URL: https://staging-account.mybox.com.pa/
Submission: On October 10 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 24 HTTP transactions. The main IP is 159.89.53.28, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is staging-account.mybox.com.pa.
TLS certificate: Issued by E5 on October 10th 2024. Valid for: 3 months.
This is the only time staging-account.mybox.com.pa was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 159.89.53.28 14061 (DIGITALOC...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 3.88.208.125 14618 (AMAZON-AES)
24 7
Apex Domain
Subdomains
Transfer
15 mybox.com.pa
staging-account.mybox.com.pa
4 MB
4 gstatic.com
www.gstatic.com
fonts.gstatic.com
258 KB
2 paketos.io
staging.api.paketos.io
796 B
2 google.com
www.google.com — Cisco Umbrella Rank: 3
992 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
1 KB
24 5
Domain Requested by
15 staging-account.mybox.com.pa staging-account.mybox.com.pa
3 fonts.gstatic.com fonts.googleapis.com
2 staging.api.paketos.io staging-account.mybox.com.pa
2 www.google.com staging-account.mybox.com.pa
www.gstatic.com
1 www.gstatic.com www.google.com
1 fonts.googleapis.com staging-account.mybox.com.pa
24 6

This site contains no links.

Subject Issuer Validity Valid
staging-account.mybox.com.pa
E5
2024-10-10 -
2025-01-08
3 months crt.sh
upload.video.google.com
WR2
2024-09-24 -
2024-12-17
3 months crt.sh
*.google.com
WR2
2024-09-24 -
2024-12-17
3 months crt.sh
*.gstatic.com
WR2
2024-09-24 -
2024-12-17
3 months crt.sh
staging.api.pakebox.com.co
R10
2024-08-20 -
2024-11-18
3 months crt.sh

This page contains 2 frames:

Primary Page: https://staging-account.mybox.com.pa/
Frame ID: AB761DB204EB2014CE0C2B26A61BDA42
Requests: 27 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld4dCQaAAAAAGzlM9bnjCkatBsjSQyJA9YA1zOt&co=aHR0cHM6Ly9zdGFnaW5nLWFjY291bnQubXlib3guY29tLnBhOjQ0Mw..&hl=de&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=ewpiacq8ksd3
Frame ID: 911245848CBB1306827FA922E8BC181D
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Customers Platform - Paketos

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

24
Requests

100 %
HTTPS

67 %
IPv6

5
Domains

6
Subdomains

7
IPs

2
Countries

4704 kB
Transfer

9362 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
staging-account.mybox.com.pa/
998 B
1 KB
Document
General
Full URL
https://staging-account.mybox.com.pa/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.89.53.28 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
52509ab6991a504dd049bcd36abd50e2700d002b533e6aed0abea5cf0284aa1d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Thu, 10 Oct 2024 11:07:08 GMT
ETag
W/"670548f1-3e6"
Last-Modified
Tue, 08 Oct 2024 15:00:01 GMT
Referrer-Policy
same-origin
Server
nginx
Strict-Transport-Security
max-age=15552000; includeSubDomains; preload
Transfer-Encoding
chunked
Vary
Accept-Encoding Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
master-only
css
fonts.googleapis.com/
7 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&display=swap
Requested by
Host: staging-account.mybox.com.pa
URL: https://staging-account.mybox.com.pa/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5a3caccba6fd4ae558536980bcb4c3a43f87fe2256b86f64dd4c1de13fa55325
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 10 Oct 2024 11:07:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 10 Oct 2024 11:07:10 GMT
content-type
text/css; charset=utf-8
last-modified
Thu, 10 Oct 2024 09:27:04 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
api.js
www.google.com/recaptcha/
1 KB
992 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?render=6Ld4dCQaAAAAAGzlM9bnjCkatBsjSQyJA9YA1zOt
Requested by
Host: staging-account.mybox.com.pa
URL: https://staging-account.mybox.com.pa/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ac1ade5f4fc65f0c322d34112bdedc08f8da1086dc149aad69ffed567b9cb258
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Thu, 10 Oct 2024 11:07:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Thu, 10 Oct 2024 11:07:09 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
styles.dc2fc90903c9a64ed146.css
staging-account.mybox.com.pa/static/css/
989 KB
167 KB
Stylesheet
General
Full URL
https://staging-account.mybox.com.pa/static/css/styles.dc2fc90903c9a64ed146.css
Requested by
Host: staging-account.mybox.com.pa
URL: https://staging-account.mybox.com.pa/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.89.53.28 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
6607880ca1838bc56fa1798c6d2f9813e3374efca4b26178dc352823ce207e42
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://staging-account.mybox.com.pa/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=15552000; includeSubDomains; preload
Content-Encoding
gzip
ETag
W/"670548f1-f744d"
Connection
keep-alive
X-Permitted-Cross-Domain-Policies
master-only
X-Content-Type-Options
nosniff
Referrer-Policy
same-origin
Access-Control-Allow-Origin
*
Date
Thu, 10 Oct 2024 11:07:09 GMT
Last-Modified
Tue, 08 Oct 2024 15:00:01 GMT
Content-Type
text/css
Vary
Accept-Encoding, Accept-Encoding
Server
nginx
X-Frame-Options
SAMEORIGIN
runtime.c5079612444a5add1e1b.js
staging-account.mybox.com.pa/static/js/
5 KB
4 KB
Script
General
Full URL
https://staging-account.mybox.com.pa/static/js/runtime.c5079612444a5add1e1b.js
Requested by
Host: staging-account.mybox.com.pa
URL: https://staging-account.mybox.com.pa/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.89.53.28 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
94bc4f1d4a4f74b89718155d61e2888ec96103acba6c0970fde63fa832649d34
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://staging-account.mybox.com.pa/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=15552000; includeSubDomains; preload
Content-Encoding
gzip
ETag
W/"670548f1-14ff"
Connection
keep-alive
X-Permitted-Cross-Domain-Policies
master-only
X-Content-Type-Options
nosniff
Referrer-Policy
same-origin
Access-Control-Allow-Origin
*
Date
Thu, 10 Oct 2024 11:07:09 GMT
Last-Modified
Tue, 08 Oct 2024 15:00:01 GMT
Content-Type
application/javascript
Vary
Accept-Encoding, Accept-Encoding
Server
nginx
X-Frame-Options
SAMEORIGIN
0.d8bf81ade63047659b0d.js
staging-account.mybox.com.pa/static/js/
10 KB
2 KB
Script
General
Full URL
https://staging-account.mybox.com.pa/static/js/0.d8bf81ade63047659b0d.js
Requested by
Host: staging-account.mybox.com.pa
URL: https://staging-account.mybox.com.pa/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.89.53.28 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
b3be4df5795c0708ce153949dbccc57351878e5e6155c43a925db5ba5e5bdf2f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://staging-account.mybox.com.pa/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=15552000; includeSubDomains; preload
Content-Encoding
gzip
ETag
W/"670548f1-264a"
Connection
keep-alive
X-Permitted-Cross-Domain-Policies
master-only
X-Content-Type-Options
nosniff
Referrer-Policy
same-origin
Access-Control-Allow-Origin
*
Date
Thu, 10 Oct 2024 11:07:09 GMT
Last-Modified
Tue, 08 Oct 2024 15:00:01 GMT
Content-Type
application/javascript
Vary
Accept-Encoding, Accept-Encoding
Server
nginx
X-Frame-Options
SAMEORIGIN
41.961274a90f66702de127.js
staging-account.mybox.com.pa/static/js/
590 KB
172 KB
Script
General
Full URL
https://staging-account.mybox.com.pa/static/js/41.961274a90f66702de127.js
Requested by
Host: staging-account.mybox.com.pa
URL: https://staging-account.mybox.com.pa/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.89.53.28 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
0eaf24c5ab0ecfaeabdd6a446a9194ffbdadf1f445ee07a9d5e5507be0f6e7f2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://staging-account.mybox.com.pa/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=15552000; includeSubDomains; preload
Content-Encoding
gzip
ETag
W/"670548f1-9367d"
Connection
keep-alive
X-Permitted-Cross-Domain-Policies
master-only
X-Content-Type-Options
nosniff
Referrer-Policy
same-origin
Access-Control-Allow-Origin
*
Date
Thu, 10 Oct 2024 11:07:09 GMT
Last-Modified
Tue, 08 Oct 2024 15:00:01 GMT
Content-Type
application/javascript
Vary
Accept-Encoding, Accept-Encoding
Server
nginx
X-Frame-Options
SAMEORIGIN
39.3c732f4f351e1a6d38be.js
staging-account.mybox.com.pa/static/js/
5 MB
3 MB
Script
General
Full URL
https://staging-account.mybox.com.pa/static/js/39.3c732f4f351e1a6d38be.js
Requested by
Host: staging-account.mybox.com.pa
URL: https://staging-account.mybox.com.pa/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.89.53.28 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
0ab4d2c37d4c95fecdeee4df7e842de95d3085d5f68acd0aa72492f6ea4ed653
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://staging-account.mybox.com.pa/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=15552000; includeSubDomains; preload
Content-Encoding
gzip
ETag
W/"670548f1-482992"
Connection
keep-alive
X-Permitted-Cross-Domain-Policies
master-only
X-Content-Type-Options
nosniff
Referrer-Policy
same-origin
Access-Control-Allow-Origin
*
Date
Thu, 10 Oct 2024 11:07:09 GMT
Last-Modified
Tue, 08 Oct 2024 15:00:01 GMT
Content-Type
application/javascript
Vary
Accept-Encoding, Accept-Encoding
Server
nginx
X-Frame-Options
SAMEORIGIN
recaptcha__de.js
www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/
541 KB
215 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Ld4dCQaAAAAAGzlM9bnjCkatBsjSQyJA9YA1zOt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8635cb1f53e720094ad3494627fd904246c714272f0aaa563117f2688deaee24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://staging-account.mybox.com.pa
Referer

Response headers

content-encoding
gzip
age
16582
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Fri, 10 Oct 2025 06:30:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 10 Oct 2024 06:30:48 GMT
last-modified
Mon, 23 Sep 2024 04:00:50 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
219745
x-xss-protection
0
server
sffe
anchor
www.google.com/recaptcha/api2/ Frame 9112
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld4dCQaAAAAAGzlM9bnjCkatBsjSQyJA9YA1zOt&co=aHR0cHM6Ly9zdGFnaW5nLWFjY291bnQubXlib3guY29tLnBhOjQ0Mw..&hl=de&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=ewpiacq8ksd3
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LH5G9hFLD0r6gcw_TKt9xg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-LH5G9hFLD0r6gcw_TKt9xg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Thu, 10 Oct 2024 11:07:10 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://staging-account.mybox.com.pa
Referer
https://fonts.googleapis.com/

Response headers

age
184493
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 07:52:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 07:52:17 GMT
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
14892
x-xss-protection
0
server
sffe
1.6c692840e5a8fbdf70c5.js
staging-account.mybox.com.pa/static/js/
313 KB
82 KB
Script
General
Full URL
https://staging-account.mybox.com.pa/static/js/1.6c692840e5a8fbdf70c5.js
Requested by
Host: staging-account.mybox.com.pa
URL: https://staging-account.mybox.com.pa/static/js/runtime.c5079612444a5add1e1b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.89.53.28 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
ec6ee8900cce498ee47ff1530b97bcb7dbef9caa12557136b429999ec2f4e755
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://staging-account.mybox.com.pa/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=15552000; includeSubDomains; preload
Content-Encoding
gzip
ETag
W/"670548f1-4e55a"
Connection
keep-alive
X-Permitted-Cross-Domain-Policies
master-only
X-Content-Type-Options
nosniff
Referrer-Policy
same-origin
Access-Control-Allow-Origin
*
Date
Thu, 10 Oct 2024 11:07:11 GMT
Last-Modified
Tue, 08 Oct 2024 15:00:01 GMT
Content-Type
application/javascript
Vary
Accept-Encoding, Accept-Encoding
Server
nginx
X-Frame-Options
SAMEORIGIN
24.34a615a504db23bca64b.js
staging-account.mybox.com.pa/static/js/
4 KB
2 KB
Script
General
Full URL
https://staging-account.mybox.com.pa/static/js/24.34a615a504db23bca64b.js
Requested by
Host: staging-account.mybox.com.pa
URL: https://staging-account.mybox.com.pa/static/js/runtime.c5079612444a5add1e1b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.89.53.28 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
18d64a05b3deaa325ea7f17819727c004260e78f7926aabf87782a7e8d212bdb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://staging-account.mybox.com.pa/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=15552000; includeSubDomains; preload
Content-Encoding
gzip
ETag
W/"670548f1-e06"
Connection
keep-alive
X-Permitted-Cross-Domain-Policies
master-only
X-Content-Type-Options
nosniff
Referrer-Policy
same-origin
Access-Control-Allow-Origin
*
Date
Thu, 10 Oct 2024 11:07:11 GMT
Last-Modified
Tue, 08 Oct 2024 15:00:01 GMT
Content-Type
application/javascript
Vary
Accept-Encoding, Accept-Encoding
Server
nginx
X-Frame-Options
SAMEORIGIN
95.4fd7b05b84baa518ebfb.js
staging-account.mybox.com.pa/static/js/
4 KB
2 KB
Script
General
Full URL
https://staging-account.mybox.com.pa/static/js/95.4fd7b05b84baa518ebfb.js
Requested by
Host: staging-account.mybox.com.pa
URL: https://staging-account.mybox.com.pa/static/js/runtime.c5079612444a5add1e1b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.89.53.28 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
2311867ebd17d605513bcaa36b3883db57b6969d9ebb3f2a0c564a6fe9027fb2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://staging-account.mybox.com.pa/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=15552000; includeSubDomains; preload
Content-Encoding
gzip
ETag
W/"670548f1-1093"
Connection
keep-alive
X-Permitted-Cross-Domain-Policies
master-only
X-Content-Type-Options
nosniff
Referrer-Policy
same-origin
Access-Control-Allow-Origin
*
Date
Thu, 10 Oct 2024 11:07:11 GMT
Last-Modified
Tue, 08 Oct 2024 15:00:01 GMT
Content-Type
application/javascript
Vary
Accept-Encoding, Accept-Encoding
Server
nginx
X-Frame-Options
SAMEORIGIN
general-infos
staging.api.paketos.io/
451 B
796 B
XHR
General
Full URL
https://staging.api.paketos.io/general-infos
Requested by
Host: staging-account.mybox.com.pa
URL: https://staging-account.mybox.com.pa/static/js/41.961274a90f66702de127.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.88.208.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-88-208-125.compute-1.amazonaws.com
Software
Apache /
Resource Hash
c565b8f066077d6c33900a45ecbe012cf3ec8062f428b2999de0f02e3498a862
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

APP-AGENT
desktop
APP-VERSION
3.0
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
APP-DEVICE
web
APP-TYPE
customers-platform

Response headers

Transfer-Encoding
chunked
Cache-Control
no-cache, private
Connection
Keep-Alive
X-RateLimit-Remaining
39
Access-Control-Allow-Origin
*
Keep-Alive
timeout=5, max=100
Date
Thu, 10 Oct 2024 11:10:47 GMT
X-RateLimit-Limit
40
Content-Type
application/json
Server
Apache
X-Frame-Options
sameorigin
general-infos
staging.api.paketos.io/ Frame
0
0
Preflight
General
Full URL
https://staging.api.paketos.io/general-infos
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.88.208.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-88-208-125.compute-1.amazonaws.com
Software
Apache /
Resource Hash
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Accept
*/*
Access-Control-Request-Headers
app-agent,app-device,app-type,app-version
Access-Control-Request-Method
GET
Origin
https://staging-account.mybox.com.pa
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
app-agent,app-device,app-type,app-version
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Max-Age
0
Cache-Control
no-cache, private
Connection
close
Date
Thu, 10 Oct 2024 11:10:47 GMT
Server
Apache
Vary
Access-Control-Request-Method,Access-Control-Request-Headers
X-Frame-Options
sameorigin
favicon.png
staging-account.mybox.com.pa/
25 KB
26 KB
Other
General
Full URL
https://staging-account.mybox.com.pa/favicon.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.89.53.28 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
2890bc51a6ddb264ab8777e584293b3a42e9c5b12754aee150bbb94816a5e118
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://staging-account.mybox.com.pa/

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains; preload
ETag
"670548f1-648d"
Connection
keep-alive
X-Permitted-Cross-Domain-Policies
master-only
X-Content-Type-Options
nosniff
Referrer-Policy
same-origin
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
25741
Date
Thu, 10 Oct 2024 11:07:11 GMT
Content-Type
image/png
Last-Modified
Tue, 08 Oct 2024 15:00:01 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
6.7a4bc527c68d99f40cca.js
staging-account.mybox.com.pa/static/js/
602 B
927 B
Script
General
Full URL
https://staging-account.mybox.com.pa/static/js/6.7a4bc527c68d99f40cca.js
Requested by
Host: staging-account.mybox.com.pa
URL: https://staging-account.mybox.com.pa/static/js/runtime.c5079612444a5add1e1b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.89.53.28 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
63faff854a632f0b8d26fc6bbb5b041bed093a662afcb0a1ac48262b48d59543
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://staging-account.mybox.com.pa/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=15552000; includeSubDomains; preload
Content-Encoding
gzip
ETag
W/"670548f1-25a"
Connection
keep-alive
X-Permitted-Cross-Domain-Policies
master-only
X-Content-Type-Options
nosniff
Referrer-Policy
same-origin
Access-Control-Allow-Origin
*
Date
Thu, 10 Oct 2024 11:07:11 GMT
Last-Modified
Tue, 08 Oct 2024 15:00:01 GMT
Content-Type
application/javascript
Vary
Accept-Encoding, Accept-Encoding
Server
nginx
X-Frame-Options
SAMEORIGIN
62.75e3ba98edca96dd476e.js
staging-account.mybox.com.pa/static/js/
12 KB
4 KB
Script
General
Full URL
https://staging-account.mybox.com.pa/static/js/62.75e3ba98edca96dd476e.js
Requested by
Host: staging-account.mybox.com.pa
URL: https://staging-account.mybox.com.pa/static/js/runtime.c5079612444a5add1e1b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.89.53.28 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
d95567d1f4c19b9f04477a1d684fe50bc8214517d82e188254194f5f535f3a87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://staging-account.mybox.com.pa/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=15552000; includeSubDomains; preload
Content-Encoding
gzip
ETag
W/"670548f1-2eac"
Connection
keep-alive
X-Permitted-Cross-Domain-Policies
master-only
X-Content-Type-Options
nosniff
Referrer-Policy
same-origin
Access-Control-Allow-Origin
*
Date
Thu, 10 Oct 2024 11:07:11 GMT
Last-Modified
Tue, 08 Oct 2024 15:00:01 GMT
Content-Type
application/javascript
Vary
Accept-Encoding, Accept-Encoding
Server
nginx
X-Frame-Options
SAMEORIGIN
truncated
/
1 MB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
593fea76b21c2d4b6bc9f61b9da267fb5c0a33f6575b1b4b6f952e1441a24791

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
login-animation.json
staging-account.mybox.com.pa/static/animations/paketos/
165 KB
121 KB
XHR
General
Full URL
https://staging-account.mybox.com.pa/static/animations/paketos/login-animation.json
Requested by
Host: staging-account.mybox.com.pa
URL: https://staging-account.mybox.com.pa/static/js/1.6c692840e5a8fbdf70c5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.89.53.28 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
01e5018923cf3c43749162b4c036e29cb9b96e07b2830b39cb7a2299c8bdfcc9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://staging-account.mybox.com.pa/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=15552000; includeSubDomains; preload
Content-Encoding
gzip
ETag
W/"670548f1-2945c"
Connection
keep-alive
X-Permitted-Cross-Domain-Policies
master-only
X-Content-Type-Options
nosniff
Referrer-Policy
same-origin
Access-Control-Allow-Origin
*
Date
Thu, 10 Oct 2024 11:07:11 GMT
Last-Modified
Tue, 08 Oct 2024 15:00:01 GMT
Content-Type
application/json
Vary
Accept-Encoding, Accept-Encoding
Server
nginx
X-Frame-Options
SAMEORIGIN
fa-light-300.ab77923.woff2
staging-account.mybox.com.pa/static/fonts/
453 KB
453 KB
Font
General
Full URL
https://staging-account.mybox.com.pa/static/fonts/fa-light-300.ab77923.woff2
Requested by
Host: staging-account.mybox.com.pa
URL: https://staging-account.mybox.com.pa/static/css/styles.dc2fc90903c9a64ed146.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.89.53.28 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
1cfbe46cfc23208be221c406a3baf168290e92994b17714ab6ed925b089cf451
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://staging-account.mybox.com.pa
Referer
https://staging-account.mybox.com.pa/static/css/styles.dc2fc90903c9a64ed146.css

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains; preload
ETag
"670548f1-7129c"
Connection
keep-alive
X-Permitted-Cross-Domain-Policies
master-only
X-Content-Type-Options
nosniff
Referrer-Policy
same-origin
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
463516
Date
Thu, 10 Oct 2024 11:07:11 GMT
Content-Type
font/woff2
Last-Modified
Tue, 08 Oct 2024 15:00:01 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://staging-account.mybox.com.pa
Referer
https://fonts.googleapis.com/

Response headers

age
213658
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 07 Oct 2025 23:46:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 07 Oct 2024 23:46:13 GMT
last-modified
Thu, 01 Jun 2023 22:52:57 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
14712
x-xss-protection
0
server
sffe
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/
14 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://staging-account.mybox.com.pa
Referer
https://fonts.googleapis.com/

Response headers

age
220197
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 07 Oct 2025 21:57:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 07 Oct 2024 21:57:14 GMT
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
14824
x-xss-protection
0
server
sffe
fa-solid-900.4e862e2.woff2
staging-account.mybox.com.pa/static/fonts/
344 KB
345 KB
Font
General
Full URL
https://staging-account.mybox.com.pa/static/fonts/fa-solid-900.4e862e2.woff2
Requested by
Host: staging-account.mybox.com.pa
URL: https://staging-account.mybox.com.pa/static/css/styles.dc2fc90903c9a64ed146.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.89.53.28 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
c05768a13d9e0df4cfeb255d668359ab62b170b28a3513f9e94710f826013df4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://staging-account.mybox.com.pa
Referer
https://staging-account.mybox.com.pa/static/css/styles.dc2fc90903c9a64ed146.css

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains; preload
ETag
"670548f1-561f0"
Connection
keep-alive
X-Permitted-Cross-Domain-Policies
master-only
X-Content-Type-Options
nosniff
Referrer-Policy
same-origin
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
352752
Date
Thu, 10 Oct 2024 11:07:11 GMT
Content-Type
font/woff2
Last-Modified
Tue, 08 Oct 2024 15:00:01 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
truncated
/
18 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
048966521ff64884e0e460185e3e20a5f20b039836c6a524fc5d8dbdb84f4420

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
27 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
004b34c12441ed812df659cedddad093f0aa34ac15c292dcbbe6d3582c322deb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
54 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1a0c9e92172d27fb042ce164667319d9ca3004c161a1e26e884d14f97df23fe4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
23 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9a123fe39d90b097c59ba81b9ec7bf3acf481ab6e41a4d033caebfce5698df14

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| webpackJsonp object| recaptcha object| __core-js_shared__ object| closure_lm_198429

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
staging-account.mybox.com.pa
staging.api.paketos.io
www.google.com
www.gstatic.com
159.89.53.28
2a00:1450:4001:81d::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2004
2a00:1450:4001:830::200a
3.88.208.125
004b34c12441ed812df659cedddad093f0aa34ac15c292dcbbe6d3582c322deb
01e5018923cf3c43749162b4c036e29cb9b96e07b2830b39cb7a2299c8bdfcc9
048966521ff64884e0e460185e3e20a5f20b039836c6a524fc5d8dbdb84f4420
0ab4d2c37d4c95fecdeee4df7e842de95d3085d5f68acd0aa72492f6ea4ed653
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
0eaf24c5ab0ecfaeabdd6a446a9194ffbdadf1f445ee07a9d5e5507be0f6e7f2
18d64a05b3deaa325ea7f17819727c004260e78f7926aabf87782a7e8d212bdb
1a0c9e92172d27fb042ce164667319d9ca3004c161a1e26e884d14f97df23fe4
1cfbe46cfc23208be221c406a3baf168290e92994b17714ab6ed925b089cf451
2311867ebd17d605513bcaa36b3883db57b6969d9ebb3f2a0c564a6fe9027fb2
2890bc51a6ddb264ab8777e584293b3a42e9c5b12754aee150bbb94816a5e118
52509ab6991a504dd049bcd36abd50e2700d002b533e6aed0abea5cf0284aa1d
593fea76b21c2d4b6bc9f61b9da267fb5c0a33f6575b1b4b6f952e1441a24791
5a3caccba6fd4ae558536980bcb4c3a43f87fe2256b86f64dd4c1de13fa55325
63faff854a632f0b8d26fc6bbb5b041bed093a662afcb0a1ac48262b48d59543
6607880ca1838bc56fa1798c6d2f9813e3374efca4b26178dc352823ce207e42
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
8635cb1f53e720094ad3494627fd904246c714272f0aaa563117f2688deaee24
94bc4f1d4a4f74b89718155d61e2888ec96103acba6c0970fde63fa832649d34
9a123fe39d90b097c59ba81b9ec7bf3acf481ab6e41a4d033caebfce5698df14
ac1ade5f4fc65f0c322d34112bdedc08f8da1086dc149aad69ffed567b9cb258
b3be4df5795c0708ce153949dbccc57351878e5e6155c43a925db5ba5e5bdf2f
c05768a13d9e0df4cfeb255d668359ab62b170b28a3513f9e94710f826013df4
c565b8f066077d6c33900a45ecbe012cf3ec8062f428b2999de0f02e3498a862
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
d95567d1f4c19b9f04477a1d684fe50bc8214517d82e188254194f5f535f3a87
ec6ee8900cce498ee47ff1530b97bcb7dbef9caa12557136b429999ec2f4e755