Bitwarden Web vault - URL Scan Results

Summary

A Concise Overview of the scan result of url https://vault.bitwarden.com/#/send/Uj-TmnSM6U6E97IZAVV7og/I38W-ik3JtrrhsXKgZ7ggg

Document
HTML
2
StyleSheets
1
Scripts
7
Font
4
Images
2
Links
1
JavaScript Variables
165
Console log messages
0
Network
Requests
20
Bytes Transferred
7.8MB
Bytes Total
7.79MB

DNS Record
CNAME Record
2
A Record
2
AAAA Record
2
Technology
Programming languages
1
Payment processors
1
Security
1

Links

The outgoing links identified from the page.

Link	Text
https://www.bitwarden.com/products/send?source=web-vault	Bitwarden Send

JavaScript Variables

Global JavaScript variables are variables that are defined outside of any function or block scope in JavaScript.

onbeforetoggleobjectdocumentPictureInPictureobjectonscrollendobjectclearImmediatefunctionsetImmediatefunctionZonefunction__zone_symbol__Promisefunction__zone_symbol__fetchfunction__zone_symbol__setTimeoutfunction__zone_symbol__clearTimeoutfunction__zone_symbol__setIntervalfunction__zone_symbol__clearIntervalfunction__zone_symbol__setImmediatefunction__zone_symbol__clearImmediatefunction__zone_symbol__requestAnimationFramefunction__zone_symbol__cancelAnimationFramefunction__zone_symbol__webkitRequestAnimationFramefunction__zone_symbol__webkitCancelAnimationFramefunction__zone_symbol__alertfunction__zone_symbol__promptfunction__zone_symbol__confirmfunction__zone_symbol__MutationObserverfunction__zone_symbol__WebKitMutationObserverfunction__zone_symbol__IntersectionObserverfunction__zone_symbol__FileReaderfunction__zone_symbol__ononsearchpatchedboolean__zone_symbol__ononappinstalledpatchedboolean__zone_symbol__ononbeforeinstallpromptpatchedboolean__zone_symbol__ononbeforexrselectpatchedboolean__zone_symbol__ononabortpatchedboolean__zone_symbol__ononbeforeinputpatchedboolean__zone_symbol__ononbeforetogglepatchedboolean__zone_symbol__ononblurpatchedboolean__zone_symbol__ononcancelpatchedboolean__zone_symbol__ononcanplaypatchedboolean__zone_symbol__ononcanplaythroughpatchedboolean__zone_symbol__ononchangepatchedboolean__zone_symbol__ononclickpatchedboolean__zone_symbol__ononclosepatchedboolean__zone_symbol__ononcontextlostpatchedboolean__zone_symbol__ononcontextmenupatchedboolean__zone_symbol__ononcontextrestoredpatchedboolean__zone_symbol__ononcuechangepatchedboolean__zone_symbol__onondblclickpatchedboolean__zone_symbol__onondragpatchedboolean__zone_symbol__onondragendpatchedboolean__zone_symbol__onondragenterpatchedboolean__zone_symbol__onondragleavepatchedboolean__zone_symbol__onondragoverpatchedboolean__zone_symbol__onondragstartpatchedboolean__zone_symbol__onondroppatchedboolean__zone_symbol__onondurationchangepatchedboolean__zone_symbol__ononemptiedpatchedboolean__zone_symbol__ononendedpatchedboolean__zone_symbol__ononerrorpatchedboolean__zone_symbol__ononfocuspatchedboolean__zone_symbol__ononformdatapatchedboolean__zone_symbol__ononinputpatchedboolean__zone_symbol__ononinvalidpatchedboolean__zone_symbol__ononkeydownpatchedboolean__zone_symbol__ononkeypresspatchedboolean__zone_symbol__ononkeyuppatchedboolean__zone_symbol__ononloadpatchedboolean__zone_symbol__ononloadeddatapatchedboolean__zone_symbol__ononloadedmetadatapatchedboolean__zone_symbol__ononloadstartpatchedboolean__zone_symbol__ononmousedownpatchedboolean__zone_symbol__ononmouseenterpatchedboolean__zone_symbol__ononmouseleavepatchedboolean__zone_symbol__ononmousemovepatchedboolean__zone_symbol__ononmouseoutpatchedboolean__zone_symbol__ononmouseoverpatchedboolean__zone_symbol__ononmouseuppatchedboolean__zone_symbol__ononmousewheelpatchedboolean__zone_symbol__ononpausepatchedboolean__zone_symbol__ononplaypatchedboolean__zone_symbol__ononplayingpatchedboolean__zone_symbol__ononprogresspatchedboolean__zone_symbol__ononratechangepatchedboolean__zone_symbol__ononresetpatchedboolean__zone_symbol__ononresizepatchedboolean__zone_symbol__ononscrollpatchedboolean__zone_symbol__ononsecuritypolicyviolationpatchedboolean__zone_symbol__ononseekedpatchedboolean__zone_symbol__ononseekingpatchedboolean__zone_symbol__ononselectpatchedboolean__zone_symbol__ononslotchangepatchedboolean__zone_symbol__ononstalledpatchedboolean__zone_symbol__ononsubmitpatchedboolean__zone_symbol__ononsuspendpatchedboolean__zone_symbol__onontimeupdatepatchedboolean__zone_symbol__onontogglepatchedboolean__zone_symbol__ononvolumechangepatchedboolean__zone_symbol__ononwaitingpatchedboolean__zone_symbol__ononwebkitanimationendpatchedboolean__zone_symbol__ononwebkitanimationiterationpatchedboolean__zone_symbol__ononwebkitanimationstartpatchedboolean__zone_symbol__ononwebkittransitionendpatchedboolean__zone_symbol__ononwheelpatchedboolean__zone_symbol__ononauxclickpatchedboolean__zone_symbol__onongotpointercapturepatchedboolean__zone_symbol__ononlostpointercapturepatchedboolean__zone_symbol__ononpointerdownpatchedboolean__zone_symbol__ononpointermovepatchedboolean__zone_symbol__ononpointerrawupdatepatchedboolean__zone_symbol__ononpointeruppatchedboolean__zone_symbol__ononpointercancelpatchedboolean__zone_symbol__ononpointeroverpatchedboolean__zone_symbol__ononpointeroutpatchedboolean__zone_symbol__ononpointerenterpatchedboolean__zone_symbol__ononpointerleavepatchedboolean__zone_symbol__ononselectstartpatchedboolean__zone_symbol__ononselectionchangepatchedboolean__zone_symbol__ononanimationendpatchedboolean__zone_symbol__ononanimationiterationpatchedboolean__zone_symbol__ononanimationstartpatchedboolean__zone_symbol__onontransitionrunpatchedboolean__zone_symbol__onontransitionstartpatchedboolean__zone_symbol__onontransitionendpatchedboolean__zone_symbol__onontransitioncancelpatchedboolean__zone_symbol__ononafterprintpatchedboolean__zone_symbol__ononbeforeprintpatchedboolean__zone_symbol__ononbeforeunloadpatchedboolean__zone_symbol__ononhashchangepatchedboolean__zone_symbol__ononlanguagechangepatchedboolean__zone_symbol__ononmessagepatchedboolean__zone_symbol__ononmessageerrorpatchedboolean__zone_symbol__ononofflinepatchedboolean__zone_symbol__onononlinepatchedboolean__zone_symbol__ononpagehidepatchedboolean__zone_symbol__ononpageshowpatchedboolean__zone_symbol__ononpopstatepatchedboolean__zone_symbol__ononrejectionhandledpatchedboolean__zone_symbol__ononstoragepatchedboolean__zone_symbol__ononunhandledrejectionpatchedboolean__zone_symbol__ononunloadpatchedboolean__zone_symbol__onondevicemotionpatchedboolean__zone_symbol__onondeviceorientationpatchedboolean__zone_symbol__onondeviceorientationabsolutepatchedboolean__zone_symbol__ononbeforematchpatchedboolean__zone_symbol__ononcontentvisibilityautostatechangepatchedboolean__zone_symbol__ononscrollendpatchedboolean__zone_symbol__queueMicrotaskfunctionwebpackChunk_bitwarden_web_vaultobject__zone_symbol__loadfalseobject__zone_symbol__popstatefalseobject__zone_symbol__hashchangefalseobjectbitwardenContainerServiceobject__zone_symbol__resizefalseobject__zone_symbol__orientationchangefalseobjectgetAngularTestabilityfunctiongetAllAngularTestabilitiesfunctiongetAllAngularRootElementsfunctionframeworkStabilizersobject__zone_symbol__ON_PROPERTYmousemovefunction__zone_symbol__mousemovefalseobject__zone_symbol__ON_PROPERTYmousedownfunction__zone_symbol__mousedownfalseobjectontouchstartfunction__zone_symbol__ON_PROPERTYclickfunction__zone_symbol__clickfalseobject__zone_symbol__ON_PROPERTYscrollfunction__zone_symbol__scrollfalseobject__zone_symbol__ON_PROPERTYkeypressfunction__zone_symbol__keypressfalseobject

Technology

The technologies identified are present on the scanned URL.

Name	Description	Detected patterns
Security
HSTS https://www.rfc-editor.org/rfc/rfc6797#section-6.1	HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.	Type: headers Name: strict-transport-security Regex: (?:)
Programming languages
WebAssembly https://webassembly.org/	WebAssembly (abbreviated Wasm) is a binary instruction format for a stack-based virtual machine. Wasm is designed as a portable compilation target for programming languages, enabling deployment on the web for client and server applications.	Type: headers Name: content-type Regex: application\/wasm
Payment processors
PayPal https://paypal.com	PayPal is an online payments system that supports online money transfers and serves as an electronic alternative to traditional paper methods like checks and money orders.	Type: headers Name: content-security-policy Regex: \.paypal\.com

DNS Record

A DNS record maps a domain name to an IP address or other resource information.

Type	Name	Content	DNSSEC
CNAME	vault.bitwarden.com	dualstack.n.sni.us-eu.fastly.net.	no
A	dualstack.n.sni.us-eu.fastly.net	199.232.193.91	no
A	dualstack.n.sni.us-eu.fastly.net	199.232.197.91	no
CNAME	vault.bitwarden.com	dualstack.n.sni.us-eu.fastly.net.	no
AAAA	dualstack.n.sni.us-eu.fastly.net	2a04:4e42:4c::347	no
AAAA	dualstack.n.sni.us-eu.fastly.net	2a04:4e42:4d::347	no

SSL Certificate

An SSL certificate is a digital certificate that verifies the authenticity and encrypts the communication between a website and its visitors.

Subject	Issue date	Expiry date	Valid
bitwarden.com WE1	9/11/2024	12/10/2024	2 months 29 days
vault.bitwarden.com R10	9/8/2024	12/7/2024	2 months 29 days

HTTP Header

An HTTP header is a component of an HTTP request or response that contains additional information about the message being sent or received.

Name	Value
accept-ranges	bytes
cache-control	public, max-age=0, must-revalidate
content-length	1298
content-md5	mUqovhaeqPX9eeqALurU8A==
content-security-policy	default-src 'self'; script-src 'self' 'wasm-unsafe-eval' 'sha256-ryoU+5+IUZTuUyTElqkrQGBJXr1brEv6r2CA62WUw8w=' 'sha256-6UjTMctmhk38SzYW5Wggf6yrdhprh/M0mTizwnEELl8=' https://js.stripe.com https://js.braintreegateway.com https://www.paypalobjects.com https://www.paypal.com https://www.sandbox.paypal.com; style-src 'self' https://assets.braintreegateway.com https://.paypal.com 'sha256-or0p3LaHetJ4FRq+flVORVFFNsOjQGWrDvX8Jf7ACWg=' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' 'sha256-JVRXyYPueLWdwGwY9m/7u4QlZ1xeQdqUj2t8OVIzZE4=' 'sha256-Oca9ZYU1dwNscIhdNV7tFBsr4oqagBhZx9/p4w8GOcg='; img-src 'self' data: https://icons.bitwarden.net https://.paypal.com https://www.paypalobjects.com https://q.stripe.com https://haveibeenpwned.com https://www.gravatar.com; child-src 'self' https://js.stripe.com https://assets.braintreegateway.com https://.paypal.com https://.duosecurity.com https://.duofederal.com; frame-src 'self' https://js.stripe.com https://assets.braintreegateway.com https://.paypal.com https://.duosecurity.com https://.duofederal.com; connect-src 'self' wss://notifications.bitwarden.com https://notifications.bitwarden.com https://cdn.bitwarden.net https://api.pwnedpasswords.com https://api.2fa.directory/v3/totp.json https://api.stripe.com https://www.paypal.com https://www.sandbox.paypal.com https://api.braintreegateway.com https://api.sandbox.braintreegateway.com https://client-analytics.braintreegateway.com https://*.braintree-api.com https://app.simplelogin.io/api/alias/random/new https://app.addy.io/api/v1/aliases https://relay.firefox.com/api/v1/relayaddresses/ https://api.fastmail.com https://quack.duckduckgo.com/api/email/addresses https://api.forwardemail.net bitwardenxx5keu3w.blob.core.windows.net; object-src 'self' blob:;
content-type	text/html
date	Thu, 31 Oct 2024 12:55:38 GMT
etag	"0x8DCF880E3114545"
last-modified	Wed, 30 Oct 2024 01:19:22 GMT
referrer-policy	same-origin
strict-transport-security	max-age=31536000
x-frame-options	SAMEORIGIN
x-ms-request-id	f85ee24f-c01e-003d-6394-2bc46c000000
x-ms-version	2018-03-28
x-url-path	/
x-xss-protection	1; mode=block

Content Security Policy

Content Security Policy (CSP) is a security mechanism that helps prevent cross-site scripting (XSS) and other code injection attacks by specifying which content sources are allowed to be loaded on a web page.

Name	Value
default-src	'self'
script-src	'self''wasm-unsafe-eval''sha256-ryoU+5+IUZTuUyTElqkrQGBJXr1brEv6r2CA62WUw8w=''sha256-6UjTMctmhk38SzYW5Wggf6yrdhprh/M0mTizwnEELl8='https://js.stripe.comhttps://js.braintreegateway.comhttps://www.paypalobjects.comhttps://www.paypal.comhttps://www.sandbox.paypal.com
style-src	'self'https://assets.braintreegateway.comhttps://*.paypal.com'sha256-or0p3LaHetJ4FRq+flVORVFFNsOjQGWrDvX8Jf7ACWg=''sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=''sha256-JVRXyYPueLWdwGwY9m/7u4QlZ1xeQdqUj2t8OVIzZE4=''sha256-Oca9ZYU1dwNscIhdNV7tFBsr4oqagBhZx9/p4w8GOcg='
img-src	'self'data:https://icons.bitwarden.nethttps://*.paypal.comhttps://www.paypalobjects.comhttps://q.stripe.comhttps://haveibeenpwned.comhttps://www.gravatar.com
child-src	'self'https://js.stripe.comhttps://assets.braintreegateway.comhttps://.paypal.comhttps://.duosecurity.comhttps://*.duofederal.com
frame-src	'self'https://js.stripe.comhttps://assets.braintreegateway.comhttps://.paypal.comhttps://.duosecurity.comhttps://*.duofederal.com
connect-src	'self'wss://notifications.bitwarden.comhttps://notifications.bitwarden.comhttps://cdn.bitwarden.nethttps://api.pwnedpasswords.comhttps://api.2fa.directory/v3/totp.jsonhttps://api.stripe.comhttps://www.paypal.comhttps://www.sandbox.paypal.comhttps://api.braintreegateway.comhttps://api.sandbox.braintreegateway.comhttps://client-analytics.braintreegateway.comhttps://*.braintree-api.comhttps://app.simplelogin.io/api/alias/random/newhttps://app.addy.io/api/v1/aliaseshttps://relay.firefox.com/api/v1/relayaddresses/https://api.fastmail.comhttps://quack.duckduckgo.com/api/email/addresseshttps://api.forwardemail.netbitwardenxx5keu3w.blob.core.windows.net
object-src	'self'blob:

Cookies

Cookies are small pieces of data stored on a user's web browser to track and remember information about their browsing activity on a website.

Name	Value	Domain/Path	Expires	Secure	HTTP Only
__cf_bm	HDWQC10hwons62sRqwhOwKZkiQ7feCMMBlZ7geqgSNM-1730379337-1.0.1.1-ZwhFghM9OVgcXNJjwbBW6TNQ8CRxo0Y2_VPopUTSqoXoTt7IrP9xAFX6b3XtXWpKw7BD8uDkzCNOVjQO2JGc3w	.bitwarden.com/	10/31/2024, 1:25:37 PM	yes	yes
_cfuvid	98fRBxA5L2zMRAkpfrKw.M_XX9fiBycdM8znCBdSH9U-1730379337815-0.0.1.1-604800000	.bitwarden.com/	12/31/1969, 11:59:59 PM	yes	yes

URL Scan Results for the page [Bitwarden Web vault](https://vault.bitwarden.com/#/send/Uj-TmnSM6U6E97IZAVV7og/I38W-ik3JtrrhsXKgZ7ggg)

URL basic Information and screenshot