Submitted URL: https://auth.materials.zone/
Effective URL: https://app.materials.zone/
Submission: On August 14 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 11 IPs in 2 countries across 9 domains to perform 27 HTTP transactions. The main IP is 2606:4700:10::6816:1b5c, located in United States and belongs to CLOUDFLARENET, US. The main domain is app.materials.zone.
TLS certificate: Issued by WE1 on July 11th 2024. Valid for: 3 months.
This is the only time app.materials.zone was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
13 materials.zone
auth.materials.zone
app.materials.zone
api.materials.zone
logging.materials.zone
1 MB
4 bokeh.org
cdn.bokeh.org — Cisco Umbrella Rank: 713411
380 KB
3 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 5025
api-iam.intercom.io — Cisco Umbrella Rank: 5121
8 KB
2 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 7846
283 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3123
1 mixpanel.com
api-js.mixpanel.com
375 B
1 gstatic.com
fonts.gstatic.com
48 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
99 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
27 9
Domain Requested by
7 app.materials.zone app.materials.zone
4 cdn.bokeh.org app.materials.zone
3 api.materials.zone app.materials.zone
2 logging.materials.zone app.materials.zone
2 api-iam.intercom.io js.intercomcdn.com
2 js.intercomcdn.com widget.intercom.io
2 region1.google-analytics.com www.googletagmanager.com
1 api-js.mixpanel.com app.materials.zone
1 widget.intercom.io app.materials.zone
1 fonts.gstatic.com fonts.googleapis.com
1 www.googletagmanager.com app.materials.zone
1 fonts.googleapis.com app.materials.zone
1 auth.materials.zone 1 redirects
27 13

This site contains no links.

Subject Issuer Validity Valid
materials.zone
WE1
2024-07-11 -
2024-10-09
3 months crt.sh
upload.video.google.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
cdn.bokeh.org
Amazon RSA 2048 M02
2024-02-17 -
2025-03-16
a year crt.sh
*.google-analytics.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
*.gstatic.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
*.intercom.com
Amazon RSA 2048 M03
2024-01-15 -
2025-02-11
a year crt.sh
*.intercomcdn.com
Amazon RSA 2048 M02
2023-12-01 -
2024-12-29
a year crt.sh
*.mixpanel.com
GeoTrust TLS RSA CA G1
2024-02-08 -
2025-03-10
a year crt.sh

This page contains 2 frames:

Primary Page: https://app.materials.zone/
Frame ID: F1AEF069752EB01F19B505B8BCE0CDB8
Requests: 21 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.774b9747.js
Frame ID: 218264CC143E447A299A9BA0424D7BE0
Requests: 4 HTTP requests in this frame

Screenshot

Page Title

Login - Materials.Zone

Page URL History Show full URLs

  1. https://auth.materials.zone/ HTTP 301
    https://app.materials.zone/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bokeh.*\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

27
Requests

100 %
HTTPS

64 %
IPv6

9
Domains

13
Subdomains

11
IPs

2
Countries

2116 kB
Transfer

7224 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://auth.materials.zone/ HTTP 301
    https://app.materials.zone/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
app.materials.zone/
Redirect Chain
  • https://auth.materials.zone/
  • https://app.materials.zone/
18 KB
7 KB
Document
General
Full URL
https://app.materials.zone/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d901128c16583b49d2e55ca2cfbef5bb8d66303340e7be40bbb16a31b4235f9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8b32c21a3fd0bbb9-FRA
content-encoding
br
content-type
text/html
date
Wed, 14 Aug 2024 17:45:22 GMT
last-modified
Tue, 13 Aug 2024 15:01:29 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 google
x-frame-options
DENY

Redirect headers

accept-ranges
bytes
cf-cache-status
DYNAMIC
cf-ray
8b32c219bf06bbb9-FRA
content-length
42
content-type
text/plain; charset=utf-8
date
Wed, 14 Aug 2024 17:45:22 GMT
location
https://app.materials.zone/
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
x-cache-hits
1
x-served-by
cache-fra-eddf8230090-FRA
x-timer
S1723657522.225076,VS0,VE2
css2
fonts.googleapis.com/
7 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;500;700&display=swap
Requested by
Host: app.materials.zone
URL: https://app.materials.zone/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9400444f9f69d19fb7ed5395d523d0a456927f42f198fbfd874af30baf0b6409
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://app.materials.zone/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 14 Aug 2024 17:45:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 14 Aug 2024 17:38:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 14 Aug 2024 17:45:22 GMT
main.9a0e3007.js
app.materials.zone/static/js/
4 MB
1 MB
Script
General
Full URL
https://app.materials.zone/static/js/main.9a0e3007.js
Requested by
Host: app.materials.zone
URL: https://app.materials.zone/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85b4268f003df2c4208a370f254daf6226a2960bf54f89bbe98aeda85da5437d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options DENY

Request headers

Referer
https://app.materials.zone/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 17:45:22 GMT
via
1.1 google
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 13 Aug 2024 15:01:29 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
etag
W/"66bb7549-4758db"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8b32c21c2a5cbbb9-FRA
main.cba07276.css
app.materials.zone/static/css/
18 KB
4 KB
Stylesheet
General
Full URL
https://app.materials.zone/static/css/main.cba07276.css
Requested by
Host: app.materials.zone
URL: https://app.materials.zone/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91fad3220418e76580b8e57266a7123ec49afc5d35069006cf1264afcb23e6ef
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options DENY

Request headers

Referer
https://app.materials.zone/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 17:45:22 GMT
via
1.1 google
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 13 Aug 2024 15:01:29 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
etag
W/"66bb7549-48b8"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
8b32c21c2a57bbb9-FRA
intercom.js
app.materials.zone/
601 B
428 B
Script
General
Full URL
https://app.materials.zone/intercom.js
Requested by
Host: app.materials.zone
URL: https://app.materials.zone/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90d1190e52f95e6cd052e9d948fe9ad275c2b9e4ba2a4d074cdbebf6795d56bb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options DENY

Request headers

Referer
https://app.materials.zone/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 17:45:22 GMT
via
1.1 google
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 13 Aug 2024 14:59:36 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
etag
W/"66bb74d8-259"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8b32c21c2a5abbb9-FRA
bokeh-2.4.3.min.js
cdn.bokeh.org/bokeh/release/
782 KB
244 KB
Script
General
Full URL
https://cdn.bokeh.org/bokeh/release/bokeh-2.4.3.min.js
Requested by
Host: app.materials.zone
URL: https://app.materials.zone/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:3600:18:5d4a:9840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58402a3faf006ce70814f6a5978f9335fd02899bd391525589a827e845b2f626

Request headers

Referer
https://app.materials.zone/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 24 Sep 2023 13:33:27 GMT
content-encoding
gzip
via
1.1 ad82d8a80f2c6497aad660c7722475c0.cloudfront.net (CloudFront)
x-amz-version-id
2wOH.Qypjos2wNyxm8AMxnArKeVM7kQC
last-modified
Wed, 18 May 2022 18:23:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
age
28095117
etag
W/"dce7162a01bbbc39ce1fd2f7080c4f8b"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
x-amz-cf-id
qiMH6mSJcv3DXEVxxovYzVvU9Yh4Id3K1repQU0sR7Rdca1dXGbF8Q==
bokeh-widgets-2.4.3.min.js
cdn.bokeh.org/bokeh/release/
246 KB
59 KB
Script
General
Full URL
https://cdn.bokeh.org/bokeh/release/bokeh-widgets-2.4.3.min.js
Requested by
Host: app.materials.zone
URL: https://app.materials.zone/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:3600:18:5d4a:9840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bb7520b96e7fa5d9f82a8ffc9460a49f0521713748a800bcd66c43f3d07f974f

Request headers

Referer
https://app.materials.zone/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 11:20:22 GMT
content-encoding
br
via
1.1 ad82d8a80f2c6497aad660c7722475c0.cloudfront.net (CloudFront)
x-amz-version-id
Dva0W4.sWXrqEvMqswkw8IkZDs2.tnds
last-modified
Wed, 18 May 2022 18:23:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
age
23264701
etag
W/"6c2bd0cb0b0fed17c3e80901a47a2529"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
x-amz-cf-id
8b7Y-nzlB-XtbmzHYoQgzaY1uLsPJ489_uZn6MH6zX8I76uZ4OGTCQ==
bokeh-gl-2.4.3.min.js
cdn.bokeh.org/bokeh/release/
187 KB
52 KB
Script
General
Full URL
https://cdn.bokeh.org/bokeh/release/bokeh-gl-2.4.3.min.js
Requested by
Host: app.materials.zone
URL: https://app.materials.zone/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:3600:18:5d4a:9840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42cd7d35ca6cd70c3eb9706d82622d343193e292e0c8588ca2e875596a5f95d4

Request headers

Referer
https://app.materials.zone/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 19:00:03 GMT
content-encoding
br
via
1.1 ad82d8a80f2c6497aad660c7722475c0.cloudfront.net (CloudFront)
x-amz-version-id
0BzU1wibJo7dftaOpGWQob3sLH9S1SOg
last-modified
Wed, 18 May 2022 18:23:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
age
18830721
etag
W/"1e083a1d0e56b718356b0dd97333abf2"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
x-amz-cf-id
mn1Qj9tz8sM1VgMN34EVencmPMYCpFd15uQd1SzyPgY2ArwaNu2qUg==
bokeh-api-2.4.3.min.js
cdn.bokeh.org/bokeh/release/
87 KB
24 KB
Script
General
Full URL
https://cdn.bokeh.org/bokeh/release/bokeh-api-2.4.3.min.js
Requested by
Host: app.materials.zone
URL: https://app.materials.zone/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:3600:18:5d4a:9840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39da54b039874f61a8dbad367aa042a478261ac8c47cb7e31e75df714dbb593a

Request headers

Referer
https://app.materials.zone/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:15:16 GMT
content-encoding
br
via
1.1 ad82d8a80f2c6497aad660c7722475c0.cloudfront.net (CloudFront)
x-amz-version-id
u.pYcU6wQX9gZ.bYAZcykhLkzRSyXFxC
last-modified
Wed, 18 May 2022 18:23:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
age
23157008
etag
W/"06493b2d1bf5d456ec780f1c1beb21a1"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
x-amz-cf-id
YZ6X5zrvjCo4fjw82BbC76sNJ_mqQ82scOhuBEDUb0RHub7CA-C1QQ==
js
www.googletagmanager.com/gtag/
295 KB
99 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-K0N2EZ9FMK
Requested by
Host: app.materials.zone
URL: https://app.materials.zone/static/js/main.9a0e3007.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3f32b730cec6e3bb1ba6e77bc96003c1f73fee0dddb2eced7aebb052089ffed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://app.materials.zone/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 17:45:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
101074
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 14 Aug 2024 17:45:24 GMT
graphql
api.materials.zone/ Frame
0
0
Preflight
General
Full URL
https://api.materials.zone/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:ddd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-mz-api-feature
Access-Control-Request-Method
POST
Origin
https://app.materials.zone
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,X-Tableau-Auth,X-MZ-API-Feature
access-control-allow-methods
GET,POST,PATCH,DELETE,PUT,settings
access-control-allow-origin
https://app.materials.zone
cf-cache-status
DYNAMIC
cf-ray
8b32c2294d729b95-FRA
content-length
0
content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Wed, 14 Aug 2024 17:45:24 GMT
origin-agent-cluster
?1
referrer-policy
no-referrer
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
vary
Origin
via
1.1 google
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
graphql
api.materials.zone/
105 B
230 B
Fetch
General
Full URL
https://api.materials.zone/graphql
Requested by
Host: app.materials.zone
URL: https://app.materials.zone/static/js/main.9a0e3007.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:ddd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e4fb42d55b25383066d5a3c4994862e909c5357bd15bbb729b7189f7d2b49ae
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept
*/*
x-mz-api-feature
tables
Referer
https://app.materials.zone/
authorization
undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Wed, 14 Aug 2024 17:45:24 GMT
content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 google
x-permitted-cross-domain-policies
none
cf-cache-status
DYNAMIC
cross-origin-embedder-policy
require-corp
x-dns-prefetch-control
off
cross-origin-resource-policy
same-origin
content-length
105
x-xss-protection
0
referrer-policy
no-referrer
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"69-W8SLIBXU+2PQ/tpuGIrXh17XtKk"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://app.materials.zone
origin-agent-cluster
?1
access-control-allow-credentials
true
cf-ray
8b32c229ce1e9b95-FRA
auth-page-header-left.svg
app.materials.zone/img/
5 KB
1 KB
Image
General
Full URL
https://app.materials.zone/img/auth-page-header-left.svg
Requested by
Host: app.materials.zone
URL: https://app.materials.zone/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c0cd1e26d6743bc4611f9519c2a61b73f9360d24d08f855e62485f36aba9278
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options DENY

Request headers

Referer
https://app.materials.zone/signin
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 17:45:24 GMT
via
1.1 google
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 13 Aug 2024 14:59:36 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
etag
W/"66bb74d8-13d9"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
8b32c2297eb9bbb9-FRA
auth-page-header-right.svg
app.materials.zone/img/
4 KB
1 KB
Image
General
Full URL
https://app.materials.zone/img/auth-page-header-right.svg
Requested by
Host: app.materials.zone
URL: https://app.materials.zone/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfa8874600f2cc9e03cb92fe1deeb4c68647819d3daf24de95a62ae9dd814bb3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options DENY

Request headers

Referer
https://app.materials.zone/signin
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 17:45:24 GMT
via
1.1 google
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 13 Aug 2024 14:59:36 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
etag
W/"66bb74d8-1007"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
8b32c2297ebcbbb9-FRA
UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/
47 KB
48 KB
Font
General
Full URL
https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://app.materials.zone
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 13:58:37 GMT
x-content-type-options
nosniff
age
100007
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48444
x-xss-protection
0
last-modified
Mon, 29 Jul 2024 22:51:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Aug 2025 13:58:37 GMT
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-K0N2EZ9FMK&gtm=45je48c0v897668075za200&_p=1723657524434&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=253233358.1723657525&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1723657524&sct=1&seg=0&dl=https%3A%2F%2Fapp.materials.zone%2Fsignin&dt=Login%20-%20Materials.Zone&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.debug_mode=false&tfd=2818
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K0N2EZ9FMK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://app.materials.zone/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Aug 2024 17:45:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.materials.zone
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
f5fczxgu
widget.intercom.io/widget/
7 KB
3 KB
Script
General
Full URL
https://widget.intercom.io/widget/f5fczxgu
Requested by
Host: app.materials.zone
URL: https://app.materials.zone/intercom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be4f8bac13670dc2b95c5b53b9ff038507456b83960babef69a010076f18f921

Request headers

Referer
https://app.materials.zone/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
_xWnOpCMum.2ZiOZIbp82nPHWQyD5J3P
content-encoding
gzip
via
1.1 c2a926ef1bafe1ab239d4761594a8098.cloudfront.net (CloudFront)
date
Wed, 14 Aug 2024 17:44:06 GMT
x-amz-cf-pop
FRA2-C1
age
118
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2670
last-modified
Wed, 14 Aug 2024 16:04:33 GMT
server
AmazonS3
etag
"4b38a2cacfd0e6c9fb1565a64d912cd3"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=300, s-maxage=300, public
accept-ranges
bytes
x-amz-cf-id
Pgidi1RvF4-XrnBBZQfq4jRIZvAtWPkUryv1wczOJazhLESvuLkXAw==
favicon.ico
app.materials.zone/
33 KB
5 KB
Other
General
Full URL
https://app.materials.zone/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5221c85b0b77fc463a6e1fb90217998611de4b3552a0953499b709e5ac6421ee
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options DENY

Request headers

Referer
https://app.materials.zone/signin
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 17:45:25 GMT
via
1.1 google
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 13 Aug 2024 14:59:36 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
etag
W/"66bb74d8-821e"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/x-icon
cache-control
max-age=14400
cf-ray
8b32c22ad88abbb9-FRA
frame-modern.774b9747.js
js.intercomcdn.com/ Frame 2182
459 KB
139 KB
Script
General
Full URL
https://js.intercomcdn.com/frame-modern.774b9747.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/f5fczxgu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-10.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1d96d2508171a360c239772e3ce5c5601ea2aa91fd7f590ba2c34724000f49b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 16:04:37 GMT
content-encoding
gzip
via
1.1 7ab8983df8c6e33475e52fb04de82cbc.cloudfront.net (CloudFront)
x-amz-version-id
a_e706IC12DqUO.05hMTgC_Xh2qIeoW1
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P9
age
6049
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
141236
last-modified
Wed, 14 Aug 2024 16:02:10 GMT
server
AmazonS3
etag
"7d82c19e1c66483b7a9d2f3cfb7d0741"
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
7HOXwjE4GZBpzYA701fqgt9qjPIdSxK4IA4AchmRbErjchxkARrk5w==
vendor-modern.24002cc7.js
js.intercomcdn.com/ Frame 2182
455 KB
145 KB
Script
General
Full URL
https://js.intercomcdn.com/vendor-modern.24002cc7.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/f5fczxgu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-10.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
614ba69cc45e1d7f36150f778fe53f5ad76ad857df5c5ac9c762a6978086b09c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
VJIwNFgD1rqYOkgSDPc.01Ora7y8zhav
content-encoding
gzip
via
1.1 7ab8983df8c6e33475e52fb04de82cbc.cloudfront.net (CloudFront)
date
Wed, 14 Aug 2024 17:10:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P9
age
2094
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
147288
last-modified
Mon, 12 Aug 2024 12:46:39 GMT
server
AmazonS3
etag
"9cffe9d409ffd49439595bfe9ba87d5d"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
P_M_IHprVmp0_K1AfYG69nk6OUzz1p038sDirQAx2nyDT948V8Q2QA==
ping
api-iam.intercom.io/messenger/web/ Frame 2182
4 KB
2 KB
XHR
General
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.774b9747.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.199.165.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-199-165-201.compute-1.amazonaws.com
Software
nginx /
Resource Hash
7205ed468a2d5d22b13512ee2e266c3878801772a4f6417bad923b3c25fb6f97
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 14 Aug 2024 17:45:26 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-0cc965767f13b04d8
status
200 OK
x-xss-protection
1; mode=block
x-request-id
000vu2d8and0u633uo10
x-runtime
0.388434
server
nginx
etag
W/"7205ed468a2d5d22b13512ee2e266c38"
x-request-queueing
0
vary
Accept,Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://app.materials.zone
x-intercom-version
5e9b66cab5081218811f165cef7aecbde2a0b8ba
access-control-expose-headers
x-request-id
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
graphql
api.materials.zone/
105 B
197 B
Fetch
General
Full URL
https://api.materials.zone/graphql
Requested by
Host: app.materials.zone
URL: https://app.materials.zone/static/js/main.9a0e3007.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:ddd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e4fb42d55b25383066d5a3c4994862e909c5357bd15bbb729b7189f7d2b49ae
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept
*/*
x-mz-api-feature
tables
Referer
https://app.materials.zone/
authorization
undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Wed, 14 Aug 2024 17:45:25 GMT
content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 google
x-permitted-cross-domain-policies
none
cf-cache-status
DYNAMIC
cross-origin-embedder-policy
require-corp
x-dns-prefetch-control
off
cross-origin-resource-policy
same-origin
content-length
105
x-xss-protection
0
referrer-policy
no-referrer
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"69-W8SLIBXU+2PQ/tpuGIrXh17XtKk"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://app.materials.zone
origin-agent-cluster
?1
access-control-allow-credentials
true
cf-ray
8b32c22fedbe9b95-FRA
log_event
logging.materials.zone/api/v1beta1/
39 B
186 B
Ping
General
Full URL
https://logging.materials.zone/api/v1beta1/log_event
Requested by
Host: app.materials.zone
URL: https://app.materials.zone/static/js/main.9a0e3007.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e3c3db605b5731684f1b4789b31d9077e5949dda7f21876ff0095e01855a8ac
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://app.materials.zone/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 14 Aug 2024 17:45:26 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
vary
Origin
content-type
application/json
access-control-allow-origin
https://app.materials.zone
access-control-allow-credentials
true
cf-ray
8b32c231096fbbb9-FRA
content-length
39
log_event
logging.materials.zone/api/v1beta1/ Frame
0
0
Preflight
General
Full URL
https://logging.materials.zone/api/v1beta1/log_event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:ddd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://app.materials.zone
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://app.materials.zone
access-control-max-age
600
cf-cache-status
DYNAMIC
cf-ray
8b32c2308e619b95-FRA
content-length
2
content-type
text/plain; charset=utf-8
date
Wed, 14 Aug 2024 17:45:25 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
vary
Origin
via
1.1 google
ping
api-iam.intercom.io/messenger/web/ Frame 2182
4 KB
2 KB
XHR
General
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.774b9747.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.199.165.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-199-165-201.compute-1.amazonaws.com
Software
nginx /
Resource Hash
205a66be04cacd5d076367cc09a8ad6fdf33c18e828a9d66861837e567ede328
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 14 Aug 2024 17:45:26 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-0cc965767f13b04d8
status
200 OK
x-xss-protection
1; mode=block
x-request-id
000993c6gcvjct0mkia0
x-runtime
0.179270
server
nginx
etag
W/"205a66be04cacd5d076367cc09a8ad6f"
x-request-queueing
0
vary
Accept,Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://app.materials.zone
x-intercom-version
5e9b66cab5081218811f165cef7aecbde2a0b8ba
access-control-expose-headers
x-request-id
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
/
api-js.mixpanel.com/track/
25 B
375 B
XHR
General
Full URL
https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1723657529407
Requested by
Host: app.materials.zone
URL: https://app.materials.zone/static/js/main.9a0e3007.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.34.183 -, , ASN (),
Reverse DNS
Software
envoy /
Resource Hash
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains

Request headers

Referer
https://app.materials.zone/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=604800; includeSubDomains
date
Wed, 14 Aug 2024 17:45:29 GMT
via
1.1 google
server
envoy
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://app.materials.zone
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
36
access-control-allow-headers
X-Requested-With, Content-Type
content-length
25
alt-svc
clear
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-K0N2EZ9FMK&gtm=45je48c0v897668075za200&_p=1723657524434&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=253233358.1723657525&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1723657524&sct=1&seg=0&dl=https%3A%2F%2Fapp.materials.zone%2Fsignin&dt=Login%20-%20Materials.Zone&en=scroll&ep.debug_mode=false&epn.percent_scrolled=90&_et=3&tfd=7825
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K0N2EZ9FMK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://app.materials.zone/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Aug 2024 17:45:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.materials.zone
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| Intercom function| sprintf function| vsprintf function| Hammer object| Bokeh function| flatpickr object| __global__ string| __reactRouterVersion number| 2f1acc6c3a606b082e5eef5e54414ffb function| _ string| __THREE__ object| pdfjsLib object| dataLayer function| gtag object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| __intercomAssignLocation function| __intercomReloadLocation

6 Cookies

Domain/Path Name / Value
.materials.zone/ Name: mp_499f375b2805ef32ebd441ea4adb41d2_mixpanel
Value: %7B%22distinct_id%22%3A%20%22%24device%3A19151fe94bf971-012570101ae84e-10462c6f-1d4c00-19151fe94bf971%22%2C%22%24device_id%22%3A%20%2219151fe94bf971-012570101ae84e-10462c6f-1d4c00-19151fe94bf971%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22__mps%22%3A%20%7B%7D%2C%22__mpso%22%3A%20%7B%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%7D
.materials.zone/ Name: _ga
Value: GA1.1.253233358.1723657525
.materials.zone/ Name: _ga_K0N2EZ9FMK
Value: GS1.1.1723657524.1.0.1723657524.0.0.0
.materials.zone/ Name: intercom-id-f5fczxgu
Value: 5c69613b-1553-43bc-b624-15b3c207ec71
.materials.zone/ Name: intercom-session-f5fczxgu
Value:
.materials.zone/ Name: intercom-device-id-f5fczxgu
Value: dc2f8506-1681-4fb7-ad58-5b5cd345a5c7

3 Console Messages

Source Level URL
Text
network error URL: https://api.materials.zone/graphql
Message:
Failed to load resource: the server responded with a status of 500 ()
recommendation verbose URL: https://app.materials.zone/signin
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network error URL: https://api.materials.zone/graphql
Message:
Failed to load resource: the server responded with a status of 500 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
api-js.mixpanel.com
api.materials.zone
app.materials.zone
auth.materials.zone
cdn.bokeh.org
fonts.googleapis.com
fonts.gstatic.com
js.intercomcdn.com
logging.materials.zone
region1.google-analytics.com
widget.intercom.io
www.googletagmanager.com
13.224.189.35
130.211.34.183
18.245.46.10
2001:4860:4802:32::36
2600:9000:235a:3600:18:5d4a:9840:93a1
2606:4700:10::6816:1b5c
2606:4700:10::ac43:ddd
2a00:1450:4001:80f::2003
2a00:1450:4001:81d::2008
2a00:1450:4001:830::200a
44.199.165.201
0c0cd1e26d6743bc4611f9519c2a61b73f9360d24d08f855e62485f36aba9278
1d96d2508171a360c239772e3ce5c5601ea2aa91fd7f590ba2c34724000f49b9
205a66be04cacd5d076367cc09a8ad6fdf33c18e828a9d66861837e567ede328
39da54b039874f61a8dbad367aa042a478261ac8c47cb7e31e75df714dbb593a
3d901128c16583b49d2e55ca2cfbef5bb8d66303340e7be40bbb16a31b4235f9
3f32b730cec6e3bb1ba6e77bc96003c1f73fee0dddb2eced7aebb052089ffed6
42cd7d35ca6cd70c3eb9706d82622d343193e292e0c8588ca2e875596a5f95d4
5221c85b0b77fc463a6e1fb90217998611de4b3552a0953499b709e5ac6421ee
58402a3faf006ce70814f6a5978f9335fd02899bd391525589a827e845b2f626
5e3c3db605b5731684f1b4789b31d9077e5949dda7f21876ff0095e01855a8ac
614ba69cc45e1d7f36150f778fe53f5ad76ad857df5c5ac9c762a6978086b09c
7205ed468a2d5d22b13512ee2e266c3878801772a4f6417bad923b3c25fb6f97
7e4fb42d55b25383066d5a3c4994862e909c5357bd15bbb729b7189f7d2b49ae
85b4268f003df2c4208a370f254daf6226a2960bf54f89bbe98aeda85da5437d
90d1190e52f95e6cd052e9d948fe9ad275c2b9e4ba2a4d074cdbebf6795d56bb
91fad3220418e76580b8e57266a7123ec49afc5d35069006cf1264afcb23e6ef
9400444f9f69d19fb7ed5395d523d0a456927f42f198fbfd874af30baf0b6409
bb7520b96e7fa5d9f82a8ffc9460a49f0521713748a800bcd66c43f3d07f974f
be4f8bac13670dc2b95c5b53b9ff038507456b83960babef69a010076f18f921
dfa8874600f2cc9e03cb92fe1deeb4c68647819d3daf24de95a62ae9dd814bb3
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af