No Security Risks Detected
This domain appears to be safe and secure
100%
Score
Disclaimer: This assessment is based on automated analysis of publicly available information. Results are for informational purposes only. For critical applications, consult security professionals.
Scan Information
Last checked:July 13, 2025 18:08:34
Target URL:https://contra-discover.com/
Scan Complete
Refresh page after 10 minutes
for updated results
Page Information
Target URL
https://contra-discover.com/
Page Title
Contra - The commission-free freelance network
Site FaviconStatus
Active
Host Information
Domain
contra.com
Server
cloudflare
Country
United States
IP Address
172.66.43.24
ASN Information
13335
CLOUDFLARENET
Technologies
Google Cloud
IaaS
Sendgrid
Email
HubSpot
Marketing automation
HSTS
Security
Google Cloud CDN
CDN
Cloudflare
CDN
+1 more technologies detected
SSL Certificate
HTTPS Enabled
Secure
Certificate Issuer
49m351 Gateway Proxy BISO MITM CA
Valid From
2025-07-06 02:06:35
Valid Until
2025-08-05 02:07:05
Subject Name
contra.com
Performance Statistics
10
Total Requests
3
Domains
3
IP Addresses
126.85 KB
Transfer Size
Content Size1.62 MB
HTTP Headers
accept-ch
DPR, Viewport-Width, Width
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=60, stale-while-revalidate=86400
cf-cache-status
DYNAMIC
cf-ray
95eaba5c6e43d821-MRS
cf-team
28a692c1960000d4cabf1ec400000001
content-encoding
br
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' https://*.contra.com https://contra.com https://*.ads.linkedin.com https://snap.licdn.com https://connect.facebook.net https://www.facebook.com https://www.tiktok.com/embed.js https://www.instagram.com/embed.js https://www.youtube.com https://*.tiktokcdn-us.com https://gist.github.com https://platform.twitter.com https://challenges.cloudflare.com https://accounts.google.com https://apis.google.com https://googletagmanager.com https://www.googletagmanager.com https://*.doubleclick.net https://*.posthog.com https://app.intercom.io https://js.intercomcdn.com https://widget.intercom.io https://*.stripe.com https://*.airwallex.com https://static.hsappstatic.net/MeetingsEmbed/ex/MeetingsEmbedCode.js https://js.hscta.net https://*.hubspot.com https://*.hsleadflows.net https://*.hsforms.net https://*.hsforms.com; style-src 'self' 'unsafe-inline' https://builds.contra.com https://github.githubassets.com; img-src 'self' data: blob: https://*.contra.com https://res.cloudinary.com https://*.ads.linkedin.com https://*.linkedin.com https://www.facebook.com https://storage.googleapis.com https://cdn.loom.com https://*.googleusercontent.com https://www.googletagmanager.com https://www.google.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.intercomusercontent.com https://*.stripe.com https://*.stream-io-cdn.com https://no-cache.hubspot.com https://*.hubspot.com https://*.hsforms.net https://*.hsforms.com; font-src 'self' data: https://builds.contra.com https://fonts.gstatic.com https://*.intercomcdn.com; connect-src 'self' https://*.contra.com https://contra.api-fast.cloudinary.com https://*.ads.linkedin.com https://connect.facebook.net https://www.facebook.com blob: https://www.loom.com https://prod.spline.design https://storage.googleapis.com https://*.ingest.sentry.io https://*.google-analytics.com https://www.google.com https://*.posthog.com https://*.intercom.io https://*.intercomcdn.com https://*.intercomcdn.eu https://*.intercomusercontent.com wss://*.intercom.io https://*.stripe.com https://chat.stream-io-api.com wss://chat.stream-io-api.com https://*.airwallex.com https://*.hubspot.com https://*.hubapi.com; frame-src 'self' https://www.facebook.com/ https://instagram.com https://m.youtube.com https://platform.twitter.com https://player.vimeo.com https://rive.app https://www.instagram.com https://www.tiktok.com https://www.youtube.com https://www.loom.com https://www.behance.net https://www.canva.com https://codepen.io https://codesandbox.io https://share.descript.com https://www.figma.com https://embed.figma.com https://gist.github.com https://www.linkedin.com https://assets.pinterest.com https://replit.com https://w.soundcloud.com https://my.spline.design https://prod.spline.design https://open.spotify.com https://stackblitz.com https://docs.google.com https://inquiry.withpersona.com https://storage.googleapis.com https://challenges.cloudflare.com https://content.googleapis.com https://accounts.google.com https://content-people.googleapis.com https://www.googletagmanager.com https://*.doubleclick.net https://intercom-sheets.com https://*.stripe.com https://*.airwallex.com https://*.hubspot.com https://*.hs-sites.com https://*.hsforms.net https://*.hsforms.com; base-uri 'self'; object-src 'none'; frame-ancestors 'self'; media-src 'self' data: blob: https://media.contra.com https://builds.contra.com https://res.cloudinary.com https://*.intercomcdn.com https://*.intercomcdn.eu https://*.stream-io-cdn.com; report-uri https://ab0fa962560b8a221d01a732dd085371.report-uri.com/r/d/csp/reportOnly
content-type
text/html;charset=utf-8
date
Sun, 13 Jul 2025 18:08:51 GMT
link
<https://builds.contra.com/1f8956fa/assets/static/src_generated_styled-system_styles-7a65ba32.CTZHplm2.css>; rel=preload; as=style, <https://builds.contra.com/1f8956fa/assets/static/style-04249a7d.MjhM4JJt.css>; rel=preload; as=style, <https://builds.contra.com/1f8956fa/chunk-entries/entry-client-routing.BySae2wR.js>; rel="preload"; as="script"; crossorigin="anonymous", <https://builds.contra.com/1f8956fa/chunk-entries/entry-client-routing.BySae2wR.js>; rel=modulepreload; as=script, <https://builds.contra.com/1f8956fa/chunk-entries/src/pages/index.CHtzq5na.js>; rel="preload"; as="script"; crossorigin="anonymous", <https://builds.contra.com/1f8956fa/chunk-entries/src/pages/index.CHtzq5na.js>; rel=modulepreload; as=script, <https://builds.contra.com/1f8956fa/chunk-entries/src/pages/dashboard.B85pfmCz.js>; rel="preload"; as="script"; crossorigin="anonymous", <https://builds.contra.com/1f8956fa/chunk-entries/src/pages/dashboard.B85pfmCz.js>; rel=modulepreload; as=script, <https://builds.contra.com/1f8956fa/chunk-is-plan-event-enabled.C5znTX__.js>; rel="preload"; as="script"; crossorigin="anonymous", <https://builds.contra.com/1f8956fa/chunk-is-plan-event-enabled.C5znTX__.js>; rel=modulepreload; as=script
permissions-policy
camera=(self "https://*.withpersona.com/"), display-capture=("https://us.i.posthog.com/"), fullscreen=(self "https://*.figma.com"), geolocation=(), microphone=(), publickey-credentials-get=(), screen-wake-lock=(), web-share=()
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
server-timing
cfReqDur;dur=4113.661
speculation-rules
"/cdn-cgi/speculation"
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-contra-release-version
1f8956fa
21 headers detected
Technology Stack Analysis
Google Cloud
IaaS
Google Cloud is a suite of cloud computing services.
Sendgrid
Email
SendGrid is a cloud-based email delivery platform for transactional and marketing emails.
HubSpot
Marketing automation
HubSpot is a marketing and sales software that helps companies attract visitors, convert leads, and close customers.
HSTS
Security
HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.
Google Cloud CDN
CDN
Cloud CDN uses Google's global edge network to serve content closer to users.
Cloudflare
CDN
Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.
HTTP/3
Miscellaneous
HTTP/3 is the third major version of the Hypertext Transfer Protocol used to exchange information on the World Wide Web.
Website Cookies 3
GCLB
contra.com
HttpOnly
Value
CIH85Lzlq7zschAD
Expires:7/13/2025
AuthSession
.contra.com
HttpOnly Secure Lax
Value
[AuthSession redacted]
Expires:7/20/2025
contra_web_app_service
contra.com
Secure None
Value
43475e18ae7efbc7
Expires:Session
External Links 0
Requested Domains 3
builds.contra.com
Unknown Type
No category information available
contra-discover.com
Unknown Type
No category information available
contra.com
Unknown Type
No category information available