app.safe.eset.com Open in urlscan Pro
141.145.8.14 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://app.safe.eset.com/e/u?s=786665&elq=31d8e6d6cab24e17ab56ac2e2e1ec2dd
Submission: On June 22 via api (June 22nd 2021, 5:26:05 pm UTC) from US

Summary HTTP 21 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 12 domains to perform 21 HTTP transactions. The main IP is 141.145.8.14, located in Amsterdam, Netherlands and belongs to ORCL-AM-OPC1, SE. The main domain is app.safe.eset.com.
TLS certificate: Issued by Thawte RSA CA 2018 on October 9th 2020. Valid for: a year.

This is the only time app.safe.eset.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	141.145.8.14 141.145.8.14	43898 (ORCL-AM-OPC1) (ORCL-AM-OPC1)
1	141.145.8.13 141.145.8.13	43898 (ORCL-AM-OPC1) (ORCL-AM-OPC1)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2.16.186.192 2.16.186.192	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.111.229.66 104.111.229.66	16625 (AKAMAI-AS) (AKAMAI-AS)
5	65.9.77.45 65.9.77.45	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	65.9.77.23 65.9.77.23	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	65.9.77.82 65.9.77.82	16509 (AMAZON-02) (AMAZON-02)
21	14

2 141.145.8.14 (Amsterdam, Netherlands) 1 redirects

ASN43898 (ORCL-AM-OPC1, SE)

app.safe.eset.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.145.8.13 (Amsterdam, Netherlands)

ASN43898 (ORCL-AM-OPC1, SE)

s786665.t.eloqua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.186.192 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-192.deploy.static.akamaitechnologies.com

images.safe.eset.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.229.66 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-229-66.deploy.static.akamaitechnologies.com

img06.en25.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 65.9.77.45 (United States)

ASN16509 (AMAZON-02, US)

cdn1-prodint.esetstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.77.23 (United States)

ASN16509 (AMAZON-02, US)

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.77.82 (United States)

ASN16509 (AMAZON-02, US)

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	esetstatic.com cdn1-prodint.esetstatic.com	247 KB
4	eset.com 1 redirects app.safe.eset.com images.safe.eset.com	33 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	65 KB
2	gstatic.com fonts.gstatic.com	29 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	google.de www.google.de	107 B
1	google.com www.google.com	107 B
1	doubleclick.net stats.g.doubleclick.net	89 B
1	googletagmanager.com www.googletagmanager.com	84 KB
1	en25.com img06.en25.com	14 KB
1	googleapis.com fonts.googleapis.com	727 B
1	eloqua.com s786665.t.eloqua.com
21	12

	Domain	Requested by
4	cdn1-prodint.esetstatic.com	app.safe.eset.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.google-analytics.com	www.googletagmanager.com app.safe.eset.com
2	images.safe.eset.com	app.safe.eset.com
2	app.safe.eset.com	1 redirects
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	www.google.de	app.safe.eset.com
1	www.google.com	app.safe.eset.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	static.hotjar.com	app.safe.eset.com
1	www.googletagmanager.com	app.safe.eset.com
1	img06.en25.com	app.safe.eset.com
1	fonts.googleapis.com	app.safe.eset.com
1	s786665.t.eloqua.com	app.safe.eset.com
21	15

This site contains links to these domains. Also see Links.

Domain
www.eset.com
notify.eset.com

Subject Issuer	Validity	Valid
app.safe.eset.com Thawte RSA CA 2018	`2020-10-09` - `2021-10-10`	a year	crt.sh
*.t.eloqua.com DigiCert SHA2 Secure Server CA	`2020-03-09` - `2022-04-08`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-31` - `2021-08-23`	3 months	crt.sh
images.safe.eset.com Thawte RSA CA 2018	`2020-10-09` - `2021-10-10`	a year	crt.sh
*.en25.com DigiCert SHA2 Secure Server CA	`2020-08-13` - `2021-11-12`	a year	crt.sh
*.esetstatic.com Thawte RSA CA 2018	`2019-09-05` - `2021-10-04`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-05-24` - `2021-08-16`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://app.safe.eset.com/e/u?s=786665&elq=31d8e6d6cab24e17ab56ac2e2e1ec2dd
Frame ID: ED4A70DFBF091F23733681C1E73FD96D
Requests: 20 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: D64BC6095067FE54A7638A774B9A7225
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

21
Requests

100 %
HTTPS

50 %
IPv6

12
Domains

15
Subdomains

14
IPs

4
Countries

492 kB
Transfer

996 kB
Size

7
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.eset.com/us/?elqTrackId=43958fb3932f4f5391a997e9962ef4e1&elqaid=16&elqat=2&elqah=FBEC88C534ACF57169C34814A6FE0F2BFD92EFF147D0BAEB8808669C4D89857D
Title:

Search URL Search Domain Scan URL

URL: https://notify.eset.com/business-preference/VickyCronellLL8SYU?intcmp=b2b-uns-cnfm-pg&elqTrackId=24a6210e75ad46648ce940ec58f48d13&elq=31d8e6d6cab24e17ab56ac2e2e1ec2dd&elqaid=16&elqat=2&elqCampaignId=&elqah=5B622D9B05958529F20056F163F496D963C307311858FB17A205F8DCFCEE7088
Title: click here

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://app.safe.eset.com/e/css/singlePageTemplate.css HTTP 302
https://s786665.t.eloqua.com/e/css/singlePageTemplate.css

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request u Show response
app.safe.eset.com/e/ 40 KB
10 KB 266ms
217ms Document
text/html 141.145.8.14
ORCL-AM-OPC1

General

Check archive.org

Show headers Download Go to

Full URL

https://app.safe.eset.com/e/u?s=786665&elq=31d8e6d6cab24e17ab56ac2e2e1ec2dd

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

141.145.8.14 Amsterdam, Netherlands, ASN43898 (ORCL-AM-OPC1, SE),

Reverse DNS

Software

Resource Hash

d89ddcc23e09129fc6c05fe625eee0461388849174cd09899af963838ceb0538

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: app.safe.eset.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control: no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
X-Xss-Protection: 1; mode=block
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
X-Content-Type-Options: nosniff
Date: Tue, 22 Jun 2021 17:25:46 GMT
Content-Length: 9794

GET
H/1.1

404
Not Found

singlePageTemplate.css
s786665.t.eloqua.com/e/css/
Redirect Chain

https://app.safe.eset.com/e/css/singlePageTemplate.css
https://s786665.t.eloqua.com/e/css/singlePageTemplate.css

0
0

65ms
20ms

Stylesheet
text/html

141.145.8.13
ORCL-AM-OPC1

General

Check archive.org

Show headers Download Go to

Full URL: https://s786665.t.eloqua.com/e/css/singlePageTemplate.css
Requested by: Host: app.safe.eset.com
URL: https://app.safe.eset.com/e/u?s=786665&elq=31d8e6d6cab24e17ab56ac2e2e1ec2dd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 141.145.8.13 Amsterdam, Netherlands, ASN43898 (ORCL-AM-OPC1, SE),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://app.safe.eset.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Tue, 22 Jun 2021 17:25:46 GMT
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Location: https://s786665.t.eloqua.com/e/css/singlePageTemplate.css
Cache-Control: no-store
Content-Type: text/html; charset=utf-8
Content-Length: 174
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H2 200 css
fonts.googleapis.com/ 4 KB
727 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700

Requested by

Host: app.safe.eset.com
URL: https://app.safe.eset.com/e/u?s=786665&elq=31d8e6d6cab24e17ab56ac2e2e1ec2dd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

35bd9d448b08e6146b89931bfac28ae83c5df33b88c92e1800652c222cab535c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://app.safe.eset.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 15:34:45 GMT
server: ESF
date: Tue, 22 Jun 2021 17:25:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Jun 2021 17:25:47 GMT

GET
H/1.1 200
OK %7Bf1da4703-834d-4b25-a6cf-748e81abf152%7D_ESET-logo-White-600x90.png
images.safe.eset.com/EloquaImages/clients/ESET2/ 11 KB
11 KB 48ms
25ms Image
image/png 2.16.186.192
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.safe.eset.com/EloquaImages/clients/ESET2/%7Bf1da4703-834d-4b25-a6cf-748e81abf152%7D_ESET-logo-White-600x90.png

Requested by

Host: app.safe.eset.com
URL: https://app.safe.eset.com/e/u?s=786665&elq=31d8e6d6cab24e17ab56ac2e2e1ec2dd

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.192 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-192.deploy.static.akamaitechnologies.com

Software

Resource Hash

bfadecce2ccdd4b3d5967de7612680ec91bdf9751de5c92faab8e6c149f4e591

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.safe.eset.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Oct 2020 14:02:07 GMT
ETag: "325c509dc498d61:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-cache, no-store
Date: Tue, 22 Jun 2021 17:25:47 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 11162
X-XSS-Protection: 1; mode=block
Expires: Tue, 22 Jun 2021 17:25:47 GMT

GET
H/1.1 200
OK livevalidation_standalone.compressed.js Show response
img06.en25.com/i/ 13 KB
14 KB 33ms
12ms Script
application/x-javascript 104.111.229.66
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img06.en25.com/i/livevalidation_standalone.compressed.js

Requested by

Host: app.safe.eset.com
URL: https://app.safe.eset.com/e/u?s=786665&elq=31d8e6d6cab24e17ab56ac2e2e1ec2dd

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.229.66 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-229-66.deploy.static.akamaitechnologies.com

Software

Resource Hash

7c04e1ad3893819bce8b4590d91b4b02a175ef4b6ae9ffffac8e670bd7c0c9b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.safe.eset.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Fri, 23 Apr 2021 18:01:07 GMT
ETag: "58a675a26a38d71:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-cache, no-store
Date: Tue, 22 Jun 2021 17:25:47 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 13476
X-XSS-Protection: 1; mode=block
Expires: Tue, 22 Jun 2021 17:25:47 GMT

GET
H2 200 jquery-1.11.2.min.js Show response
cdn1-prodint.esetstatic.com/us/assets/usweb/js/lib/ 94 KB
94 KB 78ms
19ms Script
text/javascript 65.9.77.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn1-prodint.esetstatic.com/us/assets/usweb/js/lib/jquery-1.11.2.min.js

Requested by

Host: app.safe.eset.com
URL: https://app.safe.eset.com/e/u?s=786665&elq=31d8e6d6cab24e17ab56ac2e2e1ec2dd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.77.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://app.safe.eset.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 11:18:15 GMT
via: 1.1 241b025da3883bdb653910a6da97c0a8.cloudfront.net (CloudFront)
server: Apache
age: 1490852
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2628000, public
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: Be3QqbtGEt-hYv4Yd1mynalHtOGB8w2B19-rAAM-E1xRvY7bKPJlYA==

GET
H2 200 s_code.js Show response
cdn1-prodint.esetstatic.com/us/assets/usweb/js/ 90 KB
90 KB 107ms
49ms Script
text/javascript 65.9.77.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn1-prodint.esetstatic.com/us/assets/usweb/js/s_code.js

Requested by

Host: app.safe.eset.com
URL: https://app.safe.eset.com/e/u?s=786665&elq=31d8e6d6cab24e17ab56ac2e2e1ec2dd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.77.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

767048ccfc724ba6aedcb3e20d1d1f16baba4cee5c7c957fb7f4504b290bd6ef

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://app.safe.eset.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 09:51:08 GMT
via: 1.1 241b025da3883bdb653910a6da97c0a8.cloudfront.net (CloudFront)
server: Apache
age: 1064079
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2628000, public
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: QD4Y4MRN2dWRPlAeHmZWRIANgAisBGMid1YJQwiDuqmrxfxOVj20cw==

GET
H2 200 s_analytics.js Show response
cdn1-prodint.esetstatic.com/us/assets/usweb/js/ 61 KB
61 KB 282ms
224ms Script
text/javascript 65.9.77.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn1-prodint.esetstatic.com/us/assets/usweb/js/s_analytics.js

Requested by

Host: app.safe.eset.com
URL: https://app.safe.eset.com/e/u?s=786665&elq=31d8e6d6cab24e17ab56ac2e2e1ec2dd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.77.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

bed27fc335baff4778c3da0114e7326d1cf63124a29391725e62b8e4953babc0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://app.safe.eset.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Jun 2021 17:25:47 GMT
via: 1.1 241b025da3883bdb653910a6da97c0a8.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: AMS1-C1
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-amz-cf-id: lQz5TeTWgtjCj1QUk8oK5cwDiic9tpbKl8JMuRqbSkpdi2yek5Xxnw==
expires: Sat, 26 Jun 1994 04:00:00 GMT

GET
H2 200 leadsource.js Show response
cdn1-prodint.esetstatic.com/us/assets/usweb/js/ 12 KB
2 KB 116ms
58ms Script
text/javascript 65.9.77.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn1-prodint.esetstatic.com/us/assets/usweb/js/leadsource.js

Requested by

Host: app.safe.eset.com
URL: https://app.safe.eset.com/e/u?s=786665&elq=31d8e6d6cab24e17ab56ac2e2e1ec2dd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.77.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

a31b5a40f8fe97ca19bc865977b07f48901e5e095cbf838804a2ab0476c2d378

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://app.safe.eset.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 09:00:44 GMT
content-encoding: gzip
vary: Accept-Encoding
server: Apache
age: 289503
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2628000, public
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: ucOsyQw-GXZlHt66UkLlu6EyGFVTJvU5MORVPzAhFg0cPqBs6rg7qw==
via: 1.1 241b025da3883bdb653910a6da97c0a8.cloudfront.net (CloudFront)

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 337 KB
84 KB 40ms
39ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-SZRK

Requested by

Host: app.safe.eset.com
URL: https://app.safe.eset.com/e/u?s=786665&elq=31d8e6d6cab24e17ab56ac2e2e1ec2dd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

077f1249a08a066d0b2ac78b26c0e0c77f25ec70ad8a220b8a388b7e9b2a9708

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://app.safe.eset.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 17:25:47 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85904
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 22 Jun 2021 17:25:47 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-SZRK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.safe.eset.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 3667
date: Tue, 22 Jun 2021 16:24:40 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Tue, 22 Jun 2021 18:24:40 GMT

GET
H2 200 hotjar-68223.js Show response
static.hotjar.com/c/ 25 KB
6 KB 44ms
43ms Script
application/javascript 65.9.77.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-68223.js?sv=6

Requested by

Host: app.safe.eset.com
URL: https://app.safe.eset.com/e/u?s=786665&elq=31d8e6d6cab24e17ab56ac2e2e1ec2dd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.77.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ae40bf072501e24e54e842af4c2423cee3ebb4cc884e69a08b11526bba7bcb42

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.safe.eset.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 17:25:47 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: AMS1-C1
etag: W/7d6af38a79efd3023bfd03e9f257fa70
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-id: rJ-U5PRWsD8sW6m4CGaFILkqJhMMTlwv0NoMu7_TfuMQ1FX3u96ZNQ==
via: 1.1 aae0a3ddd306e11f8c3d25a657078704.cloudfront.net (CloudFront)

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://app.safe.eset.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 17:35:44 GMT
x-content-type-options: nosniff
age: 258603
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 17:35:44 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://app.safe.eset.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 05:33:17 GMT
x-content-type-options: nosniff
age: 301950
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:50 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 05:33:17 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
89 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-32126-1&cid=1907561199.1624382748&jid=2037468043&gjid=1706405136&_gid=1005845671.1624382748&_u=YGBAgEABAAAAAE~&z=1562503555

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.safe.eset.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 22 Jun 2021 17:25:47 GMT
content-type: text/plain
access-control-allow-origin: https://app.safe.eset.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=346734526&t=pageview&_s=1&dl=https%3A%2F%2Fapp.safe.eset.com%2Fe%2Fu%3Fs%3D786665%26elq%3D31d8e6d6cab24e17ab56ac2e2e1ec2dd&dp=%2Fe%2Fu%3Fs%3D786665%26elq%3D31d8e6d6cab24e17ab56ac2e2e1ec2dd&ul=en-us&de=UTF-8&dt=ESET&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=2037468043&gjid=1706405136&cid=1907561199.1624382748&tid=UA-32126-1&_gid=1005845671.1624382748&gtm=2wg6g0SZRK&cd6=N%2FA&cd21=&cd22=app.safe.eset.com%2Fe%2Fu&cd25=GTM-SZRK&cd32=2021-06-22T19%3A25%3A47.474%2B02%3A00&cd20=1907561199.1624382748&z=1003674651&cd26=548

Requested by

Host: app.safe.eset.com
URL: https://app.safe.eset.com/e/u?s=786665&elq=31d8e6d6cab24e17ab56ac2e2e1ec2dd

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.safe.eset.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Jun 2021 11:39:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 20792
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK %7Bf1da4703-834d-4b25-a6cf-748e81abf152%7D_ESET-logo-White-600x90.png
images.safe.eset.com/EloquaImages/clients/ESET2/ 11 KB
11 KB 11ms
11ms Image
image/png 2.16.186.192
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.safe.eset.com/EloquaImages/clients/ESET2/%7Bf1da4703-834d-4b25-a6cf-748e81abf152%7D_ESET-logo-White-600x90.png

Requested by

Host: app.safe.eset.com
URL: https://app.safe.eset.com/e/u?s=786665&elq=31d8e6d6cab24e17ab56ac2e2e1ec2dd

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.192 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-192.deploy.static.akamaitechnologies.com

Software

Resource Hash

bfadecce2ccdd4b3d5967de7612680ec91bdf9751de5c92faab8e6c149f4e591

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.safe.eset.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Oct 2020 14:02:07 GMT
ETag: "325c509dc498d61:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-cache, no-store
Date: Tue, 22 Jun 2021 17:25:47 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 11162
X-XSS-Protection: 1; mode=block
Expires: Tue, 22 Jun 2021 17:25:47 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 32ms
31ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-32126-1&cid=1907561199.1624382748&jid=2037468043&_u=YGBAgEABAAAAAE~&z=1385494739

Requested by

Host: app.safe.eset.com
URL: https://app.safe.eset.com/e/u?s=786665&elq=31d8e6d6cab24e17ab56ac2e2e1ec2dd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.safe.eset.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Jun 2021 17:25:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
30ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-32126-1&cid=1907561199.1624382748&jid=2037468043&_u=YGBAgEABAAAAAE~&z=1385494739

Requested by

Host: app.safe.eset.com
URL: https://app.safe.eset.com/e/u?s=786665&elq=31d8e6d6cab24e17ab56ac2e2e1ec2dd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.safe.eset.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Jun 2021 17:25:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.3e8966add1c1b07de70f.js Show response
script.hotjar.com/ 219 KB
58 KB 20ms
19ms Script
application/javascript 65.9.77.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.3e8966add1c1b07de70f.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-68223.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.77.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ec81394319101f37af945564c56d639311b32634586604e0986a514f053b95a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.safe.eset.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 15:50:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5742
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59006
access-control-allow-origin: *
last-modified: Tue, 22 Jun 2021 15:49:28 GMT
etag: "b09b29d98550025a54dc9b0d2d37d587"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 362b298821815168614ba932732916eb.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: tMdclbzO5UMgSXJrP3h7f70UKo-R8WpE_taC2SqeUv_SlJ1VXHUREQ==

GET
H2 200 box-25a418976ea02a6f393fbbe77cec94bb.html Show response
vars.hotjar.com/ Frame D64B 2 KB
1 KB 18ms
18ms Document
text/html 65.9.77.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-68223.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-25a418976ea02a6f393fbbe77cec94bb.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://app.safe.eset.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://app.safe.eset.com/

Response headers

content-type: text/html
content-length: 1044
date: Thu, 03 Jun 2021 10:15:05 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "76922233be8bdb14c053af468d29404a"
last-modified: Thu, 03 Jun 2021 10:14:54 GMT
x-amz-server-side-encryption: AES256
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f5046bb9ebd1a8f25b2025d7d9a283f3.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: 8SXxiqeBitcfKCTimVBnwRisrjKUwPqoxo0JCR4Z6fJGM1SZ0ypN1w==
age: 1667442

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.eset.com/	1970-01-19 19:13:04	Name: _hjFirstSeen Value: 1
.eset.com/	1970-01-20 03:58:38	Name: _hjid Value: 4b404e55-51d0-401b-b536-b428f300c78d
.eset.com/	1970-01-19 19:13:02	Name: _dc_gtm_UA-32126-1 Value: 1
.eset.com/	1969-12-31 23:59:59	Name: _hjTLDTest Value: 1
.eset.com/	1970-01-19 19:14:29	Name: _gid Value: GA1.2.1005845671.1624382748
.eset.com/	1970-01-20 12:44:14	Name: _ga Value: GA1.2.1907561199.1624382748
.eset.com/	1970-01-19 21:22:38	Name: _gcl_au Value: 1.1.2125340425.1624382747

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.safe.eset.com
cdn1-prodint.esetstatic.com
fonts.googleapis.com
fonts.gstatic.com
images.safe.eset.com
img06.en25.com
s786665.t.eloqua.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
104.111.229.66
141.145.8.13
141.145.8.14
2.16.186.192
2a00:1450:4001:800::2003
2a00:1450:4001:809::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:812::2004
2a00:1450:4001:827::2008
2a00:1450:4001:831::200a
2a00:1450:400c:c08::9a
65.9.77.23
65.9.77.45
65.9.77.82
077f1249a08a066d0b2ac78b26c0e0c77f25ec70ad8a220b8a388b7e9b2a9708
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
35bd9d448b08e6146b89931bfac28ae83c5df33b88c92e1800652c222cab535c
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
767048ccfc724ba6aedcb3e20d1d1f16baba4cee5c7c957fb7f4504b290bd6ef
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9
7c04e1ad3893819bce8b4590d91b4b02a175ef4b6ae9ffffac8e670bd7c0c9b6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
a31b5a40f8fe97ca19bc865977b07f48901e5e095cbf838804a2ab0476c2d378
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
ae40bf072501e24e54e842af4c2423cee3ebb4cc884e69a08b11526bba7bcb42
bed27fc335baff4778c3da0114e7326d1cf63124a29391725e62b8e4953babc0
bfadecce2ccdd4b3d5967de7612680ec91bdf9751de5c92faab8e6c149f4e591
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
d89ddcc23e09129fc6c05fe625eee0461388849174cd09899af963838ceb0538
ec81394319101f37af945564c56d639311b32634586604e0986a514f053b95a3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

app.safe.eset.com Open in urlscan Pro 141.145.8.14 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

21 Requests

100 %HTTPS

50 %IPv6

12 Domains

15 Subdomains

14 IPs

4 Countries

492 kBTransfer

996 kBSize

7 Cookies

2 Outgoing links

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

7 Cookies

Security Headers

Indicators

app.safe.eset.com Open in urlscan Pro
141.145.8.14 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

100 %
HTTPS

50 %
IPv6

12
Domains

15
Subdomains

14
IPs

4
Countries

492 kB
Transfer

996 kB
Size

7
Cookies

21 HTTP transactions
0 data transactions