urlscan.io logo urlscan.io
SecurityTrails logo

www.the-roast.com Open in urlscan Pro
34.36.113.17  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.the-roast.com/
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On November 27 via api from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 7 HTTP transactions. The main IP is 34.36.113.17, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.the-roast.com.
TLS certificate: Issued by WR3 on November 26th 2024. Valid for: 3 months.
This is the only time www.the-roast.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 34.36.113.17 396982 (GOOGLE-CL...)
2 142.250.185.136 15169 (GOOGLE)
7 2
Apex Domain
Subdomains		 Transfer
5 the-roast.com
www.the-roast.com
2 MB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
181 KB
7 2
Domain Requested by
5 www.the-roast.com www.the-roast.com
2 www.googletagmanager.com www.the-roast.com
www.googletagmanager.com
7 2

This site contains no links.

Subject Issuer Validity Valid
www.the-roast.com
WR3		 2024-11-26 -
2025-02-24		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.the-roast.com/
Frame ID: 85F048EBC00075950DDAA336C5670BD5
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MACH8 - AI innovation and development agency

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

2668 kB
Transfer

5986 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.the-roast.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.the-roast.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.113.17 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
17.113.36.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
aacf1589d32eb5004b60293f2bf00de47d9f2c8ff8af8a6a2f4ef772e2f70e94
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://models.readyplayer.me https://api.openai.com https://eu-texttospeech.googleapis.com https://region1.google-analytics.com lwg-mach8-api-acc.lwdev.nl lwg-mach8-api.lwprod.nl blob:; media-src 'self' https://models.readyplayer.me blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https://www.gravatar.com https://storage.googleapis.com https://media-storage.lwmicro.com https://models.readyplayer.me blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
651
content-security-policy
default-src 'self'; connect-src 'self' https://models.readyplayer.me https://api.openai.com https://eu-texttospeech.googleapis.com https://region1.google-analytics.com lwg-mach8-api-acc.lwdev.nl lwg-mach8-api.lwprod.nl blob:; media-src 'self' https://models.readyplayer.me blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https://www.gravatar.com https://storage.googleapis.com https://media-storage.lwmicro.com https://models.readyplayer.me blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;
content-type
text/html
date
Wed, 27 Nov 2024 20:56:48 GMT
etag
"68d-627bea9d6e738-gzip"
last-modified
Mon, 25 Nov 2024 15:48:26 GMT
referrer-policy
same-origin
server
Google Frontend
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 google
x-cloud-trace-context
513c2fc08683940b49b0ca8663da6987;o=1
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
main.ff68c681.js
www.the-roast.com/static/js/ 		5 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.the-roast.com/static/js/main.ff68c681.js
Requested by
Host: www.the-roast.com
URL: https://www.the-roast.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.113.17 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
17.113.36.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
4680986e9861071f5847f9f9769fe798dbbb35747a6f5477054cc2c62b36dae2
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://models.readyplayer.me https://api.openai.com https://eu-texttospeech.googleapis.com https://region1.google-analytics.com lwg-mach8-api-acc.lwdev.nl lwg-mach8-api.lwprod.nl blob:; media-src 'self' https://models.readyplayer.me blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https://www.gravatar.com https://storage.googleapis.com https://media-storage.lwmicro.com https://models.readyplayer.me blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.the-roast.com/

Response headers

content-encoding
gzip
etag
"524215-627bea9d7e909-gzip"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 20:56:48 GMT
last-modified
Mon, 25 Nov 2024 15:48:27 GMT
vary
Accept-Encoding
content-type
text/javascript
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-security-policy
default-src 'self'; connect-src 'self' https://models.readyplayer.me https://api.openai.com https://eu-texttospeech.googleapis.com https://region1.google-analytics.com lwg-mach8-api-acc.lwdev.nl lwg-mach8-api.lwprod.nl blob:; media-src 'self' https://models.readyplayer.me blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https://www.gravatar.com https://storage.googleapis.com https://media-storage.lwmicro.com https://models.readyplayer.me blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;
cache-control
public,max-age=60
referrer-policy
same-origin
via
1.1 google
accept-ranges
bytes
x-xss-protection
1; mode=block
server
Google Frontend
main.7b2d6dc3.css
www.the-roast.com/static/css/ 		94 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.the-roast.com/static/css/main.7b2d6dc3.css
Requested by
Host: www.the-roast.com
URL: https://www.the-roast.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.113.17 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
17.113.36.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
c5eae1d5bc110b7db6948a492a1bc858e5e10557461656946239443b24914fd1
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://models.readyplayer.me https://api.openai.com https://eu-texttospeech.googleapis.com https://region1.google-analytics.com lwg-mach8-api-acc.lwdev.nl lwg-mach8-api.lwprod.nl blob:; media-src 'self' https://models.readyplayer.me blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https://www.gravatar.com https://storage.googleapis.com https://media-storage.lwmicro.com https://models.readyplayer.me blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.the-roast.com/

Response headers

content-encoding
gzip
etag
"179bb-627bea9d6f2f0-gzip"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 20:56:48 GMT
x-cloud-trace-context
79b61d5912802daff659ba3513c441f7
last-modified
Mon, 25 Nov 2024 15:48:26 GMT
vary
Accept-Encoding
content-type
text/css
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-security-policy
default-src 'self'; connect-src 'self' https://models.readyplayer.me https://api.openai.com https://eu-texttospeech.googleapis.com https://region1.google-analytics.com lwg-mach8-api-acc.lwdev.nl lwg-mach8-api.lwprod.nl blob:; media-src 'self' https://models.readyplayer.me blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https://www.gravatar.com https://storage.googleapis.com https://media-storage.lwmicro.com https://models.readyplayer.me blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;
cache-control
public,max-age=60
referrer-policy
same-origin
via
1.1 google
accept-ranges
bytes
content-length
17689
x-xss-protection
1; mode=block
server
Google Frontend
red-flames.12e9e2befdc09ef7a34a.png
www.the-roast.com/static/media/ 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.the-roast.com/static/media/red-flames.12e9e2befdc09ef7a34a.png
Requested by
Host: www.the-roast.com
URL: https://www.the-roast.com/static/css/main.7b2d6dc3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.113.17 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
17.113.36.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
279ffd90037fba8160b85d8971e83550fde7ea6180bdb8e9057f97547b965029
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://models.readyplayer.me https://api.openai.com https://eu-texttospeech.googleapis.com https://region1.google-analytics.com lwg-mach8-api-acc.lwdev.nl lwg-mach8-api.lwprod.nl blob:; media-src 'self' https://models.readyplayer.me blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https://www.gravatar.com https://storage.googleapis.com https://media-storage.lwmicro.com https://models.readyplayer.me blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.the-roast.com/static/css/main.7b2d6dc3.css

Response headers

etag
"182ff-627bea9d6db80"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 20:56:48 GMT
last-modified
Mon, 25 Nov 2024 15:48:26 GMT
content-type
image/png
x-cloud-trace-context
8f2086f35728b3a9c510119a3253078a
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-security-policy
default-src 'self'; connect-src 'self' https://models.readyplayer.me https://api.openai.com https://eu-texttospeech.googleapis.com https://region1.google-analytics.com lwg-mach8-api-acc.lwdev.nl lwg-mach8-api.lwprod.nl blob:; media-src 'self' https://models.readyplayer.me blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https://www.gravatar.com https://storage.googleapis.com https://media-storage.lwmicro.com https://models.readyplayer.me blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;
cache-control
public,max-age=60
referrer-policy
same-origin
via
1.1 google
accept-ranges
bytes
content-length
99071
x-xss-protection
1; mode=block
server
Google Frontend
gtm.js
www.googletagmanager.com/ 		205 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NK6QQ75T&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: www.the-roast.com
URL: https://www.the-roast.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
dd4a304e85ad838557f74c3cd8cfad1bb4eda2c123397a94a186dc1ea3caf36f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Wed, 27 Nov 2024 20:56:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 20:56:52 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 27 Nov 2024 18:07:56 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
74380
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		323 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-HN3KR492FH&l=dataLayer&cx=c&gtm=45He4bk0v9194398093za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NK6QQ75T&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
2298f0e9a607f3225b0aa7aa65ff403f3ec199af1486e9afba932a7506e9f45a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 27 Nov 2024 20:56:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 20:56:53 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109701
x-xss-protection
0
server
Google Tag Manager
favicon.ico
www.the-roast.com/ 		481 B
635 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.the-roast.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.113.17 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
17.113.36.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
ae299fc254042e50c4f0a491df1cfa0badb77b2c6f37a43e20b89e4ccb9e8d5c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://models.readyplayer.me https://api.openai.com https://eu-texttospeech.googleapis.com https://region1.google-analytics.com lwg-mach8-api-acc.lwdev.nl lwg-mach8-api.lwprod.nl blob:; media-src 'self' https://models.readyplayer.me blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https://www.gravatar.com https://storage.googleapis.com https://media-storage.lwmicro.com https://models.readyplayer.me blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.the-roast.com/

Response headers

etag
"1e1-627bea7aa2681"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 20:56:53 GMT
last-modified
Mon, 25 Nov 2024 15:47:50 GMT
content-type
image/vnd.microsoft.icon
x-cloud-trace-context
ff003967354107219ce2bbe446136fee
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-security-policy
default-src 'self'; connect-src 'self' https://models.readyplayer.me https://api.openai.com https://eu-texttospeech.googleapis.com https://region1.google-analytics.com lwg-mach8-api-acc.lwdev.nl lwg-mach8-api.lwprod.nl blob:; media-src 'self' https://models.readyplayer.me blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https://www.gravatar.com https://storage.googleapis.com https://media-storage.lwmicro.com https://models.readyplayer.me blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;
cache-control
public,max-age=60
referrer-policy
same-origin
via
1.1 google
accept-ranges
bytes
content-length
481
x-xss-protection
1; mode=block
server
Google Frontend

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackChunkfrontend string| __THREE__ object| _tfengine string| __reactRouterVersion object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

2 Cookies

Domain/Path Name / Value
.the-roast.com/ Name: _ga
Value: GA1.1.2098970219.1732741013
.the-roast.com/ Name: _ga_HN3KR492FH
Value: GS1.1.1732741013.1.0.1732741013.0.0.0

6 Console Messages

Source Level URL
Text
security error URL: https://www.googletagmanager.com/gtag/js?id=G-HN3KR492FH&l=dataLayer&cx=c&gtm=45He4bk0v9194398093za200(Line 195)
Message:
Refused to connect to 'https://www.google-analytics.com/g/collect?v=2&tid=G-HN3KR492FH&gtm=45je4bk0v9194368646z89194398093za200zb9194398093&_p=1732741012298&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=2098970219.1732741013&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732741013&sct=1&seg=0&dl=https%3A%2F%2Fwww.the-roast.com%2F&dt=MACH8%20-%20AI%20innovation%20and%20development%20agency&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=5690' because it violates the following Content Security Policy directive: "connect-src 'self' https://models.readyplayer.me https://api.openai.com https://eu-texttospeech.googleapis.com https://region1.google-analytics.com lwg-mach8-api-acc.lwdev.nl lwg-mach8-api.lwprod.nl blob:".
javascript error URL: https://www.googletagmanager.com/gtag/js?id=G-HN3KR492FH&l=dataLayer&cx=c&gtm=45He4bk0v9194398093za200(Line 195)
Message:
Refused to connect to 'https://www.google-analytics.com/g/collect?v=2&tid=G-HN3KR492FH&gtm=45je4bk0v9194368646z89194398093za200zb9194398093&_p=1732741012298&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=2098970219.1732741013&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732741013&sct=1&seg=0&dl=https%3A%2F%2Fwww.the-roast.com%2F&dt=MACH8%20-%20AI%20innovation%20and%20development%20agency&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=5690' because it violates the document's Content Security Policy.
security error URL: https://www.googletagmanager.com/gtag/js?id=G-HN3KR492FH&l=dataLayer&cx=c&gtm=45He4bk0v9194398093za200(Line 195)
Message:
Refused to connect to 'https://www.google-analytics.com/g/collect?v=2&tid=G-HN3KR492FH&gtm=45je4bk0v9194368646za200zb9194398093&_p=1732741012298&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=2098970219.1732741013&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1732741013&sct=1&seg=0&dl=https%3A%2F%2Fwww.the-roast.com%2F&dt=MACH8%20-%20AI%20innovation%20and%20development%20agency&en=scroll&epn.percent_scrolled=90&_et=3&tfd=10696' because it violates the following Content Security Policy directive: "connect-src 'self' https://models.readyplayer.me https://api.openai.com https://eu-texttospeech.googleapis.com https://region1.google-analytics.com lwg-mach8-api-acc.lwdev.nl lwg-mach8-api.lwprod.nl blob:".
javascript error URL: https://www.googletagmanager.com/gtag/js?id=G-HN3KR492FH&l=dataLayer&cx=c&gtm=45He4bk0v9194398093za200(Line 195)
Message:
Refused to connect to 'https://www.google-analytics.com/g/collect?v=2&tid=G-HN3KR492FH&gtm=45je4bk0v9194368646za200zb9194398093&_p=1732741012298&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=2098970219.1732741013&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1732741013&sct=1&seg=0&dl=https%3A%2F%2Fwww.the-roast.com%2F&dt=MACH8%20-%20AI%20innovation%20and%20development%20agency&en=scroll&epn.percent_scrolled=90&_et=3&tfd=10696' because it violates the document's Content Security Policy.
security error URL: https://www.googletagmanager.com/gtag/js?id=G-HN3KR492FH&l=dataLayer&cx=c&gtm=45He4bk0v9194398093za200(Line 195)
Message:
Refused to connect to 'https://www.google-analytics.com/g/collect?v=2&tid=G-HN3KR492FH&gtm=45je4bk0v9194368646za200zb9194398093&_p=1732741012298&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=2098970219.1732741013&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=3&sid=1732741013&sct=1&seg=0&dl=https%3A%2F%2Fwww.the-roast.com%2F&dt=MACH8%20-%20AI%20innovation%20and%20development%20agency&en=user_engagement&_et=7253&tfd=12952' because it violates the following Content Security Policy directive: "connect-src 'self' https://models.readyplayer.me https://api.openai.com https://eu-texttospeech.googleapis.com https://region1.google-analytics.com lwg-mach8-api-acc.lwdev.nl lwg-mach8-api.lwprod.nl blob:".
javascript error URL: https://www.googletagmanager.com/gtag/js?id=G-HN3KR492FH&l=dataLayer&cx=c&gtm=45He4bk0v9194398093za200(Line 195)
Message:
Refused to connect to 'https://www.google-analytics.com/g/collect?v=2&tid=G-HN3KR492FH&gtm=45je4bk0v9194368646za200zb9194398093&_p=1732741012298&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=2098970219.1732741013&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=3&sid=1732741013&sct=1&seg=0&dl=https%3A%2F%2Fwww.the-roast.com%2F&dt=MACH8%20-%20AI%20innovation%20and%20development%20agency&en=user_engagement&_et=7253&tfd=12952' because it violates the document's Content Security Policy.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://models.readyplayer.me https://api.openai.com https://eu-texttospeech.googleapis.com https://region1.google-analytics.com lwg-mach8-api-acc.lwdev.nl lwg-mach8-api.lwprod.nl blob:; media-src 'self' https://models.readyplayer.me blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https://www.gravatar.com https://storage.googleapis.com https://media-storage.lwmicro.com https://models.readyplayer.me blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block