Summary
A Concise Overview of the scan result of url https://haveibeenpwned.com/
- Document
- HTML
- 4
- StyleSheets
- 3
- Scripts
- 9
- Font
- 0
- Images
- 21
- Links
- 9
- JavaScript Variables
- 48
- Console log messages
- 0
- Network
- Requests
- 46
- Bytes Transferred
- 579.78KB
- Bytes Total
- 1.46MB
- DNS Record
- A Record
- 2
- AAAA Record
- 2
- Technology
- UI frameworks
- 1
- Payment processors
- 1
- Documentation
- 1
- Issue trackers
- 1
- Live chat
- 1
- 2
- Security
- 3
- JavaScript libraries
- 1
- Analytics
- 1
- CDN
- 2
Document
Links
The outgoing links identified from the page.
| Link | Text |
|---|---|
| https://twitter.com/haveibeenpwned | |
| https://www.facebook.com/haveibeenpwned/ | |
| https://infosec.exchange/@haveibeenpwned | Mastodon |
| https://haveibeenpwned.uservoice.com/ | Suggest a feature |
| http://feeds.feedburner.com/HaveIBeenPwnedLatestBreaches | Breaches |
| https://1password.com/haveibeenpwned/ | Step 2 Enable 2 factor authentication and store the codes inside your 1Password account. |
| https://1password.com/haveibeenpwned | 1Password password manager |
| https://www.facebook.com/haveibeenpwned | |
| https://www.troyhunt.com/contact/ |
JavaScript Variables
Global JavaScript variables are variables that are defined outside of any function or block scope in JavaScript.
0string1string2string3stringonbeforetogglestringonscrollendstringGoogleAnalyticsObjectstringgastringappInsightsstring$stringjQuerystringIsEmailValidstringIsValidPasswordstringAccountIsDomainSearchstringAccountIsValidstringgetIEVersionOrFalsestringformatDatestringnumberWithCommasstringsetCookiestringgetCookiestringhtmlEncodestringhtmlDecodestringturnstileCompletedstringsearchstringgetPwnagestringshowFailurestringshowPwnageDetailsstringincrementSearchResultsstringshowBreachstringhideKeyboardstringgoogle_tag_datastringgapluginsstringgaGlobalstringgaDatastringturnstilestringAIstringMicrosoftstring__extendsstring_endsWithstring___grecaptcha_cfgstringgrecaptchastring__recaptcha_apistring__google_recaptcha_clientstringdataLayerstringrecaptchastringclosure_lm_472353stringgoogle_tag_managerstringonYouTubeIframeAPIReadystring
Technology
The technologies identified are present on the scanned URL.
| Name | Description | Detected patterns |
|---|---|---|
| Documentation | ||
Zendesk | Zendesk is a cloud-based help desk management solution offering customizable tools to build customer service portal, knowledge base and online communities. | Type: dns Regex: mail\.zendesk\.com |
| Analytics | ||
Google Analytics | Google Analytics is a free web analytics service that tracks and reports website traffic. | Type: scriptSrc Regex: google-analytics\.com\/(?:ga|urchin|analytics)\.js |
| Issue trackers | ||
Zendesk | Zendesk is a cloud-based help desk management solution offering customizable tools to build customer service portal, knowledge base and online communities. | Type: dns Regex: mail\.zendesk\.com |
| Security | ||
reCAPTCHA | reCAPTCHA is a free service from Google that helps protect websites from spam and abuse. | Type: scriptSrc Regex: \/recaptcha\/(?:api|enterprise)\.js |
Keybase | Keybase is for keeping everyone's chats and files safe, from families to communities to companies. MacOS, Windows, Linux, iPhone, and Android. | Type: dns Regex: keybase-site-verification |
| HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS. | Type: headers Name: strict-transport-security Regex: (?:) | |
| CDN | ||
cdnjs | cdnjs is a free distributed JS library delivery service. | Type: scriptSrc Regex: cdnjs\.cloudflare\.com |
Cloudflare | Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services. | Dependent on cdnjs |
| Payment processors | ||
PayPal | PayPal is an online payments system that supports online money transfers and serves as an electronic alternative to traditional paper methods like checks and money orders. | Type: headers Name: content-security-policy Regex: \.paypal\.com |
| Live chat | ||
Zendesk | Zendesk is a cloud-based help desk management solution offering customizable tools to build customer service portal, knowledge base and online communities. | Type: dns Regex: mail\.zendesk\.com |
| JavaScript libraries | ||
jQuery | jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax. | Type: scriptSrc Regex: jquery |
| UI frameworks | ||
Bootstrap | Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components. | Type: html Regex: <link[^>]{0,250} href=[^>]{0,250}?bootstrap(?:[^>]{0,250}?([0-9a-fA-F]{7,40}|[\d]{1,250}(?:.[\d]{1,250}(?:.[\d]{1,250})?)?)|)[^>-]{0,250}?(?:\.min)?\.css |
Sendgrid | SendGrid is a cloud-based email delivery platform for transactional and marketing emails. | Type: dns Regex: sendgrid\.net |
Mailgun | Mailgun is a transactional email API service for developers. | Type: dns Regex: mailgun\.org |
Performance
The speed and efficiency of the scanned URL loads and displays its content.
- dns
- 1 msGood
- tcp
- 37 msGood
- requestTime
- 41 msGood
- dom
- 1270 msPoor
DNS Record
A DNS record maps a domain name to an IP address or other resource information.
| Type | Name | Content | DNSSEC |
|---|---|---|---|
| A | haveibeenpwned.com | 104.16.124.33 | yes |
| A | haveibeenpwned.com | 104.16.123.33 | yes |
| AAAA | haveibeenpwned.com | 2606:4700::6810:7b21 | yes |
| AAAA | haveibeenpwned.com | 2606:4700::6810:7c21 | yes |
SSL Certificate
An SSL certificate is a digital certificate that verifies the authenticity and encrypts the communication between a website and its visitors.
| Subject | Issue date | Expiry date | Valid |
|---|---|---|---|
haveibeenpwned.com E1 | 5/8/2024 | 8/6/2024 | 2 months 29 days |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 | 7/3/2023 | 7/2/2024 | 1 year |
logos.haveibeenpwned.com Cloudflare Inc ECC CA-3 | 9/22/2023 | 9/20/2024 | 12 months 4 days |
www.google.com GTS CA 1C3 | 4/16/2024 | 7/9/2024 | 2 months 23 days |
*.google-analytics.com GTS CA 1C3 | 4/16/2024 | 7/9/2024 | 2 months 23 days |
*.vo.msecnd.net DigiCert SHA2 Secure Server CA | 1/30/2024 | 1/30/2025 | 1 year 1 day |
*.gstatic.com GTS CA 1C3 | 4/16/2024 | 7/9/2024 | 2 months 23 days |
challenges.cloudflare.com Cloudflare Inc ECC CA-3 | 8/18/2023 | 8/17/2024 | 1 year |
*.g.doubleclick.net GTS CA 1C3 | 5/6/2024 | 7/29/2024 | 2 months 23 days |
report-uri.com E1 | 3/25/2024 | 6/23/2024 | 2 months 29 days |
prod.ai.ingestion.msftcloudes.com Microsoft Azure RSA TLS Issuing CA 04 | 4/10/2024 | 4/5/2025 | 12 months |
HTTP Headers
HTTP Header
An HTTP header is a component of an HTTP request or response that contains additional information about the message being sent or received.
| Name | Value |
|---|---|
| access-control-expose-headers | Request-Context |
| age | 952 |
| cache-control | public, max-age=3590 |
| cf-cache-status | HIT |
| cf-ray | 884e0b2b3d9069fd-MAD |
| content-encoding | br |
| content-security-policy | default-src 'none';script-src 'self' 'nonce-KQkQpJlsEsXvN5dUzm+n' www.google-analytics.com www.google.com www.gstatic.com cdnjs.cloudflare.com az416426.vo.msecnd.net ajax.cloudflare.com challenges.cloudflare.com;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com;img-src 'self' www.google-analytics.com stats.g.doubleclick.net www.gstatic.com logos.haveibeenpwned.com;font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com;connect-src 'self' api.pwnedpasswords.com www.google-analytics.com stats.g.doubleclick.net dc.services.visualstudio.com;base-uri 'self';child-src www.google.com challenges.cloudflare.com;form-action 'self' accounts.google.com www.paypal.com billing.stripe.com checkout.stripe.com billing.haveibeenpwned.com;frame-ancestors 'none';worker-src 'self';upgrade-insecure-requests;report-uri https://troyhunt.report-uri.com/r/d/csp/enforce |
| content-type | text/html; charset=utf-8 |
| date | Thu, 16 May 2024 20:16:06 GMT |
| expires | Thu, 16 May 2024 21:00:04 GMT |
| last-modified | Thu, 16 May 2024 20:00:04 GMT |
| referrer-policy | strict-origin-when-cross-origin |
| request-context | appId=cid-v1:3665810e-aab5-4aa5-90b9-f46c41b757ec |
| server | cloudflare |
| strict-transport-security | max-age=31536000; includeSubDomains; preload |
| vary | *, Accept-Encoding |
| x-content-type-options | nosniff |
| x-frame-options | DENY |
| x-xss-protection | 1; mode=block |
Content Security Policy
Content Security Policy (CSP) is a security mechanism that helps prevent cross-site scripting (XSS) and other code injection attacks by specifying which content sources are allowed to be loaded on a web page.
| Name | Value |
|---|---|
| default-src | 'none';script-src'self''nonce-KQkQpJlsEsXvN5dUzm+n'www.google-analytics.comwww.google.comwww.gstatic.comcdnjs.cloudflare.comaz416426.vo.msecnd.netajax.cloudflare.comchallenges.cloudflare.com;style-src'self''unsafe-inline'cdnjs.cloudflare.com;img-src'self'www.google-analytics.comstats.g.doubleclick.netwww.gstatic.comlogos.haveibeenpwned.com;font-src'self'cdnjs.cloudflare.comfonts.gstatic.com;connect-src'self'api.pwnedpasswords.comwww.google-analytics.comstats.g.doubleclick.netdc.services.visualstudio.com;base-uri'self';child-srcwww.google.comchallenges.cloudflare.com;form-action'self'accounts.google.comwww.paypal.combilling.stripe.comcheckout.stripe.combilling.haveibeenpwned.com;frame-ancestors'none';worker-src'self';upgrade-insecure-requests;report-urihttps://troyhunt.report-uri.com/r/d/csp/enforc |
Cookies
Cookies are small pieces of data stored on a user's web browser to track and remember information about their browsing activity on a website.
| Name | Value | Domain/Path | Expires | Secure | HTTP Only |
|---|---|---|---|---|---|
| __cf_bm | ft48rbEt3O_JzkyioJ1myZKmNePakdXzLaoT_X4l_2c-1715890566-1.0.1.1-NqM9dXVUXi7jCa9gfBTXToiUMaJ1EeOUPc8nN3nhoH1urF0NyCrLtF5IlxjkAWC4f6S2Tn52o.5IgAgtC9sShA | .haveibeenpwned.com/ | 5/16/2024, 8:46:06 PM | yes | yes |
| _ga | GA1.2.1978528447.1715890567 | .haveibeenpwned.com/ | 6/20/2025, 8:16:07 PM | no | no |
| _gid | GA1.2.2118337850.1715890567 | .haveibeenpwned.com/ | 5/17/2024, 8:16:07 PM | no | no |
| _gat | 1 | .haveibeenpwned.com/ | 5/16/2024, 8:17:07 PM | no | no |
| ai_user | 8SdQV|2024-05-16T20:16:07.472Z | haveibeenpwned.com/ | 5/16/2025, 8:16:07 PM | yes | no |
| ai_session | l5Nf4|1715890567871.3|1715890567871.3 | haveibeenpwned.com/ | 5/16/2024, 8:46:07 PM | yes | no |
| _ga_B895JNTH7Z | GS1.2.1715890568.1.0.1715890568.0.0.0 | .haveibeenpwned.com/ | 6/20/2025, 8:16:08 PM | no | no |
| _ga_MH977CGYFX | GS1.2.1715890568.1.0.1715890568.0.0.0 | .haveibeenpwned.com/ | 6/20/2025, 8:16:08 PM | no | no |