eu.termsync.com - urlscan.io

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 6 HTTP transactions. The main IP is 15.236.245.208, located in Paris, France and belongs to AMAZON-02, US. The main domain is eu.termsync.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on March 27th 2023. Valid for: a year.

This is the only time eu.termsync.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	34.237.219.119 34.237.219.119	14618 (AMAZON-AES) (AMAZON-AES)
1	15.236.245.208 15.236.245.208	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:225... 2600:9000:2251:8e00:b:a0f1:16c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.95.156.7 52.95.156.7	16509 (AMAZON-02) (AMAZON-02)
6	3

1 34.237.219.119 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-219-119.compute-1.amazonaws.com

go.zipwater.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.236.245.208 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-245-208.eu-west-3.compute.amazonaws.com

eu.termsync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2251:8e00:b:a0f1:16c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.eu.termsync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.95.156.7 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: s3-w.eu-west-3.amazonaws.com

termsync-eu-prod-fs.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	termsync.com eu.termsync.com cdn.eu.termsync.com	425 KB
1	amazonaws.com termsync-eu-prod-fs.s3.amazonaws.com	36 KB
1	zipwater.com 1 redirects go.zipwater.com	607 B
6	3

	Domain	Requested by
4	cdn.eu.termsync.com	eu.termsync.com cdn.eu.termsync.com
1	termsync-eu-prod-fs.s3.amazonaws.com	eu.termsync.com
1	eu.termsync.com
1	go.zipwater.com	1 redirects
6	4

This site contains no links.

Subject Issuer	Validity	Valid
eu.termsync.com Amazon RSA 2048 M02	`2023-03-27` - `2024-04-25`	a year	crt.sh
cdn.eu.termsync.com Amazon RSA 2048 M02	`2023-02-21` - `2024-03-22`	a year	crt.sh
*.s3.amazonaws.com Amazon	`2022-09-21` - `2023-08-26`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://eu.termsync.com/invoiceassist/ZipWater-CustomerPortal
Frame ID: F7DDDF79F1F3B843959D4AF73FA63BC9
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TermSync™

Page URL History Show full URLs

https://go.zipwater.com/e/556612/assist-ZipWater-CustomerPortal/hj6qx6/1161173591?h=XSQZ04ztHoThXehN... HTTP 301
https://eu.termsync.com/invoiceassist/ZipWater-CustomerPortal Page URL

Detected technologies

Stimulus (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-controller

Page Statistics

6
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

460 kB
Transfer

2516 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://go.zipwater.com/e/556612/assist-ZipWater-CustomerPortal/hj6qx6/1161173591?h=XSQZ04ztHoThXehNcwEqGyBlv_Dxtd-cvDGf5vayKks HTTP 301
https://eu.termsync.com/invoiceassist/ZipWater-CustomerPortal Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request ZipWater-CustomerPortal Show response
eu.termsync.com/invoiceassist/
Redirect Chain

https://go.zipwater.com/e/556612/assist-ZipWater-CustomerPortal/hj6qx6/1161173591?h=XSQZ04ztHoThXehNcwEqGyBlv_Dxtd-cvDGf5vayKks
https://eu.termsync.com/invoiceassist/ZipWater-CustomerPortal

7 KB
4 KB

324ms
110ms

Document
text/html

15.236.245.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu.termsync.com/invoiceassist/ZipWater-CustomerPortal

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.236.245.208 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-245-208.eu-west-3.compute.amazonaws.com

Software

Apache /

Resource Hash

88f87c15fa7ae71d3f000fde7ff8b2eea0fcdcbd8fffb28d87f17c2ba136b8d9

Security Headers

Name	Value
Content-Security-Policy	child-src 'self' https://.docusign.com https://.docusign.net https://.trustcommerce.com https://.slimpay.net https://.slimpay.com https://.windriverfinancialgateway.com
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	child-src 'self' https://.docusign.com https://.docusign.net https://.trustcommerce.com https://.slimpay.net https://.slimpay.com https://.windriverfinancialgateway.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, no-store
content-encoding: gzip
content-length: 2753
content-security-policy: child-src 'self' https://*.docusign.com https://*.docusign.net https://*.trustcommerce.com https://*.slimpay.net https://*.slimpay.com https://*.windriverfinancialgateway.com
content-type: text/html; charset=utf-8
date: Thu, 06 Apr 2023 12:44:53 GMT
etag: W/"88f87c15fa7ae71d3f000fde7ff8b2ee-gzip"
link: <https://cdn.eu.termsync.com:443/assets/v3/invoice_assist_portal-e9625f5c07682fc64b6ab41bfac908a0a7c5fbcb9de833782fb532237b0eca8b.css>; rel=preload; as=style; nopush,<https://cdn.eu.termsync.com:443/packs/js/application-d029443d71a61543c6a3.js>; rel=preload; as=script; nopush
referrer-policy: strict-origin-when-cross-origin
server: Apache
status: 200 OK
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-security-policy: child-src 'self' https://*.docusign.com https://*.docusign.net https://*.trustcommerce.com https://*.slimpay.net https://*.slimpay.com https://*.windriverfinancialgateway.com
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 9b199489-1ebf-4e43-a7ca-01fb29be10c7
x-runtime: 0.092163
x-webkit-csp: child-src 'self' https://*.docusign.com https://*.docusign.net https://*.trustcommerce.com https://*.slimpay.net https://*.slimpay.com https://*.windriverfinancialgateway.com
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 131
Content-Type: text/html; charset=UTF-8
Date: Thu, 06 Apr 2023 12:44:52 GMT
Server: PardotServer
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
cache-control: max-age=63072000
content-encoding: gzip
expires: Sat, 05 Apr 2025 12:44:52 GMT
location: https://eu.termsync.com/invoiceassist/ZipWater-CustomerPortal
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
vary: Accept-Encoding,User-Agent

GET
H2 200 invoice_assist_portal-e9625f5c07682fc64b6ab41bfac908a0a7c5fbcb9de833782fb532237b0eca8b.css
cdn.eu.termsync.com/assets/v3/ 4 KB
2 KB 100ms
9ms Stylesheet
text/css 2600:9000:2251:8e00:b:a0f1:16c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.eu.termsync.com/assets/v3/invoice_assist_portal-e9625f5c07682fc64b6ab41bfac908a0a7c5fbcb9de833782fb532237b0eca8b.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:8e00:b:a0f1:16c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e9625f5c07682fc64b6ab41bfac908a0a7c5fbcb9de833782fb532237b0eca8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.termsync.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 09:18:31 GMT
content-encoding: br
via: 1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
last-modified: Thu, 01 Dec 2022 14:08:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 98783
etag: W/"0f2cfac81475f1628a8909e9e04e3673"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000,public
x-amz-cf-id: lcZXnNnvb2NDvbKecNNnaNSeAnGbk3GbJFpDt345rwaJdVrjrfQuHg==

GET
H2 200 application-d029443d71a61543c6a3.js Show response
cdn.eu.termsync.com/packs/js/ 2 MB
395 KB 99ms
8ms Script
application/javascript 2600:9000:2251:8e00:b:a0f1:16c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.eu.termsync.com/packs/js/application-d029443d71a61543c6a3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:8e00:b:a0f1:16c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cd5079f2910402a5e0f049b07e49c709d82c091eb5c17258151fbc041dbea3eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.termsync.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 17:05:52 GMT
content-encoding: br
via: 1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
last-modified: Wed, 05 Apr 2023 16:44:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 70742
etag: W/"94c61e30e507e55f14fcf60fab8165a7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: WO1n6DaFuBOp53mD2k4z8cjlIUvrVxYdLMlGibvSQIpgisWOAU1g6Q==

GET
H/1.1 200
OK Primary_logo_CMYK_jpeg_%28larger%29.png
termsync-eu-prod-fs.s3.amazonaws.com/37574442-01/logo/ 35 KB
36 KB 169ms
86ms Image
image/png 52.95.156.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://termsync-eu-prod-fs.s3.amazonaws.com/37574442-01/logo/Primary_logo_CMYK_jpeg_%28larger%29.png?1680170833
Requested by: Host: eu.termsync.com
URL: https://eu.termsync.com/invoiceassist/ZipWater-CustomerPortal
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.156.7 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-w.eu-west-3.amazonaws.com
Software: AmazonS3 /
Resource Hash: b6d0e59c3817e1c074ce97c853e33a5df203050e951f665a088425ec1c4dbe95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.termsync.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 06 Apr 2023 12:44:54 GMT
x-amz-version-id: 8mcmPHvr.Dt0rdiFXusEWtRGAXEhQp6P
Last-Modified: Thu, 30 Mar 2023 10:07:15 GMT
Server: AmazonS3
x-amz-request-id: 773YWQF9KXSNA3H9
ETag: "58889193e7619f3fa80ade9f9be8f3bf"
x-amz-server-side-encryption: AES256
Content-Type: image/png
x-amz-replication-status: FAILED
Accept-Ranges: bytes
Content-Length: 35952
x-amz-id-2: Bor3dgaiSD5MqhJkUfxUqI7TA5toeEV5lmEvgXcR0ewzlLF6V6tH1tHBzhef6R3zcoXA9HrYrGY=

GET
H2 200 logo_ts_esker-5bc8a66f61bbd6d825acfbf35ce2d659ab46a5a2575873713eeb327eb57af552.png
cdn.eu.termsync.com/assets/ 12 KB
12 KB 9ms
9ms Image
image/png 2600:9000:2251:8e00:b:a0f1:16c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.eu.termsync.com/assets/logo_ts_esker-5bc8a66f61bbd6d825acfbf35ce2d659ab46a5a2575873713eeb327eb57af552.png
Requested by: Host: eu.termsync.com
URL: https://eu.termsync.com/invoiceassist/ZipWater-CustomerPortal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:8e00:b:a0f1:16c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5bc8a66f61bbd6d825acfbf35ce2d659ab46a5a2575873713eeb327eb57af552

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.termsync.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 09:18:31 GMT
via: 1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
last-modified: Tue, 17 May 2022 19:17:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 98783
etag: "cd01a3949daa1048fdf02b9895bad12c"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000,public
accept-ranges: bytes
content-length: 11939
x-amz-cf-id: UyfLwn-WfM7wvgNYdu0EOaIyW1QM0xFifgfJrnEbeNwzgO2AteVITA==

GET
H2 200 logo_ts_esker_white-1d725b308be19a2896395a3f34318b5232bbde9c9dbebd3fdec9a87532530fcd.png
cdn.eu.termsync.com/assets/ 11 KB
12 KB 8ms
7ms Image
image/png 2600:9000:2251:8e00:b:a0f1:16c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.eu.termsync.com/assets/logo_ts_esker_white-1d725b308be19a2896395a3f34318b5232bbde9c9dbebd3fdec9a87532530fcd.png
Requested by: Host: cdn.eu.termsync.com
URL: https://cdn.eu.termsync.com/assets/v3/invoice_assist_portal-e9625f5c07682fc64b6ab41bfac908a0a7c5fbcb9de833782fb532237b0eca8b.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:8e00:b:a0f1:16c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d725b308be19a2896395a3f34318b5232bbde9c9dbebd3fdec9a87532530fcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.eu.termsync.com/assets/v3/invoice_assist_portal-e9625f5c07682fc64b6ab41bfac908a0a7c5fbcb9de833782fb532237b0eca8b.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 08:50:06 GMT
via: 1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
last-modified: Tue, 17 May 2022 19:17:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 12282888
etag: "cf62aba744997be18ed6ee221308749e"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000,public
accept-ranges: bytes
content-length: 11718
x-amz-cf-id: 2sA0XlkXOeNGNcAR7ab6DR-_DktRFMc7XdgGfZoz8JtLzAsCfNW-sA==

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.termsync.com/	1969-12-31 23:59:59	Name: eu_prod_session_id Value: e913185c5d8a453a1d948ce537c10825

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	child-src 'self' https://.docusign.com https://.docusign.net https://.trustcommerce.com https://.slimpay.net https://.slimpay.com https://.windriverfinancialgateway.com
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	child-src 'self' https://.docusign.com https://.docusign.net https://.trustcommerce.com https://.slimpay.net https://.slimpay.com https://.windriverfinancialgateway.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.eu.termsync.com
eu.termsync.com
go.zipwater.com
termsync-eu-prod-fs.s3.amazonaws.com
15.236.245.208
2600:9000:2251:8e00:b:a0f1:16c0:93a1
34.237.219.119
52.95.156.7
1d725b308be19a2896395a3f34318b5232bbde9c9dbebd3fdec9a87532530fcd
5bc8a66f61bbd6d825acfbf35ce2d659ab46a5a2575873713eeb327eb57af552
88f87c15fa7ae71d3f000fde7ff8b2eea0fcdcbd8fffb28d87f17c2ba136b8d9
b6d0e59c3817e1c074ce97c853e33a5df203050e951f665a088425ec1c4dbe95
cd5079f2910402a5e0f049b07e49c709d82c091eb5c17258151fbc041dbea3eb
e9625f5c07682fc64b6ab41bfac908a0a7c5fbcb9de833782fb532237b0eca8b

eu.termsync.com Open in urlscan Pro 15.236.245.208 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

6 Requests

100 %HTTPS

25 %IPv6

3 Domains

4 Subdomains

3 IPs

2 Countries

460 kBTransfer

2516 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

eu.termsync.com Open in urlscan Pro
15.236.245.208 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

460 kB
Transfer

2516 kB
Size

1
Cookies

6 HTTP transactions
0 data transactions