auth-dev.theralist.ca Open in urlscan Pro
2606:4700:3034::ac43:b667 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://auth-dev.theralist.ca/
Submission: On March 28 via api (March 28th 2024, 4:04:34 pm UTC) from US — Scanned from US

Summary HTTP 8 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 8 HTTP transactions. The main IP is 2606:4700:3034::ac43:b667, located in United States and belongs to CLOUDFLARENET, US. The main domain is auth-dev.theralist.ca.
TLS certificate: Issued by GTS CA 1P5 on March 11th 2024. Valid for: 3 months.

This is the only time auth-dev.theralist.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3034::ac43:b667	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	172.67.182.103 172.67.182.103	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2

1 2606:4700:3034::ac43:b667 (United States)

ASN13335 (CLOUDFLARENET, US)

auth-dev.theralist.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.67.182.103 (United States)

ASN13335 (CLOUDFLARENET, US)

auth-dev.theralist.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	theralist.ca auth-dev.theralist.ca	72 KB
8	1

	Domain	Requested by
8	auth-dev.theralist.ca	auth-dev.theralist.ca
8	1

This site contains links to these domains. Also see Links.

Domain
kinde.com

Subject Issuer	Validity	Valid
theralist.ca GTS CA 1P5	`2024-03-11` - `2024-06-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://auth-dev.theralist.ca/
Frame ID: 571427714C563CA8929D43E2F717A8CE
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home

Page Statistics

8
Requests

100 %
HTTPS

50 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

72 kB
Transfer

131 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://kinde.com/
Title: Kinde

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
auth-dev.theralist.ca/ 9 KB
4 KB 690ms
551ms Document
text/html 2606:4700:3034::ac43:b667
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-dev.theralist.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:b667 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

965a1710df9a4d15bee5dc87a29f34b480363379af495c75cbcc6f923389add0

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; child-src 'self'; connect-src 'self' https://api.stripe.com https://maps.googleapis.com ws: https://plausible.io; base-uri 'none'; font-src 'self'; frame-src https://js.stripe.com https://hooks.stripe.com; img-src 'self' data: https://js.stripe.com/v3/ https://lh3.googleusercontent.com https://avatars.githubusercontent.com; object-src 'none'; script-src 'self' 'nonce-1XPjFRv72w'; style-src 'self' https://js.stripe.com https://maps.googleapis.com https://widgets.kinde.com 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: must-revalidate, no-store, no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 86b8db2e6f72dacd-MIA
content-encoding: br
content-security-policy: default-src 'none'; child-src 'self'; connect-src 'self' https://api.stripe.com https://maps.googleapis.com ws: https://plausible.io; base-uri 'none'; font-src 'self'; frame-src https://js.stripe.com https://hooks.stripe.com; img-src 'self' data: https://js.stripe.com/v3/ https://lh3.googleusercontent.com https://avatars.githubusercontent.com; object-src 'none'; script-src 'self' 'nonce-1XPjFRv72w'; style-src 'self' https://js.stripe.com https://maps.googleapis.com https://widgets.kinde.com 'unsafe-inline'; frame-ancestors 'self'
content-type: text/html; charset=utf-8
date: Thu, 28 Mar 2024 16:04:29 GMT
expect-ct: max-age=86400, enforce
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=self, payment=()
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WqxRap00euD7ZRvb8Nxb2NE1YXdRBFzyS76C5wyerw%2FROTv7boJcTXe5FeEw6h8GQdGzeSB4k7YZm8jU6LlB%2FZ8wxEATfy8LWCgXpmoGPG%2FKR0iRZsZxuYaPiQ3LRMuuxqSybwbnPj8kSUZFiy90Twq6AAM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
x-robots-tag: noindex
x-xss-protection: 1; mode=block

GET
H3 200 authflow.css
auth-dev.theralist.ca/dist/assets/css/ 41 KB
8 KB 409ms
407ms Stylesheet
text/css 172.67.182.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-dev.theralist.ca/dist/assets/css/authflow.css?v=96fcb2a82

Requested by

Host: auth-dev.theralist.ca
URL: https://auth-dev.theralist.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.182.103 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4a6ac43db85d12023d70ed1ba74d64eab4c16348dc8b8d0f51db00358225941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://auth-dev.theralist.ca/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:04:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
etag: W/"9426a00835a16efb50605f0e4cfdbdacf18b667479e5bfda43d6c76ae94670981aa7739daf7748c1a74169ac96427eb4f637c014d81fce97e826898889656def"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3fzyCBcoQrTdMnj5pD2EYc95jU12%2BN4iSice%2FRlMle%2Bef%2BrQSYW0ZIj%2BB3qmmlqu40lcbg0cvvoKq5ZWzhVr%2FGDTVj%2BpYy%2FI%2BxND2rE%2FAzkA4odJxjNCXobJi7Jy5sNDvh%2FNAy7uHes%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: public, max-age=86400
x-robots-tag: noindex
cf-ray: 86b8db323af531ef-MIA

GET
H3 200 logo
auth-dev.theralist.ca/ 12 KB
4 KB 389ms
387ms Image
image/svg+xml 172.67.182.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auth-dev.theralist.ca/logo?p_org_code=&cache=4cf5167201d24425a671a6a207f4fee7

Requested by

Host: auth-dev.theralist.ca
URL: https://auth-dev.theralist.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.182.103 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7502d17c023f08c7102e3aadf3655af095ebde2d23addc35ec0c582f04c5616

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://auth-dev.theralist.ca/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:04:29 GMT
content-security-policy: frame-ancestors 'none'
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
etag: W/"159b82e538603d70e825d849deffc7d0"
expect-ct: max-age=86400, enforce
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3sh9ZV9XJlzS0LeseC0Y36fZMDE06hpa9Kb9CQZnGg8Jjs5BYcaOpkb2rRdvllbloXvWj6M0pBe%2FN%2B66Tsgb1B7flT6JsHJ7qkfqK4BdI6nAyoujICUWQrIdpzdZ3dVYcV2%2F8m%2FrX38%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=31536000
x-frame-options: SAMEORIGIN
x-robots-tag: noindex
cf-ray: 86b8db323af831ef-MIA

GET
H3 200 rocket-loader.min.js Show response
auth-dev.theralist.ca/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 40ms
39ms Script
application/javascript 172.67.182.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-dev.theralist.ca/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: auth-dev.theralist.ca
URL: https://auth-dev.theralist.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.182.103 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://auth-dev.theralist.ca/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:04:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 22 Mar 2024 11:37:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65fd6d96-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MvTDG7wi1sbwERSyzQc54YjRUFmFFgPHGFsbMHEE3x9MZKVnZUESncVAn%2BVy5diM8WnuY1c2xL3hFHUIdUMyCsBaiB1bLi%2FOjvflje%2FsKmLJnSNn2Aee%2Bk7iWl5MTtKhX8MKgkhuDqE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 86b8db340df031ef-MIA
expires: Sat, 30 Mar 2024 16:04:29 GMT

GET
H3 200 authflow.js Show response
auth-dev.theralist.ca/dist/assets/js/ 10 KB
5 KB 408ms
389ms Script
application/javascript 172.67.182.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-dev.theralist.ca/dist/assets/js/authflow.js?v=96fcb2a82

Requested by

Host: auth-dev.theralist.ca
URL: https://auth-dev.theralist.ca/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.182.103 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de72e714084c444aca142a6914571330f196d2bbc87582d29bb596f4681eb374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://auth-dev.theralist.ca/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:04:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
etag: W/"76478b9536a1b88f392f7fb5f8e5366da9a24b84c703710ac704bbd007c27779d44b144cb6ad92a852427768a23103bd0076b8cb54602a01f9479095a5ec16c2"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YPYPfKO5dsNgqSqVeIztmqbyF%2FG62%2FNBwqdfT6DnTFARVYynVlRMGpbByy7vbSGrcYSatYyIH7g8l2fAQkGic12tnWaZ1l83GWh8RIVao7TbP4M3SNHOYgmWbL5OYJvqVxIiv0ft9BU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: public, max-age=86400
x-robots-tag: noindex
cf-ray: 86b8db351f6a31ef-MIA

GET
H3 200 Inter-Medium.woff2
auth-dev.theralist.ca/kui_assets/ 22 KB
22 KB 392ms
391ms Font
font/woff2 172.67.182.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-dev.theralist.ca/kui_assets/Inter-Medium.woff2

Requested by

Host: auth-dev.theralist.ca
URL: https://auth-dev.theralist.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.182.103 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa0ae75c4ccfd3bcadafa34a9f89864c80d28c77d40bf7c8b8fbbcbb3cb95e7f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://auth-dev.theralist.ca/
Origin: https://auth-dev.theralist.ca
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:04:29 GMT
content-security-policy: frame-ancestors 'none'
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
etag: W/"7fe6c1865e2d8b19dd03b1a376d3dbd40ae7a327eda9ea3785d1e6e0d1749d27d195a50abf421ec19b4b3ec499ac7a778603e8e85c2e9dfa47760f4ec82f4dd1"
expect-ct: max-age=86400, enforce
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HctfuF%2BlnrOVYzPgdJblaPD2zNMQ4DHb40sGgQvYQQ8MfykjjQKeJziP2%2FsTegiaKw3vGUWNL5xQAIPnQQWwGEBSKal%2Fn0sfYrhC5HF4aEX5Ifsm9onViTNXaLi8RevBi0jdiCuuzLs%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
x-frame-options: SAMEORIGIN
cache-control: public, max-age=86400
x-robots-tag: noindex
cf-ray: 86b8db351f6f31ef-MIA

GET
H3 200 Inter-Regular.woff2
auth-dev.theralist.ca/kui_assets/ 22 KB
22 KB 456ms
455ms Font
font/woff2 172.67.182.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-dev.theralist.ca/kui_assets/Inter-Regular.woff2

Requested by

Host: auth-dev.theralist.ca
URL: https://auth-dev.theralist.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.182.103 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fccca9facfd368314d80528351c2d5aad13ed9000614a7d010907cac405b877

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://auth-dev.theralist.ca/
Origin: https://auth-dev.theralist.ca
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:04:29 GMT
content-security-policy: frame-ancestors 'none'
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
etag: W/"74796f2b0e2d5d83441f42f74b7989c5da742bebb99d54e93a57854d5b3dfe8b1c01c157e9fe73a400870b3ae137f41e6cd7d2cd4f8ba2260a882506a599f636"
expect-ct: max-age=86400, enforce
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zVo9e6%2F8HbXCM2X4b5yDOIdWLGFH%2FC8enu8OKxhUZDu7UDq4PrNlqpKYQ7ykmukZEXN7sIsylAOqR8NoGGDU1g%2BRnL93hHYDgXLDIHue4aeapGPA0pztGRm9bn7Z%2BGfvQvinAeLQR0I%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
x-frame-options: SAMEORIGIN
cache-control: public, max-age=86400
x-robots-tag: noindex
cf-ray: 86b8db351f7331ef-MIA

GET
H3 200 favicon_svg
auth-dev.theralist.ca/ 3 KB
2 KB 154ms
152ms Other
image/svg+xml 172.67.182.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-dev.theralist.ca/favicon_svg?p_org_code=&cache=49c4a7e76f1f4a76a6dc328a473dfecb

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.182.103 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d42f6b91756e28f263938cb7cf671ffe6a6d4c7f8fe95b60ff12448dbdd1f536

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://auth-dev.theralist.ca/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:04:31 GMT
content-security-policy: frame-ancestors 'none'
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
etag: W/"f971d7ae4c8f50c57f296dd251799e99"
expect-ct: max-age=86400, enforce
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ojj%2FR2O0HxE6Lk2H%2FakFxdt06JgxeLJ6EpEoeB0oDmrcS9KcpCudA0eZ0roiKZYTbCtih6PNEjq82rCnBMQR%2FaJLg3f7vuzJsPjMimRwLnGGBW7eKpdoUYWSP%2Bp5MEKkQpT6MYOcXDY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=31536000
x-frame-options: SAMEORIGIN
x-robots-tag: noindex
cf-ray: 86b8db3ddddb31ef-MIA

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal object| __cfQR boolean| __cfRLUnblockHandlers

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://auth-dev.theralist.ca/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'nonce-1XPjFRv72w'". Either the 'unsafe-inline' keyword, a hash ('sha256-EqvOQkUGNRX9Keqetz/leoEFeJdV//qxDoGPSPTA3bE='), or a nonce ('nonce-...') is required to enable inline execution.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'none'; child-src 'self'; connect-src 'self' https://api.stripe.com https://maps.googleapis.com ws: https://plausible.io; base-uri 'none'; font-src 'self'; frame-src https://js.stripe.com https://hooks.stripe.com; img-src 'self' data: https://js.stripe.com/v3/ https://lh3.googleusercontent.com https://avatars.githubusercontent.com; object-src 'none'; script-src 'self' 'nonce-1XPjFRv72w'; style-src 'self' https://js.stripe.com https://maps.googleapis.com https://widgets.kinde.com 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth-dev.theralist.ca
172.67.182.103
2606:4700:3034::ac43:b667
8fccca9facfd368314d80528351c2d5aad13ed9000614a7d010907cac405b877
965a1710df9a4d15bee5dc87a29f34b480363379af495c75cbcc6f923389add0
a4a6ac43db85d12023d70ed1ba74d64eab4c16348dc8b8d0f51db00358225941
b7502d17c023f08c7102e3aadf3655af095ebde2d23addc35ec0c582f04c5616
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d42f6b91756e28f263938cb7cf671ffe6a6d4c7f8fe95b60ff12448dbdd1f536
de72e714084c444aca142a6914571330f196d2bbc87582d29bb596f4681eb374
fa0ae75c4ccfd3bcadafa34a9f89864c80d28c77d40bf7c8b8fbbcbb3cb95e7f

auth-dev.theralist.ca Open in urlscan Pro 2606:4700:3034::ac43:b667 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

8 Requests

100 %HTTPS

50 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

72 kBTransfer

131 kBSize

0 Cookies

1 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

auth-dev.theralist.ca Open in urlscan Pro
2606:4700:3034::ac43:b667 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

50 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

72 kB
Transfer

131 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions