urlscan.io logo urlscan.io
SecurityTrails logo

int01.securesave.app Open in urlscan Pro
2606:4700::6812:713  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://int01.id.esa.hsabank.com/
Effective URL: https://int01.securesave.app/start?returnUrl=%2fconnect%2fauthorize%2fcallback%3fclient_id%3dweb.client%26redirect_uri%3dhttp...
Submission: On January 15 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 46 HTTP transactions. The main IP is 2606:4700::6812:713, located in United States and belongs to CLOUDFLARENET, US. The main domain is int01.securesave.app.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 17th 2023. Valid for: a year.
This is the only time int01.securesave.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
4 27 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
6 13.69.106.212 8075 (MICROSOFT...)
46 8
1    2606:4700:3031::6815:3670 (United States)

ASN13335 (CLOUDFLARENET, US)
int01.id.esa.hsabank.com
27    2606:4700::6812:713 (United States)

ASN13335 (CLOUDFLARENET, US)
int01.securesave.app
int01.id.securesave.app
4    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
maps.googleapis.com
2    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
2    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
6    13.69.106.212 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
Apex Domain
Subdomains		 Transfer
27 securesave.app
int01.securesave.app
int01.id.securesave.app
int01.api.securesave.app Failed
5 MB
6 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 729
608 B
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
maps.googleapis.com — Cisco Umbrella Rank: 362
144 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2029
265 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
166 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 324
108 KB
1 hsabank.com
int01.id.esa.hsabank.com
392 B
46 7
Domain Requested by
24 int01.securesave.app 2 redirects int01.securesave.app
securesave
6 dc.services.visualstudio.com securesave
4 maps.googleapis.com int01.securesave.app
maps.googleapis.com
3 int01.id.securesave.app 2 redirects securesave
2 region1.google-analytics.com www.googletagmanager.com
2 www.googletagmanager.com securesave
2 cdn.jsdelivr.net int01.securesave.app
2 fonts.googleapis.com int01.securesave.app
1 int01.id.esa.hsabank.com 1 redirects
0 int01.api.securesave.app Failed securesave
46 10

This site contains no links.

Subject Issuer Validity Valid
securesave.app
Cloudflare Inc ECC CA-3		 2023-04-17 -
2024-04-16		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
in.applicationinsights.azure.com
Microsoft Azure RSA TLS Issuing CA 07		 2023-09-02 -
2024-08-27		 a year crt.sh

This page contains 2 frames:

Primary Page: https://int01.securesave.app/start?returnUrl=%2fconnect%2fauthorize%2fcallback%3fclient_id%3dweb.client%26redirect_uri%3dhttps%253A%252F%252Fint01.securesave.app%252Fcallback.html%26response_type%3did_token%2520token%26scope%3dopenid%2520profile%2520api1%2520offline_access%2520IdentityServerApi%26state%3daefc27476c944496a366495d75d32cba%26nonce%3d5dfab3e7a59944cfb254a8e12c34904d
Frame ID: D61AD2C4BA8B37ACB663ABBBB7973C5C
Requests: 41 HTTP requests in this frame

Frame: https://int01.securesave.app/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Frame ID: 43C20B6599B314EB1C85047E6F68EB3B
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SecureSave - Start

Page URL History Show full URLs

  1. https://int01.id.esa.hsabank.com/ HTTP 302
    https://int01.securesave.app/ Page URL
  2. https://int01.id.securesave.app/connect/authorize?client_id=web.client&redirect_uri=https%3A%2F%2Fint01.secu... HTTP 302
    https://int01.id.securesave.app/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dweb.... HTTP 302
    https://int01.securesave.app/start?returnUrl=%2fconnect%2fauthorize%2fcallback%3fclient_id%3dweb.client%2... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

46
Requests

85 %
HTTPS

88 %
IPv6

7
Domains

10
Subdomains

8
IPs

3
Countries

5352 kB
Transfer

26949 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://int01.id.esa.hsabank.com/ HTTP 302
    https://int01.securesave.app/ Page URL
  2. https://int01.id.securesave.app/connect/authorize?client_id=web.client&redirect_uri=https%3A%2F%2Fint01.securesave.app%2Fcallback.html&response_type=id_token%20token&scope=openid%20profile%20api1%20offline_access%20IdentityServerApi&state=aefc27476c944496a366495d75d32cba&nonce=5dfab3e7a59944cfb254a8e12c34904d HTTP 302
    https://int01.id.securesave.app/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dweb.client%26redirect_uri%3Dhttps%253A%252F%252Fint01.securesave.app%252Fcallback.html%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520api1%2520offline_access%2520IdentityServerApi%26state%3Daefc27476c944496a366495d75d32cba%26nonce%3D5dfab3e7a59944cfb254a8e12c34904d HTTP 302
    https://int01.securesave.app/start?returnUrl=%2fconnect%2fauthorize%2fcallback%3fclient_id%3dweb.client%26redirect_uri%3dhttps%253A%252F%252Fint01.securesave.app%252Fcallback.html%26response_type%3did_token%2520token%26scope%3dopenid%2520profile%2520api1%2520offline_access%2520IdentityServerApi%26state%3daefc27476c944496a366495d75d32cba%26nonce%3d5dfab3e7a59944cfb254a8e12c34904d Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://int01.id.esa.hsabank.com/ HTTP 302
  • https://int01.securesave.app/
Request Chain 10
  • https://int01.securesave.app/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://int01.securesave.app/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Request Chain 19
  • https://int01.securesave.app/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://int01.securesave.app/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
int01.securesave.app/
Redirect Chain
  • https://int01.id.esa.hsabank.com/
  • https://int01.securesave.app/
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://int01.securesave.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:713 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d02f60e13b558b0db0b0cc667d314e38f82855b66d05b3a43b9c5a547bb773b8
Security Headers
Name Value
Content-Security-Policy object-src 'none'; upgrade-insecure-requests; frame-ancestors 'self' *.securesave.app *.id.securesave.app securesave.app *.plaid.com ite.truistmomentum.com *.scrsv.com *.hsabank.com *.hsabankesa.com; script-src 'self' *.securesave.app *.id.securesave.app securesave.app *.plaid.com *.hsabank.com *.hsabankesa.com 'unsafe-eval'; script-src-elem 'self' *.securesave.app *.scrsv.com *.hsabankesa.com *.hsabank.com securesave.app *.id.securesave.app *.plaid.com fonts.googleapis.com maps.googleapis.com www.googletagmanager.com 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
cache-control
public, must-revalidate, max-age=30
cf-cache-status
DYNAMIC
cf-ray
845fe32b4b78bb43-FRA
content-encoding
gzip
content-security-policy
object-src 'none'; upgrade-insecure-requests; frame-ancestors 'self' *.securesave.app *.id.securesave.app securesave.app *.plaid.com ite.truistmomentum.com *.scrsv.com *.hsabank.com *.hsabankesa.com; script-src 'self' *.securesave.app *.id.securesave.app securesave.app *.plaid.com *.hsabank.com *.hsabankesa.com 'unsafe-eval'; script-src-elem 'self' *.securesave.app *.scrsv.com *.hsabankesa.com *.hsabank.com securesave.app *.id.securesave.app *.plaid.com fonts.googleapis.com maps.googleapis.com www.googletagmanager.com 'unsafe-eval' 'unsafe-inline';
content-type
text/html
date
Mon, 15 Jan 2024 17:37:34 GMT
last-modified
Thu, 11 Jan 2024 21:07:01 GMT
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
vary
Accept-Encoding
x-code
SecureIncNp
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
1; mode=block

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
845fe326b936b981-AMS
content-length
0
date
Mon, 15 Jan 2024 17:37:33 GMT
location
https://int01.securesave.app
request-context
appId=cid-v1:36effc62-b98b-4a16-9477-35aeb3c99750
server
cloudflare
x-powered-by
ASP.NET
j_-YMh6VvS0AriyUX7k7ScPbWmU.js
int01.securesave.app/cdn-cgi/apps/head/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://int01.securesave.app/cdn-cgi/apps/head/j_-YMh6VvS0AriyUX7k7ScPbWmU.js
Requested by
Host: int01.securesave.app
URL: https://int01.securesave.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:713 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91cf68c1a440ceb64f8758ac9a4f34f29c526be3b311145c3aeade1419080698
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://int01.securesave.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:37:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-version-id
UIkoN.dIlLtnoFbTo39gyyMHqJWe.vbi
cf-cache-status
MISS
strict-transport-security
max-age=0; includeSubDomains; preload
x-amz-request-id
26R5TRW1XYP2DEAY
content-length
1554
x-amz-id-2
BhEoan3ECDIuf/+drg+KBc64QhXxvBLWyAweXlwY5cf9wkaoM5wX8kYmIeskYV/2ahZrDE43efk=
last-modified
Thu, 17 Jun 2021 23:22:10 GMT
server
cloudflare
etag
"0352457baa75c3b5a461a7930faf1eed"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
845fe32d8e92bb43-FRA
expires
Tue, 14 Jan 2025 17:37:34 GMT
css
fonts.googleapis.com/ 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900
Requested by
Host: int01.securesave.app
URL: https://int01.securesave.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d175185dc8199dc8531d2c25a84073ad93a7c605a921b0168ed6106a193d21ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://int01.securesave.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 15 Jan 2024 17:37:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 15:59:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Jan 2024 17:37:34 GMT
materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@latest/css/ 		339 KB
54 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css
Requested by
Host: int01.securesave.app
URL: https://int01.securesave.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03fe3caba05e65b14e4035139eee89b12be87cd0bcf342ac3886770eec3a9962
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://int01.securesave.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:37:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
41152
x-jsd-version
7.4.47
content-encoding
br
x-cache
MISS, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220025-FRA, cache-lga21923-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"54a02-OVjZUfBzAil15Q3gxxGhe/obcD8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rCQeV7wlhyqDDeEmhu8icrBhpdgiQI2zWb2AFE8FlU%2FQfwsvfGro5wCrYDxOMLGKwQNoPRgaW7oxhAH1Ua2Vsbob7TQ9pb5LgIGzIZM6NXFje%2BS8lVlYdDM0%2F4jwPF5%2BvWeS2rI1UwMYFL4mATo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
845fe32dbc3a1e62-FRA
rocket-loader.min.js
int01.securesave.app/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://int01.securesave.app/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: int01.securesave.app
URL: https://int01.securesave.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:713 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://int01.securesave.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:37:34 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Wed, 27 Dec 2023 10:36:07 GMT
server
cloudflare
content-encoding
gzip
etag
W/"658bfe17-302c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
845fe32def78bb43-FRA
expires
Wed, 17 Jan 2024 17:37:34 GMT
bZHSK-9Gv7cRCLWWiw33j8Glix8.js
int01.securesave.app/cdn-cgi/apps/body/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://int01.securesave.app/cdn-cgi/apps/body/bZHSK-9Gv7cRCLWWiw33j8Glix8.js
Requested by
Host: int01.securesave.app
URL: https://int01.securesave.app/cdn-cgi/apps/head/j_-YMh6VvS0AriyUX7k7ScPbWmU.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:713 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
713f53652fa0a9df5624e6f5f50025f60ddcfbc79e30f9eb0e46cef79bbd1180
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://int01.securesave.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:37:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-version-id
ezTyNqmxGxOzl4fqxwzLnIXOpNDO2CVP
cf-cache-status
MISS
strict-transport-security
max-age=0; includeSubDomains; preload
x-amz-request-id
V6TNNSZSC2QX2EK2
content-length
1080
x-amz-id-2
jHs/JB/HqUYKWSncjtJpVk9utjeTdueeM6nTUR72Wj7rQcNaqSzvzaubtFiz0E2onKhMTgeqOEU=
last-modified
Thu, 17 Jun 2021 23:22:10 GMT
server
cloudflare
etag
"891c89d0d01349793ce9402e36c7c981"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
845fe3305a6cbb43-FRA
expires
Tue, 14 Jan 2025 17:37:35 GMT
index.js
int01.securesave.app/js/ 		1 MB
197 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://int01.securesave.app/js/index.js
Requested by
Host: int01.securesave.app
URL: https://int01.securesave.app/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:713 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdc46cdbe7ed5714fac47e58b9d91c5a586b7ae195567ed983f676011615bffa
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://int01.securesave.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:37:35 GMT
content-encoding
gzip
referrer-policy
same-origin
cf-cache-status
DYNAMIC
last-modified
Thu, 11 Jan 2024 21:07:01 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=0; includeSubDomains; preload
server
cloudflare
etag
"93461173"
vary
Accept-Encoding
x-dns-prefetch-control
off
content-type
text/javascript
cache-control
public, must-revalidate, max-age=30
cf-ray
845fe3306a79bb43-FRA
x-xss-protection
1; mode=block
chunk-common.js
int01.securesave.app/js/ 		163 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://int01.securesave.app/js/chunk-common.js
Requested by
Host: int01.securesave.app
URL: https://int01.securesave.app/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:713 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07bcba9570b9114df1549a8a32ed121a907e4c75021a870189eee0de6107d562
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://int01.securesave.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:37:34 GMT
content-encoding
gzip
referrer-policy
same-origin
cf-cache-status
DYNAMIC
last-modified
Thu, 11 Jan 2024 21:07:01 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=0; includeSubDomains; preload
server
cloudflare
etag
"93461173"
vary
Accept-Encoding
x-dns-prefetch-control
off
content-type
text/javascript
cache-control
public, must-revalidate, max-age=30
cf-ray
845fe3306a7abb43-FRA
x-xss-protection
1; mode=block
chunk-vendors.js
int01.securesave.app/js/ 		3 MB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://int01.securesave.app/js/chunk-vendors.js
Requested by
Host: int01.securesave.app
URL: https://int01.securesave.app/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:713 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://int01.securesave.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:37:35 GMT
content-encoding
gzip
referrer-policy
same-origin
cf-cache-status
DYNAMIC
last-modified
Thu, 11 Jan 2024 21:07:01 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=0; includeSubDomains; preload
server
cloudflare
etag
"93461173"
vary
Accept-Encoding
x-dns-prefetch-control
off
content-type
text/javascript
cache-control
public, must-revalidate, max-age=30
cf-ray
845fe3306a7bbb43-FRA
x-xss-protection
1; mode=block
js
maps.googleapis.com/maps/api/ 		212 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyAv1XrBydM1t2ukYHPAb4uRSVsZ-0jeTVM&libraries=places
Requested by
Host: int01.securesave.app
URL: https://int01.securesave.app/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
49b7ef8bcee5c3a33a1c9fd749a9e52954b462e938e2af1b9575486f75f4a7ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://int01.securesave.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:37:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Accept-Language, Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72488
x-xss-protection
0
main.js
int01.securesave.app/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/ Frame 43C2
Redirect Chain
  • https://int01.securesave.app/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://int01.securesave.app/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://int01.securesave.app/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Requested by
Host: int01.securesave.app
URL: https://int01.securesave.app/
Protocol
H2
Server
2606:4700::6812:713 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51396964d58fdbcbc975ed9af4cfa6f551696701b9bc2a9a3d0d26d7e7a3bf5b
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:37:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=0; includeSubDomains; preload
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
845fe3309aa3bb43-FRA

Redirect headers

date
Mon, 15 Jan 2024 17:37:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=0; includeSubDomains; preload
server
cloudflare
vary
accept-encoding
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
cache-control
max-age=300, public
cf-ray
845fe3307a89bb43-FRA
845fe32b4b78bb43
int01.securesave.app/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 43C2 		0
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://int01.securesave.app/cdn-cgi/challenge-platform/h/b/jsd/r/845fe32b4b78bb43
Requested by
Host: int01.securesave.app
URL: https://int01.securesave.app/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:713 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 15 Jan 2024 17:37:34 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
gzip
server
cloudflare
cf-ray
845fe3311b45bb43-FRA
content-type
text/plain; charset=UTF-8
truncated
/ 		833 B
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fa4e452fb02ad9bbe6945ef2ca3bf93382d0ad314cb9875b34916be384459525

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
text/css;charset=utf-8
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAv1XrBydM1t2ukYHPAb4uRSVsZ-0jeTVM&libraries=places
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://int01.securesave.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:37:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://int01.securesave.app
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
chunk-vendors.js
int01.securesave.app/js/ 		9 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://int01.securesave.app/js/chunk-vendors.js
Requested by
Host: int01.securesave.app
URL: https://int01.securesave.app/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:713 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e23f6602537cf0acb16c53dda96125d8101c48866a0d587628610f2004dda69
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://int01.securesave.app/
Origin
https://int01.securesave.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:37:35 GMT
content-encoding
gzip
referrer-policy
same-origin
cf-cache-status
DYNAMIC
last-modified
Thu, 11 Jan 2024 21:07:01 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=0; includeSubDomains; preload
server
cloudflare
etag
"93461173"
vary
Accept-Encoding
x-dns-prefetch-control
off
content-type
text/javascript
cache-control
public, must-revalidate, max-age=30
cf-ray
845fe332ed6cbb43-FRA
x-xss-protection
1; mode=block
chunk-common.js
int01.securesave.app/js/ 		163 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://int01.securesave.app/js/chunk-common.js
Requested by
Host: int01.securesave.app
URL: https://int01.securesave.app/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:713 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07bcba9570b9114df1549a8a32ed121a907e4c75021a870189eee0de6107d562
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://int01.securesave.app/
Origin
https://int01.securesave.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:37:35 GMT
content-encoding
gzip
referrer-policy
same-origin
cf-cache-status
DYNAMIC
last-modified
Thu, 11 Jan 2024 21:07:01 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=0; includeSubDomains; preload
server
cloudflare
etag
"93461173"
vary
Accept-Encoding
x-dns-prefetch-control
off
content-type
text/javascript
cache-control
public, must-revalidate, max-age=30
cf-ray
845fe334b807bb43-FRA
x-xss-protection
1; mode=block
index.js
int01.securesave.app/js/ 		1 MB
197 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://int01.securesave.app/js/index.js
Requested by
Host: int01.securesave.app
URL: https://int01.securesave.app/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:713 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdc46cdbe7ed5714fac47e58b9d91c5a586b7ae195567ed983f676011615bffa
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://int01.securesave.app/
Origin
https://int01.securesave.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:37:35 GMT
content-encoding
gzip
referrer-policy
same-origin
cf-cache-status
DYNAMIC
last-modified
Thu, 11 Jan 2024 21:07:01 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=0; includeSubDomains; preload
server
cloudflare
etag
"93461173"
vary
Accept-Encoding
x-dns-prefetch-control
off
content-type
text/javascript
cache-control
public, must-revalidate, max-age=30
cf-ray
845fe3367a37bb43-FRA
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		237 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PM18S9XL53&l=dataLayer
Requested by
Host: securesave
URL: webpack://SecureSave/./node_modules/vue-gtag/dist/vue-gtag.esm.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1d79c2bab8c99015741d96669d15cd05274a91a88f6aaf85d245828f2c72f1e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://int01.securesave.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:37:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84664
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 15 Jan 2024 17:37:36 GMT
openid-configuration
int01.id.securesave.app/.well-known/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://int01.id.securesave.app/.well-known/openid-configuration
Requested by
Host: securesave
URL: webpack://SecureSave/./node_modules/@microsoft/applicationinsights-core-js/dist-esm/JavaScriptSDK/InstrumentHooks.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:713 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://int01.securesave.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:37:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
x-powered-by
ASP.NET
vary
Origin,Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://int01.securesave.app
access-control-allow-credentials
true
cf-ray
845fe3391dee3808-FRA
request-context
appId=cid-v1:36effc62-b98b-4a16-9477-35aeb3c99750
main.js
int01.securesave.app/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/ Frame 43C2
Redirect Chain
  • https://int01.securesave.app/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://int01.securesave.app/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://int01.securesave.app/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Protocol
H2
Server
2606:4700::6812:713 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd25001aa9adaeef9194d3c1f45205a8fad48bf545c00ab6046599be55ae43d3
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:37:36 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
gzip
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
845fe3390d37bb43-FRA

Redirect headers

date
Mon, 15 Jan 2024 17:37:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=0; includeSubDomains; preload
server
cloudflare
vary
accept-encoding
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
845fe338ccfabb43-FRA
collect
region1.google-analytics.com/g/ 		0
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-PM18S9XL53&gtm=45je41a0v883136537&_p=1705340256070&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1248230374.1705340256&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEAE&_s=1&sid=1705340256&sct=1&seg=0&dl=https%3A%2F%2Fint01.securesave.app%2F&dt=SecureSave&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=90&tfd=3013
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PM18S9XL53&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://int01.securesave.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:37:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://int01.securesave.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
845fe32b4b78bb43
int01.securesave.app/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 43C2 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://int01.securesave.app/cdn-cgi/challenge-platform/h/b/jsd/r/845fe32b4b78bb43
Requested by
Host: int01.securesave.app
URL: https://int01.securesave.app/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:713 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 15 Jan 2024 17:37:36 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
gzip
server
cloudflare
cf-ray
845fe3397dcabb43-FRA
content-type
text/plain; charset=UTF-8
track
dc.services.visualstudio.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.212 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://int01.securesave.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Mon, 15 Jan 2024 17:37:36 GMT
x-content-type-options
nosniff
track
dc.services.visualstudio.com/v2/ 		96 B
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: securesave
URL: webpack://SecureSave/./node_modules/@microsoft/applicationinsights-core-js/dist-esm/JavaScriptSDK/InstrumentHooks.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.212 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://int01.securesave.app/
accept-language
de-DE,de;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
7FEEBCE4-FAA4-4BC3-8C7D-ADE7A9891500
strict-transport-security
max-age=31536000
date
Mon, 15 Jan 2024 17:37:36 GMT
x-content-type-options
nosniff
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
96
track
dc.services.visualstudio.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.212 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://int01.securesave.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Mon, 15 Jan 2024 17:37:36 GMT
x-content-type-options
nosniff
Primary Request start
int01.securesave.app/
Redirect Chain
  • https://int01.id.securesave.app/connect/authorize?client_id=web.client&redirect_uri=https%3A%2F%2Fint01.securesave.app%2Fcallback.html&response_type=id_token%20token&scope=openid%20profile%20api1%2...
  • https://int01.id.securesave.app/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dweb.client%26redirect_uri%3Dhttps%253A%252F%252Fint01.securesave.app%252Fcallback.html%26resp...
  • https://int01.securesave.app/start?returnUrl=%2fconnect%2fauthorize%2fcallback%3fclient_id%3dweb.client%26redirect_uri%3dhttps%253A%252F%252Fint01.securesave.app%252Fcallback.html%26response_type%3...
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://int01.securesave.app/start?returnUrl=%2fconnect%2fauthorize%2fcallback%3fclient_id%3dweb.client%26redirect_uri%3dhttps%253A%252F%252Fint01.securesave.app%252Fcallback.html%26response_type%3did_token%2520token%26scope%3dopenid%2520profile%2520api1%2520offline_access%2520IdentityServerApi%26state%3daefc27476c944496a366495d75d32cba%26nonce%3d5dfab3e7a59944cfb254a8e12c34904d
Requested by
Host: securesave
URL: webpack://SecureSave/./node_modules/oidc-client/lib/oidc-client.min.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:713 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8959b76dbbf27b1cbe491678eaefd407b7f209de01826abbbe11e7c41ef0a327
Security Headers
Name Value
Content-Security-Policy object-src 'none'; upgrade-insecure-requests; frame-ancestors 'self' *.securesave.app *.id.securesave.app securesave.app *.plaid.com ite.truistmomentum.com *.scrsv.com *.hsabank.com *.hsabankesa.com; script-src 'self' *.securesave.app *.id.securesave.app securesave.app *.plaid.com *.hsabank.com *.hsabankesa.com 'unsafe-eval'; script-src-elem 'self' *.securesave.app *.scrsv.com *.hsabankesa.com *.hsabank.com securesave.app *.id.securesave.app *.plaid.com fonts.googleapis.com maps.googleapis.com www.googletagmanager.com 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://int01.securesave.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
cache-control
public, must-revalidate, max-age=30
cf-cache-status
DYNAMIC
cf-ray
845fe3463e17bb43-FRA
content-encoding
gzip
content-security-policy
object-src 'none'; upgrade-insecure-requests; frame-ancestors 'self' *.securesave.app *.id.securesave.app securesave.app *.plaid.com ite.truistmomentum.com *.scrsv.com *.hsabank.com *.hsabankesa.com; script-src 'self' *.securesave.app *.id.securesave.app securesave.app *.plaid.com *.hsabank.com *.hsabankesa.com 'unsafe-eval'; script-src-elem 'self' *.securesave.app *.scrsv.com *.hsabankesa.com *.hsabank.com securesave.app *.id.securesave.app *.plaid.com fonts.googleapis.com maps.googleapis.com www.googletagmanager.com 'unsafe-eval' 'unsafe-inline';
content-type
text/html
date
Mon, 15 Jan 2024 17:37:38 GMT
last-modified
Thu, 11 Jan 2024 21:07:01 GMT
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
vary
Accept-Encoding
x-code
SecureIncNp
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
cf-cache-status
DYNAMIC
cf-ray
845fe341fc103a8b-FRA
content-length
0
content-security-policy
object-src 'none'; upgrade-insecure-requests; frame-ancestors 'self' *.securesave.app *.id.securesave.app securesave.app *.plaid.com ite.truistmomentum.com *.scrsv.com *.hsabank.com *.hsabankesa.com; script-src 'self' *.securesave.app *.id.securesave.app securesave.app *.plaid.com *.hsabank.com *.hsabankesa.com 'unsafe-eval'; script-src-elem 'self' *.securesave.app *.scrsv.com *.hsabankesa.com *.hsabank.com securesave.app *.id.securesave.app *.plaid.com fonts.googleapis.com maps.googleapis.com www.googletagmanager.com 'unsafe-eval' 'unsafe-inline';
content-security-policy-report-only
script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=Cz3UvHuMQDhRUt2kJc4KV23AMhYWTUixPpQN6XgD9so-1705340258-1-AVMN4XKj5Y8GEk9VMeQx-6zxY37BgdXp3nQWOhKPEl2HYmHuTdy_-VqIqhAkqjNRmkz8wy1c4hBOzHWBFYvjwFSpg7Rt3Uu95JyLe3JdWKzyt0OdLFXyPAb_IKRo1Xz-iBwakD_2xQiA4k3UuOMyuech6YJrA4BgGoTI2pxMnQSA; report-to cf-csp-endpoint
date
Mon, 15 Jan 2024 17:37:38 GMT
location
https://int01.securesave.app/start?returnUrl=%2fconnect%2fauthorize%2fcallback%3fclient_id%3dweb.client%26redirect_uri%3dhttps%253A%252F%252Fint01.securesave.app%252Fcallback.html%26response_type%3did_token%2520token%26scope%3dopenid%2520profile%2520api1%2520offline_access%2520IdentityServerApi%26state%3daefc27476c944496a366495d75d32cba%26nonce%3d5dfab3e7a59944cfb254a8e12c34904d
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=Cz3UvHuMQDhRUt2kJc4KV23AMhYWTUixPpQN6XgD9so-1705340258-1-AVMN4XKj5Y8GEk9VMeQx-6zxY37BgdXp3nQWOhKPEl2HYmHuTdy_-VqIqhAkqjNRmkz8wy1c4hBOzHWBFYvjwFSpg7Rt3Uu95JyLe3JdWKzyt0OdLFXyPAb_IKRo1Xz-iBwakD_2xQiA4k3UuOMyuech6YJrA4BgGoTI2pxMnQSA"}],"group":"cf-csp-endpoint","max_age":86400}
request-context
appId=cid-v1:36effc62-b98b-4a16-9477-35aeb3c99750
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
vary
Accept-Encoding
x-code
SecureIncNp
x-content-type-options
nosniff
x-xss-protection
1; mode=block
track
dc.services.visualstudio.com/v2/ 		96 B
163 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: securesave
URL: webpack://SecureSave/./node_modules/@microsoft/applicationinsights-channel-js/dist-esm/Sender.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.212 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://int01.securesave.app/
accept-language
de-DE,de;q=0.9
sdk-context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

x-ms-session-id
2834106E-2F9E-43FF-BF75-65695CE9E5B5
strict-transport-security
max-age=31536000
date
Mon, 15 Jan 2024 17:37:36 GMT
x-content-type-options
nosniff
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
96
collect
region1.google-analytics.com/g/ 		0
0
j_-YMh6VvS0AriyUX7k7ScPbWmU.js
int01.securesave.app/cdn-cgi/apps/head/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://int01.securesave.app/cdn-cgi/apps/head/j_-YMh6VvS0AriyUX7k7ScPbWmU.js
Requested by
Host: int01.securesave.app
URL: https://int01.securesave.app/start?returnUrl=%2fconnect%2fauthorize%2fcallback%3fclient_id%3dweb.client%26redirect_uri%3dhttps%253A%252F%252Fint01.securesave.app%252Fcallback.html%26response_type%3did_token%2520token%26scope%3dopenid%2520profile%2520api1%2520offline_access%2520IdentityServerApi%26state%3daefc27476c944496a366495d75d32cba%26nonce%3d5dfab3e7a59944cfb254a8e12c34904d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:713 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91cf68c1a440ceb64f8758ac9a4f34f29c526be3b311145c3aeade1419080698
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://int01.securesave.app/start?returnUrl=%2fconnect%2fauthorize%2fcallback%3fclient_id%3dweb.client%26redirect_uri%3dhttps%253A%252F%252Fint01.securesave.app%252Fcallback.html%26response_type%3did_token%2520token%26scope%3dopenid%2520profile%2520api1%2520offline_access%2520IdentityServerApi%26state%3daefc27476c944496a366495d75d32cba%26nonce%3d5dfab3e7a59944cfb254a8e12c34904d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:37:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-version-id
UIkoN.dIlLtnoFbTo39gyyMHqJWe.vbi
cf-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
x-amz-request-id
26R5TRW1XYP2DEAY
age
4
content-length
1554
x-amz-id-2
BhEoan3ECDIuf/+drg+KBc64QhXxvBLWyAweXlwY5cf9wkaoM5wX8kYmIeskYV/2ahZrDE43efk=
last-modified
Thu, 17 Jun 2021 23:22:10 GMT
server
cloudflare
etag
"0352457baa75c3b5a461a7930faf1eed"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
845fe3475f55bb43-FRA
expires
Tue, 14 Jan 2025 17:37:38 GMT
css
fonts.googleapis.com/ 		12 KB
961 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900
Requested by
Host: int01.securesave.app
URL: https://int01.securesave.app/start?returnUrl=%2fconnect%2fauthorize%2fcallback%3fclient_id%3dweb.client%26redirect_uri%3dhttps%253A%252F%252Fint01.securesave.app%252Fcallback.html%26response_type%3did_token%2520token%26scope%3dopenid%2520profile%2520api1%2520offline_access%2520IdentityServerApi%26state%3daefc27476c944496a366495d75d32cba%26nonce%3d5dfab3e7a59944cfb254a8e12c34904d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d175185dc8199dc8531d2c25a84073ad93a7c605a921b0168ed6106a193d21ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://int01.securesave.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 15 Jan 2024 17:37:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 15:43:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Jan 2024 17:37:38 GMT
materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@latest/css/ 		339 KB
54 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css
Requested by
Host: int01.securesave.app
URL: https://int01.securesave.app/start?returnUrl=%2fconnect%2fauthorize%2fcallback%3fclient_id%3dweb.client%26redirect_uri%3dhttps%253A%252F%252Fint01.securesave.app%252Fcallback.html%26response_type%3did_token%2520token%26scope%3dopenid%2520profile%2520api1%2520offline_access%2520IdentityServerApi%26state%3daefc27476c944496a366495d75d32cba%26nonce%3d5dfab3e7a59944cfb254a8e12c34904d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03fe3caba05e65b14e4035139eee89b12be87cd0bcf342ac3886770eec3a9962
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://int01.securesave.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:37:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
41156
x-jsd-version
7.4.47
content-encoding
br
x-cache
MISS, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220025-FRA, cache-lga21923-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"54a02-OVjZUfBzAil15Q3gxxGhe/obcD8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2B5DloS18x4EFsdjouDIdxANHmzKvp4DtrBz45vl0BWh4%2Fq6V%2F41kstLb5cjKzazWJ8Yta%2B6ZryHId8Rko%2BLME5ySGwxILbV1kFQd%2BwBM06OvjLHdF7ChhZBU3S%2Fh23utW2fuM%2BiShMWJsjVFlk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
845fe3476a091e62-FRA
rocket-loader.min.js
int01.securesave.app/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://int01.securesave.app/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: int01.securesave.app
URL: https://int01.securesave.app/start?returnUrl=%2fconnect%2fauthorize%2fcallback%3fclient_id%3dweb.client%26redirect_uri%3dhttps%253A%252F%252Fint01.securesave.app%252Fcallback.html%26response_type%3did_token%2520token%26scope%3dopenid%2520profile%2520api1%2520offline_access%2520IdentityServerApi%26state%3daefc27476c944496a366495d75d32cba%26nonce%3d5dfab3e7a59944cfb254a8e12c34904d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:713 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://int01.securesave.app/start?returnUrl=%2fconnect%2fauthorize%2fcallback%3fclient_id%3dweb.client%26redirect_uri%3dhttps%253A%252F%252Fint01.securesave.app%252Fcallback.html%26response_type%3did_token%2520token%26scope%3dopenid%2520profile%2520api1%2520offline_access%2520IdentityServerApi%26state%3daefc27476c944496a366495d75d32cba%26nonce%3d5dfab3e7a59944cfb254a8e12c34904d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:37:38 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Wed, 27 Dec 2023 10:36:07 GMT
server
cloudflare
content-encoding
gzip
etag
W/"658bfe17-302c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
845fe3479f9bbb43-FRA
expires
Wed, 17 Jan 2024 17:37:38 GMT
bZHSK-9Gv7cRCLWWiw33j8Glix8.js
int01.securesave.app/cdn-cgi/apps/body/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://int01.securesave.app/cdn-cgi/apps/body/bZHSK-9Gv7cRCLWWiw33j8Glix8.js
Requested by
Host: int01.securesave.app
URL: https://int01.securesave.app/cdn-cgi/apps/head/j_-YMh6VvS0AriyUX7k7ScPbWmU.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:713 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
713f53652fa0a9df5624e6f5f50025f60ddcfbc79e30f9eb0e46cef79bbd1180
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://int01.securesave.app/start?returnUrl=%2fconnect%2fauthorize%2fcallback%3fclient_id%3dweb.client%26redirect_uri%3dhttps%253A%252F%252Fint01.securesave.app%252Fcallback.html%26response_type%3did_token%2520token%26scope%3dopenid%2520profile%2520api1%2520offline_access%2520IdentityServerApi%26state%3daefc27476c944496a366495d75d32cba%26nonce%3d5dfab3e7a59944cfb254a8e12c34904d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:37:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-version-id
ezTyNqmxGxOzl4fqxwzLnIXOpNDO2CVP
cf-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
x-amz-request-id
V6TNNSZSC2QX2EK2
age
3
content-length
1080
x-amz-id-2
jHs/JB/HqUYKWSncjtJpVk9utjeTdueeM6nTUR72Wj7rQcNaqSzvzaubtFiz0E2onKhMTgeqOEU=
last-modified
Thu, 17 Jun 2021 23:22:10 GMT
server
cloudflare
etag
"891c89d0d01349793ce9402e36c7c981"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
845fe3479f9ebb43-FRA
expires
Tue, 14 Jan 2025 17:37:38 GMT
index.js
int01.securesave.app/js/ 		0
0
chunk-common.js
int01.securesave.app/js/ 		0
0
chunk-vendors.js
int01.securesave.app/js/ 		0
0
js
maps.googleapis.com/maps/api/ 		212 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyAv1XrBydM1t2ukYHPAb4uRSVsZ-0jeTVM&libraries=places
Requested by
Host: int01.securesave.app
URL: https://int01.securesave.app/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
49b7ef8bcee5c3a33a1c9fd749a9e52954b462e938e2af1b9575486f75f4a7ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://int01.securesave.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:37:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Accept-Language, Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72488
x-xss-protection
0
truncated
/ 		833 B
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fa4e452fb02ad9bbe6945ef2ca3bf93382d0ad314cb9875b34916be384459525

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
text/css;charset=utf-8
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAv1XrBydM1t2ukYHPAb4uRSVsZ-0jeTVM&libraries=places
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://int01.securesave.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:37:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://int01.securesave.app
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
chunk-vendors.js
int01.securesave.app/js/ 		9 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://int01.securesave.app/js/chunk-vendors.js
Requested by
Host: int01.securesave.app
URL: https://int01.securesave.app/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:713 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e23f6602537cf0acb16c53dda96125d8101c48866a0d587628610f2004dda69
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://int01.securesave.app/start?returnUrl=%2fconnect%2fauthorize%2fcallback%3fclient_id%3dweb.client%26redirect_uri%3dhttps%253A%252F%252Fint01.securesave.app%252Fcallback.html%26response_type%3did_token%2520token%26scope%3dopenid%2520profile%2520api1%2520offline_access%2520IdentityServerApi%26state%3daefc27476c944496a366495d75d32cba%26nonce%3d5dfab3e7a59944cfb254a8e12c34904d
Origin
https://int01.securesave.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:37:38 GMT
content-encoding
gzip
referrer-policy
same-origin
cf-cache-status
DYNAMIC
last-modified
Thu, 11 Jan 2024 21:07:01 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=0; includeSubDomains; preload
server
cloudflare
etag
"93461173"
vary
Accept-Encoding
x-dns-prefetch-control
off
content-type
text/javascript
cache-control
public, must-revalidate, max-age=30
cf-ray
845fe348181abb43-FRA
x-xss-protection
1; mode=block
chunk-common.js
int01.securesave.app/js/ 		163 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://int01.securesave.app/js/chunk-common.js
Requested by
Host: int01.securesave.app
URL: https://int01.securesave.app/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:713 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07bcba9570b9114df1549a8a32ed121a907e4c75021a870189eee0de6107d562
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://int01.securesave.app/start?returnUrl=%2fconnect%2fauthorize%2fcallback%3fclient_id%3dweb.client%26redirect_uri%3dhttps%253A%252F%252Fint01.securesave.app%252Fcallback.html%26response_type%3did_token%2520token%26scope%3dopenid%2520profile%2520api1%2520offline_access%2520IdentityServerApi%26state%3daefc27476c944496a366495d75d32cba%26nonce%3d5dfab3e7a59944cfb254a8e12c34904d
Origin
https://int01.securesave.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:37:39 GMT
content-encoding
gzip
referrer-policy
same-origin
cf-cache-status
DYNAMIC
last-modified
Thu, 11 Jan 2024 21:07:01 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=0; includeSubDomains; preload
server
cloudflare
etag
"93461173"
vary
Accept-Encoding
x-dns-prefetch-control
off
content-type
text/javascript
cache-control
public, must-revalidate, max-age=30
cf-ray
845fe34abb70bb43-FRA
x-xss-protection
1; mode=block
index.js
int01.securesave.app/js/ 		1 MB
197 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://int01.securesave.app/js/index.js
Requested by
Host: int01.securesave.app
URL: https://int01.securesave.app/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:713 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdc46cdbe7ed5714fac47e58b9d91c5a586b7ae195567ed983f676011615bffa
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://int01.securesave.app/start?returnUrl=%2fconnect%2fauthorize%2fcallback%3fclient_id%3dweb.client%26redirect_uri%3dhttps%253A%252F%252Fint01.securesave.app%252Fcallback.html%26response_type%3did_token%2520token%26scope%3dopenid%2520profile%2520api1%2520offline_access%2520IdentityServerApi%26state%3daefc27476c944496a366495d75d32cba%26nonce%3d5dfab3e7a59944cfb254a8e12c34904d
Origin
https://int01.securesave.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:37:39 GMT
content-encoding
gzip
referrer-policy
same-origin
cf-cache-status
DYNAMIC
last-modified
Thu, 11 Jan 2024 21:07:01 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=0; includeSubDomains; preload
server
cloudflare
etag
"93461173"
vary
Accept-Encoding
x-dns-prefetch-control
off
content-type
text/javascript
cache-control
public, must-revalidate, max-age=30
cf-ray
845fe34c0cf3bb43-FRA
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		237 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PM18S9XL53&l=dataLayer
Requested by
Host: securesave
URL: webpack://SecureSave/./node_modules/vue-gtag/dist/vue-gtag.esm.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1d79c2bab8c99015741d96669d15cd05274a91a88f6aaf85d245828f2c72f1e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://int01.securesave.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:37:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84664
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 15 Jan 2024 17:37:39 GMT
src_views_start_vue.js
int01.securesave.app/js/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://int01.securesave.app/js/src_views_start_vue.js
Requested by
Host: int01.securesave.app
URL: https://int01.securesave.app/js/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:713 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b8e5e3618f2e026ac6453b1d16c955abe9390b77db9e7701739b132819a9f6
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://int01.securesave.app/start?returnUrl=%2fconnect%2fauthorize%2fcallback%3fclient_id%3dweb.client%26redirect_uri%3dhttps%253A%252F%252Fint01.securesave.app%252Fcallback.html%26response_type%3did_token%2520token%26scope%3dopenid%2520profile%2520api1%2520offline_access%2520IdentityServerApi%26state%3daefc27476c944496a366495d75d32cba%26nonce%3d5dfab3e7a59944cfb254a8e12c34904d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:37:39 GMT
content-encoding
gzip
referrer-policy
same-origin
cf-cache-status
DYNAMIC
last-modified
Thu, 11 Jan 2024 21:07:01 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=0; includeSubDomains; preload
server
cloudflare
etag
"93461173"
vary
Accept-Encoding
x-dns-prefetch-control
off
content-type
text/javascript
cache-control
public, must-revalidate, max-age=30
cf-ray
845fe34e0f20bb43-FRA
x-xss-protection
1; mode=block
track
dc.services.visualstudio.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.212 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://int01.securesave.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Mon, 15 Jan 2024 17:37:39 GMT
x-content-type-options
nosniff
track
dc.services.visualstudio.com/v2/ 		96 B
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: securesave
URL: webpack://SecureSave/./node_modules/@microsoft/applicationinsights-core-js/dist-esm/JavaScriptSDK/InstrumentHooks.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.212 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4b284480059c523ff2e514afc6db69877ebedf002d876869d262772e5d6ed846
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://int01.securesave.app/
accept-language
de-DE,de;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
03992C04-82A8-45C6-B7BD-C43F4D061B0C
strict-transport-security
max-age=31536000
date
Mon, 15 Jan 2024 17:37:39 GMT
x-content-type-options
nosniff
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
96
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-PM18S9XL53&gtm=45je41a0v883136537&_p=1705340259472&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1248230374.1705340256&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEAE&_s=1&sid=1705340256&sct=1&seg=0&dl=https%3A%2F%2Fint01.securesave.app%2Fstart%3FreturnUrl%3D%252fconnect%252fauthorize%252fcallback%253fclient_id%253dweb.client%2526redirect_uri%253dhttps%25253A%25252F%25252Fint01.securesave.app%25252Fcallback.html%2526response_type%253did_token%252520token%2526scope%253dopenid%252520profile%252520api1%252520offline_access%252520IdentityServerApi%2526state%253daefc27476c944496a366495d75d32cba%2526nonce%253d5dfab3e7a59944cfb254a8e12c34904d&dr=https%3A%2F%2Fint01.securesave.app%2F&dt=SecureSave%20-%20Start&en=scroll&epn.percent_scrolled=90&tfd=2852
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PM18S9XL53&l=dataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://int01.securesave.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 17:37:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://int01.securesave.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
details
int01.api.securesave.app/api/content/branding/Distributor/secure/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
region1.google-analytics.com
URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-PM18S9XL53&gtm=45je41a0v883136537&_p=1705340256070&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1248230374.1705340256&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1705340256&sct=1&seg=0&dl=https%3A%2F%2Fint01.securesave.app%2F&dt=SecureSave&en=user_engagement&_et=2284&tfd=5298
Domain
int01.securesave.app
URL
https://int01.securesave.app/js/index.js
Domain
int01.securesave.app
URL
https://int01.securesave.app/js/chunk-common.js
Domain
int01.securesave.app
URL
https://int01.securesave.app/js/chunk-vendors.js
Domain
int01.api.securesave.app
URL
https://int01.api.securesave.app/api/content/branding/Distributor/secure/details

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| CloudflareApps object| __cfQR object| google object| module$exports$mapsapi$geometry$spherical object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView boolean| __cfRLUnblockHandlers object| webpackChunkSecureSave function| _ object| $cookies object| dataLayer function| gtag function| error object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

10 Cookies

Domain/Path Name / Value
.int01.id.esa.hsabank.com/ Name: ARRAffinity
Value: 3e4931a31fa9f6b0a9a0b3e0bec1ba0e7d81601066244883a4782a099ce2b765
.int01.id.esa.hsabank.com/ Name: ARRAffinitySameSite
Value: 3e4931a31fa9f6b0a9a0b3e0bec1ba0e7d81601066244883a4782a099ce2b765
.securesave.app/ Name: __cf_bm
Value: OhpXML9qRXQImydynrd4xqMG0VNM4WE48_kz2xfwqVI-1705340254-1-Aao9RPCShZpVOv48I4PAZTFy6oXju0EOK+++sRFRtLKPxokKLCAmoH3w0P4xm1jpplRmTOU1y6nSpaXKQXqYEIk=
int01.securesave.app/ Name: ai_user
Value: 4MJ5LMIcBIfsQoub44uETF|2024-01-15T17:37:36.111Z
.securesave.app/ Name: _ga
Value: GA1.1.1248230374.1705340256
.securesave.app/ Name: cf_clearance
Value: m4uP5DIG.SE1SPZB5lXb5NuY2TQuaD7LRNENxmmUT7M-1705340256-1-AXFVFLCZAtcA+jDo12gw+IbZVzBAJBEqbhN/f9iyx17PiCDjrFXeqeT+WPdkExtXDrn2kV+cThUu0PG1YBE4dLQ=
.int01.id.securesave.app/ Name: ARRAffinity
Value: 3e4931a31fa9f6b0a9a0b3e0bec1ba0e7d81601066244883a4782a099ce2b765
.int01.id.securesave.app/ Name: ARRAffinitySameSite
Value: 3e4931a31fa9f6b0a9a0b3e0bec1ba0e7d81601066244883a4782a099ce2b765
.securesave.app/ Name: _ga_PM18S9XL53
Value: GS1.1.1705340256.1.0.1705340259.0.0.0
int01.securesave.app/ Name: ai_session
Value: hj83AFubA74UvPaUpse4x9|1705340256235|1705340259612

4 Console Messages

Source Level URL
Text
other warning URL: https://int01.securesave.app/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Message:
A preload for 'https://int01.securesave.app/js/chunk-vendors.js' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other warning URL: https://int01.securesave.app/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Message:
A preload for 'https://int01.securesave.app/js/chunk-common.js' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other warning URL: https://int01.securesave.app/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Message:
A preload for 'https://int01.securesave.app/js/index.js' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other warning URL: https://int01.securesave.app/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Message:
A preload for 'https://int01.securesave.app/js/chunk-vendors.js' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy object-src 'none'; upgrade-insecure-requests; frame-ancestors 'self' *.securesave.app *.id.securesave.app securesave.app *.plaid.com ite.truistmomentum.com *.scrsv.com *.hsabank.com *.hsabankesa.com; script-src 'self' *.securesave.app *.id.securesave.app securesave.app *.plaid.com *.hsabank.com *.hsabankesa.com 'unsafe-eval'; script-src-elem 'self' *.securesave.app *.scrsv.com *.hsabankesa.com *.hsabank.com securesave.app *.id.securesave.app *.plaid.com fonts.googleapis.com maps.googleapis.com www.googletagmanager.com 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
dc.services.visualstudio.com
fonts.googleapis.com
int01.api.securesave.app
int01.id.esa.hsabank.com
int01.id.securesave.app
int01.securesave.app
maps.googleapis.com
region1.google-analytics.com
www.googletagmanager.com
int01.api.securesave.app
int01.securesave.app
region1.google-analytics.com
13.69.106.212
2001:4860:4802:32::36
2606:4700:3031::6815:3670
2606:4700::6810:5714
2606:4700::6812:713
2a00:1450:4001:808::200a
2a00:1450:4001:810::2008
2a00:1450:4001:830::200a
03fe3caba05e65b14e4035139eee89b12be87cd0bcf342ac3886770eec3a9962
07bcba9570b9114df1549a8a32ed121a907e4c75021a870189eee0de6107d562
1d79c2bab8c99015741d96669d15cd05274a91a88f6aaf85d245828f2c72f1e9
2e23f6602537cf0acb16c53dda96125d8101c48866a0d587628610f2004dda69
47b8e5e3618f2e026ac6453b1d16c955abe9390b77db9e7701739b132819a9f6
49b7ef8bcee5c3a33a1c9fd749a9e52954b462e938e2af1b9575486f75f4a7ab
4b284480059c523ff2e514afc6db69877ebedf002d876869d262772e5d6ed846
51396964d58fdbcbc975ed9af4cfa6f551696701b9bc2a9a3d0d26d7e7a3bf5b
713f53652fa0a9df5624e6f5f50025f60ddcfbc79e30f9eb0e46cef79bbd1180
8959b76dbbf27b1cbe491678eaefd407b7f209de01826abbbe11e7c41ef0a327
91cf68c1a440ceb64f8758ac9a4f34f29c526be3b311145c3aeade1419080698
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d02f60e13b558b0db0b0cc667d314e38f82855b66d05b3a43b9c5a547bb773b8
d175185dc8199dc8531d2c25a84073ad93a7c605a921b0168ed6106a193d21ee
dd25001aa9adaeef9194d3c1f45205a8fad48bf545c00ab6046599be55ae43d3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fa4e452fb02ad9bbe6945ef2ca3bf93382d0ad314cb9875b34916be384459525
fdc46cdbe7ed5714fac47e58b9d91c5a586b7ae195567ed983f676011615bffa