threatintelligenceplatform.com Open in urlscan Pro
2606:4700:3037::6815:4cec  Public Scan

URL: https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
Submission: On July 10 via manual from US — Scanned from DE

Summary

This website contacted 19 IPs in 5 countries across 14 domains to perform 68 HTTP transactions. The main IP is 2606:4700:3037::6815:4cec, located in United States and belongs to CLOUDFLARENET, US. The main domain is threatintelligenceplatform.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 11th 2022. Valid for: a year.
This is the only time threatintelligenceplatform.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
18 2606:4700:303... 13335 (CLOUDFLAR...)
1 51.11.20.152 8075 (MICROSOFT...)
7 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a04:4e42:600... 54113 (FASTLY)
6 2a00:1450:400... 15169 (GOOGLE)
1 207.21.195.85 13768 (COGECO-PEER1)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 18.66.97.49 16509 (AMAZON-02)
3 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.43.14 8068 (MICROSOFT...)
1 52.222.236.74 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
5 2607:f2d8:1:2... 18450 (WEBNX)
1 18.66.139.28 16509 (AMAZON-02)
1 34.253.52.76 16509 (AMAZON-02)
68 19
Apex Domain
Subdomains
Transfer
23 threatintelligenceplatform.com
threatintelligenceplatform.com
api.threatintelligenceplatform.com
361 KB
17 gstatic.com
fonts.gstatic.com
www.gstatic.com
608 KB
7 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
107 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 8
73 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 395
www.linkedin.com — Cisco Umbrella Rank: 485
px4.ads.linkedin.com — Cisco Umbrella Rank: 5675
4 KB
4 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 627
script.hotjar.com — Cisco Umbrella Rank: 904
vars.hotjar.com — Cisco Umbrella Rank: 917
in.hotjar.com — Cisco Umbrella Rank: 1509
68 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
20 KB
2 amcharts.com
www.amcharts.com — Cisco Umbrella Rank: 50991
106 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 71
1 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 119
449 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 780
3 KB
1 domaining.com
partner.domaining.com
10 KB
1 polyfill.io
cdn.polyfill.io — Cisco Umbrella Rank: 3089
449 B
1 perk0mean.com
secure.perk0mean.com — Cisco Umbrella Rank: 48787
304 B
68 14
Domain Requested by
18 threatintelligenceplatform.com threatintelligenceplatform.com
9 www.gstatic.com www.google.com
www.gstatic.com
8 fonts.gstatic.com fonts.googleapis.com
www.google.com
threatintelligenceplatform.com
7 cdnjs.cloudflare.com threatintelligenceplatform.com
6 www.google.com threatintelligenceplatform.com
www.gstatic.com
www.google.com
5 api.threatintelligenceplatform.com cdnjs.cloudflare.com
threatintelligenceplatform.com
2 px.ads.linkedin.com 2 redirects
2 www.google-analytics.com threatintelligenceplatform.com
www.google-analytics.com
2 www.amcharts.com threatintelligenceplatform.com
1 in.hotjar.com script.hotjar.com
1 vars.hotjar.com static.hotjar.com
1 fonts.googleapis.com threatintelligenceplatform.com
1 stats.g.doubleclick.net www.google-analytics.com
1 script.hotjar.com static.hotjar.com
1 px4.ads.linkedin.com threatintelligenceplatform.com
1 www.linkedin.com 1 redirects
1 static.hotjar.com threatintelligenceplatform.com
1 snap.licdn.com threatintelligenceplatform.com
1 partner.domaining.com threatintelligenceplatform.com
1 cdn.polyfill.io threatintelligenceplatform.com
1 secure.perk0mean.com threatintelligenceplatform.com
68 21

This site contains links to these domains. Also see Links.

Domain
github.com
cafe.thmredteam.com
www.amcharts.com
16monkeys.com.au
1820cutter.com
1xbetrrr666.ru
24hourplumbercairns.com.au
313star.com
422231.com
481qq.com
533r.xyz
731zzz.com
79pv.com
8004258.com
989ww989.com
aaclub.io
abbialoinessphonid.cf
abvicarne.tk
acasat.cf
acazach.ga
accelerating-intelligence.com
acmyworl.tk
adictivomagazine.net
affgob.link
afiqtesoft.cf
aiaixxav.xyz
airaseleraindonesia.com
airtasks.ca
aj8.ir
akaden.tk
akimbo.gg
alahmad.com
alazon6.xyz
albaraka-kuwait.com
alenproxamidcap.tk
aleptranun.ga
alevrecontata.ml
alharbiseafood.com
alknusfuncstucultrel.tk
alyteem.com
amerex.cf
amfulcacuchosa.tk
amhijbameveegi.ml
andotecar.ml
ang7sm.ru
anicaral.tk
ankitchaubey.in
ansordamea.gq
antakya-haber.xyz
antisojowp.ru
apollo-metal.com
apple-security-icloud.com
arsphersoftracheter.tk
asaydental.com
asglucop.tk
atanachnoburg.ga
augusttech.com.bd
av06.top
avalonsdesigns.com
avenlikonsbecat.tk
ayav6xx.top
azmirtefo.store
babychameleon.finance
backdoorlifehacks.com
backthatschemiranal.tk
bandev.net
bankrobber20.stream
batak.net
bbgym.ro
be-an-it-assicurazione-auto-ok.live
beardwithoutmustache.com
beautybkim.nl
bendareahomeclick.com
benedictinewinona.org
benova.xyz
bercipororami.gq
besana.cloud
bestcamp-israily-lover.tk
besthairregrowth.in
bestnjbettingsites.com
bet-sf.com
bewellhungary.gq
beytersimp.tk
biblebusters.org
binaryoptionrobot.com
biovetucvei.cf
bitmetrica.net
bitterfrog.website
bjelinflooring.com
bk-sa.xyz
blascountco.tk
blockchaineventon.com
blogolselrisiti.tk
bolgconspacitoma.tk
boonika.org
bornincrete.com
boxcnolsmahldosdemu.tk
bracoltrusvir.tk
brandmega.in
brayor.life
breuerdental.com
brewskitea.co
bridalbeautybybrittany.com
budhablessyou.com
buildingsreimagined.com
bulajoxi.cf
bundmalvovi.ga
burtlescentficap.tk
butterflyharmony.com
bylobelisario.com.br
c4cashflowsystem.com
cahwlindhacontforri.tk
cameracontemplate.top
cameronkimjones.com
candug.xyz
casguikercginkde.tk
cashmate.xyz
casoljumextra.ml
cassoutylesryva.tk
castswebob.ga
catdegavil.ga
cautinomarkstun.tk
cbcfonline.org
cekuonsekiz.store
chat80.com
chawogoko.tk
childskysechucin.tk
chingjintestro.cf
chramberroalandcon.tk
chrixonline.tk
chrominphalking.tk
circralun.tk
clasovahbamle.gq
cloudvuban.tk
clubriobet.xyz
cnhats.com
coachinganddevelopmentinc.com
coastalultrasound.nz
codigoabundanciainfinita.store
coldsanmatosle.ml
comlitihazo.tk
comparadordewebsparaligar.com
compdistqussortsag.tk
complemacirsa.gq
compranrapo.ml
concjumefoocho.tk
consdergestve.ml
constenbyrovic.tk
contentfy.ge
couchpop.ca
crapendnj.site
creadbimasunpowork.ml
creatagalgauwarney.tk
createcincinnati.com
creigdwight.live
curul.com.mx
cutlerbay.club
cvgtvlsk.com
dabcontwinveger.ga
dabhabelthernfesme.cf
dailyautomatedleads.com
dalahills.com
damconfbackclinapful.ml
danskespil226.live
datingstad.gq
daxingzhaopin.com
dch-immobilien.de
delpasto.xyz
dely.chat
depositslots.guide
derwcocegetlemo.ga
detweet.net
deutschepornos.me
devtoolscast.eu.org
diocrafpeonanphife.tk
diowoebul.tk
distquatovofili.cf
dj8abc.com
djsch.ml
doclisysmogibe.tk
doctesaver.cf
doramy.club
dowsforamickhochart.tk
doynaloverbe.tk
dpdevs.net
dr-rudy.com
drugrehablakeland.com
dubaqoao.ga
dumpsternc.com
dupsolastaradic.tk
duromanforte.live
dxuhg.com
dyrsmu.com
eaglestones.co.za
ealun.com
easy-make-tech24.ru
ecodiemacademy.com
econom.ru.com
eczaneilaclari.com
edithsteller.com
ehthote.cf
eldaar.net
elegantskn.com
empirelegion.io
enesdtm.com.tr
enocpoca.ga
entretien-elagage-jardin-78.fr
enusitatschalen.ga
erasen.cf
erpubtediper.tk
esdeppazasasab.tk
esportsteams.co
estateshop.biz
etkinbilisim.com
eurobonusplusdeal.dk
eurocyclesonoma.com
europejhja.online
eurosale.xyz
exhilaratingstable.date
extrabilidade.com.br
ezbigdiet.com
f-spray.eu
fabrehabe.tk
falconent.xyz
farmisa.com
fastcashforproperty.net
feelthebern.org
ferbrasseguros.com.br
ficsodomfilitl.tk
fidisventsound.tk
fielserchargiconsubs.ml
filmecompleto.com.br
filmlord.co
financial-bet.com
finest.net.pl
flexedalflourap.cf
flinthaca.cf
floralfactory.ng
flowacacannitua.tk
flowroabrookahen.tk
fogphepasswork.gq
fohor.ml
folkrearliri.tk
fotubestmembcolxe.cf
freeplaypa.com
freewallet.org
friendshipinworld.com
friendsmarketing.agency
fromexapolat.gq
fybatiwugu.gq
garbigalatea.es
garlalo.ga
gclub888.net
gdhpb.uk
geidelodleyjac.tk
geldnesslows.ga
genlighcarcheeverf.ml
geo-land.com.ua
gephatracentbami.ml
gesdira.ml
getshapermiss.com
gfsbd.net
glicorac.tk
glopherex.ml
go-a-luxury-suv-ok.live
go-loweryourbloodsugars-ok.live
goepupinve.cf
goldenchippyonline.co.uk
goldprescapon.tk
golfcelling.tk
golfkingisland.com
gowap.it
goynteridas.ml
gracechristianschoolsj.org
gracetaxandinsurance.net
grambogul.ml
gramevimcrawerbrook.tk
grandview.com.ar
grifextarvife.tk
grizzlah.com
groebli.li
grupopari.com
gucarrubelno.gq
gudangfilm.website
guevewinch.ga
hailynorsmu.tk
happywalker.com.sg
hautendthinkconsma.tk
hburdbidearrobbpdadefoddarahdcao.tk
healingdentalnj.com
heatdata.com
heavenfield.top
helgolandtrip.de
hernangil.com
herzogenrather-sc.de
himalayabaral.com.np
hitube.space
hk700.cc
hot-gay-porn.com
hotantamornest.cf
hotvideo1.xyz
houscametguibrook.tk
hrcp.pw
player.vimeo.com.cdn.cloudflare.net
rawgitcdn.b-cdn.net
cdnjs.cloudflare.com
fonts.googleapis.com
cdn.linearicons.com
use.fontawesome.com.cdn.cloudflare.net
ajax.googleapis.com
www.domaining.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-05-11 -
2023-05-10
a year crt.sh
secure.norm0care.com
Sectigo RSA Domain Validation Secure Server CA
2022-06-13 -
2023-06-13
a year crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2022 Q1
2022-03-08 -
2023-04-09
a year crt.sh
www.google.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
partner.domaining.com
Sectigo RSA Domain Validation Secure Server CA
2022-01-19 -
2023-02-04
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2022-03-01 -
2023-03-01
a year crt.sh
*.hotjar.com
Amazon
2021-11-25 -
2022-12-23
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.threatintelligenceplatform.com
Sectigo RSA Domain Validation Secure Server CA
2021-10-21 -
2022-11-21
a year crt.sh
*.google.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh

This page contains 4 frames:

Primary Page: https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
Frame ID: E4531F8C4A78FBCBBF798DFD1F8300E3
Requests: 47 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e0db0f25ef573fe233efc0372d38d69.html
Frame ID: 0B0F22540851F69C1416D1C79FB53AA1
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc7L2EUAAAAANVoe3FQqoC0RjmlZt1C-y634SCZ&co=aHR0cHM6Ly90aHJlYXRpbnRlbGxpZ2VuY2VwbGF0Zm9ybS5jb206NDQz&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&badge=bottomright&cb=113bvkewx6hz
Frame ID: 022FC55476EAB2CC993DC858D50ACDC0
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6Lc7L2EUAAAAANVoe3FQqoC0RjmlZt1C-y634SCZ
Frame ID: 6A0C66D75D74BDCF17EBAD215140E2B2
Requests: 11 HTTP requests in this frame

Screenshot

Page Title

Website Analysis of cafe.thmredteam.com - Threat Intelligence Platform

Detected technologies

Overall confidence: 100%
Detected patterns
  • amcharts.*\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • <div[^>]+class="g-recaptcha"
  • /recaptcha/api\.js

Page Statistics

68
Requests

99 %
HTTPS

65 %
IPv6

14
Domains

21
Subdomains

19
IPs

5
Countries

1360 kB
Transfer

3595 kB
Size

20
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=167604&time=1657479229760&url=https%3A%2F%2Fthreatintelligenceplatform.com%2Freport%2Fcafe.thmredteam.com%2F2dBb5k711R HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D167604%26time%3D1657479229760%26url%3Dhttps%253A%252F%252Fthreatintelligenceplatform.com%252Freport%252Fcafe.thmredteam.com%252F2dBb5k711R%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=167604&time=1657479229760&url=https%3A%2F%2Fthreatintelligenceplatform.com%2Freport%2Fcafe.thmredteam.com%2F2dBb5k711R&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=167604&time=1657479229760&url=https%3A%2F%2Fthreatintelligenceplatform.com%2Freport%2Fcafe.thmredteam.com%2F2dBb5k711R&liSync=true&e_ipv6=AQLUK3wgro5bzgAAAYHpdfOCka0Uu3U2ca4Mqw9RcNrWLYjVf6Trnz2g6rUQpHkW5jFoOKmk

68 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 2dBb5k711R
threatintelligenceplatform.com/report/cafe.thmredteam.com/
29 KB
9 KB
Document
General
Full URL
https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4cec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.8
Resource Hash
f366bf5f7449cd7796897f1374d02063ea752ae974e7801fa56e3ec981eef19b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=604800 no-cache, private
cf-cache-status
DYNAMIC
cf-ray
728b811cdab15b26-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 10 Jul 2022 18:53:49 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MaLWzBjabSPBrWHWLgA1W%2B5bv9nWX2f2fx9FZLocl5WA4zhqJDXqUs1YYLWuns8eyQ5XmrD5rNs%2BoPeB173KDh30BnfWUjtz5Kekrm9cB2Baru9yZxHRc4oM0QKJFRzocIHXpXj8sN2HWPt6Q7LgcIeRaHGdkdcJLEioJ24%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-powered-by
PHP/7.4.8
172412.js
secure.perk0mean.com/js/
16 B
304 B
Script
General
Full URL
https://secure.perk0mean.com/js/172412.js
Requested by
Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.11.20.152 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
dd8a4362e18759915e1bfce06fd0666f9f8fc17b60e7737963a4194e3a3b58b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligenceplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 10 Jul 2022 18:53:49 GMT
Server
Kestrel
Content-Type
text/javascript
Expires
0
Cache-Control
no-store, must-revalidate
Connection
keep-alive
Content-Length
16
Request-Context
appId=cid-v1:abe8a76f-f1a2-4b2e-9017-0ea36ffb5c20
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/
87 KB
28 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligenceplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 18:53:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3888096
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27958
timing-allow-origin
*
last-modified
Mon, 04 May 2020 23:01:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb09ed3-15d84"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5NikgVJdRBMMjCNtqUJ1mvB75lAJQrllRXzIP9cL1yMdY7BnGW0DOEO25C%2FPlukVzbF2LUhVfBsJalL2wjQHPAdaY44baIJiKyJsFAksm8eo1EgiXalY%2FAnqRKOG%2BUEDFBseZDQfRl419UgrVTphiy80"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
728b81212f989b94-FRA
expires
Fri, 30 Jun 2023 18:53:49 GMT
master.css
threatintelligenceplatform.com/css/
282 KB
44 KB
Stylesheet
General
Full URL
https://threatintelligenceplatform.com/css/master.css?id=a413a1a09142c478348f
Requested by
Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4cec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3db43f8a04b047a3caca8c25050a54430e5f4585578bff1aed799dc204342421
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 18:53:50 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 07 Jan 2022 09:57:46 GMT
server
cloudflare
etag
W/"61d80e9a-46663"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QyBsfZBX2asruSJmCTHP1i2xgrlmuJScMJG2gjzQtG85gGy2l2O00EcrPrLtbecwFXRUBdjWAJwyeF0trqY78%2BYCMSuT60nSE7jPUMZKj9ahLTupXS0R4C2%2BGtp9%2BNBgfRR3sgC%2Fo31HTV7PqZLrMK8B4yMNGORdT8PHSU4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2678400
cf-ray
728b8120ff135b26-FRA
expires
Mon, 11 Jul 2022 06:53:50 GMT
report.css
threatintelligenceplatform.com/css/
6 KB
2 KB
Stylesheet
General
Full URL
https://threatintelligenceplatform.com/css/report.css?ver=10963
Requested by
Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4cec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c97d6bb083b62dd413da172b6228429093b33c09ede602d64db7274636ac36d8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 18:53:50 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 10 Jul 2020 11:52:50 GMT
server
cloudflare
etag
W/"5f085692-177f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q7JeQ%2FpNtGjEzm1NZCbtduTLvL7geR2fW8%2F4E6trTA57ELCI%2FqLbw4FUnC9F65rzzJ2tvuORTzGN%2FMMDSkpAso14jJtIi6wRC1Pi%2Bkk%2FK3R2JkRxw6LgiAq%2BWJlRGXSqqq8z2tmApoT4K2yKYHJ3z2BVbydXa%2F%2F6I2hMFuI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2678400
cf-ray
728b8120ff155b26-FRA
expires
Mon, 11 Jul 2022 06:53:50 GMT
popUpInfoModal.css
threatintelligenceplatform.com/css/
4 KB
1 KB
Stylesheet
General
Full URL
https://threatintelligenceplatform.com/css/popUpInfoModal.css?ver=10963
Requested by
Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4cec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc1492bec185fef025f5c6f71f0f6e94a3b617c8ac8c3c2f43e093fc2b6cccb9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 18:53:50 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 10 Jul 2020 11:52:50 GMT
server
cloudflare
etag
W/"5f085692-101b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rUDU5VKxz9NH7i3g27Eemqj9AMf7yQ9AiwDZx%2Ffeonsye7E%2F%2FNMseFxz9frVEn6MBhcBToFk0LphTzkdQv3U0Ji8PK9a%2FIF0IqWbFU%2FjkFfcR%2FnxNt7PqxSuYRFsWsSiCC34nJvU%2BtOEmmuYqLC2aAeHbmInUDB%2F0UnSGlw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2678400
cf-ray
728b8120ff165b26-FRA
expires
Mon, 11 Jul 2022 06:53:50 GMT
reportMap.css
threatintelligenceplatform.com/css/
6 KB
2 KB
Stylesheet
General
Full URL
https://threatintelligenceplatform.com/css/reportMap.css?ver=10963
Requested by
Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4cec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad2232efa69545f574c2115a4a0bae168c0b2f76e636e6fcc268ecbad1efeb39
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 18:53:50 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 07 Aug 2020 08:56:57 GMT
server
cloudflare
etag
W/"5f2d1759-1762"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u96Ej2aWJZQsvPFGhKJlvL3aAvc3GUAG96o0W6SGzmvijzdbimANrmBBWVxlUpeCDjthyX%2BNw3CtMdX6NYkLxS5uvzkWI2rECeMrUYeCd8SXInnFzn3CBwLMegbBFz0SVij%2F021z9BtwimSXChxcQOu3bsHS2jcUvKVBMw8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2678400
cf-ray
728b8120ff185b26-FRA
expires
Mon, 11 Jul 2022 06:53:50 GMT
tip-grey-logo-long.png
threatintelligenceplatform.com/images/new-design/
10 KB
11 KB
Image
General
Full URL
https://threatintelligenceplatform.com/images/new-design/tip-grey-logo-long.png
Requested by
Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4cec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c59e2c9acbe644d42aadd5a72e6685fd6e61a7356d0d6ec86075953c3767d1e8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 18:53:50 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10598
last-modified
Mon, 21 Feb 2022 07:39:35 GMT
server
cloudflare
etag
"621341b7-2966"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PVl9G1%2B94yxcQKorw%2Fcy0oNAzCIWwvbPibUk4n7uQqJ6TWOiDvtLYOTXoe9tKRa5HBcW4EC14gPI0g8G9HZmGWz64GdNtH2AkVht4lw0Py3SYomT4y9E%2BcIM51y56UakeTRuJRCKjePhoSlBz6mI5YZ3hWXL6nHE5ToD9FU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
728b8121c8115b26-FRA
expires
Mon, 11 Jul 2022 06:53:50 GMT
polyfill.min.js
cdn.polyfill.io/v2/
222 B
449 B
Script
General
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js
Requested by
Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligenceplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 18:53:49 GMT
content-encoding
br
last-modified
Mon, 30 May 2022 06:24:43 GMT
age
0
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser
chrome/103.0.0
server-timing
cache-hhn4020, PASS, fastly;desc="Edge time";dur=23
accept-ranges
bytes
content-length
126
api.js
www.google.com/recaptcha/
850 B
965 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bb619ed51448a1da3305a765bd0f03477bca62295de9603b7c4f707f86b48101
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligenceplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 18:53:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
552
x-xss-protection
1; mode=block
expires
Sun, 10 Jul 2022 18:53:49 GMT
queued-logo.png
threatintelligenceplatform.com/images/
8 KB
8 KB
Image
General
Full URL
https://threatintelligenceplatform.com/images/queued-logo.png
Requested by
Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4cec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
587d5b6cc16da92c63cc4b1417933d7306a0ceca05f96e4b0b51831ed9557a16
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 18:53:50 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8027
last-modified
Fri, 10 Jul 2020 11:52:50 GMT
server
cloudflare
etag
"5f085692-1f5b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HOxr0MY060gjfzMZgUc4b4pLqBKMl8ohOOguo1eon0QM8PHHcLWV3X5SovcZtYukpvB2V8%2BVVQYFpHv0g75ckcjsojm%2FGaWVe%2B3tt455JT3TK89S4hxE9MV31CsTbVca5eIlQWGST%2FPtSTyZJSSorqCs7SGs%2B3NVnOSQxgA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
728b8121d81a5b26-FRA
expires
Mon, 11 Jul 2022 06:53:50 GMT
excellence-180x45.gif
partner.domaining.com/award/
9 KB
10 KB
Image
General
Full URL
https://partner.domaining.com/award/excellence-180x45.gif
Requested by
Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
207.21.195.85 Miami, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
partner.domaining.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
01ea09ab3189de1ac9a5cbd0d9b0c52b3611c6590a44e1a56ef3446b2cd058d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligenceplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 18:53:50 GMT
last-modified
Tue, 15 Mar 2011 08:55:34 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"cea618bfeee2cb1:0"
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
accept-ranges
bytes
content-type
image/gif
content-length
9717
commonFunctions.js
threatintelligenceplatform.com/js/helpers/
4 KB
2 KB
Script
General
Full URL
https://threatintelligenceplatform.com/js/helpers/commonFunctions.js?ver=10963
Requested by
Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4cec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
954742bbab65aeb2a038c3ccb0d172b0557a55e29d72413dca8371f3da494bd5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 18:53:50 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 07 Jan 2022 09:57:46 GMT
server
cloudflare
etag
W/"61d80e9a-1169"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gbHJ%2BpZGhcR%2FzcUG0Nqh4YRHf0%2F%2BDCfPv64tSn57riqNk1wFsDOelehAT58fex5%2ByMyx3t%2FWOAj0CYa5tFm84V190r3pddyef1wYnN2XYnsIY8jPNjaR7skvRp8vf%2BKFLAcGiL%2FjQTW5zmGTL2N68azgX6E4LhmaHXI2uLQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
728b8121c8035b26-FRA
expires
Mon, 11 Jul 2022 06:53:50 GMT
master.js
threatintelligenceplatform.com/js/
201 KB
59 KB
Script
General
Full URL
https://threatintelligenceplatform.com/js/master.js?id=ab048a23be60b37a6ade
Requested by
Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4cec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cd8557cab82a8cb91fdd1c09128abb8ea8dd8e165fa219172e8b51e19968e04
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 18:53:50 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 22 Mar 2021 07:55:54 GMT
server
cloudflare
etag
W/"60584d8a-32554"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hs9ENfvZuORb2JR35m3UIRBW9y8cox%2FUfxM%2BOEwJU3I6s%2Bm0vevMGvLJVkOi0QTwdPy7ISop6byUMNd0xZ1YTpwObGL5Ivlf7VVwKm7K58o1lasHbg8mHkMNr9RxGP6oW%2FtJ9qEpncnigvjvflC%2B9xvtbSE%2FtU%2FR0JLUZtg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
728b8121c8065b26-FRA
expires
Mon, 11 Jul 2022 06:53:50 GMT
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.0.0/
7 KB
3 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.0.0/jquery-migrate.min.js
Requested by
Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26494360e0db8345fef2c3e22a47055116f9cfb46f94d308684dd1036cfdeefc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligenceplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 18:53:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
10619607
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2382
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-1bab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ByAf9H3HAgaqTXSjtzgAtzmkXrZK8gOU8mtdDKKgF8W8TNRaA1OmHMb9zw1%2Fv1TgnwLUQJ9rsUJLTEdObn4baKgE2nY4mVlockkLYq1%2FYokkMN1vEVpuXKaQGX9m0JYegvJZDa%2FbQZQmdnNbrmI65BoY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
728b8121c8ab9b94-FRA
expires
Fri, 30 Jun 2023 18:53:49 GMT
report.js
threatintelligenceplatform.com/js/
16 KB
5 KB
Script
General
Full URL
https://threatintelligenceplatform.com/js/report.js?ver=10963
Requested by
Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4cec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97c0275154f9f590f2929dc0757ef165978ff91b183a5364742e334daa20163e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 18:53:50 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 11 Mar 2022 09:05:15 GMT
server
cloudflare
etag
W/"622b10cb-3fd8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LHIkOydDrJrdO3s%2FFUWqZWPhNX47pQ0pIXFWimoiQfY4hhXKpsWaC%2FUGs%2FX8DEDRkHcXePpyEANOicIERqUO8wn8JlqQEZJOLatXGAtVRbc1vnXAn3nY98yyK%2B8bl0%2FlCRg4bNmytk63%2B6AzTqCgQpripQgo5ijkiLNbAyc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
728b8121c8075b26-FRA
expires
Mon, 11 Jul 2022 06:53:50 GMT
dictionary.js
threatintelligenceplatform.com/js/lang/
166 KB
25 KB
Script
General
Full URL
https://threatintelligenceplatform.com/js/lang/dictionary.js?ver=10963
Requested by
Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4cec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f974f24bfea7419a4f344b576cd09ac5216cf47943567156b4fc5abbf7cfa1f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 18:53:50 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 31 Aug 2021 11:07:42 GMT
server
cloudflare
etag
W/"612e0d7e-2987c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0rl5s5Yt9zJsmRwILbrIDRDhvuKnaM5FwTXbPigjr2hYDkv8UblKcdVsqBLG%2BU1UjoTgjS5A5F8QuEdmkaWUNyTmpzPDF0sihlXUEYr3WljuLqOYCt5u6x0Za9z%2Fwvoy0j1fNmmdCYiAgmYM6v0dl7f3BmzP28Vnpxgb2KA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
728b8121c8095b26-FRA
expires
Mon, 11 Jul 2022 06:53:50 GMT
moment.min.js
cdnjs.cloudflare.com/ajax/libs/moment.js/2.22.1/
50 KB
15 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.22.1/moment.min.js
Requested by
Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f74b7103124df51dc2c0e42e93da8bc7bce703f34f9f82a6820edd81022f76a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligenceplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 18:53:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2767208
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15243
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:13:26 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f26-c9b6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EbjdzeUJmcbLom8uunI6FIx6WqqVnhx3qQ4G9yKGoaC3bQDDlXSTodMEUEdlGHNO3elEfIyg%2F61aICyORIHZK67bRdmCNKijZc2%2FacORpa7iCGdHTZcvHgMYA74H%2FSco004kZkDGEbQf1YJDEJKIFuq%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
728b8121c8ae9b94-FRA
expires
Fri, 30 Jun 2023 18:53:49 GMT
clipboard.min.js
cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.7.1/
11 KB
3 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.7.1/clipboard.min.js
Requested by
Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligenceplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 18:53:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
11414207
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3005
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:13 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e29-2aa5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yCU7ghDdXWg7C60f7APpiEPovNxbHv9LoRb7kYBBAJSjfvAM%2FNf%2B%2FaN6tCgPMVs8mtOuIrd0NyX83LCeiyEV8pR2rxS5wgfAZPf5rwfEcCCcDRAialTrpfWqmYCagPw6EObuJB5ejTm5ZtwzhNrhDcqD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
728b8121c8af9b94-FRA
expires
Fri, 30 Jun 2023 18:53:49 GMT
amcharts.js
cdnjs.cloudflare.com/ajax/libs/amcharts/3.21.12/
206 KB
53 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/amcharts/3.21.12/amcharts.js
Requested by
Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0565aeb9d15b05a3874a3d1f0fe1e366d8849f8e4f40d97e03312b279c026368
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligenceplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 18:53:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
14380528
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54225
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:16 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d00-336bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lI%2FM1YL0FPcntguX7nor%2BkOsyayBv1WQgXiU6dPEHuGu3uWP0QfS6ULgkkICQlJwJx1Vcy0aYH3qdu9ewqzIdwfuzjrYwVSS%2Fe6NRK%2BiDunO3ZilL5VhlTVKZxrq6yww7BR%2Bqr9wYtsutVlYXtsAIDBG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
728b8121c8b09b94-FRA
expires
Fri, 30 Jun 2023 18:53:49 GMT
light.js
cdnjs.cloudflare.com/ajax/libs/amcharts/3.21.12/themes/
4 KB
1 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/amcharts/3.21.12/themes/light.js
Requested by
Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffc75d0151232d7702d70e1a72854de57a69df4f0099e61abaf6bfc2cde8f121
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligenceplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 18:53:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
13513802
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
952
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:16 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d00-f1f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NZTWCr1O9mGy4Z%2FYsH1ZQ8YB%2FMjYdtpGfiBcokQ4iZc3fSeIsHIMuybyHjmy%2BZbZlLt8CeSTyIDC%2FZ2oF5%2BmCe%2FvxEZa3%2FI2TGl7rlmQBogb2cpRgzZ7W0LWm0HHT5hEcyJgAoTnFQYYIm%2FMxbR2ZzgL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
728b8121c8b29b94-FRA
expires
Fri, 30 Jun 2023 18:53:49 GMT
dataloader.min.js
cdnjs.cloudflare.com/ajax/libs/amcharts/3.21.12/plugins/dataloader/
7 KB
3 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/amcharts/3.21.12/plugins/dataloader/dataloader.min.js
Requested by
Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cae7bac7f1593451b941d21a66cd560612bf29a1678be4019d5d579cfd4994d2
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligenceplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 18:53:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2311
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:16 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d00-1a8b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MBs1rTXzEAWykBvptpIHtZswuCDDVHy558PuHa2iKUv2oGSaemt%2Ba2P064H9aQ3Y2vY3MGaxgw22kyqYNEKmMHcw8%2FyQr1tXxD42fpwCQYiBNY3BV5Lw2aPHqYosiD6gZKbr6eamASZV8IC%2BjRDiBpu1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
728b8121c8b39b94-FRA
expires
Fri, 30 Jun 2023 18:53:49 GMT
worldLow.js
www.amcharts.com/lib/3/maps/js/
147 KB
59 KB
Script
General
Full URL
https://www.amcharts.com/lib/3/maps/js/worldLow.js
Requested by
Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:498a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cac182f1490f132f547795d10ebfc286ef9197972b2b3b43e3c59c48609e7d35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligenceplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 18:53:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
106178
cf-polished
origSize=158502
last-modified
Tue, 03 Nov 2020 05:44:57 GMT
server
cloudflare
etag
W/"26b26-5fa0ee59-5f5f1494994760b3;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=noVxMaq0njQVwILlijS0FgFu7oYNk%2F0vKu%2BcpmicVVdu4bcZcohXmVTimL1Hw91hrs6EDsev7Of8NGiTKtY4GuTYri2xmcs7gZbIhjdZmeBH8YwmI7L1dFZBLrzNsRdOfoFpAQO5OOOOfsi1EB0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
access-control-allow-origin
*
expires
Sun, 17 Jul 2022 18:53:49 GMT
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
728b8121fbe78fdc-FRA
cf-bgj
minify
ammap.css
threatintelligenceplatform.com/js/ammap/
1 KB
924 B
Stylesheet
General
Full URL
https://threatintelligenceplatform.com/js/ammap/ammap.css
Requested by
Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4cec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
435ae8444a367b665eed3cc861df87c2e5f6f052e23d53429e77ad37787062b3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 18:53:50 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 10 Jul 2020 11:52:50 GMT
server
cloudflare
etag
W/"5f085692-4f1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r5tcGNtR0IXmU58AwzoG5NrYfwqHvbSWJO1vZkgxHBLaQBKpz31rXiHtE6WosoBjVeUvDLACAzmHfja%2FvDxr1CkZvHlwS7M9TJwk%2BG3xkZQ8Hh8SynOxkeI2dol1OoM5jafI%2FZf7I8gtibbqqrDqkqo648VrRIPh29oywsY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2678400
cf-ray
728b8121c80b5b26-FRA
expires
Mon, 11 Jul 2022 06:53:50 GMT
ammap.js
threatintelligenceplatform.com/js/ammap/
164 KB
50 KB
Script
General
Full URL
https://threatintelligenceplatform.com/js/ammap/ammap.js
Requested by
Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4cec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5e0e4053fc3240ff75262838e03e91de472821e9a4e42f3354d37b1627bfce6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 18:53:50 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 10 Jul 2020 11:52:50 GMT
server
cloudflare
etag
W/"5f085692-29097"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X4n2fUTrmiM7gZWm%2FCzZb7crRGKvL0b%2FOEY3wSzAZPAow%2BPbdRX06Fw3QJaX7PIJfsczg7SZMaRTkaZUUsNC%2BEFDstl4JQiO7u%2BaZ1ISZpndm6Z0DK4S6BrF2fiALlWaKJzbVVioRR%2FZBKGLTrhT4lP1uHJBTvnRlCpfTxI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
728b8121c80c5b26-FRA
expires
Mon, 11 Jul 2022 06:53:50 GMT
Box2dWeb-2.1.a.3.min.js
www.amcharts.com/lib/box2d/
220 KB
47 KB
Script
General
Full URL
https://www.amcharts.com/lib/box2d/Box2dWeb-2.1.a.3.min.js
Requested by
Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:498a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
161c240927acb1f66059684b5feb7c0e9fe17823a32f39a65cc575aacaae8df2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligenceplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 18:53:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
71044
last-modified
Wed, 21 Nov 2018 14:13:02 GMT
server
cloudflare
etag
W/"36ea7-5bf567ee-d9c4509621e3efe9;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JamNLAsRPdb6Yyrzx7efn6lIyaUjR%2BLfyJr7SZeM%2Bz3gaT3%2FpwzMgAQhNH5AGAUXbB3H0Ikp688oU1ozKPG%2FqbBne7LNQ%2B6NN7BKKmKzZO8J6RMjovR9plGIGfrg6Z5T7ZIa9OrFvAjsM9yQvaE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
728b8121fbe88fdc-FRA
expires
Sun, 17 Jul 2022 18:53:49 GMT
geopoint.js
threatintelligenceplatform.com/js/geopoint/
1 KB
965 B
Script
General
Full URL
https://threatintelligenceplatform.com/js/geopoint/geopoint.js
Requested by
Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4cec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60cbe25dd5209cee8011a8c943bb631fb1fa7aa341d49e0a5a06f5b2b9568bbb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 18:53:50 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 10 Jul 2020 11:52:50 GMT
server
cloudflare
etag
W/"5f085692-52c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1P%2BfN8bxG6wy%2BmhI8yzWtUQCvGkWs4T36u%2FAmg1oC7KTzvXtQzJwH5K2itMVoitkIvXxd%2Be%2BTUNGufPT455zwKwjLwE6%2BSWRXhD7aKyi4bpRL70LgFUt7gg8qqwbm4XzLDgLSga6lMe0W8XIwSY892Obrjt16X3u%2Bc0ryqU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
728b8121c80e5b26-FRA
expires
Mon, 11 Jul 2022 06:53:50 GMT
reportMap.js
threatintelligenceplatform.com/js/
5 KB
2 KB
Script
General
Full URL
https://threatintelligenceplatform.com/js/reportMap.js?ver=10963
Requested by
Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4cec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54b4524117451e8161933c836e19316b852150b1ac9658bf3a4ba8d2465ec33f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 18:53:50 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 09 Mar 2021 11:21:47 GMT
server
cloudflare
etag
W/"60475a4b-1552"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TILGzzJDIQah7MjEepi3vH0J7SuplrNhN1%2BEXPwxJkP1PT%2FnbSo1FHQXHs4AD4nEzkMkT5pWupFh7nfQRI1Z66yl0s8isYPgJiq0wb8Nu%2BSosx0qybt2%2BMfdb6VN5LTHKdPb2iD5LAkYY6kVzGGmedrHJWSQyVkrl2xrogY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
728b8121c80f5b26-FRA
expires
Mon, 11 Jul 2022 06:53:50 GMT
box2dForMap.js
threatintelligenceplatform.com/js/
2 KB
924 B
Script
General
Full URL
https://threatintelligenceplatform.com/js/box2dForMap.js?ver=10963
Requested by
Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4cec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cd2a78107b2738610e334c7e34591cd5f6de12234c3f9f593af742be90e6c70
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 18:53:50 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 10 Jul 2020 11:52:50 GMT
server
cloudflare
etag
W/"5f085692-69d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jQFmzT4sN2uIluA01KWXNUN2cHgJv4GwELbGQ7Cy8KoXtFfppjk24dlnubJYEMid9ezoszTkcm6G0rTgUuJi6bkT3D2rDrxpI6M2dTN16RxtZ39NV3skoY5hvSWW2lQfQwHGSf%2BEIHiMC66G2jB%2BJDQRmbILJOVN21g5mFg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
728b8121c8105b26-FRA
expires
Mon, 11 Jul 2022 06:53:50 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligenceplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6538
date
Sun, 10 Jul 2022 17:04:51 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 10 Jul 2022 19:04:51 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/
8 KB
3 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligenceplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 18:53:49 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Apr 2022 23:25:22 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=72787
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3085
hotjar-945748.js
static.hotjar.com/c/
4 KB
2 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-945748.js?sv=6
Requested by
Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-49.fra56.r.cloudfront.net
Software
/
Resource Hash
48a6dded4a64ff0e72e3baacebbaeca18c40f551f6e5a1da72eb1a1cdb724aea
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligenceplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P2
x-cache-hit
1
date
Sun, 10 Jul 2022 18:53:49 GMT
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-amz-cf-id
eJndjcX3QgSG7TbT2wd_f0FweWJhTjxT-CqbOQPS0cTST6T1BmadQA==
etag
W/0f5f68ad1dc202db1419285b00d2b4d6
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=167604&time=1657479229760&url=https%3A%2F%2Fthreatintelligenceplatform.com%2Freport%2Fcafe.thmredteam.com%2F2dBb5k711R
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D167604%26time%3D1657479229760%26url%3Dhttps%253A%252F%252Fthreatintelligenceplatf...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=167604&time=1657479229760&url=https%3A%2F%2Fthreatintelligenceplatform.com%2Freport%2Fcafe.thmredteam.com%2F2dBb5k711R&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=167604&time=1657479229760&url=https%3A%2F%2Fthreatintelligenceplatform.com%2Freport%2Fcafe.thmredteam.com%2F2dBb5k711R&liSync=true&e_ipv6=AQLUK3w...
0
265 B
Image
General
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=167604&time=1657479229760&url=https%3A%2F%2Fthreatintelligenceplatform.com%2Freport%2Fcafe.thmredteam.com%2F2dBb5k711R&liSync=true&e_ipv6=AQLUK3wgro5bzgAAAYHpdfOCka0Uu3U2ca4Mqw9RcNrWLYjVf6Trnz2g6rUQpHkW5jFoOKmk
Requested by
Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
Protocol
H2
Server
13.107.43.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligenceplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 18:53:50 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 091BF07CAE2845F4A46AB5241AF42B31 Ref B: VIEEDGE1009 Ref C: 2022-07-10T18:53:50Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-proto
http/2
content-length
0
x-li-uuid
AAXjd/TGXHw1l529HjkkaA==
x-li-fabric
prod-lva1

Redirect headers

date
Sun, 10 Jul 2022 18:53:49 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: A68E07DE16DB425DA5FF53A3771B826C Ref B: FRAEDGE1112 Ref C: 2022-07-10T18:53:50Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=167604&time=1657479229760&url=https%3A%2F%2Fthreatintelligenceplatform.com%2Freport%2Fcafe.thmredteam.com%2F2dBb5k711R&liSync=true&e_ipv6=AQLUK3wgro5bzgAAAYHpdfOCka0Uu3U2ca4Mqw9RcNrWLYjVf6Trnz2g6rUQpHkW5jFoOKmk
x-li-proto
http/2
content-length
0
x-li-uuid
AAXjd/S/AoRWBmsZMVdLeA==
modules.e691815239005b70eaea.js
script.hotjar.com/
244 KB
63 KB
Script
General
Full URL
https://script.hotjar.com/modules.e691815239005b70eaea.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-945748.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-74.fra56.r.cloudfront.net
Software
/
Resource Hash
57f0421ad8d70e1ec4ab2c3792d7b639374cc5bc4beaf4981c0213064ecb206b
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligenceplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 08 Jul 2022 10:10:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
204223
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains
content-length
64296
access-control-allow-origin
*
last-modified
Fri, 08 Jul 2022 10:09:36 GMT
etag
"4e9d16d4891a5e370135a06bad021c1b"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 ade2b5e2170ccd4f394b741b27bb0eec.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
SjMc9bhRkAxsK1TlP0KqIZnsG-pErMdmO33ckSMxz3aEdsld-wemWw==
collect
www.google-analytics.com/j/
4 B
24 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1521452431&t=pageview&_s=1&dl=https%3A%2F%2Fthreatintelligenceplatform.com%2Freport%2Fcafe.thmredteam.com%2F2dBb5k711R&ul=en-us&de=UTF-8&dt=Website%20Analysis%20of%20cafe.thmredteam.com%20-%20Threat%20Intelligence%20Platform&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1465214988&gjid=1143661459&cid=450576537.1657479230&tid=UA-104654692-1&_gid=128992415.1657479230&_r=1&_slc=1&z=968183286
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://threatintelligenceplatform.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 10 Jul 2022 18:53:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://threatintelligenceplatform.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
449 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-104654692-1&cid=450576537.1657479230&jid=1465214988&gjid=1143661459&_gid=128992415.1657479230&_u=IEBAAEAAAAAAAC~&z=1701735147
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://threatintelligenceplatform.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 10 Jul 2022 18:53:50 GMT
content-type
text/plain
access-control-allow-origin
https://threatintelligenceplatform.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/
8 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,300,400,700&display=swap
Requested by
Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/css/master.css?id=a413a1a09142c478348f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1436f321981765943075690d17d8c0cf0a06584f82ff6c22085687e1413ebeea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligenceplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 10 Jul 2022 18:53:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 10 Jul 2022 18:53:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 10 Jul 2022 18:53:50 GMT
fontawesome-webfont.woff2
threatintelligenceplatform.com/fonts/vendor/font-awesome/
75 KB
76 KB
Font
General
Full URL
https://threatintelligenceplatform.com/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e
Requested by
Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/css/master.css?id=a413a1a09142c478348f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4cec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://threatintelligenceplatform.com/css/master.css?id=a413a1a09142c478348f
Origin
https://threatintelligenceplatform.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 18:53:51 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
last-modified
Fri, 10 Jul 2020 11:52:50 GMT
server
cloudflare
etag
"5f085692-12d68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7gbZ9T9SAWYME0G8fUO5YxHfPfQapmC88OfqNy%2Ff45iRoJgWl%2BdCnvcY0T1euGgLYAsA738FPRsZGy9j5e%2FDK1vtlbG1J4QTdNcVhHuq9e6zsobKWjdRmoGQbr%2BWJjubHYLyN02yhUGfn9RLf6i0yfBSRdw1lzhwXvsmauo%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
728b8127bd9e5b26-FRA
expires
Mon, 11 Jul 2022 06:53:51 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://threatintelligenceplatform.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 19:07:55 GMT
x-content-type-options
nosniff
age
517555
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Jul 2023 19:07:55 GMT
BG-header.jpg
threatintelligenceplatform.com/images/
9 KB
9 KB
Image
General
Full URL
https://threatintelligenceplatform.com/images/BG-header.jpg?1f4787a810697f48ffe10df556741a83
Requested by
Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/css/master.css?id=a413a1a09142c478348f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4cec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab6833ad59358ad200484ef36cd6faf7872538c390005c4eece109ef97b5f757
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligenceplatform.com/css/master.css?id=a413a1a09142c478348f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 18:53:51 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8941
last-modified
Fri, 10 Jul 2020 11:52:50 GMT
server
cloudflare
etag
"5f085692-22ed"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6wvwqYSO43aZxwmpnq3qwZ9CuOle0CjLEE5M1hZMXePQ2VcShniol%2BYIvfb%2Bpg55SlR3q2eDMQ8OOkWZp0o%2F2X%2FTCmGyGyYC%2BN%2BDmTniCaS%2BafjWe9kZvNI1v0O3U5mQFPCUdO39pFMXezvHS%2BdcqOABi8RkygdKY3Xiii0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
728b8127ddb15b26-FRA
expires
Mon, 11 Jul 2022 06:53:51 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/
366 KB
145 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://threatintelligenceplatform.com/
Origin
https://threatintelligenceplatform.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 13:51:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18140
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
148046
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 10 Jul 2023 13:51:30 GMT
KFOkCnqEu92Fr1MmgVxIIzI.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://threatintelligenceplatform.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 19:47:13 GMT
x-content-type-options
nosniff
age
515197
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15764
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Jul 2023 19:47:13 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://threatintelligenceplatform.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 08:45:42 GMT
x-content-type-options
nosniff
age
468488
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Jul 2023 08:45:42 GMT
2dBb5k711R
api.threatintelligenceplatform.com/api/reports/ Frame
0
0
Preflight
General
Full URL
https://api.threatintelligenceplatform.com/api/reports/2dBb5k711R
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f2d8:1:2d::10 , United States, ASN18450 (WEBNX, US),
Reverse DNS
Software
nginx / PHP/7.4.8
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://threatintelligenceplatform.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
OPTIONS, GET, POST, PUT, PATCH, DELETE
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sun, 10 Jul 2022 18:53:51 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
X-Powered-By
PHP/7.4.8
2dBb5k711R
api.threatintelligenceplatform.com/api/reports/
32 KB
8 KB
XHR
General
Full URL
https://api.threatintelligenceplatform.com/api/reports/2dBb5k711R
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f2d8:1:2d::10 , United States, ASN18450 (WEBNX, US),
Reverse DNS
Software
nginx / PHP/7.4.8
Resource Hash
3145f0592c04fac769cd4c2e41870746d0c161586377d3bf89edf0571c606501
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json
Referer
https://threatintelligenceplatform.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

Date
Sun, 10 Jul 2022 18:53:51 GMT
Content-Encoding
gzip
X-Powered-By
PHP/7.4.8
Transfer-Encoding
chunked
X-RateLimit-Remaining
179
Connection
keep-alive
Server
nginx
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Access-Control-Allow-Methods
OPTIONS, GET, POST, PUT, PATCH, DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private
Access-Control-Allow-Credentials
true
X-RateLimit-Limit
180
Access-Control-Allow-Headers
box-5e0db0f25ef573fe233efc0372d38d69.html
vars.hotjar.com/ Frame 0B0F
2 KB
1 KB
Document
General
Full URL
https://vars.hotjar.com/box-5e0db0f25ef573fe233efc0372d38d69.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-945748.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-28.fra60.r.cloudfront.net
Software
/
Resource Hash
897abc95dfdec58fb982dcb66bbc2c1773e69df30001bf925678464903bf9e53
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://threatintelligenceplatform.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
283363
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 07 Jul 2022 12:11:07 GMT
etag
"247bae6bc5dfc2c9bd258e7b3935cacc"
last-modified
Thu, 07 Jul 2022 12:11:03 GMT
strict-transport-security
max-age=86400; includeSubDomains
vary
Accept-Encoding
via
1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
x-amz-cf-id
r0Lm18R0qle-8tlcflmz9uN5KV1vFdeWZzh2oXeH5mxTXO0IaZ3L1w==
x-amz-cf-pop
FRA60-P4
x-cache
Hit from cloudfront
x-robots-tag
none
visit-data
in.hotjar.com/api/v2/client/sites/945748/
147 B
323 B
XHR
General
Full URL
https://in.hotjar.com/api/v2/client/sites/945748/visit-data?sv=6
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.e691815239005b70eaea.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.52.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-52-76.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d2e4914ae962acd061798de5379f9e74b461e90543002cf3f284d6a29dcd5f23

Request headers

Referer
https://threatintelligenceplatform.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Sun, 10 Jul 2022 18:53:51 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
anchor
www.google.com/recaptcha/api2/ Frame 022F
43 KB
22 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc7L2EUAAAAANVoe3FQqoC0RjmlZt1C-y634SCZ&co=aHR0cHM6Ly90aHJlYXRpbnRlbGxpZ2VuY2VwbGF0Zm9ybS5jb206NDQz&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&badge=bottomright&cb=113bvkewx6hz
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
057c1dc98606f4dfe28dd3d5c93d5d3a125e2c9c449c02ffc3c3e94b08c02d88
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NPyr8QpSo44T9dRUYMTEdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://threatintelligenceplatform.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22761
content-security-policy
script-src 'report-sample' 'nonce-NPyr8QpSo44T9dRUYMTEdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 10 Jul 2022 18:53:51 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 022F
51 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc7L2EUAAAAANVoe3FQqoC0RjmlZt1C-y634SCZ&co=aHR0cHM6Ly90aHJlYXRpbnRlbGxpZ2VuY2VwbGF0Zm9ybS5jb206NDQz&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&badge=bottomright&cb=113bvkewx6hz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 09 Jul 2022 20:55:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79126
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 09 Jul 2023 20:55:05 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 022F
366 KB
145 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc7L2EUAAAAANVoe3FQqoC0RjmlZt1C-y634SCZ&co=aHR0cHM6Ly90aHJlYXRpbnRlbGxpZ2VuY2VwbGF0Zm9ybS5jb206NDQz&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&badge=bottomright&cb=113bvkewx6hz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 13:51:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18141
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
148046
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 10 Jul 2023 13:51:30 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 022F
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 18:59:48 GMT
x-content-type-options
nosniff
age
431643
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 12 Jul 2022 18:59:48 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 022F
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc7L2EUAAAAANVoe3FQqoC0RjmlZt1C-y634SCZ&co=aHR0cHM6Ly90aHJlYXRpbnRlbGxpZ2VuY2VwbGF0Zm9ybS5jb206NDQz&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&badge=bottomright&cb=113bvkewx6hz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 17:06:41 GMT
x-content-type-options
nosniff
age
438430
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 05 Jul 2023 17:06:41 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 022F
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc7L2EUAAAAANVoe3FQqoC0RjmlZt1C-y634SCZ&co=aHR0cHM6Ly90aHJlYXRpbnRlbGxpZ2VuY2VwbGF0Zm9ybS5jb206NDQz&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&badge=bottomright&cb=113bvkewx6hz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 08:48:37 GMT
x-content-type-options
nosniff
age
468314
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Jul 2023 08:48:37 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 022F
102 B
132 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc7L2EUAAAAANVoe3FQqoC0RjmlZt1C-y634SCZ&co=aHR0cHM6Ly90aHJlYXRpbnRlbGxpZ2VuY2VwbGF0Zm9ybS5jb206NDQz&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&badge=bottomright&cb=113bvkewx6hz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
36bc338d4454d68ba19d0b4ad84e5b9bd5cc04d8f1f97d0a6481a8044b76fa95
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc7L2EUAAAAANVoe3FQqoC0RjmlZt1C-y634SCZ&co=aHR0cHM6Ly90aHJlYXRpbnRlbGxpZ2VuY2VwbGF0Zm9ybS5jb206NDQz&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&badge=bottomright&cb=113bvkewx6hz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 18:53:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110
x-xss-protection
1; mode=block
expires
Sun, 10 Jul 2022 18:53:51 GMT
bframe
www.google.com/recaptcha/api2/ Frame 6A0C
7 KB
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6Lc7L2EUAAAAANVoe3FQqoC0RjmlZt1C-y634SCZ
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ab58ac8c3c20203887367d34fdb71831a802826de0bb3775d25180b5eeda1c78
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yrBoFoX8zRDlUoKgouedzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://threatintelligenceplatform.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1111
content-security-policy
script-src 'report-sample' 'nonce-yrBoFoX8zRDlUoKgouedzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 10 Jul 2022 18:53:51 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 6A0C
51 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6Lc7L2EUAAAAANVoe3FQqoC0RjmlZt1C-y634SCZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 09 Jul 2022 20:55:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79126
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 09 Jul 2023 20:55:05 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 6A0C
366 KB
145 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6Lc7L2EUAAAAANVoe3FQqoC0RjmlZt1C-y634SCZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 13:51:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18141
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
148046
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 10 Jul 2023 13:51:30 GMT
2dBb5k711R
api.threatintelligenceplatform.com/api/reports/ Frame
0
0
Preflight
General
Full URL
https://api.threatintelligenceplatform.com/api/reports/2dBb5k711R
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f2d8:1:2d::10 , United States, ASN18450 (WEBNX, US),
Reverse DNS
Software
nginx / PHP/7.4.8
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://threatintelligenceplatform.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
OPTIONS, GET, POST, PUT, PATCH, DELETE
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sun, 10 Jul 2022 18:53:51 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
X-Powered-By
PHP/7.4.8
2dBb5k711R
api.threatintelligenceplatform.com/api/reports/
32 KB
8 KB
XHR
General
Full URL
https://api.threatintelligenceplatform.com/api/reports/2dBb5k711R
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f2d8:1:2d::10 , United States, ASN18450 (WEBNX, US),
Reverse DNS
Software
nginx / PHP/7.4.8
Resource Hash
3145f0592c04fac769cd4c2e41870746d0c161586377d3bf89edf0571c606501
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json
Referer
https://threatintelligenceplatform.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

Date
Sun, 10 Jul 2022 18:53:52 GMT
Content-Encoding
gzip
X-Powered-By
PHP/7.4.8
Transfer-Encoding
chunked
X-RateLimit-Remaining
178
Connection
keep-alive
Server
nginx
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Access-Control-Allow-Methods
OPTIONS, GET, POST, PUT, PATCH, DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private
Access-Control-Allow-Credentials
true
X-RateLimit-Limit
180
Access-Control-Allow-Headers
2dBb5k711R.png
api.threatintelligenceplatform.com/storage/screenshots/thumbnails/
36 KB
36 KB
Image
General
Full URL
https://api.threatintelligenceplatform.com/storage/screenshots/thumbnails/2dBb5k711R.png
Requested by
Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f2d8:1:2d::10 , United States, ASN18450 (WEBNX, US),
Reverse DNS
Software
nginx /
Resource Hash
0ce15bdcb924e3af75edcfece4f0079ec119363b1a9b617600a0aa38a8bdc927
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatintelligenceplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 18:53:52 GMT
Last-Modified
Sun, 10 Jul 2022 18:47:18 GMT
Server
nginx
ETag
"62cb1eb6-9052"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
36946
reload
www.google.com/recaptcha/api2/ Frame 6A0C
39 KB
23 KB
XHR
General
Full URL
https://www.google.com/recaptcha/api2/reload?k=6Lc7L2EUAAAAANVoe3FQqoC0RjmlZt1C-y634SCZ
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
69b25fa03f6a01c2c22d77ffbe8c0002367284e76cabd92119039867bebe8d73
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6Lc7L2EUAAAAANVoe3FQqoC0RjmlZt1C-y634SCZ
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Sun, 10 Jul 2022 18:53:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24000
x-xss-protection
1; mode=block
expires
Sun, 10 Jul 2022 18:53:51 GMT
refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 6A0C
600 B
624 B
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/refresh_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 08:44:59 GMT
x-content-type-options
nosniff
age
382132
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
600
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Wed, 13 Jul 2022 08:44:59 GMT
audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 6A0C
530 B
554 B
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/audio_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 05:44:53 GMT
x-content-type-options
nosniff
age
392938
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
530
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Wed, 13 Jul 2022 05:44:53 GMT
info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 6A0C
665 B
689 B
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/info_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 16:37:52 GMT
x-content-type-options
nosniff
age
440159
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
665
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 12 Jul 2022 16:37:52 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6A0C
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 17:06:41 GMT
x-content-type-options
nosniff
age
438430
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 05 Jul 2023 17:06:41 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6A0C
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 21:19:14 GMT
x-content-type-options
nosniff
age
509677
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15340
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:16 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 04 Jul 2023 21:19:14 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6A0C
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 08:48:37 GMT
x-content-type-options
nosniff
age
468314
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Jul 2023 08:48:37 GMT
payload
www.google.com/recaptcha/api2/ Frame 6A0C
25 KB
25 KB
Image
General
Full URL
https://www.google.com/recaptcha/api2/payload?p=06ANYolqsv7G8ReqpvGDOGCAjAy2X4TYURN2O0tilkosYYxS5aDVmbkdekT5Kq0CLewYzMIhYcOkgPCBBIe98GWuQlGfAZViZqn8vjx4p7u7EVd_CzlAwJjt1kBkbeBdEoS9ZxypDfusAvTeoG3ap3E19xlityn3maEBsBGkVnm6Pvg8xR5rQEWe--OiAGldIIRsxl9DbVjGm5uOunEABf0jhQpNxnrniD9Q&k=6Lc7L2EUAAAAANVoe3FQqoC0RjmlZt1C-y634SCZ
Requested by
Host: threatintelligenceplatform.com
URL: https://threatintelligenceplatform.com/report/cafe.thmredteam.com/2dBb5k711R
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01af7f4d4f6a9ca3ace962f863e94803f72417134614c304e94806c9279a800c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6Lc7L2EUAAAAANVoe3FQqoC0RjmlZt1C-y634SCZ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 18:53:52 GMT
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
private, max-age=30
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26039
x-xss-protection
1; mode=block
expires
Sun, 10 Jul 2022 18:53:52 GMT

Verdicts & Comments Add Verdict or Comment

152 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| GoogleAnalyticsObject function| ga string| _linkedin_partner_id object| _linkedin_data_partner_ids function| hj object| _hjSettings function| preloader string| USER_LOGGED_EMAIL number| USER_LOGGED function| fadeIn string| baseURL string| apiURL function| $ function| jQuery function| lintrk boolean| _already_called_lintrk object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| closeBlock function| _submitForm object| _captchaForm object| _captchaSubmit boolean| _execute function| _loadCaptcha object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client number| FREE_USER_REQUESTS string| viewLink function| showLoader function| hideLoader function| setReportGrade function| statusColor function| detailedStatus function| showDetailedStatus function| getLastReports function| stateNameField function| addTableUpdateInfo function| removeFromUrlStringProtocol function| goToAnchor function| incUserLocalStorage function| checkUserLocalStorage function| triedDemoReportLogSuccessfulCall object| AOS object| validator function| Swal function| Cookies function| doRequest function| freezeVp string| reportURL string| reportID object| data string| buildReportUrl object| keys object| sectionsName object| sectionsNameH object| sectionsOffsets boolean| nsOnce boolean| mxOnce boolean| whoisOnce boolean| browsingOnce boolean| scrapingOnce boolean| sslOnce boolean| ipOnce object| sectionsDetailedStatus object| sections number| fixedBarOffsetTop boolean| loadingNames boolean| afterComplete boolean| tabClick boolean| onceCall boolean| setScreenFlag string| mainDateFormat object| entityMap function| changeFavicon function| setMainProperties function| copyPermalink function| hasScrolledReport function| setStartSelector function| scrollToTop function| setReportNames function| getData function| escapeXSS object| breakedHeadersTest function| dataToHtml function| showIPDetails function| setReportsGrade function| colorFa function| move function| moveSelector function| moveSelectorMain function| scrollToSec function| detailedReportStatus function| detectURLs object| tipDocDict function| moment object| AmCharts object| Box2D function| Vector function| Vector_a2j_Number function| GeoPoint object| map boolean| buildedIPSection function| reportMapFunc function| ipDetailsHandler function| initMap function| closeAllIpsDetails function| checkExistParam function| getParamColumnPosition object| world object| images number| width number| height number| pixels2meters number| framesPerSecond function| b2Vec2 function| b2BodyDef function| b2Body function| b2FixtureDef function| b2World function| b2CircleShape object| bubbleBodyDef object| bubbleFixtureDef function| initBox2D function| updateBox2d number| updateSteps function| update number| directReport number| CACHED_REPORT string| CACHED_REPORT_RETRY_DATE object| recaptcha object| closure_lm_992276

20 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AFhocHow49h5RGntZde9jClFHU6riBUGgc3RaRAdQ442yr46d2aaNIuxDpJ2cZ_ZZEUiOYd8zEDOWeCQPjTcrMw
threatintelligenceplatform.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IkoxVmc1aXlYSWhwcThZWVdkVHpkcFE9PSIsInZhbHVlIjoiUjYzemprZ1wvcUVlTDRMM2hZVGNuTWpRR1hDQUlhNXYrRlZxU3R0K3JLNDMycGswTUtHWVJ5NnBYNXc3b0dLT0hcL1hEQUM5d20xQ1NKbHVPdE9Sa1RNdz09IiwibWFjIjoiZmZiNzM0YzQxMWMwZmFiN2Q3MjViMDE2NThiZjFjOGE5ZmYxZDY0ZTEwMmJlZmJmNjAwZWE4MDYwNzkzZjU0ZiJ9
threatintelligenceplatform.com/ Name: laravel_session
Value: eyJpdiI6IkpQdFV5aVNWdDgzT1hJZExvbEtEZlE9PSIsInZhbHVlIjoiV24xMFpacFZNNkFGWExIN3hBM2lQYUZvTG1PXC9wTzdnd3dhT0FmYUYxSU9VYzJmaFhaWWFnakVTbWd2REw3UndpNUFYWGdMOUJybnhnWGR0TzFCNlwvdz09IiwibWFjIjoiNDZmYmJkMGQ5NDgxYzE0NTI0YTYxYjdkYjJhZGEzNDM3YWJhMTA2ODRhYWZhNDU0MjdhZTMxOTRmODBiMmZjYSJ9
.threatintelligenceplatform.com/ Name: _ga
Value: GA1.2.450576537.1657479230
.threatintelligenceplatform.com/ Name: _gid
Value: GA1.2.128992415.1657479230
.threatintelligenceplatform.com/ Name: _gat
Value: 1
.linkedin.com/ Name: UserMatchHistory
Value: AQLpMP6qRLwPKQAAAYHpdfKkG4Fg6HAbO7xBs4MMp056Tij9h1gbeeSNkIXdQFP0h8F8lVWrD4g8jQ
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQIj7DDWrLgCSAAAAYHpdfKkoZf5W-qAGFi7zfExxG8KuoacB5-J4s0rXCaapAaKL4aLkHmuy3AvUbGTEI7F-g
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&6ad38ccd-7b88-41a3-8cb6-6b608818d542"
.linkedin.com/ Name: lidc
Value: "b=VGST04:s=V:r=V:a=V:p=V:g=2668:u=1:x=1:i=1657479230:t=1657565630:v=2:sig=AQGoMohdyjAHFyjBdy5Tej0Vgqcpw2E0"
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&20220710185350d09f8dca-0699-42f3-8ceb-de497f6020a9AQEJCR7ZADURwWzZH5zWQ6EMK_rXju7N"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NTc0NzkyMzA7MjswMjGZKFT6+Rc1ig8AvWR6ZTVQKeMBIn+p8ypaSN3lUUTfZw==
.threatintelligenceplatform.com/ Name: _hjSessionUser_945748
Value: eyJpZCI6ImYwZThmYjBjLWRkZDYtNTkzNC04NzQ4LWEwY2NmYzRmMWQ5ZSIsImNyZWF0ZWQiOjE2NTc0NzkyMjk5MDMsImV4aXN0aW5nIjpmYWxzZX0=
.threatintelligenceplatform.com/ Name: _hjFirstSeen
Value: 1
threatintelligenceplatform.com/ Name: _hjIncludedInSessionSample
Value: 0
.threatintelligenceplatform.com/ Name: _hjSession_945748
Value: eyJpZCI6IjM2ZWUyNmRhLTNmZjMtNGVmNy1iZTM2LTFjM2JhZTQxYjc4OSIsImNyZWF0ZWQiOjE2NTc0NzkyMzA5MDUsImluU2FtcGxlIjpmYWxzZX0=
threatintelligenceplatform.com/ Name: _hjIncludedInPageviewSample
Value: 1
.threatintelligenceplatform.com/ Name: _hjAbsoluteSessionInProgress
Value: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.threatintelligenceplatform.com
cdn.polyfill.io
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
in.hotjar.com
partner.domaining.com
px.ads.linkedin.com
px4.ads.linkedin.com
script.hotjar.com
secure.perk0mean.com
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
threatintelligenceplatform.com
vars.hotjar.com
www.amcharts.com
www.google-analytics.com
www.google.com
www.gstatic.com
www.linkedin.com
13.107.43.14
18.66.139.28
18.66.97.49
207.21.195.85
2606:4700:20::ac43:498a
2606:4700:3037::6815:4cec
2606:4700::6811:180e
2607:f2d8:1:2d::10
2620:1ec:21::14
2a00:1450:4001:800::2004
2a00:1450:4001:802::200e
2a00:1450:4001:808::2003
2a00:1450:4001:810::2003
2a00:1450:4001:827::200a
2a00:1450:400c:c07::9a
2a02:26f0:3500:16::215:14a0
2a04:4e42:600::282
34.253.52.76
51.11.20.152
52.222.236.74
01af7f4d4f6a9ca3ace962f863e94803f72417134614c304e94806c9279a800c
01ea09ab3189de1ac9a5cbd0d9b0c52b3611c6590a44e1a56ef3446b2cd058d1
0565aeb9d15b05a3874a3d1f0fe1e366d8849f8e4f40d97e03312b279c026368
057c1dc98606f4dfe28dd3d5c93d5d3a125e2c9c449c02ffc3c3e94b08c02d88
0ce15bdcb924e3af75edcfece4f0079ec119363b1a9b617600a0aa38a8bdc927
0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062
0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18
1436f321981765943075690d17d8c0cf0a06584f82ff6c22085687e1413ebeea
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
161c240927acb1f66059684b5feb7c0e9fe17823a32f39a65cc575aacaae8df2
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
26494360e0db8345fef2c3e22a47055116f9cfb46f94d308684dd1036cfdeefc
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2f74b7103124df51dc2c0e42e93da8bc7bce703f34f9f82a6820edd81022f76a
3145f0592c04fac769cd4c2e41870746d0c161586377d3bf89edf0571c606501
36bc338d4454d68ba19d0b4ad84e5b9bd5cc04d8f1f97d0a6481a8044b76fa95
3db43f8a04b047a3caca8c25050a54430e5f4585578bff1aed799dc204342421
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
435ae8444a367b665eed3cc861df87c2e5f6f052e23d53429e77ad37787062b3
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
48a6dded4a64ff0e72e3baacebbaeca18c40f551f6e5a1da72eb1a1cdb724aea
54b4524117451e8161933c836e19316b852150b1ac9658bf3a4ba8d2465ec33f
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
57f0421ad8d70e1ec4ab2c3792d7b639374cc5bc4beaf4981c0213064ecb206b
587d5b6cc16da92c63cc4b1417933d7306a0ceca05f96e4b0b51831ed9557a16
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5cd2a78107b2738610e334c7e34591cd5f6de12234c3f9f593af742be90e6c70
60cbe25dd5209cee8011a8c943bb631fb1fa7aa341d49e0a5a06f5b2b9568bbb
69b25fa03f6a01c2c22d77ffbe8c0002367284e76cabd92119039867bebe8d73
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
897abc95dfdec58fb982dcb66bbc2c1773e69df30001bf925678464903bf9e53
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8cd8557cab82a8cb91fdd1c09128abb8ea8dd8e165fa219172e8b51e19968e04
954742bbab65aeb2a038c3ccb0d172b0557a55e29d72413dca8371f3da494bd5
97c0275154f9f590f2929dc0757ef165978ff91b183a5364742e334daa20163e
9f974f24bfea7419a4f344b576cd09ac5216cf47943567156b4fc5abbf7cfa1f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ab58ac8c3c20203887367d34fdb71831a802826de0bb3775d25180b5eeda1c78
ab6833ad59358ad200484ef36cd6faf7872538c390005c4eece109ef97b5f757
ad2232efa69545f574c2115a4a0bae168c0b2f76e636e6fcc268ecbad1efeb39
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
bb619ed51448a1da3305a765bd0f03477bca62295de9603b7c4f707f86b48101
c59e2c9acbe644d42aadd5a72e6685fd6e61a7356d0d6ec86075953c3767d1e8
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
c97d6bb083b62dd413da172b6228429093b33c09ede602d64db7274636ac36d8
cac182f1490f132f547795d10ebfc286ef9197972b2b3b43e3c59c48609e7d35
cae7bac7f1593451b941d21a66cd560612bf29a1678be4019d5d579cfd4994d2
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
d2e4914ae962acd061798de5379f9e74b461e90543002cf3f284d6a29dcd5f23
d5e0e4053fc3240ff75262838e03e91de472821e9a4e42f3354d37b1627bfce6
dc1492bec185fef025f5c6f71f0f6e94a3b617c8ac8c3c2f43e093fc2b6cccb9
dd8a4362e18759915e1bfce06fd0666f9f8fc17b60e7737963a4194e3a3b58b2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f366bf5f7449cd7796897f1374d02063ea752ae974e7801fa56e3ec981eef19b
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
ffc75d0151232d7702d70e1a72854de57a69df4f0099e61abaf6bfc2cde8f121