staging.claim2.me Open in urlscan Pro
54.78.134.111 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://staging.claim2.me/
Submission: On October 31 via automatic, source certstream-suspicious (October 31st 2023, 1:44:04 pm UTC) — Scanned from DE

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 12 HTTP transactions. The main IP is 54.78.134.111, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is staging.claim2.me.
TLS certificate: Issued by Amazon RSA 2048 M01 on April 2nd 2023. Valid for: a year.

This is the only time staging.claim2.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	54.78.134.111 54.78.134.111	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:480... 2a02:26f0:480:4b6::523	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
12	5

7 54.78.134.111 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-134-111.eu-west-1.compute.amazonaws.com

staging.claim2.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:4b6::523 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	claim2.me staging.claim2.me	968 KB
2	cloudinary.com res.cloudinary.com — Cisco Umbrella Rank: 2450	173 KB
1	gstatic.com fonts.gstatic.com	39 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 335	33 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	1 KB
12	5

	Domain	Requested by
7	staging.claim2.me	staging.claim2.me
2	res.cloudinary.com
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn.jsdelivr.net	staging.claim2.me
1	fonts.googleapis.com	staging.claim2.me
12	5

This site contains no links.

Subject Issuer	Validity	Valid
*.herokuapp.com Amazon RSA 2048 M01	`2023-04-02` - `2024-04-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2022-12-05` - `2023-12-30`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://staging.claim2.me/
Frame ID: B7A07CCF357ED4299F9BBFCA01060C05
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Claim2Me

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Cloudinary (CDN) Expand

Overall confidence: 80%
Detected patterns

<img[^>]+\.cloudinary\.com

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

12
Requests

42 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

1214 kB
Transfer

1412 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
staging.claim2.me/ 1 KB
2 KB 204ms
34ms Document
text/html 54.78.134.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://staging.claim2.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.134.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-134-111.eu-west-1.compute.amazonaws.com
Software: Cowboy / Express
Resource Hash: c8811acaa9c8c682ef7804cf08e87d658c51fd30230a9096749b372b27e9e0a8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: https://staging-claim2me-77cc36e5a343.herokuapp.com
Cache-Control: public, max-age=0
Connection: keep-alive
Content-Length: 1329
Content-Type: text/html; charset=UTF-8
Date: Tue, 31 Oct 2023 13:43:58 GMT
Etag: W/"531-18b85c18470"
Last-Modified: Tue, 31 Oct 2023 12:42:14 GMT
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1698759838&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=J3BWzEn6R4s45qNXbkmBWwBhTfMV8HsoKyg75XmAh%2Fc%3D"}]}
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1698759838&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=J3BWzEn6R4s45qNXbkmBWwBhTfMV8HsoKyg75XmAh%2Fc%3D
Server: Cowboy
Vary: Origin
Via: 1.1 vegur
X-Powered-By: Express

GET
H2 200 css2
fonts.googleapis.com/ 12 KB
1 KB 39ms
18ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito:wght@300;400;500;600;700;800;900&display=swap

Requested by

Host: staging.claim2.me
URL: https://staging.claim2.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b1d7a1e7a17f0797e39aeca5a7187360ddc5ced2f72e5d3d58b1d7f6f880dc79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging.claim2.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 31 Oct 2023 13:43:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:43:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Oct 2023 13:43:58 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/ 227 KB
33 KB 33ms
17ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css

Requested by

Host: staging.claim2.me
URL: https://staging.claim2.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f1d37f0d90b6385354c2ac10e2bb91563c46bd7a266ed351222ebcac8496c2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://staging.claim2.me/
Origin: https://staging.claim2.me
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 13:43:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 13297225
x-jsd-version: 5.3.0
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230088-FRA, cache-yyz4531-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"38dd2-sjFlHg/Wi72HWBifvTZCxGLTT6Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FvioVk6Dmx%2BhTsCZlwZCbELC9EIvY98TJv4g3s0XYvLHK%2Fgfv%2BnReQgK6p67OvQtFLaJcInQ7gPLhHZALynVtPm8SV2MUUgABOp9F7ViVBtHtrG1UT%2FTZDeqr6ClyQRQT9mqtfnsvYSz4hOv95Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 81ec5481aafabb86-FRA

GET
H/1.1 200
OK main.9f827f31.js Show response
staging.claim2.me/static/js/ 400 KB
401 KB 96ms
35ms Script
application/javascript 54.78.134.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://staging.claim2.me/static/js/main.9f827f31.js
Requested by: Host: staging.claim2.me
URL: https://staging.claim2.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.134.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-134-111.eu-west-1.compute.amazonaws.com
Software: Cowboy / Express
Resource Hash: d8f731dd3648c2faa1889d98def3c6a9ef1dc50fddb5a10be42d853d6cc71294

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging.claim2.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 13:43:59 GMT
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
X-Powered-By: Express
Connection: keep-alive
Content-Length: 410097
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1698759839&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=DW3rHiKWHQpxv1cP7APbN7MPHrjuz38PLYtNlzRpH7I%3D
Last-Modified: Tue, 31 Oct 2023 12:42:14 GMT
Server: Cowboy
Etag: W/"641f1-18b85c18470"
Vary: Origin
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1698759839&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=DW3rHiKWHQpxv1cP7APbN7MPHrjuz38PLYtNlzRpH7I%3D"}]}
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: https://staging-claim2me-77cc36e5a343.herokuapp.com
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK main.e58b17e9.css
staging.claim2.me/static/css/ 334 KB
335 KB 34ms
34ms Stylesheet
text/css 54.78.134.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://staging.claim2.me/static/css/main.e58b17e9.css
Requested by: Host: staging.claim2.me
URL: https://staging.claim2.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.134.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-134-111.eu-west-1.compute.amazonaws.com
Software: Cowboy / Express
Resource Hash: e83e51c61793aff805d74472b507f63265cab69ff830515d5ce0450749a607bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging.claim2.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 13:43:58 GMT
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
X-Powered-By: Express
Connection: keep-alive
Content-Length: 342212
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1698759838&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=J3BWzEn6R4s45qNXbkmBWwBhTfMV8HsoKyg75XmAh%2Fc%3D
Last-Modified: Tue, 31 Oct 2023 12:42:14 GMT
Server: Cowboy
Etag: W/"538c4-18b85c18470"
Vary: Origin
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1698759838&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=J3BWzEn6R4s45qNXbkmBWwBhTfMV8HsoKyg75XmAh%2Fc%3D"}]}
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Origin: https://staging-claim2me-77cc36e5a343.herokuapp.com
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK 8638.9fe0e798.chunk.js Show response
staging.claim2.me/static/js/ 118 KB
118 KB 33ms
33ms Script
application/javascript 54.78.134.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://staging.claim2.me/static/js/8638.9fe0e798.chunk.js
Requested by: Host: staging.claim2.me
URL: https://staging.claim2.me/static/js/main.9f827f31.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.134.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-134-111.eu-west-1.compute.amazonaws.com
Software: Cowboy / Express
Resource Hash: 6906744dc6144f6d9f6db5ed0e64616e386bb76fcd98f5541a781273fb516776

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging.claim2.me/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 13:43:59 GMT
Via: 1.1 vegur
Last-Modified: Tue, 31 Oct 2023 12:42:14 GMT
Server: Cowboy
X-Powered-By: Express
Etag: W/"1d6a9-18b85c18470"
Vary: Origin
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: https://staging-claim2me-77cc36e5a343.herokuapp.com
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 120489

GET
H/1.1 200
OK 5384.c6319e6f.chunk.js Show response
staging.claim2.me/static/js/ 37 KB
38 KB 36ms
35ms Script
application/javascript 54.78.134.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://staging.claim2.me/static/js/5384.c6319e6f.chunk.js
Requested by: Host: staging.claim2.me
URL: https://staging.claim2.me/static/js/main.9f827f31.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.134.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-134-111.eu-west-1.compute.amazonaws.com
Software: Cowboy / Express
Resource Hash: 1585924468ba9cd14cad26ba92dad83bcd0a5a320315109b7f35e8954b709ca1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging.claim2.me/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 13:43:59 GMT
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
X-Powered-By: Express
Connection: keep-alive
Content-Length: 37992
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1698759839&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=DW3rHiKWHQpxv1cP7APbN7MPHrjuz38PLYtNlzRpH7I%3D
Last-Modified: Tue, 31 Oct 2023 12:42:14 GMT
Server: Cowboy
Etag: W/"9468-18b85c18470"
Vary: Origin
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1698759839&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=DW3rHiKWHQpxv1cP7APbN7MPHrjuz38PLYtNlzRpH7I%3D"}]}
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: https://staging-claim2me-77cc36e5a343.herokuapp.com
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK 3024.6cbd1e88.chunk.js Show response
staging.claim2.me/static/js/ 7 KB
8 KB 69ms
35ms Script
application/javascript 54.78.134.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://staging.claim2.me/static/js/3024.6cbd1e88.chunk.js
Requested by: Host: staging.claim2.me
URL: https://staging.claim2.me/static/js/main.9f827f31.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.134.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-134-111.eu-west-1.compute.amazonaws.com
Software: Cowboy / Express
Resource Hash: b12861e405e19d8bc3745ab77856103dd2304aa82d01a9ec90ade087638963e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging.claim2.me/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 13:43:59 GMT
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
X-Powered-By: Express
Connection: keep-alive
Content-Length: 7251
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1698759839&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=DW3rHiKWHQpxv1cP7APbN7MPHrjuz38PLYtNlzRpH7I%3D
Last-Modified: Tue, 31 Oct 2023 12:42:14 GMT
Server: Cowboy
Etag: W/"1c53-18b85c18470"
Vary: Origin
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1698759839&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=DW3rHiKWHQpxv1cP7APbN7MPHrjuz38PLYtNlzRpH7I%3D"}]}
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: https://staging-claim2me-77cc36e5a343.herokuapp.com
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H2 200 logo_ekphb3.png
res.cloudinary.com/hxpyfeefk/image/upload/v1692264435/ 104 KB
105 KB 369ms
331ms Image
image/png 2a02:26f0:480:4b6::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/hxpyfeefk/image/upload/v1692264435/logo_ekphb3.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:4b6::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

ebeaec483463030dce5e1eb7ee709b04ccef781ffc9f1a331ab2698ccda987dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging.claim2.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 13:43:59 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Thu, 17 Aug 2023 09:27:16 GMT
server: Cloudinary
etag: "8c1b7e0d57bcc5aba37a1a579e43b1f9"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: cld-akam;dur=324;cpu=49;start=2023-10-31T13:43:59.414Z;desc=miss,rtt;dur=5,content-info;desc="width=1216,height=333,owidth=1216,oheight=333,obytes=106549",cloudinary;dur=167;start=2023-10-31T13:43:59.499Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 106549

GET
H/1.1 200
OK claim2me_icon.dc051d1d92f10f089bb0.png
staging.claim2.me/static/media/ 65 KB
65 KB 34ms
33ms Image
image/png 54.78.134.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staging.claim2.me/static/media/claim2me_icon.dc051d1d92f10f089bb0.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.134.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-134-111.eu-west-1.compute.amazonaws.com
Software: Cowboy / Express
Resource Hash: 3ac768f6944b6008a4ed41e67e7cea2e001b107461f26118d9cbd9cf3a1548a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging.claim2.me/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 13:43:59 GMT
Via: 1.1 vegur
Last-Modified: Tue, 31 Oct 2023 12:42:14 GMT
Server: Cowboy
X-Powered-By: Express
Etag: W/"10259-18b85c18470"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: https://staging-claim2me-77cc36e5a343.herokuapp.com
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66137

GET
H2 200 Slice_1_7_yhkece.png
res.cloudinary.com/hxpyfeefk/image/upload/v1692281712/ 68 KB
68 KB 60ms
23ms Image
image/png 2a02:26f0:480:4b6::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/hxpyfeefk/image/upload/v1692281712/Slice_1_7_yhkece.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:4b6::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

1a8bd59495b093c4390c65c8653d7c4104e6f68a930d8a666b4fe28ca5c07bad

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging.claim2.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 13:43:59 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Thu, 17 Aug 2023 14:15:13 GMT
server: Cloudinary
etag: "34dbfd55c97f5d05ec3f719cfb96bdfe"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: cld-akam;dur=15;start=2023-10-31T13:43:59.414Z;desc=miss,rtt;dur=5,content-info;desc="width=1641,height=1214,owidth=1641,oheight=1214,obytes=69595",cloudinary;dur=49;start=2023-10-31T13:18:37.009Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 69595

GET
H2 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v26/ 38 KB
39 KB 27ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito:wght@300;400;500;600;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://staging.claim2.me
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 18:24:14 GMT
x-content-type-options: nosniff
age: 415185
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39124
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:02:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 18:24:14 GMT

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
res.cloudinary.com
staging.claim2.me
2606:4700::6810:5614
2a00:1450:4001:828::200a
2a00:1450:4001:82f::2003
2a02:26f0:480:4b6::523
54.78.134.111
1585924468ba9cd14cad26ba92dad83bcd0a5a320315109b7f35e8954b709ca1
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
1a8bd59495b093c4390c65c8653d7c4104e6f68a930d8a666b4fe28ca5c07bad
3ac768f6944b6008a4ed41e67e7cea2e001b107461f26118d9cbd9cf3a1548a6
6906744dc6144f6d9f6db5ed0e64616e386bb76fcd98f5541a781273fb516776
7f1d37f0d90b6385354c2ac10e2bb91563c46bd7a266ed351222ebcac8496c2a
b12861e405e19d8bc3745ab77856103dd2304aa82d01a9ec90ade087638963e5
b1d7a1e7a17f0797e39aeca5a7187360ddc5ced2f72e5d3d58b1d7f6f880dc79
c8811acaa9c8c682ef7804cf08e87d658c51fd30230a9096749b372b27e9e0a8
d8f731dd3648c2faa1889d98def3c6a9ef1dc50fddb5a10be42d853d6cc71294
e83e51c61793aff805d74472b507f63265cab69ff830515d5ce0450749a607bc
ebeaec483463030dce5e1eb7ee709b04ccef781ffc9f1a331ab2698ccda987dd

staging.claim2.me Open in urlscan Pro 54.78.134.111 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

12 Requests

42 %HTTPS

80 %IPv6

5 Domains

5 Subdomains

5 IPs

3 Countries

1214 kBTransfer

1412 kBSize

0 Cookies

0 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

0 Cookies

Indicators

staging.claim2.me Open in urlscan Pro
54.78.134.111 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

42 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

1214 kB
Transfer

1412 kB
Size

0
Cookies

12 HTTP transactions
0 data transactions