URL: https://staging.customers.paketos.io/
Submission: On August 12 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 23 HTTP transactions. The main IP is 3.88.208.125, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is staging.customers.paketos.io.
TLS certificate: Issued by R10 on June 20th 2024. Valid for: 3 months.
This is the only time staging.customers.paketos.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 3.88.208.125 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
2 172.217.18.100 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.227 15169 (GOOGLE)
23 6
Apex Domain
Subdomains
Transfer
16 paketos.io
staging.customers.paketos.io
staging.api.paketos.io
2 MB
4 gstatic.com
www.gstatic.com
fonts.gstatic.com
257 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 10
987 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
23 4
Domain Requested by
14 staging.customers.paketos.io staging.customers.paketos.io
3 fonts.gstatic.com fonts.googleapis.com
2 staging.api.paketos.io staging.customers.paketos.io
2 www.google.com staging.customers.paketos.io
www.gstatic.com
1 www.gstatic.com www.google.com
1 fonts.googleapis.com staging.customers.paketos.io
23 6

This site contains no links.

Subject Issuer Validity Valid
staging.api.pakebox.com.co
R10
2024-06-20 -
2024-09-18
3 months crt.sh
upload.video.google.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
*.google.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
*.gstatic.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh

This page contains 2 frames:

Primary Page: https://staging.customers.paketos.io/
Frame ID: 89C4E9CCFA7D25A37E45E8940D15186C
Requests: 21 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld4dCQaAAAAAGzlM9bnjCkatBsjSQyJA9YA1zOt&co=aHR0cHM6Ly9zdGFnaW5nLmN1c3RvbWVycy5wYWtldG9zLmlvOjQ0Mw..&hl=de&v=_ZpyzC9NQw3gYt1GHTrnprhx&size=invisible&cb=hbyq4uymrjsl
Frame ID: 5DCD61CACB8AC47AE32BDB6C20BEE2F3
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Customers Platform - Paketos

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

23
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

6
Subdomains

6
IPs

2
Countries

1967 kB
Transfer

4280 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
staging.customers.paketos.io/
998 B
899 B
Document
General
Full URL
https://staging.customers.paketos.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.88.208.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-88-208-125.compute-1.amazonaws.com
Software
Apache /
Resource Hash
37d506254a7b66cbbb2ed028270a2566692d91ef87e721618a352a49148b33c7
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
549
Content-Type
text/html
Date
Mon, 12 Aug 2024 09:15:32 GMT
ETag
"3e6-61f185f28a7c0-gzip"
Keep-Alive
timeout=5, max=100
Last-Modified
Wed, 07 Aug 2024 14:03:16 GMT
Server
Apache
Vary
Accept-Encoding
X-Frame-Options
sameorigin
css
fonts.googleapis.com/
7 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&display=swap
Requested by
Host: staging.customers.paketos.io
URL: https://staging.customers.paketos.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5a3caccba6fd4ae558536980bcb4c3a43f87fe2256b86f64dd4c1de13fa55325
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://staging.customers.paketos.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 12 Aug 2024 09:11:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 12 Aug 2024 08:55:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Aug 2024 09:11:24 GMT
api.js
www.google.com/recaptcha/
1 KB
987 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?render=6Ld4dCQaAAAAAGzlM9bnjCkatBsjSQyJA9YA1zOt
Requested by
Host: staging.customers.paketos.io
URL: https://staging.customers.paketos.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f4.1e100.net
Software
GSE /
Resource Hash
ea82a86a7d8bbad3dd5eabec184dbb3145ab73fbd2029c3cff7ae88014102d71
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://staging.customers.paketos.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 09:11:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 12 Aug 2024 09:11:24 GMT
styles.e937f94f93d62f6d5ea5.css
staging.customers.paketos.io/static/css/
975 KB
160 KB
Stylesheet
General
Full URL
https://staging.customers.paketos.io/static/css/styles.e937f94f93d62f6d5ea5.css
Requested by
Host: staging.customers.paketos.io
URL: https://staging.customers.paketos.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.88.208.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-88-208-125.compute-1.amazonaws.com
Software
Apache /
Resource Hash
ae6124738f3618faaa28ef93cc77103c59f5378390104dc2f165f038513b1886
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Referer
https://staging.customers.paketos.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 09:15:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Aug 2024 14:03:16 GMT
Server
Apache
ETag
"f3dfa-61f185f2e83c0-gzip"
Vary
Accept-Encoding
X-Frame-Options
sameorigin
Content-Type
text/css
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
runtime.8b2970954db277f4ecb1.js
staging.customers.paketos.io/static/js/
5 KB
3 KB
Script
General
Full URL
https://staging.customers.paketos.io/static/js/runtime.8b2970954db277f4ecb1.js
Requested by
Host: staging.customers.paketos.io
URL: https://staging.customers.paketos.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.88.208.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-88-208-125.compute-1.amazonaws.com
Software
Apache /
Resource Hash
fe799f94e3efa7b5cb6ec9061bc6b1fbbe30d300518650eae559ca73184393ff
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Referer
https://staging.customers.paketos.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 09:15:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Aug 2024 14:03:16 GMT
Server
Apache
ETag
"14e4-61f185f2f9d00-gzip"
Vary
Accept-Encoding
X-Frame-Options
sameorigin
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
3049
0.b90c97cc023cc2247d9a.js
staging.customers.paketos.io/static/js/
10 KB
2 KB
Script
General
Full URL
https://staging.customers.paketos.io/static/js/0.b90c97cc023cc2247d9a.js
Requested by
Host: staging.customers.paketos.io
URL: https://staging.customers.paketos.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.88.208.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-88-208-125.compute-1.amazonaws.com
Software
Apache /
Resource Hash
b3be4df5795c0708ce153949dbccc57351878e5e6155c43a925db5ba5e5bdf2f
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Referer
https://staging.customers.paketos.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 09:15:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Aug 2024 14:03:16 GMT
Server
Apache
ETag
"264a-61f185f2f2000-gzip"
Vary
Accept-Encoding
X-Frame-Options
sameorigin
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1821
39.49c396a76437df30a06d.js
staging.customers.paketos.io/static/js/
590 KB
170 KB
Script
General
Full URL
https://staging.customers.paketos.io/static/js/39.49c396a76437df30a06d.js
Requested by
Host: staging.customers.paketos.io
URL: https://staging.customers.paketos.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.88.208.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-88-208-125.compute-1.amazonaws.com
Software
Apache /
Resource Hash
5ed4f0915c371a1de7891299feec6140e7e8f86e48baab77474eaaa03f0d92e3
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Referer
https://staging.customers.paketos.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 09:15:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Aug 2024 14:03:16 GMT
Server
Apache
ETag
"9367d-61f185f2f6e20-gzip"
Vary
Accept-Encoding
X-Frame-Options
sameorigin
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
37.0c04acd28c09a2f547a9.js
staging.customers.paketos.io/static/js/
1016 KB
518 KB
Script
General
Full URL
https://staging.customers.paketos.io/static/js/37.0c04acd28c09a2f547a9.js
Requested by
Host: staging.customers.paketos.io
URL: https://staging.customers.paketos.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.88.208.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-88-208-125.compute-1.amazonaws.com
Software
Apache /
Resource Hash
513c8319da575e13bcf3e0e60ee251bc63a2278c68a216f53856a9bc449af61d
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Referer
https://staging.customers.paketos.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 09:15:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Aug 2024 14:03:16 GMT
Server
Apache
ETag
"fdf94-61f185f2f6e20-gzip"
Vary
Accept-Encoding
X-Frame-Options
sameorigin
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
recaptcha__de.js
www.gstatic.com/recaptcha/releases/_ZpyzC9NQw3gYt1GHTrnprhx/
534 KB
213 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/_ZpyzC9NQw3gYt1GHTrnprhx/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Ld4dCQaAAAAAGzlM9bnjCkatBsjSQyJA9YA1zOt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e2c26febf7b51577d135dea6309dbbb01492c6e66dd157c3da5c7bdf293fc5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://staging.customers.paketos.io/
Origin
https://staging.customers.paketos.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 10 Aug 2024 11:05:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
165949
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
217245
x-xss-protection
0
last-modified
Tue, 06 Aug 2024 00:43:36 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Aug 2025 11:05:35 GMT
anchor
www.google.com/recaptcha/api2/ Frame 5DCD
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld4dCQaAAAAAGzlM9bnjCkatBsjSQyJA9YA1zOt&co=aHR0cHM6Ly9zdGFnaW5nLmN1c3RvbWVycy5wYWtldG9zLmlvOjQ0Mw..&hl=de&v=_ZpyzC9NQw3gYt1GHTrnprhx&size=invisible&cb=hbyq4uymrjsl
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_ZpyzC9NQw3gYt1GHTrnprhx/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1ikV0bq127mPh0DnywvPIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://staging.customers.paketos.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-1ikV0bq127mPh0DnywvPIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 12 Aug 2024 09:11:25 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://staging.customers.paketos.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 09:00:32 GMT
x-content-type-options
nosniff
age
432653
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Aug 2025 09:00:32 GMT
21.742a5694967b38955ebf.js
staging.customers.paketos.io/static/js/
3 KB
2 KB
Script
General
Full URL
https://staging.customers.paketos.io/static/js/21.742a5694967b38955ebf.js
Requested by
Host: staging.customers.paketos.io
URL: https://staging.customers.paketos.io/static/js/runtime.8b2970954db277f4ecb1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.88.208.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-88-208-125.compute-1.amazonaws.com
Software
Apache /
Resource Hash
0f5a78caf0e30691613eff1747a043a53d2f514f60ba248d2a8dc51052a8b9c1
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Referer
https://staging.customers.paketos.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 09:15:33 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Aug 2024 14:03:16 GMT
Server
Apache
ETag
"b3f-61f185f2f4ee0-gzip"
Vary
Accept-Encoding
X-Frame-Options
sameorigin
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1335
93.e63007f45aac9a90d610.js
staging.customers.paketos.io/static/js/
4 KB
2 KB
Script
General
Full URL
https://staging.customers.paketos.io/static/js/93.e63007f45aac9a90d610.js
Requested by
Host: staging.customers.paketos.io
URL: https://staging.customers.paketos.io/static/js/runtime.8b2970954db277f4ecb1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.88.208.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-88-208-125.compute-1.amazonaws.com
Software
Apache /
Resource Hash
2addbf74bc72ae34bc6a9ef10b95fe09483e6e1b27902ebd67812583b41ed58d
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Referer
https://staging.customers.paketos.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 09:15:33 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Aug 2024 14:03:16 GMT
Server
Apache
ETag
"108c-61f185f2f9d00-gzip"
Vary
Accept-Encoding
X-Frame-Options
sameorigin
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1387
general-infos
staging.api.paketos.io/
451 B
796 B
XHR
General
Full URL
https://staging.api.paketos.io/general-infos
Requested by
Host: staging.customers.paketos.io
URL: https://staging.customers.paketos.io/static/js/39.49c396a76437df30a06d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.88.208.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-88-208-125.compute-1.amazonaws.com
Software
Apache /
Resource Hash
c565b8f066077d6c33900a45ecbe012cf3ec8062f428b2999de0f02e3498a862
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Accept
application/json, text/plain, */*
APP-DEVICE
web
Referer
https://staging.customers.paketos.io/
APP-AGENT
desktop
APP-TYPE
customers-platform
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
APP-VERSION
3.0

Response headers

Date
Mon, 12 Aug 2024 09:15:34 GMT
Server
Apache
X-RateLimit-Remaining
39
X-Frame-Options
sameorigin
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private
X-RateLimit-Limit
40
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Transfer-Encoding
chunked
general-infos
staging.api.paketos.io/ Frame
0
0
Preflight
General
Full URL
https://staging.api.paketos.io/general-infos
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.88.208.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-88-208-125.compute-1.amazonaws.com
Software
Apache /
Resource Hash
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Accept
*/*
Access-Control-Request-Headers
app-agent,app-device,app-type,app-version
Access-Control-Request-Method
GET
Origin
https://staging.customers.paketos.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
app-agent,app-device,app-type,app-version
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Max-Age
0
Cache-Control
no-cache, private
Connection
close
Date
Mon, 12 Aug 2024 09:15:34 GMT
Server
Apache
Vary
Access-Control-Request-Method,Access-Control-Request-Headers
X-Frame-Options
sameorigin
favicon.png
staging.customers.paketos.io/
25 KB
25 KB
Other
General
Full URL
https://staging.customers.paketos.io/favicon.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.88.208.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-88-208-125.compute-1.amazonaws.com
Software
Apache /
Resource Hash
2890bc51a6ddb264ab8777e584293b3a42e9c5b12754aee150bbb94816a5e118
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Referer
https://staging.customers.paketos.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 09:15:33 GMT
Last-Modified
Wed, 07 Aug 2024 14:03:16 GMT
Server
Apache
ETag
"648d-61f185f28a7c0"
X-Frame-Options
sameorigin
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
25741
6.7a4bc527c68d99f40cca.js
staging.customers.paketos.io/static/js/
602 B
731 B
Script
General
Full URL
https://staging.customers.paketos.io/static/js/6.7a4bc527c68d99f40cca.js
Requested by
Host: staging.customers.paketos.io
URL: https://staging.customers.paketos.io/static/js/runtime.8b2970954db277f4ecb1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.88.208.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-88-208-125.compute-1.amazonaws.com
Software
Apache /
Resource Hash
63faff854a632f0b8d26fc6bbb5b041bed093a662afcb0a1ac48262b48d59543
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Referer
https://staging.customers.paketos.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 09:15:34 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Aug 2024 14:03:16 GMT
Server
Apache
ETag
"25a-61f185f2f7dc0-gzip"
Vary
Accept-Encoding
X-Frame-Options
sameorigin
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
369
1.6c692840e5a8fbdf70c5.js
staging.customers.paketos.io/static/js/
313 KB
80 KB
Script
General
Full URL
https://staging.customers.paketos.io/static/js/1.6c692840e5a8fbdf70c5.js
Requested by
Host: staging.customers.paketos.io
URL: https://staging.customers.paketos.io/static/js/runtime.8b2970954db277f4ecb1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.88.208.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-88-208-125.compute-1.amazonaws.com
Software
Apache /
Resource Hash
ec6ee8900cce498ee47ff1530b97bcb7dbef9caa12557136b429999ec2f4e755
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Referer
https://staging.customers.paketos.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 09:15:34 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Aug 2024 14:03:16 GMT
Server
Apache
ETag
"4e55a-61f185f2f2000-gzip"
Vary
Accept-Encoding
X-Frame-Options
sameorigin
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
60.942a441d6059f1ad0274.js
staging.customers.paketos.io/static/js/
11 KB
4 KB
Script
General
Full URL
https://staging.customers.paketos.io/static/js/60.942a441d6059f1ad0274.js
Requested by
Host: staging.customers.paketos.io
URL: https://staging.customers.paketos.io/static/js/runtime.8b2970954db277f4ecb1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.88.208.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-88-208-125.compute-1.amazonaws.com
Software
Apache /
Resource Hash
27ef9d1fb4eefda945630699a6c151bea6e0950c20a6b926cd9d2b7819b2656b
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Referer
https://staging.customers.paketos.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 09:15:34 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Aug 2024 14:03:16 GMT
Server
Apache
ETag
"2ad8-61f185f2f7dc0-gzip"
Vary
Accept-Encoding
X-Frame-Options
sameorigin
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
3448
fa-light-300.183f1c8.woff2
staging.customers.paketos.io/static/fonts/
419 KB
420 KB
Font
General
Full URL
https://staging.customers.paketos.io/static/fonts/fa-light-300.183f1c8.woff2
Requested by
Host: staging.customers.paketos.io
URL: https://staging.customers.paketos.io/static/css/styles.e937f94f93d62f6d5ea5.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.88.208.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-88-208-125.compute-1.amazonaws.com
Software
Apache /
Resource Hash
38b2e62bfbbeed100be9d1de0fcbd08fbe4dec34d2fb7f5986ce2ee233ad6546
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Referer
https://staging.customers.paketos.io/static/css/styles.e937f94f93d62f6d5ea5.css
Origin
https://staging.customers.paketos.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 09:15:34 GMT
Last-Modified
Wed, 07 Aug 2024 14:03:16 GMT
Server
Apache
ETag
"68d70-61f185f2eb2a0"
X-Frame-Options
sameorigin
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
429424
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/
14 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://staging.customers.paketos.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 06:57:42 GMT
x-content-type-options
nosniff
age
440023
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Aug 2025 06:57:42 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://staging.customers.paketos.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 17:10:22 GMT
x-content-type-options
nosniff
age
403264
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14712
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Aug 2025 17:10:22 GMT
fa-solid-900.e0f1f10.woff2
staging.customers.paketos.io/static/fonts/
320 KB
320 KB
Font
General
Full URL
https://staging.customers.paketos.io/static/fonts/fa-solid-900.e0f1f10.woff2
Requested by
Host: staging.customers.paketos.io
URL: https://staging.customers.paketos.io/static/css/styles.e937f94f93d62f6d5ea5.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.88.208.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-88-208-125.compute-1.amazonaws.com
Software
Apache /
Resource Hash
bdb9ca4674e16a180ad38ba1b55ea1224a38677e604f5c5e560b85194970b85a
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Referer
https://staging.customers.paketos.io/static/css/styles.e937f94f93d62f6d5ea5.css
Origin
https://staging.customers.paketos.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 09:15:34 GMT
Last-Modified
Wed, 07 Aug 2024 14:03:16 GMT
Server
Apache
ETag
"50090-61f185f2f00c0"
X-Frame-Options
sameorigin
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
327824

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| webpackJsonp object| recaptcha object| __core-js_shared__ object| closure_lm_423606

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
staging.api.paketos.io
staging.customers.paketos.io
www.google.com
www.gstatic.com
142.250.185.227
172.217.18.100
2a00:1450:4001:813::2003
2a00:1450:4001:81d::200a
2a00:1450:4001:82b::2003
3.88.208.125
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
0f5a78caf0e30691613eff1747a043a53d2f514f60ba248d2a8dc51052a8b9c1
27ef9d1fb4eefda945630699a6c151bea6e0950c20a6b926cd9d2b7819b2656b
2890bc51a6ddb264ab8777e584293b3a42e9c5b12754aee150bbb94816a5e118
2addbf74bc72ae34bc6a9ef10b95fe09483e6e1b27902ebd67812583b41ed58d
37d506254a7b66cbbb2ed028270a2566692d91ef87e721618a352a49148b33c7
38b2e62bfbbeed100be9d1de0fcbd08fbe4dec34d2fb7f5986ce2ee233ad6546
3e2c26febf7b51577d135dea6309dbbb01492c6e66dd157c3da5c7bdf293fc5f
513c8319da575e13bcf3e0e60ee251bc63a2278c68a216f53856a9bc449af61d
5a3caccba6fd4ae558536980bcb4c3a43f87fe2256b86f64dd4c1de13fa55325
5ed4f0915c371a1de7891299feec6140e7e8f86e48baab77474eaaa03f0d92e3
63faff854a632f0b8d26fc6bbb5b041bed093a662afcb0a1ac48262b48d59543
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
ae6124738f3618faaa28ef93cc77103c59f5378390104dc2f165f038513b1886
b3be4df5795c0708ce153949dbccc57351878e5e6155c43a925db5ba5e5bdf2f
bdb9ca4674e16a180ad38ba1b55ea1224a38677e604f5c5e560b85194970b85a
c565b8f066077d6c33900a45ecbe012cf3ec8062f428b2999de0f02e3498a862
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
ea82a86a7d8bbad3dd5eabec184dbb3145ab73fbd2029c3cff7ae88014102d71
ec6ee8900cce498ee47ff1530b97bcb7dbef9caa12557136b429999ec2f4e755
fe799f94e3efa7b5cb6ec9061bc6b1fbbe30d300518650eae559ca73184393ff