URL: https://accounts.staging.hellorider.com/
Submission: On August 09 via automatic, source certstream-suspicious — Scanned from CA

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 4 HTTP transactions. The main IP is 3.126.252.226, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is accounts.staging.hellorider.com.
TLS certificate: Issued by R10 on August 9th 2024. Valid for: 3 months.
This is the only time accounts.staging.hellorider.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 3.126.252.226 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
4 2
Apex Domain
Subdomains
Transfer
3 hellorider.com
accounts.staging.hellorider.com
532 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
775 B
4 2
Domain Requested by
3 accounts.staging.hellorider.com accounts.staging.hellorider.com
1 fonts.googleapis.com accounts.staging.hellorider.com
4 2

This site contains no links.

Subject Issuer Validity Valid
accounts.staging.hellorider.com
R10
2024-08-09 -
2024-11-07
3 months crt.sh
upload.video.google.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh

This page contains 1 frames:

Primary Page: https://accounts.staging.hellorider.com/
Frame ID: 1A21A60E0A81A5C5D932166728F738CB
Requests: 4 HTTP requests in this frame

Screenshot

Page Title

User Management

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

4
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

533 kB
Transfer

1947 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
accounts.staging.hellorider.com/
976 B
1 KB
Document
General
Full URL
https://accounts.staging.hellorider.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.126.252.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-252-226.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
b7a9c473e77f6e6a493ec91077127b7f84b8b92659b7c5cba175939f41cda4f4
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.hellorider.com *.hellorider.local; object-src 'none'; child-src 'self'; frame-ancestors 'none';style-src 'unsafe-inline' fonts.googleapis.com *.hellorider.com; script-src 'self' challenges.cloudflare.com *.hellorider.com *.hellorider.local 'unsafe-eval' 'unsafe-inline'; font-src fonts.gstatic.com; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' challenges.cloudflare.com; connect-src 'self' *.hellorider.com *.hellorider.local; img-src * blob: data:
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
464
content-security-policy
default-src 'self' *.hellorider.com *.hellorider.local; object-src 'none'; child-src 'self'; frame-ancestors 'none';style-src 'unsafe-inline' fonts.googleapis.com *.hellorider.com; script-src 'self' challenges.cloudflare.com *.hellorider.com *.hellorider.local 'unsafe-eval' 'unsafe-inline'; font-src fonts.gstatic.com; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' challenges.cloudflare.com; connect-src 'self' *.hellorider.com *.hellorider.local; img-src * blob: data:
content-type
text/html; charset=utf-8
date
Fri, 09 Aug 2024 16:40:21 GMT
expires
Wed, 11 Jan 1984 05:00:00 GMT
last-modified
Mon, 29 Jul 2024 10:20:10 GMT
pragma
no-cache
referrer-policy
no-referrer
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
deny
x-permitted-cross-domain-policies
none
icon
fonts.googleapis.com/
569 B
775 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: accounts.staging.hellorider.com
URL: https://accounts.staging.hellorider.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 09 Aug 2024 16:40:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 09 Aug 2024 16:40:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 09 Aug 2024 16:40:21 GMT
bundle.a8ee9b50e0c4376e873e.js
accounts.staging.hellorider.com/
2 MB
522 KB
Script
General
Full URL
https://accounts.staging.hellorider.com/bundle.a8ee9b50e0c4376e873e.js
Requested by
Host: accounts.staging.hellorider.com
URL: https://accounts.staging.hellorider.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.126.252.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-252-226.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
750a0207b091d6662665e30c33fd56e0f5b9f84220fb61c5d5e7eee91ee69fdd
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 16:40:21 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Mon, 29 Jul 2024 10:20:10 GMT
etag
"1cf8f9-61e6034b16a80-gzip"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
favicon.ico
accounts.staging.hellorider.com/
91 KB
9 KB
Other
General
Full URL
https://accounts.staging.hellorider.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.126.252.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-252-226.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
52ef3ec84a8c59275af59dc27c22e3d4efa9a34abda32a4c09abbd0a46070592
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 16:40:22 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Mon, 29 Jul 2024 10:20:10 GMT
etag
"16b86-61e6034b16a80-gzip"
vary
Accept-Encoding
content-type
image/x-icon
accept-ranges
bytes
content-length
9246

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackJsonp object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill number| 2f1acc6c3a606b082e5eef5e54414ffb function| FlateStream

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' *.hellorider.com *.hellorider.local; object-src 'none'; child-src 'self'; frame-ancestors 'none';style-src 'unsafe-inline' fonts.googleapis.com *.hellorider.com; script-src 'self' challenges.cloudflare.com *.hellorider.com *.hellorider.local 'unsafe-eval' 'unsafe-inline'; font-src fonts.gstatic.com; upgrade-insecure-requests; block-all-mixed-content; frame-src 'self' challenges.cloudflare.com; connect-src 'self' *.hellorider.com *.hellorider.local; img-src * blob: data:
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny