console.staging.nayoo.co Open in urlscan Pro
52.220.56.153 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://console.staging.nayoo.co/
Effective URL:
https://console.staging.nayoo.co/auth/login
Submission: On January 05 via api (January 5th 2024, 4:21:18 am UTC) from US — Scanned from SG

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 18 HTTP transactions. The main IP is 52.220.56.153, located in Singapore, Singapore and belongs to AMAZON-02, US. The main domain is console.staging.nayoo.co.
TLS certificate: Issued by R3 on November 8th 2023. Valid for: 3 months.

This is the only time console.staging.nayoo.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	18.140.167.31 18.140.167.31	16509 (AMAZON-02) (AMAZON-02)
1 11	52.220.56.153 52.220.56.153	16509 (AMAZON-02) (AMAZON-02)
1	64.233.170.95 64.233.170.95	15169 (GOOGLE) (GOOGLE)
2	151.101.193.229 151.101.193.229	54113 (FASTLY) (FASTLY)
4	64.233.170.94 64.233.170.94	15169 (GOOGLE) (GOOGLE)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
18	5

1 18.140.167.31 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-167-31.ap-southeast-1.compute.amazonaws.com

console.staging.nayoo.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.220.56.153 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-56-153.ap-southeast-1.compute.amazonaws.com

console.staging.nayoo.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.170.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.229 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.233.170.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o4505164426772480.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	nayoo.co 2 redirects console.staging.nayoo.co	570 KB
4	gstatic.com fonts.gstatic.com	52 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 438	449 KB
1	sentry.io o4505164426772480.ingest.sentry.io	324 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	1 KB
18	5

	Domain	Requested by
12	console.staging.nayoo.co	2 redirects console.staging.nayoo.co
4	fonts.gstatic.com	fonts.googleapis.com console.staging.nayoo.co
2	cdn.jsdelivr.net	console.staging.nayoo.co cdn.jsdelivr.net
1	o4505164426772480.ingest.sentry.io	console.staging.nayoo.co
1	fonts.googleapis.com	console.staging.nayoo.co
18	5

This site contains no links.

Subject Issuer	Validity	Valid
console.staging.nayoo.co R3	`2023-11-08` - `2024-02-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-12-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://console.staging.nayoo.co/auth/login
Frame ID: 2FA969513F0778AD2ABC89202E2A20A1
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

console - console

Page URL History Show full URLs

http://console.staging.nayoo.co/ HTTP 308
https://console.staging.nayoo.co/ HTTP 302
https://console.staging.nayoo.co/auth/login Page URL

Detected technologies

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

1073 kB
Transfer

3257 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://console.staging.nayoo.co/ HTTP 308
https://console.staging.nayoo.co/ HTTP 302
https://console.staging.nayoo.co/auth/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
console.staging.nayoo.co/auth/
Redirect Chain

http://console.staging.nayoo.co/
https://console.staging.nayoo.co/
https://console.staging.nayoo.co/auth/login

437 KB
52 KB

114ms
113ms

Document
text/html

52.220.56.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://console.staging.nayoo.co/auth/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.220.56.153 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-220-56-153.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

b6193669fbe520fe49722cc6d9070ec8ff5d2b91eb005acbbf2b2bd8836e1d78

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: none
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 05 Jan 2024 04:21:13 GMT
etag: "6d4a6-MFt16696xZWNyRM4S/yATz5wVqU"
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding

Redirect headers

date: Fri, 05 Jan 2024 04:21:13 GMT
location: /auth/login
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 372ms
20ms Stylesheet
text/css 64.233.170.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900&display=swap

Requested by

Host: console.staging.nayoo.co
URL: https://console.staging.nayoo.co/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f95.1e100.net

Software

ESF /

Resource Hash

b92f631c8cf38be6724c9b0ef9dcc762b7314ee2197ced3608efb40e02618fac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://console.staging.nayoo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 05 Jan 2024 04:21:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 02:40:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 Jan 2024 04:21:13 GMT

GET
H2 200 materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@latest/css/ 339 KB
55 KB 379ms
25ms Stylesheet
text/css 151.101.193.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css

Requested by

Host: console.staging.nayoo.co
URL: https://console.staging.nayoo.co/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

03fe3caba05e65b14e4035139eee89b12be87cd0bcf342ac3886770eec3a9962

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://console.staging.nayoo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 05 Jan 2024 04:21:13 GMT
x-content-type-options: nosniff
content-encoding: br
age: 36632
x-jsd-version: 7.4.47
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 55843
x-served-by: cache-fra-etou8220025-FRA, cache-qpg1242-QPG
x-jsd-version-type: version
etag: W/"54a02-OVjZUfBzAil15Q3gxxGhe/obcD8"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 9cb2b65.js Show response
console.staging.nayoo.co/_nuxt/ 7 KB
4 KB 32ms
29ms Script
application/javascript 52.220.56.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://console.staging.nayoo.co/_nuxt/9cb2b65.js

Requested by

Host: console.staging.nayoo.co
URL: https://console.staging.nayoo.co/auth/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.220.56.153 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-220-56-153.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

5d6b26183be83a245f5995755d941f957ebe79fedb04d6c876f824cce39e1cd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://console.staging.nayoo.co/auth/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:21:13 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 04 Jan 2024 10:06:25 GMT
etag: W/"1c1a-18cd3f038e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 6f3d125.js Show response
console.staging.nayoo.co/_nuxt/ 335 KB
115 KB 43ms
40ms Script
application/javascript 52.220.56.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://console.staging.nayoo.co/_nuxt/6f3d125.js

Requested by

Host: console.staging.nayoo.co
URL: https://console.staging.nayoo.co/auth/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.220.56.153 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-220-56-153.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

606b7f5d12c77da4702170a1e37c151f14c7507bd1aadd8aa8f9216aaa9ce8d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://console.staging.nayoo.co/auth/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:21:13 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 04 Jan 2024 10:06:25 GMT
etag: W/"53b2c-18cd3f038e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 3023245.js Show response
console.staging.nayoo.co/_nuxt/ 1 MB
321 KB 62ms
59ms Script
application/javascript 52.220.56.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://console.staging.nayoo.co/_nuxt/3023245.js

Requested by

Host: console.staging.nayoo.co
URL: https://console.staging.nayoo.co/auth/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.220.56.153 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-220-56-153.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

213d8705c3d28db4cc9ab99b4083f9bfbd287cb95ad5b5c569ab00817fd5f197

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://console.staging.nayoo.co/auth/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:21:13 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 04 Jan 2024 10:06:25 GMT
etag: W/"16610b-18cd3f038e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 b318239.js Show response
console.staging.nayoo.co/_nuxt/ 148 KB
31 KB 43ms
41ms Script
application/javascript 52.220.56.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://console.staging.nayoo.co/_nuxt/b318239.js

Requested by

Host: console.staging.nayoo.co
URL: https://console.staging.nayoo.co/auth/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.220.56.153 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-220-56-153.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

89bc751075e1cd0a78c1a7440bfdea623da37b728529a60cd4a01f17575834d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://console.staging.nayoo.co/auth/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:21:13 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 04 Jan 2024 10:06:25 GMT
etag: W/"251c4-18cd3f038e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 a95b636.js Show response
console.staging.nayoo.co/_nuxt/ 6 KB
3 KB 43ms
41ms Script
application/javascript 52.220.56.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://console.staging.nayoo.co/_nuxt/a95b636.js

Requested by

Host: console.staging.nayoo.co
URL: https://console.staging.nayoo.co/auth/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.220.56.153 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-220-56-153.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

bdd7542bdbab9c19e71b56deeed555af137be2e5329e0292ef5c1bcbe72f1e13

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://console.staging.nayoo.co/auth/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:21:13 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 04 Jan 2024 10:06:25 GMT
etag: W/"1749-18cd3f038e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 6e2a6f7.js Show response
console.staging.nayoo.co/_nuxt/ 14 KB
5 KB 43ms
41ms Script
application/javascript 52.220.56.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://console.staging.nayoo.co/_nuxt/6e2a6f7.js

Requested by

Host: console.staging.nayoo.co
URL: https://console.staging.nayoo.co/auth/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.220.56.153 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-220-56-153.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

66bf6a62e86f6be3cc178ab7955156c13e691f7c5900e5ccaece88e21d282a72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://console.staging.nayoo.co/auth/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:21:13 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 04 Jan 2024 10:06:25 GMT
etag: W/"37f5-18cd3f038e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 8851271.js Show response
console.staging.nayoo.co/_nuxt/ 30 KB
10 KB 61ms
60ms Script
application/javascript 52.220.56.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://console.staging.nayoo.co/_nuxt/8851271.js

Requested by

Host: console.staging.nayoo.co
URL: https://console.staging.nayoo.co/auth/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.220.56.153 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-220-56-153.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

58b53b55868667a11fb17999267cbd112869ffbce67ce87670bd5afee40126ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://console.staging.nayoo.co/auth/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:21:13 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 04 Jan 2024 10:06:25 GMT
etag: W/"7673-18cd3f038e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 28aaca8.js Show response
console.staging.nayoo.co/_nuxt/ 19 KB
5 KB 68ms
67ms Script
application/javascript 52.220.56.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://console.staging.nayoo.co/_nuxt/28aaca8.js

Requested by

Host: console.staging.nayoo.co
URL: https://console.staging.nayoo.co/auth/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.220.56.153 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-220-56-153.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

a62127e9effdc076242d4e3e99b6227c67833d19759161a1e5c488ceea630036

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://console.staging.nayoo.co/auth/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:21:13 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 04 Jan 2024 10:06:25 GMT
etag: W/"4cbf-18cd3f038e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 nayoo-logo.svg
console.staging.nayoo.co/ 31 KB
24 KB 42ms
42ms Image
image/svg+xml 52.220.56.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://console.staging.nayoo.co/nayoo-logo.svg

Requested by

Host: console.staging.nayoo.co
URL: https://console.staging.nayoo.co/auth/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.220.56.153 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-220-56-153.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

d6b3167d2a62099c9156f3a78c7369ffc6993bfcbcdbf53e591e6f8c3c7daab8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://console.staging.nayoo.co/auth/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:21:13 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 04 Jan 2024 09:54:48 GMT
etag: W/"7d76-18cd3e59640"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 362ms
20ms Font
font/woff2 64.233.170.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f94.1e100.net

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://console.staging.nayoo.co
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 16:05:40 GMT
x-content-type-options: nosniff
age: 44134
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 16:05:40 GMT

GET
H2 200 -W__XJnvUD7dzB2KYNodREEjew.woff2
fonts.gstatic.com/s/prompt/v10/ 10 KB
11 KB 368ms
27ms Font
font/woff2 64.233.170.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/prompt/v10/-W__XJnvUD7dzB2KYNodREEjew.woff2

Requested by

Host: console.staging.nayoo.co
URL: https://console.staging.nayoo.co/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f94.1e100.net

Software

sffe /

Resource Hash

a0c6d06e538b599bbd847490e80da5b8957f191cb66f9a187f458e8f292a4d5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://console.staging.nayoo.co/
Origin: https://console.staging.nayoo.co
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 19:05:41 GMT
x-content-type-options: nosniff
age: 119733
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10700
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:47:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jan 2025 19:05:41 GMT

GET
H2 200 materialdesignicons-webfont.woff2
cdn.jsdelivr.net/npm/@mdi/font@latest/fonts/ 394 KB
394 KB 356ms
18ms Font
font/woff2 151.101.193.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@mdi/font@latest/fonts/materialdesignicons-webfont.woff2?v=7.4.47

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

662fefa8f2f8a95c18588d21774789c107c64e771cbe65a69af46291c4311afc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css
Origin: https://console.staging.nayoo.co
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 05 Jan 2024 04:21:14 GMT
x-content-type-options: nosniff
age: 22953
x-jsd-version: 7.4.47
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 403216
x-served-by: cache-fra-eddf8230112-FRA, cache-qpg1244-QPG
x-jsd-version-type: version
etag: W/"62710-TiD2zPQxmd6lyFsjoODwuoH/7iY"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 -W_8XJnvUD7dzB2Ck_kIaWMuUZctdg.woff2
fonts.gstatic.com/s/prompt/v10/ 10 KB
10 KB 380ms
40ms Font
font/woff2 64.233.170.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/prompt/v10/-W_8XJnvUD7dzB2Ck_kIaWMuUZctdg.woff2

Requested by

Host: console.staging.nayoo.co
URL: https://console.staging.nayoo.co/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f94.1e100.net

Software

sffe /

Resource Hash

32565d4bd7557c078ea828727322fcdc4baddee997b1627ed9276651d08d11a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://console.staging.nayoo.co/
Origin: https://console.staging.nayoo.co
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 01:58:54 GMT
x-content-type-options: nosniff
age: 267740
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10348
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:43:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 01:58:54 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 363ms
31ms Font
font/woff2 64.233.170.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f94.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://console.staging.nayoo.co
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 19:46:48 GMT
x-content-type-options: nosniff
age: 117266
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jan 2025 19:46:48 GMT

POST
H2 200 / Show response
o4505164426772480.ingest.sentry.io/api/4505277626843136/envelope/ 2 B
324 B 143ms
91ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o4505164426772480.ingest.sentry.io/api/4505277626843136/envelope/?sentry_key=90ff33ee6c144b258f76afe85c3760aa&sentry_version=7&sentry_client=sentry.javascript.vue%2F7.91.0

Requested by

Host: console.staging.nayoo.co
URL: https://console.staging.nayoo.co/_nuxt/3023245.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://console.staging.nayoo.co/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 05 Jan 2024 04:21:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			console.staging.nayoo.co/	1969-12-31 23:59:59	Name: auth.redirect Value: %2F
			console.staging.nayoo.co/	1969-12-31 23:59:59	Name: auth.strategy Value: laravelSanctum

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
console.staging.nayoo.co
fonts.googleapis.com
fonts.gstatic.com
o4505164426772480.ingest.sentry.io
151.101.193.229
18.140.167.31
34.120.195.249
52.220.56.153
64.233.170.94
64.233.170.95
03fe3caba05e65b14e4035139eee89b12be87cd0bcf342ac3886770eec3a9962
213d8705c3d28db4cc9ab99b4083f9bfbd287cb95ad5b5c569ab00817fd5f197
32565d4bd7557c078ea828727322fcdc4baddee997b1627ed9276651d08d11a6
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
58b53b55868667a11fb17999267cbd112869ffbce67ce87670bd5afee40126ec
5d6b26183be83a245f5995755d941f957ebe79fedb04d6c876f824cce39e1cd5
606b7f5d12c77da4702170a1e37c151f14c7507bd1aadd8aa8f9216aaa9ce8d2
662fefa8f2f8a95c18588d21774789c107c64e771cbe65a69af46291c4311afc
66bf6a62e86f6be3cc178ab7955156c13e691f7c5900e5ccaece88e21d282a72
89bc751075e1cd0a78c1a7440bfdea623da37b728529a60cd4a01f17575834d2
a0c6d06e538b599bbd847490e80da5b8957f191cb66f9a187f458e8f292a4d5b
a62127e9effdc076242d4e3e99b6227c67833d19759161a1e5c488ceea630036
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b6193669fbe520fe49722cc6d9070ec8ff5d2b91eb005acbbf2b2bd8836e1d78
b92f631c8cf38be6724c9b0ef9dcc762b7314ee2197ced3608efb40e02618fac
bdd7542bdbab9c19e71b56deeed555af137be2e5329e0292ef5c1bcbe72f1e13
d6b3167d2a62099c9156f3a78c7369ffc6993bfcbcdbf53e591e6f8c3c7daab8
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

console.staging.nayoo.co Open in urlscan Pro 52.220.56.153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

18 Requests

100 %HTTPS

0 %IPv6

5 Domains

5 Subdomains

5 IPs

2 Countries

1073 kBTransfer

3257 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

console.staging.nayoo.co Open in urlscan Pro
52.220.56.153 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

1073 kB
Transfer

3257 kB
Size

2
Cookies

18 HTTP transactions
0 data transactions