urlscan.io logo urlscan.io
SecurityTrails logo

app.validatestartup.com Open in urlscan Pro
2606:4700:3032::6815:3449  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://validatestartup.com/
Effective URL: https://app.validatestartup.com/onboarding
Submission: On May 11 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 17 HTTP transactions. The main IP is 2606:4700:3032::6815:3449, located in United States and belongs to CLOUDFLARENET, US. The main domain is app.validatestartup.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 13th 2023. Valid for: a year.
This is the only time app.validatestartup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
2 10 2606:4700:303... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.66.97.49 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.222.236.74 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
17 7
1    2606:4700:3036::ac43:c4b0 (United States)

ASN13335 (CLOUDFLARENET, US)
validatestartup.com
10    2606:4700:3032::6815:3449 (United States)

ASN13335 (CLOUDFLARENET, US)
validatestartup.com
app.validatestartup.com
4    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    18.66.97.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-49.fra56.r.cloudfront.net
static.hotjar.com
1    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    52.222.236.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-74.fra56.r.cloudfront.net
script.hotjar.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
11 validatestartup.com
validatestartup.com
app.validatestartup.com
3 MB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 50
3 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 695
script.hotjar.com — Cisco Umbrella Rank: 957
72 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2495
259 B
1 gstatic.com
fonts.gstatic.com
14 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
78 KB
17 6
Domain Requested by
9 app.validatestartup.com 1 redirects app.validatestartup.com
4 fonts.googleapis.com app.validatestartup.com
2 validatestartup.com 2 redirects
1 region1.google-analytics.com www.googletagmanager.com
1 script.hotjar.com static.hotjar.com
1 fonts.gstatic.com fonts.googleapis.com
1 static.hotjar.com app.validatestartup.com
1 www.googletagmanager.com app.validatestartup.com
17 8

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-03-13 -
2024-03-12		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://app.validatestartup.com/onboarding
Frame ID: BB6EC8D751B046B7D8FE43FF4DB05646
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Validate

Page URL History Show full URLs

  1. http://validatestartup.com/ HTTP 301
    https://validatestartup.com/ HTTP 302
    https://app.validatestartup.com/ HTTP 302
    https://app.validatestartup.com/onboarding Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

17
Requests

100 %
HTTPS

75 %
IPv6

6
Domains

8
Subdomains

7
IPs

2
Countries

2812 kB
Transfer

6684 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://validatestartup.com/ HTTP 301
    https://validatestartup.com/ HTTP 302
    https://app.validatestartup.com/ HTTP 302
    https://app.validatestartup.com/onboarding Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request onboarding
app.validatestartup.com/
Redirect Chain
  • http://validatestartup.com/
  • https://validatestartup.com/
  • https://app.validatestartup.com/
  • https://app.validatestartup.com/onboarding
284 KB
72 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.validatestartup.com/onboarding
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:3449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger 6.0.6
Resource Hash
30058b3ce77b88cc77a225264283bea8470e7bc237b59d6ac5e3f26d7a1304f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7c5715182e3135e7-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 11 May 2023 02:44:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aSuECk6C%2BBsdyRjE5F67HmHh7EIQTAnCZcfxMr84E5zJY7Akj2PiF6Kr%2BX6gJ2wD6BVT2M4Fvnn70tdYiZbWdlEuCHUSQjEwpWjAnEZU9zy60dEApZkpLj3pOEHTvezYT5eSSrh4meo7RktO7zixa5jLWUGdaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
status
200 OK
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-powered-by
Phusion Passenger 6.0.6
x-request-id
678e8146-0054-4404-a843-24299a0e3faf
x-runtime
0.083473
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7c571517cdfc35e7-FRA
content-type
text/html; charset=utf-8
date
Thu, 11 May 2023 02:44:50 GMT
location
https://app.validatestartup.com/onboarding
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sp4wT4uQ0ZwstklKbaJxL6tUijleAU%2FNk%2F09BB%2B1BGNFPdW%2FCwdbx11R41pbqJusNW1gZJQIew4VRn%2FIqC947nBEjc%2F6XLALAfDI0V5DwuF9boZOcspG8Px9aXhzLumjF7Izv0jwGoJyiZB6p2OxaZ8sPVUCtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
status
302 Found
x-powered-by
Phusion Passenger 6.0.6
x-request-id
8ad17dcd-17dd-4dcd-b69a-6ea7297e1ef0
x-runtime
0.004895
css
fonts.googleapis.com/ 		2 KB
973 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito&display=swap
Requested by
Host: app.validatestartup.com
URL: https://app.validatestartup.com/onboarding
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7c2b1edf558d11d547112905778f404d990359ee2df7646282994f66b6591d66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.validatestartup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 11 May 2023 02:44:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 11 May 2023 01:33:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 11 May 2023 02:44:50 GMT
front-9cb9c330d8466d1b075795b7587664d9cdd267525e7ddc68a1128ad69139db7f.css
app.validatestartup.com/assets/ 		255 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.validatestartup.com/assets/front-9cb9c330d8466d1b075795b7587664d9cdd267525e7ddc68a1128ad69139db7f.css
Requested by
Host: app.validatestartup.com
URL: https://app.validatestartup.com/onboarding
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cb9c330d8466d1b075795b7587664d9cdd267525e7ddc68a1128ad69139db7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.validatestartup.com/onboarding
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 02:44:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 17 Mar 2023 11:18:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
145796
etag
W/"64144ca1-8d65"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N9WwB8kk6veICdd65ZsUo3z8EP81mqmxl%2BsTjipM0KM75E8uunThvz4qyfUHhcVCmNX8QtKUx%2FfdJBYAyntZAQpscHdd7bHlh9%2FEu2bQPjqR1zmewln6CVfgh3F9fN7mnLg%2FYBi3aTUlSmCivE0qQ2z2nb5x1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
7c571518ffd737e0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
application-6fca13cb.css
app.validatestartup.com/packs/css/ 		247 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.validatestartup.com/packs/css/application-6fca13cb.css
Requested by
Host: app.validatestartup.com
URL: https://app.validatestartup.com/onboarding
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c3127caff5609bbdee6eeb108243cfd546ad9c691f1f2f7f12d27c36e71854a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.validatestartup.com/onboarding
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 02:44:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 30 Mar 2023 08:21:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
145796
etag
W/"6425469a-745f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d7TsHHQRNmAzdwB%2Fx8aUbYEuZzlRyXb2ywSNB%2BNym0ptnOi7Qsub7brRbw%2Fe2NZk1HI9ZbIubKvsaZJE02UB6KX48HGZaP9mCXHikxKUtrTU5tBivvCrceHa7TGT%2FATnZK6mdE0xbVt0Ohgn5wuzg%2FwHDos%2Fmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
7c571518ffd937e0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
application-a50cb42d7c81d153b5ca.js
app.validatestartup.com/packs/js/ 		4 MB
829 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.validatestartup.com/packs/js/application-a50cb42d7c81d153b5ca.js
Requested by
Host: app.validatestartup.com
URL: https://app.validatestartup.com/onboarding
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bbfe8d06d3dd03f9b974c68f8f9b9431dc477dc6fbf56312ac23eeaf3798122

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.validatestartup.com/onboarding
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 02:44:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 30 Mar 2023 08:21:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
145796
etag
W/"6425469a-d6813"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EhegstEDuCsCBkcjS8r0jfNhkyNHwaP9SSFxkzRjPtj169WmErMVncIwvVYl8AROdoOfZ7MgCMVCIdKgU5coCuGLyjMijH7Cmqz1a8jgbJAZtI3hN%2Fqgir9Nv2A2f0VEL8rwh4np113f3FGIOPjUbHkQUTKDaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7c571518ffda37e0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
js
www.googletagmanager.com/gtag/ 		220 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-M6FJS6405D
Requested by
Host: app.validatestartup.com
URL: https://app.validatestartup.com/onboarding
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
08637ad062ec1d576a787460bb8fb1a7333d7eb8cba66ed613cfaafb9df70bd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.validatestartup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 02:44:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79312
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 11 May 2023 02:44:50 GMT
css2
fonts.googleapis.com/ 		5 KB
716 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=EB+Garamond:wght@400;700&display=swap
Requested by
Host: app.validatestartup.com
URL: https://app.validatestartup.com/assets/front-9cb9c330d8466d1b075795b7587664d9cdd267525e7ddc68a1128ad69139db7f.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
12de7ed75763e12ec3d15b386a3ff2828d9d3232eb06761bf7f0774ef81b150d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.validatestartup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 11 May 2023 02:44:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 11 May 2023 02:44:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 11 May 2023 02:44:50 GMT
css2
fonts.googleapis.com/ 		5 KB
696 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700;800&display=swap
Requested by
Host: app.validatestartup.com
URL: https://app.validatestartup.com/assets/front-9cb9c330d8466d1b075795b7587664d9cdd267525e7ddc68a1128ad69139db7f.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8a73b7ae8710954da50170207aafd69db015e1473e0d9aab82db07b6f7320f2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.validatestartup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 11 May 2023 02:44:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 11 May 2023 01:15:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 11 May 2023 02:44:50 GMT
css2
fonts.googleapis.com/ 		2 KB
513 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@400;700;900&display=swap
Requested by
Host: app.validatestartup.com
URL: https://app.validatestartup.com/assets/front-9cb9c330d8466d1b075795b7587664d9cdd267525e7ddc68a1128ad69139db7f.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0cee972f52f443216ed569505738e89b08925201f31b5d7a51783ee9a0dcc785
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.validatestartup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 11 May 2023 02:44:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 11 May 2023 01:01:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 11 May 2023 02:44:50 GMT
hotjar-2183377.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2183377.js?sv=6
Requested by
Host: app.validatestartup.com
URL: https://app.validatestartup.com/onboarding
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-49.fra56.r.cloudfront.net
Software
/
Resource Hash
c2af076335349432f63d63c1179761787137595992b3da02d190fbdd0c2ad4da
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.validatestartup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 02:44:50 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
W/676243055eeac951302d24524748ecf3
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
nQWcWLrP02XTvgjOOYnhXZRkjFbTR1V6ikFPnGgu6l6VeK78_hlYsQ==
ideation1.png
app.validatestartup.com/images/ 		786 KB
786 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.validatestartup.com/images/ideation1.png
Requested by
Host: app.validatestartup.com
URL: https://app.validatestartup.com/onboarding/sign_in
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9e5f48338cecc309afb6e5f5af5508349da40cf065f74c0ec879c3302a0ee92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.validatestartup.com/onboarding/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 02:44:51 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 30 Mar 2023 08:07:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6425433f-c4727"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=55ULIwUgby6%2FYMO3tv%2FPU9%2FOplc6lsYE%2FqbbPGgY5kUmBcyjKJ3JoWOPBNDKzrVhiNe7dl9uv%2BFO2Ji2jRPFhitL0R3NifHfjxZvHZQipjKacg4NL3zBxrLstseo6NzlVILevividhfNpiBolXl6fakjJMg34w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7c57151a991137e0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
804647
canvas2.png
app.validatestartup.com/images/ 		344 KB
345 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.validatestartup.com/images/canvas2.png
Requested by
Host: app.validatestartup.com
URL: https://app.validatestartup.com/onboarding/sign_in
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4585ab573dacebaf76af36d7be87e520230aa410613f71436dc013d464e63c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.validatestartup.com/onboarding/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 02:44:51 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 30 Mar 2023 08:07:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6425433f-561d1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UChv%2Fsd3p4usK1VZcev0ysTXw1iZIq9ZurCvAFqkit2vBrGLMRT6%2F6ee0Y%2BsMnBiGTvnpxTwvBYmDp43leJz8mWibNxU1F5yT54ppeHFgX8TYnTWF5LOYRqfH9XwBPj1MBGP0PywqH9WW1HZh8%2BJVQtWq0a1fQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7c57151a991237e0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
352721
testing3.png
app.validatestartup.com/images/ 		204 KB
205 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.validatestartup.com/images/testing3.png
Requested by
Host: app.validatestartup.com
URL: https://app.validatestartup.com/onboarding/sign_in
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6e0daaf73e4a8c1c47a1a54a03d877d598c6404a6ce778587f12c8b7215ab6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.validatestartup.com/onboarding/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 02:44:51 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 30 Mar 2023 08:07:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6425433f-33182"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FjkfEGFFbO279tMj41RASSQLHQRy6oWJUFrv1obcH2x%2BpeGL%2BTKodzMiBMSj2Va%2B9EDnyDoPhiO8EpW7b1gbIu%2FD3sPOKGE2OPlMynJ86l6yy2LdhQqVZdVJHr4r6hCLHsOb9FGBzzIt4xRWf5YmtXKOQGQjww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7c57151a991337e0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
209282
portfolio4.png
app.validatestartup.com/images/ 		339 KB
340 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.validatestartup.com/images/portfolio4.png
Requested by
Host: app.validatestartup.com
URL: https://app.validatestartup.com/onboarding/sign_in
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6e41b3d9da10f71bab463e873dc43a70ec5afb9a42e1c4b6663be8dbfa60fff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.validatestartup.com/onboarding/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 02:44:51 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 30 Mar 2023 08:07:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6425433f-54bd6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dxHa5shm%2Bjo7GM8%2Fu%2FYt1NBg10OemngE1NTD5ukSf8JZS4DWX9uBPeszzwpTcAo7rR1z9hwBWrBO3OaJLQk6OM9PRH%2BGTGLQsQp1CMcqgLEgKd4ILw%2BBZxBOxka%2FQQ2chYE%2FXPaEXSW9Q79GdueuVmZTo9gMmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7c57151a991537e0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
347094
XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
fonts.gstatic.com/s/nunito/v25/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e2f97ea0fb92d5e3ae31eeef403b9c34363c8fb2a387e13cf381fa97f3e8cf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://app.validatestartup.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 14:30:43 GMT
x-content-type-options
nosniff
age
389648
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14060
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:44:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 14:30:43 GMT
modules.6485e66e018398b15c50.js
script.hotjar.com/ 		264 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.6485e66e018398b15c50.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2183377.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-74.fra56.r.cloudfront.net
Software
/
Resource Hash
08a42d8f7eca0560993697fa53c48bad4fbf1028e06d9ae9545e0803ca24ec8a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.validatestartup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 13:39:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
47144
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
69316
last-modified
Wed, 10 May 2023 13:38:29 GMT
etag
"7c226a7472950599c7ea65e6a1a58825"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
XiYt0ZFh0Wqupv60YTtN5D_DOMmY5h036XFcTgpzFGa-jOhWwwMA4Q==
collect
region1.google-analytics.com/g/ 		0
259 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-M6FJS6405D&gtm=45je3580&_p=713424856&cid=1733341945.1683773091&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1683773091&sct=1&seg=0&dl=https%3A%2F%2Fapp.validatestartup.com%2Fonboarding%2Fsign_in&dt=Validate&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M6FJS6405D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.validatestartup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 May 2023 02:44:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.validatestartup.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| ReactRailsUJS function| hj object| _hjSettings function| gtag object| dataLayer function| _ object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

8 Cookies

Domain/Path Name / Value
app.validatestartup.com/ Name: _balloon_session
Value: SmZ3LzhyZDgrS1dGT0hTQ3JzYzRPZ3JDdW1tckRKYWc0M3FoNEc5ZWFCRVlRdHpwcFo1ZWVSbWl2bFFBVDcwTU1mZWowWWF1QnhLNzFUZ2p4OE0vRkJqSSsvWnBjWi9aWjhRaHY2bUc1SEUzdWF1ekFQbXNjWnpRZ0l0L3hXZEY3YlVIRW9pemtlNVBoMjA4cGpoTTFQdTJaa3puT3Y4Y1ZOczd2UkVBa2RxYnNVNWZWcXBNcHE2K1MyRG41SWZ3dVB3bkVYZU0rR1BBSXdaWktpcVpCTWExY0lMaWtjRU92WDQrdjEwYnE5U096UGlxR20wS0hzNmJzTG4vZnA0YWVtTFNFUHJzd0xvbE1IRnNLZnBWYlVHOTdMUXliemU0U294dlVSSlV3OEYxQktic0ZHWktqcjRZbFNBSHl2d2tKODJKdmZncDc4UU9KK3V1Q056NTROcDgwVStRcWNTeXl2VldSanlCRjBpeUVTQmFMZmVLTmNjRGNoeDc3dzBxZnFUaFNic0NSK1VmelR5QVRCd2JIWnArQWtMcjc0YjJIREpnZXRuY1F0UjBOSDN0WWV3UHVjTUtmR2U1dCtTYzRRamdMR24rN1pTYU56MWlFcnJsNkJQelpTckZ4QWhCZ1ZnREE4dDVyekpQbnEyaW50ZnFWQ0xFeVBHOHZuMVgtLVk1T2t4VDl0ZjZFZk0xMm4wMWhhUUE9PQ%3D%3D--11366fe3ffdf0cbf7aa44727136cf431b233578b
.validatestartup.com/ Name: _ga
Value: GA1.1.1733341945.1683773091
.validatestartup.com/ Name: _hjSessionUser_2183377
Value: eyJpZCI6IjIyZmQzNjlhLWUxMGEtNWIzZi1hNzg1LWYzMGI2OTY2MzY2ZSIsImNyZWF0ZWQiOjE2ODM3NzMwOTExNDEsImV4aXN0aW5nIjpmYWxzZX0=
.validatestartup.com/ Name: _hjFirstSeen
Value: 1
.validatestartup.com/ Name: _hjIncludedInSessionSample_2183377
Value: 0
.validatestartup.com/ Name: _hjSession_2183377
Value: eyJpZCI6ImZlY2U5MjNkLTgxMjUtNDJkMS04YjEwLTU2OGUxOTM0ZDM2OCIsImNyZWF0ZWQiOjE2ODM3NzMwOTExNTEsImluU2FtcGxlIjpmYWxzZX0=
.validatestartup.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.validatestartup.com/ Name: _ga_M6FJS6405D
Value: GS1.1.1683773091.1.0.1683773091.0.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.validatestartup.com
fonts.googleapis.com
fonts.gstatic.com
region1.google-analytics.com
script.hotjar.com
static.hotjar.com
validatestartup.com
www.googletagmanager.com
18.66.97.49
2001:4860:4802:34::36
2606:4700:3032::6815:3449
2606:4700:3036::ac43:c4b0
2a00:1450:4001:801::2003
2a00:1450:4001:80e::2008
2a00:1450:4001:82f::200a
52.222.236.74
08637ad062ec1d576a787460bb8fb1a7333d7eb8cba66ed613cfaafb9df70bd5
08a42d8f7eca0560993697fa53c48bad4fbf1028e06d9ae9545e0803ca24ec8a
0c3127caff5609bbdee6eeb108243cfd546ad9c691f1f2f7f12d27c36e71854a
0cee972f52f443216ed569505738e89b08925201f31b5d7a51783ee9a0dcc785
12de7ed75763e12ec3d15b386a3ff2828d9d3232eb06761bf7f0774ef81b150d
1bbfe8d06d3dd03f9b974c68f8f9b9431dc477dc6fbf56312ac23eeaf3798122
30058b3ce77b88cc77a225264283bea8470e7bc237b59d6ac5e3f26d7a1304f4
5e2f97ea0fb92d5e3ae31eeef403b9c34363c8fb2a387e13cf381fa97f3e8cf7
7c2b1edf558d11d547112905778f404d990359ee2df7646282994f66b6591d66
8a73b7ae8710954da50170207aafd69db015e1473e0d9aab82db07b6f7320f2e
9cb9c330d8466d1b075795b7587664d9cdd267525e7ddc68a1128ad69139db7f
a6e0daaf73e4a8c1c47a1a54a03d877d598c6404a6ce778587f12c8b7215ab6e
c2af076335349432f63d63c1179761787137595992b3da02d190fbdd0c2ad4da
c4585ab573dacebaf76af36d7be87e520230aa410613f71436dc013d464e63c2
d9e5f48338cecc309afb6e5f5af5508349da40cf065f74c0ec879c3302a0ee92
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6e41b3d9da10f71bab463e873dc43a70ec5afb9a42e1c4b6663be8dbfa60fff