urlscan.io logo urlscan.io
SecurityTrails logo

bank-admin.weavepay.dev Open in urlscan Pro
35.246.63.252  Public Scan

Go To Rescan Add Verdict Report
URL: https://bank-admin.weavepay.dev/
Submission: On September 29 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 16 HTTP transactions. The main IP is 35.246.63.252, located in London, United Kingdom and belongs to GOOGLE, US. The main domain is bank-admin.weavepay.dev.
TLS certificate: Issued by R3 on September 29th 2021. Valid for: 3 months.
This is the only time bank-admin.weavepay.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 35.246.63.252 15169 (GOOGLE)
16 1
Apex Domain
Subdomains		 Transfer
16 weavepay.dev
bank-admin.weavepay.dev
dev-api.weavepay.dev
2 MB
16 1
Domain Requested by
14 bank-admin.weavepay.dev bank-admin.weavepay.dev
2 dev-api.weavepay.dev bank-admin.weavepay.dev
16 2

This site contains no links.

Subject Issuer Validity Valid
le-64.35.246.63.252.nip.io
R3		 2021-09-29 -
2021-12-28		 3 months crt.sh
le-6.35.246.63.252.nip.io
R3		 2021-08-10 -
2021-11-08		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://bank-admin.weavepay.dev/
Frame ID: A4068E2A491739BD72150F20DAE1EE9F
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Weave-pay Admin Console

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]*class="ant-(?:btn|col|row|layout|breadcrumb|menu|pagination|steps|select|cascader|checkbox|calendar|form|input-number|input|mention|rate|radio|slider|switch|tree-select|time-picker|transfer|upload|avatar|badge|card|carousel|collapse|list|popover|tooltip|table|tabs|tag|timeline|tree|alert|modal|message|notification|progress|popconfirm|spin|anchor|back-top|divider|drawer)

Page Statistics

16
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

1878 kB
Transfer

6657 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bank-admin.weavepay.dev/ 		722 B
721 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bank-admin.weavepay.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.246.63.252 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
252.63.246.35.bc.googleusercontent.com
Software
nginx/1.17.10 /
Resource Hash
62e1d31510633b7a523c2ff3c0851034117956d3f019c79e40138d19c4e9bc83
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
bank-admin.weavepay.dev
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx/1.17.10
date
Wed, 29 Sep 2021 14:02:54 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
ring-session=0dd7eb69-f801-4469-ade3-4bfd3225c63a;Path=/;HttpOnly
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
screen.css
bank-admin.weavepay.dev/css/ 		1 KB
749 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bank-admin.weavepay.dev/css/screen.css
Requested by
Host: bank-admin.weavepay.dev
URL: https://bank-admin.weavepay.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.246.63.252 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
252.63.246.35.bc.googleusercontent.com
Software
nginx/1.17.10 /
Resource Hash
7d0ccd5811288de11454cef63423442685543a2b3d0c4fc7b8f3b50333a3a337
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/css/screen.css
pragma
no-cache
cookie
ring-session=0dd7eb69-f801-4469-ade3-4bfd3225c63a
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
bank-admin.weavepay.dev
referer
https://bank-admin.weavepay.dev/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://bank-admin.weavepay.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:02:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 29 Sep 2021 13:58:39 GMT
server
nginx/1.17.10
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-xss-protection
1; mode=block
montserrat.css
bank-admin.weavepay.dev/css/fonts/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bank-admin.weavepay.dev/css/fonts/montserrat.css
Requested by
Host: bank-admin.weavepay.dev
URL: https://bank-admin.weavepay.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.246.63.252 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
252.63.246.35.bc.googleusercontent.com
Software
nginx/1.17.10 /
Resource Hash
93e34e0cc845d788ffd5dc593da1e6e5ac53fb716b782bda70d58f8805d76b08
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/css/fonts/montserrat.css
pragma
no-cache
cookie
ring-session=0dd7eb69-f801-4469-ade3-4bfd3225c63a
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
bank-admin.weavepay.dev
referer
https://bank-admin.weavepay.dev/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://bank-admin.weavepay.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:02:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 29 Sep 2021 13:58:39 GMT
server
nginx/1.17.10
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-xss-protection
1; mode=block
ant.css
bank-admin.weavepay.dev/css/ 		491 KB
68 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bank-admin.weavepay.dev/css/ant.css
Requested by
Host: bank-admin.weavepay.dev
URL: https://bank-admin.weavepay.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.246.63.252 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
252.63.246.35.bc.googleusercontent.com
Software
nginx/1.17.10 /
Resource Hash
61bdfe64ec257cb9478c39b827f5a8b360f185fcb07be32c8236cd1cdc49fe9d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/css/ant.css
pragma
no-cache
cookie
ring-session=0dd7eb69-f801-4469-ade3-4bfd3225c63a
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
bank-admin.weavepay.dev
referer
https://bank-admin.weavepay.dev/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://bank-admin.weavepay.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:02:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 29 Sep 2021 13:58:39 GMT
server
nginx/1.17.10
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-xss-protection
1; mode=block
app.js
bank-admin.weavepay.dev/js/ 		6 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://bank-admin.weavepay.dev/js/app.js
Requested by
Host: bank-admin.weavepay.dev
URL: https://bank-admin.weavepay.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.246.63.252 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
252.63.246.35.bc.googleusercontent.com
Software
nginx/1.17.10 /
Resource Hash
c79d59e4662b801f0d7126c3b4241bd3af59a941cb845475320ef50552ec30b8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/js/app.js
pragma
no-cache
cookie
ring-session=0dd7eb69-f801-4469-ade3-4bfd3225c63a
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
bank-admin.weavepay.dev
referer
https://bank-admin.weavepay.dev/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://bank-admin.weavepay.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:02:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 29 Sep 2021 13:58:39 GMT
server
nginx/1.17.10
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-xss-protection
1; mode=block
Montserrat-Medium.woff2
bank-admin.weavepay.dev/css/fonts/ 		83 KB
84 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bank-admin.weavepay.dev/css/fonts/Montserrat-Medium.woff2
Requested by
Host: bank-admin.weavepay.dev
URL: https://bank-admin.weavepay.dev/css/fonts/montserrat.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.246.63.252 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
252.63.246.35.bc.googleusercontent.com
Software
nginx/1.17.10 /
Resource Hash
8ecec1f3a5ef5ab5bb36f25191042bc8fa62c8f03a479c712e80fb44c7e93499
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://bank-admin.weavepay.dev
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
ring-session=0dd7eb69-f801-4469-ade3-4bfd3225c63a
:path
/css/fonts/Montserrat-Medium.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
bank-admin.weavepay.dev
referer
https://bank-admin.weavepay.dev/css/fonts/montserrat.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bank-admin.weavepay.dev/css/fonts/montserrat.css
Origin
https://bank-admin.weavepay.dev
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:02:55 GMT
x-content-type-options
nosniff
last-modified
Wed, 29 Sep 2021 13:58:39 GMT
server
nginx/1.17.10
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
strict-transport-security
max-age=15724800; includeSubDomains
content-length
85104
x-xss-protection
1; mode=block
Montserrat-Bold.woff2
bank-admin.weavepay.dev/css/fonts/ 		83 KB
84 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bank-admin.weavepay.dev/css/fonts/Montserrat-Bold.woff2
Requested by
Host: bank-admin.weavepay.dev
URL: https://bank-admin.weavepay.dev/css/fonts/montserrat.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.246.63.252 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
252.63.246.35.bc.googleusercontent.com
Software
nginx/1.17.10 /
Resource Hash
29c32cacfed9cbacd7336d1a175235bf99a4ee6a3c320f832da53cc6dda8efda
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://bank-admin.weavepay.dev
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
ring-session=0dd7eb69-f801-4469-ade3-4bfd3225c63a
:path
/css/fonts/Montserrat-Bold.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
bank-admin.weavepay.dev
referer
https://bank-admin.weavepay.dev/css/fonts/montserrat.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bank-admin.weavepay.dev/css/fonts/montserrat.css
Origin
https://bank-admin.weavepay.dev
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:02:55 GMT
x-content-type-options
nosniff
last-modified
Wed, 29 Sep 2021 13:58:39 GMT
server
nginx/1.17.10
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
strict-transport-security
max-age=15724800; includeSubDomains
content-length
85460
x-xss-protection
1; mode=block
docs
bank-admin.weavepay.dev/ 		40 B
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bank-admin.weavepay.dev/docs
Requested by
Host: bank-admin.weavepay.dev
URL: https://bank-admin.weavepay.dev/js/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.246.63.252 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
252.63.246.35.bc.googleusercontent.com
Software
nginx/1.17.10 /
Resource Hash
1b8386ea1e63de411e5bfbc74de308f9b28d45382e5852af8c7a0bf42ebec681
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/docs
pragma
no-cache
cookie
ring-session=0dd7eb69-f801-4469-ade3-4bfd3225c63a
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
bank-admin.weavepay.dev
referer
https://bank-admin.weavepay.dev/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
*/*
Referer
https://bank-admin.weavepay.dev/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:02:55 GMT
x-content-type-options
nosniff
server
nginx/1.17.10
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
strict-transport-security
max-age=15724800; includeSubDomains
content-length
40
x-xss-protection
1; mode=block
Montserrat-Black.woff2
bank-admin.weavepay.dev/css/fonts/ 		83 KB
83 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bank-admin.weavepay.dev/css/fonts/Montserrat-Black.woff2
Requested by
Host: bank-admin.weavepay.dev
URL: https://bank-admin.weavepay.dev/css/fonts/montserrat.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.246.63.252 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
252.63.246.35.bc.googleusercontent.com
Software
nginx/1.17.10 /
Resource Hash
683314d82ebb56da0e053ca200386aa47d42584aaac66d58b2a58e2963228fb7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://bank-admin.weavepay.dev
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
ring-session=0dd7eb69-f801-4469-ade3-4bfd3225c63a
:path
/css/fonts/Montserrat-Black.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
bank-admin.weavepay.dev
referer
https://bank-admin.weavepay.dev/css/fonts/montserrat.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bank-admin.weavepay.dev/css/fonts/montserrat.css
Origin
https://bank-admin.weavepay.dev
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:02:55 GMT
x-content-type-options
nosniff
last-modified
Wed, 29 Sep 2021 13:58:39 GMT
server
nginx/1.17.10
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
strict-transport-security
max-age=15724800; includeSubDomains
content-length
84980
x-xss-protection
1; mode=block
Montserrat-SemiBold.woff2
bank-admin.weavepay.dev/css/fonts/ 		83 KB
83 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bank-admin.weavepay.dev/css/fonts/Montserrat-SemiBold.woff2
Requested by
Host: bank-admin.weavepay.dev
URL: https://bank-admin.weavepay.dev/css/fonts/montserrat.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.246.63.252 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
252.63.246.35.bc.googleusercontent.com
Software
nginx/1.17.10 /
Resource Hash
c3305508aab317212ef34323df312de6bf3609b2513c1754bca3352249c4937c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://bank-admin.weavepay.dev
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
ring-session=0dd7eb69-f801-4469-ade3-4bfd3225c63a
:path
/css/fonts/Montserrat-SemiBold.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
bank-admin.weavepay.dev
referer
https://bank-admin.weavepay.dev/css/fonts/montserrat.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bank-admin.weavepay.dev/css/fonts/montserrat.css
Origin
https://bank-admin.weavepay.dev
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:02:55 GMT
x-content-type-options
nosniff
last-modified
Wed, 29 Sep 2021 13:58:39 GMT
server
nginx/1.17.10
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
strict-transport-security
max-age=15724800; includeSubDomains
content-length
84924
x-xss-protection
1; mode=block
Montserrat-Regular.woff2
bank-admin.weavepay.dev/css/fonts/ 		83 KB
84 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bank-admin.weavepay.dev/css/fonts/Montserrat-Regular.woff2
Requested by
Host: bank-admin.weavepay.dev
URL: https://bank-admin.weavepay.dev/css/fonts/montserrat.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.246.63.252 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
252.63.246.35.bc.googleusercontent.com
Software
nginx/1.17.10 /
Resource Hash
92cba068249e9ca44d99d19ccda0616f4743b5455426858cfee4e30bd8a53b6a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://bank-admin.weavepay.dev
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
ring-session=0dd7eb69-f801-4469-ade3-4bfd3225c63a
:path
/css/fonts/Montserrat-Regular.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
bank-admin.weavepay.dev
referer
https://bank-admin.weavepay.dev/css/fonts/montserrat.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bank-admin.weavepay.dev/css/fonts/montserrat.css
Origin
https://bank-admin.weavepay.dev
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:02:55 GMT
x-content-type-options
nosniff
last-modified
Wed, 29 Sep 2021 13:58:39 GMT
server
nginx/1.17.10
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
strict-transport-security
max-age=15724800; includeSubDomains
content-length
85120
x-xss-protection
1; mode=block
private
dev-api.weavepay.dev/admin/api/clients/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dev-api.weavepay.dev/admin/api/clients/private?limit=10
Protocol
H2
Server
35.246.63.252 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
252.63.246.35.bc.googleusercontent.com
Software
nginx/1.17.10 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://bank-admin.weavepay.dev
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.17.10
date
Wed, 29 Sep 2021 14:02:56 GMT
content-type
application/octet-stream
content-length
18
access-control-allow-headers
Content-Type
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
access-control-allow-origin
https://bank-admin.weavepay.dev
x-content-type-options
nosniff
access-control-allow-methods
DELETE, GET, POST, PUT
strict-transport-security
max-age=15724800; includeSubDomains
private
dev-api.weavepay.dev/admin/api/clients/ 		26 B
328 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dev-api.weavepay.dev/admin/api/clients/private?limit=10
Requested by
Host: bank-admin.weavepay.dev
URL: https://bank-admin.weavepay.dev/js/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.246.63.252 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
252.63.246.35.bc.googleusercontent.com
Software
nginx/1.17.10 /
Resource Hash
21d27fea2ce5a4b27a830aed019c714462b71e996642116ed7ec951dbb150312
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept
application/json
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 29 Sep 2021 14:02:56 GMT
x-content-type-options
nosniff
server
nginx/1.17.10
x-frame-options
SAMEORIGIN
access-control-allow-methods
DELETE, GET, POST, PUT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bank-admin.weavepay.dev
strict-transport-security
max-age=15724800; includeSubDomains
content-length
26
x-xss-protection
1; mode=block
form-logo.svg
bank-admin.weavepay.dev/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bank-admin.weavepay.dev/img/form-logo.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.246.63.252 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
252.63.246.35.bc.googleusercontent.com
Software
nginx/1.17.10 /
Resource Hash
3bd6e44f94ca08b145a6ff7b37c8680bd5e88b257f9fc56594d5a9c5f79e7af9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/img/form-logo.svg
pragma
no-cache
cookie
ring-session=0dd7eb69-f801-4469-ade3-4bfd3225c63a
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
bank-admin.weavepay.dev
referer
https://bank-admin.weavepay.dev/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://bank-admin.weavepay.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:02:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 29 Sep 2021 13:58:39 GMT
server
nginx/1.17.10
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-xss-protection
1; mode=block
form-bg.svg
bank-admin.weavepay.dev/img/ 		1 KB
826 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bank-admin.weavepay.dev/img/form-bg.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.246.63.252 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
252.63.246.35.bc.googleusercontent.com
Software
nginx/1.17.10 /
Resource Hash
aca7d16aecd53e5e8019e24c3b3af6cac7acd1febaa09a67ea4f3f5a06aacbc4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/img/form-bg.svg
pragma
no-cache
cookie
ring-session=0dd7eb69-f801-4469-ade3-4bfd3225c63a
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
bank-admin.weavepay.dev
referer
https://bank-admin.weavepay.dev/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://bank-admin.weavepay.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:02:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 29 Sep 2021 13:58:39 GMT
server
nginx/1.17.10
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-xss-protection
1; mode=block
Montserrat-ExtraBold.woff2
bank-admin.weavepay.dev/css/fonts/ 		83 KB
84 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bank-admin.weavepay.dev/css/fonts/Montserrat-ExtraBold.woff2
Requested by
Host: bank-admin.weavepay.dev
URL: https://bank-admin.weavepay.dev/css/fonts/montserrat.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.246.63.252 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
252.63.246.35.bc.googleusercontent.com
Software
nginx/1.17.10 /
Resource Hash
afb17106253eaa7b7ddcb245137fa0dc3dacfed08637f12922a0499d143ad2ae
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://bank-admin.weavepay.dev
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
ring-session=0dd7eb69-f801-4469-ade3-4bfd3225c63a
:path
/css/fonts/Montserrat-ExtraBold.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
bank-admin.weavepay.dev
referer
https://bank-admin.weavepay.dev/css/fonts/montserrat.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bank-admin.weavepay.dev/css/fonts/montserrat.css
Origin
https://bank-admin.weavepay.dev
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:02:56 GMT
x-content-type-options
nosniff
last-modified
Wed, 29 Sep 2021 13:58:39 GMT
server
nginx/1.17.10
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
strict-transport-security
max-age=15724800; includeSubDomains
content-length
85180
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster string| csrfToken string| baseUrl object| shadow$provide object| $jscomp object| closure_lm_112015 object| regeneratorRuntime function| __extends function| __assign function| __rest function| __decorate function| __param function| __metadata function| __awaiter function| __generator function| __exportStar function| __createBinding function| __values function| __read function| __spread function| __spreadArrays function| __spreadArray function| __await function| __asyncGenerator function| __asyncDelegator function| __asyncValues function| __makeTemplateObject function| __importStar function| __importDefault function| __classPrivateFieldGet function| __classPrivateFieldSet function| moment

1 Cookies

Domain/Path Name / Value
bank-admin.weavepay.dev/ Name: ring-session
Value: 0dd7eb69-f801-4469-ade3-4bfd3225c63a

1 Console Messages

Source Level URL
Text
network error URL: https://dev-api.weavepay.dev/admin/api/clients/private?limit=10
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block