urlscan.io logo urlscan.io
SecurityTrails logo

id.anduin.app Open in urlscan Pro
2606:4700:3032::6815:544c  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://pgim.anduin.io/
Effective URL: https://id.anduin.app/
Submission: On October 14 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 20 HTTP transactions. The main IP is 2606:4700:3032::6815:544c, located in United States and belongs to CLOUDFLARENET, US. The main domain is id.anduin.app.
TLS certificate: Issued by WE1 on August 17th 2024. Valid for: 3 months.
This is the only time id.anduin.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 18.233.247.132 14618 (AMAZON-AES)
1 12 2606:4700:303... 13335 (CLOUDFLAR...)
7 2606:4700:303... 13335 (CLOUDFLAR...)
1 52.217.195.137 16509 (AMAZON-02)
20 4
Apex Domain
Subdomains		 Transfer
19 anduin.app
cdn.anduin.app
id.anduin.app
1 MB
2 anduin.io
pgim.anduin.io
9 KB
1 amazonaws.com
gondor-public-document-production.s3.amazonaws.com
11 KB
20 3
Domain Requested by
12 cdn.anduin.app pgim.anduin.io
id.anduin.app
7 id.anduin.app 1 redirects cdn.anduin.app
2 pgim.anduin.io 1 redirects
1 gondor-public-document-production.s3.amazonaws.com
20 4

This site contains links to these domains. Also see Links.

Domain
www.anduintransact.com
Subject Issuer Validity Valid
*.anduin.io
Amazon RSA 2048 M03		 2024-01-03 -
2025-02-01		 a year crt.sh
cdn.anduin.app
WE1		 2024-09-17 -
2024-12-16		 3 months crt.sh
fundsub.anduin.app
WE1		 2024-08-17 -
2024-11-15		 3 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2024-04-22 -
2025-04-07		 a year crt.sh

This page contains 1 frames:

Primary Page: https://id.anduin.app/
Frame ID: 843AA4542BA3B28D877F37E85015C9DF
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Log in | Anduin Transactions

Page URL History Show full URLs

  1. https://pgim.anduin.io/ Page URL
  2. https://pgim.anduin.io/account/start-login?redirect=aHR0cHM6Ly9wZ2ltLmFuZHVpbi5pby8= HTTP 302
    https://id.anduin.app/account/login?redirect=aHR0cHM6Ly9wZ2ltLmFuZHVpbi5pby8%3D HTTP 302
    https://id.anduin.app/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

20
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

4
IPs

1
Countries

1495 kB
Transfer

7909 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://pgim.anduin.io/ Page URL
  2. https://pgim.anduin.io/account/start-login?redirect=aHR0cHM6Ly9wZ2ltLmFuZHVpbi5pby8= HTTP 302
    https://id.anduin.app/account/login?redirect=aHR0cHM6Ly9wZ2ltLmFuZHVpbi5pby8%3D HTTP 302
    https://id.anduin.app/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
pgim.anduin.io/ 		8 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pgim.anduin.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.247.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-247-132.compute-1.amazonaws.com
Software
/
Resource Hash
3053e117136e3c6b9e58628fe33f8dbfc2c83510092a9a82d91eb77e4227fcb5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none' script-src 'unsafe-hashes' 'sha256-W3V8uShcdBEVnHuJ8xQoqAbK8aWLOpqwIRumr7u+mpI=' 'sha256-tmnz5oMxlWC+F49xDiTqCp3X5WGHAJcMZf/FMVAkhq4=' https: https://cdn.anduin.app 'self'
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-store
content-length
8355
content-security-policy
frame-ancestors 'none' script-src 'unsafe-hashes' 'sha256-W3V8uShcdBEVnHuJ8xQoqAbK8aWLOpqwIRumr7u+mpI=' 'sha256-tmnz5oMxlWC+F49xDiTqCp3X5WGHAJcMZf/FMVAkhq4=' https: https://cdn.anduin.app 'self'
content-type
text/html; charset=UTF-8
date
Mon, 14 Oct 2024 19:20:45 GMT
referrer-policy
strict-origin
strict-transport-security
max-age=31536000;includeSubDomains
x-anduin-request-id
5e423cbd-4e69-4943-843e-79c8981ba60b
x-content-type-options
nosniff
main-beta-314.0-candidate-22-fabec6.css
cdn.anduin.app/beta-314.0-candidate-22-fabec6/web/gondor/stylesheets/ 		639 KB
67 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.anduin.app/beta-314.0-candidate-22-fabec6/web/gondor/stylesheets/main-beta-314.0-candidate-22-fabec6.css
Requested by
Host: pgim.anduin.io
URL: https://pgim.anduin.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:544c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd4bcd5746fb3fca8826c1dc9973fd10239e2aaf0d251480685c85c7011619da
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://pgim.anduin.io/

Response headers

strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
content-encoding
br
cf-cache-status
HIT
etag
W/"15660192432b8c1706557820c025b17d"
age
18859
x-content-type-options
nosniff
cf-ray
8d29edb3e8d31da8-FRA
date
Mon, 14 Oct 2024 19:20:45 GMT
content-type
text/css
last-modified
Thu, 10 Oct 2024 05:08:28 GMT
vary
Accept-Encoding
server
cloudflare
parser.min.js
cdn.anduin.app/beta-314.0-candidate-22-fabec6/web/gondor/js/uaparser/ 		495 B
398 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.anduin.app/beta-314.0-candidate-22-fabec6/web/gondor/js/uaparser/parser.min.js
Requested by
Host: pgim.anduin.io
URL: https://pgim.anduin.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:544c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd35473a5492df9b389e0d268277e5faa48d9797e42af0a50b2dc79b301e94af
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://pgim.anduin.io/

Response headers

strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
content-encoding
br
cf-cache-status
HIT
etag
W/"e14aa2b686cf146c94ece4b160f5a428"
age
18859
x-content-type-options
nosniff
cf-ray
8d29edb3e8d71da8-FRA
date
Mon, 14 Oct 2024 19:20:45 GMT
content-type
text/javascript
last-modified
Thu, 10 Oct 2024 05:08:28 GMT
vary
Accept-Encoding
server
cloudflare
stargazerJsBuildInfo-beta-314.0-candidate-22-fabec6.js
cdn.anduin.app/beta-314.0-candidate-22-fabec6/web/gondor/ 		588 B
403 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.anduin.app/beta-314.0-candidate-22-fabec6/web/gondor/stargazerJsBuildInfo-beta-314.0-candidate-22-fabec6.js
Requested by
Host: pgim.anduin.io
URL: https://pgim.anduin.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:544c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30dff2f138dcbf89b279868c4b1929ccf89c0e1d127095f3796aa4210806ee85
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://pgim.anduin.io/

Response headers

strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
content-encoding
br
cf-cache-status
HIT
etag
W/"20a55b323ce24f062694ce8ee76c29df"
age
18859
x-content-type-options
nosniff
cf-ray
8d29edb3e8d91da8-FRA
date
Mon, 14 Oct 2024 19:20:45 GMT
content-type
text/javascript
last-modified
Thu, 10 Oct 2024 05:08:28 GMT
vary
Accept-Encoding
server
cloudflare
anduinbootstrap-beta-314.0-candidate-22-fabec6.js
cdn.anduin.app/beta-314.0-candidate-22-fabec6/web/js/bootstrap/ 		2 KB
895 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.anduin.app/beta-314.0-candidate-22-fabec6/web/js/bootstrap/anduinbootstrap-beta-314.0-candidate-22-fabec6.js
Requested by
Host: pgim.anduin.io
URL: https://pgim.anduin.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:544c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bd04b1762662c479aa4cf9ea1eb7f851694a3505e7ba12067d4969147defc11
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://pgim.anduin.io/

Response headers

strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
content-encoding
br
cf-cache-status
HIT
etag
W/"78b10696ea022ec38fc57e44e6cf0852"
age
11489
x-content-type-options
nosniff
cf-ray
8d29edb3e8d51da8-FRA
date
Mon, 14 Oct 2024 19:20:45 GMT
content-type
text/javascript
last-modified
Thu, 10 Oct 2024 05:08:28 GMT
vary
Accept-Encoding
server
cloudflare
Primary Request /
id.anduin.app/
Redirect Chain
  • https://pgim.anduin.io/account/start-login?redirect=aHR0cHM6Ly9wZ2ltLmFuZHVpbi5pby8=
  • https://id.anduin.app/account/login?redirect=aHR0cHM6Ly9wZ2ltLmFuZHVpbi5pby8%3D
  • https://id.anduin.app/
8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://id.anduin.app/
Requested by
Host: cdn.anduin.app
URL: https://cdn.anduin.app/beta-314.0-candidate-22-fabec6/web/js/bootstrap/anduinbootstrap-beta-314.0-candidate-22-fabec6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:544c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cb9600ac1ddb7f4dcf53ad8ecbe2d62a19f722c638e2cc3bafcfc038b4dbc89
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none' script-src 'unsafe-hashes' 'sha256-2r9nlioHOR1b9MoWsmdMj4wrW71owu8+VakcLeqQR9k=' 'sha256-tmnz5oMxlWC+F49xDiTqCp3X5WGHAJcMZf/FMVAkhq4=' https: https://cdn.anduin.app 'self'
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://pgim.anduin.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-store
cf-cache-status
BYPASS
cf-ray
8d29edb94ecc3801-FRA
content-encoding
gzip
content-security-policy
frame-ancestors 'none' script-src 'unsafe-hashes' 'sha256-2r9nlioHOR1b9MoWsmdMj4wrW71owu8+VakcLeqQR9k=' 'sha256-tmnz5oMxlWC+F49xDiTqCp3X5WGHAJcMZf/FMVAkhq4=' https: https://cdn.anduin.app 'self'
content-security-policy-report-only
script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=r9orEt.Be3sUzb5EO4vx8uY2ChYBtMIKFG2YJfmyNZY-1728933646-1.0.1.1-3DZPk4GR4pdMM75IBVbxm8SnZ6tk6RAI8vBdp.IB39kCwvds31egpB0XHT5CeD9ub_c4NTgrqX.t6d5P_7sRYJAwik4zTm6afSI2Im1xQ4ke6Xsos2XdYP30FmYtx0KzcG0PBri8P4SuZz6Jcin4Sg; report-to cf-csp-endpoint
content-type
text/html; charset=UTF-8
date
Mon, 14 Oct 2024 19:20:46 GMT
referrer-policy
strict-origin
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=r9orEt.Be3sUzb5EO4vx8uY2ChYBtMIKFG2YJfmyNZY-1728933646-1.0.1.1-3DZPk4GR4pdMM75IBVbxm8SnZ6tk6RAI8vBdp.IB39kCwvds31egpB0XHT5CeD9ub_c4NTgrqX.t6d5P_7sRYJAwik4zTm6afSI2Im1xQ4ke6Xsos2XdYP30FmYtx0KzcG0PBri8P4SuZz6Jcin4Sg"}],"group":"cf-csp-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=15552000
vary
Accept-Encoding
x-anduin-request-id
614a4a05-0435-4ff2-81fb-5c2414c98ba6
x-content-type-options
nosniff

Redirect headers

cache-control
no-store
cf-cache-status
MISS
cf-ray
8d29edb5ba523801-FRA
content-length
0
date
Mon, 14 Oct 2024 19:20:46 GMT
location
https://id.anduin.app/#/login/aHR0cHM6Ly9wZ2ltLmFuZHVpbi5pby8=/gofgd00
referrer-policy
strict-origin
server
cloudflare
strict-transport-security
max-age=15552000
vary
Accept-Encoding
x-anduin-request-id
0b0bbe51-5475-4452-94e7-98b42fb14ae7
x-content-type-options
nosniff
logo.svg
cdn.anduin.app/beta-314.0-candidate-22-fabec6/web/gondor/images/ 		695 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.anduin.app/beta-314.0-candidate-22-fabec6/web/gondor/images/logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:544c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://pgim.anduin.io/

Response headers

strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
content-encoding
br
cf-cache-status
HIT
etag
W/"3ea4db7cab25a4f508d83d1511fdd3a2"
age
5590
x-content-type-options
nosniff
cf-ray
8d29edb4a9fa1da8-FRA
date
Mon, 14 Oct 2024 19:20:45 GMT
content-type
image/svg+xml
last-modified
Thu, 10 Oct 2024 05:08:26 GMT
vary
Accept-Encoding
server
cloudflare
main-beta-314.0-candidate-22-fabec6.css
cdn.anduin.app/beta-314.0-candidate-22-fabec6/web/gondor/stylesheets/ 		639 KB
67 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.anduin.app/beta-314.0-candidate-22-fabec6/web/gondor/stylesheets/main-beta-314.0-candidate-22-fabec6.css
Requested by
Host: id.anduin.app
URL: https://id.anduin.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:bca6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd4bcd5746fb3fca8826c1dc9973fd10239e2aaf0d251480685c85c7011619da
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://id.anduin.app/

Response headers

strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
content-encoding
br
cf-cache-status
HIT
etag
W/"15660192432b8c1706557820c025b17d"
age
18860
x-content-type-options
nosniff
cf-ray
8d29edbc293fd288-FRA
date
Mon, 14 Oct 2024 19:20:46 GMT
content-type
text/css
last-modified
Thu, 10 Oct 2024 05:08:28 GMT
vary
Accept-Encoding
server
cloudflare
parser.min.js
cdn.anduin.app/beta-314.0-candidate-22-fabec6/web/gondor/js/uaparser/ 		495 B
393 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.anduin.app/beta-314.0-candidate-22-fabec6/web/gondor/js/uaparser/parser.min.js
Requested by
Host: id.anduin.app
URL: https://id.anduin.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:bca6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd35473a5492df9b389e0d268277e5faa48d9797e42af0a50b2dc79b301e94af
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://id.anduin.app/

Response headers

strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
content-encoding
br
cf-cache-status
HIT
etag
W/"e14aa2b686cf146c94ece4b160f5a428"
age
18860
x-content-type-options
nosniff
cf-ray
8d29edbc2941d288-FRA
date
Mon, 14 Oct 2024 19:20:46 GMT
content-type
text/javascript
last-modified
Thu, 10 Oct 2024 05:08:28 GMT
vary
Accept-Encoding
server
cloudflare
stargazerJsBuildInfo-beta-314.0-candidate-22-fabec6.js
cdn.anduin.app/beta-314.0-candidate-22-fabec6/web/gondor/ 		588 B
565 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.anduin.app/beta-314.0-candidate-22-fabec6/web/gondor/stargazerJsBuildInfo-beta-314.0-candidate-22-fabec6.js
Requested by
Host: id.anduin.app
URL: https://id.anduin.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:bca6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30dff2f138dcbf89b279868c4b1929ccf89c0e1d127095f3796aa4210806ee85
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://id.anduin.app/

Response headers

strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
content-encoding
br
cf-cache-status
HIT
etag
W/"20a55b323ce24f062694ce8ee76c29df"
age
18860
x-content-type-options
nosniff
cf-ray
8d29edbc2945d288-FRA
date
Mon, 14 Oct 2024 19:20:46 GMT
content-type
text/javascript
last-modified
Thu, 10 Oct 2024 05:08:28 GMT
vary
Accept-Encoding
server
cloudflare
anduinbootstrap-beta-314.0-candidate-22-fabec6.js
cdn.anduin.app/beta-314.0-candidate-22-fabec6/web/js/bootstrap/ 		2 KB
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.anduin.app/beta-314.0-candidate-22-fabec6/web/js/bootstrap/anduinbootstrap-beta-314.0-candidate-22-fabec6.js
Requested by
Host: id.anduin.app
URL: https://id.anduin.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:bca6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bd04b1762662c479aa4cf9ea1eb7f851694a3505e7ba12067d4969147defc11
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://id.anduin.app/

Response headers

strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
content-encoding
br
cf-cache-status
HIT
etag
W/"78b10696ea022ec38fc57e44e6cf0852"
age
18860
x-content-type-options
nosniff
cf-ray
8d29edbc2948d288-FRA
date
Mon, 14 Oct 2024 19:20:46 GMT
content-type
text/javascript
last-modified
Thu, 10 Oct 2024 05:08:28 GMT
vary
Accept-Encoding
server
cloudflare
heimdall-opt-bundle-beta-314.0-candidate-22-fabec6.min.js
cdn.anduin.app/beta-314.0-candidate-22-fabec6/web/heimdall/ 		6 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.anduin.app/beta-314.0-candidate-22-fabec6/web/heimdall/heimdall-opt-bundle-beta-314.0-candidate-22-fabec6.min.js
Requested by
Host: id.anduin.app
URL: https://id.anduin.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:bca6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fa44419a2f42a998e68dfea9baeec2bc3865b92c8c2397dac57ca09ae8e94f3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://id.anduin.app
Referer
https://id.anduin.app/

Response headers

strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
content-encoding
br
cf-cache-status
HIT
etag
W/"2560e484b6e2e746524e523678c1d6d0"
age
5586
x-content-type-options
nosniff
cf-ray
8d29edbcfaabdbd4-FRA
access-control-allow-origin
https://id.anduin.app
date
Mon, 14 Oct 2024 19:20:46 GMT
content-type
text/javascript
last-modified
Thu, 10 Oct 2024 05:08:28 GMT
vary
Origin, Accept-Encoding
server
cloudflare
logo.svg
cdn.anduin.app/beta-314.0-candidate-22-fabec6/web/gondor/images/ 		695 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.anduin.app/beta-314.0-candidate-22-fabec6/web/gondor/images/logo.svg
Requested by
Host: id.anduin.app
URL: https://id.anduin.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:bca6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a834667dbfe6f8bdbc0c230852ed90bb7b00be47c6251f92e4eb604d0c730a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://id.anduin.app/

Response headers

strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
content-encoding
br
cf-cache-status
HIT
etag
W/"3ea4db7cab25a4f508d83d1511fdd3a2"
age
5591
x-content-type-options
nosniff
cf-ray
8d29edbcdc7bd288-FRA
date
Mon, 14 Oct 2024 19:20:46 GMT
content-type
image/svg+xml
last-modified
Thu, 10 Oct 2024 05:08:26 GMT
vary
Accept-Encoding
server
cloudflare
favicon.png
cdn.anduin.app/beta-314.0-candidate-22-fabec6/web/gondor/images/ 		555 B
699 B 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.anduin.app/beta-314.0-candidate-22-fabec6/web/gondor/images/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:bca6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
397e0a21af6b4930e0a34339f98ac7cfbdb340022e715363dcf99d95f1ce1402
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://id.anduin.app/

Response headers

strict-transport-security
max-age=15552000
cache-control
public, max-age=14400
content-encoding
br
cf-cache-status
HIT
etag
W/"1ace799d813c9e2a51687fe3b372dd6a"
age
23114
x-content-type-options
nosniff
cf-ray
8d29edc12eb5d288-FRA
date
Mon, 14 Oct 2024 19:20:47 GMT
content-type
image/png
last-modified
Thu, 10 Oct 2024 05:08:22 GMT
vary
Accept-Encoding
server
cloudflare
standalone-app
id.anduin.app/api/v3/ 		109 B
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.anduin.app/api/v3/standalone-app
Requested by
Host: cdn.anduin.app
URL: https://cdn.anduin.app/beta-314.0-candidate-22-fabec6/web/heimdall/heimdall-opt-bundle-beta-314.0-candidate-22-fabec6.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:544c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57e04de7d8b91f75ce4d5b759c51b3c4904f3e4189bfb1bd1df0723e2f87256e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://id.anduin.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json
X-Anduin-Tab-Id
fd0cfe96-35ce-4542-9bf6-9ee737232970
X-Anduin-Request-Id
f7cee5b2-d974-4e26-9fef-14a9602ff650

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache
access-control-expose-headers
*
content-encoding
gzip
cf-cache-status
DYNAMIC
x-anduin-request-id
f7cee5b2-d974-4e26-9fef-14a9602ff650
referrer-policy
strict-origin
x-content-type-options
nosniff
cf-ray
8d29edc1390a3801-FRA
access-control-allow-origin
*
date
Mon, 14 Oct 2024 19:20:47 GMT
content-type
application/json
server
cloudflare
verify-cookie
id.anduin.app/api/v3/bifrost-authentication/ 		21 B
134 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.anduin.app/api/v3/bifrost-authentication/verify-cookie
Requested by
Host: cdn.anduin.app
URL: https://cdn.anduin.app/beta-314.0-candidate-22-fabec6/web/heimdall/heimdall-opt-bundle-beta-314.0-candidate-22-fabec6.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:544c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c94d0c16fe473a7408f1b86c64d45295b80b6dd0e2838a28cac7648b592ef988
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://id.anduin.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json
X-Anduin-Tab-Id
fd0cfe96-35ce-4542-9bf6-9ee737232970
X-Anduin-Request-Id
98f6400d-fafe-452e-a922-a8d84745806f

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache
access-control-expose-headers
*
cf-cache-status
DYNAMIC
x-anduin-request-id
98f6400d-fafe-452e-a922-a8d84745806f
referrer-policy
strict-origin
x-content-type-options
nosniff
cf-ray
8d29edc4bdd33801-FRA
access-control-allow-origin
*
content-length
21
date
Mon, 14 Oct 2024 19:20:48 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
get-whitelabel-data
id.anduin.app/api/v3/bifrost-environment/ 		377 B
408 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.anduin.app/api/v3/bifrost-environment/get-whitelabel-data
Requested by
Host: cdn.anduin.app
URL: https://cdn.anduin.app/beta-314.0-candidate-22-fabec6/web/heimdall/heimdall-opt-bundle-beta-314.0-candidate-22-fabec6.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:544c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d012ffe4a4e8a4a3a27de9084a8719690034878ed160da1f0a627963a040574e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://id.anduin.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json
X-Anduin-Tab-Id
fd0cfe96-35ce-4542-9bf6-9ee737232970
X-Anduin-Request-Id
8d3c64d4-35a6-4459-98f2-53cb49cc7f0e

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache
access-control-expose-headers
*
content-encoding
gzip
cf-cache-status
DYNAMIC
x-anduin-request-id
8d3c64d4-35a6-4459-98f2-53cb49cc7f0e
referrer-policy
strict-origin
x-content-type-options
nosniff
cf-ray
8d29edc7c9cb3801-FRA
access-control-allow-origin
*
date
Mon, 14 Oct 2024 19:20:49 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
ad73a990-389c-4538-a6c1-c77b32bfff00
gondor-public-document-production.s3.amazonaws.com/env6o2nzkgvg626r/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gondor-public-document-production.s3.amazonaws.com/env6o2nzkgvg626r/ad73a990-389c-4538-a6c1-c77b32bfff00
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.217.195.137 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
e9c996c9ba2eea43857bf7eb4c34276c8eaf7edc47ae063160b27465ba75df24

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://id.anduin.app/

Response headers

x-amz-id-2
fRvQm0wCKlvdop+ItSZ7IUwZr6KTC3VBr0DqhEocStCVoJAAm7vAyPDbuNWnr3rhTGUYom57lmo=
ETag
"8f215eb2c891dc0394bd700223ee4675-1"
x-amz-request-id
WM16XFXQDD06X817
Accept-Ranges
bytes
Content-Length
10891
Date
Mon, 14 Oct 2024 19:20:50 GMT
Last-Modified
Wed, 18 Sep 2024 13:26:09 GMT
Content-Type
application/octet-stream
Server
AmazonS3
x-amz-server-side-encryption
AES256
powered-by-dark.svg
id.anduin.app/web/gondor/images/account/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.anduin.app/web/gondor/images/account/powered-by-dark.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:544c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5d259580196338368e50b0007b4ca17563a9df90b6cdf528a83f60c2b9b7e63
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://id.anduin.app/

Response headers

content-encoding
gzip
cf-cache-status
REVALIDATED
etag
"19274ca7008-b41"
x-content-type-options
nosniff
date
Mon, 14 Oct 2024 19:20:49 GMT
content-type
image/svg+xml
last-modified
Thu, 10 Oct 2024 04:57:57 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
no-store
x-anduin-request-id
96bfb738-7bb5-44b5-8aec-71b046441044
referrer-policy
strict-origin
cf-ray
8d29edcabe813801-FRA
accept-ranges
bytes
content-length
2881
server
cloudflare
get-cookie-consent-config
id.anduin.app/api/v3/bifrost-cookie-consent/ 		523 B
384 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.anduin.app/api/v3/bifrost-cookie-consent/get-cookie-consent-config
Requested by
Host: cdn.anduin.app
URL: https://cdn.anduin.app/beta-314.0-candidate-22-fabec6/web/heimdall/heimdall-opt-bundle-beta-314.0-candidate-22-fabec6.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:544c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4b0b86d106901645cf4edb4ad2cf3adbcdfacb17c2caa7267b6c22e870f6302
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://id.anduin.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json
X-Anduin-Tab-Id
fd0cfe96-35ce-4542-9bf6-9ee737232970
X-Anduin-Request-Id
e7aa5b15-e4f8-4182-8652-132cddb5cac8

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache
access-control-expose-headers
*
content-encoding
gzip
cf-cache-status
DYNAMIC
x-anduin-request-id
e7aa5b15-e4f8-4182-8652-132cddb5cac8
referrer-policy
strict-origin
x-content-type-options
nosniff
cf-ray
8d29edcace853801-FRA
access-control-allow-origin
*
date
Mon, 14 Oct 2024 19:20:49 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| getBrowserSpecs object| stargazerJsBuildInfo object| AnduinBootstrap object| specs number| version boolean| isSupported object| gondorFrontEndConfig object| commonConfig string| offeringId function| applyFocusVisiblePolyfill function| IMask object| nacl object| pdfjsLib

0 Cookies

6 Console Messages

Source Level URL
Text
security error URL: https://id.anduin.app/#/login/aHR0cHM6Ly9wZ2ltLmFuZHVpbi5pby8=/gofgd00
Message:
[Report Only] Refused to load the script 'https://cdn.anduin.app/beta-314.0-candidate-22-fabec6/web/gondor/js/uaparser/parser.min.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://id.anduin.app/#/login/aHR0cHM6Ly9wZ2ltLmFuZHVpbi5pby8=/gofgd00
Message:
[Report Only] Refused to load the script 'https://cdn.anduin.app/beta-314.0-candidate-22-fabec6/web/gondor/stargazerJsBuildInfo-beta-314.0-candidate-22-fabec6.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://id.anduin.app/#/login/aHR0cHM6Ly9wZ2ltLmFuZHVpbi5pby8=/gofgd00
Message:
[Report Only] Refused to load the script 'https://cdn.anduin.app/beta-314.0-candidate-22-fabec6/web/js/bootstrap/anduinbootstrap-beta-314.0-candidate-22-fabec6.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://id.anduin.app/#/login/aHR0cHM6Ly9wZ2ltLmFuZHVpbi5pby8=/gofgd00
Message:
[Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'none'". Either the 'unsafe-inline' keyword, a hash ('sha256-2r9nlioHOR1b9MoWsmdMj4wrW71owu8+VakcLeqQR9k='), or a nonce ('nonce-...') is required to enable inline execution.
security error URL: https://id.anduin.app/(Line 64)
Message:
[Report Only] Refused to load the script 'https://cdn.anduin.app/beta-314.0-candidate-22-fabec6/web/heimdall/heimdall-opt-bundle-beta-314.0-candidate-22-fabec6.min.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
network error URL: https://id.anduin.app/api/v3/bifrost-authentication/verify-cookie
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'none' script-src 'unsafe-hashes' 'sha256-W3V8uShcdBEVnHuJ8xQoqAbK8aWLOpqwIRumr7u+mpI=' 'sha256-tmnz5oMxlWC+F49xDiTqCp3X5WGHAJcMZf/FMVAkhq4=' https: https://cdn.anduin.app 'self'
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff