claims.orderprotection.dev Open in urlscan Pro
52.52.242.16 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://claims.orderprotection.dev/
Submission: On April 05 via api (April 5th 2024, 12:13:32 am UTC) from US — Scanned from US

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 1 countries across 4 domains to perform 17 HTTP transactions. The main IP is 52.52.242.16, located in San Jose, United States and belongs to AMAZON-02, US. The main domain is claims.orderprotection.dev.
TLS certificate: Issued by Amazon RSA 2048 M03 on January 19th 2024. Valid for: a year.

This is the only time claims.orderprotection.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	52.52.242.16 52.52.242.16	16509 (AMAZON-02) (AMAZON-02)
3	2607:f8b0:400... 2607:f8b0:4004:c06::5f	15169 (GOOGLE) (GOOGLE)
2	35.201.112.186 35.201.112.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c08::5e	15169 (GOOGLE) (GOOGLE)
17	5

9 52.52.242.16 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-52-242-16.us-west-1.compute.amazonaws.com

claims.orderprotection.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staging.orderprotection.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c06::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	orderprotection.dev claims.orderprotection.dev staging.orderprotection.dev	1 MB
4	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 2161 rs.fullstory.com — Cisco Umbrella Rank: 2132	73 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 38	4 KB
1	gstatic.com fonts.gstatic.com	46 KB
17	4

	Domain	Requested by
7	claims.orderprotection.dev	claims.orderprotection.dev
3	fonts.googleapis.com	claims.orderprotection.dev
2	staging.orderprotection.dev	claims.orderprotection.dev
2	rs.fullstory.com	edge.fullstory.com
2	edge.fullstory.com	claims.orderprotection.dev edge.fullstory.com
1	fonts.gstatic.com	fonts.googleapis.com
17	6

This site contains no links.

Subject Issuer	Validity	Valid
*.orderprotection.dev Amazon RSA 2048 M03	`2024-01-19` - `2025-02-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
edge.fullstory.com GTS CA 1D4	`2024-03-07` - `2024-06-05`	3 months	crt.sh
rs.fullstory.com GTS CA 1D4	`2024-03-05` - `2024-06-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://claims.orderprotection.dev/
Frame ID: 613738DB80029D6F65D147A494BEBEEC
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Submit a Claim | OrderProtection.com

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

17
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

6
Subdomains

5
IPs

1
Countries

1160 kB
Transfer

3483 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
claims.orderprotection.dev/ 4 KB
2 KB 462ms
88ms Document
text/html 52.52.242.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://claims.orderprotection.dev/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.52.242.16 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-52-242-16.us-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 0a8facd25a166a9fc6931100368b4eea11f8e316f2cf09f0888c5895f71d01c3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html
date: Fri, 05 Apr 2024 00:13:26 GMT
etag: W/"660c5caf-eff"
last-modified: Tue, 02 Apr 2024 19:29:51 GMT
server: istio-envoy
transfer-encoding: chunked
x-envoy-upstream-service-time: 2

GET
H/1.1 200
OK stylesheet.css
claims.orderprotection.dev/fonts/hellix/ 7 KB
1 KB 84ms
83ms Stylesheet
text/css 52.52.242.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://claims.orderprotection.dev/fonts/hellix/stylesheet.css
Requested by: Host: claims.orderprotection.dev
URL: https://claims.orderprotection.dev/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.52.242.16 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-52-242-16.us-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 034ceddcf419da0a252aa0b924b324265e7adb3fda3081046b9b3490f49da0ba

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://claims.orderprotection.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:13:26 GMT
content-encoding: gzip
last-modified: Tue, 02 Apr 2024 19:29:48 GMT
server: istio-envoy
etag: W/"660c5cac-1a90"
transfer-encoding: chunked
content-type: text/css
cache-control: max-age=2592000,public
x-envoy-upstream-service-time: 0
expires: Sun, 05 May 2024 00:13:26 GMT

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 63ms
29ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600&display=swap

Requested by

Host: claims.orderprotection.dev
URL: https://claims.orderprotection.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

63fd0069ced51bf0645c28ded71b08ad8d15b1cfb358ff56edb137872e8c62dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://claims.orderprotection.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 05 Apr 2024 00:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 04 Apr 2024 23:14:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 Apr 2024 00:13:26 GMT

GET
H/1.1 200
OK index-fa98f091.js Show response
claims.orderprotection.dev/assets/ 2 MB
793 KB 325ms
164ms Script
application/javascript 52.52.242.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://claims.orderprotection.dev/assets/index-fa98f091.js
Requested by: Host: claims.orderprotection.dev
URL: https://claims.orderprotection.dev/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.52.242.16 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-52-242-16.us-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 8f82047650d6b44ed2876b58a75030c51bdb18e69b11e37d6c846da5f4a2f54e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://claims.orderprotection.dev/
Origin: https://claims.orderprotection.dev
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:13:27 GMT
content-encoding: gzip
last-modified: Tue, 02 Apr 2024 19:29:51 GMT
server: istio-envoy
etag: W/"660c5caf-20a500"
transfer-encoding: chunked
content-type: application/javascript
cache-control: max-age=2592000,public
x-envoy-upstream-service-time: 2
expires: Sun, 05 May 2024 00:13:27 GMT

GET
H/1.1 200
OK index-e4eda492.css
claims.orderprotection.dev/assets/ 931 KB
157 KB 248ms
165ms Stylesheet
text/css 52.52.242.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://claims.orderprotection.dev/assets/index-e4eda492.css
Requested by: Host: claims.orderprotection.dev
URL: https://claims.orderprotection.dev/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.52.242.16 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-52-242-16.us-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: e4eda4925c2d0f86247b9ff8dac2ec72f4a1d332c7a297bfab5c945da41319c4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://claims.orderprotection.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:13:26 GMT
content-encoding: gzip
last-modified: Tue, 02 Apr 2024 19:29:51 GMT
server: istio-envoy
etag: W/"660c5caf-e8a5e"
transfer-encoding: chunked
content-type: text/css
cache-control: max-age=2592000,public
x-envoy-upstream-service-time: 3
expires: Sun, 05 May 2024 00:13:26 GMT

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 255 KB
70 KB 32ms
10ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: claims.orderprotection.dev
URL: https://claims.orderprotection.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 284c167c166a0fe9167c8d3a9f565b03c5de6c1142c35435b5e1c3d3d5adebe1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://claims.orderprotection.dev/
Origin: https://claims.orderprotection.dev
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:13:17 GMT
content-encoding: br
age: 9
x-guploader-uploadid: ABPtcPrn_JUhSDfJNlPcwpesO7zbcAzOHx433uBYQJEn_AOQwIM1nQrW1hQCTchGXsYPE927Xdk
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71141
last-modified: Thu, 04 Apr 2024 13:09:54 GMT
server: UploadServer
etag: "a01e64f7889479a60e5ebff583bcc57d"
vary: Accept-Encoding
x-goog-generation: 1712236194268244
x-goog-hash: crc32c=rH3Xuw==, md5=oB5k94iUeaYOXr/1g7zFfQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 71141
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 05 Apr 2024 01:13:17 GMT

GET
H2 200 web Show response
edge.fullstory.com/s/settings/o-1F3RC0-na1/v1/ 4 KB
1 KB 31ms
31ms XHR
application/json 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/settings/o-1F3RC0-na1/v1/web
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0d5ed5f7d3bc463205d451c09da87cc81ddbe385f434c8e772929e688cdc43db

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://claims.orderprotection.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:13:27 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ABPtcPo4cvL5bew-iDC8aZIhJNDx3PnKRkAbOPTT2RCmY7y-hGBHCdXBNsIhGoTmCX__94PsKtPjjITmPg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1187
last-modified: Fri, 05 Apr 2024 00:12:00 GMT
server: UploadServer
etag: "42407451ab3c07466f491429626ed018"
x-goog-generation: 1712239320501233
x-goog-hash: crc32c=gcjvWw==, md5=QkB0Uas8B0ZvSRQpYm7QGA==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=900,no-transform
x-goog-stored-content-length: 1187
accept-ranges: bytes
content-type: application/json
expires: Fri, 05 Apr 2024 00:28:27 GMT

GET
H2 200 css2
fonts.googleapis.com/ 49 KB
2 KB 32ms
31ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Requested by

Host: claims.orderprotection.dev
URL: https://claims.orderprotection.dev/assets/index-e4eda492.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cae4e5cd3aee52fbe3650ce966a06298d909470b0b822868487a8c0b50bba0ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://claims.orderprotection.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 05 Apr 2024 00:13:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 05 Apr 2024 00:03:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 Apr 2024 00:13:27 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
824 B 31ms
30ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,700

Requested by

Host: claims.orderprotection.dev
URL: https://claims.orderprotection.dev/assets/index-e4eda492.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://claims.orderprotection.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 05 Apr 2024 00:13:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 04 Apr 2024 23:33:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 Apr 2024 00:13:27 GMT

POST
H2 200 page Show response
rs.fullstory.com/rec/ 5 KB
2 KB 112ms
86ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/page
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: a5c5763d082ffaecac31f016a458549ce1141d762b1f63a4b327eacd7c65eb69

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://claims.orderprotection.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 05 Apr 2024 00:13:27 GMT
content-encoding: gzip
via: 1.1 google
content-type: application/json; charset=utf-8
access-control-allow-origin: https://claims.orderprotection.dev
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1431

GET
H/1.1 200
OK white-label Show response
staging.orderprotection.dev/api/settings/ 17 B
694 B 507ms
200ms XHR
application/json 52.52.242.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://staging.orderprotection.dev/api/settings/white-label
Requested by: Host: claims.orderprotection.dev
URL: https://claims.orderprotection.dev/assets/index-fa98f091.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.52.242.16 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-52-242-16.us-west-1.compute.amazonaws.com
Software: istio-envoy / Express
Resource Hash: 925c17d15553f6fb6733c5b8992a40b4f54717726b39d338e81c317f5a0d56a9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://claims.orderprotection.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:13:28 GMT
server: istio-envoy
x-powered-by: Express
etag: W/"11-LtDlPbKu/3xrsVxttuGfjs8VyX0"
vary: Origin
access-control-allow-methods: GET,PUT,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://claims.orderprotection.dev
access-control-allow-credentials: true
x-envoy-upstream-service-time: 116
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 17

GET
H/1.1 200
OK settings Show response
staging.orderprotection.dev/api/stores/-1/ 2 B
670 B 410ms
103ms XHR
application/json 52.52.242.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://staging.orderprotection.dev/api/stores/-1/settings
Requested by: Host: claims.orderprotection.dev
URL: https://claims.orderprotection.dev/assets/index-fa98f091.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.52.242.16 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-52-242-16.us-west-1.compute.amazonaws.com
Software: istio-envoy / Express
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://claims.orderprotection.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:13:28 GMT
server: istio-envoy
x-powered-by: Express
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary: Origin
access-control-allow-methods: GET,PUT,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://claims.orderprotection.dev
access-control-allow-credentials: true
x-envoy-upstream-service-time: 20
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 2

GET
H/1.1 200
OK favicon.ico
claims.orderprotection.dev/ 15 KB
15 KB 86ms
85ms Other
image/x-icon 52.52.242.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://claims.orderprotection.dev/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.52.242.16 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-52-242-16.us-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: ec4fd2ce073b32646ab0f965a53cb8837ebbb5a7417741c3dc932e475af4417f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://claims.orderprotection.dev/submitClaim
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:13:27 GMT
last-modified: Tue, 02 Apr 2024 19:29:48 GMT
server: istio-envoy
etag: "660c5cac-3c2e"
content-type: image/x-icon
x-envoy-upstream-service-time: 1
accept-ranges: bytes
content-length: 15406

GET
H/1.1 200
OK NeueFaktumExtended-SemiBold.woff2
claims.orderprotection.dev/fonts/hellix/ 44 KB
44 KB 85ms
84ms Font
font/woff2 52.52.242.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://claims.orderprotection.dev/fonts/hellix/NeueFaktumExtended-SemiBold.woff2
Requested by: Host: claims.orderprotection.dev
URL: https://claims.orderprotection.dev/fonts/hellix/stylesheet.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.52.242.16 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-52-242-16.us-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 23d59ccce6460da6efdf015877e381707df41d34b168674b57e444cd6ed2a63b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://claims.orderprotection.dev/fonts/hellix/stylesheet.css
Origin: https://claims.orderprotection.dev
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:13:28 GMT
last-modified: Tue, 02 Apr 2024 19:29:48 GMT
server: istio-envoy
etag: "660c5cac-b044"
content-type: font/woff2
x-envoy-upstream-service-time: 1
accept-ranges: bytes
content-length: 45124

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 56ms
23ms Font
font/woff2 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://claims.orderprotection.dev
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 22:15:14 GMT
x-content-type-options: nosniff
age: 7094
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Apr 2025 22:15:14 GMT

GET
H/1.1 200
OK order-protection-logo-e2a87011.svg
claims.orderprotection.dev/assets/ 23 KB
23 KB 85ms
84ms Image
image/svg+xml 52.52.242.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claims.orderprotection.dev/assets/order-protection-logo-e2a87011.svg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.52.242.16 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-52-242-16.us-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: e2a87011cacd81ae2d3ea32d5161cda402b29e73a8205c46ee05f9a8d612dbe7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://claims.orderprotection.dev/submitClaim
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:13:28 GMT
last-modified: Tue, 02 Apr 2024 19:29:51 GMT
server: istio-envoy
etag: "660c5caf-5b49"
content-type: image/svg+xml
cache-control: max-age=2592000,public
x-envoy-upstream-service-time: 1
accept-ranges: bytes
content-length: 23369
expires: Sun, 05 May 2024 00:13:28 GMT

POST
H2 200 v2 Show response
rs.fullstory.com/rec/bundle/ 29 B
82 B 72ms
71ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle/v2?OrgId=o-1F3RC0-na1&UserId=3bb43cd7-a972-4292-a2c7-1711f432021a&SessionId=09c65738-0610-4cdb-b16d-aada5ec22376&PageId=63ab9f89-4c7b-407e-8d4f-667292f526c8&Seq=1&ClientTime=1712276008520&PageStart=1712276007500&PrevBundleTime=0&LastActivity=677&IsNewSession=true&ContentEncoding=gzip
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 508ea3dbd1a0758be8fa3c2df2da3ba19b7fa96f35adaa6527fd1bf67e50bc43

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://claims.orderprotection.dev/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://claims.orderprotection.dev
date: Fri, 05 Apr 2024 00:13:28 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
content-type: application/json; charset=utf-8

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.orderprotection.dev/	1970-01-20 19:37:57	Name: fs_lua Value: 1.1712276007498
.orderprotection.dev/	1970-01-21 04:23:32	Name: fs_uid Value: #o-1F3RC0-na1#3bb43cd7-a972-4292-a2c7-1711f432021a:09c65738-0610-4cdb-b16d-aada5ec22376:1712276007498::1#/1743812009
staging.orderprotection.dev/	1970-01-20 19:37:56	Name: connect.sid Value: s%3A8D1IcICWUJOv8ZtG01W0Umy8xy4lbcoA.uFPv2yMiv7vhS9NtM94n96IQ%2B%2FGMxhjcRvApm%2FlBnRE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

claims.orderprotection.dev
edge.fullstory.com
fonts.googleapis.com
fonts.gstatic.com
rs.fullstory.com
staging.orderprotection.dev
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c08::5e
35.186.194.58
35.201.112.186
52.52.242.16
034ceddcf419da0a252aa0b924b324265e7adb3fda3081046b9b3490f49da0ba
0a8facd25a166a9fc6931100368b4eea11f8e316f2cf09f0888c5895f71d01c3
0d5ed5f7d3bc463205d451c09da87cc81ddbe385f434c8e772929e688cdc43db
23d59ccce6460da6efdf015877e381707df41d34b168674b57e444cd6ed2a63b
284c167c166a0fe9167c8d3a9f565b03c5de6c1142c35435b5e1c3d3d5adebe1
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
508ea3dbd1a0758be8fa3c2df2da3ba19b7fa96f35adaa6527fd1bf67e50bc43
63fd0069ced51bf0645c28ded71b08ad8d15b1cfb358ff56edb137872e8c62dc
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8f82047650d6b44ed2876b58a75030c51bdb18e69b11e37d6c846da5f4a2f54e
925c17d15553f6fb6733c5b8992a40b4f54717726b39d338e81c317f5a0d56a9
a5c5763d082ffaecac31f016a458549ce1141d762b1f63a4b327eacd7c65eb69
bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d
cae4e5cd3aee52fbe3650ce966a06298d909470b0b822868487a8c0b50bba0ac
e2a87011cacd81ae2d3ea32d5161cda402b29e73a8205c46ee05f9a8d612dbe7
e4eda4925c2d0f86247b9ff8dac2ec72f4a1d332c7a297bfab5c945da41319c4
ec4fd2ce073b32646ab0f965a53cb8837ebbb5a7417741c3dc932e475af4417f

claims.orderprotection.dev Open in urlscan Pro 52.52.242.16 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

17 Requests

100 %HTTPS

40 %IPv6

4 Domains

6 Subdomains

5 IPs

1 Countries

1160 kBTransfer

3483 kBSize

3 Cookies

0 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

3 Cookies

Indicators

claims.orderprotection.dev Open in urlscan Pro
52.52.242.16 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

6
Subdomains

5
IPs

1
Countries

1160 kB
Transfer

3483 kB
Size

3
Cookies

17 HTTP transactions
0 data transactions