e-commerce

English

_ga_R7NWFE4XGY

You're looking at domain 'app.avada.io' on the British Indian Ocean Territory country-code top-level domain (.io) and includes subdomain 'app'. The second-level label 'avada' is 5 characters long with three vowels and two consonants. It segments into 2 words: a, vada. Median word length is 2.5 characters. No strong language cues emerged from the frequency lists.

html/66/5f/665f7119-31be-45fa-9154-44e9bd1f4c57.html.gz

require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js

require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes

script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:169:0

script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:138:0

af91d84f6505a4bb2b37d6dc50a9c2f77754b338ce485d058b611ae82f208317

56bb54e8baa73bfba0ce22014769b1215b0ccf6051d9a316e7571c239fb7a3f5

d1f86623d3003250910ae1bec6631c1f12f3574671aa91782979cec446592182

4b519ebc5e113f4107dfa1df5b81efa821fbdb88a26185ecfa9c1d4889a914e1

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

3ff22cb3c45b257090475cc28f1621bbe8153ed2ae9d46d11ed3942248b3c970

2865a27fe8d8f99d2f46161666e62fd71077da68ad7209080c6580e9f8c923e1

a4766af771da81634641935740a0d4aa9661f0ed91cf68a05ba7fcc6515b012a

df86f83e27d89e25dc1d5e82239facd35abfe633071ea364f6dfbd75d5664c2a

7a6f852b691424bdbbfaee511953ed55b379e220e489008e8536310f0d6d4fdf

b766d96e65691c3d05e08120e72cef01873b97c47a2827eacf4f589f8eb0623a

cd6187b1250103ade548967a82db194e4834aaf6dc18c9e487095b42b3980612

width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0

viewport

theme-color

AVADA Email Marketing SasS app for Shopify, Magento

description

HSTS header missing - vulnerable to protocol downgrade attacks

CSP header missing - vulnerable to XSS attacks

child-src 'none';object-src 'none';require-trusted-types-for 'script';script-src chrome://resources 'self';trusted-types;worker-src blob: 'self';frame-ancestors 'none';

child-src https:  chrome-untrusted://new-tab-page/ chrome-untrusted://ntp-microsoft-auth/;connect-src chrome://resources chrome://theme 'self';default-src 'self';font-src chrome://resources 'self';img-src chrome://resources chrome://theme chrome://image chrome://favicon2 chrome://app-icon chrome://extension-icon chrome://fileicon blob: data: 'self';object-src 'none';require-trusted-types-for 'script';script-src chrome://resources chrome://webui-test 'self';style-src chrome://resources chrome://theme 'self' 'unsafe-inline';trusted-types parse-html-subset sanitize-inner-html static-types webui-test-script webui-test-html polymer-html-literal polymer-template-event-attribute-policy lit-html-desktop;frame-ancestors 'none';

child-src 'none';object-src 'none';require-trusted-types-for 'script';script-src chrome://resources 'self';trusted-types;frame-ancestors 'none';

base-uri 'none';child-src https:;form-action https://ogs.google.com https://*.corp.google.com;object-src 'none';script-src 'self' 'unsafe-inline' https:;frame-ancestors chrome://new-tab-page/


      const analytics = firebase.analytics();
    


      $(document).on('ready', function() {
        // INITIALIZATION OF SLICK CAROUSEL
        // =======================================================
        $('.js-slick-carousel').each(function() {
          var slickCarousel = $.HSCore.components.HSSlickCarousel.init($(this));
        });

        // INITIALIZATION OF FORM VALIDATION
        // =======================================================
        $('.js-validate').each(function() {
          var validation = $.HSCore.components.HSValidation.init($(this));
        });
      });
    


      const {useState, useEffect} = React;

      const platforms = [
        {label: 'Shopify', value: 'shopify', image: 'https://cdn1.avada.io/shopify-logo.png'},
        {label: 'Magento', value: 'magento', image: 'https://cdn1.avada.io/magento-logo.png'}
      ];
      const SELECT_PLATFORM_STEP = 1;
      const LOGIN_STEP = 2;
      const wizardSteps = [
        {label: 'Select platform', value: SELECT_PLATFORM_STEP},
        {label: 'Login', value: LOGIN_STEP}
      ];

      function handleError(setSubmitting, message) {
        setSubmitting(false);
        $('#validations-errors')
          .show()
          .html(message);
      }

      const handleGoogleLogin = e => {
        e.preventDefault();
        if (!firebase.auth().currentUser) {
          const googleProvider = new firebase.auth.GoogleAuthProvider();
          firebase
            .auth()
            .signInWithPopup(googleProvider)
            .then(function(result) {
              const user = result.user;
              const {email, displayName, uid, vendor, domain} = user;
              document.querySelector('#PreLoading').style.display = 'flex';
              if (user) {
                fetch('/shop/create', {
                  method: 'POST',
                  headers: {
                    'Content-Type': 'application/json'
                  },
                  body: JSON.stringify({
                    uid,
                    email,
                    vendor: vendor || 'others',
                    name: displayName,
                    domain: domain || '',
                    login: true
                  })
                })
                  .then(response => {
                    return response.json();
                  })
                  .then(myJson => {
                    const {shop} = myJson;
                    user.getIdToken(false).then(token => {
                      window.location.replace(`/apiSa/switch/${shop}?token=${token}`);
                    });
                  });
              }
            })
            .catch(function(error) {
              console.error(error);
            });
        } else {
          firebase.auth().signOut();
        }
      };

      const handleManualLogin = (event, setSubmitting) => {
        event.preventDefault();
        setSubmitting(true);
        const email = $('#email').val();
        const password = $('#password').val();
        const loginBtn = $('.Avada-Login__Button');
        loginBtn.addClass('running');
        if (email.trim() === '') {
          handleError(setSubmitting, 'This email field is required');
          return;
        }
        if (password.trim() === '') {
          handleError(setSubmitting, 'This password field is required');
          return;
        }
        firebase
          .auth()
          .signInWithEmailAndPassword(email, password)
          .then(result => {
            const user = result.user;
            const {email, displayName, uid, domain, vendor} = user;

            if (user) {
              fetch('/shop/create', {
                method: 'POST',
                headers: {
                  'Content-Type': 'application/json'
                },
                body: JSON.stringify({
                  uid,
                  email,
                  name: displayName || '',
                  domain: domain || '',
                  login: true,
                  vendor: vendor || 'others'
                })
              })
                .then(response => response.json())
                .then(respData => {
                  const {shop} = respData;
                  user.getIdToken(false).then(token => {
                    window.location.replace(`/apiSa/switch/${shop}?token=${token}`);
                  });
                });
            }
          })
          .catch(function(error) {
            loginBtn.removeClass('running');
            return handleError(setSubmitting, error.message);
          });
      };

      function PlatformSelector({onSelect}) {
        return (
          <div>
            <p style={{fontWeight: '500'}} className="animated fast fadeInRight">
              Choose your platform
            </p>
            <div className="platform-input-wrapper">
              {platforms.map((platform, key) => (
                <div
                  key={key}
                  className="platform-input-button"
                  onClick={() => onSelect(platform.value)}
                >
                  <img
                    className="platform-logo"
                    src={platform.image}
                    alt="Platform-Logo"
                    style={key === 0 ? {width: '45px'} : {}}
                  />
                  <div className="platform-text">{platform.label}</div>
                </div>
              ))}
            </div>
          </div>
        );
      }

      function LoginForm({platform, setStep}) {
        const [submiting, setSubmiting] = useState(false);
        const [shopifyURL, setShopifyURL] = useState('');
        const [forward, setForward] = useState('');

        useEffect(() => {
          const url = new URL(window.location.href);
          setForward(url.searchParams.get('forward') || '');
        }, []);

        const handleChange = event => {
          const val = event.target.value;
          try {
            const strippedShop = new URL(val).hostname;
            console.log(strippedShop);
            setShopifyURL(strippedShop);
          } catch (e) {
            setShopifyURL(val);
          }
        };

        return (
          <div className="animated fast fadeInRight">
            {platform === 'shopify' && (
              <div>
                <form
                  className="js-validate"
                  method="GET"
                  action="/authSa/shopify"
                  id="shopify-login-form"
                >
                  <div className="js-form-message form-group">
                    <label className="input-label">Shopify store URL</label>
                    <input
                      value={shopifyURL}
                      onChange={handleChange}
                      id="shop"
                      type="text"
                      className="form-control"
                      name="shop"
                      tabIndex="1"
                      placeholder="Shopify URL..."
                      aria-label="Shopify URL"
                      required
                      data-msg="Please enter a valid Shopify URL"
                    />
                    <input
                      value={forward}
                      id="forward"
                      type="hidden"
                      className="form-control"
                      name="forward"
                      placeholder="Redirect URL"
                      aria-label="Redirect URL"
                    />
                  </div>

                  <div className="row align-items-center mb-5">
                    <div className="col-sm-6 mb-3 mb-sm-0">
                      <button className="btn btn-primary transition-3d-hover" type="submit">
                        Login with Shopify
                      </button>
                    </div>
                  </div>
                </form>
                <div className="back-link">
                  <i className="fas fa-chevron-left" />
                  <a
                    onClick={() => setStep(SELECT_PLATFORM_STEP)}
                    style={{fontSize: 'unset', marginLeft: '15px', cursor: 'pointer'}}
                  >
                    Select a platform
                  </a>
                </div>
              </div>
            )}
            {platform === 'magento' && (
              <div>
                <p style={{fontWeight: '500', marginBottom: '1rem'}}>Social Login</p>
                <div className="other-links">
                  <a
                    href="javascript:void(0)"
                    id="google-login-btn"
                    className="btn-google"
                    onClick={handleGoogleLogin}
                  >
                    <img
                      width="270px"
                      height="auto"
                      src="https://cdn1.avada.io/email-marketing/login/btn_google_signin_light_normal_web%402x.png"
                      alt="Login with Google"
                    />
                  </a>
                </div>

                <p style={{fontWeight: '500', marginBottom: '1rem'}}>Or login with your account</p>
                <div id="validations-errors" />
                <div id="email-login-form">
                  <form
                    className="Avada-Validate__Form"
                    onSubmit={e => handleManualLogin(e, setSubmiting)}
                  >
                    <div className="js-form-message form-group Avada-Validate__Input">
                      <label className="input-label">Email address</label>
                      <input
                        id="email"
                        className="form-control Avada-Login__Input"
                        type="email"
                        name="email"
                        placeholder="E-mail Address"
                      />
                    </div>
                    <div className="js-form-message form-group Avada-Validate__Input">
                      <label className="input-label" tabIndex="-1">
                        <span className="d-flex justify-content-between align-items-center">
                          Password
                          <a
                            tabIndex="-1"
                            className="link-underline text-capitalize font-weight-normal"
                            href="/forgot"
                          >
                            Forgot Password?
                          </a>
                        </span>
                      </label>
                      <input
                        id="password"
                        className="form-control Avada-Login__Input"
                        type="password"
                        name="pass"
                        placeholder="Password"
                      />
                    </div>

                    <div className="row align-items-center mb-5">
                      <div className="col-sm-6 mb-3 mb-sm-0">
                        <span className="font-size-1 text-muted">Don't have an account?</span>
                        <a className="font-size-1 font-weight-bold" href="/register">
                          {' '}
                          Signup
                        </a>
                      </div>

                      <div className="col-sm-6 text-sm-right">
                        <button
                          type="submit"
                          className="ld-ext-right btn btn-primary transition-3d-hover Avada-Login__Button"
                        >
                          Login
                          <div className="ld ld-ring ld-spin" />
                        </button>
                      </div>
                    </div>
                  </form>
                  <div className="other-links">
                    <div className="back-link">
                      <i className="fas fa-chevron-left" />
                      <a
                        onClick={() => setStep(SELECT_PLATFORM_STEP)}
                        style={{
                          color: 'pointer',
                          marginLeft: '15px',
                          fontSize: 'unset',
                          cursor: 'pointer'
                        }}
                      >
                        Select a platform
                      </a>
                    </div>
                  </div>
                </div>
              </div>
            )}
          </div>
        );
      }

      function WizardProgressStepper({currentStep, onClick}) {
        return (
          <div className="animated fast fadeInRight wizard-progress-stepper">
            {wizardSteps.map(item => (
              <span
                className={item.value === currentStep ? 'is-active' : ''}
                onClick={() => onClick(item.value)}
              />
            ))}
          </div>
        );
      }

      function LoginWizard() {
        const [step, setStep] = useState(SELECT_PLATFORM_STEP);
        const [platform, setPlatForm] = useState('');

        const handleSelectPlatform = val => {
          setPlatForm(val);
          setStep(LOGIN_STEP);
        };

        return (
          <div className="animated fast fadeInRight">
            {step === SELECT_PLATFORM_STEP && <PlatformSelector onSelect={handleSelectPlatform} />}
            {step === LOGIN_STEP && <LoginForm setStep={setStep} platform={platform} />}
          </div>
        );
      }

      const domContainer = document.querySelector('#login-form');
      ReactDOM.render(<LoginWizard />, domContainer);
    

Requests	IP Address	Location	AS Autonomous System
15	151.101.1.195	San Francisco, California, United States	AS54113FASTLY
10	104.26.14.53	United States	AS13335CLOUDFLARENET
8	104.17.25.14	United States	AS13335CLOUDFLARENET
3	146.75.120.193	Frankfurt am Main, Hesse, Germany	AS54113FASTLY
2	172.217.208.94	United States	AS15169GOOGLE
2	142.251.140.168	United States	AS15169GOOGLE
2	216.239.34.36	United States	AS15169GOOGLE
2	104.16.174.226	United States	AS13335CLOUDFLARENET
1	136.243.42.10	Falkenstein, Saxony, Germany	AS24940Hetzner Online GmbH
1	151.101.194.137	San Francisco, California, United States	AS54113FASTLY
54	79	-	-

Security Scan Report: app.avada.io

Summary

AI Security Verdict

Safe Website

Safety Factors

Details

Screenshot

Page Load Overview

Language Analysis

Primary Language

Detection Details

Website Classification

Primary Category

All Detected Categories

Detected Features

Domain & IP Information

Detected Technologies6

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

ssdeep (Context Triggered Piecewise Hashing)

sdhash (Similarity Digest Hashing)

Image Hashes

Perceptual Hashes

Other Hashes

Scan History