app.orcasecurity.io Open in urlscan Pro
2600:9000:21f3:8e00:7:36d3:7680:93a1  Public Scan

URL: https://app.orcasecurity.io/alerts/orca-35157918?legacy=true
Submission: On May 17 via api from US — Scanned from DE

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 18 HTTP transactions. The main IP is 2600:9000:21f3:8e00:7:36d3:7680:93a1, located in United States and belongs to AMAZON-02, US. The main domain is app.orcasecurity.io.
TLS certificate: Issued by Amazon RSA 2048 M01 on June 20th 2023. Valid for: a year.
This is the only time app.orcasecurity.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 2600:9000:21f... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 34.120.195.249 396982 (GOOGLE-CL...)
2 142.250.185.132 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
18 7
Apex Domain
Subdomains
Transfer
10 orcasecurity.io
app.orcasecurity.io
5 MB
2 gstatic.com
fonts.gstatic.com
www.gstatic.com
236 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
973 B
2 sentry.io
o482658.ingest.sentry.io
415 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
1 KB
18 5
Domain Requested by
10 app.orcasecurity.io app.orcasecurity.io
2 www.google.com app.orcasecurity.io
www.gstatic.com
2 o482658.ingest.sentry.io app.orcasecurity.io
1 www.gstatic.com www.google.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com app.orcasecurity.io
18 6

This site contains no links.

Subject Issuer Validity Valid
app.us.orcasecurity.io
Amazon RSA 2048 M01
2023-06-20 -
2024-07-17
a year crt.sh
upload.video.google.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-11-02 -
2024-12-02
a year crt.sh
*.google.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
*.gstatic.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh

This page contains 2 frames:

Primary Page: https://app.orcasecurity.io/alerts/orca-35157918?legacy=true
Frame ID: AA0B7223D4C4254453057844D1274DA5
Requests: 17 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcXjiYcAAAAAI4L-w5bi5glHvQCzqS-dWIiG_JO&co=aHR0cHM6Ly9hcHAub3JjYXNlY3VyaXR5LmlvOjQ0Mw..&hl=de&v=8k85QBI-qzxmenDv318AZH30&size=invisible&cb=kjjfud3efcck
Frame ID: 2CCF288FAA1856EBE4D18CBEDF4498D5
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Login ยท Orca Security

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]*class="ant-(?:btn|col|row|layout|breadcrumb|menu|pagination|steps|select|cascader|checkbox|calendar|form|input-number|input|mention|rate|radio|slider|switch|tree-select|time-picker|transfer|upload|avatar|badge|card|carousel|collapse|list|popover|tooltip|table|tabs|tag|timeline|tree|alert|modal|message|notification|progress|popconfirm|spin|anchor|back-top|divider|drawer)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

18
Requests

94 %
HTTPS

67 %
IPv6

5
Domains

6
Subdomains

7
IPs

2
Countries

5272 kB
Transfer

18064 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request orca-35157918
app.orcasecurity.io/alerts/
1 KB
1 KB
Document
General
Full URL
https://app.orcasecurity.io/alerts/orca-35157918?legacy=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:8e00:7:36d3:7680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
30ebb11429f4916a64dfd0e7c1e4f73b197345cd8cf74084c94e025430534c44
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
55704
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 16 May 2024 12:16:49 GMT
etag
W/"45e77d9078accf2a74023828f608965d"
last-modified
Thu, 16 May 2024 12:16:24 GMT
referrer-policy
same-origin
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 182ef5a8d12abb5df1553676864737b0.cloudfront.net (CloudFront)
x-amz-cf-id
49wXefN7aOXflZisP-i2LLDBeInpc8eGvSxO-7lKZFft3qE8-dyV-w==
x-amz-cf-pop
FRA2-C2
x-amz-meta-etag
gmMbpyO84b6SdLNyRRJ0FQ==
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
polyfills-Clzn-bKs.js
app.orcasecurity.io/assets/
23 KB
10 KB
Script
General
Full URL
https://app.orcasecurity.io/assets/polyfills-Clzn-bKs.js
Requested by
Host: app.orcasecurity.io
URL: https://app.orcasecurity.io/alerts/orca-35157918?legacy=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:8e00:7:36d3:7680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
409306ecb6fb29ef68c68bd5088f7ddf8160f0465cd36717d3251a1d201e7805
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app.orcasecurity.io/alerts/orca-35157918?legacy=true
Origin
https://app.orcasecurity.io
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 12:16:50 GMT
content-encoding
br
via
1.1 182ef5a8d12abb5df1553676864737b0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA2-C2
age
55703
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
x-amz-meta-etag
gjPnnZIECuDaKmhO6GlRog==
referrer-policy
same-origin
last-modified
Mon, 08 Apr 2024 14:04:38 GMT
server
AmazonS3
etag
W/"b9afda7023d5fc230b2628f93b75bcbc"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
x-amz-cf-id
NNpwxiQO9N5iyB2k62L9HkQ3EW5ccJ-mtw89ZrX1DzCXi1B7mVfCLA==
css2
fonts.googleapis.com/
16 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Barlow:wght@300;400;500&family=Mulish:wght@300;400;500;600;700;800&family=Source+Code+Pro&display=swap
Requested by
Host: app.orcasecurity.io
URL: https://app.orcasecurity.io/alerts/orca-35157918?legacy=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9c37245becd96c15e524a8653ba511877e546d2a985f4408bfb30248c832a0d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 17 May 2024 03:45:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 17 May 2024 03:11:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 May 2024 03:45:12 GMT
index-BcfuZQhE.js
app.orcasecurity.io/assets/
8 MB
2 MB
Script
General
Full URL
https://app.orcasecurity.io/assets/index-BcfuZQhE.js
Requested by
Host: app.orcasecurity.io
URL: https://app.orcasecurity.io/alerts/orca-35157918?legacy=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:8e00:7:36d3:7680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d6c92ba10d4579e2045a7ec78d21f18aa31b642bd1a7c001d5e603d427b20d8c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app.orcasecurity.io/alerts/orca-35157918?legacy=true
Origin
https://app.orcasecurity.io
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 12:16:50 GMT
content-encoding
br
via
1.1 182ef5a8d12abb5df1553676864737b0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA2-C2
age
55703
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
x-amz-meta-etag
gmMbpyO84b6SdLNyRRJ0FQ==
referrer-policy
same-origin
last-modified
Thu, 16 May 2024 12:16:24 GMT
server
AmazonS3
etag
W/"a584039875e0d08416b5ffe1a372bba7"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
x-amz-cf-id
89jdafAH0mUfdPEkSTvr-vZ8vfmjwF1-F467t4J4xQTn2O3QgGq9QQ==
vendor-CsyeSqDf.js
app.orcasecurity.io/assets/
5 MB
1 MB
Script
General
Full URL
https://app.orcasecurity.io/assets/vendor-CsyeSqDf.js
Requested by
Host: app.orcasecurity.io
URL: https://app.orcasecurity.io/alerts/orca-35157918?legacy=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:8e00:7:36d3:7680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5513adbcf558a4bc365a3d19dd33649ef5634a1c4f1a1d72f569ab2d765360a3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app.orcasecurity.io/alerts/orca-35157918?legacy=true
Origin
https://app.orcasecurity.io
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 12:16:50 GMT
content-encoding
br
via
1.1 182ef5a8d12abb5df1553676864737b0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA2-C2
age
55703
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
x-amz-meta-etag
N7Ab40eZPB4N+WJGZ8F/tg==
referrer-policy
same-origin
last-modified
Mon, 13 May 2024 08:38:21 GMT
server
AmazonS3
etag
W/"eb1f653f80ab5a2e15d6cf3d578c9d6d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
x-amz-cf-id
cl_1fk9WvjDikrP2RKkUvLqldYjVzKNX3OyKQ4ol2RTz39QqjzD5yg==
images-DROnKumD.js
app.orcasecurity.io/assets/
3 MB
2 MB
Script
General
Full URL
https://app.orcasecurity.io/assets/images-DROnKumD.js
Requested by
Host: app.orcasecurity.io
URL: https://app.orcasecurity.io/alerts/orca-35157918?legacy=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:8e00:7:36d3:7680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d672afff583a3b7a10178eb4d744658c721b7857a6d8a0041870374405d196af
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app.orcasecurity.io/alerts/orca-35157918?legacy=true
Origin
https://app.orcasecurity.io
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 12:16:50 GMT
content-encoding
br
via
1.1 182ef5a8d12abb5df1553676864737b0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA2-C2
age
55703
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
x-amz-meta-etag
jRQJX1ytqn/McL7d0ZdV/Q==
referrer-policy
same-origin
last-modified
Wed, 15 May 2024 13:43:38 GMT
server
AmazonS3
etag
W/"52f085a005576b43852c2d42fbc82a9a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
x-amz-cf-id
gdkjWDOAnO2N5bow729AT8i-wq_Y-KonOO2lPw1dzhy2vLQ1K8on5A==
index-CqC6xgPs.css
app.orcasecurity.io/assets/
546 KB
61 KB
Stylesheet
General
Full URL
https://app.orcasecurity.io/assets/index-CqC6xgPs.css
Requested by
Host: app.orcasecurity.io
URL: https://app.orcasecurity.io/alerts/orca-35157918?legacy=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:8e00:7:36d3:7680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0c635efc5bd77ef7a99812888032e6126fe7e3ab167ebdff9f4dabaa21ccb374
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app.orcasecurity.io/alerts/orca-35157918?legacy=true
Origin
https://app.orcasecurity.io
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 12:16:50 GMT
content-encoding
br
via
1.1 182ef5a8d12abb5df1553676864737b0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA2-C2
age
55703
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
x-amz-meta-etag
gjPnnZIECuDaKmhO6GlRog==
referrer-policy
same-origin
last-modified
Mon, 08 Apr 2024 14:04:38 GMT
server
AmazonS3
etag
W/"ae868965dca5371ebab4406d1ec59115"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
x-amz-cf-id
aoHpVVTSRzr5IeEfLgV1O16jHpgPoDgcC_YG0j9oVxc4pmvtMtxJzg==
ui-utils-BGnIWk53.js
app.orcasecurity.io/assets/
0
312 KB
Other
General
Full URL
https://app.orcasecurity.io/assets/ui-utils-BGnIWk53.js
Requested by
Host: app.orcasecurity.io
URL: https://app.orcasecurity.io/alerts/orca-35157918?legacy=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:8e00:7:36d3:7680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app.orcasecurity.io/alerts/orca-35157918?legacy=true
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 12:16:50 GMT
content-encoding
br
via
1.1 182ef5a8d12abb5df1553676864737b0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA2-C2
age
55703
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
x-amz-meta-etag
N7Ab40eZPB4N+WJGZ8F/tg==
referrer-policy
same-origin
last-modified
Mon, 13 May 2024 08:38:21 GMT
server
AmazonS3
etag
W/"7e24ba024ff29477ba355446d51d7b31"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
x-amz-cf-id
ONh_yT1x5a4SCnXm8v65wN6btzsDL6JD6qXjQsAoW30uooZw8sRIOg==
/
o482658.ingest.sentry.io/api/5715680/envelope/
2 B
308 B
Fetch
General
Full URL
https://o482658.ingest.sentry.io/api/5715680/envelope/?sentry_key=ab18a18bd33f4e53a70cffee80d054c7&sentry_version=7&sentry_client=sentry.javascript.react%2F7.110.1
Requested by
Host: app.orcasecurity.io
URL: https://app.orcasecurity.io/assets/vendor-CsyeSqDf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://app.orcasecurity.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 17 May 2024 03:45:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
api.js
www.google.com/recaptcha/
1 KB
973 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?render=6LcXjiYcAAAAAI4L-w5bi5glHvQCzqS-dWIiG_JO
Requested by
Host: app.orcasecurity.io
URL: https://app.orcasecurity.io/assets/index-BcfuZQhE.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
GSE /
Resource Hash
33536c89f547621b30759e730bc897bfb3b14df9472c340bc52284afcfd68fef
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 03:45:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Fri, 17 May 2024 03:45:14 GMT
background-pattern-BoLLqmqz.svg
app.orcasecurity.io/assets/
24 KB
3 KB
Image
General
Full URL
https://app.orcasecurity.io/assets/background-pattern-BoLLqmqz.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:8e00:7:36d3:7680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
647288d86e2aa58a57ef1673426139fcf2b7a89e0ad417be03731d114d65f969
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app.orcasecurity.io/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 12:16:52 GMT
content-encoding
br
via
1.1 182ef5a8d12abb5df1553676864737b0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA2-C2
age
55703
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
x-amz-meta-etag
gjPnnZIECuDaKmhO6GlRog==
referrer-policy
same-origin
last-modified
Mon, 08 Apr 2024 14:04:38 GMT
server
AmazonS3
etag
W/"553147b21f02050916270e300542117b"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-amz-cf-id
Ls44UaxCVXJfB-vabkv5EfA6qzRaY-EkW4yJPjdkVzPVpBCcU3s08Q==
1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/
29 KB
30 KB
Font
General
Full URL
https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@300;400;500&family=Mulish:wght@300;400;500;600;700;800&family=Source+Code+Pro&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://app.orcasecurity.io
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 01:42:32 GMT
x-content-type-options
nosniff
age
7364
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30096
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:18:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 May 2025 01:42:32 GMT
301b5634-4fd6-47ca-8240-e3b4ac5aa965
https://app.orcasecurity.io/
10 KB
0
Other
General
Full URL
blob:https://app.orcasecurity.io/301b5634-4fd6-47ca-8240-e3b4ac5aa965
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2ca3d44191e822500b330ae74a7b981fddc94188da2e683a1e1508fd188d2b1b

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://app.orcasecurity.io/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length
10285
Content-Type
favicon.png
app.orcasecurity.io/
2 KB
3 KB
Other
General
Full URL
https://app.orcasecurity.io/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:8e00:7:36d3:7680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
78cc5e5cb489fe53c7e17bb65e21cbf852d0a6f37479b7f0cf85dd66d5e624d5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app.orcasecurity.io/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 12:16:42 GMT
via
1.1 182ef5a8d12abb5df1553676864737b0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA2-C2
age
55713
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2104
x-xss-protection
1; mode=block
x-amz-meta-etag
2vJS74kdLFfhUL4FoXc5GQ==
referrer-policy
same-origin
last-modified
Tue, 03 Oct 2023 14:57:12 GMT
server
AmazonS3
etag
"1e005d789c926985dc8daa2880f7562c"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
-8cgteI7CMKSICJoMx16H_vVt_-M1v4x-NoAA0vbPFDAhHfsTMktUA==
favicon.png
app.orcasecurity.io/
2 KB
0
Other
General
Full URL
https://app.orcasecurity.io/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:8e00:7:36d3:7680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
78cc5e5cb489fe53c7e17bb65e21cbf852d0a6f37479b7f0cf85dd66d5e624d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app.orcasecurity.io/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 12:16:42 GMT
via
1.1 182ef5a8d12abb5df1553676864737b0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA2-C2
age
55713
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2104
x-xss-protection
1; mode=block
x-amz-meta-etag
2vJS74kdLFfhUL4FoXc5GQ==
referrer-policy
same-origin
last-modified
Tue, 03 Oct 2023 14:57:12 GMT
server
AmazonS3
etag
"1e005d789c926985dc8daa2880f7562c"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
-8cgteI7CMKSICJoMx16H_vVt_-M1v4x-NoAA0vbPFDAhHfsTMktUA==
/
o482658.ingest.sentry.io/api/5715680/envelope/
41 B
107 B
Fetch
General
Full URL
https://o482658.ingest.sentry.io/api/5715680/envelope/?sentry_key=ab18a18bd33f4e53a70cffee80d054c7&sentry_version=7&sentry_client=sentry.javascript.react%2F7.110.1
Requested by
Host: app.orcasecurity.io
URL: https://app.orcasecurity.io/assets/vendor-CsyeSqDf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
a76e6e035f74a2f3c7007023e2b32d6dd26b5c0c2de0c1869b065e0dd9dfc112
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://app.orcasecurity.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 17 May 2024 03:45:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41
recaptcha__de.js
www.gstatic.com/recaptcha/releases/8k85QBI-qzxmenDv318AZH30/
519 KB
207 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/8k85QBI-qzxmenDv318AZH30/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcXjiYcAAAAAI4L-w5bi5glHvQCzqS-dWIiG_JO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e92f0b552deffbf207cee5389713056c7c3d27e4b9b9edaf29338d01a83c5962
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin
https://app.orcasecurity.io
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 15:31:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44000
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
210834
x-xss-protection
0
last-modified
Mon, 13 May 2024 17:44:43 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 16 May 2025 15:31:56 GMT
anchor
www.google.com/recaptcha/api2/ Frame 2CCF
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcXjiYcAAAAAI4L-w5bi5glHvQCzqS-dWIiG_JO&co=aHR0cHM6Ly9hcHAub3JjYXNlY3VyaXR5LmlvOjQ0Mw..&hl=de&v=8k85QBI-qzxmenDv318AZH30&size=invisible&cb=kjjfud3efcck
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/8k85QBI-qzxmenDv318AZH30/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-a78USX-7Klc_PSKWywUMgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-a78USX-7Klc_PSKWywUMgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 17 May 2024 03:45:16 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 number| __mobxInstanceCount object| __mobxGlobals object| debug object| __SENTRY__ object| process string| __VERSION__ object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| closure_lm_29184

0 Cookies

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://app.orcasecurity.io/login
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block