pentest.360security.io Open in urlscan Pro
80.78.22.26 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pentest.360security.io/
Submission: On April 06 via automatic, source certstream-suspicious (April 6th 2021, 8:54:47 pm UTC)

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 5 domains to perform 14 HTTP transactions. The main IP is 80.78.22.26, located in Sweden and belongs to ABSTRACT, FI. The main domain is pentest.360security.io.
TLS certificate: Issued by R3 on April 6th 2021. Valid for: 3 months.

This is the only time pentest.360security.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	80.78.22.26 80.78.22.26	39287 (ABSTRACT) (ABSTRACT)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
7	65.9.66.128 65.9.66.128	16509 (AMAZON-02) (AMAZON-02)
1	65.9.66.73 65.9.66.73	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
14	7

2 80.78.22.26 (Sweden)

ASN39287 (ABSTRACT, FI)
PTR: host-80-78-22-26.njalla.net

pentest.360security.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 65.9.66.128 (United States)

ASN16509 (AMAZON-02, US)

cdn.botengine.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.chatbot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.73 (United States)

ASN16509 (AMAZON-02, US)

cdn.chatbot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	chatbot.com cdn.chatbot.com	91 KB
2	gstatic.com fonts.gstatic.com	30 KB
2	googleapis.com fonts.googleapis.com	2 KB
2	360security.io pentest.360security.io	2 KB
1	botengine.ai cdn.botengine.ai	4 KB
14	5

	Domain	Requested by
7	cdn.chatbot.com	cdn.botengine.ai cdn.chatbot.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	pentest.360security.io cdn.chatbot.com
2	pentest.360security.io	pentest.360security.io
1	cdn.botengine.ai	pentest.360security.io
14	5

This site contains no links.

Subject Issuer	Validity	Valid
pentest.360security.io R3	`2021-04-06` - `2021-07-05`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
chatbot.com Amazon	`2020-09-26` - `2021-10-28`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://pentest.360security.io/
Frame ID: 6AB8641195B57D6FD0A039D741640D7C
Requests: 3 HTTP requests in this frame

Frame: https://pentest.360security.io/widget.html
Frame ID: 1B0BF56802388B86221E5B159D43A6AD
Requests: 5 HTTP requests in this frame

Frame: https://cdn.chatbot.com/widget/v2/chat.html?id=6050f74a3d44f00007d8aefd&v=684
Frame ID: 9BFD31C69EC785009683C594902F1F14
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

14
Requests

100 %
HTTPS

57 %
IPv6

5
Domains

5
Subdomains

7
IPs

3
Countries

129 kB
Transfer

349 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
pentest.360security.io/ 4 KB
1 KB 106ms
29ms Document
text/html 80.78.22.26
ABSTRACT

General

Check archive.org

Show headers Download Go to

Full URL: https://pentest.360security.io/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 80.78.22.26 , Sweden, ASN39287 (ABSTRACT, FI),
Reverse DNS: host-80-78-22-26.njalla.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: a969d693d89b79a7bb67facf88d5eb7a44c0c928c5c9b5324ecaeaea5483e649

Request headers

Host: pentest.360security.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Apr 2021 20:54:31 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Apr 2021 20:33:43 GMT
ETag: "f74-5bf53baf9de31-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 970
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

GET
H2 200 css
fonts.googleapis.com/ 2 KB
642 B 22ms
21ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: pentest.360security.io
URL: https://pentest.360security.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pentest.360security.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 06 Apr 2021 19:54:02 GMT
server: ESF
date: Tue, 06 Apr 2021 20:54:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Apr 2021 20:54:31 GMT

GET
H/1.1 200
OK widget.html Show response
pentest.360security.io/ Frame 1B0B 948 B
837 B 29ms
29ms Document
text/html 80.78.22.26
ABSTRACT

General

Check archive.org

Show headers Download Go to

Full URL: https://pentest.360security.io/widget.html
Requested by: Host: pentest.360security.io
URL: https://pentest.360security.io/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 80.78.22.26 , Sweden, ASN39287 (ABSTRACT, FI),
Reverse DNS: host-80-78-22-26.njalla.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 19121004fdde81e105fbd2e7050304dc03e3fe63b3846d9f00cb0db318683ce4

Request headers

Host: pentest.360security.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://pentest.360security.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://pentest.360security.io/

Response headers

Date: Tue, 06 Apr 2021 20:54:31 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 06 Apr 2021 20:33:43 GMT
ETag: "3b4-5bf53baf6926f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 501
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://pentest.360security.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 10:03:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 384655
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Sat, 02 Apr 2022 10:03:37 GMT

GET
H2 200 plugin.js Show response
cdn.botengine.ai/widget/ Frame 1B0B 9 KB
4 KB 78ms
24ms Script
application/javascript 65.9.66.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.botengine.ai/widget/plugin.js
Requested by: Host: pentest.360security.io
URL: https://pentest.360security.io/widget.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 202752fa7a5a30ee9a7583a23f045e61689f1c5f147f6d8d1fa05e6ab0153858

Request headers

Referer: https://pentest.360security.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: QEHl2.3t1bvX1zAS6F4sLFUvNgPvzoyM
content-encoding: gzip
last-modified: Tue, 30 Mar 2021 12:51:00 GMT
server: AmazonS3
age: 1449
etag: W/"8853ce597d0917584ec866d09152eb43"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
date: Tue, 06 Apr 2021 20:30:24 GMT
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: YmIfidkgOxxJDUg9M7DD5r52sdV3Rmp7sBCTpIRIVio8La0Ry7VPPA==

GET
H2 200 polyfill.js Show response
cdn.chatbot.com/widget/ Frame 1B0B 72 B
395 B 53ms
32ms Script
application/javascript 65.9.66.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.chatbot.com/widget/polyfill.js
Requested by: Host: cdn.botengine.ai
URL: https://cdn.botengine.ai/widget/plugin.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11

Request headers

Referer: https://pentest.360security.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 20:49:43 GMT
via: 1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
age: 289
access-control-allow-methods: GET,HEAD
x-cache: Hit from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-pop: FRA56-C1
content-length: 72
x-amz-cf-id: HgFDiqGQxVAAXDDAIXZPKp8zXIimHvKNrddxbMlwpMlH125lW_P_lA==

GET
H2 200 settings.json Show response
cdn.chatbot.com/widget/6050f74a3d44f00007d8aefd/ Frame 1B0B 2 KB
1 KB 197ms
151ms Fetch
application/json 65.9.66.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.chatbot.com/widget/6050f74a3d44f00007d8aefd/settings.json
Requested by: Host: cdn.botengine.ai
URL: https://cdn.botengine.ai/widget/plugin.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a58c52190e8ae6addbe52533233c8c37538cbb53593f88c6b4c8f7be80c996b8

Request headers

Referer: https://pentest.360security.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 20:54:33 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
last-modified: Wed, 31 Mar 2021 18:19:02 GMT
server: AmazonS3
etag: W/"a5c1dba709f0dda9695b65546fbb72b9"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: OM8Z8oBVAkAGntuR73.GUksfb82EGFJy
via: 1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
cache-control: public, max-age=30
content-type: application/json
x-amz-cf-id: rsSTLU8ZypbdcLavsvCivynr3LTIxat22eBxGYVzJ1RLvikJOrBsZQ==

GET
H2 200 plugin.js Show response
cdn.chatbot.com/widget/v2/ Frame 1B0B 34 KB
11 KB 25ms
25ms Script
application/javascript 65.9.66.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.chatbot.com/widget/v2/plugin.js
Requested by: Host: cdn.botengine.ai
URL: https://cdn.botengine.ai/widget/plugin.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 87850ddcbf5581b168189da408c94f6f62f0eb115c6c738672a328e15ce3b38e

Request headers

Referer: https://pentest.360security.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: buxDR7uKMQlv8S3vyZMqH8.S8mltU1y4
content-encoding: gzip
last-modified: Tue, 30 Mar 2021 12:51:00 GMT
server: AmazonS3
age: 3322
etag: W/"74116344857dad459310188acbad43f9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
date: Tue, 06 Apr 2021 19:59:14 GMT
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: YBLa4jj3QJhKiPxnWnCOuCKDVqwb6QZR0LqTn19W9o3WN1LVKkYi3g==

GET
H2 200 chat.html Show response
cdn.chatbot.com/widget/v2/ Frame 9BFD 593 B
989 B 22ms
22ms Document
text/html 65.9.66.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.chatbot.com/widget/v2/chat.html?id=6050f74a3d44f00007d8aefd&v=684
Requested by: Host: cdn.chatbot.com
URL: https://cdn.chatbot.com/widget/v2/plugin.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f9f19f6275943b11fda5d342f95e4b90c92adcf8edfcc2c1b406bfeddca967c8

Request headers

:method: GET
:authority: cdn.chatbot.com
:scheme: https
:path: /widget/v2/chat.html?id=6050f74a3d44f00007d8aefd&v=684
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://pentest.360security.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://pentest.360security.io/

Response headers

content-type: text/html; charset=utf-8
content-length: 593
last-modified: Tue, 30 Mar 2021 12:51:00 GMT
x-amz-version-id: WcFuE7onklSxbXpKWl3PcaVUO2wclMYX
accept-ranges: bytes
server: AmazonS3
date: Tue, 06 Apr 2021 20:01:48 GMT
cache-control: public, max-age=3600
etag: "fd2a119407ec0430e5c085e20fa9dc3b"
x-cache: Hit from cloudfront
via: 1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 9KFVV8nSIDcZ91PkP4hrnhwgXXyCtFaJSWSXU8mchlmEwHJ9DRTpjg==
age: 3165

GET
H2 200 polyfill.js Show response
cdn.chatbot.com/widget/ Frame 9BFD 72 B
388 B 59ms
58ms Script
application/javascript 65.9.66.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.chatbot.com/widget/polyfill.js
Requested by: Host: cdn.chatbot.com
URL: https://cdn.chatbot.com/widget/v2/chat.html?id=6050f74a3d44f00007d8aefd&v=684
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11

Request headers

Origin: https://cdn.chatbot.com
Referer: https://cdn.chatbot.com/widget/v2/chat.html?id=6050f74a3d44f00007d8aefd&v=684
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 20:54:32 GMT
via: 1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
access-control-allow-methods: GET,HEAD
content-length: 72
x-amz-cf-id: YctyhijVKQO3X6OWDs9aMMo8sQvZXkqVEGjJvnuj1g9kXvwLmjAAUQ==

GET
H2 200 chat.2dc5a41a738b54b65229.css
cdn.chatbot.com/widget/v2/ Frame 9BFD 37 KB
6 KB 57ms
57ms Stylesheet
text/css 65.9.66.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.chatbot.com/widget/v2/chat.2dc5a41a738b54b65229.css
Requested by: Host: cdn.chatbot.com
URL: https://cdn.chatbot.com/widget/v2/chat.html?id=6050f74a3d44f00007d8aefd&v=684
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 060df492c71c413d355e309dd7c41f51b46520e343adfa5f050ddebfd93f75c7

Request headers

Referer: https://cdn.chatbot.com/widget/v2/chat.html?id=6050f74a3d44f00007d8aefd&v=684
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: CnRJslbMn2HLKnETVHB1NN5Ty0pUmTQr
content-encoding: gzip
last-modified: Tue, 30 Mar 2021 12:51:00 GMT
server: AmazonS3
age: 360
etag: W/"df02876c21c1c202e79ed9f7fb80adcc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
via: 1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
date: Tue, 06 Apr 2021 20:48:32 GMT
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: vi1S7XHt4L0iIEw2X7m7VhY9iJE0TGELYVFRRoe7629scgugqHSWyg==

GET
H2 200 chat.js Show response
cdn.chatbot.com/widget/v2/ Frame 9BFD 221 KB
72 KB 37ms
37ms Script
application/javascript 65.9.66.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.chatbot.com/widget/v2/chat.js
Requested by: Host: cdn.chatbot.com
URL: https://cdn.chatbot.com/widget/v2/chat.html?id=6050f74a3d44f00007d8aefd&v=684
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5c06a6c6fcd96a9aafae7ca90b1afebc00f572bbf15ab5c5e78c0c5dc05d7f38

Request headers

Referer: https://cdn.chatbot.com/widget/v2/chat.html?id=6050f74a3d44f00007d8aefd&v=684
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: KmQ9_dGXY_AOw2eTQxU16oKXvyu3k47R
content-encoding: gzip
last-modified: Tue, 30 Mar 2021 12:51:00 GMT
server: AmazonS3
age: 1308
etag: W/"825913a014b4b1ac980a47010da7c968"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
date: Tue, 06 Apr 2021 20:32:50 GMT
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 4bnjtgcLlESbsqRL4rdbldmC8YHPvSnTldxaYzXjmpw60a2wh3VNSw==

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 9BFD 9 KB
1 KB 36ms
22ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700

Requested by

Host: cdn.chatbot.com
URL: https://cdn.chatbot.com/widget/v2/chat.2dc5a41a738b54b65229.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b0c6270c06376a439c78b771536429905666d4899fea1561e7d9a4b1d8a2eca2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cdn.chatbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 06 Apr 2021 19:39:28 GMT
server: ESF
date: Tue, 06 Apr 2021 20:54:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Apr 2021 20:54:32 GMT

GET
H3-Q050 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ Frame 9BFD 16 KB
16 KB 29ms
14ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://cdn.chatbot.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 23:19:53 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:09 GMT
server: sffe
age: 509679
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16112
x-xss-protection: 0
expires: Thu, 31 Mar 2022 23:19:53 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://cdn.chatbot.com/widget/v2/plugin.js(Line 1) Message: TypeError: BE_API.openChatWidget is not a function

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.botengine.ai
cdn.chatbot.com
fonts.googleapis.com
fonts.gstatic.com
pentest.360security.io
2a00:1450:4001:800::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:810::2003
2a00:1450:4001:829::200a
65.9.66.128
65.9.66.73
80.78.22.26
060df492c71c413d355e309dd7c41f51b46520e343adfa5f050ddebfd93f75c7
19121004fdde81e105fbd2e7050304dc03e3fe63b3846d9f00cb0db318683ce4
202752fa7a5a30ee9a7583a23f045e61689f1c5f147f6d8d1fa05e6ab0153858
5c06a6c6fcd96a9aafae7ca90b1afebc00f572bbf15ab5c5e78c0c5dc05d7f38
87850ddcbf5581b168189da408c94f6f62f0eb115c6c738672a328e15ce3b38e
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
a58c52190e8ae6addbe52533233c8c37538cbb53593f88c6b4c8f7be80c996b8
a969d693d89b79a7bb67facf88d5eb7a44c0c928c5c9b5324ecaeaea5483e649
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
b0c6270c06376a439c78b771536429905666d4899fea1561e7d9a4b1d8a2eca2
c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b
f9f19f6275943b11fda5d342f95e4b90c92adcf8edfcc2c1b406bfeddca967c8

pentest.360security.io Open in urlscan Pro 80.78.22.26 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

57 %IPv6

5 Domains

5 Subdomains

7 IPs

3 Countries

129 kBTransfer

349 kBSize

0 Cookies

0 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

pentest.360security.io Open in urlscan Pro
80.78.22.26 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

57 %
IPv6

5
Domains

5
Subdomains

7
IPs

3
Countries

129 kB
Transfer

349 kB
Size

0
Cookies

14 HTTP transactions
0 data transactions