urlscan.io logo urlscan.io
SecurityTrails logo

app.truffle.vip Open in urlscan Pro
104.21.28.81  Public Scan

Go To Rescan Add Verdict Report
URL: https://app.truffle.vip/sidebar
Submission: On October 04 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 7 domains to perform 20 HTTP transactions. The main IP is 104.21.28.81, located in and belongs to CLOUDFLARENET, US. The main domain is app.truffle.vip. The Cisco Umbrella rank of the primary domain is 460471.
TLS certificate: Issued by E1 on September 2nd 2023. Valid for: 3 months.
This is the only time app.truffle.vip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 104.21.28.81 13335 (CLOUDFLAR...)
1 104.16.126.175 13335 (CLOUDFLAR...)
2 142.250.186.170 15169 (GOOGLE)
3 99.86.4.9 16509 (AMAZON-02)
3 54.187.159.182 16509 (AMAZON-02)
2 151.101.192.176 54113 (FASTLY)
3 35.224.113.207 396982 (GOOGLE-CL...)
1 52.34.216.14 16509 (AMAZON-02)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 188.114.96.3 13335 (CLOUDFLAR...)
1 142.250.186.99 15169 (GOOGLE)
20 11
2    104.21.28.81 (None, )

ASN13335 (CLOUDFLARENET, US)
app.truffle.vip
1    104.16.126.175 (None, )

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    142.250.186.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f10.1e100.net
fonts.googleapis.com
3    99.86.4.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-9.fra6.r.cloudfront.net
js.stripe.com
3    54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com
q.stripe.com
2    151.101.192.176 (United States)

ASN54113 (FASTLY, US)
m.stripe.network
3    35.224.113.207 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 207.113.224.35.bc.googleusercontent.com
mycelium.truffle.vip
mothertree.truffle.vip
1    52.34.216.14 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-34-216-14.us-west-2.compute.amazonaws.com
m.stripe.com
1    2606:4700:3033::6815:1c51 (United States)

ASN13335 (CLOUDFLARENET, US)
app.truffle.vip
1    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
cdn.bio
1    142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
7 stripe.com
js.stripe.com — Cisco Umbrella Rank: 2793
q.stripe.com — Cisco Umbrella Rank: 24792
m.stripe.com — Cisco Umbrella Rank: 2449
138 KB
6 truffle.vip
app.truffle.vip — Cisco Umbrella Rank: 460471
mycelium.truffle.vip — Cisco Umbrella Rank: 114340
mothertree.truffle.vip — Cisco Umbrella Rank: 309764
121 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 2971
16 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113
3 KB
1 gstatic.com
fonts.gstatic.com
46 KB
1 cdn.bio
cdn.bio — Cisco Umbrella Rank: 557748
2 KB
1 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1425
3 KB
20 7
Domain Requested by
3 q.stripe.com app.truffle.vip
3 js.stripe.com app.truffle.vip
js.stripe.com
3 app.truffle.vip app.truffle.vip
2 mothertree.truffle.vip app.truffle.vip
2 m.stripe.network js.stripe.com
m.stripe.network
2 fonts.googleapis.com app.truffle.vip
1 fonts.gstatic.com fonts.googleapis.com
1 cdn.bio
1 m.stripe.com m.stripe.network
1 mycelium.truffle.vip app.truffle.vip
1 unpkg.com app.truffle.vip
20 11

This site contains no links.

Subject Issuer Validity Valid
app.truffle.vip
E1		 2023-09-02 -
2023-12-01		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2023-07-31 -
2023-11-30		 4 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-08-01 -
2023-11-02		 3 months crt.sh
truffle.vip
R3		 2023-08-08 -
2023-11-06		 3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-07-31 -
2023-10-26		 3 months crt.sh
cdn.bio
GTS CA 1P5		 2023-09-13 -
2023-12-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://app.truffle.vip/sidebar
Frame ID: FA989471A4DEAA9130E5BA2A5EBCD418
Requests: 11 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: FF835F332646033127F27BECA10D7B2F
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 10A65D47944BC2A95046FC60715CD800
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Truffle

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

20
Requests

100 %
HTTPS

9 %
IPv6

7
Domains

11
Subdomains

11
IPs

3
Countries

330 kB
Transfer

1170 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request sidebar
app.truffle.vip/ 		995 B
1018 B 		Document
General
Check archive.org
Download Go to
Full URL
https://app.truffle.vip/sidebar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.28.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7a33fea192583d33e09dd79ccca99e901bdf998511530ac8be39b3d1cdcde93
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
810dc289bec08c35-EWR
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 04 Oct 2023 13:27:01 GMT
link
<https://fonts.googleapis.com>; rel="preconnect"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1yzZmgQkvLV7n58d%2BpalZ6iQq%2F4qRpYUufff10ZXecf7jNpxe1ESW%2FcynTpkO6JnSUVf73%2BUXuPoaJdLI9Y8yGNeRCvzjoFmMnKsahqLVO3On5kI10N%2BuLrL6NMkddnxZgM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
adoptedStyleSheets.js
unpkg.com/construct-style-sheets-polyfill@3.1.0/dist/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/construct-style-sheets-polyfill@3.1.0/dist/adoptedStyleSheets.js
Requested by
Host: app.truffle.vip
URL: https://app.truffle.vip/sidebar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.126.175 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfbc1259349a0a9ca85cc0b5ba7b9d72d7fc7475f85a7cdc064f24b41c8819e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.truffle.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 13:27:02 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
11130588
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01G45VQPQV0MNN35Q5PPQ45W7M-fra
server
cloudflare
etag
W/"3331-8nJz2lw+AzVo4j3sKbf1ypMkgrg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
810dc28efbd48fca-FRA
css2
fonts.googleapis.com/ 		21 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap
Requested by
Host: app.truffle.vip
URL: https://app.truffle.vip/sidebar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f10.1e100.net
Software
ESF /
Resource Hash
2074b871b5a0cf7a87e49f1e4af7080145ebebf4e674ffda31643747d223cb30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.truffle.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 04 Oct 2023 13:27:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 04 Oct 2023 11:40:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 04 Oct 2023 13:27:02 GMT
css2
fonts.googleapis.com/ 		27 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Requested by
Host: app.truffle.vip
URL: https://app.truffle.vip/sidebar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f10.1e100.net
Software
ESF /
Resource Hash
5ff9e1789aa671352c261693750b28f50cda54b2c1a2e50372434c26d9589e55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.truffle.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 04 Oct 2023 13:27:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 04 Oct 2023 11:40:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 04 Oct 2023 13:27:02 GMT
main-06f1f64d.js
app.truffle.vip/assets/ 		425 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.truffle.vip/assets/main-06f1f64d.js
Requested by
Host: app.truffle.vip
URL: https://app.truffle.vip/sidebar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.28.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
047fe4159f09e1de95a081e4d5533055f100c63e6ddcfcee3bf6e7491bd46665
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://app.truffle.vip/sidebar
Origin
https://app.truffle.vip
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 13:27:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
575
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"e8eac12688831550a68526b60139bbf8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2BV10ielyWgRZxE%2BkK%2FGxZpptsE99ZSl%2FGyPSjlHYSZy5rqmKm9FR5zkjO5me6Hga4GAwVItwfgIZe5vXP5EL0q9UmUy63dJ44nX8HuTaij53fHxwullS9KOEgP%2FyfF%2FP%2FFSX2UeG94x1%2FsAUEs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
810dc28b68278c35-EWR
v3
js.stripe.com/ 		536 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: app.truffle.vip
URL: https://app.truffle.vip/assets/main-06f1f64d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
4e77c60f8646b7673e64bc080a62863fb52d535f8ee26c0f3a638252b5e6e7e3
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.truffle.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 13:27:02 GMT
via
1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Tue, 03 Oct 2023 20:47:06 GMT
server
Cloudfront
etag
W/"d0210706178c37daa05e7979f2db9634"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
5ZhNNfOji-vEKa8XYSWlJwFfz2Kz_DjyZkX-k4AOg2-YMSdJyOOjXA==
m-outer-27c67c0d52761104439bb051c7856ab1.html
js.stripe.com/v3/ Frame FF83 		200 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app.truffle.vip/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
139
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 04 Oct 2023 13:24:44 GMT
etag
"27c67c0d52761104439bb051c7856ab1"
last-modified
Sat, 30 Sep 2023 02:25:30 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-id
vnBWPEqYLXR2TeN8mfryMJ_jYJ6_tMdSUFuyC6XcKm1jwdCYVs3Fkg==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
m-outer-6576085ca35ee42f2f484cda6763e4aa.js
js.stripe.com/v3/fingerprinted/js/ Frame FF83 		631 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Wed, 04 Oct 2023 13:22:36 GMT
x-content-type-options
nosniff
via
1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
267
x-cache
Hit from cloudfront
content-length
631
last-modified
Sat, 30 Sep 2023 02:25:28 GMT
server
Cloudfront
etag
"70cacf09ae81711ac6dcbc5ee59750c4"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
NdpRVv-gAHH-o6UdskQ5On5AQEencWIFF2z3mdbd1Md1wQ1-8P0Rcw==
csp-report
q.stripe.com/ Frame FF83 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: app.truffle.vip
URL: https://app.truffle.vip/sidebar
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 04 Oct 2023 13:27:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1696426023459804
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1696426023459377
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame FF83 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: app.truffle.vip
URL: https://app.truffle.vip/sidebar
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 04 Oct 2023 13:27:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1696426023459806
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1696426023459393
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
inner.html
m.stripe.network/ Frame 10A6 		930 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
205
cache-control
max-age=300, public
content-encoding
br
content-length
540
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 04 Oct 2023 13:27:03 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 varnish
x-cache
HIT
x-cache-hits
173
x-content-type-options
nosniff
x-request-id
e4235d24-5ab1-48c2-91d1-35a7c1d7e110
x-served-by
cache-fra-eddf8230113-FRA
x-timer
S1696426023.489210,VS0,VE0
graphql
mycelium.truffle.vip/ 		396 B
639 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mycelium.truffle.vip/graphql
Requested by
Host: app.truffle.vip
URL: https://app.truffle.vip/assets/main-06f1f64d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.224.113.207 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.113.224.35.bc.googleusercontent.com
Software
/
Resource Hash
08ca85dc69a2ba627d691afd07aa0dae6b921d375f3702453fd734688bef29e9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://app.truffle.vip/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 04 Oct 2023 13:27:03 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin
access-control-allow-methods
OPTIONS, POST, GET
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
396
csp-report
q.stripe.com/ Frame 10A6 		0
490 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: app.truffle.vip
URL: https://app.truffle.vip/sidebar
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 04 Oct 2023 13:27:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1696426023639784
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
1
x-stripe-client-envoy-start-time-us
1696426023639363
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.43.js
m.stripe.network/ Frame 10A6 		87 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Wed, 04 Oct 2023 13:27:03 GMT
x-content-type-options
nosniff
content-encoding
br
via
1.1 varnish
age
171
x-cache
HIT
content-length
15509
x-request-id
206545be-3ada-4804-aa14-6e0d4c7584f5
x-served-by
cache-fra-eddf8230113-FRA
server
Fastly
x-timer
S1696426024.553335,VS0,VE0
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
accept-ranges
bytes
x-cache-hits
143
6
m.stripe.com/ Frame 10A6 		156 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.216.14 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-216-14.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
79e6a014ea6a27717d98c17bcd059a5632f8747c7b314ec6664521c6857515f8
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Wed, 04 Oct 2023 13:27:04 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1696426024955315
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
3
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1696426024954975
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
sidebar-65c81ae1.js
app.truffle.vip/assets/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.truffle.vip/assets/sidebar-65c81ae1.js
Requested by
Host: app.truffle.vip
URL: https://app.truffle.vip/assets/main-06f1f64d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:1c51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca065602a285afd1c1c947f7f6adf0d9326d2abd4fdf11c2cd691949ea6ab433
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://app.truffle.vip/assets/main-06f1f64d.js
Origin
https://app.truffle.vip
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 13:27:04 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-cache-status
REVALIDATED
etag
W/"a16d25245d837e1d59d858d772561d3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ae7Gu8LEdEwF1%2BWl9NRg%2Bnw7g6qhLJt3DPMxWK%2FuJiw%2BHiMwS2MQeoGCQQtsoFfhqK4qcdynhfCzIyxsZ07FdAgpc8eflZw4x3skWxqentjEbSReDzyUkZV10nNDa1KA%2FCM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
810dc29aba624d79-FRA
alt-svc
h3=":443"; ma=86400
graphql
mothertree.truffle.vip/ 		222 B
441 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mothertree.truffle.vip/graphql
Requested by
Host: app.truffle.vip
URL: https://app.truffle.vip/assets/main-06f1f64d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.224.113.207 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.113.224.35.bc.googleusercontent.com
Software
/
Resource Hash
03f0db741715c1bb929ec175b5512845f05b0120f1f49360555e62534c4e50a2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept
multipart/mixed, application/graphql-response+json, application/graphql+json, application/json
Referer
https://app.truffle.vip/
accept-language
de-DE,de;q=0.9
x-access-token
eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJ1c2VySWQiOiJiNGY3YmFmMC02MmI5LTExZWUtYjA4Mi0wYjc3ODUzNDk1ZmUiLCJ0eXBlIjoiZ2xvYmFsIiwic2NvcGVzIjpbIioiXSwiaXNBbm9uIjp0cnVlLCJpYXQiOjE2OTY0MjYwMjMsImlzcyI6InNwb3JlIiwic3ViIjoiYjRmN2JhZjAtNjJiOS0xMWVlLWIwODItMGI3Nzg1MzQ5NWZlIn0.Kl84PGPdVW0ndE2N5TRCah0Hm0e09DGz6w4CSGp_rqzZlQdJY1M-1D51qcERWsnrZBctdM-kbKOpkfQmpue-6g
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://app.truffle.vip
date
Wed, 04 Oct 2023 13:27:04 GMT
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-credentials
true
content-length
222
vary
Origin
content-type
application/graphql-response+json; charset=utf-8
graphql
mothertree.truffle.vip/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mothertree.truffle.vip/graphql
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.224.113.207 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.113.224.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-access-token
Access-Control-Request-Method
POST
Origin
https://app.truffle.vip
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-access-token
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
date
Wed, 04 Oct 2023 13:27:04 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin, Access-Control-Request-Headers
truffle-icon.svg
cdn.bio/assets/images/features/sidebar/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bio/assets/images/features/sidebar/truffle-icon.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
130727835ecc15d1ed9121853254c213c9fdbb126552186a52742ff43627e8d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 13:27:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
714
x-guploader-uploadid
ADPycdtVg4X7JTan034KYYERGWAsJWmJNr5hgVPed9u8pOBJBPqc6yZ016t7gLVZVAw6mtG0zSmzh8SL0ZMehBN1CKWifbv1-Zv_
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 30 Jul 2023 07:17:20 GMT
server
cloudflare
etag
W/"897d9b48fa6fb6e5d84f1341be3c2df1"
vary
Accept-Encoding
x-goog-hash
crc32c=MjwBIA==, md5=iX2bSPpvtuXYTxNBvjwt8Q==
x-goog-generation
1690701440093620
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rq7pNWIx2ApkXRWPjlfTzpa%2F7qx3cHhigyscj2KTw6drvs0T4OrVYpEg%2Bqq3yXaYpe4Q%2BUL9%2BR8zOIAHgRrWBS0V7sFgUjR6mN2sPfjPLCwINchLJOdPgcE3"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
1612
cf-ray
810dc2a3bf3443af-EWR
expires
Wed, 04 Oct 2023 14:07:09 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://app.truffle.vip
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 18:27:54 GMT
x-content-type-options
nosniff
age
500351
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46704
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:49:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Sep 2024 18:27:54 GMT

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture boolean| _isTruffleJumperListening object| webpackChunkStripeJSouter function| noop function| Stripe

5 Cookies

Domain/Path Name / Value
app.truffle.vip/auth Name: savedAnonAccessToken
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJ1c2VySWQiOiJiNGY3YmFmMC02MmI5LTExZWUtYjA4Mi0wYjc3ODUzNDk1ZmUiLCJ0eXBlIjoiZ2xvYmFsIiwic2NvcGVzIjpbIioiXSwiaXNBbm9uIjp0cnVlLCJpYXQiOjE2OTY0MjYwMjMsImlzcyI6InNwb3JlIiwic3ViIjoiYjRmN2JhZjAtNjJiOS0xMWVlLWIwODItMGI3Nzg1MzQ5NWZlIn0.Kl84PGPdVW0ndE2N5TRCah0Hm0e09DGz6w4CSGp_rqzZlQdJY1M-1D51qcERWsnrZBctdM-kbKOpkfQmpue-6g
app.truffle.vip/ Name: savedAnonAccessToken
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJ1c2VySWQiOiJiNGY3YmFmMC02MmI5LTExZWUtYjA4Mi0wYjc3ODUzNDk1ZmUiLCJ0eXBlIjoiZ2xvYmFsIiwic2NvcGVzIjpbIioiXSwiaXNBbm9uIjp0cnVlLCJpYXQiOjE2OTY0MjYwMjMsImlzcyI6InNwb3JlIiwic3ViIjoiYjRmN2JhZjAtNjJiOS0xMWVlLWIwODItMGI3Nzg1MzQ5NWZlIn0.Kl84PGPdVW0ndE2N5TRCah0Hm0e09DGz6w4CSGp_rqzZlQdJY1M-1D51qcERWsnrZBctdM-kbKOpkfQmpue-6g
m.stripe.com/ Name: m
Value: 966a9531-eec7-46c5-bc47-0e99f287ef116edd10
.app.truffle.vip/ Name: __stripe_mid
Value: 71c66eef-48a8-483b-9a29-b3f4510a6777c18e62
.app.truffle.vip/ Name: __stripe_sid
Value: 7e1c3178-5f52-405f-b91e-170475394514ad35e8

1 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.truffle.vip
cdn.bio
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
m.stripe.com
m.stripe.network
mothertree.truffle.vip
mycelium.truffle.vip
q.stripe.com
unpkg.com
104.16.126.175
104.21.28.81
142.250.186.170
142.250.186.99
151.101.192.176
188.114.96.3
2606:4700:3033::6815:1c51
35.224.113.207
52.34.216.14
54.187.159.182
99.86.4.9
03f0db741715c1bb929ec175b5512845f05b0120f1f49360555e62534c4e50a2
047fe4159f09e1de95a081e4d5533055f100c63e6ddcfcee3bf6e7491bd46665
08ca85dc69a2ba627d691afd07aa0dae6b921d375f3702453fd734688bef29e9
130727835ecc15d1ed9121853254c213c9fdbb126552186a52742ff43627e8d5
2074b871b5a0cf7a87e49f1e4af7080145ebebf4e674ffda31643747d223cb30
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
4e77c60f8646b7673e64bc080a62863fb52d535f8ee26c0f3a638252b5e6e7e3
5ff9e1789aa671352c261693750b28f50cda54b2c1a2e50372434c26d9589e55
79e6a014ea6a27717d98c17bcd059a5632f8747c7b314ec6664521c6857515f8
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
bfbc1259349a0a9ca85cc0b5ba7b9d72d7fc7475f85a7cdc064f24b41c8819e0
ca065602a285afd1c1c947f7f6adf0d9326d2abd4fdf11c2cd691949ea6ab433
d7a33fea192583d33e09dd79ccca99e901bdf998511530ac8be39b3d1cdcde93
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947