urlscan.io logo urlscan.io
SecurityTrails logo

aldlive.com Open in urlscan Pro
178.33.22.49  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ayvenslive.com/
Effective URL: https://aldlive.com/welcome/homepage
Submission: On June 15 via api from US — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 9 HTTP transactions. The main IP is 178.33.22.49, located in France and belongs to OVH, FR. The main domain is aldlive.com.
TLS certificate: Issued by Trust Provider B.V. TLS RSA CA G1 on August 10th 2023. Valid for: a year.
This is the only time aldlive.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 178.33.22.2 16276 (OVH)
9 178.33.22.49 16276 (OVH)
9 1
Apex Domain
Subdomains		 Transfer
9 aldlive.com
aldlive.com
982 KB
1 ayvenslive.com
ayvenslive.com
1 KB
9 2
Domain Requested by
9 aldlive.com aldlive.com
1 ayvenslive.com 1 redirects
9 2

This site contains no links.

Subject Issuer Validity Valid
www.aldlive.com
Trust Provider B.V. TLS RSA CA G1		 2023-08-10 -
2024-08-09		 a year crt.sh

This page contains 1 frames:

Primary Page: https://aldlive.com/welcome/homepage
Frame ID: 8CC1D7D84B7358E1A85212A92CF0C617
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home - Ayvens Live

Page URL History Show full URLs

  1. https://ayvenslive.com/ HTTP 302
    https://aldlive.com/welcome/homepage Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-controller

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

982 kB
Transfer

3440 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ayvenslive.com/ HTTP 302
    https://aldlive.com/welcome/homepage Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request homepage
aldlive.com/welcome/
Redirect Chain
  • https://ayvenslive.com/
  • https://aldlive.com/welcome/homepage
7 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aldlive.com/welcome/homepage
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.33.22.49 , France, ASN16276 (OVH, FR),
Reverse DNS
ip49.ip-178-33-22.eu
Software
/
Resource Hash
adef1fff6e41c2163956039fc4d4403554213653764eb9dc25934092768ea14c
Security Headers
Name Value
Content-Security-Policy frame-src 'self' https:; img-src 'self' https: data: blob:; manifest-src 'self'; media-src 'self'; base-uri 'self'; frame-ancestors 'none'; report-uri https://winkwaves.report-uri.com/r/d/csp/enforce; block-all-mixed-content; script-src 'self' 'unsafe-inline' https:
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-security-policy
frame-src 'self' https:; img-src 'self' https: data: blob:; manifest-src 'self'; media-src 'self'; base-uri 'self'; frame-ancestors 'none'; report-uri https://winkwaves.report-uri.com/r/d/csp/enforce; block-all-mixed-content; script-src 'self' 'unsafe-inline' https:
content-type
text/html; charset=utf-8
date
Sat, 15 Jun 2024 10:14:35 GMT
etag
W/"adef1fff6e41c2163956039fc4d44035-gzip"
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; camera 'none'; encrypted-media 'none'; fullscreen 'self' https://www.youtube.com/ https://web.microsoftstream.com https://player.vimeo.com https://drive.google.com/file/d/; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none'
link
</assets/vendor-03ba217bce294adc9145fe5ee58cf1eeb328383c780e4b2804855a81be17df17.css>; rel=preload; as=style; nopush,</assets/application-2b20c96130a795d2c5bc0d82327540b94908fd51bed3aa3162c4b728e1eae984.css>; rel=preload; as=style; nopush,</assets/presentation_config-77a815237554464c1120c642d148f7a27090b9bd8ef80935d064c62e13c9cda0.css>; rel=preload; as=style; nopush,</assets/application-c855187c881fe5c14ce22daf8e0bf037ae139c0502544255a00ec8fcd97df0bd.js>; rel=preload; as=script; nopush,</packs/js/application-a98ce558b390fb97799c.js>; rel=preload; as=script; nopush
referrer-policy
strict-origin-when-cross-origin
status
200 OK
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding,
x-content-type-options
nosniff nosniff
x-frame-options
DENY
x-permitted-cross-domain-policies
none
x-request-id
75de190c-51c6-4255-8fdd-fb4015bef472
x-runtime
0.023150
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache
content-encoding
gzip
content-security-policy
frame-src 'self' https:; img-src 'self' https: data: blob:; manifest-src 'self'; media-src 'self'; base-uri 'self'; frame-ancestors 'none'; report-uri https://winkwaves.report-uri.com/r/d/csp/enforce; block-all-mixed-content; script-src 'self' 'unsafe-inline' https:
content-type
text/html; charset=utf-8
date
Sat, 15 Jun 2024 10:14:35 GMT
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; camera 'none'; encrypted-media 'none'; fullscreen 'self' https://www.youtube.com/ https://web.microsoftstream.com https://player.vimeo.com https://drive.google.com/file/d/; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none'
location
https://aldlive.com/welcome/homepage
referrer-policy
strict-origin-when-cross-origin
status
302 Found
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding,
x-content-type-options
nosniff nosniff
x-frame-options
DENY
x-permitted-cross-domain-policies
none
x-request-id
3940bb45-2eaa-4bb2-aec0-a69481eaefba
x-runtime
0.010856
x-xss-protection
1; mode=block
vendor-03ba217bce294adc9145fe5ee58cf1eeb328383c780e4b2804855a81be17df17.css
aldlive.com/assets/ 		45 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aldlive.com/assets/vendor-03ba217bce294adc9145fe5ee58cf1eeb328383c780e4b2804855a81be17df17.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.33.22.49 , France, ASN16276 (OVH, FR),
Reverse DNS
ip49.ip-178-33-22.eu
Software
/
Resource Hash
a49ecc49be3856f520cd64122cc83351f81fbe725f4c6cc1f037860cfee7fcb6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://aldlive.com/welcome/homepage
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 07:14:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 26 Apr 2024 08:57:09 GMT
content-encoding
gzip
age
2170821
vary
Accept-Encoding,
content-type
text/css
cache-control
max-age=2592000
accept-ranges
bytes
content-length
10524
expires
Thu, 20 Jun 2024 07:14:27 GMT
application-2b20c96130a795d2c5bc0d82327540b94908fd51bed3aa3162c4b728e1eae984.css
aldlive.com/assets/ 		108 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aldlive.com/assets/application-2b20c96130a795d2c5bc0d82327540b94908fd51bed3aa3162c4b728e1eae984.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.33.22.49 , France, ASN16276 (OVH, FR),
Reverse DNS
ip49.ip-178-33-22.eu
Software
/
Resource Hash
d1fd7483dad51d3aa9b49964bcca961b9023bad01af2b8ef891f746ee621e31d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://aldlive.com/welcome/homepage
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 10:17:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
last-modified
Thu, 06 Jun 2024 14:22:02 GMT
content-encoding
gzip
age
345422
vary
Accept-Encoding,
content-type
text/css
cache-control
max-age=2592000
accept-ranges
bytes
content-length
24198
expires
Thu, 11 Jul 2024 10:17:46 GMT
presentation_config-77a815237554464c1120c642d148f7a27090b9bd8ef80935d064c62e13c9cda0.css
aldlive.com/assets/ 		577 KB
71 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aldlive.com/assets/presentation_config-77a815237554464c1120c642d148f7a27090b9bd8ef80935d064c62e13c9cda0.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.33.22.49 , France, ASN16276 (OVH, FR),
Reverse DNS
ip49.ip-178-33-22.eu
Software
/
Resource Hash
a859a8f4dc1cd17df1b962d86dfb3671e3ff2a67d19d924e627e5c5b049deac8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://aldlive.com/welcome/homepage
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 06:39:05 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
last-modified
Thu, 30 May 2024 06:37:33 GMT
content-encoding
gzip
age
1395343
vary
Accept-Encoding,
content-type
text/css
cache-control
max-age=2592000
accept-ranges
bytes
content-length
72286
expires
Sat, 29 Jun 2024 06:39:05 GMT
application-c855187c881fe5c14ce22daf8e0bf037ae139c0502544255a00ec8fcd97df0bd.js
aldlive.com/assets/ 		2 MB
641 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aldlive.com/assets/application-c855187c881fe5c14ce22daf8e0bf037ae139c0502544255a00ec8fcd97df0bd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.33.22.49 , France, ASN16276 (OVH, FR),
Reverse DNS
ip49.ip-178-33-22.eu
Software
/
Resource Hash
fb969065f270ac52aebe6ae969c94bac7e07a5a79d9e9401ce9593b393a1a9ac
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://aldlive.com/welcome/homepage
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 06:39:05 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
last-modified
Thu, 30 May 2024 06:37:33 GMT
content-encoding
gzip
age
1395343
vary
Accept-Encoding,
content-type
text/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
655811
expires
Sat, 29 Jun 2024 06:39:05 GMT
application-a98ce558b390fb97799c.js
aldlive.com/packs/js/ 		533 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aldlive.com/packs/js/application-a98ce558b390fb97799c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.33.22.49 , France, ASN16276 (OVH, FR),
Reverse DNS
ip49.ip-178-33-22.eu
Software
/
Resource Hash
5192fc79f6b8eb0b8203034e13646dbc9069402dd31fd870d5b363ba02e18c76
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://aldlive.com/welcome/homepage
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 06:10:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
last-modified
Thu, 06 Jun 2024 14:22:01 GMT
content-encoding
gzip
age
14672
etag
"854c2-61a39680cab95-gzip"
vary
Accept-Encoding,
content-type
text/javascript
accept-ranges
bytes
content-length
146799
header-desktop-cc5c3edda22b41166e2f0d82ccdcb2ebd1767d5570b078c10a930a57eb24b486.svg
aldlive.com/assets/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aldlive.com/assets/header-desktop-cc5c3edda22b41166e2f0d82ccdcb2ebd1767d5570b078c10a930a57eb24b486.svg
Requested by
Host: aldlive.com
URL: https://aldlive.com/welcome/homepage
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.33.22.49 , France, ASN16276 (OVH, FR),
Reverse DNS
ip49.ip-178-33-22.eu
Software
/
Resource Hash
49b06f465dbd8fb181c2f2e940ab970852103a36db2084f02613c0912e99e530
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://aldlive.com/welcome/homepage
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 10:17:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
last-modified
Thu, 06 Jun 2024 14:22:02 GMT
content-encoding
gzip
age
345422
vary
Accept-Encoding,
content-type
image/svg+xml
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1984
expires
Thu, 11 Jul 2024 10:17:46 GMT
SourceSansPro-Regular-27c7fef0c96ad34e2a463aa955b264032be5da4e429314e94951530e75d257c5.woff2
aldlive.com/assets/ 		83 KB
83 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://aldlive.com/assets/SourceSansPro-Regular-27c7fef0c96ad34e2a463aa955b264032be5da4e429314e94951530e75d257c5.woff2
Requested by
Host: aldlive.com
URL: https://aldlive.com/assets/presentation_config-77a815237554464c1120c642d148f7a27090b9bd8ef80935d064c62e13c9cda0.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.33.22.49 , France, ASN16276 (OVH, FR),
Reverse DNS
ip49.ip-178-33-22.eu
Software
/
Resource Hash
f2696e8eb9d876987998374c51e4d14a24f6f24a23fe697493ebf761c3bcc4b9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://aldlive.com/assets/presentation_config-77a815237554464c1120c642d148f7a27090b9bd8ef80935d064c62e13c9cda0.css
Origin
https://aldlive.com
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 10:17:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
last-modified
Thu, 06 Jun 2024 14:22:02 GMT
content-encoding
gzip
age
345423
vary
Accept-Encoding,
content-type
font/woff2
cache-control
max-age=2592000
accept-ranges
bytes
content-length
84665
expires
Thu, 11 Jul 2024 10:17:46 GMT
favicon-b72e3215540f5bf75b9059b83106a5f052ad377d176ad4729a5ee98258af133e.ico
aldlive.com/assets/ 		5 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aldlive.com/assets/favicon-b72e3215540f5bf75b9059b83106a5f052ad377d176ad4729a5ee98258af133e.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.33.22.49 , France, ASN16276 (OVH, FR),
Reverse DNS
ip49.ip-178-33-22.eu
Software
/
Resource Hash
398d2d525b42fd18459cb279f303bec06cfcb40a4f6628cbdf44e5d83ae4d0d7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://aldlive.com/welcome/homepage
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 10:17:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
last-modified
Thu, 06 Jun 2024 14:22:02 GMT
content-encoding
gzip
age
345422
vary
Accept-Encoding,
content-type
image/vnd.microsoft.icon
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1460
expires
Thu, 11 Jul 2024 10:17:47 GMT

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| interpolate function| __ function| cover_row_height function| showCoordsForType function| enableCropperFor function| editor_content_css function| menuGroupSelected function| toggle_pin function| addTagFilter function| removeTagFilter function| removeAllTagFilters function| submit_search_form function| reindexSortableItems function| fill_generated_username function| toggleNestedFormPart object| appCookies boolean| menuSelectShown boolean| windowIsTurbolinked object| cookiesEu function| __extends function| $ function| jQuery object| TinyMCERails object| tinymce object| tinyMCE object| ephox object| Rails boolean| _rails_loaded string| _lang object| _l10s function| update_section_audience_selection function| Cookies function| set_dynamic_dates function| afterAutoCompleteUpdate function| set_active_filter function| set_selection_filter function| setLinkAttributes function| trackOutboundLink function| trackDownloadLink function| initialize_document_tables function| set_selectshow function| event_selectshow function| CodeMirror object| html5 object| Modernizr function| yepnope function| OneDrive function| initialize_menu_mobile function| NestedFormEvents object| nestedFormEvents object| Popper object| bootstrap number| uidEvent object| regeneratorRuntime object| core function| Driver object| Harmonics object| env undefined| link undefined| linktitle undefined| permalink object| menu

4 Cookies

Domain/Path Name / Value
ayvenslive.com/ Name: _kenniscafe_session
Value: fd350bd75962fc4f2ad348002f94930a
ayvenslive.com/ Name: lb_3bfd8e8123f68a0bb5d0b9baf0e8a9b0
Value: i_8439c56f4777cf624d5f594f7c16f143
aldlive.com/ Name: _kenniscafe_session
Value: 98408bde0b6f7ddc746d3a5d923dbbce
aldlive.com/ Name: lb_ad5c9d98488409230a82944ffe35b9ea
Value: i_728a3fd46023bf730ea8bca2340eba0c

4 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'speaker'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'vibrate'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'vr'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-src 'self' https:; img-src 'self' https: data: blob:; manifest-src 'self'; media-src 'self'; base-uri 'self'; frame-ancestors 'none'; report-uri https://winkwaves.report-uri.com/r/d/csp/enforce; block-all-mixed-content; script-src 'self' 'unsafe-inline' https:
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block