sandbox-capital-onboarding.jupiterhq.com Open in urlscan Pro
52.8.140.212 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sandbox-capital-onboarding.jupiterhq.com/login.php
Submission Tags: krdprod
Submission: On September 22 via api (September 22nd 2021, 3:11:05 pm UTC) from JP — Scanned from DE

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 1 countries across 6 domains to perform 15 HTTP transactions. The main IP is 52.8.140.212, located in San Jose, United States and belongs to AMAZON-02, US. The main domain is sandbox-capital-onboarding.jupiterhq.com.
TLS certificate: Issued by R3 on September 22nd 2021. Valid for: 3 months.

This is the only time sandbox-capital-onboarding.jupiterhq.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	52.8.140.212 52.8.140.212	16509 (AMAZON-02) (AMAZON-02)
1	142.250.184.234 142.250.184.234	15169 (GOOGLE) (GOOGLE)
1	142.250.184.196 142.250.184.196	15169 (GOOGLE) (GOOGLE)
1	23.111.9.38 23.111.9.38	33438 (HIGHWINDS2) (HIGHWINDS2)
2	143.204.98.86 143.204.98.86	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.99 142.250.186.99	15169 (GOOGLE) (GOOGLE)
15	6

9 52.8.140.212 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-8-140-212.us-west-1.compute.amazonaws.com

sandbox-capital-onboarding.jupiterhq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.9.38 (United States)

ASN33438 (HIGHWINDS2, US)

cdn.mouseflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-86.fra50.r.cloudfront.net

cdn.plaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	jupiterhq.com sandbox-capital-onboarding.jupiterhq.com	61 KB
2	plaid.com cdn.plaid.com	53 KB
1	gstatic.com www.gstatic.com	134 KB
1	mouseflow.com cdn.mouseflow.com	57 KB
1	google.com www.google.com	1014 B
1	googleapis.com fonts.googleapis.com	1 KB
15	6

	Domain	Requested by
9	sandbox-capital-onboarding.jupiterhq.com	sandbox-capital-onboarding.jupiterhq.com
2	cdn.plaid.com	sandbox-capital-onboarding.jupiterhq.com cdn.plaid.com
1	www.gstatic.com	www.google.com
1	cdn.mouseflow.com	sandbox-capital-onboarding.jupiterhq.com
1	www.google.com	sandbox-capital-onboarding.jupiterhq.com
1	fonts.googleapis.com	sandbox-capital-onboarding.jupiterhq.com
15	6

This site contains no links.

Subject Issuer	Validity	Valid
sandbox-payments-api.jupiterhq.com R3	`2021-09-22` - `2021-12-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.mouseflow.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-12` - `2022-09-14`	2 years	crt.sh
secure.plaid.com DigiCert SHA2 Extended Validation Server CA	`2020-04-17` - `2022-04-22`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://sandbox-capital-onboarding.jupiterhq.com/login.php
Frame ID: EE15569F3C63497DC834B4C85D9A8D8A
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Capital Onboarding

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Mouse Flow (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.mouseflow\.com

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

15
Requests

40 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

6
IPs

1
Countries

308 kB
Transfer

1056 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request login.php Show response
sandbox-capital-onboarding.jupiterhq.com/ 1 KB
2 KB 513ms
165ms Document
text/html 52.8.140.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-capital-onboarding.jupiterhq.com/login.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.8.140.212 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-140-212.us-west-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

708ed12e1ebdd17687a879af2a3fa359a015355d5a351c792cf6083585f0f5b5

Security Headers

Name	Value
Content-Security-Policy	default-src .jupiterhq.com .mouseflow.com dev-capital-onboarding.jupiterhq.com https://s3.us-west-1.amazonaws.com https://api.ipfind.com https://dev-capital-onboarding.jupiterhq.com https://www.google.com https://www.gstatic.com https://cdn.mouseflow.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://js.verygoodvault.com 'self'; font-src .jupiterhq.com https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Host: sandbox-capital-onboarding.jupiterhq.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx/1.21.3
Date: Wed, 22 Sep 2021 15:11:00 GMT
Content-Type: text/html
Content-Length: 1370
Connection: keep-alive
Last-Modified: Tue, 03 Aug 2021 00:48:19 GMT
Vary: Accept-Encoding
ETag: "61089253-55a"
Content-Security-Policy: default-src *.jupiterhq.com *.mouseflow.com *dev-capital-onboarding.jupiterhq.com https://s3.us-west-1.amazonaws.com https://api.ipfind.com https://dev-capital-onboarding.jupiterhq.com https://www.google.com https://www.gstatic.com https://cdn.mouseflow.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://js.verygoodvault.com 'self'; font-src *.jupiterhq.com https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com 'unsafe-inline';
Strict-Transport-Security: max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Accept-Ranges: bytes

GET
H/1.1 200
OK app.df71cf62.css
sandbox-capital-onboarding.jupiterhq.com/css/ 5 KB
6 KB 165ms
164ms Stylesheet
text/css 52.8.140.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-capital-onboarding.jupiterhq.com/css/app.df71cf62.css

Requested by

Host: sandbox-capital-onboarding.jupiterhq.com
URL: https://sandbox-capital-onboarding.jupiterhq.com/login.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.8.140.212 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-140-212.us-west-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

aab19dc036297640d6d899753fe62d6e69947d729cbfbf5c721cea3c2a6613c6

Security Headers

Name	Value
Content-Security-Policy	default-src .jupiterhq.com .mouseflow.com dev-capital-onboarding.jupiterhq.com https://s3.us-west-1.amazonaws.com https://api.ipfind.com https://dev-capital-onboarding.jupiterhq.com https://www.google.com https://www.gstatic.com https://cdn.mouseflow.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://js.verygoodvault.com 'self'; font-src .jupiterhq.com https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: sandbox-capital-onboarding.jupiterhq.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://sandbox-capital-onboarding.jupiterhq.com/login.php
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://sandbox-capital-onboarding.jupiterhq.com/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 15:11:01 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 03 Aug 2021 00:48:19 GMT
Server: nginx/1.21.3
X-Frame-Options: DENY
ETag: "61089253-14e0"
Strict-Transport-Security: max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
Content-Type: text/css
Content-Security-Policy: default-src *.jupiterhq.com *.mouseflow.com *dev-capital-onboarding.jupiterhq.com https://s3.us-west-1.amazonaws.com https://api.ipfind.com https://dev-capital-onboarding.jupiterhq.com https://www.google.com https://www.gstatic.com https://cdn.mouseflow.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://js.verygoodvault.com 'self'; font-src *.jupiterhq.com https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com 'unsafe-inline';
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 5344
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK chunk-vendors.5022128a.css
sandbox-capital-onboarding.jupiterhq.com/css/ 19 KB
5 KB 335ms
170ms Stylesheet
text/css 52.8.140.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-capital-onboarding.jupiterhq.com/css/chunk-vendors.5022128a.css

Requested by

Host: sandbox-capital-onboarding.jupiterhq.com
URL: https://sandbox-capital-onboarding.jupiterhq.com/login.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.8.140.212 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-140-212.us-west-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

3304c9dd706241d8719a11caad5ca80f0b19ce848cb646c06c753ceda6713536

Security Headers

Name	Value
Content-Security-Policy	default-src .jupiterhq.com .mouseflow.com dev-capital-onboarding.jupiterhq.com https://s3.us-west-1.amazonaws.com https://api.ipfind.com https://dev-capital-onboarding.jupiterhq.com https://www.google.com https://www.gstatic.com https://cdn.mouseflow.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://js.verygoodvault.com 'self'; font-src .jupiterhq.com https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: sandbox-capital-onboarding.jupiterhq.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://sandbox-capital-onboarding.jupiterhq.com/login.php
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://sandbox-capital-onboarding.jupiterhq.com/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 15:11:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 03 Aug 2021 00:48:19 GMT
Server: nginx/1.21.3
X-Frame-Options: DENY
ETag: W/"61089253-4bca"
Strict-Transport-Security: max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
Content-Type: text/css
Transfer-Encoding: chunked
Content-Security-Policy: default-src *.jupiterhq.com *.mouseflow.com *dev-capital-onboarding.jupiterhq.com https://s3.us-west-1.amazonaws.com https://api.ipfind.com https://dev-capital-onboarding.jupiterhq.com https://www.google.com https://www.gstatic.com https://cdn.mouseflow.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://js.verygoodvault.com 'self'; font-src *.jupiterhq.com https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com 'unsafe-inline';
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK app.71a52a91.js
sandbox-capital-onboarding.jupiterhq.com/js/ 104 KB
0 669ms
335ms Script
application/javascript 52.8.140.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-capital-onboarding.jupiterhq.com/js/app.71a52a91.js

Requested by

Host: sandbox-capital-onboarding.jupiterhq.com
URL: https://sandbox-capital-onboarding.jupiterhq.com/login.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.8.140.212 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-140-212.us-west-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src .jupiterhq.com .mouseflow.com dev-capital-onboarding.jupiterhq.com https://s3.us-west-1.amazonaws.com https://api.ipfind.com https://dev-capital-onboarding.jupiterhq.com https://www.google.com https://www.gstatic.com https://cdn.mouseflow.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://js.verygoodvault.com 'self'; font-src .jupiterhq.com https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: sandbox-capital-onboarding.jupiterhq.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://sandbox-capital-onboarding.jupiterhq.com/login.php
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://sandbox-capital-onboarding.jupiterhq.com/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 15:11:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 03 Aug 2021 00:48:19 GMT
Server: nginx/1.21.3
X-Frame-Options: DENY
ETag: W/"61089253-4a786"
Strict-Transport-Security: max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
Content-Type: application/javascript
Transfer-Encoding: chunked
Content-Security-Policy: default-src *.jupiterhq.com *.mouseflow.com *dev-capital-onboarding.jupiterhq.com https://s3.us-west-1.amazonaws.com https://api.ipfind.com https://dev-capital-onboarding.jupiterhq.com https://www.google.com https://www.gstatic.com https://cdn.mouseflow.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://js.verygoodvault.com 'self'; font-src *.jupiterhq.com https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com 'unsafe-inline';
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK chunk-vendors.0e545274.js
sandbox-capital-onboarding.jupiterhq.com/js/ 92 KB
0 682ms
346ms Script
application/javascript 52.8.140.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-capital-onboarding.jupiterhq.com/js/chunk-vendors.0e545274.js

Requested by

Host: sandbox-capital-onboarding.jupiterhq.com
URL: https://sandbox-capital-onboarding.jupiterhq.com/login.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.8.140.212 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-140-212.us-west-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src .jupiterhq.com .mouseflow.com dev-capital-onboarding.jupiterhq.com https://s3.us-west-1.amazonaws.com https://api.ipfind.com https://dev-capital-onboarding.jupiterhq.com https://www.google.com https://www.gstatic.com https://cdn.mouseflow.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://js.verygoodvault.com 'self'; font-src .jupiterhq.com https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: sandbox-capital-onboarding.jupiterhq.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://sandbox-capital-onboarding.jupiterhq.com/login.php
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://sandbox-capital-onboarding.jupiterhq.com/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 15:11:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 03 Aug 2021 00:48:19 GMT
Server: nginx/1.21.3
X-Frame-Options: DENY
ETag: W/"61089253-d04c0"
Strict-Transport-Security: max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
Content-Type: application/javascript
Transfer-Encoding: chunked
Content-Security-Policy: default-src *.jupiterhq.com *.mouseflow.com *dev-capital-onboarding.jupiterhq.com https://s3.us-west-1.amazonaws.com https://api.ipfind.com https://dev-capital-onboarding.jupiterhq.com https://www.google.com https://www.gstatic.com https://cdn.mouseflow.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://js.verygoodvault.com 'self'; font-src *.jupiterhq.com https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com 'unsafe-inline';
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK bootstrap.min.css
sandbox-capital-onboarding.jupiterhq.com/static/bootstrap/ 141 KB
22 KB 644ms
325ms Stylesheet
text/css 52.8.140.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-capital-onboarding.jupiterhq.com/static/bootstrap/bootstrap.min.css

Requested by

Host: sandbox-capital-onboarding.jupiterhq.com
URL: https://sandbox-capital-onboarding.jupiterhq.com/login.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.8.140.212 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-140-212.us-west-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Security Headers

Name	Value
Content-Security-Policy	default-src .jupiterhq.com .mouseflow.com dev-capital-onboarding.jupiterhq.com https://s3.us-west-1.amazonaws.com https://api.ipfind.com https://dev-capital-onboarding.jupiterhq.com https://www.google.com https://www.gstatic.com https://cdn.mouseflow.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://js.verygoodvault.com 'self'; font-src .jupiterhq.com https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: sandbox-capital-onboarding.jupiterhq.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://sandbox-capital-onboarding.jupiterhq.com/login.php
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://sandbox-capital-onboarding.jupiterhq.com/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 15:11:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 03 Aug 2021 00:48:19 GMT
Server: nginx/1.21.3
X-Frame-Options: DENY
ETag: W/"61089253-235ed"
Strict-Transport-Security: max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
Content-Type: text/css
Transfer-Encoding: chunked
Content-Security-Policy: default-src *.jupiterhq.com *.mouseflow.com *dev-capital-onboarding.jupiterhq.com https://s3.us-west-1.amazonaws.com https://api.ipfind.com https://dev-capital-onboarding.jupiterhq.com https://www.google.com https://www.gstatic.com https://cdn.mouseflow.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://js.verygoodvault.com 'self'; font-src *.jupiterhq.com https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com 'unsafe-inline';
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
X-Xss-Protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 18 KB
1 KB 61ms
24ms Stylesheet
text/css 142.250.184.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i

Requested by

Host: sandbox-capital-onboarding.jupiterhq.com
URL: https://sandbox-capital-onboarding.jupiterhq.com/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f10.1e100.net

Software

ESF /

Resource Hash

0e3c3790d3ef5f000a5eb4242e477574ee5f23298bca99dc2c81fd007afd45b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sandbox-capital-onboarding.jupiterhq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 14:11:08 GMT
server: ESF
date: Wed, 22 Sep 2021 15:11:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Sep 2021 15:11:01 GMT

GET
H/1.1 200
OK all.min.css
sandbox-capital-onboarding.jupiterhq.com/static/fontawesome-5-5-0/css/ 50 KB
12 KB 644ms
324ms Stylesheet
text/css 52.8.140.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-capital-onboarding.jupiterhq.com/static/fontawesome-5-5-0/css/all.min.css

Requested by

Host: sandbox-capital-onboarding.jupiterhq.com
URL: https://sandbox-capital-onboarding.jupiterhq.com/login.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.8.140.212 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-140-212.us-west-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Security Headers

Name	Value
Content-Security-Policy	default-src .jupiterhq.com .mouseflow.com dev-capital-onboarding.jupiterhq.com https://s3.us-west-1.amazonaws.com https://api.ipfind.com https://dev-capital-onboarding.jupiterhq.com https://www.google.com https://www.gstatic.com https://cdn.mouseflow.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://js.verygoodvault.com 'self'; font-src .jupiterhq.com https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: sandbox-capital-onboarding.jupiterhq.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://sandbox-capital-onboarding.jupiterhq.com/login.php
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://sandbox-capital-onboarding.jupiterhq.com/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 15:11:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 03 Aug 2021 00:48:19 GMT
Server: nginx/1.21.3
X-Frame-Options: DENY
ETag: W/"61089253-c80f"
Strict-Transport-Security: max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
Content-Type: text/css
Transfer-Encoding: chunked
Content-Security-Policy: default-src *.jupiterhq.com *.mouseflow.com *dev-capital-onboarding.jupiterhq.com https://s3.us-west-1.amazonaws.com https://api.ipfind.com https://dev-capital-onboarding.jupiterhq.com https://www.google.com https://www.gstatic.com https://cdn.mouseflow.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://js.verygoodvault.com 'self'; font-src *.jupiterhq.com https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com 'unsafe-inline';
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK style.css
sandbox-capital-onboarding.jupiterhq.com/static/css/ 26 KB
7 KB 499ms
168ms Stylesheet
text/css 52.8.140.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-capital-onboarding.jupiterhq.com/static/css/style.css

Requested by

Host: sandbox-capital-onboarding.jupiterhq.com
URL: https://sandbox-capital-onboarding.jupiterhq.com/login.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.8.140.212 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-140-212.us-west-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

b3a76986f69b00014c1d61800e6bedf643b42b467f7e52dd8a66d14c32094bdd

Security Headers

Name	Value
Content-Security-Policy	default-src .jupiterhq.com .mouseflow.com dev-capital-onboarding.jupiterhq.com https://s3.us-west-1.amazonaws.com https://api.ipfind.com https://dev-capital-onboarding.jupiterhq.com https://www.google.com https://www.gstatic.com https://cdn.mouseflow.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://js.verygoodvault.com 'self'; font-src .jupiterhq.com https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: sandbox-capital-onboarding.jupiterhq.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://sandbox-capital-onboarding.jupiterhq.com/login.php
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://sandbox-capital-onboarding.jupiterhq.com/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 15:11:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 03 Aug 2021 00:48:19 GMT
Server: nginx/1.21.3
X-Frame-Options: DENY
ETag: W/"61089253-6825"
Strict-Transport-Security: max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
Content-Type: text/css
Transfer-Encoding: chunked
Content-Security-Policy: default-src *.jupiterhq.com *.mouseflow.com *dev-capital-onboarding.jupiterhq.com https://s3.us-west-1.amazonaws.com https://api.ipfind.com https://dev-capital-onboarding.jupiterhq.com https://www.google.com https://www.gstatic.com https://cdn.mouseflow.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://js.verygoodvault.com 'self'; font-src *.jupiterhq.com https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com 'unsafe-inline';
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK responsive.css
sandbox-capital-onboarding.jupiterhq.com/static/css/ 6 KB
7 KB 498ms
167ms Stylesheet
text/css 52.8.140.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-capital-onboarding.jupiterhq.com/static/css/responsive.css

Requested by

Host: sandbox-capital-onboarding.jupiterhq.com
URL: https://sandbox-capital-onboarding.jupiterhq.com/login.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.8.140.212 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-140-212.us-west-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

61e010775f36a82479ca371ce93fdf040fc1b0e98cc601c1841bde81c9cb1c5b

Security Headers

Name	Value
Content-Security-Policy	default-src .jupiterhq.com .mouseflow.com dev-capital-onboarding.jupiterhq.com https://s3.us-west-1.amazonaws.com https://api.ipfind.com https://dev-capital-onboarding.jupiterhq.com https://www.google.com https://www.gstatic.com https://cdn.mouseflow.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://js.verygoodvault.com 'self'; font-src .jupiterhq.com https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: sandbox-capital-onboarding.jupiterhq.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://sandbox-capital-onboarding.jupiterhq.com/login.php
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://sandbox-capital-onboarding.jupiterhq.com/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 15:11:01 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 03 Aug 2021 00:48:19 GMT
Server: nginx/1.21.3
X-Frame-Options: DENY
ETag: "61089253-1770"
Strict-Transport-Security: max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
Content-Type: text/css
Content-Security-Policy: default-src *.jupiterhq.com *.mouseflow.com *dev-capital-onboarding.jupiterhq.com https://s3.us-west-1.amazonaws.com https://api.ipfind.com https://dev-capital-onboarding.jupiterhq.com https://www.google.com https://www.gstatic.com https://cdn.mouseflow.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://js.verygoodvault.com 'self'; font-src *.jupiterhq.com https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com 'unsafe-inline';
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 6000
X-Xss-Protection: 1; mode=block

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 916 B
1014 B 68ms
27ms Script
text/javascript 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=vueRecaptchaApiLoaded&render=explicit

Requested by

Host: sandbox-capital-onboarding.jupiterhq.com
URL: https://sandbox-capital-onboarding.jupiterhq.com/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f4.1e100.net

Software

GSE /

Resource Hash

4ba33d3ed230a164471d12d7afdaaaedee8cd35a4d6fce4256afbd7a0c99b95b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sandbox-capital-onboarding.jupiterhq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 15:11:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 580
x-xss-protection: 1; mode=block
expires: Wed, 22 Sep 2021 15:11:01 GMT

GET
H2 200 f75dbfd7-fecd-483e-9685-b121bdbd88b8.js Show response
cdn.mouseflow.com/projects/ 172 KB
57 KB 120ms
106ms Script
application/javascript 23.111.9.38
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mouseflow.com/projects/f75dbfd7-fecd-483e-9685-b121bdbd88b8.js
Requested by: Host: sandbox-capital-onboarding.jupiterhq.com
URL: https://sandbox-capital-onboarding.jupiterhq.com/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.38 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: f4ad8df94eadbecf8d0c1c322fa9c5fc9501da0fef63bcff49fe46596129045a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sandbox-capital-onboarding.jupiterhq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 15:11:01 GMT
content-encoding: gzip
last-modified: Thu, 09 Sep 2021 15:00:19 GMT
server: NetDNA-cache/2.2
etag: W/"f29440688ba5d71:0"
x-cache: MISS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ 77 KB
24 KB 84ms
33ms Script
application/javascript 143.204.98.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: sandbox-capital-onboarding.jupiterhq.com
URL: https://sandbox-capital-onboarding.jupiterhq.com/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-86.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8635abc629add1a7da910c46a66e770449c6520ace7f24266c384508df04075e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sandbox-capital-onboarding.jupiterhq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 18:47:21 GMT
content-encoding: gzip
x-amz-request-id: NV9S4X36Y0XSG6V4
x-amz-server-side-encryption: AES256
x-edge-origin-shield-skipped: 0
x-amz-replication-status: COMPLETED
x-cache: Hit from cloudfront
x-amz-id-2: AtclNKkTtRl1deMYesg541/6ED0uM2J6XZm/wzQTqL5+MVv2kIBk5jJ2y41KIm7fbycW/Zpnpxk=
last-modified: Tue, 21 Sep 2021 17:59:57 GMT
server: AmazonS3
etag: W/"5b4bf740ca616d4a8753517a0dd899a4"
vary: Accept-Encoding
x-amz-version-id: LKmtuvSX4boHdnRQYgzSnAib8yJMeD1p
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: 7nnMn5DiLcWkMify9J08KUmQN_Fc1Q0vCfebjamNWZUvXsb1ip_czQ==

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/ 342 KB
134 KB 31ms
8ms Script
text/javascript 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=vueRecaptchaApiLoaded&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

b8c490e04a2be43d25df6263307477469d6ef82a318809f800bedda65c4803b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sandbox-capital-onboarding.jupiterhq.com/
Origin: https://sandbox-capital-onboarding.jupiterhq.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 15:00:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 605
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136719
x-xss-protection: 0
last-modified: Sun, 12 Sep 2021 18:01:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Thu, 22 Sep 2022 15:00:56 GMT

GET
H2 200 link-dynamic-loader.js
cdn.plaid.com/link/2.0.1157/ 0
28 KB 19ms
19ms Other
application/javascript 143.204.98.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/2.0.1157/link-dynamic-loader.js
Requested by: Host: cdn.plaid.com
URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-86.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sandbox-capital-onboarding.jupiterhq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 18:47:22 GMT
content-encoding: gzip
age: 73420
x-amz-server-side-encryption: AES256
x-edge-origin-shield-skipped: 0
x-amz-replication-status: COMPLETED
x-cache: Hit from cloudfront
last-modified: Tue, 21 Sep 2021 17:59:57 GMT
server: AmazonS3
etag: W/"aae6810947c5938d30cab0e0234cef94"
vary: Accept-Encoding
x-amz-version-id: 5XJPo2hb1QW2H.Im26ulolhqEgzoqrfY
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=10800
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: 1UsZCx04hNWcR2rKCm5yAQoi8BE96E73JfhhYOXFxnGqxKPYzPKHAQ==

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://sandbox-capital-onboarding.jupiterhq.com/login.php Message: The source list for the Content Security Policy directive 'default-src' contains an invalid source: '*dev-capital-onboarding.jupiterhq.com'. It will be ignored.
network	error	URL: https://sandbox-capital-onboarding.jupiterhq.com/js/chunk-vendors.0e545274.js Message: Failed to load resource: net::ERR_INCOMPLETE_CHUNKED_ENCODING
network	error	URL: https://sandbox-capital-onboarding.jupiterhq.com/js/app.71a52a91.js Message: Failed to load resource: net::ERR_INCOMPLETE_CHUNKED_ENCODING

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src .jupiterhq.com .mouseflow.com dev-capital-onboarding.jupiterhq.com https://s3.us-west-1.amazonaws.com https://api.ipfind.com https://dev-capital-onboarding.jupiterhq.com https://www.google.com https://www.gstatic.com https://cdn.mouseflow.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://js.verygoodvault.com 'self'; font-src .jupiterhq.com https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.gstatic.com https://use.fontawesome.com https://fonts.googleapis.com 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.mouseflow.com
cdn.plaid.com
fonts.googleapis.com
sandbox-capital-onboarding.jupiterhq.com
www.google.com
www.gstatic.com
142.250.184.196
142.250.184.234
142.250.186.99
143.204.98.86
23.111.9.38
52.8.140.212
0e3c3790d3ef5f000a5eb4242e477574ee5f23298bca99dc2c81fd007afd45b9
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
3304c9dd706241d8719a11caad5ca80f0b19ce848cb646c06c753ceda6713536
4ba33d3ed230a164471d12d7afdaaaedee8cd35a4d6fce4256afbd7a0c99b95b
61e010775f36a82479ca371ce93fdf040fc1b0e98cc601c1841bde81c9cb1c5b
708ed12e1ebdd17687a879af2a3fa359a015355d5a351c792cf6083585f0f5b5
8635abc629add1a7da910c46a66e770449c6520ace7f24266c384508df04075e
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
aab19dc036297640d6d899753fe62d6e69947d729cbfbf5c721cea3c2a6613c6
b3a76986f69b00014c1d61800e6bedf643b42b467f7e52dd8a66d14c32094bdd
b8c490e04a2be43d25df6263307477469d6ef82a318809f800bedda65c4803b0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4ad8df94eadbecf8d0c1c322fa9c5fc9501da0fef63bcff49fe46596129045a

sandbox-capital-onboarding.jupiterhq.com Open in urlscan Pro 52.8.140.212 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

15 Requests

40 %HTTPS

0 %IPv6

6 Domains

6 Subdomains

6 IPs

1 Countries

308 kBTransfer

1056 kBSize

0 Cookies

0 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

0 Cookies

3 Console Messages

Security Headers

Indicators

sandbox-capital-onboarding.jupiterhq.com Open in urlscan Pro
52.8.140.212 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

40 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

6
IPs

1
Countries

308 kB
Transfer

1056 kB
Size

0
Cookies

15 HTTP transactions
0 data transactions