urlscan.io logo urlscan.io
SecurityTrails logo

app.govierates.com Open in urlscan Pro
20.119.136.13  Public Scan

Go To Rescan Add Verdict Report
URL: https://app.govierates.com/
Submission: On June 23 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 4 domains to perform 17 HTTP transactions. The main IP is 20.119.136.13, located in Boydton, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is app.govierates.com.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on April 10th 2024. Valid for: 6 months.
This is the only time app.govierates.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 20.119.136.13 8075 (MICROSOFT...)
17 2
Apex Domain
Subdomains		 Transfer
13 govierates.com
app.govierates.com
3 MB
0 cloudflare.com Failed
cdnjs.cloudflare.com Failed
0 azure.com Failed
js.monitor.azure.com Failed
0 bootstrapcdn.com Failed
stackpath.bootstrapcdn.com Failed
17 4
Domain Requested by
13 app.govierates.com app.govierates.com
0 cdnjs.cloudflare.com Failed app.govierates.com
0 js.monitor.azure.com Failed app.govierates.com
0 stackpath.bootstrapcdn.com Failed app.govierates.com
17 4

This site contains no links.

Subject Issuer Validity Valid
app.govierates.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2024-04-10 -
2024-10-10		 6 months crt.sh

This page contains 1 frames:

Primary Page: https://app.govierates.com/
Frame ID: 00D90EF237D4933CF7F74D39919946C1
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home Page - QuickBooks_W2 Sample

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

17
Requests

76 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

2
IPs

1
Countries

2671 kB
Transfer

2661 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
app.govierates.com/ 		9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.govierates.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.119.136.13 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
cdc3ef2667a42238ba285c387cf97c961aa12c161c5aee1be9e856847dcf7049
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; default-src 'self' *.stripe.com *.broadly.com *.monday.com; connect-src 'self' wss://localhost:*; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stripe.com *.broadly.com *.monday.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.monday.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
frame-ancestors 'none'; default-src 'self' *.stripe.com *.broadly.com *.monday.com; connect-src 'self' wss://localhost:*; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stripe.com *.broadly.com *.monday.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.monday.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data:
Content-Type
text/html; charset=utf-8
Date
Sun, 23 Jun 2024 04:16:35 GMT
Request-Context
appId=cid-v1:e67121f5-c2fe-435b-8c81-454ecebf3ca5
Server
Kestrel
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
X-Frame-Options
DENY
jquery-ui.min.css
app.govierates.com/lib/jquery-ui-1.13.2/dist/css/ 		31 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.govierates.com/lib/jquery-ui-1.13.2/dist/css/jquery-ui.min.css?v=92EAOx46Gx4tp3Qo5vIqVYTyRUHAs9meZugPYGxJzKU
Requested by
Host: app.govierates.com
URL: https://app.govierates.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.119.136.13 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
f761003b1e3a1b1e2da77428e6f22a5584f24541c0b3d99e66e80f606c49cca5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; default-src 'self' *.stripe.com *.broadly.com *.monday.com; connect-src 'self' wss://localhost:*; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stripe.com *.broadly.com *.monday.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.monday.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.govierates.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 23 Jun 2024 04:16:35 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
frame-ancestors 'none'; default-src 'self' *.stripe.com *.broadly.com *.monday.com; connect-src 'self' wss://localhost:*; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stripe.com *.broadly.com *.monday.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.monday.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data:
Last-Modified
Tue, 23 Apr 2024 19:07:58 GMT
Server
Kestrel
ETag
"1da95b18db44688"
X-Frame-Options
DENY
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
32136
Request-Context
appId=cid-v1:e67121f5-c2fe-435b-8c81-454ecebf3ca5
all.min.css
app.govierates.com/plugins/fontawesome-free/css/ 		58 KB
59 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.govierates.com/plugins/fontawesome-free/css/all.min.css
Requested by
Host: app.govierates.com
URL: https://app.govierates.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.119.136.13 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
b5e38de32d149f2263d86a25f0db6e63418e296f5c42f004f1ad157b5062db96
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; default-src 'self' *.stripe.com *.broadly.com *.monday.com; connect-src 'self' wss://localhost:*; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stripe.com *.broadly.com *.monday.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.monday.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.govierates.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 23 Jun 2024 04:16:35 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
frame-ancestors 'none'; default-src 'self' *.stripe.com *.broadly.com *.monday.com; connect-src 'self' wss://localhost:*; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stripe.com *.broadly.com *.monday.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.monday.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data:
Last-Modified
Tue, 23 Apr 2024 19:07:58 GMT
Server
Kestrel
ETag
"1da95b18db4dcad"
X-Frame-Options
DENY
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
59309
Request-Context
appId=cid-v1:e67121f5-c2fe-435b-8c81-454ecebf3ca5
adminlte.min.css
app.govierates.com/Theme/dist/css/ 		1 MB
1 MB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.govierates.com/Theme/dist/css/adminlte.min.css
Requested by
Host: app.govierates.com
URL: https://app.govierates.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.119.136.13 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
bdd07542bd9c93db54ec194e575b2b5c7b02586347e9cbd5ee56d3e21f3e82cd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; default-src 'self' *.stripe.com *.broadly.com *.monday.com; connect-src 'self' wss://localhost:*; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stripe.com *.broadly.com *.monday.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.monday.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.govierates.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 23 Jun 2024 04:16:36 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
frame-ancestors 'none'; default-src 'self' *.stripe.com *.broadly.com *.monday.com; connect-src 'self' wss://localhost:*; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stripe.com *.broadly.com *.monday.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.monday.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data:
Last-Modified
Tue, 23 Apr 2024 19:07:58 GMT
Server
Kestrel
ETag
"1da95b18da16b16"
X-Frame-Options
DENY
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
1396758
Request-Context
appId=cid-v1:e67121f5-c2fe-435b-8c81-454ecebf3ca5
site.css
app.govierates.com/css/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.govierates.com/css/site.css
Requested by
Host: app.govierates.com
URL: https://app.govierates.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.119.136.13 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
2dbf6e7dd01c835f6d21e87bd0164aea55cc2415e2cd34626446a89a458a0caa
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; default-src 'self' *.stripe.com *.broadly.com *.monday.com; connect-src 'self' wss://localhost:*; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stripe.com *.broadly.com *.monday.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.monday.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.govierates.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 23 Jun 2024 04:16:36 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
frame-ancestors 'none'; default-src 'self' *.stripe.com *.broadly.com *.monday.com; connect-src 'self' wss://localhost:*; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stripe.com *.broadly.com *.monday.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.monday.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data:
Last-Modified
Tue, 23 Apr 2024 19:07:58 GMT
Server
Kestrel
ETag
"1da95b18db43fc1"
X-Frame-Options
DENY
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
1217
Request-Context
appId=cid-v1:e67121f5-c2fe-435b-8c81-454ecebf3ca5
jquery-ui.min.js
app.govierates.com/lib/jquery-ui-1.13.2/dist/Js/ 		249 KB
250 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.govierates.com/lib/jquery-ui-1.13.2/dist/Js/jquery-ui.min.js?v=nZt15r-ZKW93l-0S9zE39Slm27AhgP8FTGwBaAx72x0
Requested by
Host: app.govierates.com
URL: https://app.govierates.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.119.136.13 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
9d9b75e6bf99296f7797ed12f73137f52966dbb02180ff054c6c01680c7bdb1d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; default-src 'self' *.stripe.com *.broadly.com *.monday.com; connect-src 'self' wss://localhost:*; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stripe.com *.broadly.com *.monday.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.monday.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.govierates.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 23 Jun 2024 04:16:36 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
frame-ancestors 'none'; default-src 'self' *.stripe.com *.broadly.com *.monday.com; connect-src 'self' wss://localhost:*; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stripe.com *.broadly.com *.monday.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.monday.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data:
Last-Modified
Tue, 23 Apr 2024 19:07:58 GMT
Server
Kestrel
ETag
"1da95b18db7df71"
X-Frame-Options
DENY
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
255089
Request-Context
appId=cid-v1:e67121f5-c2fe-435b-8c81-454ecebf3ca5
site.js
app.govierates.com/js/ 		230 B
996 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.govierates.com/js/site.js?v=4q1jwFhaPaZgr8WAUSrux6hAuh0XDg9kPS3xIVq36I0
Requested by
Host: app.govierates.com
URL: https://app.govierates.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.119.136.13 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
33f35692fd57e7407f9a7a650fcc5cc12b828824f44f8f2c4d133323d87b3c11
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; default-src 'self' *.stripe.com *.broadly.com *.monday.com; connect-src 'self' wss://localhost:*; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stripe.com *.broadly.com *.monday.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.monday.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.govierates.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 23 Jun 2024 04:16:36 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
frame-ancestors 'none'; default-src 'self' *.stripe.com *.broadly.com *.monday.com; connect-src 'self' wss://localhost:*; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stripe.com *.broadly.com *.monday.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.monday.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data:
Last-Modified
Tue, 23 Apr 2024 19:07:58 GMT
Server
Kestrel
ETag
"1da95b18db43be6"
X-Frame-Options
DENY
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
230
Request-Context
appId=cid-v1:e67121f5-c2fe-435b-8c81-454ecebf3ca5
Left_Aligned-removed-bg-hi-res.png
app.govierates.com/Images/ 		629 KB
630 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.govierates.com/Images/Left_Aligned-removed-bg-hi-res.png
Requested by
Host: app.govierates.com
URL: https://app.govierates.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.119.136.13 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
3ef7b743e17713da5c1ac442988af285c5283a02147e7b44e185723544304c44
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; default-src 'self' *.stripe.com *.broadly.com *.monday.com; connect-src 'self' wss://localhost:*; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stripe.com *.broadly.com *.monday.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.monday.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.govierates.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 23 Jun 2024 04:16:36 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
frame-ancestors 'none'; default-src 'self' *.stripe.com *.broadly.com *.monday.com; connect-src 'self' wss://localhost:*; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stripe.com *.broadly.com *.monday.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.monday.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data:
Last-Modified
Tue, 23 Apr 2024 19:07:58 GMT
Server
Kestrel
ETag
"1da95b18dbde8d3"
X-Frame-Options
DENY
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
644051
Request-Context
appId=cid-v1:e67121f5-c2fe-435b-8c81-454ecebf3ca5
Sign_in_blue_btn_tall_default.png
app.govierates.com/Images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.govierates.com/Images/Sign_in_blue_btn_tall_default.png
Requested by
Host: app.govierates.com
URL: https://app.govierates.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.119.136.13 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
d88aedc45dfd8c527b79785ec87a9ccb8bdfad57848d8535e54a79ee79360a42
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; default-src 'self' *.stripe.com *.broadly.com *.monday.com; connect-src 'self' wss://localhost:*; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stripe.com *.broadly.com *.monday.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.monday.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.govierates.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 23 Jun 2024 04:16:36 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
frame-ancestors 'none'; default-src 'self' *.stripe.com *.broadly.com *.monday.com; connect-src 'self' wss://localhost:*; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stripe.com *.broadly.com *.monday.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.monday.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data:
Last-Modified
Tue, 23 Apr 2024 19:07:58 GMT
Server
Kestrel
ETag
"1da95b18db4339f"
X-Frame-Options
DENY
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
2207
Request-Context
appId=cid-v1:e67121f5-c2fe-435b-8c81-454ecebf3ca5
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ 		0
0
bootstrap.min.css
app.govierates.com/lib/bootstrap/dist/css/ 		152 KB
153 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.govierates.com/lib/bootstrap/dist/css/bootstrap.min.css
Requested by
Host: app.govierates.com
URL: https://app.govierates.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.119.136.13 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
ae576713bc196098f7438dede6ff1f835a23291c32b745ad7e6fb6db809a719b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; default-src 'self' *.stripe.com *.broadly.com *.monday.com; connect-src 'self' wss://localhost:*; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stripe.com *.broadly.com *.monday.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.monday.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.govierates.com/
Origin
https://app.govierates.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 23 Jun 2024 04:16:36 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
frame-ancestors 'none'; default-src 'self' *.stripe.com *.broadly.com *.monday.com; connect-src 'self' wss://localhost:*; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stripe.com *.broadly.com *.monday.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.monday.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data:
Last-Modified
Tue, 23 Apr 2024 19:07:58 GMT
Server
Kestrel
ETag
"1da95b18db65b74"
X-Frame-Options
DENY
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
155764
Request-Context
appId=cid-v1:e67121f5-c2fe-435b-8c81-454ecebf3ca5
ai.2.min.js
js.monitor.azure.com/scripts/b/ 		0
0
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 		0
0
jquery.min.js
app.govierates.com/lib/jquery/dist/ 		85 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.govierates.com/lib/jquery/dist/jquery.min.js
Requested by
Host: app.govierates.com
URL: https://app.govierates.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.119.136.13 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; default-src 'self' *.stripe.com *.broadly.com *.monday.com; connect-src 'self' wss://localhost:*; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stripe.com *.broadly.com *.monday.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.monday.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.govierates.com/
Origin
https://app.govierates.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 23 Jun 2024 04:16:37 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
frame-ancestors 'none'; default-src 'self' *.stripe.com *.broadly.com *.monday.com; connect-src 'self' wss://localhost:*; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stripe.com *.broadly.com *.monday.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.monday.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data:
Last-Modified
Tue, 23 Apr 2024 19:07:58 GMT
Server
Kestrel
ETag
"1da95b18db56891"
X-Frame-Options
DENY
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
86929
Request-Context
appId=cid-v1:e67121f5-c2fe-435b-8c81-454ecebf3ca5
bootstrap.bundle.min.js
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 		0
0
bootstrap.bundle.min.js
app.govierates.com/lib/bootstrap/dist/js/ 		77 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.govierates.com/lib/bootstrap/dist/js/bootstrap.bundle.min.js
Requested by
Host: app.govierates.com
URL: https://app.govierates.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.119.136.13 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
5d97e438677a16e845f3c8791a0126448a576e6fa1064168ef8c980cf639adbc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; default-src 'self' *.stripe.com *.broadly.com *.monday.com; connect-src 'self' wss://localhost:*; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stripe.com *.broadly.com *.monday.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.monday.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.govierates.com/
Origin
https://app.govierates.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 23 Jun 2024 04:16:37 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
frame-ancestors 'none'; default-src 'self' *.stripe.com *.broadly.com *.monday.com; connect-src 'self' wss://localhost:*; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stripe.com *.broadly.com *.monday.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.monday.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data:
Last-Modified
Tue, 23 Apr 2024 19:07:58 GMT
Server
Kestrel
ETag
"1da95b18db50831"
X-Frame-Options
DENY
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
78641
Request-Context
appId=cid-v1:e67121f5-c2fe-435b-8c81-454ecebf3ca5
gr_favicon_svg.svg
app.govierates.com/Images/ 		3 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://app.govierates.com/Images/gr_favicon_svg.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.119.136.13 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
67c17788adec5fd10ae58f0af34e9bb105083457e0705c5cab4d333d98e0d54b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; default-src 'self' *.stripe.com *.broadly.com *.monday.com; connect-src 'self' wss://localhost:*; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stripe.com *.broadly.com *.monday.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.monday.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.govierates.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 23 Jun 2024 04:16:37 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
frame-ancestors 'none'; default-src 'self' *.stripe.com *.broadly.com *.monday.com; connect-src 'self' wss://localhost:*; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stripe.com *.broadly.com *.monday.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.monday.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data:
Last-Modified
Tue, 23 Apr 2024 19:07:58 GMT
Server
Kestrel
ETag
"1da95b18db430c6"
X-Frame-Options
DENY
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
3014
Request-Context
appId=cid-v1:e67121f5-c2fe-435b-8c81-454ecebf3ca5

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
stackpath.bootstrapcdn.com
URL
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css
Domain
js.monitor.azure.com
URL
https://js.monitor.azure.com/scripts/b/ai.2.min.js
Domain
cdnjs.cloudflare.com
URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Domain
stackpath.bootstrapcdn.com
URL
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.bundle.min.js

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| appInsights

0 Cookies

9 Console Messages

Source Level URL
Text
security error URL: https://app.govierates.com/(Line 10)
Message:
Refused to load the stylesheet 'https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.monday.com". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security error URL: https://app.govierates.com/
Message:
Failed to find a valid digest in the 'integrity' attribute for resource 'https://app.govierates.com/lib/bootstrap/dist/css/bootstrap.min.css' with computed SHA-384 integrity 'T8BvL2pDN59Kgod7e7p4kesUb+oyQPt3tFt8S+sIa0jUenn1byQ97GBKHUN8ZPk0'. The resource has been blocked.
security error URL: https://app.govierates.com/(Line 18)
Message:
Refused to load the script 'https://js.monitor.azure.com/scripts/b/ai.2.min.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stripe.com *.broadly.com *.monday.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://app.govierates.com/
Message:
Refused to load the script 'https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stripe.com *.broadly.com *.monday.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://app.govierates.com/(Line 18)
Message:
Refused to connect to 'https://eastus2-3.in.applicationinsights.azure.com//v2/track' because it violates the following Content Security Policy directive: "connect-src 'self' wss://localhost:*".
javascript error URL: https://app.govierates.com/(Line 18)
Message:
Refused to connect to 'https://eastus2-3.in.applicationinsights.azure.com//v2/track' because it violates the document's Content Security Policy.
security error URL: https://app.govierates.com/
Message:
Failed to find a valid digest in the 'integrity' attribute for resource 'https://app.govierates.com/lib/jquery/dist/jquery.min.js' with computed SHA-256 integrity 'T+aPohYXbm0fRYDpJLr+zJ9RmYTswGsahAoIsNiMld4='. The resource has been blocked.
security error URL: https://app.govierates.com/
Message:
Refused to load the script 'https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.bundle.min.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stripe.com *.broadly.com *.monday.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://app.govierates.com/
Message:
Failed to find a valid digest in the 'integrity' attribute for resource 'https://app.govierates.com/lib/bootstrap/dist/js/bootstrap.bundle.min.js' with computed SHA-384 integrity 'YmHO0SrmqRp9xzTaPihel7MpNKl6ORqdv++TU6RSzEr6Wwn+sAWHVv5/LbkYveLe'. The resource has been blocked.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'none'; default-src 'self' *.stripe.com *.broadly.com *.monday.com; connect-src 'self' wss://localhost:*; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.stripe.com *.broadly.com *.monday.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.monday.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options DENY