urlscan.io logo urlscan.io
SecurityTrails logo

dev-payments-onboarding.jupiterhq.com Open in urlscan Pro
13.56.241.246  Public Scan

Go To Rescan Add Verdict Report
URL: https://dev-payments-onboarding.jupiterhq.com/login.php
Submission Tags: krdtest
Submission: On May 24 via api from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 18 HTTP transactions. The main IP is 13.56.241.246, located in San Jose, United States and belongs to AMAZON-02, US. The main domain is dev-payments-onboarding.jupiterhq.com.
TLS certificate: Issued by R3 on May 24th 2021. Valid for: 3 months.
This is the only time dev-payments-onboarding.jupiterhq.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 13.56.241.246 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 23.111.9.38 33438 (HIGHWINDS2)
2 52.84.49.32 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
18 6
12    13.56.241.246 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-56-241-246.us-west-1.compute.amazonaws.com
dev-payments-onboarding.jupiterhq.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    23.111.9.38 (United States)

ASN33438 (HIGHWINDS2, US)
cdn.mouseflow.com
2    52.84.49.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-49-32.mrs52.r.cloudfront.net
cdn.plaid.com
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Domain Requested by
12 dev-payments-onboarding.jupiterhq.com dev-payments-onboarding.jupiterhq.com
2 cdn.plaid.com dev-payments-onboarding.jupiterhq.com
cdn.plaid.com
2 cdn.mouseflow.com 1 redirects dev-payments-onboarding.jupiterhq.com
1 www.gstatic.com www.google.com
1 www.google.com dev-payments-onboarding.jupiterhq.com
1 fonts.googleapis.com dev-payments-onboarding.jupiterhq.com
18 6

This site contains no links.

Subject Issuer Validity Valid
dev-payments-api.jupiterhq.com
R3		 2021-05-24 -
2021-08-22		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.mouseflow.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-12 -
2022-09-14		 2 years crt.sh
secure.plaid.com
DigiCert SHA2 Extended Validation Server CA		 2020-04-17 -
2022-04-22		 2 years crt.sh
*.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://dev-payments-onboarding.jupiterhq.com/login.php
Frame ID: 01EDCC53CD1185EC5EDA1B2EB74CF084
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

18
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

664 kB
Transfer

2038 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://cdn.mouseflow.com/projects/f75dbfd7-fecd-483e-9685-b121bdbd88b8.js HTTP 301
  • https://cdn.mouseflow.com/projects/f75dbfd7-fecd-483e-9685-b121bdbd88b8_eu.js

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.php
dev-payments-onboarding.jupiterhq.com/ 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dev-payments-onboarding.jupiterhq.com/login.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.56.241.246 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-56-241-246.us-west-1.compute.amazonaws.com
Software
nginx/1.19.10 /
Resource Hash
c90f454199cb95c9d1f06188e4c4798736c92171df3ba94805ea3f2bb66d42be
Security Headers
Name Value
Content-Security-Policy default-src *.jupiterhq.com *.mouseflow.com https://api.ipfind.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.gstatic.com/recaptcha/ https://fonts.googleapis.com https://use.fontawesome.com 'self'; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.googleapis.com 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Host
dev-payments-onboarding.jupiterhq.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx/1.19.10
Date
Mon, 24 May 2021 12:49:30 GMT
Content-Type
text/html
Content-Length
1621
Connection
keep-alive
Last-Modified
Mon, 24 May 2021 04:05:59 GMT
Vary
Accept-Encoding
ETag
"60ab2627-655"
Content-Security-Policy
default-src *.jupiterhq.com *.mouseflow.com https://api.ipfind.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.gstatic.com/recaptcha/ https://fonts.googleapis.com https://use.fontawesome.com 'self'; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.googleapis.com 'unsafe-inline';
Strict-Transport-Security
max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
X-Xss-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Accept-Ranges
bytes
app.9fc18f93.css
dev-payments-onboarding.jupiterhq.com/css/ 		563 B
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dev-payments-onboarding.jupiterhq.com/css/app.9fc18f93.css
Requested by
Host: dev-payments-onboarding.jupiterhq.com
URL: https://dev-payments-onboarding.jupiterhq.com/login.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.56.241.246 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-56-241-246.us-west-1.compute.amazonaws.com
Software
nginx/1.19.10 /
Resource Hash
8c42d8ecb7f5bb1c0f385c735e779da08bf3e47540dbbbc83eb70a5abaa9a326
Security Headers
Name Value
Content-Security-Policy default-src *.jupiterhq.com *.mouseflow.com https://api.ipfind.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.gstatic.com/recaptcha/ https://fonts.googleapis.com https://use.fontawesome.com 'self'; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.googleapis.com 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
dev-payments-onboarding.jupiterhq.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://dev-payments-onboarding.jupiterhq.com/login.php
Connection
keep-alive
Referer
https://dev-payments-onboarding.jupiterhq.com/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 24 May 2021 12:49:31 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 24 May 2021 04:05:59 GMT
Server
nginx/1.19.10
X-Frame-Options
DENY
ETag
"60ab2627-233"
Strict-Transport-Security
max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
Content-Type
text/css
Content-Security-Policy
default-src *.jupiterhq.com *.mouseflow.com https://api.ipfind.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.gstatic.com/recaptcha/ https://fonts.googleapis.com https://use.fontawesome.com 'self'; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.googleapis.com 'unsafe-inline';
Connection
keep-alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
563
X-Xss-Protection
1; mode=block
chunk-vendors.2d5f29c2.css
dev-payments-onboarding.jupiterhq.com/css/ 		524 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dev-payments-onboarding.jupiterhq.com/css/chunk-vendors.2d5f29c2.css
Requested by
Host: dev-payments-onboarding.jupiterhq.com
URL: https://dev-payments-onboarding.jupiterhq.com/login.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.56.241.246 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-56-241-246.us-west-1.compute.amazonaws.com
Software
nginx/1.19.10 /
Resource Hash
32b495b9de6db5a67e8ee26fe8e5a99bfd2fbe45613dec6b208e72cb1f1245f5
Security Headers
Name Value
Content-Security-Policy default-src *.jupiterhq.com *.mouseflow.com https://api.ipfind.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.gstatic.com/recaptcha/ https://fonts.googleapis.com https://use.fontawesome.com 'self'; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.googleapis.com 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
dev-payments-onboarding.jupiterhq.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://dev-payments-onboarding.jupiterhq.com/login.php
Connection
keep-alive
Referer
https://dev-payments-onboarding.jupiterhq.com/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 24 May 2021 12:49:31 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 24 May 2021 04:05:59 GMT
Server
nginx/1.19.10
X-Frame-Options
DENY
ETag
"60ab2627-20c"
Strict-Transport-Security
max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
Content-Type
text/css
Content-Security-Policy
default-src *.jupiterhq.com *.mouseflow.com https://api.ipfind.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.gstatic.com/recaptcha/ https://fonts.googleapis.com https://use.fontawesome.com 'self'; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.googleapis.com 'unsafe-inline';
Connection
keep-alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
524
X-Xss-Protection
1; mode=block
app.a7412c7d.js
dev-payments-onboarding.jupiterhq.com/js/ 		270 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev-payments-onboarding.jupiterhq.com/js/app.a7412c7d.js
Requested by
Host: dev-payments-onboarding.jupiterhq.com
URL: https://dev-payments-onboarding.jupiterhq.com/login.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.56.241.246 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-56-241-246.us-west-1.compute.amazonaws.com
Software
nginx/1.19.10 /
Resource Hash
6bfff6738eaf05b6612ca7b0db0c8227e298c993e237c19a2ae03243c9ade12f
Security Headers
Name Value
Content-Security-Policy default-src *.jupiterhq.com *.mouseflow.com https://api.ipfind.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.gstatic.com/recaptcha/ https://fonts.googleapis.com https://use.fontawesome.com 'self'; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.googleapis.com 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
dev-payments-onboarding.jupiterhq.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://dev-payments-onboarding.jupiterhq.com/login.php
Connection
keep-alive
Referer
https://dev-payments-onboarding.jupiterhq.com/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 24 May 2021 12:49:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 24 May 2021 04:05:59 GMT
Server
nginx/1.19.10
X-Frame-Options
DENY
ETag
W/"60ab2627-4387b"
Strict-Transport-Security
max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
Content-Type
application/javascript
Transfer-Encoding
chunked
Content-Security-Policy
default-src *.jupiterhq.com *.mouseflow.com https://api.ipfind.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.gstatic.com/recaptcha/ https://fonts.googleapis.com https://use.fontawesome.com 'self'; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.googleapis.com 'unsafe-inline';
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
X-Xss-Protection
1; mode=block
chunk-vendors.dbddc8a2.js
dev-payments-onboarding.jupiterhq.com/js/ 		808 KB
259 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev-payments-onboarding.jupiterhq.com/js/chunk-vendors.dbddc8a2.js
Requested by
Host: dev-payments-onboarding.jupiterhq.com
URL: https://dev-payments-onboarding.jupiterhq.com/login.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.56.241.246 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-56-241-246.us-west-1.compute.amazonaws.com
Software
nginx/1.19.10 /
Resource Hash
c7754a8b5c1c88105a69f9181a5da09c7ad2404a7661fe55ee41031b6bba8ca5
Security Headers
Name Value
Content-Security-Policy default-src *.jupiterhq.com *.mouseflow.com https://api.ipfind.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.gstatic.com/recaptcha/ https://fonts.googleapis.com https://use.fontawesome.com 'self'; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.googleapis.com 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
dev-payments-onboarding.jupiterhq.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://dev-payments-onboarding.jupiterhq.com/login.php
Connection
keep-alive
Referer
https://dev-payments-onboarding.jupiterhq.com/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 24 May 2021 12:49:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 24 May 2021 04:05:59 GMT
Server
nginx/1.19.10
X-Frame-Options
DENY
ETag
W/"60ab2627-c9ecf"
Strict-Transport-Security
max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
Content-Type
application/javascript
Transfer-Encoding
chunked
Content-Security-Policy
default-src *.jupiterhq.com *.mouseflow.com https://api.ipfind.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.gstatic.com/recaptcha/ https://fonts.googleapis.com https://use.fontawesome.com 'self'; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.googleapis.com 'unsafe-inline';
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
X-Xss-Protection
1; mode=block
bootstrap.min.css
dev-payments-onboarding.jupiterhq.com/static/bootstrap/ 		141 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dev-payments-onboarding.jupiterhq.com/static/bootstrap/bootstrap.min.css
Requested by
Host: dev-payments-onboarding.jupiterhq.com
URL: https://dev-payments-onboarding.jupiterhq.com/login.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.56.241.246 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-56-241-246.us-west-1.compute.amazonaws.com
Software
nginx/1.19.10 /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Security Headers
Name Value
Content-Security-Policy default-src *.jupiterhq.com *.mouseflow.com https://api.ipfind.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.gstatic.com/recaptcha/ https://fonts.googleapis.com https://use.fontawesome.com 'self'; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.googleapis.com 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
dev-payments-onboarding.jupiterhq.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://dev-payments-onboarding.jupiterhq.com/login.php
Connection
keep-alive
Referer
https://dev-payments-onboarding.jupiterhq.com/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 24 May 2021 12:49:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 24 May 2021 04:05:59 GMT
Server
nginx/1.19.10
X-Frame-Options
DENY
ETag
W/"60ab2627-235ed"
Strict-Transport-Security
max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
Content-Type
text/css
Transfer-Encoding
chunked
Content-Security-Policy
default-src *.jupiterhq.com *.mouseflow.com https://api.ipfind.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.gstatic.com/recaptcha/ https://fonts.googleapis.com https://use.fontawesome.com 'self'; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.googleapis.com 'unsafe-inline';
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
X-Xss-Protection
1; mode=block
css
fonts.googleapis.com/ 		18 KB
972 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
Requested by
Host: dev-payments-onboarding.jupiterhq.com
URL: https://dev-payments-onboarding.jupiterhq.com/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0e3c3790d3ef5f000a5eb4242e477574ee5f23298bca99dc2c81fd007afd45b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://dev-payments-onboarding.jupiterhq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 24 May 2021 10:52:26 GMT
server
ESF
date
Mon, 24 May 2021 12:49:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 24 May 2021 12:49:31 GMT
all.min.css
dev-payments-onboarding.jupiterhq.com/static/fontawesome-5-5-0/css/ 		50 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dev-payments-onboarding.jupiterhq.com/static/fontawesome-5-5-0/css/all.min.css
Requested by
Host: dev-payments-onboarding.jupiterhq.com
URL: https://dev-payments-onboarding.jupiterhq.com/login.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.56.241.246 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-56-241-246.us-west-1.compute.amazonaws.com
Software
nginx/1.19.10 /
Resource Hash
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
Security Headers
Name Value
Content-Security-Policy default-src *.jupiterhq.com *.mouseflow.com https://api.ipfind.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.gstatic.com/recaptcha/ https://fonts.googleapis.com https://use.fontawesome.com 'self'; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.googleapis.com 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
dev-payments-onboarding.jupiterhq.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://dev-payments-onboarding.jupiterhq.com/login.php
Connection
keep-alive
Referer
https://dev-payments-onboarding.jupiterhq.com/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 24 May 2021 12:49:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 24 May 2021 04:05:59 GMT
Server
nginx/1.19.10
X-Frame-Options
DENY
ETag
W/"60ab2627-c80f"
Strict-Transport-Security
max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
Content-Type
text/css
Transfer-Encoding
chunked
Content-Security-Policy
default-src *.jupiterhq.com *.mouseflow.com https://api.ipfind.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.gstatic.com/recaptcha/ https://fonts.googleapis.com https://use.fontawesome.com 'self'; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.googleapis.com 'unsafe-inline';
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
X-Xss-Protection
1; mode=block
style.css
dev-payments-onboarding.jupiterhq.com/static/css/ 		26 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dev-payments-onboarding.jupiterhq.com/static/css/style.css
Requested by
Host: dev-payments-onboarding.jupiterhq.com
URL: https://dev-payments-onboarding.jupiterhq.com/login.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.56.241.246 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-56-241-246.us-west-1.compute.amazonaws.com
Software
nginx/1.19.10 /
Resource Hash
f1f0694710f6c700c84d90646c08cd4c0626b97e75e72a8f14b93341d4fce226
Security Headers
Name Value
Content-Security-Policy default-src *.jupiterhq.com *.mouseflow.com https://api.ipfind.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.gstatic.com/recaptcha/ https://fonts.googleapis.com https://use.fontawesome.com 'self'; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.googleapis.com 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
dev-payments-onboarding.jupiterhq.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://dev-payments-onboarding.jupiterhq.com/login.php
Connection
keep-alive
Referer
https://dev-payments-onboarding.jupiterhq.com/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 24 May 2021 12:49:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 24 May 2021 04:05:59 GMT
Server
nginx/1.19.10
X-Frame-Options
DENY
ETag
W/"60ab2627-6834"
Strict-Transport-Security
max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
Content-Type
text/css
Transfer-Encoding
chunked
Content-Security-Policy
default-src *.jupiterhq.com *.mouseflow.com https://api.ipfind.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.gstatic.com/recaptcha/ https://fonts.googleapis.com https://use.fontawesome.com 'self'; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.googleapis.com 'unsafe-inline';
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
X-Xss-Protection
1; mode=block
responsive.css
dev-payments-onboarding.jupiterhq.com/static/css/ 		6 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dev-payments-onboarding.jupiterhq.com/static/css/responsive.css
Requested by
Host: dev-payments-onboarding.jupiterhq.com
URL: https://dev-payments-onboarding.jupiterhq.com/login.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.56.241.246 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-56-241-246.us-west-1.compute.amazonaws.com
Software
nginx/1.19.10 /
Resource Hash
61e010775f36a82479ca371ce93fdf040fc1b0e98cc601c1841bde81c9cb1c5b
Security Headers
Name Value
Content-Security-Policy default-src *.jupiterhq.com *.mouseflow.com https://api.ipfind.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.gstatic.com/recaptcha/ https://fonts.googleapis.com https://use.fontawesome.com 'self'; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.googleapis.com 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
dev-payments-onboarding.jupiterhq.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://dev-payments-onboarding.jupiterhq.com/login.php
Connection
keep-alive
Referer
https://dev-payments-onboarding.jupiterhq.com/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 24 May 2021 12:49:31 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 24 May 2021 04:05:59 GMT
Server
nginx/1.19.10
X-Frame-Options
DENY
ETag
"60ab2627-1770"
Strict-Transport-Security
max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
Content-Type
text/css
Content-Security-Policy
default-src *.jupiterhq.com *.mouseflow.com https://api.ipfind.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.gstatic.com/recaptcha/ https://fonts.googleapis.com https://use.fontawesome.com 'self'; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.googleapis.com 'unsafe-inline';
Connection
keep-alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
6000
X-Xss-Protection
1; mode=block
jquery-3.2.1.slim.min.js
dev-payments-onboarding.jupiterhq.com/static/bootstrap/ 		68 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev-payments-onboarding.jupiterhq.com/static/bootstrap/jquery-3.2.1.slim.min.js
Requested by
Host: dev-payments-onboarding.jupiterhq.com
URL: https://dev-payments-onboarding.jupiterhq.com/login.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.56.241.246 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-56-241-246.us-west-1.compute.amazonaws.com
Software
nginx/1.19.10 /
Resource Hash
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
Security Headers
Name Value
Content-Security-Policy default-src *.jupiterhq.com *.mouseflow.com https://api.ipfind.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.gstatic.com/recaptcha/ https://fonts.googleapis.com https://use.fontawesome.com 'self'; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.googleapis.com 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
dev-payments-onboarding.jupiterhq.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://dev-payments-onboarding.jupiterhq.com/login.php
Connection
keep-alive
Referer
https://dev-payments-onboarding.jupiterhq.com/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 24 May 2021 12:49:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 24 May 2021 04:05:59 GMT
Server
nginx/1.19.10
X-Frame-Options
DENY
ETag
W/"60ab2627-10fdd"
Strict-Transport-Security
max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
Content-Type
application/javascript
Transfer-Encoding
chunked
Content-Security-Policy
default-src *.jupiterhq.com *.mouseflow.com https://api.ipfind.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.gstatic.com/recaptcha/ https://fonts.googleapis.com https://use.fontawesome.com 'self'; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.googleapis.com 'unsafe-inline';
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
X-Xss-Protection
1; mode=block
popper.min.js
dev-payments-onboarding.jupiterhq.com/static/bootstrap/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev-payments-onboarding.jupiterhq.com/static/bootstrap/popper.min.js
Requested by
Host: dev-payments-onboarding.jupiterhq.com
URL: https://dev-payments-onboarding.jupiterhq.com/login.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.56.241.246 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-56-241-246.us-west-1.compute.amazonaws.com
Software
nginx/1.19.10 /
Resource Hash
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
Security Headers
Name Value
Content-Security-Policy default-src *.jupiterhq.com *.mouseflow.com https://api.ipfind.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.gstatic.com/recaptcha/ https://fonts.googleapis.com https://use.fontawesome.com 'self'; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.googleapis.com 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
dev-payments-onboarding.jupiterhq.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://dev-payments-onboarding.jupiterhq.com/login.php
Connection
keep-alive
Referer
https://dev-payments-onboarding.jupiterhq.com/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 24 May 2021 12:49:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 24 May 2021 04:05:59 GMT
Server
nginx/1.19.10
X-Frame-Options
DENY
ETag
W/"60ab2627-4af4"
Strict-Transport-Security
max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
Content-Type
application/javascript
Transfer-Encoding
chunked
Content-Security-Policy
default-src *.jupiterhq.com *.mouseflow.com https://api.ipfind.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.gstatic.com/recaptcha/ https://fonts.googleapis.com https://use.fontawesome.com 'self'; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.googleapis.com 'unsafe-inline';
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
X-Xss-Protection
1; mode=block
bootstrap.min.js
dev-payments-onboarding.jupiterhq.com/static/bootstrap/ 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev-payments-onboarding.jupiterhq.com/static/bootstrap/bootstrap.min.js
Requested by
Host: dev-payments-onboarding.jupiterhq.com
URL: https://dev-payments-onboarding.jupiterhq.com/login.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.56.241.246 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-56-241-246.us-west-1.compute.amazonaws.com
Software
nginx/1.19.10 /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Security Headers
Name Value
Content-Security-Policy default-src *.jupiterhq.com *.mouseflow.com https://api.ipfind.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.gstatic.com/recaptcha/ https://fonts.googleapis.com https://use.fontawesome.com 'self'; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.googleapis.com 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
dev-payments-onboarding.jupiterhq.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://dev-payments-onboarding.jupiterhq.com/login.php
Connection
keep-alive
Referer
https://dev-payments-onboarding.jupiterhq.com/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 24 May 2021 12:49:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 24 May 2021 04:05:59 GMT
Server
nginx/1.19.10
X-Frame-Options
DENY
ETag
W/"60ab2627-bf30"
Strict-Transport-Security
max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
Content-Type
application/javascript
Transfer-Encoding
chunked
Content-Security-Policy
default-src *.jupiterhq.com *.mouseflow.com https://api.ipfind.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.gstatic.com/recaptcha/ https://fonts.googleapis.com https://use.fontawesome.com 'self'; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.googleapis.com 'unsafe-inline';
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
X-Xss-Protection
1; mode=block
api.js
www.google.com/recaptcha/ 		916 B
675 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=vueRecaptchaApiLoaded&render=explicit
Requested by
Host: dev-payments-onboarding.jupiterhq.com
URL: https://dev-payments-onboarding.jupiterhq.com/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1a613e51d908ad1f417597ffd801e57e692cbf78f55a63f472f1a0a224a1d137
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dev-payments-onboarding.jupiterhq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 24 May 2021 12:49:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
583
x-xss-protection
1; mode=block
expires
Mon, 24 May 2021 12:49:31 GMT
f75dbfd7-fecd-483e-9685-b121bdbd88b8_eu.js
cdn.mouseflow.com/projects/
Redirect Chain
  • https://cdn.mouseflow.com/projects/f75dbfd7-fecd-483e-9685-b121bdbd88b8.js
  • https://cdn.mouseflow.com/projects/f75dbfd7-fecd-483e-9685-b121bdbd88b8_eu.js
169 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mouseflow.com/projects/f75dbfd7-fecd-483e-9685-b121bdbd88b8_eu.js
Requested by
Host: dev-payments-onboarding.jupiterhq.com
URL: https://dev-payments-onboarding.jupiterhq.com/login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.38 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
7b552cbc8a8eda1bb7db8378fadfc9e57a1ce78cb18f22f54fdd1caa5220be05

Request headers

Referer
https://dev-payments-onboarding.jupiterhq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 24 May 2021 12:49:31 GMT
content-encoding
gzip
last-modified
Sun, 09 May 2021 15:00:21 GMT
server
NetDNA-cache/2.2
etag
W/"ad3548e444d71:0"
x-cache
MISS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400

Redirect headers

location
https://cdn.mouseflow.com/projects/f75dbfd7-fecd-483e-9685-b121bdbd88b8_eu.js
date
Mon, 24 May 2021 12:49:31 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
content-length
178
content-type
text/html
link-initialize.js
cdn.plaid.com/link/v2/stable/ 		77 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by
Host: dev-payments-onboarding.jupiterhq.com
URL: https://dev-payments-onboarding.jupiterhq.com/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.49.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-49-32.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
566af9c01456fabc3efdc102619de35638f8c0ff25bb6a8f7d258182d9c738de

Request headers

Referer
https://dev-payments-onboarding.jupiterhq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Ys.uG94N1xao_pLQC6FanhatF5C1xTIa
content-encoding
gzip
etag
W/"b74242c1a11692129729125b0bdae5c8"
x-amz-request-id
E9BE94KDCDRXCW1W
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-amz-id-2
H5vaHgTMp+SuIJPthS8iUJFXpw20dPcqrV8cbmWHhdFG+dhoiBUffRxE/dwnLVaXdoXzCjei6tI=
last-modified
Fri, 21 May 2021 16:30:20 GMT
server
AmazonS3
date
Sun, 23 May 2021 17:06:38 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 12e8a42696c6144c3ba187fe90f98448.cloudfront.net (CloudFront)
cache-control
no-cache,must-revalidate,max-age=0
x-amz-cf-pop
MRS52-P1
x-amz-cf-id
Tdv69DBYy5VGUsresQp0lTxwTv14FGaQJMm_EEJL2_GP8k3CxaXknw==
link-dynamic-loader.js
cdn.plaid.com/link/2.0.1026/ 		0
28 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.plaid.com/link/2.0.1026/link-dynamic-loader.js
Requested by
Host: cdn.plaid.com
URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.49.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-49-32.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dev-payments-onboarding.jupiterhq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
C4PhajuJC6ht2NR5n5aD_zGdfoBjb7je
content-encoding
gzip
etag
W/"4052e71a9143e4518f59a1b9a9917180"
age
70970
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 21 May 2021 16:30:20 GMT
server
AmazonS3
date
Sun, 23 May 2021 17:06:43 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 12e8a42696c6144c3ba187fe90f98448.cloudfront.net (CloudFront)
cache-control
max-age=10800
x-amz-cf-pop
MRS52-P1
x-amz-cf-id
DniJ7lzmYpFvKmhAmdHOOlgLKPxAWPlqpBpDpNVSADyMQT_oGI1H-Q==
recaptcha__en.js
www.gstatic.com/recaptcha/releases/eWmgPeIYKJsH2R2FrgakEIkq/ 		335 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/eWmgPeIYKJsH2R2FrgakEIkq/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=vueRecaptchaApiLoaded&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f8cb544f90b2c0399716bd41669bcef24768dd8c509a7c7d1c26ca9fe4efc0fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://dev-payments-onboarding.jupiterhq.com
Referer
https://dev-payments-onboarding.jupiterhq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 24 May 2021 11:44:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3909
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133858
x-xss-protection
0
last-modified
Mon, 17 May 2021 02:05:30 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 24 May 2022 11:44:23 GMT

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| Popper object| bootstrap object| Plaid object| __core-js_shared__ object| core object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| webpackJsonp function| Hammer function| vueRecaptchaApiLoaded object| regeneratorRuntime function| _ boolean| mouseflowDisableKeyLogging object| mouseflowHeatmap object| _mfq object| mouseflow

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src *.jupiterhq.com *.mouseflow.com https://api.ipfind.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.gstatic.com/recaptcha/ https://fonts.googleapis.com https://use.fontawesome.com 'self'; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.googleapis.com 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.mouseflow.com
cdn.plaid.com
dev-payments-onboarding.jupiterhq.com
fonts.googleapis.com
www.google.com
www.gstatic.com
13.56.241.246
23.111.9.38
2a00:1450:4001:800::200a
2a00:1450:4001:80e::2004
2a00:1450:4001:82f::2003
52.84.49.32
0e3c3790d3ef5f000a5eb4242e477574ee5f23298bca99dc2c81fd007afd45b9
1a613e51d908ad1f417597ffd801e57e692cbf78f55a63f472f1a0a224a1d137
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
32b495b9de6db5a67e8ee26fe8e5a99bfd2fbe45613dec6b208e72cb1f1245f5
566af9c01456fabc3efdc102619de35638f8c0ff25bb6a8f7d258182d9c738de
61e010775f36a82479ca371ce93fdf040fc1b0e98cc601c1841bde81c9cb1c5b
6bfff6738eaf05b6612ca7b0db0c8227e298c993e237c19a2ae03243c9ade12f
7b552cbc8a8eda1bb7db8378fadfc9e57a1ce78cb18f22f54fdd1caa5220be05
8c42d8ecb7f5bb1c0f385c735e779da08bf3e47540dbbbc83eb70a5abaa9a326
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
c7754a8b5c1c88105a69f9181a5da09c7ad2404a7661fe55ee41031b6bba8ca5
c90f454199cb95c9d1f06188e4c4798736c92171df3ba94805ea3f2bb66d42be
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
f1f0694710f6c700c84d90646c08cd4c0626b97e75e72a8f14b93341d4fce226
f8cb544f90b2c0399716bd41669bcef24768dd8c509a7c7d1c26ca9fe4efc0fb