urlscan.io logo urlscan.io
SecurityTrails logo

app.insecureweb.com Open in urlscan Pro
158.69.31.186  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://app.insecureweb.com/auth/login
Effective URL: https://app.insecureweb.com/auth/login
Submission: On August 10 via manual from AU — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 5 countries across 10 domains to perform 49 HTTP transactions. The main IP is 158.69.31.186, located in Montreal, Canada and belongs to OVH, FR. The main domain is app.insecureweb.com.
TLS certificate: Issued by R3 on June 29th 2023. Valid for: 3 months.
This is the only time app.insecureweb.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 29 158.69.31.186 16276 (OVH)
5 151.101.64.176 54113 (FASTLY)
2 142.251.40.168 15169 (GOOGLE)
1 54.73.26.109 16509 (AMAZON-02)
2 5.101.37.37 201589 (EDGEAMLLC)
3 54.186.23.98 16509 (AMAZON-02)
3 142.250.176.195 15169 (GOOGLE)
1 142.250.176.194 15169 (GOOGLE)
1 35.84.229.168 16509 (AMAZON-02)
1 142.251.40.164 15169 (GOOGLE)
1 172.217.165.131 15169 (GOOGLE)
1 130.193.53.144 200350 (YANDEXCLOUD)
49 13
29    158.69.31.186 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ip186.ip-158-69-31.net
app.insecureweb.com
5    151.101.64.176 (United States)

ASN54113 (FASTLY, US)
js.stripe.com
m.stripe.network
2    142.251.40.168 (Newark, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f8.1e100.net
www.googletagmanager.com
1    54.73.26.109 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-26-109.eu-west-1.compute.amazonaws.com
app.getreditus.com
2    5.101.37.37 (Armenia)

ASN201589 (EDGEAMLLC, AM)
code.jivosite.com
3    54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com
q.stripe.com
3    142.250.176.195 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f3.1e100.net
fonts.gstatic.com
1    142.250.176.194 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f2.1e100.net
googleads.g.doubleclick.net
1    35.84.229.168 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-84-229-168.us-west-2.compute.amazonaws.com
m.stripe.com
1    142.251.40.164 (Newark, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f4.1e100.net
www.google.com
1    172.217.165.131 (United States)

ASN15169 (GOOGLE, US)
PTR: lax30s03-in-f3.1e100.net
www.google.ca
1    130.193.53.144 (Russian Federation)

ASN200350 (YANDEXCLOUD, RU)
node-ya-5.jivosite.com
Apex Domain
Subdomains		 Transfer
29 insecureweb.com
app.insecureweb.com
490 KB
7 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1730
q.stripe.com — Cisco Umbrella Rank: 15822
m.stripe.com — Cisco Umbrella Rank: 1612
151 KB
3 gstatic.com
fonts.gstatic.com
24 KB
3 jivosite.com
code.jivosite.com — Cisco Umbrella Rank: 33640
node-ya-5.jivosite.com — Cisco Umbrella Rank: 234544
8 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1845
16 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 65
114 KB
1 google.ca
www.google.ca — Cisco Umbrella Rank: 9674
455 B
1 google.com
www.google.com — Cisco Umbrella Rank: 3
455 B
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
2 KB
1 getreditus.com
app.getreditus.com — Cisco Umbrella Rank: 276696
3 KB
49 10
Domain Requested by
29 app.insecureweb.com 1 redirects app.insecureweb.com
3 fonts.gstatic.com app.insecureweb.com
3 q.stripe.com app.insecureweb.com
3 js.stripe.com app.insecureweb.com
js.stripe.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 code.jivosite.com app.insecureweb.com
2 www.googletagmanager.com app.insecureweb.com
www.googletagmanager.com
1 node-ya-5.jivosite.com app.insecureweb.com
1 www.google.ca app.insecureweb.com
1 www.google.com app.insecureweb.com
1 m.stripe.com m.stripe.network
1 googleads.g.doubleclick.net www.googletagmanager.com
1 app.getreditus.com app.insecureweb.com
49 13

This site contains no links.

Subject Issuer Validity Valid
app.insecureweb.com
R3		 2023-06-29 -
2023-09-27		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2023-07-31 -
2023-11-30		 4 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.getreditus.com
R3		 2023-06-13 -
2023-09-11		 3 months crt.sh
*.jivosite.com
Go Daddy Secure Certificate Authority - G2		 2023-04-05 -
2024-05-06		 a year crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-08-01 -
2023-11-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-07-31 -
2023-10-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://app.insecureweb.com/auth/login
Frame ID: CDCC44086DF77FC744815B0FEF19A744
Requests: 42 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: C82AA67EA6417A603C1461B51D1CB353
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: B58B4FF5F2B142DD53A1538E978322AE
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

InsecureWeb

Page URL History Show full URLs

  1. http://app.insecureweb.com/auth/login HTTP 301
    https://app.insecureweb.com/auth/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

49
Requests

100 %
HTTPS

0 %
IPv6

10
Domains

13
Subdomains

13
IPs

5
Countries

807 kB
Transfer

3619 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://app.insecureweb.com/auth/login HTTP 301
    https://app.insecureweb.com/auth/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
app.insecureweb.com/auth/
Redirect Chain
  • http://app.insecureweb.com/auth/login
  • https://app.insecureweb.com/auth/login
11 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.insecureweb.com/auth/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.69.31.186 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-158-69-31.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a9ef6a4a8bd5ecebb6438211b9447e71fd94ac4cf293d7469a8479d2902ce5a6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Thu, 10 Aug 2023 04:15:32 GMT
ETag
W/"64ae53a9-2a82"
Last-Modified
Wed, 12 Jul 2023 07:18:01 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding Accept-Encoding
X-Frame-Options
SAMEORIGIN

Redirect headers

Connection
keep-alive
Content-Length
178
Content-Type
text/html
Date
Thu, 10 Aug 2023 04:15:31 GMT
Location
https://app.insecureweb.com/auth/login
Server
nginx/1.18.0 (Ubuntu)
/
js.stripe.com/v3/ 		526 KB
147 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: app.insecureweb.com
URL: https://app.insecureweb.com/auth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
c6a07ac2514dc09338ea967683a73bd5de837015ab66229799da310b807237be
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.insecureweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 10 Aug 2023 04:15:32 GMT
via
1.1 varnish
age
40
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
149699
x-request-id
7d26e634-78e9-4b16-84c4-1dbf5c28319a
x-served-by
cache-yyz4565-YYZ
last-modified
Wed, 09 Aug 2023 20:35:47 GMT
server
Fastly
etag
"52df1232f742f4153c43051d6f90c30a"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
10
runtime.e86b85015b3eba726346.js
app.insecureweb.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.insecureweb.com/runtime.e86b85015b3eba726346.js
Requested by
Host: app.insecureweb.com
URL: https://app.insecureweb.com/auth/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.69.31.186 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-158-69-31.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3c4f1ba909e69448e1280bd163d15c9073ef5c5366ba0956ed33bff990826526

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.insecureweb.com/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Thu, 10 Aug 2023 04:15:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Jul 2023 07:17:57 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"64ae53a5-c9f"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=31449600
Connection
keep-alive
polyfills.aa35300f5af016f39dcb.js
app.insecureweb.com/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.insecureweb.com/polyfills.aa35300f5af016f39dcb.js
Requested by
Host: app.insecureweb.com
URL: https://app.insecureweb.com/auth/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.69.31.186 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-158-69-31.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4ef078d5b86a94058a2bfa0f7df80c888a9cb14e35d492ff70acdcbe33da8cc9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.insecureweb.com/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Thu, 10 Aug 2023 04:15:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Jul 2023 07:17:57 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"64ae53a5-85fc"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=31449600
Connection
keep-alive
main.d54bc2b4a0c7471feff1.js
app.insecureweb.com/ 		847 KB
211 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.insecureweb.com/main.d54bc2b4a0c7471feff1.js
Requested by
Host: app.insecureweb.com
URL: https://app.insecureweb.com/auth/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.69.31.186 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-158-69-31.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
dbcd7592da65191f204de2848db7a8ab5710b8b2dca26cff80ccc6511aeaade3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.insecureweb.com/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Thu, 10 Aug 2023 04:15:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Jul 2023 07:17:57 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"64ae53a5-d3a1e"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=31449600
Connection
keep-alive
splash-screen.css
app.insecureweb.com/assets/ 		442 B
633 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.insecureweb.com/assets/splash-screen.css
Requested by
Host: app.insecureweb.com
URL: https://app.insecureweb.com/auth/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.69.31.186 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-158-69-31.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
84d07d6a57f611d83da5f3b8eb762e98fe06d2bf3a5d73dca6feb40d3702ce0f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.insecureweb.com/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Thu, 10 Aug 2023 04:15:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Jul 2023 07:17:58 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"64ae53a6-1ba"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=31449600
Connection
keep-alive
plugins.bundle.css
app.insecureweb.com/assets/css/ 		425 KB
74 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.insecureweb.com/assets/css/plugins.bundle.css
Requested by
Host: app.insecureweb.com
URL: https://app.insecureweb.com/auth/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.69.31.186 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-158-69-31.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0bdb3f7798c81874d11055f5b421d260f68c6e3ea6c520e1efacbff124eb6882

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.insecureweb.com/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Thu, 10 Aug 2023 04:15:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Jul 2023 07:17:58 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"64ae53a6-6a3ac"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=31449600
Connection
keep-alive
gtm.js
www.googletagmanager.com/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TM3GV6Z
Requested by
Host: app.insecureweb.com
URL: https://app.insecureweb.com/auth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.168 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
9ea9a00f25900cbaf62427a8f31b6a0bb0974744a630656d5f3e3ca9408c9734
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.insecureweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 04:15:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43354
x-xss-protection
0
last-modified
Thu, 10 Aug 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 10 Aug 2023 04:15:32 GMT
gr.js
app.getreditus.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.getreditus.com/gr.js?_ce=60
Requested by
Host: app.insecureweb.com
URL: https://app.insecureweb.com/auth/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.73.26.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-26-109.eu-west-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
4499f9b1232d0201f7de70974b1eb6ac676848eaa6a0a0ff4cedf226715bf87e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.insecureweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Thu, 10 Aug 2023 04:15:32 GMT
Content-Encoding
gzip
Via
1.1 vegur
Server
Cowboy
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
keep-alive
styles.458ee70925415444a32a.css
app.insecureweb.com/ 		1 MB
142 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.insecureweb.com/styles.458ee70925415444a32a.css
Requested by
Host: app.insecureweb.com
URL: https://app.insecureweb.com/auth/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.69.31.186 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-158-69-31.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
31ac4cb1f4dd62d164cd9546e2aef6fc82442e2885a8ed44690b69d918d85d97

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.insecureweb.com/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Thu, 10 Aug 2023 04:15:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Jul 2023 07:17:57 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"64ae53a5-1280c9"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=31449600
Connection
keep-alive
mitigation.json
app.insecureweb.com/assets/i18n/en/ 		12 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.insecureweb.com/assets/i18n/en/mitigation.json
Requested by
Host: app.insecureweb.com
URL: https://app.insecureweb.com/polyfills.aa35300f5af016f39dcb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.69.31.186 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-158-69-31.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
059351c79cd60853d1a247c2c4bc33ffb730866967133e44a6e3f81df553d840
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.insecureweb.com/auth/login
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Thu, 10 Aug 2023 04:15:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Jul 2023 07:17:58 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"64ae53a6-30c7"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/json
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
activate.json
app.insecureweb.com/assets/i18n/en/ 		526 B
641 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.insecureweb.com/assets/i18n/en/activate.json
Requested by
Host: app.insecureweb.com
URL: https://app.insecureweb.com/polyfills.aa35300f5af016f39dcb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.69.31.186 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-158-69-31.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0dae958c3fe000271ab01c6e7ea13f90a545bac68cbbf90cbab43a494f390709
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.insecureweb.com/auth/login
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Thu, 10 Aug 2023 04:15:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Jul 2023 07:17:58 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"64ae53a6-20e"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/json
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
activate-invitation.json
app.insecureweb.com/assets/i18n/en/ 		1 KB
799 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.insecureweb.com/assets/i18n/en/activate-invitation.json
Requested by
Host: app.insecureweb.com
URL: https://app.insecureweb.com/polyfills.aa35300f5af016f39dcb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.69.31.186 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-158-69-31.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
99af48e90c727138481e192f0921b92edee0f8bb6beb997eea758ac875a13cbf
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.insecureweb.com/auth/login
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Thu, 10 Aug 2023 04:15:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Jul 2023 07:17:58 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"64ae53a6-55d"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/json
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
login.json
app.insecureweb.com/assets/i18n/en/ 		629 B
631 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.insecureweb.com/assets/i18n/en/login.json
Requested by
Host: app.insecureweb.com
URL: https://app.insecureweb.com/polyfills.aa35300f5af016f39dcb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.69.31.186 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-158-69-31.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
386931a259d7f32359d633a961c5b866d31bcf73b229e66de47c3f11ccf59e1f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.insecureweb.com/auth/login
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Thu, 10 Aug 2023 04:15:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Jul 2023 07:17:58 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"64ae53a6-275"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/json
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
logout.json
app.insecureweb.com/assets/i18n/en/ 		22 B
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.insecureweb.com/assets/i18n/en/logout.json
Requested by
Host: app.insecureweb.com
URL: https://app.insecureweb.com/polyfills.aa35300f5af016f39dcb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.69.31.186 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-158-69-31.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b3419396c0300beb8a31cf1524ac25143e9150b69d558b9a309b2f12b285205d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.insecureweb.com/auth/login
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Thu, 10 Aug 2023 04:15:32 GMT
Last-Modified
Wed, 12 Jul 2023 07:17:58 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"64ae53a6-16"
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22
password-reset.json
app.insecureweb.com/assets/i18n/en/ 		2 KB
932 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.insecureweb.com/assets/i18n/en/password-reset.json
Requested by
Host: app.insecureweb.com
URL: https://app.insecureweb.com/polyfills.aa35300f5af016f39dcb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.69.31.186 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-158-69-31.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2747ade09ac9de1d973357ee95ed2de68ab06491611d888f7832841478a91571
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.insecureweb.com/auth/login
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Thu, 10 Aug 2023 04:15:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Jul 2023 07:17:58 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"64ae53a6-683"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/json
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
registration.json
app.insecureweb.com/assets/i18n/en/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.insecureweb.com/assets/i18n/en/registration.json
Requested by
Host: app.insecureweb.com
URL: https://app.insecureweb.com/polyfills.aa35300f5af016f39dcb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.69.31.186 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-158-69-31.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d58e7b8f4af1e9636f14de4522ffa3ef1d294fa648e1d219ee283e99e0b40413
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.insecureweb.com/auth/login
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Thu, 10 Aug 2023 04:15:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Jul 2023 07:17:58 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"64ae53a6-9bb"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/json
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
tfa.json
app.insecureweb.com/assets/i18n/en/ 		743 B
746 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.insecureweb.com/assets/i18n/en/tfa.json
Requested by
Host: app.insecureweb.com
URL: https://app.insecureweb.com/polyfills.aa35300f5af016f39dcb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.69.31.186 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-158-69-31.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
cedf54cbb0a5c1c6c5b23fe2d2b6f67c1675348953a3552281608257e00daba6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.insecureweb.com/auth/login
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Thu, 10 Aug 2023 04:15:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Jul 2023 07:17:58 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"64ae53a6-2e7"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/json
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
verify-email.json
app.insecureweb.com/assets/i18n/en/ 		334 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.insecureweb.com/assets/i18n/en/verify-email.json
Requested by
Host: app.insecureweb.com
URL: https://app.insecureweb.com/polyfills.aa35300f5af016f39dcb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.69.31.186 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-158-69-31.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f68a148f1f069b07caa317045d62bde4f13b5c68be7d24df0ff4a28aab37d4a1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.insecureweb.com/auth/login
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Thu, 10 Aug 2023 04:15:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Jul 2023 07:17:58 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"64ae53a6-14e"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/json
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
roadmap.json
app.insecureweb.com/assets/i18n/en/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.insecureweb.com/assets/i18n/en/roadmap.json
Requested by
Host: app.insecureweb.com
URL: https://app.insecureweb.com/polyfills.aa35300f5af016f39dcb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.69.31.186 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-158-69-31.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
329b654c6b3d5a6e0a3e156f610c447d2aa48e51ec913bdfcd16fb032525a878
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.insecureweb.com/auth/login
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Thu, 10 Aug 2023 04:15:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Jul 2023 07:17:58 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"64ae53a6-813"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/json
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
dark-web.json
app.insecureweb.com/assets/i18n/en/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.insecureweb.com/assets/i18n/en/dark-web.json
Requested by
Host: app.insecureweb.com
URL: https://app.insecureweb.com/polyfills.aa35300f5af016f39dcb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.69.31.186 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-158-69-31.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
352a2d9a60b58a3f6dceddeb2bf68fb43c1e934c6f9787f2ac0a16a1b83fa2bd
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.insecureweb.com/auth/login
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Thu, 10 Aug 2023 04:15:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Jul 2023 07:17:58 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"64ae53a6-1598"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/json
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
calendar.json
app.insecureweb.com/assets/i18n/en/ 		190 B
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.insecureweb.com/assets/i18n/en/calendar.json
Requested by
Host: app.insecureweb.com
URL: https://app.insecureweb.com/polyfills.aa35300f5af016f39dcb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.69.31.186 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-158-69-31.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e24383c4a3e43816f323a368a5bc98a38feb15a7c6bc9a226b22d1d41cedf9d2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.insecureweb.com/auth/login
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Thu, 10 Aug 2023 04:15:32 GMT
Last-Modified
Wed, 12 Jul 2023 07:17:58 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"64ae53a6-be"
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
190
dark-web-new-organization.json
app.insecureweb.com/assets/i18n/en/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.insecureweb.com/assets/i18n/en/dark-web-new-organization.json
Requested by
Host: app.insecureweb.com
URL: https://app.insecureweb.com/polyfills.aa35300f5af016f39dcb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.69.31.186 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-158-69-31.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d9c4669f93b7b1c20f07c295ae915fb983a80459ca3c759a5b5e5c667d8a2267
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.insecureweb.com/auth/login
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Thu, 10 Aug 2023 04:15:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Jul 2023 07:17:58 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"64ae53a6-1286"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/json
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
dark-web-live-scan.json
app.insecureweb.com/assets/i18n/en/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.insecureweb.com/assets/i18n/en/dark-web-live-scan.json
Requested by
Host: app.insecureweb.com
URL: https://app.insecureweb.com/polyfills.aa35300f5af016f39dcb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.69.31.186 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-158-69-31.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
199f25d4cf911a4cde8778774b19ea6cc272af6e7fd68db7cd9cb418b29f287c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.insecureweb.com/auth/login
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Thu, 10 Aug 2023 04:15:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Jul 2023 07:17:58 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"64ae53a6-601"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/json
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
user-profile.json
app.insecureweb.com/assets/i18n/en/ 		13 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.insecureweb.com/assets/i18n/en/user-profile.json
Requested by
Host: app.insecureweb.com
URL: https://app.insecureweb.com/polyfills.aa35300f5af016f39dcb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.69.31.186 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-158-69-31.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0b1dbc13c3ea5ad499da0e1f903cf5e1db85a84c9e3df73a8de66f69257cb65b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.insecureweb.com/auth/login
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Thu, 10 Aug 2023 04:15:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Jul 2023 07:17:58 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"64ae53a6-3498"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/json
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
header-menu.json
app.insecureweb.com/assets/i18n/en/ 		961 B
835 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.insecureweb.com/assets/i18n/en/header-menu.json
Requested by
Host: app.insecureweb.com
URL: https://app.insecureweb.com/polyfills.aa35300f5af016f39dcb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.69.31.186 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-158-69-31.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
574493b1311ce698a2c488cb1b0282e5a69a88844bd170392b5c6d5aeb004a84
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.insecureweb.com/auth/login
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Thu, 10 Aug 2023 04:15:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Jul 2023 07:17:58 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"64ae53a6-3c1"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/json
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
user-management.json
app.insecureweb.com/assets/i18n/en/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.insecureweb.com/assets/i18n/en/user-management.json
Requested by
Host: app.insecureweb.com
URL: https://app.insecureweb.com/polyfills.aa35300f5af016f39dcb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.69.31.186 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-158-69-31.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0b87cb5843f9711c96d55e7ce819ffaf5f0dd2b96d8b8a9de5e267b833003138
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.insecureweb.com/auth/login
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Thu, 10 Aug 2023 04:15:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Jul 2023 07:17:58 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"64ae53a6-10ef"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/json
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
ping
app.insecureweb.com/api/ 		4 B
931 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.insecureweb.com/api/ping
Requested by
Host: app.insecureweb.com
URL: https://app.insecureweb.com/polyfills.aa35300f5af016f39dcb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.69.31.186 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-158-69-31.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.insecureweb.com/auth/login
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Thu, 10 Aug 2023 04:15:32 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self'; frame-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx/1.18.0 (Ubuntu)
X-Frame-Options
DENY
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
application/json
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Permissions-Policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
Expires
0
Qtoi68Xnd0
code.jivosite.com/widget/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/widget/Qtoi68Xnd0
Requested by
Host: app.insecureweb.com
URL: https://app.insecureweb.com/main.d54bc2b4a0c7471feff1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.101.37.37 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software
nginx /
Resource Hash
7c189cbdb19846f667320603933f561c3560e1ca8f54faae9ba6b2d260800df0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.insecureweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-id
fr5-up-gc15
date
Thu, 10 Aug 2023 04:15:32 GMT
content-encoding
br
via
1.1 sharxy
x-geo-shard
ya
content-length
5916
last-modified
Mon, 07 Aug 2023 13:13:46 GMT
server
nginx
etag
"64d0ee0a-171c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7200
cache
MISS
accept-ranges
bytes
expires
Thu, 10 Aug 2023 06:15:32 GMT
common.2f0ee0ccf94729d1c39a.js
app.insecureweb.com/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.insecureweb.com/common.2f0ee0ccf94729d1c39a.js
Requested by
Host: app.insecureweb.com
URL: https://app.insecureweb.com/runtime.e86b85015b3eba726346.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.69.31.186 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-158-69-31.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ff6ae2a9d21a3d4ef7c31d01ed61ed59a6b2243e5c1761c4fbb262769241d82c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.insecureweb.com/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Thu, 10 Aug 2023 04:15:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Jul 2023 07:17:57 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"64ae53a5-2f81"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=31449600
Connection
keep-alive
195.c2bcf300b85d3c8c30d8.js
app.insecureweb.com/ 		78 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.insecureweb.com/195.c2bcf300b85d3c8c30d8.js
Requested by
Host: app.insecureweb.com
URL: https://app.insecureweb.com/runtime.e86b85015b3eba726346.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.69.31.186 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-158-69-31.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e1044c889e9a14a5914ac917ec1d32c82d3929bb37612dfc44c0aab553427559

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.insecureweb.com/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Thu, 10 Aug 2023 04:15:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Jul 2023 07:17:57 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"64ae53a5-13891"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=31449600
Connection
keep-alive
m-outer-93afeeb17bc37e711759584dbfc50d47.html
js.stripe.com/v3/ Frame C82A 		200 B
819 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app.insecureweb.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
5382015
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=31536000
content-encoding
br
content-length
155
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 10 Aug 2023 04:15:32 GMT
etag
"93afeeb17bc37e711759584dbfc50d47"
last-modified
Thu, 08 Jun 2023 20:06:51 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
55841
x-content-type-options
nosniff
x-request-id
c1dc0063-f5e5-44a7-beb7-60686df5c538
x-served-by
cache-yyz4565-YYZ
m-outer-8cb24ab2d649fd36a488d04d8c457933.js
js.stripe.com/v3/fingerprinted/js/ Frame C82A 		631 B
689 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 10 Aug 2023 04:15:32 GMT
via
1.1 varnish
age
23271029
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
332
x-request-id
10cf0b28-5772-4bd2-9bce-4cc0fb54d0ce
x-served-by
cache-yyz4582-YYZ
last-modified
Sun, 13 Nov 2022 20:03:40 GMT
server
Fastly
etag
"f8f6a4584135f737b26927596ce6e0a7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
279561
csp-report
q.stripe.com/ Frame C82A 		0
718 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: app.insecureweb.com
URL: https://app.insecureweb.com/auth/login
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 10 Aug 2023 04:15:32 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1691640932758729
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1691640932758412
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame C82A 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: app.insecureweb.com
URL: https://app.insecureweb.com/auth/login
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 10 Aug 2023 04:15:32 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1691640932759650
x-envoy-upstream-service-time
3
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1691640932758475
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
inner.html
m.stripe.network/ Frame B58B 		930 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
219
cache-control
max-age=300, public
content-encoding
br
content-length
540
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 10 Aug 2023 04:15:32 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 varnish
x-cache
HIT
x-cache-hits
68
x-content-type-options
nosniff
x-request-id
6365f39e-497a-45f9-af82-655da756f41d
x-served-by
cache-yyz4565-YYZ
x-timer
S1691640933.556495,VS0,VE0
js
www.googletagmanager.com/gtag/ 		196 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-564467413
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TM3GV6Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.168 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
1968e861988c68f3b97f5b249c8942766c3d002479410209eb585ddf1123215f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.insecureweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 04:15:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72517
x-xss-protection
0
last-modified
Thu, 10 Aug 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 10 Aug 2023 04:15:32 GMT
INSECUREWEB_icon.svg
app.insecureweb.com/assets/logo/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.insecureweb.com/assets/logo/INSECUREWEB_icon.svg
Requested by
Host: app.insecureweb.com
URL: https://app.insecureweb.com/auth/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.69.31.186 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-158-69-31.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2b5a8ffda6d1f5e921d89a9234b0f0ad49d07221398ff7063f69e0c84e181141
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.insecureweb.com/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Thu, 10 Aug 2023 04:15:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Jul 2023 07:17:58 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"64ae53a6-633"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
image/svg+xml
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
truncated
/ 		264 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a3d11cc16c5f1622cf099fc0075791ad41fb96cd0c71f6f996891d9a510ef4e9

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml
pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
Requested by
Host: app.insecureweb.com
URL: https://app.insecureweb.com/auth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.195 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f3.1e100.net
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.insecureweb.com/
Origin
https://app.insecureweb.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 16:04:01 GMT
x-content-type-options
nosniff
age
43891
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:59:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Aug 2024 16:04:01 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2
Requested by
Host: app.insecureweb.com
URL: https://app.insecureweb.com/auth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.195 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f3.1e100.net
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.insecureweb.com/
Origin
https://app.insecureweb.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 17:31:05 GMT
x-content-type-options
nosniff
age
125067
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:10:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Aug 2024 17:31:05 GMT
pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
Requested by
Host: app.insecureweb.com
URL: https://app.insecureweb.com/auth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.195 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f3.1e100.net
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.insecureweb.com/
Origin
https://app.insecureweb.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 12:25:04 GMT
x-content-type-options
nosniff
age
489028
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:07:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Aug 2024 12:25:04 GMT
csp-report
q.stripe.com/ Frame B58B 		0
491 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: app.insecureweb.com
URL: https://app.insecureweb.com/auth/login
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 10 Aug 2023 04:15:32 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1691640932759121
x-envoy-upstream-service-time
3
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
1
x-stripe-client-envoy-start-time-us
1691640932758450
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.43.js
m.stripe.network/ Frame B58B 		87 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Thu, 10 Aug 2023 04:15:32 GMT
x-content-type-options
nosniff
content-encoding
br
via
1.1 varnish
age
209
x-cache
HIT
content-length
15509
x-request-id
411bbec6-12d7-457e-a085-697805ba4ddb
x-served-by
cache-yyz4565-YYZ
server
Fastly
x-timer
S1691640933.649397,VS0,VE0
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
accept-ranges
bytes
x-cache-hits
61
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/564467413/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/564467413/?random=1691640932675&cv=11&fst=1691640932675&bg=ffffff&guid=ON&async=1&gtm=45be3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.insecureweb.com%2Fauth%2Flogin&hn=www.googleadservices.com&frm=0&tiba=InsecureWeb&auid=991800716.1691640933&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-564467413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
ea4abd8993937b7ab8b2769083f70e2a508b502b586601065208ef296a7a85b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.insecureweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Aug 2023 04:15:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1306
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
6
m.stripe.com/ Frame B58B 		156 B
668 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.84.229.168 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-84-229-168.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
f7f0bc85c6e23a88c07dbbebd015762c7f6d3c44c32f411213a16bd7f40e6126
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
blue
date
Thu, 10 Aug 2023 04:15:32 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1691640932960086
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1691640932959427
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
/
www.google.com/pagead/1p-user-list/564467413/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/564467413/?random=1691640932675&cv=11&fst=1691640000000&bg=ffffff&guid=ON&async=1&gtm=45be3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.insecureweb.com%2Fauth%2Flogin&frm=0&tiba=InsecureWeb&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=24582542&rmt_tld=0&ipr=y
Requested by
Host: app.insecureweb.com
URL: https://app.insecureweb.com/auth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.164 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.insecureweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Aug 2023 04:15:32 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/564467413/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/564467413/?random=1691640932675&cv=11&fst=1691640000000&bg=ffffff&guid=ON&async=1&gtm=45be3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.insecureweb.com%2Fauth%2Flogin&frm=0&tiba=InsecureWeb&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=24582542&rmt_tld=1&ipr=y
Requested by
Host: app.insecureweb.com
URL: https://app.insecureweb.com/auth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.165.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.insecureweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Aug 2023 04:15:32 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Qtoi68Xnd0
code.jivosite.com/script/widget/config/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/script/widget/config/Qtoi68Xnd0
Requested by
Host: app.insecureweb.com
URL: https://app.insecureweb.com/polyfills.aa35300f5af016f39dcb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.101.37.37 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software
nginx /
Resource Hash
b432f4cc5cb1d235b59a7480d822c2e92eca7965d53dd4a53f9e12d5ac62f8fa

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.insecureweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-id
fr5-up-gc15
date
Thu, 10 Aug 2023 04:15:33 GMT
content-encoding
gzip
via
1.1 sharxy
server
nginx
vary
Accept-Encoding
x-cached-since
2023-08-10T04:10:26+00:00
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=7200
cache
HIT
accept-ranges
bytes
x-geo-shard
ya
content-length
810
expires
Thu, 10 Aug 2023 06:10:26 GMT
Qtoi68Xnd0
node-ya-5.jivosite.com/widget/status/1706931/ 		273 B
599 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node-ya-5.jivosite.com/widget/status/1706931/Qtoi68Xnd0?rnd=0.8032974037289127
Requested by
Host: app.insecureweb.com
URL: https://app.insecureweb.com/polyfills.aa35300f5af016f39dcb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.193.53.144 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
foxy/2.0.1 /
Resource Hash
1eb701ea0e48b888c29c85bbb25e0f3c09ba525a805297559d3520109bfc4943
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.insecureweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
frame-ancestors 'none';
date
Thu, 10 Aug 2023 04:15:33 GMT
server
foxy/2.0.1
x-botmode
no
x-geoip
CA;ON;Toronto
x-frame-options
DENY
content-type
application/json; charset=utf-8
access-control-allow-origin
https://app.insecureweb.com
access-control-expose-headers
X-Geoip, X-Botmode
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-max-age
1728000
content-length
273

Verdicts & Comments Add Verdict or Comment

174 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| webpackChunkStripeJSouter function| noop function| Stripe object| dataLayer function| gr object| webpackChunkinsecure_web function| $localize function| Zone function| __zone_symbol__Promise function| __zone_symbol__fetch function| __zone_symbol__queueMicrotask function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforexrselectpatched boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononbeforeinputpatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontextlostpatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__ononcontextrestoredpatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__ononformdatapatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononsecuritypolicyviolationpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononslotchangepatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointerrawupdatepatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononmessageerrorpatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononbeforematchpatched boolean| __zone_symbol__ononbeforetogglepatched boolean| __zone_symbol__ononcontentvisibilityautostatechangepatched boolean| __zone_symbol__ononscrollendpatched object| global object| __zone_symbol__unloadfalse object| __zone_symbol__storagefalse object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers object| google_tag_manager object| google_tag_data object| __zone_symbol__loadfalse function| gtag object| GooglebQhCsO function| __jivoOnError boolean| __hasStorage boolean| jivo_magic_var function| __jivoBundleOnLoad function| __jivoBundleInit function| jivo_init function| jivo_destroy object| jivo_config object| __zone_symbol__scrollfalse object| __zone_symbol__messagefalse function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

5 Cookies

Domain/Path Name / Value
.insecureweb.com/ Name: _gcl_au
Value: 1.1.991800716.1691640933
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
m.stripe.com/ Name: m
Value: 2d2e3728-2bcc-4fbe-9a07-a26bb52fe970a36e83
.app.insecureweb.com/ Name: __stripe_mid
Value: 83530c1e-3f11-4037-82bf-7fae2a33d58d2c5ddf
.app.insecureweb.com/ Name: __stripe_sid
Value: b8146211-b773-4d7d-a185-c9e949cbb4273911d6

1 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.getreditus.com
app.insecureweb.com
code.jivosite.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.stripe.com
m.stripe.com
m.stripe.network
node-ya-5.jivosite.com
q.stripe.com
www.google.ca
www.google.com
www.googletagmanager.com
130.193.53.144
142.250.176.194
142.250.176.195
142.251.40.164
142.251.40.168
151.101.64.176
158.69.31.186
172.217.165.131
35.84.229.168
5.101.37.37
54.186.23.98
54.73.26.109
059351c79cd60853d1a247c2c4bc33ffb730866967133e44a6e3f81df553d840
0b1dbc13c3ea5ad499da0e1f903cf5e1db85a84c9e3df73a8de66f69257cb65b
0b87cb5843f9711c96d55e7ce819ffaf5f0dd2b96d8b8a9de5e267b833003138
0bdb3f7798c81874d11055f5b421d260f68c6e3ea6c520e1efacbff124eb6882
0dae958c3fe000271ab01c6e7ea13f90a545bac68cbbf90cbab43a494f390709
1968e861988c68f3b97f5b249c8942766c3d002479410209eb585ddf1123215f
199f25d4cf911a4cde8778774b19ea6cc272af6e7fd68db7cd9cb418b29f287c
1eb701ea0e48b888c29c85bbb25e0f3c09ba525a805297559d3520109bfc4943
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
2747ade09ac9de1d973357ee95ed2de68ab06491611d888f7832841478a91571
2b5a8ffda6d1f5e921d89a9234b0f0ad49d07221398ff7063f69e0c84e181141
31ac4cb1f4dd62d164cd9546e2aef6fc82442e2885a8ed44690b69d918d85d97
329b654c6b3d5a6e0a3e156f610c447d2aa48e51ec913bdfcd16fb032525a878
352a2d9a60b58a3f6dceddeb2bf68fb43c1e934c6f9787f2ac0a16a1b83fa2bd
386931a259d7f32359d633a961c5b866d31bcf73b229e66de47c3f11ccf59e1f
3c4f1ba909e69448e1280bd163d15c9073ef5c5366ba0956ed33bff990826526
4499f9b1232d0201f7de70974b1eb6ac676848eaa6a0a0ff4cedf226715bf87e
4ef078d5b86a94058a2bfa0f7df80c888a9cb14e35d492ff70acdcbe33da8cc9
574493b1311ce698a2c488cb1b0282e5a69a88844bd170392b5c6d5aeb004a84
7c189cbdb19846f667320603933f561c3560e1ca8f54faae9ba6b2d260800df0
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
84d07d6a57f611d83da5f3b8eb762e98fe06d2bf3a5d73dca6feb40d3702ce0f
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3
99af48e90c727138481e192f0921b92edee0f8bb6beb997eea758ac875a13cbf
9ea9a00f25900cbaf62427a8f31b6a0bb0974744a630656d5f3e3ca9408c9734
a3d11cc16c5f1622cf099fc0075791ad41fb96cd0c71f6f996891d9a510ef4e9
a9ef6a4a8bd5ecebb6438211b9447e71fd94ac4cf293d7469a8479d2902ce5a6
b3419396c0300beb8a31cf1524ac25143e9150b69d558b9a309b2f12b285205d
b432f4cc5cb1d235b59a7480d822c2e92eca7965d53dd4a53f9e12d5ac62f8fa
c6a07ac2514dc09338ea967683a73bd5de837015ab66229799da310b807237be
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cedf54cbb0a5c1c6c5b23fe2d2b6f67c1675348953a3552281608257e00daba6
d58e7b8f4af1e9636f14de4522ffa3ef1d294fa648e1d219ee283e99e0b40413
d9c4669f93b7b1c20f07c295ae915fb983a80459ca3c759a5b5e5c667d8a2267
dbcd7592da65191f204de2848db7a8ab5710b8b2dca26cff80ccc6511aeaade3
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e1044c889e9a14a5914ac917ec1d32c82d3929bb37612dfc44c0aab553427559
e24383c4a3e43816f323a368a5bc98a38feb15a7c6bc9a226b22d1d41cedf9d2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea4abd8993937b7ab8b2769083f70e2a508b502b586601065208ef296a7a85b5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f68a148f1f069b07caa317045d62bde4f13b5c68be7d24df0ff4a28aab37d4a1
f7f0bc85c6e23a88c07dbbebd015762c7f6d3c44c32f411213a16bd7f40e6126
ff6ae2a9d21a3d4ef7c31d01ed61ed59a6b2243e5c1761c4fbb262769241d82c