3GaFBP5f
Submission: On September 06 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 20 HTTP transactions. The main IP is 52.18.254.116, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is capture.odro.io.
TLS certificate: Issued by Amazon on June 5th 2022. Valid for: a year.
This is the only time capture.odro.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 52.18.254.116 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:200... 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a03:2880:f02... 32934 (FACEBOOK)
4 52.18.110.176 16509 (AMAZON-02)
1 1 108.138.17.127 16509 (AMAZON-02)
3 18.66.147.3 16509 (AMAZON-02)
20 8
7    52.18.254.116 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-254-116.eu-west-1.compute.amazonaws.com
capture.odro.io
2    2a00:1450:400e:800::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    52.18.110.176 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-110-176.eu-west-1.compute.amazonaws.com
reports-api.sqreen.io
1    108.138.17.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-127.fra56.r.cloudfront.net
widget.intercom.io
3    18.66.147.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-3.fra60.r.cloudfront.net
js.intercomcdn.com
Apex Domain
Subdomains		 Transfer
7 odro.io
capture.odro.io
2 MB
4 sqreen.io
reports-api.sqreen.io — Cisco Umbrella Rank: 151088
3 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 5322
188 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 120
2 KB
1 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 5312
252 B
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 208
27 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 355
28 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 493
51 KB
20 8
Domain Requested by
7 capture.odro.io capture.odro.io
4 reports-api.sqreen.io capture.odro.io
widget.intercom.io
3 js.intercomcdn.com widget.intercom.io
2 fonts.googleapis.com capture.odro.io
1 widget.intercom.io 1 redirects
1 connect.facebook.net capture.odro.io
1 cdnjs.cloudflare.com capture.odro.io
1 cdn.jsdelivr.net capture.odro.io
20 8

This site contains links to these domains. Also see Links.

Domain
www.odro.co.uk
Subject Issuer Validity Valid
odro.io
Amazon		 2022-06-05 -
2023-07-04		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-03-21 -
2023-04-22		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-06-15 -
2022-09-13		 3 months crt.sh
reports-api.sqreen.io
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.intercomcdn.com
Amazon		 2022-01-30 -
2023-02-28		 a year crt.sh

This page contains 2 frames:

Primary Page: https://capture.odro.io/b/l3GaFBP5f
Frame ID: 3B78467D4EF03B88043B83A9434A1900
Requests: 16 HTTP requests in this frame

Frame: https://reports-api.sqreen.io/browser/v0/csp-violations/csp_eca5dec99c609e31f78812760545c67f
Frame ID: E631AC86C6BD4DBACB71DD96F8B5EAEF
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Technical Interview Division - Grid Dynamics

Detected technologies

Overall confidence: 100%
Detected patterns
  • /_nuxt/
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

20
Requests

90 %
HTTPS

50 %
IPv6

8
Domains

8
Subdomains

8
IPs

3
Countries

1869 kB
Transfer

7157 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://widget.intercom.io/widget/r391r5qj HTTP 302
  • https://js.intercomcdn.com/shim.latest.js

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request l3GaFBP5f
capture.odro.io/b/ 		608 KB
68 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://capture.odro.io/b/l3GaFBP5f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.254.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-254-116.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4536c3ba15e1f101ac9d30a7d1364f9c483abee095854914953a0d562b37a9bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://js.stripe.com
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
none
content-encoding
gzip
content-security-policy-report-only
child-src 'self' blob:; connect-src 'self' http://localhost:8081 https://*.facebook.com https://*.odro.co.uk https://*.odro.io https://localhost:8443 https://meet2.odro.co.uk:8443; default-src 'self'; font-src 'self' data: https://*.gstatic.com https://*.microsoft.com https://cdn.jsdelivr.net https://fonts.gstatic.com; frame-src 'self'; img-src 'self' android-webview-video-poster: cid: data: http://*.bullhorn.com http://*.charltonmorris.com http://baxterwilliams.com https://*.ads.linkedin.com https://*.amazonaws.com https://*.bullhornstaffing.com https://*.charltonmorris.com https://*.facebook.com https://*.s3-eu-west-1.amazonaws.com https://*.theonegroup.co.uk https://odrolite.s3-eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com/odrolite-archives/* https://theonegroup.co.uk; manifest-src 'self'; media-src 'self' blob: https://*.odro.co.uk https://*.odro.io https://*.s3.eu-west-1.amazonaws.com https://files.odro.co.uk https://odrolite-archives.s3.eu-west-1.amazonaws.com; object-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.ads.linkedin.com https://*.aspnetcdn.com https://*.cloudflare.com https://*.facebook.net https://*.jquery.com https://*.licdn.com https://*.linkedin.com https://*.microsoft.com https://*.sharepointonline.com; style-src 'self' 'unsafe-inline' https://*.googleapis.com https://*.sharepointonline.com https://cdn.jsdelivr.net https://fonts.googleapis.com; worker-src 'self' blob:; prefetch-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_eca5dec99c609e31f78812760545c67f
content-type
text/html; charset=utf-8
date
Tue, 06 Sep 2022 07:42:22 GMT
etag
"97fca-1glohhw1svDBQSsknrFzfUdS9b0"
ratelimit-limit
3000
ratelimit-remaining
2999
ratelimit-reset
3
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
ALLOW-FROM https://js.stripe.com
x-protected-by
Sqreen
x-ratelimit-limit
3000
x-ratelimit-remaining
2999
x-ratelimit-reset
1662450144
x-xss-protection
1
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Material+Icons
Requested by
Host: capture.odro.io
URL: https://capture.odro.io/b/l3GaFBP5f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:800::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
34a2c5dbc73df082a12f064a929c14cee2a4dab9ba29f10a4591b74540af6f50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://capture.odro.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 07:42:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 06 Sep 2022 07:42:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Sep 2022 07:42:22 GMT
css
fonts.googleapis.com/ 		13 KB
923 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900&display=swap
Requested by
Host: capture.odro.io
URL: https://capture.odro.io/b/l3GaFBP5f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:800::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c44af787f51e875d3ecc44f5bb1989fce5aeeaa1a48cc0851aec4344b5e6d73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://capture.odro.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 07:15:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 06 Sep 2022 07:42:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Sep 2022 07:42:22 GMT
materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@latest/css/ 		321 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css
Requested by
Host: capture.odro.io
URL: https://capture.odro.io/b/l3GaFBP5f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
01f8c6f48ea217d6c394c68e1a68f2958169d972c7b435f4d71361e57c26e411
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://capture.odro.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
38687
x-jsd-version
7.0.96
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
51975
etag
W/"505a4-INFSF/VcDY3YGq5QRH3rBHuiXOA"
x-served-by
cache-fra19124-FRA, cache-hhn4055-HHN
x-jsd-version-type
version
date
Tue, 06 Sep 2022 07:42:22 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
polyfill.min.js
cdnjs.cloudflare.com/ajax/libs/babel-polyfill/7.2.5/ 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/babel-polyfill/7.2.5/polyfill.min.js
Requested by
Host: capture.odro.io
URL: https://capture.odro.io/b/l3GaFBP5f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4c68f0b34a79813171f4674c1d17411378987dccdfa9b1d67ae3582a7b8010a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://capture.odro.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 07:42:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
7030889
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28051
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:06:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d6b-177c1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AsfWc4szzZB7ijiT4pee9oASs9GYdBmU0K5SI931h9O2P2ioEdHeDqMom66D0srrvBqoVPhFFZd884t%2FFnZoLmn75vC1i99cMSaYyW0ymD4vyHie43bali%2FYm%2FpGW5%2FyWNymsmCpTgdE8xzV7JJSGhGa"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
7465914e0f765c1a-FRA
expires
Sun, 27 Aug 2023 07:42:22 GMT
32036d6.js
capture.odro.io/_nuxt/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://capture.odro.io/_nuxt/32036d6.js
Requested by
Host: capture.odro.io
URL: https://capture.odro.io/b/l3GaFBP5f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.254.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-254-116.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8a6e60cc030d161c39d5143d3f595a4ebcf153b84ad48c1f13d392ab82442b3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://js.stripe.com
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://capture.odro.io/b/l3GaFBP5f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 07:42:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
ratelimit-reset
1
content-security-policy-report-only
child-src 'self' blob:; connect-src 'self' http://localhost:8081 https://*.facebook.com https://*.odro.co.uk https://*.odro.io https://localhost:8443 https://meet2.odro.co.uk:8443; default-src 'self'; font-src 'self' data: https://*.gstatic.com https://*.microsoft.com https://cdn.jsdelivr.net https://fonts.gstatic.com; frame-src 'self'; img-src 'self' android-webview-video-poster: cid: data: http://*.bullhorn.com http://*.charltonmorris.com http://baxterwilliams.com https://*.ads.linkedin.com https://*.amazonaws.com https://*.bullhornstaffing.com https://*.charltonmorris.com https://*.facebook.com https://*.s3-eu-west-1.amazonaws.com https://*.theonegroup.co.uk https://odrolite.s3-eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com/odrolite-archives/* https://theonegroup.co.uk; manifest-src 'self'; media-src 'self' blob: https://*.odro.co.uk https://*.odro.io https://*.s3.eu-west-1.amazonaws.com https://files.odro.co.uk https://odrolite-archives.s3.eu-west-1.amazonaws.com; object-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.ads.linkedin.com https://*.aspnetcdn.com https://*.cloudflare.com https://*.facebook.net https://*.jquery.com https://*.licdn.com https://*.linkedin.com https://*.microsoft.com https://*.sharepointonline.com; style-src 'self' 'unsafe-inline' https://*.googleapis.com https://*.sharepointonline.com https://cdn.jsdelivr.net https://fonts.googleapis.com; worker-src 'self' blob:; prefetch-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_eca5dec99c609e31f78812760545c67f
x-protected-by
Sqreen
ratelimit-limit
3000
vary
Accept-Encoding
x-xss-protection
1
last-modified
Wed, 24 Aug 2022 13:54:11 GMT
x-frame-options
ALLOW-FROM https://js.stripe.com
etag
W/"95c-182d021c7b8"
x-ratelimit-remaining
2998
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
x-ratelimit-reset
1662450144
x-ratelimit-limit
3000
accept-ranges
bytes
ratelimit-remaining
2998
0f78643.js
capture.odro.io/_nuxt/ 		205 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://capture.odro.io/_nuxt/0f78643.js
Requested by
Host: capture.odro.io
URL: https://capture.odro.io/b/l3GaFBP5f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.254.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-254-116.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
3df8240e0fd937a0ef83367c81ab4526ac9516bec5df219e9bc3459ab859d983
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://js.stripe.com
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://capture.odro.io/b/l3GaFBP5f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 07:42:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
ratelimit-reset
1
content-security-policy-report-only
child-src 'self' blob:; connect-src 'self' http://localhost:8081 https://*.facebook.com https://*.odro.co.uk https://*.odro.io https://localhost:8443 https://meet2.odro.co.uk:8443; default-src 'self'; font-src 'self' data: https://*.gstatic.com https://*.microsoft.com https://cdn.jsdelivr.net https://fonts.gstatic.com; frame-src 'self'; img-src 'self' android-webview-video-poster: cid: data: http://*.bullhorn.com http://*.charltonmorris.com http://baxterwilliams.com https://*.ads.linkedin.com https://*.amazonaws.com https://*.bullhornstaffing.com https://*.charltonmorris.com https://*.facebook.com https://*.s3-eu-west-1.amazonaws.com https://*.theonegroup.co.uk https://odrolite.s3-eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com/odrolite-archives/* https://theonegroup.co.uk; manifest-src 'self'; media-src 'self' blob: https://*.odro.co.uk https://*.odro.io https://*.s3.eu-west-1.amazonaws.com https://files.odro.co.uk https://odrolite-archives.s3.eu-west-1.amazonaws.com; object-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.ads.linkedin.com https://*.aspnetcdn.com https://*.cloudflare.com https://*.facebook.net https://*.jquery.com https://*.licdn.com https://*.linkedin.com https://*.microsoft.com https://*.sharepointonline.com; style-src 'self' 'unsafe-inline' https://*.googleapis.com https://*.sharepointonline.com https://cdn.jsdelivr.net https://fonts.googleapis.com; worker-src 'self' blob:; prefetch-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_eca5dec99c609e31f78812760545c67f
x-protected-by
Sqreen
ratelimit-limit
3000
vary
Accept-Encoding
x-xss-protection
1
last-modified
Wed, 24 Aug 2022 13:54:11 GMT
x-frame-options
ALLOW-FROM https://js.stripe.com
etag
W/"334ec-182d021c7b8"
x-ratelimit-remaining
2997
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
x-ratelimit-reset
1662450144
x-ratelimit-limit
3000
accept-ranges
bytes
ratelimit-remaining
2997
04c35ef.js
capture.odro.io/_nuxt/ 		4 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://capture.odro.io/_nuxt/04c35ef.js
Requested by
Host: capture.odro.io
URL: https://capture.odro.io/b/l3GaFBP5f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.254.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-254-116.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
cf7d7d01ba03303ccd3992c75d324527c9ba92139d38367cda204136891b2a6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://js.stripe.com
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://capture.odro.io/b/l3GaFBP5f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 07:42:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
ratelimit-reset
1
content-security-policy-report-only
child-src 'self' blob:; connect-src 'self' http://localhost:8081 https://*.facebook.com https://*.odro.co.uk https://*.odro.io https://localhost:8443 https://meet2.odro.co.uk:8443; default-src 'self'; font-src 'self' data: https://*.gstatic.com https://*.microsoft.com https://cdn.jsdelivr.net https://fonts.gstatic.com; frame-src 'self'; img-src 'self' android-webview-video-poster: cid: data: http://*.bullhorn.com http://*.charltonmorris.com http://baxterwilliams.com https://*.ads.linkedin.com https://*.amazonaws.com https://*.bullhornstaffing.com https://*.charltonmorris.com https://*.facebook.com https://*.s3-eu-west-1.amazonaws.com https://*.theonegroup.co.uk https://odrolite.s3-eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com/odrolite-archives/* https://theonegroup.co.uk; manifest-src 'self'; media-src 'self' blob: https://*.odro.co.uk https://*.odro.io https://*.s3.eu-west-1.amazonaws.com https://files.odro.co.uk https://odrolite-archives.s3.eu-west-1.amazonaws.com; object-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.ads.linkedin.com https://*.aspnetcdn.com https://*.cloudflare.com https://*.facebook.net https://*.jquery.com https://*.licdn.com https://*.linkedin.com https://*.microsoft.com https://*.sharepointonline.com; style-src 'self' 'unsafe-inline' https://*.googleapis.com https://*.sharepointonline.com https://cdn.jsdelivr.net https://fonts.googleapis.com; worker-src 'self' blob:; prefetch-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_eca5dec99c609e31f78812760545c67f
x-protected-by
Sqreen
ratelimit-limit
3000
vary
Accept-Encoding
x-xss-protection
1
last-modified
Wed, 24 Aug 2022 13:54:11 GMT
x-frame-options
ALLOW-FROM https://js.stripe.com
etag
W/"41590d-182d021c7b8"
x-ratelimit-remaining
2995
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
x-ratelimit-reset
1662450144
x-ratelimit-limit
3000
accept-ranges
bytes
ratelimit-remaining
2995
ff38995.js
capture.odro.io/_nuxt/ 		320 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://capture.odro.io/_nuxt/ff38995.js
Requested by
Host: capture.odro.io
URL: https://capture.odro.io/b/l3GaFBP5f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.254.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-254-116.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
00b2b13e3ed722d68d1685dea7f31f4a63a4a10b0a4204d5fc96c73f6c4ae350
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://js.stripe.com
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://capture.odro.io/b/l3GaFBP5f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 07:42:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
ratelimit-reset
1
content-security-policy-report-only
child-src 'self' blob:; connect-src 'self' http://localhost:8081 https://*.facebook.com https://*.odro.co.uk https://*.odro.io https://localhost:8443 https://meet2.odro.co.uk:8443; default-src 'self'; font-src 'self' data: https://*.gstatic.com https://*.microsoft.com https://cdn.jsdelivr.net https://fonts.gstatic.com; frame-src 'self'; img-src 'self' android-webview-video-poster: cid: data: http://*.bullhorn.com http://*.charltonmorris.com http://baxterwilliams.com https://*.ads.linkedin.com https://*.amazonaws.com https://*.bullhornstaffing.com https://*.charltonmorris.com https://*.facebook.com https://*.s3-eu-west-1.amazonaws.com https://*.theonegroup.co.uk https://odrolite.s3-eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com/odrolite-archives/* https://theonegroup.co.uk; manifest-src 'self'; media-src 'self' blob: https://*.odro.co.uk https://*.odro.io https://*.s3.eu-west-1.amazonaws.com https://files.odro.co.uk https://odrolite-archives.s3.eu-west-1.amazonaws.com; object-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.ads.linkedin.com https://*.aspnetcdn.com https://*.cloudflare.com https://*.facebook.net https://*.jquery.com https://*.licdn.com https://*.linkedin.com https://*.microsoft.com https://*.sharepointonline.com; style-src 'self' 'unsafe-inline' https://*.googleapis.com https://*.sharepointonline.com https://cdn.jsdelivr.net https://fonts.googleapis.com; worker-src 'self' blob:; prefetch-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_eca5dec99c609e31f78812760545c67f
x-protected-by
Sqreen
ratelimit-limit
3000
vary
Accept-Encoding
x-xss-protection
1
last-modified
Wed, 24 Aug 2022 13:54:11 GMT
x-frame-options
ALLOW-FROM https://js.stripe.com
etag
W/"50168-182d021c7b8"
x-ratelimit-remaining
2996
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
x-ratelimit-reset
1662450144
x-ratelimit-limit
3000
accept-ranges
bytes
ratelimit-remaining
2996
odro-logo-no-shaddow-colour.ff5868f.svg
capture.odro.io/_nuxt/img/ 		13 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.odro.io/_nuxt/img/odro-logo-no-shaddow-colour.ff5868f.svg
Requested by
Host: capture.odro.io
URL: https://capture.odro.io/b/l3GaFBP5f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.254.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-254-116.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
9d398797a3eb203e36af13d5d4a7c26f71f919b3913d1825bdd358e292515edb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://js.stripe.com
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://capture.odro.io/b/l3GaFBP5f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 07:42:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
ratelimit-reset
1
content-security-policy-report-only
child-src 'self' blob:; connect-src 'self' http://localhost:8081 https://*.facebook.com https://*.odro.co.uk https://*.odro.io https://localhost:8443 https://meet2.odro.co.uk:8443; default-src 'self'; font-src 'self' data: https://*.gstatic.com https://*.microsoft.com https://cdn.jsdelivr.net https://fonts.gstatic.com; frame-src 'self'; img-src 'self' android-webview-video-poster: cid: data: http://*.bullhorn.com http://*.charltonmorris.com http://baxterwilliams.com https://*.ads.linkedin.com https://*.amazonaws.com https://*.bullhornstaffing.com https://*.charltonmorris.com https://*.facebook.com https://*.s3-eu-west-1.amazonaws.com https://*.theonegroup.co.uk https://odrolite.s3-eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com/odrolite-archives/* https://theonegroup.co.uk; manifest-src 'self'; media-src 'self' blob: https://*.odro.co.uk https://*.odro.io https://*.s3.eu-west-1.amazonaws.com https://files.odro.co.uk https://odrolite-archives.s3.eu-west-1.amazonaws.com; object-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.ads.linkedin.com https://*.aspnetcdn.com https://*.cloudflare.com https://*.facebook.net https://*.jquery.com https://*.licdn.com https://*.linkedin.com https://*.microsoft.com https://*.sharepointonline.com; style-src 'self' 'unsafe-inline' https://*.googleapis.com https://*.sharepointonline.com https://cdn.jsdelivr.net https://fonts.googleapis.com; worker-src 'self' blob:; prefetch-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_eca5dec99c609e31f78812760545c67f
x-protected-by
Sqreen
ratelimit-limit
3000
vary
Accept-Encoding
x-xss-protection
1
last-modified
Wed, 24 Aug 2022 13:54:11 GMT
x-frame-options
ALLOW-FROM https://js.stripe.com
etag
W/"3337-182d021c7b8"
x-ratelimit-remaining
2994
content-type
image/svg+xml
cache-control
public, max-age=31536000
x-ratelimit-reset
1662450144
x-ratelimit-limit
3000
accept-ranges
bytes
ratelimit-remaining
2994
Baloo2-Regular.a95cb88.ttf
capture.odro.io/_nuxt/fonts/ 		640 KB
248 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://capture.odro.io/_nuxt/fonts/Baloo2-Regular.a95cb88.ttf
Requested by
Host: capture.odro.io
URL: https://capture.odro.io/b/l3GaFBP5f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.254.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-254-116.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
421e87b5163bea7907266aa22b53a878c853f82ae51ad94e1c7be64a9572ae28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://js.stripe.com
X-Xss-Protection 1

Request headers

Referer
https://capture.odro.io/b/l3GaFBP5f
Origin
https://capture.odro.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 07:42:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
ratelimit-reset
1
content-security-policy-report-only
child-src 'self' blob:; connect-src 'self' http://localhost:8081 https://*.facebook.com https://*.odro.co.uk https://*.odro.io https://localhost:8443 https://meet2.odro.co.uk:8443; default-src 'self'; font-src 'self' data: https://*.gstatic.com https://*.microsoft.com https://cdn.jsdelivr.net https://fonts.gstatic.com; frame-src 'self'; img-src 'self' android-webview-video-poster: cid: data: http://*.bullhorn.com http://*.charltonmorris.com http://baxterwilliams.com https://*.ads.linkedin.com https://*.amazonaws.com https://*.bullhornstaffing.com https://*.charltonmorris.com https://*.facebook.com https://*.s3-eu-west-1.amazonaws.com https://*.theonegroup.co.uk https://odrolite.s3-eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com/odrolite-archives/* https://theonegroup.co.uk; manifest-src 'self'; media-src 'self' blob: https://*.odro.co.uk https://*.odro.io https://*.s3.eu-west-1.amazonaws.com https://files.odro.co.uk https://odrolite-archives.s3.eu-west-1.amazonaws.com; object-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.ads.linkedin.com https://*.aspnetcdn.com https://*.cloudflare.com https://*.facebook.net https://*.jquery.com https://*.licdn.com https://*.linkedin.com https://*.microsoft.com https://*.sharepointonline.com; style-src 'self' 'unsafe-inline' https://*.googleapis.com https://*.sharepointonline.com https://cdn.jsdelivr.net https://fonts.googleapis.com; worker-src 'self' blob:; prefetch-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_eca5dec99c609e31f78812760545c67f
x-protected-by
Sqreen
ratelimit-limit
3000
vary
Accept-Encoding
x-xss-protection
1
last-modified
Wed, 24 Aug 2022 13:54:11 GMT
x-frame-options
ALLOW-FROM https://js.stripe.com
etag
W/"9fe34-182d021c7b8"
x-ratelimit-remaining
2993
content-type
font/ttf
cache-control
public, max-age=31536000
x-ratelimit-reset
1662450144
x-ratelimit-limit
3000
accept-ranges
bytes
ratelimit-remaining
2993
fbevents.js
connect.facebook.net/en_US/ 		100 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: capture.odro.io
URL: https://capture.odro.io/_nuxt/ff38995.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6a0f07fac6fc58958b0e670e2d2927901e052938b2162c1553817aa4cbf5de2f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://capture.odro.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26752
x-xss-protection
0
pragma
public
x-fb-debug
5x3qzN0XLbbqGwvuhrx3s62QIezZ2K9weESRP8p+fYh4vg/oCJXUYCprqPH3jaJp+eYSlFDbNFCOYpdV+t/nrQ==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 06 Sep 2022 07:42:23 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
276257b6-256e-4c24-98bc-0816e2c17784
https://capture.odro.io/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://capture.odro.io/276257b6-256e-4c24-98bc-0816e2c17784
Requested by
Host: capture.odro.io
URL: https://capture.odro.io/b/l3GaFBP5f
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
csp_eca5dec99c609e31f78812760545c67f
reports-api.sqreen.io/browser/v0/csp-violations/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://reports-api.sqreen.io/browser/v0/csp-violations/csp_eca5dec99c609e31f78812760545c67f
Requested by
Host: capture.odro.io
URL: https://capture.odro.io/_nuxt/ff38995.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.110.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-110-176.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://capture.odro.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/csp-report

Response headers
shim.latest.js
js.intercomcdn.com/
Redirect Chain
  • https://widget.intercom.io/widget/r391r5qj
  • https://js.intercomcdn.com/shim.latest.js
18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Server
18.66.147.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-3.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0fad973b0e01a95755686724f38b5598671d22d6aae6b2e9cdb31adea68462aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://capture.odro.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 07:39:25 GMT
content-encoding
gzip
age
179
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
6173
last-modified
Mon, 05 Sep 2022 16:39:21 GMT
server
AmazonS3
etag
"26245fb6e45bb6a691852fc2dc08be97"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-version-id
QFN9_cJHH3ThuO1dRIpj4vKzIGOOAX6W
via
1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
cache-control
max-age=300, s-maxage=300, public
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-type
application/javascript; charset=UTF-8
x-amz-cf-id
AZulACiqfQ-KAlhBCjj1X3Y9FHbPJTO0eR2hjzX5m8de4q_05WCBRw==

Redirect headers

date
Mon, 11 Apr 2022 06:24:36 GMT
via
1.1 8dc3ccc34d68ee81173fff2a80f72bde.cloudfront.net (CloudFront)
server
AmazonS3
age
12791868
x-cache
Hit from cloudfront
location
https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop
FRA56-P7
content-length
0
x-amz-cf-id
vKJiZFH7P6o-ey_kDr7W60mCRMFB15Y0P7_HZ6uSwtCaIJJsOLDw1g==
csp_eca5dec99c609e31f78812760545c67f
reports-api.sqreen.io/browser/v0/csp-violations/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://reports-api.sqreen.io/browser/v0/csp-violations/csp_eca5dec99c609e31f78812760545c67f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.110.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-110-176.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://capture.odro.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/csp-report

Response headers
csp_eca5dec99c609e31f78812760545c67f
reports-api.sqreen.io/browser/v0/csp-violations/ Frame E631 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://reports-api.sqreen.io/browser/v0/csp-violations/csp_eca5dec99c609e31f78812760545c67f
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/r391r5qj
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.110.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-110-176.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/csp-report

Response headers
frame-modern.662b7bdc.js
js.intercomcdn.com/ Frame E631 		414 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.662b7bdc.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/r391r5qj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-3.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0290cda2c5c45769d1ff64cb48c63adb102e1f6addfad56db7edb3aa739abd65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
4iJni8fDNJG4s9NotoKW1aKNNCqjnJSl
content-encoding
gzip
etag
"8704d8af05d4b19e5120b30bdffc9841"
age
5226
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
vary
Accept-Encoding
content-length
115718
last-modified
Mon, 05 Sep 2022 16:37:06 GMT
server
AmazonS3
date
Tue, 06 Sep 2022 06:15:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=UTF-8
via
1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-amz-cf-id
R5w_-IgDR_Wgvfvjz0svifX1HcOzFLuOAtXlqmXz8mzcOxh28DTYmQ==
csp_eca5dec99c609e31f78812760545c67f
reports-api.sqreen.io/browser/v0/csp-violations/ Frame E631 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://reports-api.sqreen.io/browser/v0/csp-violations/csp_eca5dec99c609e31f78812760545c67f
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/r391r5qj
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.110.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-110-176.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/csp-report

Response headers
vendor-modern.b6a2a0ba.js
js.intercomcdn.com/ Frame E631 		217 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.b6a2a0ba.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/r391r5qj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-3.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
78510b605fa47bd465061fc6dfac7533532d2aa2abb48588aa42606cf61665ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
05y_WfEY8YUPF6eYggZfe470.fVfcUlO
content-encoding
gzip
etag
"8e78466abcb6fcf5a9070ca4e38bc824"
age
980
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
vary
Accept-Encoding
content-length
68864
last-modified
Fri, 02 Sep 2022 16:20:48 GMT
server
AmazonS3
date
Tue, 06 Sep 2022 07:26:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=UTF-8
via
1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-amz-cf-id
5ZZ-FvrF-_RqrB2awbxTdWBvlEzabeSmnVvk3TJ9j7EYQHb_wl2pXQ==

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| core object| __core-js_shared__ function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| __NUXT__ object| webpackJsonp object| onNuxtReadyCbs function| onNuxtReady function| _ object| TreemapSquared function| SVG object| Apex function| ApexCharts function| __NUXT_JSONP__ object| __NUXT_JSONP_CACHE__ function| __NUXT_IMPORT__ function| Intercom object| vttjs function| WebVTT function| _nuxt_linkedin_inject_insight function| fbq function| _fbq object| $nuxt function| __intercomAssignLocation

2 Cookies

Domain/Path Name / Value
capture.odro.io/ Name: AWSALB
Value: F+E+NINjYwTAEG3p9thE/v3ONbc+oY5cpDDd0UPQvCaZF84pvhfSUfREThDK2HmXzDzoApnq9eDmM8uojRtJyJv3jVwygufvJsCUO5PJaiK/AKpfNwBw5P027kgo
capture.odro.io/ Name: AWSALBCORS
Value: F+E+NINjYwTAEG3p9thE/v3ONbc+oY5cpDDd0UPQvCaZF84pvhfSUfREThDK2HmXzDzoApnq9eDmM8uojRtJyJv3jVwygufvJsCUO5PJaiK/AKpfNwBw5P027kgo

4 Console Messages

Source Level URL
Text
security error URL: https://capture.odro.io/_nuxt/ff38995.js
Message:
[Report Only] Refused to load the script 'https://widget.intercom.io/widget/r391r5qj' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.ads.linkedin.com https://*.aspnetcdn.com https://*.cloudflare.com https://*.facebook.net https://*.jquery.com https://*.licdn.com https://*.linkedin.com https://*.microsoft.com https://*.sharepointonline.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://capture.odro.io/b/l3GaFBP5f
Message:
[Report Only] Refused to load the script 'https://js.intercomcdn.com/shim.latest.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.ads.linkedin.com https://*.aspnetcdn.com https://*.cloudflare.com https://*.facebook.net https://*.jquery.com https://*.licdn.com https://*.linkedin.com https://*.microsoft.com https://*.sharepointonline.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://widget.intercom.io/widget/r391r5qj
Message:
[Report Only] Refused to load the script 'https://js.intercomcdn.com/frame-modern.662b7bdc.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.ads.linkedin.com https://*.aspnetcdn.com https://*.cloudflare.com https://*.facebook.net https://*.jquery.com https://*.licdn.com https://*.linkedin.com https://*.microsoft.com https://*.sharepointonline.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://widget.intercom.io/widget/r391r5qj
Message:
[Report Only] Refused to load the script 'https://js.intercomcdn.com/vendor-modern.b6a2a0ba.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.ads.linkedin.com https://*.aspnetcdn.com https://*.cloudflare.com https://*.facebook.net https://*.jquery.com https://*.licdn.com https://*.linkedin.com https://*.microsoft.com https://*.sharepointonline.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://js.stripe.com
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

capture.odro.io
cdn.jsdelivr.net
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
js.intercomcdn.com
reports-api.sqreen.io
widget.intercom.io
108.138.17.127
18.66.147.3
2606:4700::6811:190e
2a00:1450:400e:800::200a
2a03:2880:f02d:100:face:b00c:0:3
2a04:4e42:200::485
52.18.110.176
52.18.254.116
00b2b13e3ed722d68d1685dea7f31f4a63a4a10b0a4204d5fc96c73f6c4ae350
01f8c6f48ea217d6c394c68e1a68f2958169d972c7b435f4d71361e57c26e411
0290cda2c5c45769d1ff64cb48c63adb102e1f6addfad56db7edb3aa739abd65
0fad973b0e01a95755686724f38b5598671d22d6aae6b2e9cdb31adea68462aa
34a2c5dbc73df082a12f064a929c14cee2a4dab9ba29f10a4591b74540af6f50
3df8240e0fd937a0ef83367c81ab4526ac9516bec5df219e9bc3459ab859d983
421e87b5163bea7907266aa22b53a878c853f82ae51ad94e1c7be64a9572ae28
4536c3ba15e1f101ac9d30a7d1364f9c483abee095854914953a0d562b37a9bc
6a0f07fac6fc58958b0e670e2d2927901e052938b2162c1553817aa4cbf5de2f
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
78510b605fa47bd465061fc6dfac7533532d2aa2abb48588aa42606cf61665ac
8a6e60cc030d161c39d5143d3f595a4ebcf153b84ad48c1f13d392ab82442b3d
8c44af787f51e875d3ecc44f5bb1989fce5aeeaa1a48cc0851aec4344b5e6d73
9d398797a3eb203e36af13d5d4a7c26f71f919b3913d1825bdd358e292515edb
cf7d7d01ba03303ccd3992c75d324527c9ba92139d38367cda204136891b2a6c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c68f0b34a79813171f4674c1d17411378987dccdfa9b1d67ae3582a7b8010a