URL: https://excalicloud.com/
Submission Tags: @phishunt_io
Submission: On March 23 via api from ES

Summary

This website contacted 8 IPs in 3 countries across 6 domains to perform 22 HTTP transactions. The main IP is 78.197.215.2, located in La Celle-Saint-Cloud, France and belongs to PROXAD, FR. The main domain is excalicloud.com.
TLS certificate: Issued by R3 on March 22nd 2021. Valid for: 3 months.
This is the only time excalicloud.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
10 excalicloud.com excalicloud.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 accounts.google.com apis.google.com
ssl.gstatic.com
2 apis.google.com excalicloud.com
apis.google.com
2 www.googletagmanager.com excalicloud.com
www.googletagmanager.com
1 ssl.gstatic.com accounts.google.com
1 stats.g.doubleclick.net www.google-analytics.com
22 7

This site contains links to these domains. Also see Links.

Domain
blog.excalidraw.com
Subject Issuer Validity Valid
excalicloud.com
R3
2021-03-22 -
2021-06-20
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh
*.apis.google.com
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh
*.google.com
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh
accounts.google.com
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh

This page contains 2 frames:

Primary Page: https://excalicloud.com/
Frame ID: 4AB5ACCA416AEA81BD979057EF5C3A04
Requests: 21 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 010848850CD0EAEDB83E015D7DA775D4
Requests: 3 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

22
Requests

100 %
HTTPS

86 %
IPv6

6
Domains

7
Subdomains

8
IPs

3
Countries

993 kB
Transfer

1311 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
excalicloud.com/
7 KB
4 KB
Document
General
Full URL
https://excalicloud.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
78.197.215.2 La Celle-Saint-Cloud, France, ASN12322 (PROXAD, FR),
Reverse DNS
cag81-1_migr-78-197-215-2.fbx.proxad.net
Software
nginx/1.14.2 /
Resource Hash
34c02a69bdc914366f8d13895838c7f2fe269ee8b2887436716544c4d808f1a7

Request headers

Host
excalicloud.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx/1.14.2
Date
Tue, 23 Mar 2021 03:50:51 GMT
Content-Type
text/html
Last-Modified
Sun, 10 Jan 2021 13:31:35 GMT
Transfer-Encoding
chunked
Connection
keep-alive
ETag
W/"5ffb01b7-1c9e"
Content-Encoding
gzip
FG_Virgil.woff2
excalicloud.com/
117 KB
117 KB
Font
General
Full URL
https://excalicloud.com/FG_Virgil.woff2
Requested by
Host: excalicloud.com
URL: https://excalicloud.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
78.197.215.2 La Celle-Saint-Cloud, France, ASN12322 (PROXAD, FR),
Reverse DNS
cag81-1_migr-78-197-215-2.fbx.proxad.net
Software
nginx/1.14.2 /
Resource Hash
09587c7c6b2604befe1fe1bd88b5646ddfc35eb41d99a81f9be43ebc14d059b0

Request headers

Origin
https://excalicloud.com
Referer
https://excalicloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 23 Mar 2021 03:50:51 GMT
Last-Modified
Sun, 10 Jan 2021 13:31:26 GMT
Server
nginx/1.14.2
ETag
"5ffb01ae-1d2d4"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
119508
Cascadia.woff2
excalicloud.com/
85 KB
85 KB
Font
General
Full URL
https://excalicloud.com/Cascadia.woff2
Requested by
Host: excalicloud.com
URL: https://excalicloud.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
78.197.215.2 La Celle-Saint-Cloud, France, ASN12322 (PROXAD, FR),
Reverse DNS
cag81-1_migr-78-197-215-2.fbx.proxad.net
Software
nginx/1.14.2 /
Resource Hash
6d27c0474bb6c7922911f90ae811918f6be943005f1c4a6ec0e5b70a2bfddf16

Request headers

Origin
https://excalicloud.com
Referer
https://excalicloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 23 Mar 2021 03:50:51 GMT
Last-Modified
Sun, 10 Jan 2021 13:31:25 GMT
Server
nginx/1.14.2
ETag
"5ffb01ad-1531c"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
86812
fonts.css
excalicloud.com/
294 B
531 B
Stylesheet
General
Full URL
https://excalicloud.com/fonts.css
Requested by
Host: excalicloud.com
URL: https://excalicloud.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
78.197.215.2 La Celle-Saint-Cloud, France, ASN12322 (PROXAD, FR),
Reverse DNS
cag81-1_migr-78-197-215-2.fbx.proxad.net
Software
nginx/1.14.2 /
Resource Hash
a6617702e2eebd94efa110b5b28d1dac2f3f62fe4e8dc6c3b50c159fcddfc176

Request headers

Referer
https://excalicloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 23 Mar 2021 03:50:51 GMT
Last-Modified
Sun, 10 Jan 2021 13:31:35 GMT
Server
nginx/1.14.2
ETag
"5ffb01b7-126"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
294
js
www.googletagmanager.com/gtag/
138 KB
54 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-H3S0KQSBGX
Requested by
Host: excalicloud.com
URL: https://excalicloud.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0714be77acb0ce906ead25a3719064fdd164822cad88a58c84c1640ed5194db7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://excalicloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Mar 2021 03:50:52 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54372
x-xss-protection
0
expires
Tue, 23 Mar 2021 03:50:52 GMT
main.5a1f5858.chunk.css
excalicloud.com/static/css/
37 KB
37 KB
Stylesheet
General
Full URL
https://excalicloud.com/static/css/main.5a1f5858.chunk.css
Requested by
Host: excalicloud.com
URL: https://excalicloud.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
78.197.215.2 La Celle-Saint-Cloud, France, ASN12322 (PROXAD, FR),
Reverse DNS
cag81-1_migr-78-197-215-2.fbx.proxad.net
Software
nginx/1.14.2 /
Resource Hash
ff050407ad46b1d25a85adf478f5b7b8a84c7c416c5034041c3a0c2f6802e985

Request headers

Referer
https://excalicloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 23 Mar 2021 03:50:51 GMT
Last-Modified
Sun, 10 Jan 2021 13:31:38 GMT
Server
nginx/1.14.2
ETag
"5ffb01ba-94e4"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
38116
43.8443a605.chunk.js
excalicloud.com/static/js/
283 KB
283 KB
Script
General
Full URL
https://excalicloud.com/static/js/43.8443a605.chunk.js
Requested by
Host: excalicloud.com
URL: https://excalicloud.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
78.197.215.2 La Celle-Saint-Cloud, France, ASN12322 (PROXAD, FR),
Reverse DNS
cag81-1_migr-78-197-215-2.fbx.proxad.net
Software
nginx/1.14.2 /
Resource Hash
f89cfc172ff5769913395827528e63a8e1e2d06fdd37ac3d925bb37600b35fc4

Request headers

Referer
https://excalicloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 23 Mar 2021 03:50:51 GMT
Last-Modified
Sun, 10 Jan 2021 13:31:42 GMT
Server
nginx/1.14.2
ETag
"5ffb01be-46af6"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
289526
main.7a0d8937.chunk.js
excalicloud.com/static/js/
271 KB
271 KB
Script
General
Full URL
https://excalicloud.com/static/js/main.7a0d8937.chunk.js
Requested by
Host: excalicloud.com
URL: https://excalicloud.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
78.197.215.2 La Celle-Saint-Cloud, France, ASN12322 (PROXAD, FR),
Reverse DNS
cag81-1_migr-78-197-215-2.fbx.proxad.net
Software
nginx/1.14.2 /
Resource Hash
ee75fa3b94adc6e5168f4112ab7891d7316d255e7132edb2cc5b33fddae87b4a

Request headers

Referer
https://excalicloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 23 Mar 2021 03:50:51 GMT
Last-Modified
Sun, 10 Jan 2021 13:32:22 GMT
Server
nginx/1.14.2
ETag
"5ffb01e6-43aea"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
277226
54.a47905a9.chunk.js
excalicloud.com/static/js/
770 B
1021 B
Script
General
Full URL
https://excalicloud.com/static/js/54.a47905a9.chunk.js
Requested by
Host: excalicloud.com
URL: https://excalicloud.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
78.197.215.2 La Celle-Saint-Cloud, France, ASN12322 (PROXAD, FR),
Reverse DNS
cag81-1_migr-78-197-215-2.fbx.proxad.net
Software
nginx/1.14.2 /
Resource Hash
98b6ff0ae37d5ad0296c7109509f5c6b9adba6c45af2a98e11e7623d77a1c2f9

Request headers

Referer
https://excalicloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 23 Mar 2021 03:50:52 GMT
Last-Modified
Sun, 10 Jan 2021 13:31:54 GMT
Server
nginx/1.14.2
ETag
"5ffb01ca-302"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
770
48.417ee6cf.chunk.js
excalicloud.com/static/js/
1 KB
2 KB
Script
General
Full URL
https://excalicloud.com/static/js/48.417ee6cf.chunk.js
Requested by
Host: excalicloud.com
URL: https://excalicloud.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
78.197.215.2 La Celle-Saint-Cloud, France, ASN12322 (PROXAD, FR),
Reverse DNS
cag81-1_migr-78-197-215-2.fbx.proxad.net
Software
nginx/1.14.2 /
Resource Hash
b3c46556e1275f5954e2844e6f3f3960a86f60e9ff72250e961e6cef389d93f0

Request headers

Referer
https://excalicloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 23 Mar 2021 03:50:52 GMT
Last-Modified
Sun, 10 Jan 2021 13:31:49 GMT
Server
nginx/1.14.2
ETag
"5ffb01c5-530"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1328
55.f718dba7.chunk.js
excalicloud.com/static/js/
598 B
849 B
Script
General
Full URL
https://excalicloud.com/static/js/55.f718dba7.chunk.js
Requested by
Host: excalicloud.com
URL: https://excalicloud.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
78.197.215.2 La Celle-Saint-Cloud, France, ASN12322 (PROXAD, FR),
Reverse DNS
cag81-1_migr-78-197-215-2.fbx.proxad.net
Software
nginx/1.14.2 /
Resource Hash
67736f951a7d1b32d61d4f2eb66a2ebb0c7624967b19a8eb4991fbfff76d3cdc

Request headers

Referer
https://excalicloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 23 Mar 2021 03:50:52 GMT
Last-Modified
Sun, 10 Jan 2021 13:31:55 GMT
Server
nginx/1.14.2
ETag
"5ffb01cb-256"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
598
js
www.googletagmanager.com/gtag/
99 KB
39 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-387204-13&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H3S0KQSBGX
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7a41131996bda22e4e78c8602c6c03c0f221ee353b9ee72f3ed72072b7f33bc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://excalicloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Mar 2021 03:50:52 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39803
x-xss-protection
0
last-modified
Tue, 23 Mar 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 23 Mar 2021 03:50:52 GMT
truncated
/
106 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ac1d6438a10fae33638f895431f7d644ce732672e0f641c8d60005571d24f70

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
226 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4a5abb93346f358aeb2e6ee43e65f458a7568c464a889b39aeb8d56b55059981

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
api.js
apis.google.com/js/
12 KB
6 KB
Script
General
Full URL
https://apis.google.com/js/api.js
Requested by
Host: excalicloud.com
URL: https://excalicloud.com/static/js/43.8443a605.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0b93183bcc5bda42dc9db65084d052ca8fdb7eb3e3b08a75e5f3884a888cf035
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-xpd3Q5NFVp/Cfj7m/ltGtA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://excalicloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Mar 2021 03:50:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"6873478039673be44cc70fd23da24c6e"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-xpd3Q5NFVp/Cfj7m/ltGtA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Tue, 23 Mar 2021 03:50:52 GMT
analytics.js
www.google-analytics.com/
46 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-387204-13&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://excalicloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
1347
date
Tue, 23 Mar 2021 03:28:25 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Tue, 23 Mar 2021 05:28:25 GMT
collect
www.google-analytics.com/g/
0
171 B
Other
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-H3S0KQSBGX&gtm=2oe3h0&_p=1802535790&sr=1600x1200&ul=en-us&cid=1798989891.1616471452&_s=1&dl=https%3A%2F%2Fexcalicloud.com%2F&dt=Excalicloud%20%7C%20Hand-drawn%20look%20%26%20feel%20%E2%80%A2%20Collaborative%20%E2%80%A2%20Secure&sid=1616471452&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H3S0KQSBGX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://excalicloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 23 Mar 2021 03:50:52 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://excalicloud.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/
102 KB
34 KB
Script
General
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a982367fc9ab1c35fc3e3cbf830284ef62849a8655139ec8a144f2fed00997b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://excalicloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 23:24:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 16:28:44 GMT
server
sffe
age
447961
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34461
x-xss-protection
0
expires
Thu, 17 Mar 2022 23:24:51 GMT
collect
www.google-analytics.com/j/
2 B
388 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1802535790&t=pageview&_s=1&dl=https%3A%2F%2Fexcalicloud.com%2F&ul=en-us&de=UTF-8&dt=Excalicloud%20%7C%20Hand-drawn%20look%20%26%20feel%20%E2%80%A2%20Collaborative%20%E2%80%A2%20Secure&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAUABAAAAAC~&jid=1499608312&gjid=32126764&cid=1798989891.1616471452&tid=UA-387204-13&_gid=1150135448.1616471452&_r=1&gtm=2ou3h0&z=1205750796
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://excalicloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Mar 2021 03:50:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://excalicloud.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
iframe
accounts.google.com/o/oauth2/ Frame 0108
513 B
843 B
Document
General
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/cb=gapi.loaded_0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f0c9d68b422506857d151507f2ddb5ee4930da20113e72041252c7bfa876366b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-BbiwtPEmWUAQYqCvQQCONg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
accounts.google.com
:scheme
https
:path
/o/oauth2/iframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://excalicloud.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=211=cRcGlvTx3M1T_YvwkOE1wTltk1jByR385TA8OOSWgYh_NqJHJWxVMai5Gp7DYn48acSG0489UJ9XtCbTsr6BlRw4MaPtCWo6OMiKNE_h989hkbFqnelv2GDQYuNTa7cIQArriWVz-MDIxv7NRuDI_uIEbgFPciyr_j5c6C0QYUQ
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://excalicloud.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 23 Mar 2021 03:50:52 GMT
content-language
en-US
content-security-policy
script-src 'report-sample' 'nonce-BbiwtPEmWUAQYqCvQQCONg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
stats.g.doubleclick.net/j/
1 B
443 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-387204-13&cid=1798989891.1616471452&jid=1499608312&gjid=32126764&_gid=1150135448.1616471452&_u=IADAAUAAAAAAAC~&z=1861296236
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://excalicloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 23 Mar 2021 03:50:52 GMT
content-type
text/plain
access-control-allow-origin
https://excalicloud.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
4071097310-idpiframe.js
ssl.gstatic.com/accounts/o/ Frame 0108
112 KB
39 KB
Script
General
Full URL
https://ssl.gstatic.com/accounts/o/4071097310-idpiframe.js
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1943a600956d093b6bdbd157ffea2a0a738342a1a7a454a31364c3aa41325fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 12:40:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 09 Mar 2021 17:30:24 GMT
server
sffe
age
400201
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39191
x-xss-protection
0
expires
Fri, 18 Mar 2022 12:40:51 GMT
iframerpc
accounts.google.com/o/oauth2/ Frame 0108
14 B
330 B
XHR
General
Full URL
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fexcalicloud.com&client_id=768936615119-16i2pc81ii7el8pl54d2drk6m2dktfd0.apps.googleusercontent.com
Requested by
Host: ssl.gstatic.com
URL: https://ssl.gstatic.com/accounts/o/4071097310-idpiframe.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Requested-With
XmlHttpRequest

Response headers

date
Tue, 23 Mar 2021 03:50:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
content-type
application/json; charset=utf-8
cache-control
public, max-age=3600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Tue, 23 Mar 2021 04:50:52 GMT
collect
www.google-analytics.com/g/
0
45 B
Other
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-H3S0KQSBGX&gtm=2oe3h0&_p=1802535790&sr=1600x1200&ul=en-us&cid=1798989891.1616471452&_s=2&dl=https%3A%2F%2Fexcalicloud.com%2F&dt=Excalicloud%20%7C%20Hand-drawn%20look%20%26%20feel%20%E2%80%A2%20Collaborative%20%E2%80%A2%20Secure&sid=1616471452&sct=1&seg=0&en=scroll&_et=178&epn.percent_scrolled=90
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H3S0KQSBGX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://excalicloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 23 Mar 2021 03:50:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://excalicloud.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| gtag object| dataLayer object| webpackJsonpexcalidraw object| google_tag_manager object| __SENTRY__ string| __EXCALIDRAW_SHA__ function| onYouTubeIframeAPIReady object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaGlobal object| gapi object| ___jsl object| gaplugins object| gaData object| osapi

6 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 211=cRcGlvTx3M1T_YvwkOE1wTltk1jByR385TA8OOSWgYh_NqJHJWxVMai5Gp7DYn48acSG0489UJ9XtCbTsr6BlRw4MaPtCWo6OMiKNE_h989hkbFqnelv2GDQYuNTa7cIQArriWVz-MDIxv7NRuDI_uIEbgFPciyr_j5c6C0QYUQ
.excalicloud.com/ Name: G_ENABLED_IDPS
Value: google
.excalicloud.com/ Name: _gat_gtag_UA_387204_13
Value: 1
.excalicloud.com/ Name: _gid
Value: GA1.2.1150135448.1616471452
.excalicloud.com/ Name: _ga
Value: GA1.2.1798989891.1616471452
.excalicloud.com/ Name: _ga_H3S0KQSBGX
Value: GS1.1.1616471452.1.0.1616471452.0

4 Console Messages

Source Level URL
Text
console-api error URL: https://excalicloud.com/static/js/main.7a0d8937.chunk.js(Line 1)
Message:
TypeError: Cannot read property 'getItem' of null
console-api error URL: https://excalicloud.com/static/js/main.7a0d8937.chunk.js(Line 1)
Message:
TypeError: Cannot read property 'getItem' of null
console-api error URL: https://excalicloud.com/static/js/main.7a0d8937.chunk.js(Line 1)
Message:
TypeError: Cannot read property 'setItem' of null
console-api info URL: https://excalicloud.com/static/js/main.7a0d8937.chunk.js(Line 1)
Message:
Content is cached for offline use.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
excalicloud.com
ssl.gstatic.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
2a00:1450:4001:800::200d
2a00:1450:4001:811::2008
2a00:1450:4001:813::2003
2a00:1450:4001:828::200e
2a00:1450:4001:82b::200e
2a00:1450:400c:c07::9d
78.197.215.2
0714be77acb0ce906ead25a3719064fdd164822cad88a58c84c1640ed5194db7
09587c7c6b2604befe1fe1bd88b5646ddfc35eb41d99a81f9be43ebc14d059b0
0ac1d6438a10fae33638f895431f7d644ce732672e0f641c8d60005571d24f70
0b93183bcc5bda42dc9db65084d052ca8fdb7eb3e3b08a75e5f3884a888cf035
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
34c02a69bdc914366f8d13895838c7f2fe269ee8b2887436716544c4d808f1a7
4a5abb93346f358aeb2e6ee43e65f458a7568c464a889b39aeb8d56b55059981
67736f951a7d1b32d61d4f2eb66a2ebb0c7624967b19a8eb4991fbfff76d3cdc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d27c0474bb6c7922911f90ae811918f6be943005f1c4a6ec0e5b70a2bfddf16
7a41131996bda22e4e78c8602c6c03c0f221ee353b9ee72f3ed72072b7f33bc5
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
98b6ff0ae37d5ad0296c7109509f5c6b9adba6c45af2a98e11e7623d77a1c2f9
a1943a600956d093b6bdbd157ffea2a0a738342a1a7a454a31364c3aa41325fa
a6617702e2eebd94efa110b5b28d1dac2f3f62fe4e8dc6c3b50c159fcddfc176
a982367fc9ab1c35fc3e3cbf830284ef62849a8655139ec8a144f2fed00997b9
b3c46556e1275f5954e2844e6f3f3960a86f60e9ff72250e961e6cef389d93f0
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee75fa3b94adc6e5168f4112ab7891d7316d255e7132edb2cc5b33fddae87b4a
f0c9d68b422506857d151507f2ddb5ee4930da20113e72041252c7bfa876366b
f89cfc172ff5769913395827528e63a8e1e2d06fdd37ac3d925bb37600b35fc4
ff050407ad46b1d25a85adf478f5b7b8a84c7c416c5034041c3a0c2f6802e985