urlscan.io logo urlscan.io
SecurityTrails logo

hkgdutyfree.getoutline.com Open in urlscan Pro
54.161.241.46  Public Scan

Go To Rescan Add Verdict Report
URL: https://hkgdutyfree.getoutline.com/share/551fc534-8f22-41bb-8320-4d634f62cc07
Submission: On June 02 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 23 HTTP transactions. The main IP is 54.161.241.46, located in United States and belongs to AMAZON-AES, US. The main domain is hkgdutyfree.getoutline.com.
TLS certificate: Issued by R3 on May 2nd 2022. Valid for: 3 months.
This is the only time hkgdutyfree.getoutline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 54.161.241.46 14618 (AMAZON-AES)
16 2600:9000:206... 16509 (AMAZON-02)
1 35.188.42.15 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
1 65.9.7.238 16509 (AMAZON-02)
23 5
3    54.161.241.46 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-161-241-46.compute-1.amazonaws.com
hkgdutyfree.getoutline.com
16    2600:9000:206f:8800:1e:b780:5340:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.getoutline.com
1    35.188.42.15 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 15.42.188.35.bc.googleusercontent.com
sentry.io
2    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    65.9.7.238 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-7-238.fra56.r.cloudfront.net
outline-production-attachments.s3-accelerate.amazonaws.com
Apex Domain
Subdomains		 Transfer
19 getoutline.com
hkgdutyfree.getoutline.com
static.getoutline.com
919 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
20 KB
1 amazonaws.com
outline-production-attachments.s3-accelerate.amazonaws.com
43 KB
1 sentry.io
sentry.io — Cisco Umbrella Rank: 316
416 B
23 4
Domain Requested by
16 static.getoutline.com hkgdutyfree.getoutline.com
static.getoutline.com
3 hkgdutyfree.getoutline.com static.getoutline.com
2 www.google-analytics.com static.getoutline.com
1 outline-production-attachments.s3-accelerate.amazonaws.com
1 sentry.io static.getoutline.com
23 5

This site contains links to these domains. Also see Links.

Domain
hkgdutyfree.z10.web.core.windows.net
www.getoutline.com
Subject Issuer Validity Valid
getoutline.com
R3		 2022-05-02 -
2022-07-31		 3 months crt.sh
static.getoutline.com
Amazon		 2022-01-01 -
2023-01-30		 a year crt.sh
sentry.io
DigiCert SHA2 Secure Server CA		 2020-06-02 -
2022-06-07		 2 years crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.s3-accelerate.amazonaws.com
Amazon		 2021-11-24 -
2022-11-14		 a year crt.sh

This page contains 1 frames:

Primary Page: https://hkgdutyfree.getoutline.com/share/551fc534-8f22-41bb-8320-4d634f62cc07
Frame ID: B2184387A2F9268F3490F8F1500474F9
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

                    H K Global Trading Ltd - Outline

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

23
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

982 kB
Transfer

3565 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 551fc534-8f22-41bb-8320-4d634f62cc07
hkgdutyfree.getoutline.com/share/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hkgdutyfree.getoutline.com/share/551fc534-8f22-41bb-8320-4d634f62cc07
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.161.241.46 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-161-241-46.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
ac33fb81dd220bfb65d2813b4dd16f3a3bc26904bdc075a2b3382336d43594ae
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
Content-Type
text/html; charset=utf-8
Date
Thu, 02 Jun 2022 17:11:11 GMT
Referrer-Policy
no-referrer
Server
Cowboy
Strict-Transport-Security
max-age=15552000; includeSubDomains
Timing-Allow-Origin
https://app.getoutline.com, https://sentry.io
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-Dns-Prefetch-Control
on
X-Download-Options
noopen
X-Xss-Protection
1; mode=block
runtime.589d14d3836a29752b8a.js
static.getoutline.com/static/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.getoutline.com/static/runtime.589d14d3836a29752b8a.js
Requested by
Host: hkgdutyfree.getoutline.com
URL: https://hkgdutyfree.getoutline.com/share/551fc534-8f22-41bb-8320-4d634f62cc07
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:8800:1e:b780:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
43977c7719127c16f2dd8d3448c6056658f86e4b184bfd0b5f75a022a912ffcb
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
age
77798
x-dns-prefetch-control
on
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
service-worker-allowed
/
access-control-allow-origin
*
referrer-policy
no-referrer
last-modified
Wed, 01 Jun 2022 19:30:16 GMT
server
Cowboy
x-frame-options
SAMEORIGIN
date
Wed, 01 Jun 2022 19:34:33 GMT
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 vegur, 1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
cache-control
max-age=31536000
content-security-policy
default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
x-amz-cf-pop
FRA56-C1
timing-allow-origin
https://app.getoutline.com, https://sentry.io
x-webkit-csp
default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
x-amz-cf-id
8GmpRpKGyaqueUJp7Q2t_-FX-Br9lZa593mPxkS4ecEEaCJYHaHbYQ==
x-content-security-policy
default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
main.c85077a22e4f28478782.js
static.getoutline.com/static/ 		1 MB
370 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.getoutline.com/static/main.c85077a22e4f28478782.js
Requested by
Host: hkgdutyfree.getoutline.com
URL: https://hkgdutyfree.getoutline.com/share/551fc534-8f22-41bb-8320-4d634f62cc07
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:8800:1e:b780:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
fc8c84c8eaf3a30532fc2ad0f6f7ac8546b0999c8894fe3fc1f4c6195a791bd1
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
age
123451
x-dns-prefetch-control
on
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
service-worker-allowed
/
access-control-allow-origin
*
referrer-policy
no-referrer
last-modified
Wed, 01 Jun 2022 06:49:31 GMT
server
Cowboy
x-frame-options
SAMEORIGIN
date
Wed, 01 Jun 2022 06:53:40 GMT
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 vegur, 1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
cache-control
max-age=31536000
content-security-policy
default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
x-amz-cf-pop
FRA56-C1
timing-allow-origin
https://app.getoutline.com, https://sentry.io
x-webkit-csp
default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
x-amz-cf-id
nsYqcykfqOhT7YKPBnbsmg5onjwvwd25nk0lqe5mE8G0M-Pnw-eThQ==
x-content-security-policy
default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
/
sentry.io/api/2593786/envelope/ 		2 B
416 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.io/api/2593786/envelope/?sentry_key=3b8df97b21cc4d6cbbfbf290f14b237d&sentry_version=7
Requested by
Host: static.getoutline.com
URL: https://static.getoutline.com/static/main.c85077a22e4f28478782.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.42.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
15.42.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://hkgdutyfree.getoutline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 02 Jun 2022 17:11:12 GMT
vary
Origin
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/json
access-control-allow-origin
https://hkgdutyfree.getoutline.com
access-control-expose-headers
x-sentry-error, x-sentry-rate-limits, retry-after
x-envoy-upstream-service-time
0
Connection
keep-alive
Content-Length
2
vendors~collection~document~shared-document.2870ed786ec0dc1c7436.js
static.getoutline.com/static/ 		227 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.getoutline.com/static/vendors~collection~document~shared-document.2870ed786ec0dc1c7436.js
Requested by
Host: static.getoutline.com
URL: https://static.getoutline.com/static/runtime.589d14d3836a29752b8a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:8800:1e:b780:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
eae5e43a8a575069a1eafbfead009e2c490e91bbcad7aed72daf7a7be4b73b05
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
age
1421683
x-dns-prefetch-control
on
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
service-worker-allowed
/
access-control-allow-origin
*
referrer-policy
no-referrer
last-modified
Tue, 17 May 2022 06:11:39 GMT
server
Cowboy
x-frame-options
SAMEORIGIN
date
Tue, 17 May 2022 06:16:28 GMT
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 vegur, 1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
cache-control
max-age=31536000
content-security-policy
default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
x-amz-cf-pop
FRA56-C1
timing-allow-origin
https://app.getoutline.com, https://sentry.io
x-webkit-csp
default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
x-amz-cf-id
0OFARGkkil9TeK2JqQwFKiAnSKZFCnJO2ncnczfy_3f3QVRRkQ1OQQ==
x-content-security-policy
default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
vendors~document~shared-document~shared-editor.c204ea15a4de4fd69831.js
static.getoutline.com/static/ 		268 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.getoutline.com/static/vendors~document~shared-document~shared-editor.c204ea15a4de4fd69831.js
Requested by
Host: static.getoutline.com
URL: https://static.getoutline.com/static/runtime.589d14d3836a29752b8a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:8800:1e:b780:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
06cd8d75479066328a738014eebd7f566d711e55a3d7f800ab275cbc719b14d9
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
age
1123143
x-dns-prefetch-control
on
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
service-worker-allowed
/
access-control-allow-origin
*
referrer-policy
no-referrer
last-modified
Fri, 20 May 2022 17:06:11 GMT
server
Cowboy
x-frame-options
SAMEORIGIN
date
Fri, 20 May 2022 17:12:08 GMT
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 vegur, 1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
cache-control
max-age=31536000
content-security-policy
default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
x-amz-cf-pop
FRA56-C1
timing-allow-origin
https://app.getoutline.com, https://sentry.io
x-webkit-csp
default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
x-amz-cf-id
TlvZp1xu-HpIizjlpY9LZzKi3lCNUzbYRqqWo7jfIuOlJDG1KOCvXQ==
x-content-security-policy
default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
0.4c9e2d214bbf5dfa5368.js
static.getoutline.com/static/ 		65 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.getoutline.com/static/0.4c9e2d214bbf5dfa5368.js
Requested by
Host: static.getoutline.com
URL: https://static.getoutline.com/static/runtime.589d14d3836a29752b8a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:8800:1e:b780:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
208a5a86dfa8b1d15a4a11ce099e86dc80cbedb3e265b2d1d2e14878a746dbd1
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
age
1421683
x-dns-prefetch-control
on
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
service-worker-allowed
/
access-control-allow-origin
*
referrer-policy
no-referrer
last-modified
Tue, 17 May 2022 06:11:39 GMT
server
Cowboy
x-frame-options
SAMEORIGIN
date
Tue, 17 May 2022 06:16:28 GMT
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 vegur, 1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
cache-control
max-age=31536000
content-security-policy
default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
x-amz-cf-pop
FRA56-C1
timing-allow-origin
https://app.getoutline.com, https://sentry.io
x-webkit-csp
default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
x-amz-cf-id
nHjO5Lu3wmp6XO3H0bwTxwPwqMJPLc2SfE7DGRqijdfP_fHJd2ufxA==
x-content-security-policy
default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
vendors~authenticated-routes~shared-document.6f38da7df81277a2567d.js
static.getoutline.com/static/ 		297 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.getoutline.com/static/vendors~authenticated-routes~shared-document.6f38da7df81277a2567d.js
Requested by
Host: static.getoutline.com
URL: https://static.getoutline.com/static/runtime.589d14d3836a29752b8a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:8800:1e:b780:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
cb5150c1fd4c5c3489877067215379d10fac9da3243ce6a53d07b3d9dc3ff500
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
age
1421683
x-dns-prefetch-control
on
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
service-worker-allowed
/
access-control-allow-origin
*
referrer-policy
no-referrer
last-modified
Tue, 17 May 2022 06:11:39 GMT
server
Cowboy
x-frame-options
SAMEORIGIN
date
Tue, 17 May 2022 06:16:28 GMT
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 vegur, 1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
cache-control
max-age=31536000
content-security-policy
default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
x-amz-cf-pop
FRA56-C1
timing-allow-origin
https://app.getoutline.com, https://sentry.io
x-webkit-csp
default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
x-amz-cf-id
nzS_wBMCMcARyr1AOzCKIqnDxBnmExsNi10I5pBbB2DrgjOq2IrnVA==
x-content-security-policy
default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
default~document~shared-document~shared-editor.10bcfc7a95a694c78c6d.js
static.getoutline.com/static/ 		226 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.getoutline.com/static/default~document~shared-document~shared-editor.10bcfc7a95a694c78c6d.js
Requested by
Host: static.getoutline.com
URL: https://static.getoutline.com/static/runtime.589d14d3836a29752b8a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:8800:1e:b780:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
f7465c29a84a3d58a707b47356b065b0db90a2b9dabc8e873acd3081530835fc
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
age
464229
x-dns-prefetch-control
on
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
service-worker-allowed
/
access-control-allow-origin
*
referrer-policy
no-referrer
last-modified
Sat, 28 May 2022 08:08:41 GMT
server
Cowboy
x-frame-options
SAMEORIGIN
date
Sat, 28 May 2022 08:14:01 GMT
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 vegur, 1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
cache-control
max-age=31536000
content-security-policy
default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
x-amz-cf-pop
FRA56-C1
timing-allow-origin
https://app.getoutline.com, https://sentry.io
x-webkit-csp
default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
x-amz-cf-id
--IsGdjwnNoWZ60I3pdUTgj48HCUq6St4Pq4kkX_CINeKNrbFd2nKA==
x-content-security-policy
default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
default~collection~document~shared-document.e1e2f78af9e47fc4571f.js
static.getoutline.com/static/ 		151 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.getoutline.com/static/default~collection~document~shared-document.e1e2f78af9e47fc4571f.js
Requested by
Host: static.getoutline.com
URL: https://static.getoutline.com/static/runtime.589d14d3836a29752b8a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:8800:1e:b780:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
a8ae41e3c3cf78073a234d997851f936da29910ec5b4895caa408b97e6e00111
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
age
1026821
x-dns-prefetch-control
on
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
service-worker-allowed
/
access-control-allow-origin
*
referrer-policy
no-referrer
last-modified
Sat, 21 May 2022 19:53:13 GMT
server
Cowboy
x-frame-options
SAMEORIGIN
date
Sat, 21 May 2022 19:57:30 GMT
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 vegur, 1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
cache-control
max-age=31536000
content-security-policy
default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
x-amz-cf-pop
FRA56-C1
timing-allow-origin
https://app.getoutline.com, https://sentry.io
x-webkit-csp
default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
x-amz-cf-id
TXVbZjIdy3l0Kb7iqTjvmE2wlYGlUne95KJcrBpWV4WTAZG6hshO1A==
x-content-security-policy
default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
default~authenticated-routes~shared-document.0a9ac33215031b87b341.js
static.getoutline.com/static/ 		240 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.getoutline.com/static/default~authenticated-routes~shared-document.0a9ac33215031b87b341.js
Requested by
Host: static.getoutline.com
URL: https://static.getoutline.com/static/runtime.589d14d3836a29752b8a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:8800:1e:b780:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
39949910d6d226a1aed062640b8475f4ad6427a54f78f2057741df58da9fff33
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
age
464230
x-dns-prefetch-control
on
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
service-worker-allowed
/
access-control-allow-origin
*
referrer-policy
no-referrer
last-modified
Sat, 28 May 2022 08:08:41 GMT
server
Cowboy
x-frame-options
SAMEORIGIN
date
Sat, 28 May 2022 08:14:01 GMT
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 vegur, 1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
cache-control
max-age=31536000
content-security-policy
default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
x-amz-cf-pop
FRA56-C1
timing-allow-origin
https://app.getoutline.com, https://sentry.io
x-webkit-csp
default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
x-amz-cf-id
vS8zcMq3AtNr5ofjhagzbzhrDWJdzzyfKb14JXWgdmWXKp7RTAv61g==
x-content-security-policy
default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
default~document~shared-document.bb5b0ea0f5e8a7ae66e2.js
static.getoutline.com/static/ 		80 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.getoutline.com/static/default~document~shared-document.bb5b0ea0f5e8a7ae66e2.js
Requested by
Host: static.getoutline.com
URL: https://static.getoutline.com/static/runtime.589d14d3836a29752b8a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:8800:1e:b780:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
96bc9995e9f37b5c552ebd0352183b8c21bb6acc660e7fe3c843168b453694dd
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
age
123452
x-dns-prefetch-control
on
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
service-worker-allowed
/
access-control-allow-origin
*
referrer-policy
no-referrer
last-modified
Wed, 01 Jun 2022 06:49:31 GMT
server
Cowboy
x-frame-options
SAMEORIGIN
date
Wed, 01 Jun 2022 06:53:39 GMT
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 vegur, 1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
cache-control
max-age=31536000
content-security-policy
default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
x-amz-cf-pop
FRA56-C1
timing-allow-origin
https://app.getoutline.com, https://sentry.io
x-webkit-csp
default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
x-amz-cf-id
2pQyPxVLvLDTXAJ-j58UXqLKdoR1MyhwSPFteomMg6A1R0nheAvBIg==
x-content-security-policy
default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
shared-document.bc2652107fe114915b02.js
static.getoutline.com/static/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.getoutline.com/static/shared-document.bc2652107fe114915b02.js
Requested by
Host: static.getoutline.com
URL: https://static.getoutline.com/static/runtime.589d14d3836a29752b8a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:8800:1e:b780:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
cbe5abb29eea483c52f3e502b0c0f8b6a27dedb935f5aaac23b9bd3b5f0ce1dc
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
age
77797
x-dns-prefetch-control
on
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
service-worker-allowed
/
access-control-allow-origin
*
referrer-policy
no-referrer
last-modified
Wed, 01 Jun 2022 19:30:16 GMT
server
Cowboy
x-frame-options
SAMEORIGIN
date
Wed, 01 Jun 2022 19:34:34 GMT
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 vegur, 1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
cache-control
max-age=31536000
content-security-policy
default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
x-amz-cf-pop
FRA56-C1
timing-allow-origin
https://app.getoutline.com, https://sentry.io
x-webkit-csp
default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
x-amz-cf-id
6rA74QRb_vuc1Tqbch33SQZeN0ehGQ5ysxmvg8XUgIzRZthDKZ6Yhw==
x-content-security-policy
default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: static.getoutline.com
URL: https://static.getoutline.com/static/main.c85077a22e4f28478782.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5785
date
Thu, 02 Jun 2022 15:34:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 02 Jun 2022 17:34:46 GMT
1.ec46e5e95925d064cb8a.js
static.getoutline.com/static/ 		32 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.getoutline.com/static/1.ec46e5e95925d064cb8a.js
Requested by
Host: static.getoutline.com
URL: https://static.getoutline.com/static/runtime.589d14d3836a29752b8a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:8800:1e:b780:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
829b7564486715841e2c56a04c1792302a4ca4adec48f8ba3cb3ca6313a7e367
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
age
1421682
x-dns-prefetch-control
on
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
service-worker-allowed
/
access-control-allow-origin
*
referrer-policy
no-referrer
last-modified
Tue, 17 May 2022 06:11:39 GMT
server
Cowboy
x-frame-options
SAMEORIGIN
date
Tue, 17 May 2022 06:16:29 GMT
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 vegur, 1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
cache-control
max-age=31536000
content-security-policy
default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
x-amz-cf-pop
FRA56-C1
timing-allow-origin
https://app.getoutline.com, https://sentry.io
x-webkit-csp
default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
x-amz-cf-id
3v-Kro3prx1mzT4rPnFz-lQpkxn9PUqdPnUajTJu2Io9-wsbUjHRUQ==
x-content-security-policy
default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
2.8a037d32af76a68f0aa1.js
static.getoutline.com/static/ 		183 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.getoutline.com/static/2.8a037d32af76a68f0aa1.js
Requested by
Host: static.getoutline.com
URL: https://static.getoutline.com/static/runtime.589d14d3836a29752b8a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:8800:1e:b780:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
28a0efc6c450cd26ad013f7b0aab31ef837ff96e7c09d8e449af14838b3b1f9b
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 vegur, 1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
1417462
x-dns-prefetch-control
on
x-cache
Hit from cloudfront
content-length
183
x-xss-protection
1; mode=block
service-worker-allowed
/
referrer-policy
no-referrer
last-modified
Tue, 17 May 2022 06:11:39 GMT
server
Cowboy
x-frame-options
SAMEORIGIN
date
Tue, 17 May 2022 07:26:49 GMT
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
content-security-policy
default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
x-amz-cf-pop
FRA56-C1
timing-allow-origin
https://app.getoutline.com, https://sentry.io
x-webkit-csp
default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
x-amz-cf-id
LMXEuXZIcE08f8l43l6nKWlhekLQXARtmvkfxvQVh_m1Y2XRuOauMQ==
x-content-security-policy
default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
en_US.json
hkgdutyfree.getoutline.com/locales/ 		49 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hkgdutyfree.getoutline.com/locales/en_US.json
Requested by
Host: static.getoutline.com
URL: https://static.getoutline.com/static/main.c85077a22e4f28478782.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.161.241.46 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-161-241-46.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
9703ca156e8f98716bfd1ee6ae2d7100f80ea8b8a0a2d9777257f758381cb472
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Dns-Prefetch-Control
on
Connection
keep-alive
X-Xss-Protection
1; mode=block
Referrer-Policy
no-referrer
Last-Modified
Wed, 01 Jun 2022 19:30:32 GMT
Server
Cowboy
X-Frame-Options
SAMEORIGIN
Date
Thu, 02 Jun 2022 17:11:11 GMT
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Via
1.1 vegur
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Content-Security-Policy
default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
Timing-Allow-Origin
https://app.getoutline.com, https://sentry.io
documents.info
hkgdutyfree.getoutline.com/api/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hkgdutyfree.getoutline.com/api/documents.info
Requested by
Host: static.getoutline.com
URL: https://static.getoutline.com/static/main.c85077a22e4f28478782.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.161.241.46 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-161-241-46.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
3e8c141443a90c5a4cb9961846b63519186d64cd18d1043a1a2ca541ed4d248a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

pragma
no-cache
cache-control
no-cache
accept-language
de-DE,de;q=0.9
x-editor-version
12.0.0
content-type
application/json
accept
application/json
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Cowboy
Date
Thu, 02 Jun 2022 17:11:12 GMT
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Via
1.1 vegur
Transfer-Encoding
chunked
Connection
keep-alive
X-Dns-Prefetch-Control
off
Vary
Accept-Encoding
X-Xss-Protection
1; mode=block
collect
www.google-analytics.com/j/ 		2 B
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1614885075&t=pageview&_s=1&dl=https%3A%2F%2Fhkgdutyfree.getoutline.com%2Fshare%2F551fc534-8f22-41bb-8320-4d634f62cc07&ul=en-us&de=UTF-8&dt=Untitled%20-%20Outline&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1483021420&gjid=1812983463&cid=80446839.1654189872&tid=UA-109435745-1&_gid=244540663.1654189872&_r=1&_slc=1&cd1=true&z=10027834
Requested by
Host: static.getoutline.com
URL: https://static.getoutline.com/static/main.c85077a22e4f28478782.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 17:11:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hkgdutyfree.getoutline.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
vendors~autotrack.534fdd6f22cb8088e9ec.js
static.getoutline.com/static/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.getoutline.com/static/vendors~autotrack.534fdd6f22cb8088e9ec.js
Requested by
Host: static.getoutline.com
URL: https://static.getoutline.com/static/runtime.589d14d3836a29752b8a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:8800:1e:b780:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
fa591637e4ac4b2bb5700ac7b1b05c1076731374eedff70428fa436c7cdfe492
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src *; connect-src *
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src *; connect-src *
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
age
16454289
x-dns-prefetch-control
on
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
service-worker-allowed
/
access-control-allow-origin
*
referrer-policy
no-referrer
last-modified
Tue, 23 Nov 2021 23:42:53 GMT
server
Cowboy
x-frame-options
SAMEORIGIN
date
Wed, 24 Nov 2021 06:33:02 GMT
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 vegur, 1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
cache-control
max-age=31536000
permissions-policy
interest-cohort=()
content-security-policy
default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src *; connect-src *
x-amz-cf-pop
FRA56-C1
timing-allow-origin
https://app.getoutline.com, https://sentry.io
x-webkit-csp
default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src *; connect-src *
x-amz-cf-id
m4enjAT9FFrRxqxVKYbct1L6NfVF5R6OeY9WBxEwo03EQiHzqmNQLA==
x-content-security-policy
default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src *; connect-src *
vendors~multiplayer-editor~shared-editor.1b17737d9178221c3d79.js
static.getoutline.com/static/ 		311 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.getoutline.com/static/vendors~multiplayer-editor~shared-editor.1b17737d9178221c3d79.js
Requested by
Host: static.getoutline.com
URL: https://static.getoutline.com/static/runtime.589d14d3836a29752b8a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:8800:1e:b780:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
a660bbd588ebfbd172325e0313c073b4b4ab471b2c891cd35843e4c71637b0a1
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
age
1287854
x-dns-prefetch-control
on
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
service-worker-allowed
/
access-control-allow-origin
*
referrer-policy
no-referrer
last-modified
Tue, 17 May 2022 06:11:39 GMT
server
Cowboy
x-frame-options
SAMEORIGIN
date
Wed, 18 May 2022 19:26:58 GMT
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 vegur, 1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
cache-control
max-age=31536000
content-security-policy
default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
x-amz-cf-pop
FRA56-C1
timing-allow-origin
https://app.getoutline.com, https://sentry.io
x-webkit-csp
default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
x-amz-cf-id
H0CzF4PBk8FntPMRVyjutwklthsfkx1ADebA6MP6zzId2cSgWS3qsg==
x-content-security-policy
default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
shared-editor.e9100ad6c08f891c221e.js
static.getoutline.com/static/ 		119 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.getoutline.com/static/shared-editor.e9100ad6c08f891c221e.js
Requested by
Host: static.getoutline.com
URL: https://static.getoutline.com/static/runtime.589d14d3836a29752b8a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:8800:1e:b780:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
363a7ee3cab5efec9538a046e9399a4f326d85a7a71aa9646402bded2f2ec0ff
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Security-Policy default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
age
228770
x-dns-prefetch-control
on
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
service-worker-allowed
/
access-control-allow-origin
*
referrer-policy
no-referrer
last-modified
Sat, 28 May 2022 08:08:41 GMT
server
Cowboy
x-frame-options
SAMEORIGIN
date
Tue, 31 May 2022 01:38:22 GMT
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 vegur, 1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
cache-control
max-age=31536000
content-security-policy
default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
x-amz-cf-pop
FRA56-C1
timing-allow-origin
https://app.getoutline.com, https://sentry.io
x-webkit-csp
default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
x-amz-cf-id
fuB7T_1W21fwWbb88Cc0_mh31vSZO8ytTrDkJe7VwldRo5kIXkZIOw==
x-content-security-policy
default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
image.png
outline-production-attachments.s3-accelerate.amazonaws.com/uploads/e38b8c02-2b0a-4495-ae4a-cfdb1754e4ba/c3103f67-fa6c-433f-87f8-b0d75a0e6d12/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://outline-production-attachments.s3-accelerate.amazonaws.com/uploads/e38b8c02-2b0a-4495-ae4a-cfdb1754e4ba/c3103f67-fa6c-433f-87f8-b0d75a0e6d12/image.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIA4EOUDTOVUICLPZ4P%2F20220602%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20220602T171112Z&X-Amz-Expires=3600&X-Amz-Signature=e49b4b30f63555ff44004ff70beb4b8f8a008e597b9491191df293042f1ef965&X-Amz-SignedHeaders=host
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.238 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-238.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06100da3cdd61e69029c0677bed55e7bba8d89a7a097983bff8e88d0f14d1382

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 02 Jun 2022 17:11:13 GMT
Via
1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
x-amz-server-side-encryption
AES256
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
43486
x-amz-id-2
MbT/sL/0cNqMxWYFSpK/zpw050/idMd4BByptksrF8EoZqcv3wYhuxmhi1Fx9lICd0ExwWePDQA=
Last-Modified
Wed, 01 Jun 2022 17:20:47 GMT
Server
AmazonS3
ETag
"1e72c97bb0cfe005d45056949b23a11b"
x-amz-request-id
XP0CFCSRSWSMZ8ND
Cache-Control
max-age=31557600
x-amz-version-id
.o77ycopjDSlwc.oiVVsv11.Y23jUbC9
Accept-Ranges
bytes
Content-Type
image/png
X-Amz-Cf-Id
SIqgQTKWyjcwS8KbrI3kbgUBSgAgJtCk00vK55TW8y2vc-_ieItmew==

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| env undefined| color object| webpackJsonp object| regeneratorRuntime function| applyFocusVisiblePolyfill number| __mobxInstanceCount object| __mobxGlobals function| setImmediate function| clearImmediate object| __SENTRY__ function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| gaDevIds

4 Cookies

Domain/Path Name / Value
.hkgdutyfree.getoutline.com/ Name: heroku-session-affinity
Value: ADaDaANoA24IAa3vYP////8HYgAC5a9iAAUPP2ECbAAAAAJtAAAABXdlYi4ybQAAAAV3ZWIuMWoL95IhlFvqO5eTmWotY+s1rCPSNQ__
.getoutline.com/ Name: _ga
Value: GA1.2.80446839.1654189872
.getoutline.com/ Name: _gid
Value: GA1.2.244540663.1654189872
.getoutline.com/ Name: _gat
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https://static.getoutline.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com js.stripe.com www.google-analytics.com https://static.getoutline.com; style-src 'self' 'unsafe-inline' github.githubassets.com; img-src * data: blob:; frame-src * data:; connect-src *
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

hkgdutyfree.getoutline.com
outline-production-attachments.s3-accelerate.amazonaws.com
sentry.io
static.getoutline.com
www.google-analytics.com
2600:9000:206f:8800:1e:b780:5340:93a1
2a00:1450:4001:800::200e
35.188.42.15
54.161.241.46
65.9.7.238
06100da3cdd61e69029c0677bed55e7bba8d89a7a097983bff8e88d0f14d1382
06cd8d75479066328a738014eebd7f566d711e55a3d7f800ab275cbc719b14d9
208a5a86dfa8b1d15a4a11ce099e86dc80cbedb3e265b2d1d2e14878a746dbd1
28a0efc6c450cd26ad013f7b0aab31ef837ff96e7c09d8e449af14838b3b1f9b
363a7ee3cab5efec9538a046e9399a4f326d85a7a71aa9646402bded2f2ec0ff
39949910d6d226a1aed062640b8475f4ad6427a54f78f2057741df58da9fff33
3e8c141443a90c5a4cb9961846b63519186d64cd18d1043a1a2ca541ed4d248a
43977c7719127c16f2dd8d3448c6056658f86e4b184bfd0b5f75a022a912ffcb
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
829b7564486715841e2c56a04c1792302a4ca4adec48f8ba3cb3ca6313a7e367
96bc9995e9f37b5c552ebd0352183b8c21bb6acc660e7fe3c843168b453694dd
9703ca156e8f98716bfd1ee6ae2d7100f80ea8b8a0a2d9777257f758381cb472
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a660bbd588ebfbd172325e0313c073b4b4ab471b2c891cd35843e4c71637b0a1
a8ae41e3c3cf78073a234d997851f936da29910ec5b4895caa408b97e6e00111
ac33fb81dd220bfb65d2813b4dd16f3a3bc26904bdc075a2b3382336d43594ae
cb5150c1fd4c5c3489877067215379d10fac9da3243ce6a53d07b3d9dc3ff500
cbe5abb29eea483c52f3e502b0c0f8b6a27dedb935f5aaac23b9bd3b5f0ce1dc
eae5e43a8a575069a1eafbfead009e2c490e91bbcad7aed72daf7a7be4b73b05
f7465c29a84a3d58a707b47356b065b0db90a2b9dabc8e873acd3081530835fc
fa591637e4ac4b2bb5700ac7b1b05c1076731374eedff70428fa436c7cdfe492
fc8c84c8eaf3a30532fc2ad0f6f7ac8546b0999c8894fe3fc1f4c6195a791bd1