URL: https://secure.avaqas.com/
Submission: On October 12 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 14 HTTP transactions. The main IP is 103.212.70.135, located in Malaysia and belongs to GIGABIT-MY Gigabit Hosting Sdn Bhd, MY. The main domain is secure.avaqas.com.
TLS certificate: Issued by R3 on October 12th 2021. Valid for: 3 months.
This is the only time secure.avaqas.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 103.212.70.135 55720 (GIGABIT-M...)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
14 4
Apex Domain
Subdomains
Transfer
8 avaqas.com
secure.avaqas.com
2 MB
5 gstatic.com
fonts.gstatic.com
85 KB
1 googleapis.com
fonts.googleapis.com
2 KB
14 3
Domain Requested by
8 secure.avaqas.com secure.avaqas.com
5 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com secure.avaqas.com
14 3

This site contains links to these domains. Also see Links.

Domain
avaqas.com
Subject Issuer Validity Valid
secure.avaqas.com
R3
2021-10-12 -
2022-01-10
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh

This page contains 1 frames:

Primary Page: https://secure.avaqas.com/
Frame ID: CF4BFC6EF8727834C3D07A0E9312F1A3
Requests: 15 HTTP requests in this frame

Screenshot

Page Title

AXA iMed

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

14
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

1974 kB
Transfer

1983 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
secure.avaqas.com/
2 KB
3 KB
Document
General
Full URL
https://secure.avaqas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.212.70.135 , Malaysia, ASN55720 (GIGABIT-MY Gigabit Hosting Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
dda438ec5ac8d7c8c87a56453ce6dab24af6fe254492e9eea65b7aa7b1fae980
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
secure.avaqas.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Tue, 12 Oct 2021 07:29:25 GMT
content-type
text/html; charset=utf-8
content-length
2499
last-modified
Sat, 17 Apr 2021 06:04:25 GMT
etag
"607a7a69-9c3"
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
referrer-policy
no-referrer
accept-ranges
bytes
css
fonts.googleapis.com/
11 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,400i,700|Poppins:300,400,500,600,700|PT+Serif:400,400i&display=swap
Requested by
Host: secure.avaqas.com
URL: https://secure.avaqas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b9e46c09a26fba70bb39358b798e72a70c38b811e79bd64842d2191f4bacd861
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 12 Oct 2021 07:24:59 GMT
server
ESF
date
Tue, 12 Oct 2021 07:29:25 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Tue, 12 Oct 2021 07:29:25 GMT
2.3225829f.chunk.css
secure.avaqas.com/static/css/
165 KB
165 KB
Stylesheet
General
Full URL
https://secure.avaqas.com/static/css/2.3225829f.chunk.css
Requested by
Host: secure.avaqas.com
URL: https://secure.avaqas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.212.70.135 , Malaysia, ASN55720 (GIGABIT-MY Gigabit Hosting Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
eb56c9c90cd6b113b81e002a95ebce329f6020ec08bfbe20633c98a4fd9256a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/static/css/2.3225829f.chunk.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
secure.avaqas.com
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 07:29:25 GMT
referrer-policy
no-referrer
last-modified
Sat, 17 Apr 2021 06:04:25 GMT
server
nginx
etag
"607a7a69-292a9"
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
168617
x-content-type-options
nosniff
main.e972e16a.chunk.css
secure.avaqas.com/static/css/
420 KB
421 KB
Stylesheet
General
Full URL
https://secure.avaqas.com/static/css/main.e972e16a.chunk.css
Requested by
Host: secure.avaqas.com
URL: https://secure.avaqas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.212.70.135 , Malaysia, ASN55720 (GIGABIT-MY Gigabit Hosting Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
8052d10d7604476bbb2041f138578b7d86451e11693b32d87fae2f341acd5453
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/static/css/main.e972e16a.chunk.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
secure.avaqas.com
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 07:29:25 GMT
referrer-policy
no-referrer
last-modified
Sat, 17 Apr 2021 06:04:25 GMT
server
nginx
etag
"607a7a69-69180"
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
430464
x-content-type-options
nosniff
2.761a551a.chunk.js
secure.avaqas.com/static/js/
323 KB
323 KB
Script
General
Full URL
https://secure.avaqas.com/static/js/2.761a551a.chunk.js
Requested by
Host: secure.avaqas.com
URL: https://secure.avaqas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.212.70.135 , Malaysia, ASN55720 (GIGABIT-MY Gigabit Hosting Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
a34ae04f20a6562f43b1366efe8afe161b8600c58a26c8aa78b2de5d8f5f3d83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/static/js/2.761a551a.chunk.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
secure.avaqas.com
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 07:29:25 GMT
referrer-policy
no-referrer
last-modified
Sat, 17 Apr 2021 06:04:25 GMT
server
nginx
etag
"607a7a69-50ad5"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
330453
x-content-type-options
nosniff
main.2963efde.chunk.js
secure.avaqas.com/static/js/
122 KB
122 KB
Script
General
Full URL
https://secure.avaqas.com/static/js/main.2963efde.chunk.js
Requested by
Host: secure.avaqas.com
URL: https://secure.avaqas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.212.70.135 , Malaysia, ASN55720 (GIGABIT-MY Gigabit Hosting Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
bb4c5dfc174efdf12a5f7e6da41741b9f96a2c0b95089395d5b6f6032831d82f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/static/js/main.2963efde.chunk.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
secure.avaqas.com
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 07:29:25 GMT
referrer-policy
no-referrer
last-modified
Sat, 17 Apr 2021 06:04:25 GMT
server
nginx
etag
"607a7a69-1e619"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
124441
x-content-type-options
nosniff
truncated
/
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cac7d45264a92a0cdeb9e94710100eb4e2528a95185e78ed6e13b66bbb4c0eb9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
logo-avaqas@2x.cd2e335c.png
secure.avaqas.com/static/media/
10 KB
10 KB
Image
General
Full URL
https://secure.avaqas.com/static/media/logo-avaqas@2x.cd2e335c.png
Requested by
Host: secure.avaqas.com
URL: https://secure.avaqas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.212.70.135 , Malaysia, ASN55720 (GIGABIT-MY Gigabit Hosting Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
cdd50912ca6720f54f4937ef99a0ff806c2e6881dee7a4d2aab03895f93bab04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/static/media/logo-avaqas@2x.cd2e335c.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
secure.avaqas.com
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 07:29:26 GMT
referrer-policy
no-referrer
last-modified
Sat, 17 Apr 2021 06:04:25 GMT
server
nginx
etag
"607a7a69-27d3"
x-frame-options
SAMEORIGIN
content-type
image/png
x-xss-protection
1; mode=block
cache-control
max-age=1209600
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
10195
x-content-type-options
nosniff
expires
Tue, 26 Oct 2021 07:29:26 GMT
main.bdcefb98.jpg
secure.avaqas.com/static/media/
312 KB
313 KB
Image
General
Full URL
https://secure.avaqas.com/static/media/main.bdcefb98.jpg
Requested by
Host: secure.avaqas.com
URL: https://secure.avaqas.com/static/css/main.e972e16a.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.212.70.135 , Malaysia, ASN55720 (GIGABIT-MY Gigabit Hosting Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
00cb77a45f9b8d3bcb662c4c5573ebff51bc87f5316afa06be957cff24079139
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/static/media/main.bdcefb98.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
secure.avaqas.com
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 07:29:26 GMT
referrer-policy
no-referrer
last-modified
Sat, 17 Apr 2021 06:04:25 GMT
server
nginx
etag
"607a7a69-4dfa9"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
max-age=1209600
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
319401
x-content-type-options
nosniff
expires
Tue, 26 Oct 2021 07:29:26 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,400i,700|Poppins:300,400,500,600,700|PT+Serif:400,400i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://secure.avaqas.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 03:52:51 GMT
x-content-type-options
nosniff
age
531395
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7832
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:01:48 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 06 Oct 2022 03:52:51 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,400i,700|Poppins:300,400,500,600,700|PT+Serif:400,400i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://secure.avaqas.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 15:11:30 GMT
x-content-type-options
nosniff
age
58676
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:19:01 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Oct 2022 15:11:30 GMT
font-icons.4faa1cc5.woff
secure.avaqas.com/static/media/
530 KB
531 KB
Font
General
Full URL
https://secure.avaqas.com/static/media/font-icons.4faa1cc5.woff
Requested by
Host: secure.avaqas.com
URL: https://secure.avaqas.com/static/css/main.e972e16a.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.212.70.135 , Malaysia, ASN55720 (GIGABIT-MY Gigabit Hosting Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
d43168d865c22ba754b9dc7d18149a7eb11c02524ee1cb2c627088f0166e0145
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/static/media/font-icons.4faa1cc5.woff
pragma
no-cache
origin
https://secure.avaqas.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
secure.avaqas.com
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
Origin
https://secure.avaqas.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 07:29:26 GMT
referrer-policy
no-referrer
last-modified
Sat, 17 Apr 2021 06:04:25 GMT
server
nginx
etag
"607a7a69-84990"
x-frame-options
SAMEORIGIN
content-type
application/font-woff
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
543120
x-content-type-options
nosniff
pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,400i,700|Poppins:300,400,500,600,700|PT+Serif:400,400i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3834f0a520d623453cdb6b03b88331bc0394367eb18809f1037ea18c699ebded
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://secure.avaqas.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 11:05:47 GMT
x-content-type-options
nosniff
age
73419
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7848
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:01:23 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Oct 2022 11:05:47 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/
22 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,400i,700|Poppins:300,400,500,600,700|PT+Serif:400,400i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://secure.avaqas.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 10:51:57 GMT
x-content-type-options
nosniff
age
160649
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22992
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:18:57 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Mon, 10 Oct 2022 10:51:57 GMT
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,400i,700|Poppins:300,400,500,600,700|PT+Serif:400,400i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://secure.avaqas.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 11:51:27 GMT
x-content-type-options
nosniff
age
157079
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23248
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:18:53 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Mon, 10 Oct 2022 11:51:27 GMT

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| webpackJsonpmarket-place-app function| setImmediate function| clearImmediate object| FontAwesomeConfig object| ___FONT_AWESOME___ object| regeneratorRuntime

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block