auth.stage-magnet-pandora.nativetouch.io Open in urlscan Pro
54.164.68.164 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://auth.stage-magnet-pandora.nativetouch.io/
Submission: On June 16 via automatic, source certstream-suspicious (June 16th 2022, 9:57:01 am UTC) — Scanned from DE

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 16 HTTP transactions. The main IP is 54.164.68.164, located in United States and belongs to AMAZON-AES, US. The main domain is auth.stage-magnet-pandora.nativetouch.io.
TLS certificate: Issued by Amazon on February 25th 2022. Valid for: a year.

This is the only time auth.stage-magnet-pandora.nativetouch.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	54.164.68.164 54.164.68.164	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	52.95.147.112 52.95.147.112	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
16	4

12 54.164.68.164 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-68-164.compute-1.amazonaws.com

auth.stage-magnet-pandora.nativetouch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.95.147.112 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ca-central-1.amazonaws.com

nativetouch-public.s3.ca-central-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	nativetouch.io auth.stage-magnet-pandora.nativetouch.io	607 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	2 KB
1	gstatic.com fonts.gstatic.com	8 KB
1	amazonaws.com nativetouch-public.s3.ca-central-1.amazonaws.com	3 MB
16	4

	Domain	Requested by
12	auth.stage-magnet-pandora.nativetouch.io	auth.stage-magnet-pandora.nativetouch.io
2	fonts.googleapis.com	client
1	fonts.gstatic.com	fonts.googleapis.com
1	nativetouch-public.s3.ca-central-1.amazonaws.com
16	4

This site contains no links.

Subject Issuer	Validity	Valid
auth.stage-magnet-pandora.nativetouch.io Amazon	`2022-02-25` - `2023-03-26`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
*.s3.ca-central-1.amazonaws.com Amazon	`2021-12-17` - `2022-11-24`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://auth.stage-magnet-pandora.nativetouch.io/
Frame ID: AACBB9467AC16C4D13C7195D88CE8D13
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Nativetouch Login

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

16
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

4051 kB
Transfer

4048 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
auth.stage-magnet-pandora.nativetouch.io/ 603 B
1 KB 415ms
98ms Document
text/html 54.164.68.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.stage-magnet-pandora.nativetouch.io/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.164.68.164 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-164-68-164.compute-1.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

daa11bffbc58aab799f60805de9f30bee46dacf0b9def50caec5748bf2e8fa10

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Cache-Control: public, max-age=0
Connection: keep-alive
Content-Length: 603
Content-Type: text/html; charset=UTF-8
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Date: Thu, 16 Jun 2022 09:56:56 GMT
ETag: W/"25b-17fd7899b50"
Expect-CT: max-age=0
Last-Modified: Tue, 29 Mar 2022 21:16:34 GMT
Origin-Agent-Cluster: ?1
Referrer-Policy: no-referrer
Server: nginx/1.20.0
Strict-Transport-Security: max-age=15552000; includeSubDomains
Vary: Origin
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: off
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 0

GET
H/1.1 200
OK vendor.9f77cc89.js Show response
auth.stage-magnet-pandora.nativetouch.io/js/ 258 KB
259 KB 195ms
194ms Script
application/javascript 54.164.68.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.stage-magnet-pandora.nativetouch.io/js/vendor.9f77cc89.js

Requested by

Host: auth.stage-magnet-pandora.nativetouch.io
URL: https://auth.stage-magnet-pandora.nativetouch.io/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.164.68.164 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-164-68-164.compute-1.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

4b12ce3809a9f78a45eeef299fa9275550ae321fc25d794106a5a5f1335157b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Thu, 16 Jun 2022 09:56:56 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: off
Cross-Origin-Resource-Policy: same-origin
Connection: keep-alive
Content-Length: 264270
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Tue, 29 Mar 2022 21:16:34 GMT
Server: nginx/1.20.0
Cross-Origin-Opener-Policy: same-origin
X-Frame-Options: SAMEORIGIN
ETag: W/"4084e-17fd7899b50"
Expect-CT: max-age=0
Vary: Origin
X-Download-Options: noopen
Content-Type: application/javascript; charset=UTF-8
Origin-Agent-Cluster: ?1
Cache-Control: public, max-age=0
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes

GET
H/1.1 200
OK app.92f02f85.js Show response
auth.stage-magnet-pandora.nativetouch.io/js/ 13 KB
14 KB 390ms
194ms Script
application/javascript 54.164.68.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.stage-magnet-pandora.nativetouch.io/js/app.92f02f85.js

Requested by

Host: auth.stage-magnet-pandora.nativetouch.io
URL: https://auth.stage-magnet-pandora.nativetouch.io/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.164.68.164 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-164-68-164.compute-1.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

a0a28e2c46dbb9282778a132625c0ea19e24dfdb89111fc8891f9ded3a3448c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Thu, 16 Jun 2022 09:56:56 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: off
Cross-Origin-Resource-Policy: same-origin
Connection: keep-alive
Content-Length: 13111
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Tue, 29 Mar 2022 21:16:34 GMT
Server: nginx/1.20.0
Cross-Origin-Opener-Policy: same-origin
X-Frame-Options: SAMEORIGIN
ETag: W/"3337-17fd7899b50"
Expect-CT: max-age=0
Vary: Origin
X-Download-Options: noopen
Content-Type: application/javascript; charset=UTF-8
Origin-Agent-Cluster: ?1
Cache-Control: public, max-age=0
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes

GET
H/1.1 200
OK vendor.032e019f.css
auth.stage-magnet-pandora.nativetouch.io/css/ 243 KB
244 KB 385ms
193ms Stylesheet
text/css 54.164.68.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.stage-magnet-pandora.nativetouch.io/css/vendor.032e019f.css

Requested by

Host: auth.stage-magnet-pandora.nativetouch.io
URL: https://auth.stage-magnet-pandora.nativetouch.io/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.164.68.164 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-164-68-164.compute-1.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

dd1942019aab128669ae143cff314d28146cf0d0bb97fcf6a374f1675bb3ad41

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Thu, 16 Jun 2022 09:56:56 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: off
Cross-Origin-Resource-Policy: same-origin
Connection: keep-alive
Content-Length: 249194
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Tue, 29 Mar 2022 21:16:34 GMT
Server: nginx/1.20.0
Cross-Origin-Opener-Policy: same-origin
X-Frame-Options: SAMEORIGIN
ETag: W/"3cd6a-17fd7899b50"
Expect-CT: max-age=0
Vary: Origin
X-Download-Options: noopen
Content-Type: text/css; charset=UTF-8
Origin-Agent-Cluster: ?1
Cache-Control: public, max-age=0
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes

GET
H/1.1 200
OK app.d14a4284.css
auth.stage-magnet-pandora.nativetouch.io/css/ 715 B
1 KB 294ms
99ms Stylesheet
text/css 54.164.68.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.stage-magnet-pandora.nativetouch.io/css/app.d14a4284.css

Requested by

Host: auth.stage-magnet-pandora.nativetouch.io
URL: https://auth.stage-magnet-pandora.nativetouch.io/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.164.68.164 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-164-68-164.compute-1.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

ba0192ace1c9c7996edaef3f9200cbe9434e0c20b450c913e216e7c582c225db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Thu, 16 Jun 2022 09:56:56 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: off
Cross-Origin-Resource-Policy: same-origin
Connection: keep-alive
Content-Length: 715
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Tue, 29 Mar 2022 21:16:34 GMT
Server: nginx/1.20.0
Cross-Origin-Opener-Policy: same-origin
X-Frame-Options: SAMEORIGIN
ETag: W/"2cb-17fd7899b50"
Expect-CT: max-age=0
Vary: Origin
X-Download-Options: noopen
Content-Type: text/css; charset=UTF-8
Origin-Agent-Cluster: ?1
Cache-Control: public, max-age=0
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes

GET
H/1.1 200
OK i Show response
auth.stage-magnet-pandora.nativetouch.io/ 470 B
2 KB 140ms
140ms XHR
application/json 54.164.68.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.stage-magnet-pandora.nativetouch.io/i

Requested by

Host: auth.stage-magnet-pandora.nativetouch.io
URL: https://auth.stage-magnet-pandora.nativetouch.io/js/vendor.9f77cc89.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.164.68.164 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-164-68-164.compute-1.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

5a2ed040ee17bed7a4a4e77fb61eeb50aa96da8db81e228609fa920a8d886edd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Thu, 16 Jun 2022 09:56:56 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: off
Cross-Origin-Resource-Policy: same-origin
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Length: 470
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Server: nginx/1.20.0
Cross-Origin-Opener-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Expect-CT: max-age=0
Vary: Origin
X-Download-Options: noopen
Content-Type: application/json; charset=utf-8
Origin-Agent-Cluster: ?1
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H/1.1 200
OK 44.71191e73.css
auth.stage-magnet-pandora.nativetouch.io/css/ 149 B
900 B 103ms
103ms Stylesheet
text/css 54.164.68.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.stage-magnet-pandora.nativetouch.io/css/44.71191e73.css

Requested by

Host: auth.stage-magnet-pandora.nativetouch.io
URL: https://auth.stage-magnet-pandora.nativetouch.io/js/app.92f02f85.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.164.68.164 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-164-68-164.compute-1.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

b5c1a8b61f52c9fb92c1f629de72ac63e289d9cfb266dfe234e0b30102c162f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Thu, 16 Jun 2022 09:56:56 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: off
Cross-Origin-Resource-Policy: same-origin
Connection: keep-alive
Content-Length: 149
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Tue, 29 Mar 2022 21:16:34 GMT
Server: nginx/1.20.0
Cross-Origin-Opener-Policy: same-origin
X-Frame-Options: SAMEORIGIN
ETag: W/"95-17fd7899b50"
Expect-CT: max-age=0
Vary: Origin
X-Download-Options: noopen
Content-Type: text/css; charset=UTF-8
Origin-Agent-Cluster: ?1
Cache-Control: public, max-age=0
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes

GET
H/1.1 200
OK 44.e684b092.js Show response
auth.stage-magnet-pandora.nativetouch.io/js/ 605 B
1 KB 105ms
105ms Script
application/javascript 54.164.68.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.stage-magnet-pandora.nativetouch.io/js/44.e684b092.js

Requested by

Host: auth.stage-magnet-pandora.nativetouch.io
URL: https://auth.stage-magnet-pandora.nativetouch.io/js/app.92f02f85.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.164.68.164 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-164-68-164.compute-1.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

68c5918b9395f5d0be2362d8dbb49b8a98b6595a05ddbbb3b495a82a510f7cef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Thu, 16 Jun 2022 09:56:56 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: off
Cross-Origin-Resource-Policy: same-origin
Connection: keep-alive
Content-Length: 605
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Tue, 29 Mar 2022 21:16:34 GMT
Server: nginx/1.20.0
Cross-Origin-Opener-Policy: same-origin
X-Frame-Options: SAMEORIGIN
ETag: W/"25d-17fd7899b50"
Expect-CT: max-age=0
Vary: Origin
X-Download-Options: noopen
Content-Type: application/javascript; charset=UTF-8
Origin-Agent-Cluster: ?1
Cache-Control: public, max-age=0
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes

GET
H/1.1 200
OK 565.1a55418d.css
auth.stage-magnet-pandora.nativetouch.io/css/ 543 B
1 KB 206ms
99ms Stylesheet
text/css 54.164.68.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.stage-magnet-pandora.nativetouch.io/css/565.1a55418d.css

Requested by

Host: auth.stage-magnet-pandora.nativetouch.io
URL: https://auth.stage-magnet-pandora.nativetouch.io/js/app.92f02f85.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.164.68.164 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-164-68-164.compute-1.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

e001fe7de333815ac05250a0987f4364ff06db18de10ec25f98662329135433f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Thu, 16 Jun 2022 09:56:57 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: off
Cross-Origin-Resource-Policy: same-origin
Connection: keep-alive
Content-Length: 543
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Tue, 29 Mar 2022 21:16:34 GMT
Server: nginx/1.20.0
Cross-Origin-Opener-Policy: same-origin
X-Frame-Options: SAMEORIGIN
ETag: W/"21f-17fd7899b50"
Expect-CT: max-age=0
Vary: Origin
X-Download-Options: noopen
Content-Type: text/css; charset=UTF-8
Origin-Agent-Cluster: ?1
Cache-Control: public, max-age=0
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes

GET
H/1.1 200
OK 565.b2ea1087.js Show response
auth.stage-magnet-pandora.nativetouch.io/js/ 4 KB
5 KB 206ms
99ms Script
application/javascript 54.164.68.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.stage-magnet-pandora.nativetouch.io/js/565.b2ea1087.js

Requested by

Host: auth.stage-magnet-pandora.nativetouch.io
URL: https://auth.stage-magnet-pandora.nativetouch.io/js/app.92f02f85.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.164.68.164 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-164-68-164.compute-1.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

e3ef4dc1fb8e894d8111a657d4d6308dc0c54ca5e3106c74c5e5e4362d218c53

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Thu, 16 Jun 2022 09:56:57 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: off
Cross-Origin-Resource-Policy: same-origin
Connection: keep-alive
Content-Length: 4586
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Tue, 29 Mar 2022 21:16:34 GMT
Server: nginx/1.20.0
Cross-Origin-Opener-Policy: same-origin
X-Frame-Options: SAMEORIGIN
ETag: W/"11ea-17fd7899b50"
Expect-CT: max-age=0
Vary: Origin
X-Download-Options: noopen
Content-Type: application/javascript; charset=UTF-8
Origin-Agent-Cluster: ?1
Cache-Control: public, max-age=0
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes

GET
H/1.1 200
OK stylings Show response
auth.stage-magnet-pandora.nativetouch.io/organizations/ 944 B
2 KB 101ms
101ms XHR
application/json 54.164.68.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.stage-magnet-pandora.nativetouch.io/organizations/stylings

Requested by

Host: auth.stage-magnet-pandora.nativetouch.io
URL: https://auth.stage-magnet-pandora.nativetouch.io/js/vendor.9f77cc89.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.164.68.164 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-164-68-164.compute-1.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

26a2f6a27ed1efa8f394baaf2e3c2647f01902f232f220693019e9b21b30a3a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
x-nt-cs: 59cf192d-a580-49a1-9611-4d04a1daa677
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Thu, 16 Jun 2022 09:56:57 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: off
Cross-Origin-Resource-Policy: same-origin
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Length: 944
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Server: nginx/1.20.0
Cross-Origin-Opener-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Expect-CT: max-age=0
Vary: Origin
X-Download-Options: noopen
Content-Type: application/json; charset=utf-8
Origin-Agent-Cluster: ?1
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
827 B 165ms
57ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat&family=Poppins&family=Roboto:wght@300&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a45c7db4a32834c85fbe55b3af191db5e99742c7959fd95620151ab79c6f965c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 16 Jun 2022 09:56:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 16 Jun 2022 09:56:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Jun 2022 09:56:57 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
1 KB 162ms
55ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat&family=Roboto:wght@300&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

798eda6e0bd775a85356d1c6abf9072cff6134898500ef53802cdd75b44b5d6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 16 Jun 2022 09:56:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 16 Jun 2022 09:56:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Jun 2022 09:56:57 GMT

GET
H/1.1 200
OK fa-brands-400.d878b0a6.woff2
auth.stage-magnet-pandora.nativetouch.io/fonts/ 75 KB
76 KB 99ms
99ms Font
font/woff2 54.164.68.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.stage-magnet-pandora.nativetouch.io/fonts/fa-brands-400.d878b0a6.woff2

Requested by

Host: auth.stage-magnet-pandora.nativetouch.io
URL: https://auth.stage-magnet-pandora.nativetouch.io/css/vendor.032e019f.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.164.68.164 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-164-68-164.compute-1.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
Origin: https://auth.stage-magnet-pandora.nativetouch.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Thu, 16 Jun 2022 09:56:57 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: off
Cross-Origin-Resource-Policy: same-origin
Connection: keep-alive
Content-Length: 76736
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Tue, 29 Mar 2022 21:16:34 GMT
Server: nginx/1.20.0
Cross-Origin-Opener-Policy: same-origin
X-Frame-Options: SAMEORIGIN
ETag: W/"12bc0-17fd7899b50"
Expect-CT: max-age=0
Vary: Origin
X-Download-Options: noopen
Content-Type: font/woff2
Access-Control-Allow-Origin: https://auth.stage-magnet-pandora.nativetouch.io
Origin-Agent-Cluster: ?1
Cache-Control: public, max-age=0
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes

GET
H/1.1 200
OK blue+jungle+logo.png
nativetouch-public.s3.ca-central-1.amazonaws.com/magnet-audiences/bodyshop/ 3 MB
3 MB 567ms
224ms Image
image/png 52.95.147.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nativetouch-public.s3.ca-central-1.amazonaws.com/magnet-audiences/bodyshop/blue+jungle+logo.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.147.112 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ca-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 88e9f98b3758d8f8ed829c6547804287ce3d8e0344b27ef3aafacacc616a9c29

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Thu, 16 Jun 2022 09:56:58 GMT
Last-Modified: Wed, 16 Feb 2022 18:13:57 GMT
Server: AmazonS3
x-amz-request-id: C09QWQ4D1XRBVKPG
ETag: "0db67aa3da6c768ea1f274aab978e96b"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3516359
x-amz-id-2: TImLlWqWKErF4elYj8levaJhsaK+21Zach2RC4KZOltZKzcuFTNkg8wic3HOufC+uZS83fkl5fA=

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 148ms
45ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat&family=Poppins&family=Roboto:wght@300&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://auth.stage-magnet-pandora.nativetouch.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 19:24:53 GMT
x-content-type-options: nosniff
age: 52324
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Jun 2023 19:24:53 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.auth.stage-magnet-pandora.nativetouch.io/	1970-01-20 03:49:37	Name: nt.cs Value: 59cf192d-a580-49a1-9611-4d04a1daa677
			auth.stage-magnet-pandora.nativetouch.io/	1970-01-20 03:49:35	Name: connect.sid Value: s%3AXEh3m-lN64qjR5TllBlda3EO_jK3jwQb.J%2BvQy9eAZoJcEujB%2BXQ83DFAmkjYMwM9o5ml5%2BirYLo

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.stage-magnet-pandora.nativetouch.io
fonts.googleapis.com
fonts.gstatic.com
nativetouch-public.s3.ca-central-1.amazonaws.com
2a00:1450:4001:80f::200a
2a00:1450:4001:827::2003
52.95.147.112
54.164.68.164
26a2f6a27ed1efa8f394baaf2e3c2647f01902f232f220693019e9b21b30a3a9
4b12ce3809a9f78a45eeef299fa9275550ae321fc25d794106a5a5f1335157b7
5a2ed040ee17bed7a4a4e77fb61eeb50aa96da8db81e228609fa920a8d886edd
68c5918b9395f5d0be2362d8dbb49b8a98b6595a05ddbbb3b495a82a510f7cef
798eda6e0bd775a85356d1c6abf9072cff6134898500ef53802cdd75b44b5d6b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
88e9f98b3758d8f8ed829c6547804287ce3d8e0344b27ef3aafacacc616a9c29
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
a0a28e2c46dbb9282778a132625c0ea19e24dfdb89111fc8891f9ded3a3448c2
a45c7db4a32834c85fbe55b3af191db5e99742c7959fd95620151ab79c6f965c
b5c1a8b61f52c9fb92c1f629de72ac63e289d9cfb266dfe234e0b30102c162f1
ba0192ace1c9c7996edaef3f9200cbe9434e0c20b450c913e216e7c582c225db
daa11bffbc58aab799f60805de9f30bee46dacf0b9def50caec5748bf2e8fa10
dd1942019aab128669ae143cff314d28146cf0d0bb97fcf6a374f1675bb3ad41
e001fe7de333815ac05250a0987f4364ff06db18de10ec25f98662329135433f
e3ef4dc1fb8e894d8111a657d4d6308dc0c54ca5e3106c74c5e5e4362d218c53

auth.stage-magnet-pandora.nativetouch.io Open in urlscan Pro 54.164.68.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

4 IPs

3 Countries

4051 kBTransfer

4048 kBSize

2 Cookies

0 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

auth.stage-magnet-pandora.nativetouch.io Open in urlscan Pro
54.164.68.164 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

4051 kB
Transfer

4048 kB
Size

2
Cookies

16 HTTP transactions
0 data transactions