partner-portal.davosalestax.com Open in urlscan Pro
52.85.92.94 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://partner-portal.davosalestax.com/
Submission: On February 06 via manual (February 6th 2024, 11:21:31 am UTC) from IN — Scanned from DE

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 14 HTTP transactions. The main IP is 52.85.92.94, located in United States and belongs to AMAZON-02, US. The main domain is partner-portal.davosalestax.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on August 28th 2023. Valid for: a year.

This is the only time partner-portal.davosalestax.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	52.85.92.94 52.85.92.94	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
4	23.21.162.33 23.21.162.33	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
14	4

6 52.85.92.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-92-94.ham50.r.cloudfront.net

partner-portal.davosalestax.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.21.162.33 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-162-33.compute-1.amazonaws.com

d30api.davosalestax.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	davosalestax.com partner-portal.davosalestax.com d30api.davosalestax.com	681 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	2 KB
1	gstatic.com fonts.gstatic.com	19 KB
14	3

	Domain	Requested by
6	partner-portal.davosalestax.com	partner-portal.davosalestax.com
4	d30api.davosalestax.com	partner-portal.davosalestax.com
3	fonts.googleapis.com	partner-portal.davosalestax.com
1	fonts.gstatic.com	fonts.googleapis.com
14	4

This site contains no links.

Subject Issuer	Validity	Valid
partner-portal.davosalestax.com Amazon RSA 2048 M01	`2023-08-28` - `2024-09-25`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
d30api.davosalestax.com Amazon RSA 2048 M03	`2023-08-28` - `2024-09-25`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://partner-portal.davosalestax.com/
Frame ID: AAB967F993113741B93916C6ABE09F08
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DAVO Partner Portal

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

14
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

702 kB
Transfer

2448 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
partner-portal.davosalestax.com/ 1 KB
1 KB 499ms
428ms Document
text/html 52.85.92.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://partner-portal.davosalestax.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.92.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-92-94.ham50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

6813b427b5eed8f2d0b16b682a585d4af0a7e46248918f8a59baed752f14347a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-security-policy: frame-ancestors 'none'
content-type: text/html
date: Tue, 06 Feb 2024 11:21:28 GMT
etag: W/"440f050b1b20da874d9c13d5f11334c7"
last-modified: Mon, 05 Feb 2024 18:54:49 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
via: 1.1 9ed78f83b2bb44dc950eb2bc8dff85f0.cloudfront.net (CloudFront)
x-amz-cf-id: KZVIO7uwYlIQmEWw5mbL6mCuMEoMci4YtqODiM2CgYY9tqT56lJ2OQ==
x-amz-cf-pop: HAM50-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 index.ddebf7e7.css
partner-portal.davosalestax.com/ 12 KB
3 KB 71ms
70ms Stylesheet
text/css 52.85.92.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://partner-portal.davosalestax.com/index.ddebf7e7.css

Requested by

Host: partner-portal.davosalestax.com
URL: https://partner-portal.davosalestax.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.92.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-92-94.ham50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

72440e58b965d50f80a4ea17a2d378fb8a0f7dc02f875e6b1f57e30dc6a59c4a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://partner-portal.davosalestax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 12:10:24 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'
content-encoding: gzip
via: 1.1 9ed78f83b2bb44dc950eb2bc8dff85f0.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C1
x-amz-server-side-encryption: AES256
age: 83464
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 11 Jan 2024 17:02:09 GMT
server: AmazonS3
etag: W/"bc59df3d00dda77f7e7609d5b8e7aed6"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
x-amz-cf-id: u7QR3_EmT9vRnDUdbJDNAWTW97M3GdD_sh6l4LOojrXAeM6EXclNUA==

GET
H2 200 index.runtime.0d76ea85.js Show response
partner-portal.davosalestax.com/ 3 KB
2 KB 15ms
15ms Script
application/javascript 52.85.92.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://partner-portal.davosalestax.com/index.runtime.0d76ea85.js

Requested by

Host: partner-portal.davosalestax.com
URL: https://partner-portal.davosalestax.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.92.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-92-94.ham50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4b15ca8d658b21740ad28082070aae9686a26ba61b6516858d9c803ced01a1b0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://partner-portal.davosalestax.com/
Origin: https://partner-portal.davosalestax.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 06:23:31 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'
content-encoding: gzip
via: 1.1 9ed78f83b2bb44dc950eb2bc8dff85f0.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C1
x-amz-server-side-encryption: AES256
age: 17877
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 05 Feb 2024 18:54:43 GMT
server: AmazonS3
etag: W/"953d0b335f9b137a0d5bd912a1fe65b3"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
x-amz-cf-id: eAjUcm9sPkx8_WY9VRKcm3OKk0zNvDCJxi7aEtuTcy702731ceZOxQ==

GET
H2 200 css
fonts.googleapis.com/ 6 KB
779 B 186ms
76ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500

Requested by

Host: partner-portal.davosalestax.com
URL: https://partner-portal.davosalestax.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7abab7a5fed6d1eb8dcfed4e7f6bfcbc1a1a1dfbf95d281b008f04245b26c769

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://partner-portal.davosalestax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 06 Feb 2024 11:21:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 09:23:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Feb 2024 11:21:27 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
439 B 171ms
61ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: partner-portal.davosalestax.com
URL: https://partner-portal.davosalestax.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

452410fef223a412e5608205fc069ecc35a4d919b413b3422a714a17ebfd0651

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://partner-portal.davosalestax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 06 Feb 2024 11:21:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 11:21:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Feb 2024 11:21:27 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1012 B 170ms
60ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Rubik&display=swap

Requested by

Host: partner-portal.davosalestax.com
URL: https://partner-portal.davosalestax.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0c5ef99b072e33db9aa57c3e8f5b77dd09c6d6b905331f69768f0b0413be78fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://partner-portal.davosalestax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 06 Feb 2024 11:21:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 10:34:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Feb 2024 11:21:27 GMT

GET
H2 200 index.fd7c7fbb.js Show response
partner-portal.davosalestax.com/ 2 MB
657 KB 17ms
17ms Script
application/javascript 52.85.92.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://partner-portal.davosalestax.com/index.fd7c7fbb.js

Requested by

Host: partner-portal.davosalestax.com
URL: https://partner-portal.davosalestax.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.92.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-92-94.ham50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e7cb75e5bdb5001ad25840a6d570dab6fa74ac431b59078ee6ad5cc6bcde016e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://partner-portal.davosalestax.com/
Origin: https://partner-portal.davosalestax.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 06:23:31 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'
content-encoding: gzip
via: 1.1 9ed78f83b2bb44dc950eb2bc8dff85f0.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C1
x-amz-server-side-encryption: AES256
age: 17877
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 05 Feb 2024 18:54:43 GMT
server: AmazonS3
etag: W/"006466817ee212cad7bdabef5307e25c"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
x-amz-cf-id: k28RwLeNdW-XibHLffuGflcoca2Yz0XcKdAg5WwApgijXFsoe59m8A==

OPTIONS
H2 204 config
d30api.davosalestax.com/api/partner/ 0
0 341ms
103ms Preflight 23.21.162.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://d30api.davosalestax.com/api/partner/config

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.21.162.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-21-162-33.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' www.googletagmanager.com www.google-analytics.com stats.g.doubleclick.net cdnjs.cloudflare.com cdn.jsdelivr.net 'unsafe-inline';connect-src 'self' www.google-analytics.com;img-src 'self' data: www.google-analytics.com;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://partner-portal.davosalestax.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://partner-portal.davosalestax.com
content-security-policy: script-src 'self' www.googletagmanager.com www.google-analytics.com stats.g.doubleclick.net cdnjs.cloudflare.com cdn.jsdelivr.net 'unsafe-inline';connect-src 'self' www.google-analytics.com;img-src 'self' data: www.google-analytics.com;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Tue, 06 Feb 2024 11:21:27 GMT
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Headers
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

OPTIONS
H2 204 current-user
d30api.davosalestax.com/authenticate/ 0
0 343ms
105ms Preflight 23.21.162.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://d30api.davosalestax.com/authenticate/current-user

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.21.162.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-21-162-33.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' www.googletagmanager.com www.google-analytics.com stats.g.doubleclick.net cdnjs.cloudflare.com cdn.jsdelivr.net 'unsafe-inline';connect-src 'self' www.google-analytics.com;img-src 'self' data: www.google-analytics.com;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://partner-portal.davosalestax.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://partner-portal.davosalestax.com
content-security-policy: script-src 'self' www.googletagmanager.com www.google-analytics.com stats.g.doubleclick.net cdnjs.cloudflare.com cdn.jsdelivr.net 'unsafe-inline';connect-src 'self' www.google-analytics.com;img-src 'self' data: www.google-analytics.com;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Tue, 06 Feb 2024 11:21:27 GMT
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Headers
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 200 config Show response
d30api.davosalestax.com/api/partner/ 105 B
958 B 111ms
111ms Fetch
application/json 23.21.162.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://d30api.davosalestax.com/api/partner/config

Requested by

Host: partner-portal.davosalestax.com
URL: https://partner-portal.davosalestax.com/index.fd7c7fbb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.21.162.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-21-162-33.compute-1.amazonaws.com

Software

Resource Hash

da10dc2d1bbbc49ae655039d547d408a5ac2aca7aef48af198f5bd2da9706196

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' www.googletagmanager.com www.google-analytics.com stats.g.doubleclick.net cdnjs.cloudflare.com cdn.jsdelivr.net 'unsafe-inline';connect-src 'self' www.google-analytics.com;img-src 'self' data: www.google-analytics.com;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://partner-portal.davosalestax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
content-type: application/json

Response headers

date: Tue, 06 Feb 2024 11:21:28 GMT
content-security-policy: script-src 'self' www.googletagmanager.com www.google-analytics.com stats.g.doubleclick.net cdnjs.cloudflare.com cdn.jsdelivr.net 'unsafe-inline';connect-src 'self' www.google-analytics.com;img-src 'self' data: www.google-analytics.com;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: require-corp
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
content-length: 105
x-xss-protection: 0
referrer-policy: no-referrer
cross-origin-opener-policy: same-origin
etag: W/"69-LRWOuiBL9rUznerAt9S1ym/LfH8"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://partner-portal.davosalestax.com
origin-agent-cluster: ?1

GET
H2 200 current-user Show response
d30api.davosalestax.com/authenticate/ 13 B
894 B 312ms
110ms Fetch
application/json 23.21.162.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://d30api.davosalestax.com/authenticate/current-user

Requested by

Host: partner-portal.davosalestax.com
URL: https://partner-portal.davosalestax.com/index.fd7c7fbb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.21.162.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-21-162-33.compute-1.amazonaws.com

Software

Resource Hash

2e7fe66d0f26a4cc5aaad5f34dba496c7988c175f79b24dcfa414a1dba289c0a

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' www.googletagmanager.com www.google-analytics.com stats.g.doubleclick.net cdnjs.cloudflare.com cdn.jsdelivr.net 'unsafe-inline';connect-src 'self' www.google-analytics.com;img-src 'self' data: www.google-analytics.com;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://partner-portal.davosalestax.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
content-type: application/json

Response headers

date: Tue, 06 Feb 2024 11:21:28 GMT
content-security-policy: script-src 'self' www.googletagmanager.com www.google-analytics.com stats.g.doubleclick.net cdnjs.cloudflare.com cdn.jsdelivr.net 'unsafe-inline';connect-src 'self' www.google-analytics.com;img-src 'self' data: www.google-analytics.com;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: require-corp
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
content-length: 13
x-xss-protection: 0
referrer-policy: no-referrer
cross-origin-opener-policy: same-origin
etag: W/"d-O3i+ap2cff5bxhPRN8PyzcjObvA"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://partner-portal.davosalestax.com
origin-agent-cluster: ?1
access-control-allow-credentials: true

GET
H2 200 davo_logo.f42f5f04.png
partner-portal.davosalestax.com/ 7 KB
8 KB 15ms
15ms Image
image/png 52.85.92.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://partner-portal.davosalestax.com/davo_logo.f42f5f04.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.92.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-92-94.ham50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

8210b03e10dd7687019a5b1f86d03a66b5e03f2097e96e1abdfc04736a24a438

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://partner-portal.davosalestax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 12:10:26 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'
via: 1.1 9ed78f83b2bb44dc950eb2bc8dff85f0.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C1
age: 83462
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 7232
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 23 Oct 2023 15:51:34 GMT
server: AmazonS3
etag: "1b8b43de6193f1f6480a9f6faa222e38"
x-frame-options: DENY
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: s32jgWA_KrpdlD_gEdLyObMWHLpvcSsqymSL_X27-GOA_923E_cUnw==

GET
H2 200 iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFV0U1.woff2
fonts.gstatic.com/s/rubik/v28/ 18 KB
19 KB 163ms
52ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFV0U1.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c87fcac153783ea615f856ad1c0e12791952c39b8ddde7f11fa3d47c0a3b3998

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://partner-portal.davosalestax.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 10:43:37 GMT
x-content-type-options: nosniff
age: 88670
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18856
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 16:30:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Feb 2025 10:43:37 GMT

GET
H2 200 davo_logo.f42f5f04.png
partner-portal.davosalestax.com/ 7 KB
8 KB 16ms
15ms Image
image/png 52.85.92.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://partner-portal.davosalestax.com/davo_logo.f42f5f04.png

Requested by

Host: partner-portal.davosalestax.com
URL: https://partner-portal.davosalestax.com/index.fd7c7fbb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.92.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-92-94.ham50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

8210b03e10dd7687019a5b1f86d03a66b5e03f2097e96e1abdfc04736a24a438

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://partner-portal.davosalestax.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 12:10:26 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'
via: 1.1 9ed78f83b2bb44dc950eb2bc8dff85f0.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C1
age: 83463
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 7232
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 23 Oct 2023 15:51:34 GMT
server: AmazonS3
etag: "1b8b43de6193f1f6480a9f6faa222e38"
x-frame-options: DENY
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: 7pYbJJqJMKgL2CPkaHFNBbFFnciB7mad-WPs_YSf4UzlmfpBYQWYQQ==

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| parcelRequire4796 number| 2f1acc6c3a606b082e5eef5e54414ffb object| __SENTRY__

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d30api.davosalestax.com
fonts.googleapis.com
fonts.gstatic.com
partner-portal.davosalestax.com
23.21.162.33
2a00:1450:4001:80b::200a
2a00:1450:4001:831::2003
52.85.92.94
0c5ef99b072e33db9aa57c3e8f5b77dd09c6d6b905331f69768f0b0413be78fc
2e7fe66d0f26a4cc5aaad5f34dba496c7988c175f79b24dcfa414a1dba289c0a
452410fef223a412e5608205fc069ecc35a4d919b413b3422a714a17ebfd0651
4b15ca8d658b21740ad28082070aae9686a26ba61b6516858d9c803ced01a1b0
6813b427b5eed8f2d0b16b682a585d4af0a7e46248918f8a59baed752f14347a
72440e58b965d50f80a4ea17a2d378fb8a0f7dc02f875e6b1f57e30dc6a59c4a
7abab7a5fed6d1eb8dcfed4e7f6bfcbc1a1a1dfbf95d281b008f04245b26c769
8210b03e10dd7687019a5b1f86d03a66b5e03f2097e96e1abdfc04736a24a438
c87fcac153783ea615f856ad1c0e12791952c39b8ddde7f11fa3d47c0a3b3998
da10dc2d1bbbc49ae655039d547d408a5ac2aca7aef48af198f5bd2da9706196
e7cb75e5bdb5001ad25840a6d570dab6fa74ac431b59078ee6ad5cc6bcde016e

partner-portal.davosalestax.com Open in urlscan Pro 52.85.92.94 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

50 %IPv6

3 Domains

4 Subdomains

4 IPs

2 Countries

702 kBTransfer

2448 kBSize

0 Cookies

0 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

partner-portal.davosalestax.com Open in urlscan Pro
52.85.92.94 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

702 kB
Transfer

2448 kB
Size

0
Cookies

14 HTTP transactions
0 data transactions