urlscan.io logo urlscan.io
SecurityTrails logo

cirro.io Open in urlscan Pro
2a06:98c1:3121::c  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://tester.test.io/
Effective URL: https://cirro.io/users/sign_in
Submission Tags: falconsandbox
Submission: On September 15 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 9 HTTP transactions. The main IP is 2a06:98c1:3121::c, located in United States and belongs to CLOUDFLARENET, US. The main domain is cirro.io.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 11th 2022. Valid for: a year.
This is the only time cirro.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 3 2606:4700:10:... 13335 (CLOUDFLAR...)
2 7 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 52.219.170.65 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
9 4
3    2606:4700:10::6816:24f6 (United States)

ASN13335 (CLOUDFLARENET, US)
tester.test.io
7    2a06:98c1:3121::c (United States)

ASN13335 (CLOUDFLARENET, US)
cirro.io
cdn.cirro.io
1    52.219.170.65 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: s3.eu-central-1.amazonaws.com
s3.eu-central-1.amazonaws.com
2    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
7 cirro.io
cirro.io
cdn.cirro.io
502 KB
3 test.io
tester.test.io
889 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 40
2 KB
1 gstatic.com
fonts.gstatic.com
14 KB
1 amazonaws.com
s3.eu-central-1.amazonaws.com
19 KB
9 5
Domain Requested by
5 cdn.cirro.io 1 redirects cirro.io
cdn.cirro.io
3 tester.test.io 3 redirects
2 fonts.googleapis.com cdn.cirro.io
2 cirro.io 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 s3.eu-central-1.amazonaws.com cirro.io
9 6

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-11 -
2023-06-11		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://cirro.io/users/sign_in
Frame ID: EFF2F6E8E7CF67FBAD8764FB242535A3
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Cirro

Page URL History Show full URLs

  1. https://tester.test.io/ HTTP 302
    https://tester.test.io/sign_in HTTP 302
    https://tester.test.io/auth/cirro_sso?account=tester HTTP 302
    https://cirro.io/oauth/authorize?client_id=qzLAe09mVmxzCZCEan7AznjIQItAcO91By6wWMqSOJg&redire... HTTP 302
    https://cirro.io/users/sign_in Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-controller

Page Statistics

9
Requests

89 %
HTTPS

80 %
IPv6

5
Domains

6
Subdomains

4
IPs

2
Countries

536 kB
Transfer

3394 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://tester.test.io/ HTTP 302
    https://tester.test.io/sign_in HTTP 302
    https://tester.test.io/auth/cirro_sso?account=tester HTTP 302
    https://cirro.io/oauth/authorize?client_id=qzLAe09mVmxzCZCEan7AznjIQItAcO91By6wWMqSOJg&redirect_uri=https%3A%2F%2Fapp.test.io%2Fauth%2Fcirro_sso%2Fcallback&response_type=code&scope=read&state=be127bda968d33c88ac6051fb8d02fa58661a615ef35e541 HTTP 302
    https://cirro.io/users/sign_in Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://cdn.cirro.io/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBCZz09IiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--bb7d51adaec686d37c64f37fdae9085929c28514/testIO-symbol-square-blue.png HTTP 302
  • https://s3.eu-central-1.amazonaws.com/files.cirro.io/s480h2e5dsvg3te5udy27ng0iie4?response-content-disposition=inline%3B%20filename%3D%22testIO-symbol-square-blue.png%22%3B%20filename%2A%3DUTF-8%27%27testIO-symbol-square-blue.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAT7SN3QKZ6BMEHY4F%2F20220915%2Feu-central-1%2Fs3%2Faws4_request&X-Amz-Date=20220915T205521Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=0e8c1f2e0dead447cdbbf642d36089f0d21ac60fc1ff092013a93d56c5e245d4

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request sign_in
cirro.io/users/
Redirect Chain
  • https://tester.test.io/
  • https://tester.test.io/sign_in
  • https://tester.test.io/auth/cirro_sso?account=tester
  • https://cirro.io/oauth/authorize?client_id=qzLAe09mVmxzCZCEan7AznjIQItAcO91By6wWMqSOJg&redirect_uri=https%3A%2F%2Fapp.test.io%2Fauth%2Fcirro_sso%2Fcallback&response_type=code&scope=read&state=be127...
  • https://cirro.io/users/sign_in
13 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cirro.io/users/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
887b5c5324039514d5362be0ec2412cdfcdde8a64e8cae4d7f8f8e1faf21116a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
74b4434568a8374f-MXP
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 15 Sep 2022 20:55:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vaj1sijAWaAoKpfDf3WHze1%2FoA4JRFCyH9OxdNSkMPQUcFzfrFmcp1aBlKvHpcqI%2Bu1lFS2sJhpAWdOmEdb4BipJOZiuhDBNzLt3qzTI9wujKOEentbH%2FbiBJX2T1cAFUQtmj88OrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
8a3c3a81-f47c-4c49-99d1-6096edb5ba5f
x-runtime
0.051849
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74b44344dfb7374f-MXP
content-type
text/html; charset=utf-8
date
Thu, 15 Sep 2022 20:55:21 GMT
location
https://cirro.io/users/sign_in
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4CBUPgwVPTBliosDTwEKj4uD%2Bj%2FM24ykXG8Rsa68oBfl%2FB0P2pBasOnj8b5PoVBIAnvRhFzgdMjeegaHBlRaeIOsvKGSoJOatU1xpzaK627eng5OZGyK%2F4JxdrNgtbUP5yMfGM%2B8XQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
x-request-id
cc315850-de91-4b9f-85c3-0ccb15c1e74b
x-runtime
0.018256
application-937b267d938863c35d3ac0e9d6e71624e9ba2b0748c6568022dd3205cdf06930.css
cdn.cirro.io/assets/ 		288 B
430 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.cirro.io/assets/application-937b267d938863c35d3ac0e9d6e71624e9ba2b0748c6568022dd3205cdf06930.css
Requested by
Host: cirro.io
URL: https://cirro.io/users/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
166dbcb8a37069592f05df49e64448d4e89b4f3851b63abedf6690e512e1a8dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cirro.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74b443467b21374f-MXP
date
Thu, 15 Sep 2022 20:55:21 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Tue, 16 Nov 2021 09:52:12 GMT
server
cloudflare
age
594
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aPNjs49oCs1I4WuSUA80dNKOZp1uVf1JVgyqnIFc2WCZt2NB6kKMo0CcA5uZglYcU1j%2FjP%2BVFoiDnzBegc48rLmpAGKnioXxpZTNZFcOm8aO7MQNiLMMR7uYqejmoo3GKnM8onm2hoIWmKg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
application-e01baf95.css
cdn.cirro.io/packs/css/ 		3 MB
395 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.cirro.io/packs/css/application-e01baf95.css
Requested by
Host: cirro.io
URL: https://cirro.io/users/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b00cde2a39446be3c7fcb7d1ae40460478560c004e32175569d3f7c5acea7994
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cirro.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74b443467b1d374f-MXP
date
Thu, 15 Sep 2022 20:55:21 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Mon, 08 Aug 2022 16:27:28 GMT
server
cloudflare
age
594
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=keO%2FXubm82%2BUCeit%2Facq1kc6m66f5j1K2rSbPAgm0Xh6eIlWI70f7vI61qO3vLtLDoU%2FrEZE27W0eJVnKCgxFfqqIgyTHRbh5n%2BKuYz%2FNEojYFlwbQaoZOgqRLrf0XSZS%2FrHrlWIip4nlC4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
application-122c6ac6360f60c48dca.js
cdn.cirro.io/packs/js/ 		395 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cirro.io/packs/js/application-122c6ac6360f60c48dca.js
Requested by
Host: cirro.io
URL: https://cirro.io/users/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aff50a160fb8367c096f2f5825a79591bc7fa177815f22ef4814933589fd3205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cirro.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74b443467b23374f-MXP
date
Thu, 15 Sep 2022 20:55:21 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Mon, 08 Aug 2022 16:27:28 GMT
server
cloudflare
age
594
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uG28ubmf577a19JDt2NpFJHVgArqU1A7pXp3Zjkal4do4xZaNPsv%2FvAiDTwXeMzRBkBoJOPclIkUFCC45kBeHbRfveuw5e5WkMdQ%2Bn98i3SEluP%2BWzJlacFP4mcW76nWjmfuTlxRZmvP5Fw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
s480h2e5dsvg3te5udy27ng0iie4
s3.eu-central-1.amazonaws.com/files.cirro.io/
Redirect Chain
  • https://cdn.cirro.io/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBCZz09IiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--bb7d51adaec686d37c64f37fdae9085929c28514/testIO-symbol-squ...
  • https://s3.eu-central-1.amazonaws.com/files.cirro.io/s480h2e5dsvg3te5udy27ng0iie4?response-content-disposition=inline%3B%20filename%3D%22testIO-symbol-square-blue.png%22%3B%20filename%2A%3DUTF-8%27...
19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.eu-central-1.amazonaws.com/files.cirro.io/s480h2e5dsvg3te5udy27ng0iie4?response-content-disposition=inline%3B%20filename%3D%22testIO-symbol-square-blue.png%22%3B%20filename%2A%3DUTF-8%27%27testIO-symbol-square-blue.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAT7SN3QKZ6BMEHY4F%2F20220915%2Feu-central-1%2Fs3%2Faws4_request&X-Amz-Date=20220915T205521Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=0e8c1f2e0dead447cdbbf642d36089f0d21ac60fc1ff092013a93d56c5e245d4
Requested by
Host: cirro.io
URL: https://cirro.io/users/sign_in
Protocol
HTTP/1.1
Server
52.219.170.65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
0ac751d7da24f51a5aadf3206ad481fa0545710dc77e1890d0abb280b42a4296

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cirro.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
Date
Thu, 15 Sep 2022 20:55:22 GMT
Last-Modified
Thu, 08 Apr 2021 10:26:32 GMT
Server
AmazonS3
x-amz-request-id
CZ8EY75YKQ0KADZ1
ETag
"7efa8da3b9980c354bb2781315958f83"
x-amz-version-id
null
Content-Disposition
inline; filename="testIO-symbol-square-blue.png"; filename*=UTF-8''testIO-symbol-square-blue.png
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
19064
x-amz-id-2
yCKhkoTfS8bq56yZKQfbO7ZsuKXLfNNetcTqQSG1BPVRo8D9cpi6WxuWyCsAD5pTxKH+WtG5mog=

Redirect headers

date
Thu, 15 Sep 2022 20:55:21 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
26efef4a-0b0f-4dee-bfd0-cfe650873ad7
x-runtime
0.017550
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y9uX6mZUbvH98vdXeoNdVAsVsXZmZtQsAUJZjeD2DjQj7QJMh1QZlxCdB5trovpEDMb7lxj6QxALbdxIzqb1EbV%2B3iygx7MgNXCWrGtHOlXSkGYI7%2FgIX9XZ6R90dIi0mNwvMg6DXK9kVPA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
location
https://s3.eu-central-1.amazonaws.com/files.cirro.io/s480h2e5dsvg3te5udy27ng0iie4?response-content-disposition=inline%3B%20filename%3D%22testIO-symbol-square-blue.png%22%3B%20filename%2A%3DUTF-8%27%27testIO-symbol-square-blue.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAT7SN3QKZ6BMEHY4F%2F20220915%2Feu-central-1%2Fs3%2Faws4_request&X-Amz-Date=20220915T205521Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=0e8c1f2e0dead447cdbbf642d36089f0d21ac60fc1ff092013a93d56c5e245d4
vary
Accept-Encoding
cache-control
max-age=300, private
cf-ray
74b443472b99babe-MXP
css2
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Nunito&display=swap
Requested by
Host: cdn.cirro.io
URL: https://cdn.cirro.io/packs/css/application-e01baf95.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3c8de707408da9bc0d49a3960ddb9dab41b7577322867211c72614484eb8a991
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cirro.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 19:31:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 15 Sep 2022 20:55:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 15 Sep 2022 20:55:21 GMT
css2
fonts.googleapis.com/ 		2 KB
672 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Source+Code+Pro:ital@1&display=swap
Requested by
Host: cdn.cirro.io
URL: https://cdn.cirro.io/packs/css/application-e01baf95.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a7705474fe339613074bb0f8e8aa8d211c8e1b259ba828f6bf39599ac2dd0e91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cirro.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 20:55:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 15 Sep 2022 20:55:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 15 Sep 2022 20:55:21 GMT
cirro-logo-horizontal-darkbg-82fc57bc.svg
cdn.cirro.io/packs/media/logo-cirro/ 		10 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cirro.io/packs/media/logo-cirro/cirro-logo-horizontal-darkbg-82fc57bc.svg
Requested by
Host: cdn.cirro.io
URL: https://cdn.cirro.io/packs/css/application-e01baf95.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89ae2ca8eb3aa6ed0d8bca73630c2c4dd7bbf1fdccd721d26fe46eae988f463d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cirro.io/packs/css/application-e01baf95.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74b44348bf0ebabe-MXP
date
Thu, 15 Sep 2022 20:55:21 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Mon, 08 Aug 2022 16:27:28 GMT
server
cloudflare
age
6091
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nj4AzR4WNSFxpG2hZ8IBeeuEeFAWUS%2F4uKJ3mIgxNIww8PTh578E4MYV7DYamyg4kfHVIdLPvJI9pNUMC3HabTFsqjnpuPZSW3J%2B2uRPXmfMbHcubg7%2BLmCCQFq8zAGU3Drpa01RY9Vfj0A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
fonts.gstatic.com/s/nunito/v25/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e2f97ea0fb92d5e3ae31eeef403b9c34363c8fb2a387e13cf381fa97f3e8cf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cirro.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 19:04:03 GMT
x-content-type-options
nosniff
age
352278
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14060
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:44:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Sep 2023 19:04:03 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| webpackJsonp object| regeneratorRuntime function| Dropzone object| Turbo boolean| _rails_loaded

3 Cookies

Domain/Path Name / Value
.test.io/ Name: testio_session_key
Value: ecd578f56ee3e7875290a88680907a2d
.cirro.io/ Name: cirro_session_key
Value: c684cdafec965acdbac997a28dcf3bbf
cirro.io/ Name: browser_time_zone
Value: UTC

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block