urlscan.io logo urlscan.io
SecurityTrails logo

sandbox.anlyz.io Open in urlscan Pro
95.211.226.165  Public Scan

Go To Rescan Add Verdict Report
URL: https://sandbox.anlyz.io/
Submission: On November 19 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 6 domains to perform 12 HTTP transactions. The main IP is 95.211.226.165, located in Netherlands and belongs to LEASEWEB-NL-AMS-01 Netherlands, NL. The main domain is sandbox.anlyz.io.
TLS certificate: Issued by Sectigo RSA Extended Validation Secur... on March 25th 2019. Valid for: 2 years.
This is the only time sandbox.anlyz.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 95.211.226.165 60781 (LEASEWEB-...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 45.32.187.30 20473 (AS-CHOOPA)
12 6
5    95.211.226.165 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
sandbox.anlyz.io
2    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
apis.google.com
1    2a02:26f0:6c00:2bf::35c1 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
secure.aadcdn.microsoftonline-p.com
1    2606:4700::6811:4004 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com
2    2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    45.32.187.30 (Amsterdam, Netherlands)

ASN20473 (AS-CHOOPA - Choopa, LLC, US)
PTR: tpaksu.vultr.com
rettica.com
Domain Requested by
5 sandbox.anlyz.io sandbox.anlyz.io
2 fonts.googleapis.com sandbox.anlyz.io
2 apis.google.com sandbox.anlyz.io
apis.google.com
1 rettica.com sandbox.anlyz.io
1 cdnjs.cloudflare.com sandbox.anlyz.io
1 secure.aadcdn.microsoftonline-p.com sandbox.anlyz.io
12 6

This site contains no links.

Subject Issuer Validity Valid
anlyz.co
Sectigo RSA Extended Validation Secure Server CA		 2019-03-25 -
2021-03-24		 2 years crt.sh
*.apis.google.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
secure.aadcdn.microsoftonline-p.com
Microsoft IT TLS CA 4		 2019-07-17 -
2021-07-17		 2 years crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-08-10 -
2020-02-16		 6 months crt.sh
*.googleapis.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
rettica.com
Let's Encrypt Authority X3		 2019-10-25 -
2020-01-23		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://sandbox.anlyz.io/
Frame ID: D7ECB4E28CF941A9C0D214C8CF7E7169
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

12
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

6
IPs

4
Countries

1151 kB
Transfer

4214 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
sandbox.anlyz.io/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sandbox.anlyz.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.211.226.165 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
517698938e87063d50caa1b3ffb859775f4687d0eb7412aee1f59531571bbf1a
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://apis.google.com https://secure.aadcdn.microsoftonline-p.com https://cdnjs.cloudflare.com https://ssl.google-analytics.com https://connect.facebook.net; img-src 'self' data: https://ssl.google-analytics.com https://s-static.ak.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; font-src 'self' data: https://fonts.gstatic.com https://themes.googleusercontent.com; frame-src https://accounts.google.com/ https://www.facebook.com https://s-static.ak.facebook.com https://sandbox.anlyz.io; object-src 'none';
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
sandbox.anlyz.io
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Sec-Fetch-User
?1

Response headers

status
200
server
nginx
content-type
text/html; charset=utf-8
vary
Accept-Encoding
strict-transport-security
max-age=15768000; includeSubdomains; preload
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
referrer-policy
origin
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://apis.google.com https://secure.aadcdn.microsoftonline-p.com https://cdnjs.cloudflare.com https://ssl.google-analytics.com https://connect.facebook.net; img-src 'self' data: https://ssl.google-analytics.com https://s-static.ak.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; font-src 'self' data: https://fonts.gstatic.com https://themes.googleusercontent.com; frame-src https://accounts.google.com/ https://www.facebook.com https://s-static.ak.facebook.com https://sandbox.anlyz.io; object-src 'none';
date
Tue, 19 Nov 2019 22:09:27 GMT
x-page-speed
1.13.35.2-0
cache-control
max-age=0, no-cache
content-encoding
br
chunk-vendors.780affc0.css.pagespeed.ce.X5iA6rtFM1.css
sandbox.anlyz.io/css/ 		268 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sandbox.anlyz.io/css/chunk-vendors.780affc0.css.pagespeed.ce.X5iA6rtFM1.css
Requested by
Host: sandbox.anlyz.io
URL: https://sandbox.anlyz.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.211.226.165 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
3cf0a7bd7b071348a70758724b47304617eaec39fc955442a1e0ea47e291b031
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://apis.google.com https://secure.aadcdn.microsoftonline-p.com https://cdnjs.cloudflare.com https://ssl.google-analytics.com https://connect.facebook.net; img-src 'self' data: https://ssl.google-analytics.com https://s-static.ak.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; font-src 'self' data: https://fonts.gstatic.com https://themes.googleusercontent.com; frame-src https://accounts.google.com/ https://www.facebook.com https://s-static.ak.facebook.com https://sandbox.anlyz.io; object-src 'none';
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sandbox.anlyz.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=15768000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
x-original-content-length
274306
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-page-speed
1.13.35.2-0
referrer-policy
origin
server
nginx
date
Tue, 19 Nov 2019 22:09:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=31536000
etag
W/"0"
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://apis.google.com https://secure.aadcdn.microsoftonline-p.com https://cdnjs.cloudflare.com https://ssl.google-analytics.com https://connect.facebook.net; img-src 'self' data: https://ssl.google-analytics.com https://s-static.ak.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; font-src 'self' data: https://fonts.gstatic.com https://themes.googleusercontent.com; frame-src https://accounts.google.com/ https://www.facebook.com https://s-static.ak.facebook.com https://sandbox.anlyz.io; object-src 'none';
expires
Wed, 18 Nov 2020 22:09:27 GMT
A.app.5af308e7.css.pagespeed.cf.rU9m4X5GFb.css
sandbox.anlyz.io/css/ 		207 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sandbox.anlyz.io/css/A.app.5af308e7.css.pagespeed.cf.rU9m4X5GFb.css
Requested by
Host: sandbox.anlyz.io
URL: https://sandbox.anlyz.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.211.226.165 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
07005da4084be7177884210a41b4f8197cfb0103b23ac41766b1bcc5e282fe6c
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://apis.google.com https://secure.aadcdn.microsoftonline-p.com https://cdnjs.cloudflare.com https://ssl.google-analytics.com https://connect.facebook.net; img-src 'self' data: https://ssl.google-analytics.com https://s-static.ak.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; font-src 'self' data: https://fonts.gstatic.com https://themes.googleusercontent.com; frame-src https://accounts.google.com/ https://www.facebook.com https://s-static.ak.facebook.com https://sandbox.anlyz.io; object-src 'none';
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sandbox.anlyz.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=15768000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-original-content-length
212498
status
200
vary
Accept-Encoding
content-length
30883
x-xss-protection
1; mode=block
x-page-speed
1.13.35.2-0
referrer-policy
origin
last-modified
Tue, 19 Nov 2019 19:56:02 GMT
server
nginx
date
Tue, 19 Nov 2019 19:56:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=31536000
etag
W/"0"
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://apis.google.com https://secure.aadcdn.microsoftonline-p.com https://cdnjs.cloudflare.com https://ssl.google-analytics.com https://connect.facebook.net; img-src 'self' data: https://ssl.google-analytics.com https://s-static.ak.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; font-src 'self' data: https://fonts.gstatic.com https://themes.googleusercontent.com; frame-src https://accounts.google.com/ https://www.facebook.com https://s-static.ak.facebook.com https://sandbox.anlyz.io; object-src 'none';
expires
Wed, 18 Nov 2020 19:56:02 GMT
api:client.js
apis.google.com/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api:client.js
Requested by
Host: sandbox.anlyz.io
URL: https://sandbox.anlyz.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
2d49a8f645e969d7e519568a80b91d91374e19fbdd2938321bf9a69a85b9c101
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://sandbox.anlyz.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Tue, 19 Nov 2019 22:09:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
script-src 'report-sample' 'nonce-BUm01pAy8nGNh/ts70EWLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
status
200
strict-transport-security
max-age=31536000
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
etag
"bdf1e18cd51df33f09bbdd1504daf378"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin
*
expires
Tue, 19 Nov 2019 22:09:28 GMT
msal.min.js
secure.aadcdn.microsoftonline-p.com/lib/0.2.3/js/ 		70 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.aadcdn.microsoftonline-p.com/lib/0.2.3/js/msal.min.js
Requested by
Host: sandbox.anlyz.io
URL: https://sandbox.anlyz.io/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2bf::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
e2fe6169e9e1946a54a1238c75f87f7488c66ff01cf223ebbf0cad18ac5f3908
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://sandbox.anlyz.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Tue, 19 Nov 2019 22:09:28 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 May 2019 23:43:02 GMT
Content-MD5
bn4X73VZ4lfj7/f30DeLHA==
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=473823
Connection
keep-alive
Content-Length
16634
d3.min.js
cdnjs.cloudflare.com/ajax/libs/d3/3.5.3/ 		147 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/d3/3.5.3/d3.min.js
Requested by
Host: sandbox.anlyz.io
URL: https://sandbox.anlyz.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bc79f159904f1905fcadab593d2e8ad6406acfaadcb70afafdb2e09ce2efadd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://sandbox.anlyz.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Tue, 19 Nov 2019 22:09:27 GMT
content-encoding
br
cf-cache-status
HIT
age
17306742
cf-ray
53858235ed7dcbb8-VIE
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:18:48 GMT
server
cloudflare
etag
W/"5afd48f8-24ce8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sun, 08 Nov 2020 22:09:27 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.008
chunk-vendors.10c5e9e3.js.pagespeed.ce.WVs6wwnT2d.js
sandbox.anlyz.io/js/ 		3 MB
805 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sandbox.anlyz.io/js/chunk-vendors.10c5e9e3.js.pagespeed.ce.WVs6wwnT2d.js
Requested by
Host: sandbox.anlyz.io
URL: https://sandbox.anlyz.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.211.226.165 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
86d5a18a486c53d00af2e21009c8f6e1fd077cd0ee8b0207de7b565cc6a7c3cf
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://apis.google.com https://secure.aadcdn.microsoftonline-p.com https://cdnjs.cloudflare.com https://ssl.google-analytics.com https://connect.facebook.net; img-src 'self' data: https://ssl.google-analytics.com https://s-static.ak.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; font-src 'self' data: https://fonts.gstatic.com https://themes.googleusercontent.com; frame-src https://accounts.google.com/ https://www.facebook.com https://s-static.ak.facebook.com https://sandbox.anlyz.io; object-src 'none';
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sandbox.anlyz.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=15768000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
x-original-content-length
2879397
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-page-speed
1.13.35.2-0
referrer-policy
origin
server
nginx
date
Tue, 19 Nov 2019 22:09:28 GMT
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=31536000
etag
W/"0"
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://apis.google.com https://secure.aadcdn.microsoftonline-p.com https://cdnjs.cloudflare.com https://ssl.google-analytics.com https://connect.facebook.net; img-src 'self' data: https://ssl.google-analytics.com https://s-static.ak.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; font-src 'self' data: https://fonts.gstatic.com https://themes.googleusercontent.com; frame-src https://accounts.google.com/ https://www.facebook.com https://s-static.ak.facebook.com https://sandbox.anlyz.io; object-src 'none';
expires
Wed, 18 Nov 2020 22:09:28 GMT
app.e64de7cc.js.pagespeed.jm.K2dU96VxKu.js
sandbox.anlyz.io/js/ 		397 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sandbox.anlyz.io/js/app.e64de7cc.js.pagespeed.jm.K2dU96VxKu.js
Requested by
Host: sandbox.anlyz.io
URL: https://sandbox.anlyz.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.211.226.165 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
7e544c96ef00ce26993c6bea433bababaa625b1d0b51a2ec78d891fca2840ade
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://apis.google.com https://secure.aadcdn.microsoftonline-p.com https://cdnjs.cloudflare.com https://ssl.google-analytics.com https://connect.facebook.net; img-src 'self' data: https://ssl.google-analytics.com https://s-static.ak.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; font-src 'self' data: https://fonts.gstatic.com https://themes.googleusercontent.com; frame-src https://accounts.google.com/ https://www.facebook.com https://s-static.ak.facebook.com https://sandbox.anlyz.io; object-src 'none';
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sandbox.anlyz.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=15768000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-original-content-length
406722
status
200
vary
Accept-Encoding
content-length
110816
x-xss-protection
1; mode=block
x-page-speed
1.13.35.2-0
referrer-policy
origin
last-modified
Tue, 19 Nov 2019 19:56:01 GMT
server
nginx
date
Tue, 19 Nov 2019 19:56:01 GMT
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=31536000
etag
W/"0"
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://apis.google.com https://secure.aadcdn.microsoftonline-p.com https://cdnjs.cloudflare.com https://ssl.google-analytics.com https://connect.facebook.net; img-src 'self' data: https://ssl.google-analytics.com https://s-static.ak.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; font-src 'self' data: https://fonts.gstatic.com https://themes.googleusercontent.com; frame-src https://accounts.google.com/ https://www.facebook.com https://s-static.ak.facebook.com https://sandbox.anlyz.io; object-src 'none';
expires
Wed, 18 Nov 2020 19:56:01 GMT
css
fonts.googleapis.com/ 		1 KB
486 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Barlow
Requested by
Host: sandbox.anlyz.io
URL: https://sandbox.anlyz.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
87e05d141db78d8a778b105495b381ab609b7add606c16b301954c4aa72034d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://sandbox.anlyz.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 19 Nov 2019 22:09:28 GMT
server
ESF
access-control-allow-origin
*
date
Tue, 19 Nov 2019 22:09:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Tue, 19 Nov 2019 22:09:28 GMT
css
fonts.googleapis.com/ 		10 KB
702 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Barlow:100,200,300,400,500,600,700,800,900
Requested by
Host: sandbox.anlyz.io
URL: https://sandbox.anlyz.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
e6b4b8d26453468e5e84035992669165568db9beec410f16db15603df1c536e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://sandbox.anlyz.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 19 Nov 2019 22:09:28 GMT
server
ESF
access-control-allow-origin
*
date
Tue, 19 Nov 2019 22:09:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Tue, 19 Nov 2019 22:09:28 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.2O_3XQTFIPY.O/m=client/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCM0JjSA0I0wvcxN0q5y4p-sc5Yxiw/ 		287 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.2O_3XQTFIPY.O/m=client/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCM0JjSA0I0wvcxN0q5y4p-sc5Yxiw/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api:client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
66a0b2283ca6af83098411b1427182d52615727bc51d7feba1bceab69aa2b72d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sandbox.anlyz.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Tue, 19 Nov 2019 01:22:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 12 Nov 2019 22:37:32 GMT
server
sffe
age
74848
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
101118
x-xss-protection
0
expires
Wed, 18 Nov 2020 01:22:00 GMT
track.php
rettica.com/ 		1 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rettica.com/track.php?l=frrnq8--q_lb`mv,_ljwx,gm-
Requested by
Host: sandbox.anlyz.io
URL: https://sandbox.anlyz.io/js/chunk-vendors.10c5e9e3.js.pagespeed.ce.WVs6wwnT2d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.32.187.30 Amsterdam, Netherlands, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
tpaksu.vultr.com
Software
nginx/1.10.3 /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Accept
*/*
Referer
https://sandbox.anlyz.io/
Origin
https://sandbox.anlyz.io
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Tue, 19 Nov 2019 22:09:28 GMT
Content-Encoding
gzip
Server
nginx/1.10.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| gapi object| ___jsl object| Msal object| d3 object| gadgets object| osapi object| shindig object| googleapis object| oauth2 object| iframer function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| __gapi_jstiming__ object| webpackJsonp object| __core-js_shared__ object| core object| regeneratorRuntime function| Hammer object| FontAwesomeConfig object| ___FONT_AWESOME___

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://apis.google.com https://secure.aadcdn.microsoftonline-p.com https://cdnjs.cloudflare.com https://ssl.google-analytics.com https://connect.facebook.net; img-src 'self' data: https://ssl.google-analytics.com https://s-static.ak.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; font-src 'self' data: https://fonts.gstatic.com https://themes.googleusercontent.com; frame-src https://accounts.google.com/ https://www.facebook.com https://s-static.ak.facebook.com https://sandbox.anlyz.io; object-src 'none';
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block