coconut.staging.stockfillertech.com Open in urlscan Pro
18.238.49.45 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://supplier-admin.staging.stockfillertech.com/
Effective URL:
https://coconut.staging.stockfillertech.com/oauth2/authorize?response_type=code&client_id=24hp1cdt1t4te3jgj3fp5eubu4&redirect_uri=https://su...
Submission: On February 29 via api (February 29th 2024, 12:16:28 pm UTC) from US — Scanned from US

Summary HTTP 13 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 7 IPs in 1 countries across 6 domains to perform 13 HTTP transactions. The main IP is 18.238.49.45, located in United States and belongs to AMAZON-02, US. The main domain is coconut.staging.stockfillertech.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on September 19th 2023. Valid for: a year.

This is the only time coconut.staging.stockfillertech.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	108.138.106.62 108.138.106.62	16509 (AMAZON-02) (AMAZON-02)
4	18.238.49.45 18.238.49.45	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:402... 2607:f8b0:4023:400::5f	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:402... 2607:f8b0:4023:402::61	15169 (GOOGLE) (GOOGLE)
1	108.138.128.126 108.138.128.126	16509 (AMAZON-02) (AMAZON-02)
4	2607:f8b0:402... 2607:f8b0:4023:402::8b	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:402... 2607:f8b0:4023:402::5e	15169 (GOOGLE) (GOOGLE)
13	7

1 108.138.106.62 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-62.jfk50.r.cloudfront.net

supplier-admin.staging.stockfillertech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.238.49.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-49-45.jfk52.r.cloudfront.net

coconut.staging.stockfillertech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4023:400::5f (Sewanee, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4023:402::61 (Sewanee, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.128.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-126.jfk50.r.cloudfront.net

amazon-cognito-assets.eu-central-1.amazoncognito.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4023:402::8b (Sewanee, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4023:402::5e (Sewanee, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	stockfillertech.com 1 redirects supplier-admin.staging.stockfillertech.com coconut.staging.stockfillertech.com	314 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	153 KB
1	gstatic.com fonts.gstatic.com	16 KB
1	amazoncognito.com amazon-cognito-assets.eu-central-1.amazoncognito.com	262 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 32	1017 B
13	6

	Domain	Requested by
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	coconut.staging.stockfillertech.com	coconut.staging.stockfillertech.com
2	www.googletagmanager.com	coconut.staging.stockfillertech.com www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	amazon-cognito-assets.eu-central-1.amazoncognito.com	coconut.staging.stockfillertech.com
1	fonts.googleapis.com	coconut.staging.stockfillertech.com
1	supplier-admin.staging.stockfillertech.com	1 redirects
13	7

This site contains links to these domains. Also see Links.

Domain
www.stockfiller.com

Subject Issuer	Validity	Valid
*.staging.stockfillertech.com Amazon RSA 2048 M03	`2023-09-19` - `2024-10-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.eu-central-1.amazoncognito.com Amazon RSA 2048 M01	`2023-06-09` - `2024-07-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://coconut.staging.stockfillertech.com/oauth2/authorize?response_type=code&client_id=24hp1cdt1t4te3jgj3fp5eubu4&redirect_uri=https://supplier-admin.staging.stockfillertech.com/_oauth/redirect&state=1850691179094595
Frame ID: 1F35D0CA00AF34833A94215FDD5189B4
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login

Page URL History Show full URLs

https://supplier-admin.staging.stockfillertech.com/ HTTP 302
https://coconut.staging.stockfillertech.com/oauth2/authorize?response_type=code&client_id=24hp1cdt1t4te3jgj3fp5eubu4&red... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

13
Requests

100 %
HTTPS

57 %
IPv6

6
Domains

7
Subdomains

7
IPs

1
Countries

767 kB
Transfer

1839 kB
Size

6
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.stockfiller.com/en/choose-demo-type/
Title: Get Started

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://supplier-admin.staging.stockfillertech.com/ HTTP 302
https://coconut.staging.stockfillertech.com/oauth2/authorize?response_type=code&client_id=24hp1cdt1t4te3jgj3fp5eubu4&redirect_uri=https://supplier-admin.staging.stockfillertech.com/_oauth/redirect&state=1850691179094595 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request authorize Show response
coconut.staging.stockfillertech.com/oauth2/
Redirect Chain

https://supplier-admin.staging.stockfillertech.com/
https://coconut.staging.stockfillertech.com/oauth2/authorize?response_type=code&client_id=24hp1cdt1t4te3jgj3fp5eubu4&redirect_uri=https://supplier-admin.staging.stockfillertech.com/_oauth/redirect&...

2 KB
3 KB

472ms
425ms

Document
text/html

18.238.49.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://coconut.staging.stockfillertech.com/oauth2/authorize?response_type=code&client_id=24hp1cdt1t4te3jgj3fp5eubu4&redirect_uri=https://supplier-admin.staging.stockfillertech.com/_oauth/redirect&state=1850691179094595

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.49.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-49-45.jfk52.r.cloudfront.net

Software

Resource Hash

cbbf0c4f7506be1ac333ac9198fd8d6b6b63ddbc1ea20181fff1dd2c619136ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-length: 2275
content-type: text/html; charset=utf-8
date: Thu, 29 Feb 2024 12:16:24 GMT
etag: W/"8e3-1GPUx6/leYAEJiPLxgddGRSl7zk"
expect-ct: max-age=0
expires: 0
pragma: no-cache
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
surrogate-control: no-store
via: 1.1 92d8afc92e3597d245b2f6480cd44220.cloudfront.net (CloudFront)
x-amz-cf-id: 0ZWllsJ34q2cMH3kF7dbJ3TAHp60XLte5isbGYDcaayrFkwzUP-85g==
x-amz-cf-pop: JFK52-P3
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-correlation-id: 02bd6900-8a2c-4ff9-9e21-cbefc5a08a42
x-xss-protection: 0

Redirect headers

cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-length: 506
content-type: text/html; charset=utf-8
date: Thu, 29 Feb 2024 12:16:24 GMT
expect-ct: max-age=0
expires: 0
location: https://coconut.staging.stockfillertech.com/oauth2/authorize?response_type=code&client_id=24hp1cdt1t4te3jgj3fp5eubu4&redirect_uri=https://supplier-admin.staging.stockfillertech.com/_oauth/redirect&state=1850691179094595
pragma: no-cache
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
surrogate-control: no-store
vary: Accept
via: 1.1 84fd743af5e8639c32332cec06beef46.cloudfront.net (CloudFront)
x-amz-cf-id: J0wHuYTm2wqjwetgEYpC0eWNf3sMThQUNUiNykCNjChunjruGagWdw==
x-amz-cf-pop: JFK50-P3
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-correlation-id: 725bf22b-fc25-4f1a-ae08-f1706dc8b720
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1017 B 91ms
33ms Stylesheet
text/css 2607:f8b0:4023:400::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto&display=swap

Requested by

Host: coconut.staging.stockfillertech.com
URL: https://coconut.staging.stockfillertech.com/oauth2/authorize?response_type=code&client_id=24hp1cdt1t4te3jgj3fp5eubu4&redirect_uri=https://supplier-admin.staging.stockfillertech.com/_oauth/redirect&state=1850691179094595

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:400::5f Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

838e680ca964a26c94665951577f3f0902ef54de2ee063d3465f22945dc44afa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
Origin: https://coconut.staging.stockfillertech.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 29 Feb 2024 12:16:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 29 Feb 2024 10:19:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Feb 2024 12:16:24 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 193 KB
70 KB 112ms
55ms Script
application/javascript 2607:f8b0:4023:402::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-49753748-17

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:402::61 Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d7ac8a72bd7f1b3c931a2821dbaa0113bf9348a6506caf7c99792eb3f9b2427d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 12:16:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71607
x-xss-protection: 0
last-modified: Thu, 29 Feb 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 29 Feb 2024 12:16:24 GMT

GET
H2 200 amazon-cognito-advanced-security-data.min.js Show response
amazon-cognito-assets.eu-central-1.amazoncognito.com/ 262 KB
262 KB 29ms
5ms Script
application/javascript 108.138.128.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://amazon-cognito-assets.eu-central-1.amazoncognito.com/amazon-cognito-advanced-security-data.min.js
Requested by: Host: coconut.staging.stockfillertech.com
URL: https://coconut.staging.stockfillertech.com/oauth2/authorize?response_type=code&client_id=24hp1cdt1t4te3jgj3fp5eubu4&redirect_uri=https://supplier-admin.staging.stockfillertech.com/_oauth/redirect&state=1850691179094595
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-126.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 76c8c8dd37624451353be94098f7f7594665abb6b9630049b5a30d9552c0c992

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id: null
date: Wed, 28 Feb 2024 12:59:47 GMT
via: 1.1 6d9771d39a0475d92b50bdd9caae11c2.cloudfront.net (CloudFront)
last-modified: Wed, 29 Nov 2017 21:32:17 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 83798
etag: "f114c0fc11a637cf5e7b845216b144d0"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 267861
x-amz-cf-id: lRMSHbdvVINkIQHH4XY6OzGd7u_tbRCfat18H2ZZa0vEh4tyTYQ5jg==

GET
H2 200 bundle.1f813f34.js Show response
coconut.staging.stockfillertech.com/static/js/ 1 MB
307 KB 476ms
476ms Script
application/javascript 18.238.49.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://coconut.staging.stockfillertech.com/static/js/bundle.1f813f34.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.49.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-49-45.jfk52.r.cloudfront.net

Software

Resource Hash

f1bcec66a179dfaa812edf520f021bcee1446f2473be2eec85450b95a9e72802

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 12:16:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
x-permitted-cross-domain-policies: none
via: 1.1 92d8afc92e3597d245b2f6480cd44220.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P3
surrogate-control: max-age=31536000
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Fri, 20 Oct 2023 09:08:16 GMT
etag: W/"10c366-18b4c57ac00"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: txHHaP86V2juMH5CZJjtNMGajbyXp_3cEH797tkQ2HIsn7bCFSVRSw==
expires: Fri, 28 Feb 2025 12:16:24 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 233 KB
83 KB 55ms
54ms Script
application/javascript 2607:f8b0:4023:402::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P0868FF7TK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-49753748-17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:402::61 Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bbf2e12537ffb6ad21a6c1895dd4391f9b02cdaa19d291c27bf62c2235205513

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 12:16:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84674
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 29 Feb 2024 12:16:24 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 84ms
28ms Script
text/javascript 2607:f8b0:4023:402::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-49753748-17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:402::8b Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 29 Feb 2024 11:05:02 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4282
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 29 Feb 2024 13:05:02 GMT

GET
H2 200 enJson.cb208c38.chunk.js Show response
coconut.staging.stockfillertech.com/static/js/ 3 KB
2 KB 393ms
392ms Script
application/javascript 18.238.49.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://coconut.staging.stockfillertech.com/static/js/enJson.cb208c38.chunk.js

Requested by

Host: coconut.staging.stockfillertech.com
URL: https://coconut.staging.stockfillertech.com/static/js/bundle.1f813f34.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.49.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-49-45.jfk52.r.cloudfront.net

Software

Resource Hash

741977a603d003b1aa29d08f7d7062890fbafb5e4e700eb109d450c59915d34b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 12:16:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
x-permitted-cross-domain-policies: none
via: 1.1 92d8afc92e3597d245b2f6480cd44220.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P3
surrogate-control: max-age=31536000
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Fri, 20 Oct 2023 09:08:16 GMT
etag: W/"bb1-18b4c57ac00"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: sdwvKj-2AXrDRBLqy94roufG6Gy6uRKroVpP4LyeTJWWMoRrlar_mA==
expires: Fri, 28 Feb 2025 12:16:26 GMT

GET
H2 200 gb.c39480d5.svg
coconut.staging.stockfillertech.com/static/media/ 527 B
1 KB 395ms
395ms Image
image/svg+xml 18.238.49.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://coconut.staging.stockfillertech.com/static/media/gb.c39480d5.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.49.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-49-45.jfk52.r.cloudfront.net

Software

Resource Hash

910e4fa63fb7a23d30d59dee2feb08da51a405eb06b38a7e12d18d9b504d13b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://coconut.staging.stockfillertech.com/oauth2/authorize?response_type=code&client_id=24hp1cdt1t4te3jgj3fp5eubu4&redirect_uri=https://supplier-admin.staging.stockfillertech.com/_oauth/redirect&state=1850691179094595
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 12:16:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 92d8afc92e3597d245b2f6480cd44220.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: JFK52-P3
surrogate-control: max-age=31536000
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
content-length: 527
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Fri, 20 Oct 2023 09:08:16 GMT
etag: W/"20f-18b4c57ac00"
expect-ct: max-age=0
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: awdhf819zCwHhPOLpDEmmZgrh_uGEjaREqZxi22PZHn7z994OV3Xuw==
expires: Fri, 28 Feb 2025 12:16:26 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 85ms
27ms Font
font/woff2 2607:f8b0:4023:402::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:402::5e Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://coconut.staging.stockfillertech.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 16:46:58 GMT
x-content-type-options: nosniff
age: 156568
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 16:46:58 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
219 B 32ms
31ms XHR
text/plain 2607:f8b0:4023:402::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=199031361&t=pageview&_s=1&dl=https%3A%2F%2Fcoconut.staging.stockfillertech.com%2Foauth2%2Fauthorize%3Fresponse_type%3Dcode%26client_id%3D24hp1cdt1t4te3jgj3fp5eubu4%26redirect_uri%3Dhttps%3A%2F%2Fsupplier-admin.staging.stockfillertech.com%2F_oauth%2Fredirect%26state%3D1850691179094595&dp=%2Foauth2%2Fauthorize&ul=en-us&de=UTF-8&dt=Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUABAAAAACAAI~&jid=1180627302&gjid=248996296&cid=1096098250.1709208985&tid=UA-49753748-17&_gid=1791378774.1709208985&_r=1&gtm=457e42q1za220&gcd=13l3l3l3l1&dma=0&z=1763515930

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:402::8b Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Feb 2024 12:16:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://coconut.staging.stockfillertech.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f7bd07e6ecb84eeda6c431932ea7ca2ab96638d311457d2831bf1387151cc764

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 29ms
28ms Image
image/gif 2607:f8b0:4023:402::8b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=199031361&t=pageview&_s=2&dl=https%3A%2F%2Fcoconut.staging.stockfillertech.com%2Foauth2%2Fauthorize%3Fresponse_type%3Dcode%26client_id%3D24hp1cdt1t4te3jgj3fp5eubu4%26redirect_uri%3Dhttps%3A%2F%2Fsupplier-admin.staging.stockfillertech.com%2F_oauth%2Fredirect%26state%3D1850691179094595&dp=%2Flogin%2Fsign-in&ul=en-us&de=UTF-8&dt=Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUABAAAAACAAI~&jid=&gjid=&cid=1096098250.1709208985&tid=UA-49753748-17&_gid=1791378774.1709208985&gtm=457e42q1za220&gcd=13l3l3l3l1&dma=0&z=2135018393

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:402::8b Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Feb 2024 10:55:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4847
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 29ms
29ms Image
image/gif 2607:f8b0:4023:402::8b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=199031361&t=pageview&_s=3&dl=https%3A%2F%2Fcoconut.staging.stockfillertech.com%2Foauth2%2Fauthorize%3Fresponse_type%3Dcode%26client_id%3D24hp1cdt1t4te3jgj3fp5eubu4%26redirect_uri%3Dhttps%3A%2F%2Fsupplier-admin.staging.stockfillertech.com%2F_oauth%2Fredirect%26state%3D1850691179094595&dp=%2Flogin%2Fsign-in&ul=en-us&de=UTF-8&dt=Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUABAAAAACAAI~&jid=&gjid=&cid=1096098250.1709208985&tid=UA-49753748-17&_gid=1791378774.1709208985&gtm=457e42q1za220&gcd=13l3l3l3l1&dma=0&z=421119342

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:402::8b Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Feb 2024 10:55:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4847
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.stockfillertech.com/	1969-12-31 23:59:59	Name: omega.supplier-admin.sid Value: s%3Ada6KjahGC3oXUbWRxeqmIbYUsyKNb-4E.IcplJr0P6RGh4%2BJFxGCHm7TYZ5mSk8GMIrEczNpFTO4
.coconut.staging.stockfillertech.com/	1969-12-31 23:59:59	Name: X-XSRF-OMEGA-COCONUT Value: DuNuJpj1-xBQBohhXTqWwVXCsDou9YPTUc8s
.stockfillertech.com/	1969-12-31 23:59:59	Name: omega.coconut.sid Value: s%3A0Zqc5Ad3Cg1gyAjutXWm-mgLRdGY1OBF.P4iK3T7AH1YCT%2BR8i%2FbwBKZ%2BFMwlHlRrJo8p31M33eE
.stockfillertech.com/	1970-01-21 04:22:48	Name: _ga Value: GA1.2.1096098250.1709208985
.stockfillertech.com/	1970-01-20 18:48:15	Name: _gid Value: GA1.2.1791378774.1709208985
.stockfillertech.com/	1970-01-20 18:46:49	Name: _gat_gtag_UA_49753748_17 Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amazon-cognito-assets.eu-central-1.amazoncognito.com
coconut.staging.stockfillertech.com
fonts.googleapis.com
fonts.gstatic.com
supplier-admin.staging.stockfillertech.com
www.google-analytics.com
www.googletagmanager.com
108.138.106.62
108.138.128.126
18.238.49.45
2607:f8b0:4023:400::5f
2607:f8b0:4023:402::5e
2607:f8b0:4023:402::61
2607:f8b0:4023:402::8b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
741977a603d003b1aa29d08f7d7062890fbafb5e4e700eb109d450c59915d34b
76c8c8dd37624451353be94098f7f7594665abb6b9630049b5a30d9552c0c992
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
838e680ca964a26c94665951577f3f0902ef54de2ee063d3465f22945dc44afa
910e4fa63fb7a23d30d59dee2feb08da51a405eb06b38a7e12d18d9b504d13b5
bbf2e12537ffb6ad21a6c1895dd4391f9b02cdaa19d291c27bf62c2235205513
cbbf0c4f7506be1ac333ac9198fd8d6b6b63ddbc1ea20181fff1dd2c619136ee
d7ac8a72bd7f1b3c931a2821dbaa0113bf9348a6506caf7c99792eb3f9b2427d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
f1bcec66a179dfaa812edf520f021bcee1446f2473be2eec85450b95a9e72802
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7bd07e6ecb84eeda6c431932ea7ca2ab96638d311457d2831bf1387151cc764

coconut.staging.stockfillertech.com Open in urlscan Pro 18.238.49.45 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

57 %IPv6

6 Domains

7 Subdomains

7 IPs

1 Countries

767 kBTransfer

1839 kBSize

6 Cookies

1 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

6 Cookies

Security Headers

Indicators

coconut.staging.stockfillertech.com Open in urlscan Pro
18.238.49.45 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

57 %
IPv6

6
Domains

7
Subdomains

7
IPs

1
Countries

767 kB
Transfer

1839 kB
Size

6
Cookies

13 HTTP transactions
1 data transactions