sandbox-payments-onboarding.jupiterhq.com Open in urlscan Pro
52.8.140.212 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sandbox-payments-onboarding.jupiterhq.com/
Submission Tags: krdprod
Submission: On September 22 via api (September 22nd 2021, 3:10:59 pm UTC) from JP — Scanned from DE

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 18 HTTP transactions. The main IP is 52.8.140.212, located in San Jose, United States and belongs to AMAZON-02, US. The main domain is sandbox-payments-onboarding.jupiterhq.com.
TLS certificate: Issued by R3 on September 22nd 2021. Valid for: 3 months.

This is the only time sandbox-payments-onboarding.jupiterhq.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	52.8.140.212 52.8.140.212	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1 2	23.111.9.38 23.111.9.38	33438 (HIGHWINDS2) (HIGHWINDS2)
2	143.204.98.86 143.204.98.86	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
18	6

12 52.8.140.212 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-8-140-212.us-west-1.compute.amazonaws.com

sandbox-payments-onboarding.jupiterhq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.9.38 (United States) 1 redirects

ASN33438 (HIGHWINDS2, US)

cdn.mouseflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-86.fra50.r.cloudfront.net

cdn.plaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	jupiterhq.com sandbox-payments-onboarding.jupiterhq.com	167 KB
2	plaid.com cdn.plaid.com	53 KB
2	mouseflow.com 1 redirects cdn.mouseflow.com	57 KB
1	gstatic.com www.gstatic.com	134 KB
1	google.com www.google.com	1014 B
1	googleapis.com fonts.googleapis.com	1 KB
18	6

	Domain	Requested by
12	sandbox-payments-onboarding.jupiterhq.com	sandbox-payments-onboarding.jupiterhq.com
2	cdn.plaid.com	sandbox-payments-onboarding.jupiterhq.com cdn.plaid.com
2	cdn.mouseflow.com	1 redirects sandbox-payments-onboarding.jupiterhq.com
1	www.gstatic.com	www.google.com
1	www.google.com	sandbox-payments-onboarding.jupiterhq.com
1	fonts.googleapis.com	sandbox-payments-onboarding.jupiterhq.com
18	6

This site contains no links.

Subject Issuer	Validity	Valid
sandbox-payments-api.jupiterhq.com R3	`2021-09-22` - `2021-12-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.mouseflow.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-12` - `2022-09-14`	2 years	crt.sh
secure.plaid.com DigiCert SHA2 Extended Validation Server CA	`2020-04-17` - `2022-04-22`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://sandbox-payments-onboarding.jupiterhq.com/
Frame ID: 682714056FB5E7C8340390AB5BF44CB3
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Jupiter Onboarding

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Mouse Flow (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.mouseflow\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

18
Requests

33 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

413 kB
Transfer

1495 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://cdn.mouseflow.com/projects/f75dbfd7-fecd-483e-9685-b121bdbd88b8.js HTTP 301
https://cdn.mouseflow.com/projects/f75dbfd7-fecd-483e-9685-b121bdbd88b8_eu.js

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
sandbox-payments-onboarding.jupiterhq.com/ 2 KB
3 KB 521ms
161ms Document
text/html 52.8.140.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-payments-onboarding.jupiterhq.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.8.140.212 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-140-212.us-west-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

4fcfbdde591940fe0313702553d7c66eb2e66975f4c3ba95a247fa6f30d6f2c3

Security Headers

Name	Value
Content-Security-Policy	default-src .jupiterhq.com .mouseflow.com https://api.ipfind.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.gstatic.com/recaptcha/ https://fonts.googleapis.com https://use.fontawesome.com 'self'; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.googleapis.com 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Host: sandbox-payments-onboarding.jupiterhq.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx/1.21.3
Date: Wed, 22 Sep 2021 15:10:53 GMT
Content-Type: text/html
Content-Length: 1621
Connection: keep-alive
Last-Modified: Wed, 01 Sep 2021 00:36:10 GMT
Vary: Accept-Encoding
ETag: "612ecafa-655"
Content-Security-Policy: default-src *.jupiterhq.com *.mouseflow.com https://api.ipfind.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.gstatic.com/recaptcha/ https://fonts.googleapis.com https://use.fontawesome.com 'self'; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.googleapis.com 'unsafe-inline';
Strict-Transport-Security: max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Accept-Ranges: bytes

GET
H/1.1 200
OK app.3a7ee6ed.css
sandbox-payments-onboarding.jupiterhq.com/css/ 563 B
2 KB 162ms
161ms Stylesheet
text/css 52.8.140.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-payments-onboarding.jupiterhq.com/css/app.3a7ee6ed.css

Requested by

Host: sandbox-payments-onboarding.jupiterhq.com
URL: https://sandbox-payments-onboarding.jupiterhq.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.8.140.212 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-140-212.us-west-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

f21baacd74941b3e3f8b932d4aabc05304be94d5c3b81d4ed8e2b86ec3d683c4

Security Headers

Name	Value
Content-Security-Policy	default-src .jupiterhq.com .mouseflow.com https://api.ipfind.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.gstatic.com/recaptcha/ https://fonts.googleapis.com https://use.fontawesome.com 'self'; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.googleapis.com 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: sandbox-payments-onboarding.jupiterhq.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://sandbox-payments-onboarding.jupiterhq.com/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://sandbox-payments-onboarding.jupiterhq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 15:10:54 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 01 Sep 2021 00:36:10 GMT
Server: nginx/1.21.3
X-Frame-Options: DENY
ETag: "612ecafa-233"
Strict-Transport-Security: max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
Content-Type: text/css
Content-Security-Policy: default-src *.jupiterhq.com *.mouseflow.com https://api.ipfind.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.gstatic.com/recaptcha/ https://fonts.googleapis.com https://use.fontawesome.com 'self'; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.googleapis.com 'unsafe-inline';
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 563
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK chunk-vendors.2d5f29c2.css
sandbox-payments-onboarding.jupiterhq.com/css/ 524 B
1 KB 323ms
161ms Stylesheet
text/css 52.8.140.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-payments-onboarding.jupiterhq.com/css/chunk-vendors.2d5f29c2.css

Requested by

Host: sandbox-payments-onboarding.jupiterhq.com
URL: https://sandbox-payments-onboarding.jupiterhq.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.8.140.212 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-140-212.us-west-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

32b495b9de6db5a67e8ee26fe8e5a99bfd2fbe45613dec6b208e72cb1f1245f5

Security Headers

Name	Value
Content-Security-Policy	default-src .jupiterhq.com .mouseflow.com https://api.ipfind.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.gstatic.com/recaptcha/ https://fonts.googleapis.com https://use.fontawesome.com 'self'; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.googleapis.com 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: sandbox-payments-onboarding.jupiterhq.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://sandbox-payments-onboarding.jupiterhq.com/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://sandbox-payments-onboarding.jupiterhq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 15:10:54 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 01 Sep 2021 00:36:10 GMT
Server: nginx/1.21.3
X-Frame-Options: DENY
ETag: "612ecafa-20c"
Strict-Transport-Security: max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
Content-Type: text/css
Content-Security-Policy: default-src *.jupiterhq.com *.mouseflow.com https://api.ipfind.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.gstatic.com/recaptcha/ https://fonts.googleapis.com https://use.fontawesome.com 'self'; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.googleapis.com 'unsafe-inline';
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 524
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK app.553a7053.js Show response
sandbox-payments-onboarding.jupiterhq.com/js/ 293 KB
68 KB 668ms
327ms Script
application/javascript 52.8.140.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-payments-onboarding.jupiterhq.com/js/app.553a7053.js

Requested by

Host: sandbox-payments-onboarding.jupiterhq.com
URL: https://sandbox-payments-onboarding.jupiterhq.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.8.140.212 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-140-212.us-west-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

622f592a6adb416a57f1042a2e0a12a67703baf232693b2a89a5030e97fa45c4

Security Headers

Name	Value
Content-Security-Policy	default-src .jupiterhq.com .mouseflow.com https://api.ipfind.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.gstatic.com/recaptcha/ https://fonts.googleapis.com https://use.fontawesome.com 'self'; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.googleapis.com 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: sandbox-payments-onboarding.jupiterhq.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://sandbox-payments-onboarding.jupiterhq.com/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://sandbox-payments-onboarding.jupiterhq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 15:10:54 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 01 Sep 2021 00:36:10 GMT
Server: nginx/1.21.3
X-Frame-Options: DENY
ETag: W/"612ecafa-495da"
Strict-Transport-Security: max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
Content-Type: application/javascript
Transfer-Encoding: chunked
Content-Security-Policy: default-src *.jupiterhq.com *.mouseflow.com https://api.ipfind.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.gstatic.com/recaptcha/ https://fonts.googleapis.com https://use.fontawesome.com 'self'; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.googleapis.com 'unsafe-inline';
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK chunk-vendors.3b5757f7.js
sandbox-payments-onboarding.jupiterhq.com/js/ 231 KB
0 716ms
354ms Script
application/javascript 52.8.140.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-payments-onboarding.jupiterhq.com/js/chunk-vendors.3b5757f7.js

Requested by

Host: sandbox-payments-onboarding.jupiterhq.com
URL: https://sandbox-payments-onboarding.jupiterhq.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.8.140.212 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-140-212.us-west-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src .jupiterhq.com .mouseflow.com https://api.ipfind.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.gstatic.com/recaptcha/ https://fonts.googleapis.com https://use.fontawesome.com 'self'; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.googleapis.com 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: sandbox-payments-onboarding.jupiterhq.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://sandbox-payments-onboarding.jupiterhq.com/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://sandbox-payments-onboarding.jupiterhq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 15:10:54 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 01 Sep 2021 00:36:10 GMT
Server: nginx/1.21.3
X-Frame-Options: DENY
ETag: W/"612ecafa-c9fc1"
Strict-Transport-Security: max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
Content-Type: application/javascript
Transfer-Encoding: chunked
Content-Security-Policy: default-src *.jupiterhq.com *.mouseflow.com https://api.ipfind.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.gstatic.com/recaptcha/ https://fonts.googleapis.com https://use.fontawesome.com 'self'; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.googleapis.com 'unsafe-inline';
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK bootstrap.min.css
sandbox-payments-onboarding.jupiterhq.com/static/bootstrap/ 141 KB
22 KB 635ms
314ms Stylesheet
text/css 52.8.140.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-payments-onboarding.jupiterhq.com/static/bootstrap/bootstrap.min.css

Requested by

Host: sandbox-payments-onboarding.jupiterhq.com
URL: https://sandbox-payments-onboarding.jupiterhq.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.8.140.212 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-140-212.us-west-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Security Headers

Name	Value
Content-Security-Policy	default-src .jupiterhq.com .mouseflow.com https://api.ipfind.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.gstatic.com/recaptcha/ https://fonts.googleapis.com https://use.fontawesome.com 'self'; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.googleapis.com 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: sandbox-payments-onboarding.jupiterhq.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://sandbox-payments-onboarding.jupiterhq.com/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://sandbox-payments-onboarding.jupiterhq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 15:10:54 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 01 Sep 2021 00:36:10 GMT
Server: nginx/1.21.3
X-Frame-Options: DENY
ETag: W/"612ecafa-235ed"
Strict-Transport-Security: max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
Content-Type: text/css
Transfer-Encoding: chunked
Content-Security-Policy: default-src *.jupiterhq.com *.mouseflow.com https://api.ipfind.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.gstatic.com/recaptcha/ https://fonts.googleapis.com https://use.fontawesome.com 'self'; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.googleapis.com 'unsafe-inline';
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
X-Xss-Protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 18 KB
1 KB 68ms
24ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i

Requested by

Host: sandbox-payments-onboarding.jupiterhq.com
URL: https://sandbox-payments-onboarding.jupiterhq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0e3c3790d3ef5f000a5eb4242e477574ee5f23298bca99dc2c81fd007afd45b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sandbox-payments-onboarding.jupiterhq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 15:00:54 GMT
server: ESF
date: Wed, 22 Sep 2021 15:10:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Sep 2021 15:10:54 GMT

GET
H/1.1 200
OK all.min.css
sandbox-payments-onboarding.jupiterhq.com/static/fontawesome-5-5-0/css/ 50 KB
12 KB 489ms
166ms Stylesheet
text/css 52.8.140.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-payments-onboarding.jupiterhq.com/static/fontawesome-5-5-0/css/all.min.css

Requested by

Host: sandbox-payments-onboarding.jupiterhq.com
URL: https://sandbox-payments-onboarding.jupiterhq.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.8.140.212 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-140-212.us-west-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Security Headers

Name	Value
Content-Security-Policy	default-src .jupiterhq.com .mouseflow.com https://api.ipfind.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.gstatic.com/recaptcha/ https://fonts.googleapis.com https://use.fontawesome.com 'self'; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.googleapis.com 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: sandbox-payments-onboarding.jupiterhq.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://sandbox-payments-onboarding.jupiterhq.com/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://sandbox-payments-onboarding.jupiterhq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 15:10:54 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 01 Sep 2021 00:36:10 GMT
Server: nginx/1.21.3
X-Frame-Options: DENY
ETag: W/"612ecafa-c80f"
Strict-Transport-Security: max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
Content-Type: text/css
Transfer-Encoding: chunked
Content-Security-Policy: default-src *.jupiterhq.com *.mouseflow.com https://api.ipfind.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.gstatic.com/recaptcha/ https://fonts.googleapis.com https://use.fontawesome.com 'self'; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.googleapis.com 'unsafe-inline';
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK style.css
sandbox-payments-onboarding.jupiterhq.com/static/css/ 26 KB
6 KB 493ms
164ms Stylesheet
text/css 52.8.140.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-payments-onboarding.jupiterhq.com/static/css/style.css

Requested by

Host: sandbox-payments-onboarding.jupiterhq.com
URL: https://sandbox-payments-onboarding.jupiterhq.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.8.140.212 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-140-212.us-west-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

68dd20d3538018b0009b377df2001ffc566445850c3d86583ee81eef422998f2

Security Headers

Name	Value
Content-Security-Policy	default-src .jupiterhq.com .mouseflow.com https://api.ipfind.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.gstatic.com/recaptcha/ https://fonts.googleapis.com https://use.fontawesome.com 'self'; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.googleapis.com 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: sandbox-payments-onboarding.jupiterhq.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://sandbox-payments-onboarding.jupiterhq.com/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://sandbox-payments-onboarding.jupiterhq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 15:10:54 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 01 Sep 2021 00:36:10 GMT
Server: nginx/1.21.3
X-Frame-Options: DENY
ETag: W/"612ecafa-6840"
Strict-Transport-Security: max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
Content-Type: text/css
Transfer-Encoding: chunked
Content-Security-Policy: default-src *.jupiterhq.com *.mouseflow.com https://api.ipfind.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.gstatic.com/recaptcha/ https://fonts.googleapis.com https://use.fontawesome.com 'self'; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.googleapis.com 'unsafe-inline';
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK responsive.css
sandbox-payments-onboarding.jupiterhq.com/static/css/ 6 KB
7 KB 508ms
168ms Stylesheet
text/css 52.8.140.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-payments-onboarding.jupiterhq.com/static/css/responsive.css

Requested by

Host: sandbox-payments-onboarding.jupiterhq.com
URL: https://sandbox-payments-onboarding.jupiterhq.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.8.140.212 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-140-212.us-west-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

61e010775f36a82479ca371ce93fdf040fc1b0e98cc601c1841bde81c9cb1c5b

Security Headers

Name	Value
Content-Security-Policy	default-src .jupiterhq.com .mouseflow.com https://api.ipfind.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.gstatic.com/recaptcha/ https://fonts.googleapis.com https://use.fontawesome.com 'self'; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.googleapis.com 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: sandbox-payments-onboarding.jupiterhq.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://sandbox-payments-onboarding.jupiterhq.com/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://sandbox-payments-onboarding.jupiterhq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 15:10:54 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 01 Sep 2021 00:36:10 GMT
Server: nginx/1.21.3
X-Frame-Options: DENY
ETag: "612ecafa-1770"
Strict-Transport-Security: max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
Content-Type: text/css
Content-Security-Policy: default-src *.jupiterhq.com *.mouseflow.com https://api.ipfind.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.gstatic.com/recaptcha/ https://fonts.googleapis.com https://use.fontawesome.com 'self'; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.googleapis.com 'unsafe-inline';
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 6000
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK jquery-3.2.1.slim.min.js Show response
sandbox-payments-onboarding.jupiterhq.com/static/bootstrap/ 68 KB
25 KB 656ms
167ms Script
application/javascript 52.8.140.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-payments-onboarding.jupiterhq.com/static/bootstrap/jquery-3.2.1.slim.min.js

Requested by

Host: sandbox-payments-onboarding.jupiterhq.com
URL: https://sandbox-payments-onboarding.jupiterhq.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.8.140.212 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-140-212.us-west-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

Security Headers

Name	Value
Content-Security-Policy	default-src .jupiterhq.com .mouseflow.com https://api.ipfind.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.gstatic.com/recaptcha/ https://fonts.googleapis.com https://use.fontawesome.com 'self'; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.googleapis.com 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: sandbox-payments-onboarding.jupiterhq.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://sandbox-payments-onboarding.jupiterhq.com/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://sandbox-payments-onboarding.jupiterhq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 15:10:54 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 01 Sep 2021 00:36:10 GMT
Server: nginx/1.21.3
X-Frame-Options: DENY
ETag: W/"612ecafa-10fdd"
Strict-Transport-Security: max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
Content-Type: application/javascript
Transfer-Encoding: chunked
Content-Security-Policy: default-src *.jupiterhq.com *.mouseflow.com https://api.ipfind.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.gstatic.com/recaptcha/ https://fonts.googleapis.com https://use.fontawesome.com 'self'; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.googleapis.com 'unsafe-inline';
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK popper.min.js Show response
sandbox-payments-onboarding.jupiterhq.com/static/bootstrap/ 19 KB
8 KB 658ms
164ms Script
application/javascript 52.8.140.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-payments-onboarding.jupiterhq.com/static/bootstrap/popper.min.js

Requested by

Host: sandbox-payments-onboarding.jupiterhq.com
URL: https://sandbox-payments-onboarding.jupiterhq.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.8.140.212 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-140-212.us-west-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Security Headers

Name	Value
Content-Security-Policy	default-src .jupiterhq.com .mouseflow.com https://api.ipfind.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.gstatic.com/recaptcha/ https://fonts.googleapis.com https://use.fontawesome.com 'self'; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.googleapis.com 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: sandbox-payments-onboarding.jupiterhq.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://sandbox-payments-onboarding.jupiterhq.com/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://sandbox-payments-onboarding.jupiterhq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 15:10:54 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 01 Sep 2021 00:36:10 GMT
Server: nginx/1.21.3
X-Frame-Options: DENY
ETag: W/"612ecafa-4af4"
Strict-Transport-Security: max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
Content-Type: application/javascript
Transfer-Encoding: chunked
Content-Security-Policy: default-src *.jupiterhq.com *.mouseflow.com https://api.ipfind.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.gstatic.com/recaptcha/ https://fonts.googleapis.com https://use.fontawesome.com 'self'; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.googleapis.com 'unsafe-inline';
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK bootstrap.min.js Show response
sandbox-payments-onboarding.jupiterhq.com/static/bootstrap/ 48 KB
14 KB 680ms
172ms Script
application/javascript 52.8.140.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-payments-onboarding.jupiterhq.com/static/bootstrap/bootstrap.min.js

Requested by

Host: sandbox-payments-onboarding.jupiterhq.com
URL: https://sandbox-payments-onboarding.jupiterhq.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.8.140.212 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-140-212.us-west-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Security Headers

Name	Value
Content-Security-Policy	default-src .jupiterhq.com .mouseflow.com https://api.ipfind.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.gstatic.com/recaptcha/ https://fonts.googleapis.com https://use.fontawesome.com 'self'; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.googleapis.com 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: sandbox-payments-onboarding.jupiterhq.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://sandbox-payments-onboarding.jupiterhq.com/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://sandbox-payments-onboarding.jupiterhq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 15:10:54 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 01 Sep 2021 00:36:10 GMT
Server: nginx/1.21.3
X-Frame-Options: DENY
ETag: W/"612ecafa-bf30"
Strict-Transport-Security: max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
Content-Type: application/javascript
Transfer-Encoding: chunked
Content-Security-Policy: default-src *.jupiterhq.com *.mouseflow.com https://api.ipfind.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.gstatic.com/recaptcha/ https://fonts.googleapis.com https://use.fontawesome.com 'self'; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.googleapis.com 'unsafe-inline';
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
X-Xss-Protection: 1; mode=block

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 916 B
1014 B 67ms
25ms Script
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=vueRecaptchaApiLoaded&render=explicit

Requested by

Host: sandbox-payments-onboarding.jupiterhq.com
URL: https://sandbox-payments-onboarding.jupiterhq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4ba33d3ed230a164471d12d7afdaaaedee8cd35a4d6fce4256afbd7a0c99b95b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sandbox-payments-onboarding.jupiterhq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 15:10:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 580
x-xss-protection: 1; mode=block
expires: Wed, 22 Sep 2021 15:10:54 GMT

GET
H2

200

f75dbfd7-fecd-483e-9685-b121bdbd88b8_eu.js Show response
cdn.mouseflow.com/projects/
Redirect Chain

https://cdn.mouseflow.com/projects/f75dbfd7-fecd-483e-9685-b121bdbd88b8.js
https://cdn.mouseflow.com/projects/f75dbfd7-fecd-483e-9685-b121bdbd88b8_eu.js

172 KB
57 KB

102ms
102ms

Script
application/javascript

23.111.9.38
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mouseflow.com/projects/f75dbfd7-fecd-483e-9685-b121bdbd88b8_eu.js
Requested by: Host: sandbox-payments-onboarding.jupiterhq.com
URL: https://sandbox-payments-onboarding.jupiterhq.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.38 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 7925298ff1db986b5ba26e1ab78e6110deb198c66d8cab51632e4df43fdb3b02

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sandbox-payments-onboarding.jupiterhq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 15:10:54 GMT
content-encoding: gzip
last-modified: Thu, 09 Sep 2021 15:00:21 GMT
server: NetDNA-cache/2.2
etag: W/"c69f4b698ba5d71:0"
x-cache: MISS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400

Redirect headers

location: https://cdn.mouseflow.com/projects/f75dbfd7-fecd-483e-9685-b121bdbd88b8_eu.js
date: Wed, 22 Sep 2021 15:10:53 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
content-length: 178
content-type: text/html

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ 77 KB
24 KB 145ms
39ms Script
application/javascript 143.204.98.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: sandbox-payments-onboarding.jupiterhq.com
URL: https://sandbox-payments-onboarding.jupiterhq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-86.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8635abc629add1a7da910c46a66e770449c6520ace7f24266c384508df04075e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sandbox-payments-onboarding.jupiterhq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 18:47:21 GMT
content-encoding: gzip
x-amz-request-id: NV9S4X36Y0XSG6V4
x-amz-server-side-encryption: AES256
x-edge-origin-shield-skipped: 0
x-amz-replication-status: COMPLETED
x-cache: Hit from cloudfront
x-amz-id-2: AtclNKkTtRl1deMYesg541/6ED0uM2J6XZm/wzQTqL5+MVv2kIBk5jJ2y41KIm7fbycW/Zpnpxk=
last-modified: Tue, 21 Sep 2021 17:59:57 GMT
server: AmazonS3
etag: W/"5b4bf740ca616d4a8753517a0dd899a4"
vary: Accept-Encoding
x-amz-version-id: LKmtuvSX4boHdnRQYgzSnAib8yJMeD1p
via: 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: -6np1XVeBc6B01UV0JbVbKbwO3-ymBE9zYwxkfjyDhBurLxF_zcFQw==

GET
H2 200 link-dynamic-loader.js
cdn.plaid.com/link/2.0.1157/ 0
28 KB 9ms
9ms Other
application/javascript 143.204.98.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/2.0.1157/link-dynamic-loader.js
Requested by: Host: cdn.plaid.com
URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-86.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sandbox-payments-onboarding.jupiterhq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 18:47:22 GMT
content-encoding: gzip
age: 73413
x-amz-server-side-encryption: AES256
x-edge-origin-shield-skipped: 0
x-amz-replication-status: COMPLETED
x-cache: Hit from cloudfront
last-modified: Tue, 21 Sep 2021 17:59:57 GMT
server: AmazonS3
etag: W/"aae6810947c5938d30cab0e0234cef94"
vary: Accept-Encoding
x-amz-version-id: 5XJPo2hb1QW2H.Im26ulolhqEgzoqrfY
via: 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
cache-control: max-age=10800
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: IHAsikB5jHFW25Bl8nV5hCDy-qa7uijYWYp80TfpbYKhMtCqFL2zAA==

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/ 342 KB
134 KB 54ms
14ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=vueRecaptchaApiLoaded&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8c490e04a2be43d25df6263307477469d6ef82a318809f800bedda65c4803b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sandbox-payments-onboarding.jupiterhq.com/
Origin: https://sandbox-payments-onboarding.jupiterhq.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 15:00:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 598
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136719
x-xss-protection: 0
last-modified: Sun, 12 Sep 2021 18:01:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Thu, 22 Sep 2022 15:00:56 GMT

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sandbox-payments-onboarding.jupiterhq.com/js/chunk-vendors.3b5757f7.js Message: Failed to load resource: net::ERR_INCOMPLETE_CHUNKED_ENCODING

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src .jupiterhq.com .mouseflow.com https://api.ipfind.com https://cdn.plaid.com https://www.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://www.gstatic.com/recaptcha/ https://fonts.googleapis.com https://use.fontawesome.com 'self'; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com https://use.fontawesome.com; style-src *.jupiterhq.com 'self' https://fonts.googleapis.com 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubdomains max-age=63072000 max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.mouseflow.com
cdn.plaid.com
fonts.googleapis.com
sandbox-payments-onboarding.jupiterhq.com
www.google.com
www.gstatic.com
143.204.98.86
23.111.9.38
2a00:1450:4001:827::2003
2a00:1450:4001:82f::2004
2a00:1450:4001:831::200a
52.8.140.212
0e3c3790d3ef5f000a5eb4242e477574ee5f23298bca99dc2c81fd007afd45b9
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
32b495b9de6db5a67e8ee26fe8e5a99bfd2fbe45613dec6b208e72cb1f1245f5
4ba33d3ed230a164471d12d7afdaaaedee8cd35a4d6fce4256afbd7a0c99b95b
4fcfbdde591940fe0313702553d7c66eb2e66975f4c3ba95a247fa6f30d6f2c3
61e010775f36a82479ca371ce93fdf040fc1b0e98cc601c1841bde81c9cb1c5b
622f592a6adb416a57f1042a2e0a12a67703baf232693b2a89a5030e97fa45c4
68dd20d3538018b0009b377df2001ffc566445850c3d86583ee81eef422998f2
7925298ff1db986b5ba26e1ab78e6110deb198c66d8cab51632e4df43fdb3b02
8635abc629add1a7da910c46a66e770449c6520ace7f24266c384508df04075e
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
b8c490e04a2be43d25df6263307477469d6ef82a318809f800bedda65c4803b0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
f21baacd74941b3e3f8b932d4aabc05304be94d5c3b81d4ed8e2b86ec3d683c4

sandbox-payments-onboarding.jupiterhq.com Open in urlscan Pro 52.8.140.212 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

18 Requests

33 %HTTPS

50 %IPv6

6 Domains

6 Subdomains

6 IPs

2 Countries

413 kBTransfer

1495 kBSize

0 Cookies

0 Outgoing links

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

sandbox-payments-onboarding.jupiterhq.com Open in urlscan Pro
52.8.140.212 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

33 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

413 kB
Transfer

1495 kB
Size

0
Cookies

18 HTTP transactions
0 data transactions