urlscan.io logo urlscan.io
SecurityTrails logo

app.banknovo.com Open in urlscan Pro
54.209.245.82  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://xeroapp.banknovo.com/
Effective URL: https://app.banknovo.com/integrations
Submission: On November 03 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 2 countries across 10 domains to perform 22 HTTP transactions. The main IP is 54.209.245.82, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is app.banknovo.com.
TLS certificate: Issued by R3 on November 3rd 2021. Valid for: 3 months.
This is the only time app.banknovo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 54.209.245.82 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 99.86.0.85 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.120.195.249 15169 (GOOGLE)
1 13.32.22.92 16509 (AMAZON-02)
1 54.69.48.209 16509 (AMAZON-02)
1 108.161.187.71 33438 (HIGHWINDS2)
1 2600:1901:0:4... 15169 (GOOGLE)
1 13.32.22.49 16509 (AMAZON-02)
1 130.211.34.183 15169 (GOOGLE)
1 143.204.215.26 16509 (AMAZON-02)
2 35.227.225.220 15169 (GOOGLE)
22 13
10    54.209.245.82 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-245-82.compute-1.amazonaws.com
xeroapp.banknovo.com
app.banknovo.com
assets.banknovo.com
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    99.86.0.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-0-85.fra6.r.cloudfront.net
cdn.segment.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    34.120.195.249 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o139498.ingest.sentry.io
1    13.32.22.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-92.fra56.r.cloudfront.net
static.hotjar.com
1    54.69.48.209 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-69-48-209.us-west-2.compute.amazonaws.com
api.segment.io
1    108.161.187.71 (United States)

ASN33438 (HIGHWINDS2, US)
assets.customer.io
1    2600:1901:0:498c:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
cdn.mxpnl.com
1    13.32.22.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-49.fra56.r.cloudfront.net
script.hotjar.com
1    130.211.34.183 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 183.34.211.130.bc.googleusercontent.com
api-js.mixpanel.com
1    143.204.215.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-26.fra53.r.cloudfront.net
vars.hotjar.com
2    35.227.225.220 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 220.225.227.35.bc.googleusercontent.com
track.customer.io
Domain Requested by
8 app.banknovo.com app.banknovo.com
2 track.customer.io
1 vars.hotjar.com static.hotjar.com
1 api-js.mixpanel.com app.banknovo.com
1 script.hotjar.com static.hotjar.com
1 cdn.mxpnl.com cdn.segment.com
1 assets.customer.io cdn.segment.com
1 api.segment.io app.banknovo.com
1 static.hotjar.com cdn.segment.com
1 o139498.ingest.sentry.io app.banknovo.com
1 fonts.gstatic.com fonts.googleapis.com
1 cdn.segment.com app.banknovo.com
1 fonts.googleapis.com app.banknovo.com
1 assets.banknovo.com app.banknovo.com
1 xeroapp.banknovo.com 1 redirects
22 15

This site contains links to these domains. Also see Links.

Domain
enable-javascript.com
banknovo.com
Subject Issuer Validity Valid
app.banknovo.com
R3		 2021-11-03 -
2022-02-01		 3 months crt.sh
assets.banknovo.com
R3		 2021-11-03 -
2022-02-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.segment.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-19 -
2022-08-09		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.ingest.sentry.io
R3		 2021-10-24 -
2022-01-22		 3 months crt.sh
*.hotjar.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
*.customer.io
R3		 2021-10-31 -
2022-01-29		 3 months crt.sh
*.mxpnl.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-07-15 -
2022-07-28		 a year crt.sh
*.mixpanel.com
GeoTrust RSA CA 2018		 2020-04-20 -
2022-04-21		 2 years crt.sh
api.customer.io
GTS CA 1D4		 2021-10-01 -
2021-12-30		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://app.banknovo.com/integrations
Frame ID: 6CEE997E544F0F553F065F291E89761F
Requests: 21 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-d09a446edefba0dcce5d5143e1840e9a.html
Frame ID: 48249BA4A60D9698DEA33460D1CC48CB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Novo Web App

Page URL History Show full URLs

  1. https://xeroapp.banknovo.com/ HTTP 301
    https://app.banknovo.com/integrations Page URL

Page Statistics

22
Requests

100 %
HTTPS

23 %
IPv6

10
Domains

15
Subdomains

13
IPs

2
Countries

924 kB
Transfer

3803 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://xeroapp.banknovo.com/ HTTP 301
    https://app.banknovo.com/integrations Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request integrations
app.banknovo.com/
Redirect Chain
  • https://xeroapp.banknovo.com/
  • https://app.banknovo.com/integrations
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.banknovo.com/integrations
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.245.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-245-82.compute-1.amazonaws.com
Software
cloudflare-nginx /
Resource Hash
38c56ab234358124e9483409c8f6745c20453f1c41c11ddd0e1795105be2dd0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
cloudflare-nginx
date
Wed, 03 Nov 2021 05:44:12 GMT
content-type
text/html
last-modified
Wed, 27 Oct 2021 18:53:25 GMT
vary
Accept-Encoding
etag
W/"6179a025-11d9"
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br

Redirect headers

server
cloudflare-nginx
date
Wed, 03 Nov 2021 05:44:12 GMT
content-type
text/html
content-length
162
location
https://app.banknovo.com/integrations
strict-transport-security
max-age=31536000; includeSubdomains; preload
castle.js
assets.banknovo.com/js/ 		29 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.banknovo.com/js/castle.js
Requested by
Host: app.banknovo.com
URL: https://app.banknovo.com/integrations
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.245.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-245-82.compute-1.amazonaws.com
Software
cloudflare-nginx /
Resource Hash
b778454c428b91af5839a327561626d24bdc01fca7f892b0d1955329c885f425
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.banknovo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:44:12 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 20 Sep 2021 18:13:11 GMT
server
cloudflare-nginx
etag
W/"6148cf37-75c0"
x-frame-options
DENY
content-type
application/javascript
vary
Accept-Encoding
vendor.e40f.css
app.banknovo.com/ 		34 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.banknovo.com/vendor.e40f.css
Requested by
Host: app.banknovo.com
URL: https://app.banknovo.com/integrations
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.245.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-245-82.compute-1.amazonaws.com
Software
cloudflare-nginx /
Resource Hash
d92f3f6f70b71c2ec060e9e26e0388c8831f01bbbc0c794fa94b6122aa2bb5e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.banknovo.com/integrations
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:44:12 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 27 Oct 2021 18:53:25 GMT
server
cloudflare-nginx
etag
W/"6179a025-8785"
x-frame-options
SAMEORIGIN
content-type
text/css
strict-transport-security
max-age=31536000; includeSubdomains; preload
vary
Accept-Encoding
x-xss-protection
1; mode=block
main.3122.css
app.banknovo.com/ 		107 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.banknovo.com/main.3122.css
Requested by
Host: app.banknovo.com
URL: https://app.banknovo.com/integrations
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.245.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-245-82.compute-1.amazonaws.com
Software
cloudflare-nginx /
Resource Hash
25e5a20259fbd0388e7d80048a9b2f47f39f70e3f1044ec6253f0f4ab5406f2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.banknovo.com/integrations
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:44:12 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 27 Oct 2021 18:53:25 GMT
server
cloudflare-nginx
etag
W/"6179a025-1ab58"
x-frame-options
SAMEORIGIN
content-type
text/css
strict-transport-security
max-age=31536000; includeSubdomains; preload
vary
Accept-Encoding
x-xss-protection
1; mode=block
vendor.b3ae.bundle.js
app.banknovo.com/ 		2 MB
635 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.banknovo.com/vendor.b3ae.bundle.js
Requested by
Host: app.banknovo.com
URL: https://app.banknovo.com/integrations
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.245.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-245-82.compute-1.amazonaws.com
Software
cloudflare-nginx /
Resource Hash
d3084cbc04f0551b062ac17782e5b332959f750d4971413ef227f324d1ae0a74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.banknovo.com/integrations
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:44:12 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 27 Oct 2021 18:53:25 GMT
server
cloudflare-nginx
etag
W/"6179a025-26d9a4"
x-frame-options
SAMEORIGIN
content-type
application/javascript
strict-transport-security
max-age=31536000; includeSubdomains; preload
vary
Accept-Encoding
x-xss-protection
1; mode=block
main.3122.bundle.js
app.banknovo.com/ 		357 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.banknovo.com/main.3122.bundle.js
Requested by
Host: app.banknovo.com
URL: https://app.banknovo.com/integrations
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.245.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-245-82.compute-1.amazonaws.com
Software
cloudflare-nginx /
Resource Hash
25999fa8cf35e1f201dfa225fa77b05798fdaa2a599ae85037b519b6eabb75b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.banknovo.com/integrations
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:44:12 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 27 Oct 2021 18:53:25 GMT
server
cloudflare-nginx
etag
W/"6179a025-59564"
x-frame-options
SAMEORIGIN
content-type
application/javascript
strict-transport-security
max-age=31536000; includeSubdomains; preload
vary
Accept-Encoding
x-xss-protection
1; mode=block
css2
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Muli:wght@300;400;600;700;800;900&display=swap
Requested by
Host: app.banknovo.com
URL: https://app.banknovo.com/main.3122.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
88ae1085486099a3b398d6e7c93c5ca4db16c92c15f1ae90ffbd9ea4cf003475
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.banknovo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 05:44:13 GMT
server
ESF
date
Wed, 03 Nov 2021 05:44:13 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Wed, 03 Nov 2021 05:44:13 GMT
analytics.min.js
cdn.segment.com/analytics.js/v1/QXLhItn0X2uoys94162TjqYXm2ioZyBo/ 		373 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/QXLhItn0X2uoys94162TjqYXm2ioZyBo/analytics.min.js
Requested by
Host: app.banknovo.com
URL: https://app.banknovo.com/integrations
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.0.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-0-85.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8b34200b2e3bab17293f35d91b507cd1f9e6b1ecff97813ab380e3fcbaae8aa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.banknovo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
CUuRekDVm4CD5FE3leavtAuSmQeLRPGJ
content-encoding
br
etag
W/"ce23351a71af39026207e0d3ced9728a"
x-amz-cf-pop
FRA6-C1
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
access-control-allow-origin
*
last-modified
Fri, 29 Oct 2021 03:48:11 GMT
server
AmazonS3
date
Wed, 03 Nov 2021 05:44:14 GMT
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
via
1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
cache-control
public, max-age=120
x-amz-cf-id
H1WQxAYSb6_t4NVyws1hd0hg1j6aJa50p6e3EhaJkzkx_GU9zL4uwg==
logo_b.svg
app.banknovo.com/assets/images/logo/ 		2 KB
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.banknovo.com/assets/images/logo/logo_b.svg
Requested by
Host: app.banknovo.com
URL: https://app.banknovo.com/integrations
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.245.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-245-82.compute-1.amazonaws.com
Software
cloudflare-nginx /
Resource Hash
d61e6279bf8bdcc2e834502f40e4f868fd54dded712f082b47457533889e3bac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.banknovo.com/integrations
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:44:13 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 27 Oct 2021 18:53:25 GMT
server
cloudflare-nginx
etag
W/"6179a025-861"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
strict-transport-security
max-age=31536000; includeSubdomains; preload
vary
Accept-Encoding
x-xss-protection
1; mode=block
404.svg
app.banknovo.com/assets/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.banknovo.com/assets/images/404.svg
Requested by
Host: app.banknovo.com
URL: https://app.banknovo.com/integrations
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.245.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-245-82.compute-1.amazonaws.com
Software
cloudflare-nginx /
Resource Hash
938c1783176bdf759fa8dedad41e181ecade4a41bbb140145ffe1e66a28c1891
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.banknovo.com/integrations
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:44:13 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 27 Oct 2021 18:53:25 GMT
server
cloudflare-nginx
etag
W/"6179a025-f88"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
strict-transport-security
max-age=31536000; includeSubdomains; preload
vary
Accept-Encoding
x-xss-protection
1; mode=block
bg_lines.svg
app.banknovo.com/assets/images/bg/ 		62 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.banknovo.com/assets/images/bg/bg_lines.svg
Requested by
Host: app.banknovo.com
URL: https://app.banknovo.com/main.3122.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.245.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-245-82.compute-1.amazonaws.com
Software
cloudflare-nginx /
Resource Hash
dd998af88aea46204c4107bff91d23e60a57dc8dfc9e30c5e5ad328360a4e573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.banknovo.com/main.3122.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:44:13 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 27 Oct 2021 18:53:25 GMT
server
cloudflare-nginx
etag
W/"6179a025-f648"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
strict-transport-security
max-age=31536000; includeSubdomains; preload
vary
Accept-Encoding
x-xss-protection
1; mode=block
7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v22/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v22/7Auwp_0qiz-afTLGLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Muli:wght@300;400;600;700;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f5315ed9f5e070e85a60e405d9aac92286319c20c2fcb39cc2d6c01090c652d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://app.banknovo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 18:20:47 GMT
x-content-type-options
nosniff
age
127406
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31120
x-xss-protection
0
last-modified
Wed, 15 Jul 2020 20:50:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 01 Nov 2022 18:20:47 GMT
/
o139498.ingest.sentry.io/api/1402941/store/ 		41 B
286 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o139498.ingest.sentry.io/api/1402941/store/?sentry_key=0fb95a5ba42c4253a4b9c652367e814d&sentry_version=7
Requested by
Host: app.banknovo.com
URL: https://app.banknovo.com/vendor.b3ae.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
84032bcda80df4b238a2fa0e4079e7aa6c19a910500757a32d88946dfe331ac4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://app.banknovo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 03 Nov 2021 05:44:13 GMT
via
1.1 google
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://app.banknovo.com
access-control-expose-headers
retry-after, x-sentry-error, x-sentry-rate-limits
x-envoy-upstream-service-time
1
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
clear
content-length
41
hotjar-1673198.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1673198.js?sv=6
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/QXLhItn0X2uoys94162TjqYXm2ioZyBo/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-92.fra56.r.cloudfront.net
Software
/
Resource Hash
ec3f6d9d7816e7d6e37fd2f71b4d14f1a3da19840bb69e9915abc0f8360f62bc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.banknovo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:44:14 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
FRA56-C2
etag
W/598169ed019bbc593cd4b576a375fde1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
content-length
1913
via
1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
x-amz-cf-id
mp3yh59Hs-rc2WPZvF-kWFGbHvjx_FZodMCgDWTM1kxUcm3fBDQckw==
p
api.segment.io/v1/ 		21 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: app.banknovo.com
URL: https://app.banknovo.com/vendor.b3ae.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.69.48.209 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-69-48-209.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer
https://app.banknovo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://app.banknovo.com
date
Wed, 03 Nov 2021 05:44:14 GMT
content-length
21
vary
Origin
content-type
application/json
track.js
assets.customer.io/assets/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.customer.io/assets/track.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/QXLhItn0X2uoys94162TjqYXm2ioZyBo/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.187.71 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
765618d1667ba791f2d492d121d2da42ff7d7e079a4773462a381ac9aceab0c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.banknovo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:44:14 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 23:16:41 GMT
server
NetDNA-cache/2.2
x-amz-request-id
ZGF3CMX08KBK4DE6
etag
W/"15e89eedddf82c193d5c3574b756f5a7"
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
x-amz-id-2
+1ma4i4dK612iOLfFDvaclkZTOHrbWp2FsqpyzcvqDbVm9bQnIUgWWYAjyUpsvX8//DJ3xFU+a4=
mixpanel-2-latest.min.js
cdn.mxpnl.com/libs/ 		75 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/QXLhItn0X2uoys94162TjqYXm2ioZyBo/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:498c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
07bf87548212f24057ba352fed5ec567dab724b44a7fc88ddc393cbc7706d033

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.banknovo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:39:27 GMT
content-encoding
gzip
age
287
x-guploader-uploadid
ADPycdvWCokoI07hkkERUOemGHBXsE_3hrf9D4tyY4Tpx3yrMA20-CXvQaP5cIS9eCDB-u-hNVqamxc9c22ZEoXRyA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
25572
last-modified
Thu, 28 Jan 2021 18:21:54 GMT
server
UploadServer
etag
"765779983eed1c9fc2821b4507eea08b"
vary
Accept-Encoding
x-goog-hash
crc32c=kP//+g==, md5=dld5mD7tHJ/CghtFB+6giw==
x-goog-generation
1611858114590219
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=600
x-goog-stored-content-length
25572
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 03 Nov 2021 05:49:27 GMT
modules.d4630e91cffbd6b56a37.js
script.hotjar.com/ 		222 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.d4630e91cffbd6b56a37.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1673198.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-49.fra56.r.cloudfront.net
Software
/
Resource Hash
dd8bce41d0be6d4e5449bef910b493bcf872a4189a361451102996bfe0082f3a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.banknovo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 10:41:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
500589
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59861
access-control-allow-origin
*
last-modified
Thu, 28 Oct 2021 10:40:59 GMT
etag
"fe2e85deda154f5a6e0e0112bec8a18c"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
RBfDYUQ16UnpkhnSP1qjb-npScbZ3-13e-JS3ETFQxLOtJZhyTWq6g==
/
api-js.mixpanel.com/track/ 		1 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.mixpanel.com/track/?ip=1&_=1635918254054
Requested by
Host: app.banknovo.com
URL: https://app.banknovo.com/vendor.b3ae.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.34.183 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
183.34.211.130.bc.googleusercontent.com
Software
envoy /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains

Request headers

Referer
https://app.banknovo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=604800; includeSubDomains
via
1.1 google
server
envoy
access-control-allow-headers
X-Requested-With
date
Wed, 03 Nov 2021 05:44:14 GMT
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://app.banknovo.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
19
alt-svc
clear
content-length
1
box-d09a446edefba0dcce5d5143e1840e9a.html
vars.hotjar.com/ Frame 4824 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-d09a446edefba0dcce5d5143e1840e9a.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1673198.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-26.fra53.r.cloudfront.net
Software
/
Resource Hash
69ae95b7f73e2899d0c398ed4fb9faba242bbec4d0a58b182e4dd0e7808f01ac

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://app.banknovo.com/

Response headers

content-type
text/html
content-length
1044
date
Wed, 20 Oct 2021 07:15:05 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"63e08f928469ab67d9dac30c065ed182"
last-modified
Wed, 20 Oct 2021 07:15:01 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
vgBiSJrlaElT4HifDzkvp9Rr6weyUshd8o2HbDJGpZoDNMuIIboHRg==
age
1204149
page.gif
track.customer.io/events/ 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.customer.io/events/page.gif?name=https%3A%2F%2Fapp.banknovo.com%2Fintegrations&data%5Bwidth%5D=1600&data%5Bheight%5D=1200&c=&s=5840f857-c9c4-49e6-bf9b-de9ef4bbc8ba&site_id=91ee0a9476996e0d2412&timestamp=1635918254161
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.225.220 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
220.225.227.35.bc.googleusercontent.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.banknovo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:44:14 GMT
via
1.1 google
access-control-allow-origin
*
content-type
image/gif
status
200 OK
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-transfer-encoding
binary
content-disposition
attachment
alt-svc
clear
content-length
35
page.gif
track.customer.io/events/ 		35 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.customer.io/events/page.gif?name=%2Fintegrations&data%5Bapp_name%5D=novo_web_app&data%5Burl%5D=https%3A%2F%2Fapp.banknovo.com%2Fintegrations&data%5Bpathname%5D=%2Fintegrations&data%5Breferrer%5D=&data%5Bdevice_id%5D=54d01316-687b-4069-bf99-275d6ca0911a-2660901976&data%5Bplatform%5D=web&data%5Buser_agent%5D=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F95.0.4638.54+Safari%2F537.36&data%5Bdevice_category%5D=Linux+x86_64&data%5Bdevice_memory%5D=8&data%5Bmaxtouchpoints%5D=0&data%5Btimezone%5D=Africa%2FAbidjan&data%5Bscreen_width%5D=1600&data%5Bscreen_height%5D=1200&data%5Bname%5D=%2Fintegrations&data%5Bpath%5D=%2Fintegrations&data%5Bsearch%5D=&data%5Btitle%5D=Novo+Web+App&c=&s=5840f857-c9c4-49e6-bf9b-de9ef4bbc8ba&site_id=91ee0a9476996e0d2412&timestamp=1635918254162
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.225.220 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
220.225.227.35.bc.googleusercontent.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.banknovo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:44:14 GMT
via
1.1 google
access-control-allow-origin
*
content-type
image/gif
status
200 OK
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-transfer-encoding
binary
content-disposition
attachment
alt-svc
clear
content-length
35

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| _castle object| analytics object| webpackJsonp object| SENTRY_RELEASE object| __SENTRY__ object| regeneratorRuntime function| ClientJS string| prevLocation number| eventTimestamp number| pageViewStartTimestamp object| _hjSelf function| hj object| _hjSettings object| _cio object| mixpanel function| normalize number| c_start object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules number| c_end

7 Cookies

Domain/Path Name / Value
.banknovo.com/ Name: novo_app_device_uuid
Value: 54d01316-687b-4069-bf99-275d6ca0911a
.banknovo.com/ Name: ajs_anonymous_id
Value: %225840f857-c9c4-49e6-bf9b-de9ef4bbc8ba%22
.banknovo.com/ Name: mp_e6b7260c61589c05a69a35e284409c09_mixpanel
Value: %7B%22distinct_id%22%3A%20%2217ce4538fdf73e-083b650168a109-57b193e-1d4c00-17ce4538fe0ac2%22%2C%22%24device_id%22%3A%20%2217ce4538fdf73e-083b650168a109-57b193e-1d4c00-17ce4538fe0ac2%22%2C%22mp_lib%22%3A%20%22Segment%3A%20web%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.banknovo.com/ Name: _hjid
Value: 2751f40b-c664-43bf-9b80-5255253b2725
.banknovo.com/ Name: _hjFirstSeen
Value: 1
.banknovo.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.banknovo.com/ Name: __cid
Value: pKDkfeI80wXg68Aa0QH1cEF_6etIp3KVlJfI4f7u_Kjoo7LXpq-PiIObmti3HcQMILacvZSljs-Qm8uMY1QV58eYnHVsK9uEkODg-t30_uH89-WnpbW0qLjM7eb09PP7sNXQqKGrqriru9Ph_q2ws7Djsry5u8X44Pfh3_X5z-HktLG7p7W3vrCzz8DE1siksPft4_W7w-3z8OuhsNjs-v_24aeprqq4vq-yu6i1sbywyOXu8entp6Wos6ajreiA86Llv_KosunnmIQDkA-MvfL45730_7IUiNLq_PX3pMHi8veo3-vh5tfXpM3-_O3m9T-Rub-qq7mprLSksKq2sqCrvrigu8XFP5OEPbFeMhpbm1eJTRkAb5Bwh3_aenV96mSGwFCbhIiQm4SIkJuEiJCbhIiQm4SIkJuEiJCbhIiQm4SIkJvEyNDbxMiQm4SIkJuEiJCbhIjQm4SIkJuEiJCbhIhv

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-js.mixpanel.com
api.segment.io
app.banknovo.com
assets.banknovo.com
assets.customer.io
cdn.mxpnl.com
cdn.segment.com
fonts.googleapis.com
fonts.gstatic.com
o139498.ingest.sentry.io
script.hotjar.com
static.hotjar.com
track.customer.io
vars.hotjar.com
xeroapp.banknovo.com
108.161.187.71
13.32.22.49
13.32.22.92
130.211.34.183
143.204.215.26
2600:1901:0:498c::
2a00:1450:4001:813::200a
2a00:1450:4001:827::2003
34.120.195.249
35.227.225.220
54.209.245.82
54.69.48.209
99.86.0.85
07bf87548212f24057ba352fed5ec567dab724b44a7fc88ddc393cbc7706d033
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
25999fa8cf35e1f201dfa225fa77b05798fdaa2a599ae85037b519b6eabb75b4
25e5a20259fbd0388e7d80048a9b2f47f39f70e3f1044ec6253f0f4ab5406f2c
38c56ab234358124e9483409c8f6745c20453f1c41c11ddd0e1795105be2dd0d
69ae95b7f73e2899d0c398ed4fb9faba242bbec4d0a58b182e4dd0e7808f01ac
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
765618d1667ba791f2d492d121d2da42ff7d7e079a4773462a381ac9aceab0c5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84032bcda80df4b238a2fa0e4079e7aa6c19a910500757a32d88946dfe331ac4
88ae1085486099a3b398d6e7c93c5ca4db16c92c15f1ae90ffbd9ea4cf003475
8b34200b2e3bab17293f35d91b507cd1f9e6b1ecff97813ab380e3fcbaae8aa0
8f5315ed9f5e070e85a60e405d9aac92286319c20c2fcb39cc2d6c01090c652d
938c1783176bdf759fa8dedad41e181ecade4a41bbb140145ffe1e66a28c1891
b778454c428b91af5839a327561626d24bdc01fca7f892b0d1955329c885f425
d3084cbc04f0551b062ac17782e5b332959f750d4971413ef227f324d1ae0a74
d61e6279bf8bdcc2e834502f40e4f868fd54dded712f082b47457533889e3bac
d92f3f6f70b71c2ec060e9e26e0388c8831f01bbbc0c794fa94b6122aa2bb5e6
dd8bce41d0be6d4e5449bef910b493bcf872a4189a361451102996bfe0082f3a
dd998af88aea46204c4107bff91d23e60a57dc8dfc9e30c5e5ad328360a4e573
ec3f6d9d7816e7d6e37fd2f71b4d14f1a3da19840bb69e9915abc0f8360f62bc