urlscan.io logo urlscan.io
SecurityTrails logo

app.venasecurity.com Open in urlscan Pro
18.245.86.123  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://auth.app.venasecurity.com/
Effective URL: https://app.venasecurity.com/
Submission: On July 26 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 5 domains to perform 17 HTTP transactions. The main IP is 18.245.86.123, located in United States and belongs to AMAZON-02, US. The main domain is app.venasecurity.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on May 28th 2024. Valid for: a year.
This is the only time app.venasecurity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
8 18.245.86.123 16509 (AMAZON-02)
1 18.66.102.53 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2600:1f16:abe... 16509 (AMAZON-02)
1 13.32.27.19 16509 (AMAZON-02)
1 18.239.36.61 16509 (AMAZON-02)
1 54.171.240.112 16509 (AMAZON-02)
1 52.95.18.19 16509 (AMAZON-02)
17 9
1    2606:4700::6813:a718 (United States)

ASN13335 (CLOUDFLARENET, US)
auth.app.venasecurity.com
8    18.245.86.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-123.fra60.r.cloudfront.net
app.venasecurity.com
1    18.66.102.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-53.fra56.r.cloudfront.net
static.hotjar.com
1    2606:4700::6812:1c1f (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-global.configcat.com
3    2600:1f16:abe:c802:47bb:d267:4e69:bed6 (Columbus, United States)

ASN16509 (AMAZON-02, US)
cognito-identity.us-east-2.amazonaws.com
1    13.32.27.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-19.fra56.r.cloudfront.net
script.hotjar.com
1    18.239.36.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-36-61.ams58.r.cloudfront.net
vc.hotjar.io
1    54.171.240.112 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-240-112.eu-west-1.compute.amazonaws.com
content.hotjar.io
1    52.95.18.19 (Columbus, United States)

ASN16509 (AMAZON-02, US)
sts.us-east-2.amazonaws.com
Apex Domain
Subdomains		 Transfer
9 venasecurity.com
auth.app.venasecurity.com
app.venasecurity.com
318 KB
4 amazonaws.com
cognito-identity.us-east-2.amazonaws.com — Cisco Umbrella Rank: 46284
sts.us-east-2.amazonaws.com — Cisco Umbrella Rank: 84644
4 KB
2 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 4716
content.hotjar.io — Cisco Umbrella Rank: 8904
403 B
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 1335
script.hotjar.com — Cisco Umbrella Rank: 2017
60 KB
1 configcat.com
cdn-global.configcat.com — Cisco Umbrella Rank: 24485
5 KB
17 5
Domain Requested by
8 app.venasecurity.com app.venasecurity.com
3 cognito-identity.us-east-2.amazonaws.com app.venasecurity.com
1 sts.us-east-2.amazonaws.com app.venasecurity.com
1 content.hotjar.io app.venasecurity.com
1 vc.hotjar.io app.venasecurity.com
1 script.hotjar.com static.hotjar.com
1 cdn-global.configcat.com app.venasecurity.com
1 static.hotjar.com app.venasecurity.com
1 auth.app.venasecurity.com 1 redirects
17 9

This site contains no links.

Subject Issuer Validity Valid
app.venasecurity.com
Amazon RSA 2048 M03		 2024-05-28 -
2025-06-26		 a year crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
*.configcat.com
GlobalSign GCC R6 AlphaSSL CA 2023		 2024-07-01 -
2025-08-02		 a year crt.sh
cognito-identity.us-east-2.amazonaws.com
Amazon RSA 2048 M03		 2024-04-07 -
2025-05-06		 a year crt.sh
*.hotjar.io
Amazon ECDSA 256 M02		 2024-02-07 -
2025-03-08		 a year crt.sh
sts.us-east-2.amazonaws.com
Amazon RSA 2048 M01		 2024-01-18 -
2025-01-14		 a year crt.sh

This page contains 1 frames:

Primary Page: https://app.venasecurity.com/
Frame ID: FC225E95FCFDD9ABE547E1DB273B6829
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Vena Security

Page URL History Show full URLs

  1. https://auth.app.venasecurity.com/ HTTP 302
    https://app.venasecurity.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

17
Requests

100 %
HTTPS

33 %
IPv6

5
Domains

9
Subdomains

9
IPs

2
Countries

387 kB
Transfer

1270 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://auth.app.venasecurity.com/ HTTP 302
    https://app.venasecurity.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
app.venasecurity.com/
Redirect Chain
  • https://auth.app.venasecurity.com/
  • https://app.venasecurity.com/
468 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.venasecurity.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-123.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
86219a94134d7629e3f2d0e1ea4e441d90170736c72b3e587dee01e41911846c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=0,no-cache,no-store,must-revalidate
content-length
468
content-type
text/html
date
Fri, 26 Jul 2024 18:13:56 GMT
etag
"1b4346718a4545df776f29141c719145"
last-modified
Fri, 26 Jul 2024 12:28:58 GMT
referrer-policy
strict-origin-when-cross-origin
server
AmazonS3
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 81cb77eb84eee291ebbd90b4c274c1c4.cloudfront.net (CloudFront)
x-amz-cf-id
uc6DDW_-vVidBrTCgid5umNc4QSwCOZM_HoqBOmdXHbUehEGeTFltQ==
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
x-amz-version-id
d9m0j5exg0d6aAzKly4qaXoPVPiv2quz
x-cache
RefreshHit from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

age
2
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=60
cf-cache-status
HIT
cf-ray
8a965dcc2d799948-FRA
content-type
text/html; charset=utf-8
date
Fri, 26 Jul 2024 18:13:55 GMT
location
https://app.venasecurity.com/
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept, Accept-Encoding
x-auth0-requestid
a9e6504d5ca74b261051
x-content-type-options
nosniff
index-Br8NeweC.js
app.venasecurity.com/assets/ 		943 KB
285 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.venasecurity.com/assets/index-Br8NeweC.js
Requested by
Host: app.venasecurity.com
URL: https://app.venasecurity.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-123.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9288d75b40acb58119082f41f757aa4df073d9831ee3993b1a9b243adfeedde4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.venasecurity.com/
Origin
https://app.venasecurity.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 12:42:44 GMT
x-amz-version-id
Uyk.pbZAxiuT3sE6wHULk9V2EqFP00HU
content-encoding
br
x-content-type-options
nosniff
via
1.1 81cb77eb84eee291ebbd90b4c274c1c4.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P6
age
19872
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 26 Jul 2024 12:28:58 GMT
server
AmazonS3
etag
W/"913f0accde32d06d7335a9f719f2ffb4"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
upDSurJ0wCZ0uzEXKaIUi1TGQ7A8r7VPWznnoQ5NyBRbxLrgiAG-ww==
index-uklw0mgM.css
app.venasecurity.com/assets/ 		54 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.venasecurity.com/assets/index-uklw0mgM.css
Requested by
Host: app.venasecurity.com
URL: https://app.venasecurity.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-123.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
46af94dc5bda4a2a385c0ea1c60010daedd0e1e5a3f4040a244f34195a63922a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.venasecurity.com/
Origin
https://app.venasecurity.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 12:42:44 GMT
x-amz-version-id
c_AnKZGxZPjbzyEdPC0Yhm7wR7tW4Rop
content-encoding
br
x-content-type-options
nosniff
via
1.1 81cb77eb84eee291ebbd90b4c274c1c4.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P6
age
19872
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 26 Jul 2024 12:28:58 GMT
server
AmazonS3
etag
W/"f94d1fbdb78c6074c5c226648f325852"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-amz-cf-id
UW40v48-kb6DXiougq86VpLjgMdU0CAjc7Mrc4o8u_b4ISAz-OjkdA==
hotjar-3503429.js
static.hotjar.com/c/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3503429.js?sv=6
Requested by
Host: app.venasecurity.com
URL: https://app.venasecurity.com/assets/index-Br8NeweC.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-53.fra56.r.cloudfront.net
Software
/
Resource Hash
c9557755f5156639e555e49b0eb708248e4dc70eee6f8922b571e8a5957d6ba9
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://app.venasecurity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 18:13:56 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
W/c46ea6878c960d2442b03794db6ff32b
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
PsGWgfzCjA-UHMy5qxU5tS9GJcPBDu-dOxX20Or8dMBSCIWlPuo3cg==
config_v6.json
cdn-global.configcat.com/configuration-files/configcat-sdk-1/A1LbCN5Dc0yKm9cnslfTKw/VpgYHIQo5UeKF0-9LX5NEg/ 		10 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn-global.configcat.com/configuration-files/configcat-sdk-1/A1LbCN5Dc0yKm9cnslfTKw/VpgYHIQo5UeKF0-9LX5NEg/config_v6.json?sdk=ConfigCat-JS/a-9.5.0
Requested by
Host: app.venasecurity.com
URL: https://app.venasecurity.com/assets/index-Br8NeweC.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29b2388325ed31ed576b185e5f9f100b524b9b863acb3d4157ff7af64fa0fb87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://app.venasecurity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 18:13:56 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 24 Jul 2024 11:15:42 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
3228
etag
W/"66a0e25e-2841"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range,ETag,Last-Modified,Date,Content-Encoding
cache-control
max-age=0, must-revalidate
cf-ray
8a965dd11de51c3e-FRA
/
cognito-identity.us-east-2.amazonaws.com/ 		63 B
317 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cognito-identity.us-east-2.amazonaws.com/
Requested by
Host: app.venasecurity.com
URL: https://app.venasecurity.com/assets/index-Br8NeweC.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f16:abe:c802:47bb:d267:4e69:bed6 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
86c8e9ca7f56cff1b463e2c6282b5aa16f85ab1bc5f0fe903a8dc863c6795983
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://app.venasecurity.com/
x-amz-target
AWSCognitoIdentityService.GetId
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/x-amz-json-1.1

Response headers

access-control-allow-origin
*
date
Fri, 26 Jul 2024 18:13:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-requestid
964f24a1-ce6d-4133-8fe6-86d3b45fe2fa
content-length
63
content-type
application/x-amz-json-1.1
LoginVena-DUYbZeVn.js
app.venasecurity.com/assets/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.venasecurity.com/assets/LoginVena-DUYbZeVn.js
Requested by
Host: app.venasecurity.com
URL: https://app.venasecurity.com/assets/index-Br8NeweC.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-123.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e85c00af8e3dab5e21ba21c4378755b460a300a0480c11187a946094b0047fb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://app.venasecurity.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 12:42:45 GMT
x-amz-version-id
IpebVimqly1dV0o0fD4XpgjzhFdpKqwl
content-encoding
br
x-content-type-options
nosniff
via
1.1 81cb77eb84eee291ebbd90b4c274c1c4.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P6
age
19871
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 26 Jul 2024 12:28:57 GMT
server
AmazonS3
etag
W/"6d68f4da8a7effeb4e67e7f00029ed48"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
vnBdLwLVD8eDZZ1ox2mnYIVNqM7j8MwgaqKerbpdTK1ebOjSEhnlOg==
BaseButton-CJcw8GoN.js
app.venasecurity.com/assets/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.venasecurity.com/assets/BaseButton-CJcw8GoN.js
Requested by
Host: app.venasecurity.com
URL: https://app.venasecurity.com/assets/index-Br8NeweC.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-123.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
639ffdd5e7f9d3e53c8176d18b8cd81387177a53a94e0d0e95760c732134ec51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://app.venasecurity.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 12:42:45 GMT
x-amz-version-id
XbI7HL0WujxJPB41B_fvTJvz.oKucx0K
content-encoding
br
x-content-type-options
nosniff
via
1.1 81cb77eb84eee291ebbd90b4c274c1c4.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P6
age
19871
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 26 Jul 2024 12:28:57 GMT
server
AmazonS3
etag
W/"8aaaac79d5233f2727ac033d0d14a881"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
oGUC0hnuEk0iH4RlfhaSIwWSQCWOjapdbwKTMAAy1-JObvJUN7cIMw==
BaseButton-Ks29eW9e.css
app.venasecurity.com/assets/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.venasecurity.com/assets/BaseButton-Ks29eW9e.css
Requested by
Host: app.venasecurity.com
URL: https://app.venasecurity.com/assets/index-Br8NeweC.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-123.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5458a39d53c5c41f5164b6d62fe8b9630e19e94b5667e836fc41d9ede34f8301
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.venasecurity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
rGe5VS1Bi8unHWdS1fGAWZVv_W1_uzpC
content-encoding
br
via
1.1 81cb77eb84eee291ebbd90b4c274c1c4.cloudfront.net (CloudFront)
date
Fri, 26 Jul 2024 18:13:57 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 24 Jul 2024 11:47:02 GMT
server
AmazonS3
etag
W/"f5929f07dd46b09d66e843f5c5f646cf"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-amz-cf-id
btYLwVFbxeAxDEGXIPAo5hJ_jnLiTgfcUDxjJH-QGDRQuPIB0f6hSQ==
LoginVena-BsLzcJS2.css
app.venasecurity.com/assets/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.venasecurity.com/assets/LoginVena-BsLzcJS2.css
Requested by
Host: app.venasecurity.com
URL: https://app.venasecurity.com/assets/index-Br8NeweC.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-123.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4f669e1b83a6e24f3ca10a3c8b9f7ef0df0c241c1aa8fd90ff399185baaaddc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.venasecurity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
DAbiHEvW54siz6qQpiFUqWttPZdOG.6J
content-encoding
br
via
1.1 81cb77eb84eee291ebbd90b4c274c1c4.cloudfront.net (CloudFront)
date
Fri, 26 Jul 2024 18:13:57 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 24 Jul 2024 11:47:02 GMT
server
AmazonS3
etag
W/"aaa8017b9b45d5325b8449a61e2ee3ec"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-amz-cf-id
gQ6I9VNtGwu-6YFltn8cZcmeZg7pGNJF-_KgESA8iIQYbpaqABTC9Q==
/
cognito-identity.us-east-2.amazonaws.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cognito-identity.us-east-2.amazonaws.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f16:abe:c802:47bb:d267:4e69:bed6 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-amz-target
Access-Control-Request-Method
POST
Origin
https://app.venasecurity.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-amz-target
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
access-control-max-age
172800
content-length
0
date
Fri, 26 Jul 2024 18:13:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-amzn-requestid
0b39097f-8ae7-46d5-a16a-30213f3f4161
modules.6c69b5997f314810cfe8.js
script.hotjar.com/ 		223 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.6c69b5997f314810cfe8.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3503429.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-19.fra56.r.cloudfront.net
Software
/
Resource Hash
228d8e3efcde37de9193685d1f5aba49a0c508b3b14b83af774e7aae6bd44b42
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://app.venasecurity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 09:41:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 08b9c2fd11813ffdb8fa03129d0a465c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
289969
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56293
last-modified
Tue, 23 Jul 2024 09:40:30 GMT
etag
"30c513084f4759247a82ab90e6ffe4cb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
JNeFeV-XHP1Yl0KK7PZ0dabML7znDz4zYgltZjzECBbe46aTWX8WqQ==
3503429
vc.hotjar.io/sessions/ 		0
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/3503429?s=0.25&r=0.2215412638968577
Requested by
Host: app.venasecurity.com
URL: https://app.venasecurity.com/assets/index-Br8NeweC.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.36.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-36-61.ams58.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://app.venasecurity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 26 Jul 2024 18:13:56 GMT
cache-control
no-store
via
1.1 eefbd9216704235f6900c0fa85615204.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P2
x-amz-cf-id
y0TXInIdif_guzuigxjsgw_N1qERfKmnJTiSpGgTihMV5FCS-YuR-w==
x-cache
Miss from cloudfront
/
content.hotjar.io/ 		56 B
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.hotjar.io/?site_id=3503429&gzip=1
Requested by
Host: app.venasecurity.com
URL: https://app.venasecurity.com/assets/index-Br8NeweC.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.171.240.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-240-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4a4580312451682bae47b74f135e7dbf57a0cc55be8c09c79a76f01b6fc832c1

Request headers

Referer
https://app.venasecurity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 26 Jul 2024 18:13:56 GMT
content-length
56
access-control-max-age
86400
content-type
application/json
truncated
/ 		1023 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4a58643d81e9bb411ac622f119acd7c6b2ac00b117bfe9da32d359bb73044c42

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a296e71eb97d5fb25a12c0d39959e80c485c0d701fe1e831dd3768d201b5dce7

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
favicon-vena.ico
app.venasecurity.com/ 		15 KB
16 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://app.venasecurity.com/favicon-vena.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-123.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
503c3e30136ffba7bed723afd4a41e462aa283998c74f0aaf618147df0db9761
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.venasecurity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 13:22:23 GMT
x-amz-version-id
m_q.lIeE3X414xoXtfDRcNPq5mH3eTBK
via
1.1 81cb77eb84eee291ebbd90b4c274c1c4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P6
age
17494
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
15406
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 26 Jul 2024 12:28:58 GMT
server
AmazonS3
etag
"17d30239f6b7b4bb39fe3cbfa0a5c937"
x-frame-options
SAMEORIGIN
content-type
image/vnd.microsoft.icon
accept-ranges
bytes
x-amz-cf-id
98A7FN4wzpQnDYszJbHHlfvEJ9-MQRg5DLwtw2JqlbjoieS_QL2o0w==
/
cognito-identity.us-east-2.amazonaws.com/ 		997 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cognito-identity.us-east-2.amazonaws.com/
Requested by
Host: app.venasecurity.com
URL: https://app.venasecurity.com/assets/index-Br8NeweC.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f16:abe:c802:47bb:d267:4e69:bed6 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
dc17a10933d1602f3dc2f29900a653e9c6ca8d2c285f368dbf42cc4401436671
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://app.venasecurity.com/
x-amz-target
AWSCognitoIdentityService.GetOpenIdToken
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/x-amz-json-1.1

Response headers

access-control-allow-origin
*
date
Fri, 26 Jul 2024 18:13:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-requestid
276a1f0f-4d13-48e6-be6d-ac8a6f231b6c
content-length
997
content-type
application/x-amz-json-1.1
/
sts.us-east-2.amazonaws.com/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sts.us-east-2.amazonaws.com/
Requested by
Host: app.venasecurity.com
URL: https://app.venasecurity.com/assets/index-Br8NeweC.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.95.18.19 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
3090a8829c712ce7a28f8301450c6dccfd8da1f2067f0e3628bb7f47dc56fbaf

Request headers

Referer
https://app.venasecurity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
Date
Fri, 26 Jul 2024 18:13:56 GMT
x-amzn-RequestId
1ac7e2ce-f8b7-4f83-bd40-9c221de805c9
Content-Length
2035
Content-Type
text/xml

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ object| Vue3Toastify boolean| __VUE__ function| hj object| _hjSettings object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled

4 Cookies

Domain/Path Name / Value
.app.venasecurity.com/ Name: cwr_u
Value: 02e97c60-4a4d-4ea9-9232-1425407e0cdf
.venasecurity.com/ Name: _hjSessionUser_3503429
Value: eyJpZCI6ImNlNDRmMjcxLWYzOGMtNTJhMy05ZmVkLWVmNjVmZTM0MmMwOCIsImNyZWF0ZWQiOjE3MjIwMTc2MzYxMzQsImV4aXN0aW5nIjp0cnVlfQ==
.venasecurity.com/ Name: _hjSession_3503429
Value: eyJpZCI6IjcwMmI4NjI1LTQ1ZWUtNDMyYy04MmUyLWU0MTQ2ZmE1MGM0MiIsImMiOjE3MjIwMTc2MzYxMzUsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
.app.venasecurity.com/ Name: cwr_s
Value: eyJzZXNzaW9uSWQiOiIzYWU0NWQ1NC1iMzEyLTRkNWYtOWM3NS00ZThmMWU0ZDVlYTMiLCJyZWNvcmQiOnRydWUsImV2ZW50Q291bnQiOjEyLCJwYWdlIjp7InBhZ2VJZCI6Ii8iLCJpbnRlcmFjdGlvbiI6MCwicmVmZXJyZXIiOiIiLCJyZWZlcnJlckRvbWFpbiI6IiIsInN0YXJ0IjoxNzIyMDE3NjM1OTI4fX0=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.venasecurity.com
auth.app.venasecurity.com
cdn-global.configcat.com
cognito-identity.us-east-2.amazonaws.com
content.hotjar.io
script.hotjar.com
static.hotjar.com
sts.us-east-2.amazonaws.com
vc.hotjar.io
13.32.27.19
18.239.36.61
18.245.86.123
18.66.102.53
2600:1f16:abe:c802:47bb:d267:4e69:bed6
2606:4700::6812:1c1f
2606:4700::6813:a718
52.95.18.19
54.171.240.112
228d8e3efcde37de9193685d1f5aba49a0c508b3b14b83af774e7aae6bd44b42
29b2388325ed31ed576b185e5f9f100b524b9b863acb3d4157ff7af64fa0fb87
3090a8829c712ce7a28f8301450c6dccfd8da1f2067f0e3628bb7f47dc56fbaf
46af94dc5bda4a2a385c0ea1c60010daedd0e1e5a3f4040a244f34195a63922a
4a4580312451682bae47b74f135e7dbf57a0cc55be8c09c79a76f01b6fc832c1
4a58643d81e9bb411ac622f119acd7c6b2ac00b117bfe9da32d359bb73044c42
4f669e1b83a6e24f3ca10a3c8b9f7ef0df0c241c1aa8fd90ff399185baaaddc4
503c3e30136ffba7bed723afd4a41e462aa283998c74f0aaf618147df0db9761
5458a39d53c5c41f5164b6d62fe8b9630e19e94b5667e836fc41d9ede34f8301
639ffdd5e7f9d3e53c8176d18b8cd81387177a53a94e0d0e95760c732134ec51
86219a94134d7629e3f2d0e1ea4e441d90170736c72b3e587dee01e41911846c
86c8e9ca7f56cff1b463e2c6282b5aa16f85ab1bc5f0fe903a8dc863c6795983
9288d75b40acb58119082f41f757aa4df073d9831ee3993b1a9b243adfeedde4
a296e71eb97d5fb25a12c0d39959e80c485c0d701fe1e831dd3768d201b5dce7
c9557755f5156639e555e49b0eb708248e4dc70eee6f8922b571e8a5957d6ba9
dc17a10933d1602f3dc2f29900a653e9c6ca8d2c285f368dbf42cc4401436671
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e85c00af8e3dab5e21ba21c4378755b460a300a0480c11187a946094b0047fb2