auth.pandora.nativetouch.io Open in urlscan Pro
34.196.23.4 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://auth.pandora.nativetouch.io/
Submission: On February 22 via automatic, source certstream-suspicious (February 22nd 2023, 10:45:57 pm UTC) — Scanned from DE

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 17 HTTP transactions. The main IP is 34.196.23.4, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is auth.pandora.nativetouch.io.
TLS certificate: Issued by Amazon on March 30th 2022. Valid for: a year.

This is the only time auth.pandora.nativetouch.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	34.196.23.4 34.196.23.4	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3121::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	3

14 34.196.23.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-23-4.compute-1.amazonaws.com

auth.pandora.nativetouch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::c (United States)

ASN13335 (CLOUDFLARENET, US)

nativetouch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	nativetouch.io auth.pandora.nativetouch.io	646 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	2 KB
1	nativetouch.com nativetouch.com	4 KB
17	3

	Domain	Requested by
14	auth.pandora.nativetouch.io	auth.pandora.nativetouch.io
2	fonts.googleapis.com	client
1	nativetouch.com
17	3

This site contains no links.

Subject Issuer	Validity	Valid
auth.pandora.nativetouch.io Amazon	`2022-03-30` - `2023-04-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.nativetouch.com GTS CA 1P5	`2023-02-18` - `2023-05-19`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://auth.pandora.nativetouch.io/
Frame ID: DD39088F2370C8C8ACB1ABAA71C32AFF
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Platform Login

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

17
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

652 kB
Transfer

658 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
auth.pandora.nativetouch.io/ 594 B
1 KB 589ms
115ms Document
text/html 34.196.23.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.pandora.nativetouch.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.196.23.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-196-23-4.compute-1.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

52f93eda4b6eedd19bed43acaf9fbd6c615f1fa1ccc68eb631c6a29db25e605e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
cache-control: public, max-age=0
content-length: 594
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Wed, 22 Feb 2023 22:45:51 GMT
etag: W/"252-1860e23baa0"
expect-ct: max-age=0
last-modified: Wed, 01 Feb 2023 18:01:08 GMT
origin-agent-cluster: ?1
referrer-policy: no-referrer
server: nginx/1.20.0
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 200 vendor.39ad205f.js Show response
auth.pandora.nativetouch.io/js/ 258 KB
259 KB 230ms
229ms Script
application/javascript 34.196.23.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.pandora.nativetouch.io/js/vendor.39ad205f.js

Requested by

Host: auth.pandora.nativetouch.io
URL: https://auth.pandora.nativetouch.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.196.23.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-196-23-4.compute-1.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

64a618e56b286ad5afffad0087a7774a97ce9516fc7130cb6e134bdab3e1f82b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 22:45:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
content-length: 264264
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Wed, 01 Feb 2023 18:01:08 GMT
server: nginx/1.20.0
cross-origin-opener-policy: same-origin
etag: W/"40848-1860e23baa0"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/javascript; charset=UTF-8
origin-agent-cluster: ?1
x-download-options: noopen
cache-control: public, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 app.7c7cbeb6.js Show response
auth.pandora.nativetouch.io/js/ 13 KB
13 KB 459ms
458ms Script
application/javascript 34.196.23.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.pandora.nativetouch.io/js/app.7c7cbeb6.js

Requested by

Host: auth.pandora.nativetouch.io
URL: https://auth.pandora.nativetouch.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.196.23.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-196-23-4.compute-1.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

e19ce411ff636603ce1a7c50da9b6324a801c88cdda2a1b089b013a91d5b5d28

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 22:45:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
content-length: 13205
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Wed, 01 Feb 2023 18:01:08 GMT
server: nginx/1.20.0
cross-origin-opener-policy: same-origin
etag: W/"3395-1860e23baa0"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/javascript; charset=UTF-8
origin-agent-cluster: ?1
x-download-options: noopen
cache-control: public, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 vendor.032e019f.css
auth.pandora.nativetouch.io/css/ 243 KB
244 KB 455ms
455ms Stylesheet
text/css 34.196.23.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.pandora.nativetouch.io/css/vendor.032e019f.css

Requested by

Host: auth.pandora.nativetouch.io
URL: https://auth.pandora.nativetouch.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.196.23.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-196-23-4.compute-1.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

dd1942019aab128669ae143cff314d28146cf0d0bb97fcf6a374f1675bb3ad41

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 22:45:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
content-length: 249194
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Wed, 01 Feb 2023 18:01:08 GMT
server: nginx/1.20.0
cross-origin-opener-policy: same-origin
etag: W/"3cd6a-1860e23baa0"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Origin
content-type: text/css; charset=UTF-8
origin-agent-cluster: ?1
x-download-options: noopen
cache-control: public, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 app.d14a4284.css
auth.pandora.nativetouch.io/css/ 715 B
1 KB 457ms
457ms Stylesheet
text/css 34.196.23.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.pandora.nativetouch.io/css/app.d14a4284.css

Requested by

Host: auth.pandora.nativetouch.io
URL: https://auth.pandora.nativetouch.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.196.23.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-196-23-4.compute-1.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

ba0192ace1c9c7996edaef3f9200cbe9434e0c20b450c913e216e7c582c225db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 22:45:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
content-length: 715
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Wed, 01 Feb 2023 18:01:08 GMT
server: nginx/1.20.0
cross-origin-opener-policy: same-origin
etag: W/"2cb-1860e23baa0"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Origin
content-type: text/css; charset=UTF-8
origin-agent-cluster: ?1
x-download-options: noopen
cache-control: public, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 i Show response
auth.pandora.nativetouch.io/ 470 B
1 KB 146ms
146ms XHR
application/json 34.196.23.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.pandora.nativetouch.io/i

Requested by

Host: auth.pandora.nativetouch.io
URL: https://auth.pandora.nativetouch.io/js/vendor.39ad205f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.196.23.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-196-23-4.compute-1.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

78304ba4537242a50c30ca6d4bf17fa72c753f771e017d7c724fb427bc62736a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 22:45:52 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
content-length: 470
x-xss-protection: 0
referrer-policy: no-referrer
server: nginx/1.20.0
cross-origin-opener-policy: same-origin
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json; charset=utf-8
origin-agent-cluster: ?1
x-download-options: noopen
access-control-allow-credentials: true

GET
H2 200 44.71191e73.css
auth.pandora.nativetouch.io/css/ 149 B
675 B 126ms
125ms Stylesheet
text/css 34.196.23.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.pandora.nativetouch.io/css/44.71191e73.css

Requested by

Host: auth.pandora.nativetouch.io
URL: https://auth.pandora.nativetouch.io/js/app.7c7cbeb6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.196.23.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-196-23-4.compute-1.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

b5c1a8b61f52c9fb92c1f629de72ac63e289d9cfb266dfe234e0b30102c162f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 22:45:52 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
content-length: 149
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Wed, 01 Feb 2023 18:01:08 GMT
server: nginx/1.20.0
cross-origin-opener-policy: same-origin
etag: W/"95-1860e23baa0"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Origin
content-type: text/css; charset=UTF-8
origin-agent-cluster: ?1
x-download-options: noopen
cache-control: public, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 44.3043d16a.js Show response
auth.pandora.nativetouch.io/js/ 599 B
1 KB 131ms
130ms Script
application/javascript 34.196.23.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.pandora.nativetouch.io/js/44.3043d16a.js

Requested by

Host: auth.pandora.nativetouch.io
URL: https://auth.pandora.nativetouch.io/js/app.7c7cbeb6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.196.23.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-196-23-4.compute-1.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

07ea25b9277721fcb6b73a894d361349cebab853d0e1483779917545d039a68f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 22:45:52 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
content-length: 599
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Wed, 01 Feb 2023 18:01:08 GMT
server: nginx/1.20.0
cross-origin-opener-policy: same-origin
etag: W/"257-1860e23baa0"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/javascript; charset=UTF-8
origin-agent-cluster: ?1
x-download-options: noopen
cache-control: public, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 565.1a55418d.css
auth.pandora.nativetouch.io/css/ 543 B
1 KB 132ms
132ms Stylesheet
text/css 34.196.23.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.pandora.nativetouch.io/css/565.1a55418d.css

Requested by

Host: auth.pandora.nativetouch.io
URL: https://auth.pandora.nativetouch.io/js/app.7c7cbeb6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.196.23.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-196-23-4.compute-1.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

e001fe7de333815ac05250a0987f4364ff06db18de10ec25f98662329135433f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 22:45:52 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
content-length: 543
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Wed, 01 Feb 2023 18:01:08 GMT
server: nginx/1.20.0
cross-origin-opener-policy: same-origin
etag: W/"21f-1860e23baa0"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Origin
content-type: text/css; charset=UTF-8
origin-agent-cluster: ?1
x-download-options: noopen
cache-control: public, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 565.12b46e8c.js Show response
auth.pandora.nativetouch.io/js/ 4 KB
5 KB 139ms
138ms Script
application/javascript 34.196.23.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.pandora.nativetouch.io/js/565.12b46e8c.js

Requested by

Host: auth.pandora.nativetouch.io
URL: https://auth.pandora.nativetouch.io/js/app.7c7cbeb6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.196.23.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-196-23-4.compute-1.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

28ac17c48bf382c130e3088806230d6e4423631c3aa7054f285367c53b85b927

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 22:45:52 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
content-length: 4580
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Wed, 01 Feb 2023 18:01:08 GMT
server: nginx/1.20.0
cross-origin-opener-policy: same-origin
etag: W/"11e4-1860e23baa0"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/javascript; charset=UTF-8
origin-agent-cluster: ?1
x-download-options: noopen
cache-control: public, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 stylings Show response
auth.pandora.nativetouch.io/organizations/ 1 KB
1 KB 116ms
116ms XHR
application/json 34.196.23.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.pandora.nativetouch.io/organizations/stylings

Requested by

Host: auth.pandora.nativetouch.io
URL: https://auth.pandora.nativetouch.io/js/vendor.39ad205f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.196.23.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-196-23-4.compute-1.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

887573c05bd1096ce96a460e6679b42d62e35830c52a95ca960448b362f4f9be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
x-nt-cs: 4e0b03e5-3207-47cb-9686-17bcd9fe4998
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 22:45:52 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
content-length: 1032
x-xss-protection: 0
referrer-policy: no-referrer
server: nginx/1.20.0
cross-origin-opener-policy: same-origin
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json; charset=utf-8
origin-agent-cluster: ?1
x-download-options: noopen
access-control-allow-credentials: true

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 83ms
31ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli%3A200%2C200i%2C300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i&

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1dce22444085b1e1914bd8851d7373d99d48770a9153290b215be3b6a81a434f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 22 Feb 2023 22:45:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 22:24:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Feb 2023 22:45:52 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
739 B 85ms
33ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat&family=Roboto:wght@300&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4f6f023ee2cae05a4e47895856efa0068459cb7750c95103a370bc8a10edfb23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 22 Feb 2023 22:45:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 22:45:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Feb 2023 22:45:52 GMT

GET
H2 200 fa-brands-400.d878b0a6.woff2
auth.pandora.nativetouch.io/fonts/ 75 KB
76 KB 116ms
115ms Font
font/woff2 34.196.23.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.pandora.nativetouch.io/fonts/fa-brands-400.d878b0a6.woff2

Requested by

Host: auth.pandora.nativetouch.io
URL: https://auth.pandora.nativetouch.io/css/vendor.032e019f.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.196.23.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-196-23-4.compute-1.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
Origin: https://auth.pandora.nativetouch.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 22:45:52 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
content-length: 76736
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Wed, 01 Feb 2023 18:01:08 GMT
server: nginx/1.20.0
cross-origin-opener-policy: same-origin
etag: W/"12bc0-1860e23baa0"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Origin
content-type: font/woff2
access-control-allow-origin: https://auth.pandora.nativetouch.io
origin-agent-cluster: ?1
x-download-options: noopen
cache-control: public, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc-.ddd11dab.woff
auth.pandora.nativetouch.io/fonts/ 20 KB
21 KB 117ms
117ms Font
font/woff 34.196.23.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.pandora.nativetouch.io/fonts/KFOlCnqEu92Fr1MmEU9fBBc-.ddd11dab.woff

Requested by

Host: auth.pandora.nativetouch.io
URL: https://auth.pandora.nativetouch.io/css/vendor.032e019f.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.196.23.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-196-23-4.compute-1.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

bd811625271acca47f7dac48b460f13e08ee947b2a8e17e278c4d5ccb5d9323c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
Origin: https://auth.pandora.nativetouch.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 22:45:52 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
content-length: 20532
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Wed, 01 Feb 2023 18:01:08 GMT
server: nginx/1.20.0
cross-origin-opener-policy: same-origin
etag: W/"5034-1860e23baa0"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Origin
content-type: font/woff
access-control-allow-origin: https://auth.pandora.nativetouch.io
origin-agent-cluster: ?1
x-download-options: noopen
cache-control: public, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 KFOmCnqEu92Fr1Mu4mxM.9b78ea3b.woff
auth.pandora.nativetouch.io/fonts/ 20 KB
20 KB 116ms
116ms Font
font/woff 34.196.23.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.pandora.nativetouch.io/fonts/KFOmCnqEu92Fr1Mu4mxM.9b78ea3b.woff

Requested by

Host: auth.pandora.nativetouch.io
URL: https://auth.pandora.nativetouch.io/css/vendor.032e019f.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.196.23.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-196-23-4.compute-1.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

ea50ac7fddb61a5ce248a7f8b3a31a98fe16285e076b16e6da6b4e10910724bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
Origin: https://auth.pandora.nativetouch.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 22:45:52 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
content-length: 20332
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Wed, 01 Feb 2023 18:01:08 GMT
server: nginx/1.20.0
cross-origin-opener-policy: same-origin
etag: W/"4f6c-1860e23baa0"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Origin
content-type: font/woff
access-control-allow-origin: https://auth.pandora.nativetouch.io
origin-agent-cluster: ?1
x-download-options: noopen
cache-control: public, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 nativetouch-logo-white.png
nativetouch.com/wp-content/uploads/2019/03/ 4 KB
4 KB 254ms
135ms Image
image/png 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nativetouch.com/wp-content/uploads/2019/03/nativetouch-logo-white.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91185efb07cd43c706258af3ffd9840412b2c6e8a9afc6ba35dfc6636c19c2cf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 22:45:53 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 22 Mar 2019 14:52:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5c94f6b9-e6b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fw1yXtFMSczVBJwfgLp5Q4W8MeOeT%2FbFU7itaD21RA2tO4ZoFV6ovIrqQeRAkupjZL8Noun2smvahszmSigfNiyt4vn1YyrMb0aJEEyRJ4h2XVCp6kY%2FNvUpimw9ZfRMm2BWySPWriqqRw4LGcw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 79db412e1cfd37d1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3691

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.auth.pandora.nativetouch.io/	1970-01-20 09:51:49	Name: nt.cs Value: 4e0b03e5-3207-47cb-9686-17bcd9fe4998
			auth.pandora.nativetouch.io/	1970-01-20 09:51:47	Name: connect.sid Value: s%3AEwVdrQ45iEiVnPLqB_hz4rJ3WNhWN4TQ.6n58gdwV8R43HszMgVog%2BjV%2BkNh3PPf1lYy46J4ub%2FE

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.pandora.nativetouch.io
fonts.googleapis.com
nativetouch.com
2a00:1450:4001:803::200a
2a06:98c1:3121::c
34.196.23.4
07ea25b9277721fcb6b73a894d361349cebab853d0e1483779917545d039a68f
1dce22444085b1e1914bd8851d7373d99d48770a9153290b215be3b6a81a434f
28ac17c48bf382c130e3088806230d6e4423631c3aa7054f285367c53b85b927
4f6f023ee2cae05a4e47895856efa0068459cb7750c95103a370bc8a10edfb23
52f93eda4b6eedd19bed43acaf9fbd6c615f1fa1ccc68eb631c6a29db25e605e
64a618e56b286ad5afffad0087a7774a97ce9516fc7130cb6e134bdab3e1f82b
78304ba4537242a50c30ca6d4bf17fa72c753f771e017d7c724fb427bc62736a
887573c05bd1096ce96a460e6679b42d62e35830c52a95ca960448b362f4f9be
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
91185efb07cd43c706258af3ffd9840412b2c6e8a9afc6ba35dfc6636c19c2cf
b5c1a8b61f52c9fb92c1f629de72ac63e289d9cfb266dfe234e0b30102c162f1
ba0192ace1c9c7996edaef3f9200cbe9434e0c20b450c913e216e7c582c225db
bd811625271acca47f7dac48b460f13e08ee947b2a8e17e278c4d5ccb5d9323c
dd1942019aab128669ae143cff314d28146cf0d0bb97fcf6a374f1675bb3ad41
e001fe7de333815ac05250a0987f4364ff06db18de10ec25f98662329135433f
e19ce411ff636603ce1a7c50da9b6324a801c88cdda2a1b089b013a91d5b5d28
ea50ac7fddb61a5ce248a7f8b3a31a98fe16285e076b16e6da6b4e10910724bb

auth.pandora.nativetouch.io Open in urlscan Pro 34.196.23.4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

17 Requests

100 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

652 kBTransfer

658 kBSize

2 Cookies

0 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

auth.pandora.nativetouch.io Open in urlscan Pro
34.196.23.4 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

652 kB
Transfer

658 kB
Size

2
Cookies

17 HTTP transactions
0 data transactions