southbow.neoflow.energy Open in urlscan Pro
3.168.102.102  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response southbow.neoflow.energy/	1 KB 1 KB	275ms 144ms	Document text/html	3.168.102.102
General Check archive.org Show headers Download Go to Full URL https://southbow.neoflow.energy/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.168.102.102 , United States, ASN (), Reverse DNS server-3-168-102-102.jfk52.r.cloudfront.net Software AmazonS3 / Resource Hash e9259d10523811c4d1bca7f8da4b52d8dc10e07d7262d5aed4394efce084722c Security Headers Name Value Content-Security-Policy object-src 'none' ; script-src 'self' 'nonce-0c8ba106-63e6-4add-b738-be57d4e45dd4' 'unsafe-inline' 'strict-dynamic' https:; style-src 'unsafe-inline' https: https://fonts.googleapis.com; base-uri https://jsd-widget.atlassian.com/; script-src-elem https://jsd-widget.atlassian.com/assets/iframe.js https://jsd-widget.atlassian.com/assets/embed.js https://maps.googleapis.com 'self'; Strict-Transport-Security max-age=600; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 content-encoding br content-security-policy object-src 'none' ; script-src 'self' 'nonce-0c8ba106-63e6-4add-b738-be57d4e45dd4' 'unsafe-inline' 'strict-dynamic' https:; style-src 'unsafe-inline' https: https://fonts.googleapis.com; base-uri https://jsd-widget.atlassian.com/; script-src-elem https://jsd-widget.atlassian.com/assets/iframe.js https://jsd-widget.atlassian.com/assets/embed.js https://maps.googleapis.com 'self'; content-type text/html date Fri, 15 Nov 2024 00:09:40 GMT etag W/"1a931818444a8288dd5c06071e652d41" last-modified Thu, 14 Nov 2024 17:28:44 GMT referrer-policy no-referrer server AmazonS3 strict-transport-security max-age=600; includeSubDomains vary accept-encoding via 1.1 595266d427582990356e9f138eba5bf2.cloudfront.net (CloudFront) x-amz-cf-id SKtse-bCeQuHbjrz4K9ewgx9e-Uw0YxnZUs4TgJpxGq0R7N3lEjqdQ== x-amz-cf-pop JFK52-P6 x-amz-server-side-encryption AES256 x-amz-version-id XJg1vA.RZQTz71Vjw.5GiEMLGE0mG6Hs x-cache Miss from cloudfront x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 1; mode=block
GET H2	200	embed.js Show response jsd-widget.atlassian.com/assets/	22 KB 7 KB	292ms 43ms	Script text/javascript	104.192.142.13
General Check archive.org Show headers Download Go to Full URL https://jsd-widget.atlassian.com/assets/embed.js Requested by Host: southbow.neoflow.energy URL: https://southbow.neoflow.energy/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.192.142.13 , United States, ASN (), Reverse DNS Software AtlassianEdge / Resource Hash d521c39b6d6f50f757125111f05562bbabd1258739755e3a8302dee43cdd2657 Security Headers Name Value Strict-Transport-Security max-age=63072000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers content-encoding br report-to {"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": "endpoint-1", "include_subdomains": true, "max_age": 600} x-content-type-options nosniff server-timing atl-edge;dur=6,atl-edge-internal;dur=4,atl-edge-upstream;dur=5,atl-edge-pop;desc="aws-us-east-1" date Fri, 15 Nov 2024 00:09:39 GMT content-type text/javascript vary Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding atl-request-id 83eb444a-456e-49f5-91d7-406cfd606657 last-modified Tue, 05 Nov 2024 10:51:23 GMT strict-transport-security max-age=63072000; preload cache-control max-age=10800, must-revalidate, public nel {"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"} accept-ranges bytes x-xss-protection 1; mode=block atl-traceid 83eb444a456e49f591d7406cfd606657 server AtlassianEdge
GET H2	200	css2 fonts.googleapis.com/	6 KB 649 B	247ms 124ms	Stylesheet text/css	2607:f8b0:4006:81e::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Work+Sans:wght@300;400;500;600;700&display=swap Requested by Host: southbow.neoflow.energy URL: https://southbow.neoflow.energy/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 8030cc89ea4aeb28e2220707a7464b8e2e61b5388eccef2920635809490cbe65 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers content-encoding gzip x-content-type-options nosniff expires Fri, 15 Nov 2024 00:09:40 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 15 Nov 2024 00:09:40 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Thu, 14 Nov 2024 23:37:38 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	css2 fonts.googleapis.com/	11 KB 1 KB	170ms 48ms	Stylesheet text/css	2607:f8b0:4006:81e::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@100;300;400;600;700&display=swap Requested by Host: southbow.neoflow.energy URL: https://southbow.neoflow.energy/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash a9eccfd8b0a5c9a6b29bbc6b96d94a468db35c6bbb892cb6fc01e7d5f44cf5bf Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers content-encoding gzip x-content-type-options nosniff expires Fri, 15 Nov 2024 00:09:40 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 15 Nov 2024 00:09:40 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Fri, 15 Nov 2024 00:04:25 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	bundle.js Show response southbow.neoflow.energy/	9 MB 5 MB	302ms 301ms	Script text/javascript	3.168.102.102
General Check archive.org Show headers Download Go to Full URL https://southbow.neoflow.energy/bundle.js Requested by Host: southbow.neoflow.energy URL: https://southbow.neoflow.energy/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.168.102.102 , United States, ASN (), Reverse DNS server-3-168-102-102.jfk52.r.cloudfront.net Software AmazonS3 / Resource Hash b6b3dcee33c68943a89184ba117cf5fbe622d54960f917c8ade0fbb3340a200e Security Headers Name Value Content-Security-Policy object-src 'none' ; script-src 'self' 'nonce-0c8ba106-63e6-4add-b738-be57d4e45dd4' 'unsafe-inline' 'strict-dynamic' https:; style-src 'unsafe-inline' https: https://fonts.googleapis.com; base-uri https://jsd-widget.atlassian.com/; script-src-elem https://jsd-widget.atlassian.com/assets/iframe.js https://jsd-widget.atlassian.com/assets/embed.js https://maps.googleapis.com 'self'; Strict-Transport-Security max-age=600; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers content-encoding br etag W/"d1cf06bd78e1ef6c2f703581f744d017-2" x-amz-version-id cN.AOPG.VJka4TDeNpi.FJYwq0gDnaLY x-content-type-options nosniff alt-svc h3=":443"; ma=86400 x-cache Miss from cloudfront x-amz-cf-id _S_bN7yPELnpkCZ_AWCRsgd5nUXMmr5lrNAFKUJ8trSHoCgIR2gHTQ== date Fri, 15 Nov 2024 00:09:40 GMT content-type text/javascript vary accept-encoding last-modified Thu, 14 Nov 2024 17:28:44 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=600; includeSubDomains content-security-policy object-src 'none' ; script-src 'self' 'nonce-0c8ba106-63e6-4add-b738-be57d4e45dd4' 'unsafe-inline' 'strict-dynamic' https:; style-src 'unsafe-inline' https: https://fonts.googleapis.com; base-uri https://jsd-widget.atlassian.com/; script-src-elem https://jsd-widget.atlassian.com/assets/iframe.js https://jsd-widget.atlassian.com/assets/embed.js https://maps.googleapis.com 'self'; referrer-policy no-referrer via 1.1 595266d427582990356e9f138eba5bf2.cloudfront.net (CloudFront) x-xss-protection 1; mode=block x-amz-cf-pop JFK52-P6 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	/ Show response edge.api.flagsmith.com/api/v1/flags/	2 KB 763 B	62ms 62ms	XHR application/json	35.71.155.136
General Check archive.org Show headers Download Go to Full URL https://edge.api.flagsmith.com/api/v1/flags/ Requested by Host: southbow.neoflow.energy URL: https://southbow.neoflow.energy/bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.71.155.136 , United States, ASN (), Reverse DNS a73d3afe8ff45acb7.awsglobalaccelerator.com Software awselb/2.0 / Resource Hash dfd5f32a6d263781192d2d9143bda43b3f7fb54af160bcbbd3e8c72f33d1ffa2 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 X-Environment-Key bVCUbvkyAhxHAvHspTrSsc Referer Response headers aws-lambda-region us-east-2 cache-control max-age=0 access-control-expose-headers x-flagsmith-document-updated-at content-encoding gzip access-control-allow-credentials true x-flagsmith-document-updated-at 1730993863.295757 access-control-allow-methods GET, POST, PUT aws-resource-region us-east-2 access-control-allow-origin * content-length 419 date Fri, 15 Nov 2024 00:09:41 GMT content-type application/json server awselb/2.0 access-control-allow-headers *
OPTIONS H2	200	/ edge.api.flagsmith.com/api/v1/flags/ Frame	0 0	216ms 52ms	Preflight application/json	35.71.155.136
General Check archive.org Show headers Download Go to Full URL https://edge.api.flagsmith.com/api/v1/flags/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.71.155.136 , United States, ASN (), Reverse DNS a73d3afe8ff45acb7.awsglobalaccelerator.com Software awselb/2.0 / Resource Hash Request headers Accept */* Access-Control-Request-Headers x-environment-key Access-Control-Request-Method GET Origin https://southbow.neoflow.energy Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers * access-control-allow-methods GET, POST, PUT access-control-allow-origin * access-control-expose-headers x-flagsmith-document-updated-at access-control-max-age 86400 allow GET, HEAD, OPTIONS content-length 0 content-type application/json date Fri, 15 Nov 2024 00:09:41 GMT server awselb/2.0
GET H2	200	iframe.js Show response jsd-widget.atlassian.com/assets/ Frame E3A2	3 MB 720 KB	135ms 130ms	Script text/javascript	104.192.142.13
General Check archive.org Show headers Download Go to Full URL https://jsd-widget.atlassian.com/assets/iframe.js Requested by Host: jsd-widget.atlassian.com URL: https://jsd-widget.atlassian.com/assets/embed.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.192.142.13 , United States, ASN (), Reverse DNS Software AtlassianEdge / Resource Hash 82af54b96018bb20da6611cc8bbdd62db603a580736e1c47e7801598de1d814e Security Headers Name Value Strict-Transport-Security max-age=63072000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers content-encoding br report-to {"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": "endpoint-1", "include_subdomains": true, "max_age": 600} x-content-type-options nosniff server-timing atl-edge;dur=24,atl-edge-internal;dur=54,atl-edge-upstream;dur=20,atl-edge-pop;desc="aws-us-east-1" date Fri, 15 Nov 2024 00:09:41 GMT content-type text/javascript vary Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding atl-request-id 06bde955-2def-4694-b3b0-f5d9f7e2e2ce last-modified Tue, 05 Nov 2024 10:51:23 GMT strict-transport-security max-age=63072000; preload cache-control max-age=10800, must-revalidate, public nel {"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"} accept-ranges bytes x-xss-protection 1; mode=block atl-traceid 06bde9552def4694b3b0f5d9f7e2e2ce server AtlassianEdge
GET DATA	200 OK	truncated /	4 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8c2d9053225cce96bbda1a4ecb58a84f8557f82779c5bbaa740b940fc82eae3f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type image/png
GET DATA	200 OK	truncated /	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e26c41350256af54d4f9b8c3373232824b26a2ee449d11e358aba3e3993aaf89 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	480 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a17ae97eaf65e892de24450e5905410e757ff13f503227b11cf47676b8c9b499 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	673 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d72b179fd5713827560cc2558551d83b9c10fa089dffa7e3b7ef90668a4d9e8e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type image/jpeg
GET H3	200	zYX9KVElMYYaJe8bpLHnCwDKjWr7AIFsdA.woff2 fonts.gstatic.com/s/ibmplexsans/v19/	19 KB 19 KB	94ms 39ms	Font font/woff2	142.251.40.227 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjWr7AIFsdA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@100;300;400;600;700&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.40.227 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s39-in-f3.1e100.net Software sffe / Resource Hash fff71a83690454ee6ea9014780a6797408918cb90cde1f0f3be65ea28a03c678 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://southbow.neoflow.energy Referer https://fonts.googleapis.com/ Response headers age 134992 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Thu, 13 Nov 2025 10:39:49 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 13 Nov 2024 10:39:49 GMT last-modified Tue, 02 May 2023 16:08:34 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 19440 x-xss-protection 0 server sffe
GET H3	200	zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2 fonts.gstatic.com/s/ibmplexsans/v19/	19 KB 19 KB	83ms 29ms	Font font/woff2	142.251.40.227 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ibmplexsans/v19/zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@100;300;400;600;700&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.40.227 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s39-in-f3.1e100.net Software sffe / Resource Hash db71f8a28ad8501544fb4e7668e3c6d0b731760b6f20de3525ebaeba597f1922 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://southbow.neoflow.energy Referer https://fonts.googleapis.com/ Response headers age 15183 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Fri, 14 Nov 2025 19:56:38 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 14 Nov 2024 19:56:38 GMT last-modified Tue, 02 May 2023 16:04:22 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 19156 x-xss-protection 0 server sffe
GET H3	200	zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFsdA.woff2 fonts.gstatic.com/s/ibmplexsans/v19/	20 KB 20 KB	105ms 51ms	Font font/woff2	142.251.40.227 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFsdA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@100;300;400;600;700&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.40.227 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s39-in-f3.1e100.net Software sffe / Resource Hash 31535a91ce3f6b8ed3ddedadab1e49957e2220263a640df1a3f14f6fdfe15eb6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://southbow.neoflow.energy Referer https://fonts.googleapis.com/ Response headers age 14268 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Fri, 14 Nov 2025 20:11:53 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 14 Nov 2024 20:11:53 GMT last-modified Tue, 02 May 2023 16:19:23 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 20356 x-xss-protection 0 server sffe
OPTIONS H2	200	httpapi api2.amplitude.com/2/ Frame	0 0	298ms 93ms	Preflight	52.40.12.44 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api2.amplitude.com/2/httpapi Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.40.12.44 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-40-12-44.us-west-2.compute.amazonaws.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://southbow.neoflow.energy Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers access-control-allow-headers content-type access-control-allow-methods GET, POST access-control-allow-origin * access-control-max-age 86400 content-length 0 date Fri, 15 Nov 2024 00:09:43 GMT strict-transport-security max-age=15768000
POST H2	200	httpapi Show response api2.amplitude.com/2/	94 B 218 B	111ms 109ms	Fetch application/json	52.40.12.44 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api2.amplitude.com/2/httpapi Requested by Host: southbow.neoflow.energy URL: https://southbow.neoflow.energy/bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.40.12.44 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-40-12-44.us-west-2.compute.amazonaws.com Software / Resource Hash fa9cf18d15623a88bc5872d304d1c781cb93f5960c840fa78939b6c37769e82a Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept */* Content-Type application/json Response headers strict-transport-security max-age=15768000 access-control-allow-origin * content-length 94 date Fri, 15 Nov 2024 00:09:43 GMT content-type application/json
GET H2	200	widget Show response jsd-widget.atlassian.com/api/embeddable/e1fe4eb3-8a66-4a21-86a0-8d31c1c5a6f4/ Frame E3A2	2 KB 1 KB	796ms 732ms	Fetch application/json	104.192.142.13
General Check archive.org Show headers Download Go to Full URL https://jsd-widget.atlassian.com/api/embeddable/e1fe4eb3-8a66-4a21-86a0-8d31c1c5a6f4/widget Requested by Host: jsd-widget.atlassian.com URL: https://jsd-widget.atlassian.com/assets/iframe.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.192.142.13 , United States, ASN (), Reverse DNS Software AtlassianEdge / Resource Hash 0c4279c4c5901c0b0807a215d71ad5634338880d366db10fb096592a5434fc3c Security Headers Name Value Strict-Transport-Security max-age=63072000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers content-encoding br report-to {"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": "endpoint-1", "include_subdomains": true, "max_age": 600} x-content-type-options nosniff expires 0 server-timing atl-edge;dur=700,atl-edge-internal;dur=2,atl-edge-upstream;dur=699,atl-edge-pop;desc="aws-us-east-1" date Fri, 15 Nov 2024 00:09:43 GMT content-type application/json vary Accept-Encoding atl-request-id c94db24b-106b-46e8-8226-ca497989cc14 strict-transport-security max-age=63072000; preload cache-control no-cache, no-store, max-age=0, must-revalidate nel {"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"} pragma no-cache access-control-allow-origin * x-xss-protection 1; mode=block atl-traceid c94db24b106b46e88226ca497989cc14 server AtlassianEdge
GET H3	200	logo.svg southbow.neoflow.energy/	2 KB 2 KB	144ms 144ms	Other image/svg+xml	3.168.102.102
General Check archive.org Show headers Download Go to Full URL https://southbow.neoflow.energy/logo.svg Protocol H3 Security QUIC, , AES_128_GCM Server 3.168.102.102 , United States, ASN (), Reverse DNS server-3-168-102-102.jfk52.r.cloudfront.net Software AmazonS3 / Resource Hash 7ef5bff549558fa4484419f18a00926cc402974ac51fb27a13bbfb8e8719de22 Security Headers Name Value Content-Security-Policy object-src 'none' ; script-src 'self' 'nonce-0c8ba106-63e6-4add-b738-be57d4e45dd4' 'unsafe-inline' 'strict-dynamic' https:; style-src 'unsafe-inline' https: https://fonts.googleapis.com; base-uri https://jsd-widget.atlassian.com/; script-src-elem https://jsd-widget.atlassian.com/assets/iframe.js https://jsd-widget.atlassian.com/assets/embed.js https://maps.googleapis.com 'self'; Strict-Transport-Security max-age=600; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers content-encoding br x-amz-version-id IqGzLOB_1vMD3dwAs7BpOFR2e8WxAHVC etag W/"cb26faf847484084562a672a342061ad" x-content-type-options nosniff alt-svc h3=":443"; ma=86400 x-cache Miss from cloudfront x-amz-cf-id _mvO0DouIe4Uhd-z23R0OY53KycZuS3yWoT2x9QvkZL6VkWNFAC4-Q== date Fri, 15 Nov 2024 00:09:44 GMT content-type image/svg+xml vary accept-encoding last-modified Thu, 14 Nov 2024 17:28:44 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=600; includeSubDomains content-security-policy object-src 'none' ; script-src 'self' 'nonce-0c8ba106-63e6-4add-b738-be57d4e45dd4' 'unsafe-inline' 'strict-dynamic' https:; style-src 'unsafe-inline' https: https://fonts.googleapis.com; base-uri https://jsd-widget.atlassian.com/; script-src-elem https://jsd-widget.atlassian.com/assets/iframe.js https://jsd-widget.atlassian.com/assets/embed.js https://maps.googleapis.com 'self'; referrer-policy no-referrer via 1.1 2d309cac2555275db9509df4973cc040.cloudfront.net (CloudFront) x-xss-protection 1; mode=block x-amz-cf-pop JFK52-P6 server AmazonS3 x-amz-server-side-encryption AES256
POST H2	200	batch Show response api-private.atlassian.com/gasv3/api/v1/ Frame E3A2	66 B 438 B	156ms 141ms	Fetch application/json	104.192.142.13
General Check archive.org Show headers Download Go to Full URL https://api-private.atlassian.com/gasv3/api/v1/batch Requested by Host: jsd-widget.atlassian.com URL: https://jsd-widget.atlassian.com/assets/iframe.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.192.142.13 , United States, ASN (), Reverse DNS Software AtlassianEdge / Resource Hash bc3cd92d3d302ba1fa240fd41a803d65f43e86a780957dea8c6430c4cbec9b9b Security Headers Name Value Strict-Transport-Security max-age=63072000; preload X-Content-Type-Options nosniff X-Frame-Options SameOrigin X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type text/plain Referer Response headers content-encoding gzip report-to {"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": "endpoint-1", "include_subdomains": true, "max_age": 600} x-content-type-options nosniff server-timing atl-edge;dur=110,atl-edge-internal;dur=3,atl-edge-upstream;dur=107,atl-edge-pop;desc="aws-us-east-1" date Fri, 15 Nov 2024 00:09:44 GMT content-type application/json vary Origin,Access-Control-Request-Method,Access-Control-Request-Headers atl-request-id c62c7a68-13c0-4ee1-9d86-cd9637b37110 x-frame-options SameOrigin strict-transport-security max-age=63072000; preload nel {"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"} access-control-allow-credentials true x-trace-id c62c7a6813c04ee19d86cd9637b37110 access-control-allow-origin https://southbow.neoflow.energy x-xss-protection 1; mode=block atl-traceid c62c7a6813c04ee19d86cd9637b37110 server AtlassianEdge

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| __SENTRY__ function| FlagsmithEventSource object| flagsmith number| 2f1acc6c3a606b082e5eef5e54414ffb function| saveAs object| powerbi object| analyticsConnectorInstances

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.neoflow.energy/	1970-01-21 09:46:05	Name: AMP_MKTG_4a26975705 Value: JTdCJTdE
			.neoflow.energy/	1970-01-21 09:46:05	Name: ajs_anonymous_id Value: %22611ff662-435a-4645-b65a-30124c440c69%22
			.neoflow.energy/	1970-01-21 09:46:05	Name: AMP_4a26975705 Value: JTdCJTIyZGV2aWNlSWQlMjIlM0ElMjJiYWI4MmQwNS1iNzA1LTQ4MTktYWFjZC1iMWFjZGYwMjIyYzElMjIlMkMlMjJzZXNzaW9uSWQlMjIlM0ExNzMxNjI5MzgxNTMwJTJDJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJsYXN0RXZlbnRUaW1lJTIyJTNBMTczMTYyOTM4Mjk3NiUyQyUyMmxhc3RFdmVudElkJTIyJTNBMiUyQyUyMnBhZ2VDb3VudGVyJTIyJTNBMSU3RA==

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://southbow.neoflow.energy/login Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
security	error	URL: https://jsd-widget.atlassian.com/assets/iframe.js(Line 1) Message: Refused to set the document's base URI to 'https://mavennet.atlassian.net/' because it violates the following Content Security Policy directive: "base-uri https://jsd-widget.atlassian.com/".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	object-src 'none' ; script-src 'self' 'nonce-0c8ba106-63e6-4add-b738-be57d4e45dd4' 'unsafe-inline' 'strict-dynamic' https:; style-src 'unsafe-inline' https: https://fonts.googleapis.com; base-uri https://jsd-widget.atlassian.com/; script-src-elem https://jsd-widget.atlassian.com/assets/iframe.js https://jsd-widget.atlassian.com/assets/embed.js https://maps.googleapis.com 'self';
Strict-Transport-Security	max-age=600; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-private.atlassian.com
api2.amplitude.com
edge.api.flagsmith.com
fonts.googleapis.com
fonts.gstatic.com
jsd-widget.atlassian.com
southbow.neoflow.energy
104.192.142.13
142.251.40.227
2607:f8b0:4006:81e::200a
3.168.102.102
35.71.155.136
52.40.12.44
0c4279c4c5901c0b0807a215d71ad5634338880d366db10fb096592a5434fc3c
31535a91ce3f6b8ed3ddedadab1e49957e2220263a640df1a3f14f6fdfe15eb6
7ef5bff549558fa4484419f18a00926cc402974ac51fb27a13bbfb8e8719de22
8030cc89ea4aeb28e2220707a7464b8e2e61b5388eccef2920635809490cbe65
82af54b96018bb20da6611cc8bbdd62db603a580736e1c47e7801598de1d814e
8c2d9053225cce96bbda1a4ecb58a84f8557f82779c5bbaa740b940fc82eae3f
a17ae97eaf65e892de24450e5905410e757ff13f503227b11cf47676b8c9b499
a9eccfd8b0a5c9a6b29bbc6b96d94a468db35c6bbb892cb6fc01e7d5f44cf5bf
b6b3dcee33c68943a89184ba117cf5fbe622d54960f917c8ade0fbb3340a200e
bc3cd92d3d302ba1fa240fd41a803d65f43e86a780957dea8c6430c4cbec9b9b
d521c39b6d6f50f757125111f05562bbabd1258739755e3a8302dee43cdd2657
d72b179fd5713827560cc2558551d83b9c10fa089dffa7e3b7ef90668a4d9e8e
db71f8a28ad8501544fb4e7668e3c6d0b731760b6f20de3525ebaeba597f1922
dfd5f32a6d263781192d2d9143bda43b3f7fb54af160bcbbd3e8c72f33d1ffa2
e26c41350256af54d4f9b8c3373232824b26a2ee449d11e358aba3e3993aaf89
e9259d10523811c4d1bca7f8da4b52d8dc10e07d7262d5aed4394efce084722c
fa9cf18d15623a88bc5872d304d1c781cb93f5960c840fa78939b6c37769e82a
fff71a83690454ee6ea9014780a6797408918cb90cde1f0f3be65ea28a03c678