onboarding.online.icu Open in urlscan Pro
136.243.14.124 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://onboarding.online.icu/uk/login
Submission: On July 26 via manual (July 26th 2024, 6:50:48 pm UTC) from UA — Scanned from CA

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 18 HTTP transactions. The main IP is 136.243.14.124, located in Berlin, Germany and belongs to HETZNER-AS, DE. The main domain is onboarding.online.icu.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 8th 2024. Valid for: a year.

This is the only time onboarding.online.icu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	136.243.14.124 136.243.14.124	24940 (HETZNER-AS) (HETZNER-AS)
1	2607:f8b0:400... 2607:f8b0:4004:c19::5f	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c17::5e	15169 (GOOGLE) (GOOGLE)
18	3

13 136.243.14.124 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: trade.online.icu

onboarding.online.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onboardingapi.online.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c19::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c17::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	online.icu onboarding.online.icu onboardingapi.online.icu	2 MB
4	gstatic.com fonts.gstatic.com	51 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	1 KB
18	3

	Domain	Requested by
12	onboarding.online.icu	onboarding.online.icu
4	fonts.gstatic.com	fonts.googleapis.com
1	onboardingapi.online.icu	onboarding.online.icu
1	fonts.googleapis.com	onboarding.online.icu
18	4

This site contains no links.

Subject Issuer	Validity	Valid
onboarding.online.icu Sectigo RSA Domain Validation Secure Server CA	`2024-05-08` - `2025-06-08`	a year	crt.sh
upload.video.google.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
onboardingapi.online.icu Sectigo RSA Domain Validation Secure Server CA	`2024-05-16` - `2025-06-09`	a year	crt.sh
*.gstatic.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://onboarding.online.icu/uk/login
Frame ID: D09D6B16F285F4C5CD34753F90C19632
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ICU

Page Statistics

18
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

2478 kB
Transfer

2473 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request login Show response
onboarding.online.icu/uk/ 887 B
777 B 429ms
120ms Document
text/html 136.243.14.124
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://onboarding.online.icu/uk/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.243.14.124 Berlin, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

trade.online.icu

Software

nginx/1.20.1 /

Resource Hash

a3201515025e2ad6c998eb76ddeb2200b768ad3ca211aae2f1cd22b79e446968

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-security-policy-report-only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
content-type: text/html; charset=utf-8
date: Fri, 26 Jul 2024 18:50:43 GMT
etag: W/"66954880-377"
last-modified: Mon, 15 Jul 2024 16:04:16 GMT
server: nginx/1.20.1
strict-transport-security: max-age=31536000;

GET
H2 200 app.35e7aea5.js Show response
onboarding.online.icu/ 481 KB
482 KB 457ms
456ms Script
application/javascript 136.243.14.124
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://onboarding.online.icu/app.35e7aea5.js

Requested by

Host: onboarding.online.icu
URL: https://onboarding.online.icu/uk/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.243.14.124 Berlin, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

trade.online.icu

Software

nginx/1.20.1 /

Resource Hash

46e2afda32a9495ae1acb5310e92e3ade60b98d987a24391d2fe5fc0c72d6cfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://onboarding.online.icu/uk/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 18:50:43 GMT
strict-transport-security: max-age=31536000;
last-modified: Mon, 15 Jul 2024 16:04:16 GMT
server: nginx/1.20.1
etag: "66954880-78390"
content-security-policy-report-only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
content-type: application/javascript; charset=utf-8
accept-ranges: bytes
content-length: 492432

GET
H2 200 app.64427d50.css
onboarding.online.icu/css/ 128 KB
129 KB 229ms
228ms Stylesheet
text/css 136.243.14.124
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://onboarding.online.icu/css/app.64427d50.css

Requested by

Host: onboarding.online.icu
URL: https://onboarding.online.icu/uk/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.243.14.124 Berlin, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

trade.online.icu

Software

nginx/1.20.1 /

Resource Hash

b6bf85db54458ecf19dea5d40a29234d4b15f452d59b890c6ffd2e69654401ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://onboarding.online.icu/uk/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 18:50:43 GMT
strict-transport-security: max-age=31536000;
last-modified: Mon, 15 Jul 2024 16:04:16 GMT
server: nginx/1.20.1
etag: "66954880-1ff98"
content-security-policy-report-only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
content-type: text/css
accept-ranges: bytes
content-length: 130968

GET
H2 200 chunk-vendors.9a45f7e7.css
onboarding.online.icu/css/ 22 KB
23 KB 455ms
454ms Stylesheet
text/css 136.243.14.124
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://onboarding.online.icu/css/chunk-vendors.9a45f7e7.css

Requested by

Host: onboarding.online.icu
URL: https://onboarding.online.icu/uk/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.243.14.124 Berlin, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

trade.online.icu

Software

nginx/1.20.1 /

Resource Hash

3c9bbfa3e66d95c5060a2c5bdd812820fdf5987b799e34ea72f5baadf5a2af2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://onboarding.online.icu/uk/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 18:50:43 GMT
strict-transport-security: max-age=31536000;
last-modified: Mon, 15 Jul 2024 16:04:16 GMT
server: nginx/1.20.1
etag: "66954880-5959"
content-security-policy-report-only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
content-type: text/css
accept-ranges: bytes
content-length: 22873

GET
H2 200 chunk-vendors.dced2ba3.js Show response
onboarding.online.icu/js/ 1 MB
1 MB 456ms
455ms Script
application/javascript 136.243.14.124
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://onboarding.online.icu/js/chunk-vendors.dced2ba3.js

Requested by

Host: onboarding.online.icu
URL: https://onboarding.online.icu/uk/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.243.14.124 Berlin, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

trade.online.icu

Software

nginx/1.20.1 /

Resource Hash

61c029762f146c98775cec753aef3b35a757f9272b861524a80e595c7e30c255

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://onboarding.online.icu/uk/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 18:50:43 GMT
strict-transport-security: max-age=31536000;
last-modified: Mon, 15 Jul 2024 16:04:16 GMT
server: nginx/1.20.1
etag: "66954880-139e50"
content-security-policy-report-only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
content-type: application/javascript; charset=utf-8
accept-ranges: bytes
content-length: 1285712

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 121ms
49ms Stylesheet
text/css 2607:f8b0:4004:c19::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Requested by

Host: onboarding.online.icu
URL: https://onboarding.online.icu/css/app.64427d50.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

31d196afc7bf97b61be0a9881f623b3b8a7b56d4b0c08c6b78c37ce92d7827b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://onboarding.online.icu/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 26 Jul 2024 18:50:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 26 Jul 2024 18:12:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 Jul 2024 18:50:44 GMT

POST
H2 200 / Show response
onboardingapi.online.icu/api/v2/auth/userinfo/ 27 B
616 B 566ms
263ms XHR
application/json 136.243.14.124
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://onboardingapi.online.icu/api/v2/auth/userinfo/

Requested by

Host: onboarding.online.icu
URL: https://onboarding.online.icu/js/chunk-vendors.dced2ba3.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.243.14.124 Berlin, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

trade.online.icu

Software

nginx/1.20.1 /

Resource Hash

c952822e9f9a295ec7bae0cb0d130a8f43719f67acea19a8f21910cc2134d7ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://onboarding.online.icu/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary8KV7YByoNd6sxd4X

Response headers

date: Fri, 26 Jul 2024 18:50:44 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
referrer-policy: same-origin
server: nginx/1.20.1
cross-origin-opener-policy: same-origin
x-frame-options: DENY
vary: Accept, Accept-Language, Cookie, origin
content-language: en
allow: GET, POST, HEAD, OPTIONS
access-control-allow-origin: https://onboarding.online.icu
content-type: application/json
content-security-policy-report-only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
access-control-allow-credentials: true
content-length: 27

GET
H2 200 favicon.ico
onboarding.online.icu/ 1 KB
1 KB 123ms
122ms Other
image/x-icon 136.243.14.124
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://onboarding.online.icu/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.243.14.124 Berlin, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

trade.online.icu

Software

nginx/1.20.1 /

Resource Hash

06adc240424fab9a8e2420ff5fef17be89295530d837772166eae7a5509a6079

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://onboarding.online.icu/uk/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 18:50:44 GMT
strict-transport-security: max-age=31536000;
last-modified: Mon, 15 Jul 2024 16:04:16 GMT
server: nginx/1.20.1
etag: "66954880-47c"
content-security-policy-report-only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
content-type: image/x-icon
accept-ranges: bytes
content-length: 1148

GET
H2 200 logo.51431ab5.svg
onboarding.online.icu/img/ 3 KB
3 KB 125ms
125ms Image
image/svg+xml 136.243.14.124
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onboarding.online.icu/img/logo.51431ab5.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.243.14.124 Berlin, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

trade.online.icu

Software

nginx/1.20.1 /

Resource Hash

304bccce61dbb3a7eb9af8c6c6f3a14c6bd824ced6aafbeb269881d8c9f371e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://onboarding.online.icu/uk/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 18:50:45 GMT
strict-transport-security: max-age=31536000;
last-modified: Mon, 15 Jul 2024 16:04:16 GMT
server: nginx/1.20.1
etag: "66954880-c48"
content-security-policy-report-only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
content-type: image/svg+xml
accept-ranges: bytes
content-length: 3144

GET
H2 200 flag_ua.e8e24308.svg
onboarding.online.icu/img/ 3 KB
3 KB 135ms
133ms Image
image/svg+xml 136.243.14.124
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onboarding.online.icu/img/flag_ua.e8e24308.svg

Requested by

Host: onboarding.online.icu
URL: https://onboarding.online.icu/css/app.64427d50.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.243.14.124 Berlin, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

trade.online.icu

Software

nginx/1.20.1 /

Resource Hash

e0028263cc720f592bac4dc8395da1205e0812495363375a140cccdf906c276a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://onboarding.online.icu/css/app.64427d50.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 18:50:45 GMT
strict-transport-security: max-age=31536000;
last-modified: Mon, 15 Jul 2024 16:04:16 GMT
server: nginx/1.20.1
etag: "66954880-a87"
content-security-policy-report-only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
content-type: image/svg+xml
accept-ranges: bytes
content-length: 2695

GET
H2 200 flag_uk.6d12b048.svg
onboarding.online.icu/img/ 106 KB
107 KB 133ms
132ms Image
image/svg+xml 136.243.14.124
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onboarding.online.icu/img/flag_uk.6d12b048.svg

Requested by

Host: onboarding.online.icu
URL: https://onboarding.online.icu/css/app.64427d50.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.243.14.124 Berlin, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

trade.online.icu

Software

nginx/1.20.1 /

Resource Hash

e807d8e8488890db9e462bb449e7caa448861c236004c4acd0f44877979119a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://onboarding.online.icu/css/app.64427d50.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 18:50:45 GMT
strict-transport-security: max-age=31536000;
last-modified: Mon, 15 Jul 2024 16:04:16 GMT
server: nginx/1.20.1
etag: "66954880-1a85b"
content-security-policy-report-only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
content-type: image/svg+xml
accept-ranges: bytes
content-length: 108635

GET
H2 200 flag.32ae74ec.png
onboarding.online.icu/img/ 332 KB
333 KB 122ms
120ms Image
image/png 136.243.14.124
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onboarding.online.icu/img/flag.32ae74ec.png

Requested by

Host: onboarding.online.icu
URL: https://onboarding.online.icu/css/app.64427d50.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.243.14.124 Berlin, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

trade.online.icu

Software

nginx/1.20.1 /

Resource Hash

5ded27f7cbce3200df863dda4f766e6e75384b7212da9ba5482aebfcd690f004

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://onboarding.online.icu/css/app.64427d50.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 18:50:45 GMT
strict-transport-security: max-age=31536000;
last-modified: Mon, 15 Jul 2024 16:04:16 GMT
server: nginx/1.20.1
etag: "66954880-52fd5"
content-security-policy-report-only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
content-type: image/png
accept-ranges: bytes
content-length: 339925

GET
H2 200 main-bg.4bdc8ea3.jpg
onboarding.online.icu/img/ 83 KB
83 KB 135ms
134ms Image
image/jpeg 136.243.14.124
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onboarding.online.icu/img/main-bg.4bdc8ea3.jpg

Requested by

Host: onboarding.online.icu
URL: https://onboarding.online.icu/css/app.64427d50.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.243.14.124 Berlin, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

trade.online.icu

Software

nginx/1.20.1 /

Resource Hash

c3ced8ef94e4e6aea4b10a433d2a7ed59330739d787d3997c377d794bcf065b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://onboarding.online.icu/css/app.64427d50.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 18:50:45 GMT
strict-transport-security: max-age=31536000;
last-modified: Mon, 15 Jul 2024 16:04:16 GMT
server: nginx/1.20.1
etag: "66954880-14a4b"
content-security-policy-report-only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
content-type: image/jpeg
accept-ranges: bytes
content-length: 84555

GET
H2 200 pc-visible.20ef4e32.svg
onboarding.online.icu/img/ 1 KB
2 KB 235ms
234ms Image
image/svg+xml 136.243.14.124
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onboarding.online.icu/img/pc-visible.20ef4e32.svg

Requested by

Host: onboarding.online.icu
URL: https://onboarding.online.icu/css/app.64427d50.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.243.14.124 Berlin, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

trade.online.icu

Software

nginx/1.20.1 /

Resource Hash

b26c43a5cf1b07c87f2bf3bf992edbcd199bd84b4af629622ddd57a27a00d9fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://onboarding.online.icu/css/app.64427d50.css
Origin: https://onboarding.online.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 18:50:45 GMT
strict-transport-security: max-age=31536000;
last-modified: Mon, 15 Jul 2024 16:04:16 GMT
server: nginx/1.20.1
etag: "66954880-5ff"
content-security-policy-report-only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
content-type: image/svg+xml
access-control-allow-origin: https://onboarding.online.icu
accept-ranges: bytes
content-length: 1535

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
10 KB 144ms
76ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://onboarding.online.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 20 Jul 2024 11:24:51 GMT
x-content-type-options: nosniff
age: 545154
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Jul 2025 11:24:51 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 134ms
66ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://onboarding.online.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 20 Jul 2024 08:55:55 GMT
x-content-type-options: nosniff
age: 554090
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Jul 2025 08:55:55 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 100ms
33ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://onboarding.online.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 20 Jul 2024 10:36:08 GMT
x-content-type-options: nosniff
age: 548077
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Jul 2025 10:36:08 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
10 KB 108ms
41ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://onboarding.online.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 10:37:24 GMT
x-content-type-options: nosniff
age: 461601
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Jul 2025 10:37:24 GMT

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackJsonp object| regeneratorRuntime function| IMask function| _

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.onboardingapi.online.icu/	1969-12-31 23:59:59	Name: django_language Value: uk

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://onboarding.online.icu/uk/login Message: [DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
onboarding.online.icu
onboardingapi.online.icu
136.243.14.124
2607:f8b0:4004:c17::5e
2607:f8b0:4004:c19::5f
06adc240424fab9a8e2420ff5fef17be89295530d837772166eae7a5509a6079
304bccce61dbb3a7eb9af8c6c6f3a14c6bd824ced6aafbeb269881d8c9f371e2
31d196afc7bf97b61be0a9881f623b3b8a7b56d4b0c08c6b78c37ce92d7827b2
3c9bbfa3e66d95c5060a2c5bdd812820fdf5987b799e34ea72f5baadf5a2af2a
46e2afda32a9495ae1acb5310e92e3ade60b98d987a24391d2fe5fc0c72d6cfe
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
5ded27f7cbce3200df863dda4f766e6e75384b7212da9ba5482aebfcd690f004
61c029762f146c98775cec753aef3b35a757f9272b861524a80e595c7e30c255
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
a3201515025e2ad6c998eb76ddeb2200b768ad3ca211aae2f1cd22b79e446968
b26c43a5cf1b07c87f2bf3bf992edbcd199bd84b4af629622ddd57a27a00d9fb
b6bf85db54458ecf19dea5d40a29234d4b15f452d59b890c6ffd2e69654401ca
c3ced8ef94e4e6aea4b10a433d2a7ed59330739d787d3997c377d794bcf065b6
c952822e9f9a295ec7bae0cb0d130a8f43719f67acea19a8f21910cc2134d7ef
e0028263cc720f592bac4dc8395da1205e0812495363375a140cccdf906c276a
e807d8e8488890db9e462bb449e7caa448861c236004c4acd0f44877979119a7
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

onboarding.online.icu Open in urlscan Pro 136.243.14.124 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

18 Requests

100 %HTTPS

67 %IPv6

3 Domains

4 Subdomains

3 IPs

2 Countries

2478 kBTransfer

2473 kBSize

1 Cookies

0 Outgoing links

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

1 Cookies

1 Console Messages

Security Headers

Indicators

onboarding.online.icu Open in urlscan Pro
136.243.14.124 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

2478 kB
Transfer

2473 kB
Size

1
Cookies

18 HTTP transactions
0 data transactions