urlscan.io logo urlscan.io
SecurityTrails logo

payments.paystation.co.nz Open in urlscan Pro
3.105.149.157  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://blk46c7y.r.us-west-2.awstrack.me/L0/https:%2F%2Fpayments.paystation.co.nz%2Fpay%2Findex.php%3Fpaystation_id=612852%26gateway_id=F...
Effective URL: https://payments.paystation.co.nz/pay/index.php?paystation_id=612852&gateway_id=FAIRFAX&currency_type=NZD&passed_amount=8736&passe...
Submission: On February 05 via manual from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 6 HTTP transactions. The main IP is 3.105.149.157, located in Sydney, Australia and belongs to AMAZON-02, US. The main domain is payments.paystation.co.nz.
TLS certificate: Issued by Amazon on May 17th 2020. Valid for: a year.
This is the only time payments.paystation.co.nz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.39.127.167 16509 (AMAZON-02)
6 3.105.149.157 16509 (AMAZON-02)
6 1
Apex Domain
Subdomains		 Transfer
6 paystation.co.nz
payments.paystation.co.nz
169 KB
1 awstrack.me
blk46c7y.r.us-west-2.awstrack.me
301 B
6 2
Domain Requested by
6 payments.paystation.co.nz payments.paystation.co.nz
1 blk46c7y.r.us-west-2.awstrack.me 1 redirects
6 2

This site contains no links.

Subject Issuer Validity Valid
*.prod.paystation.co.nz
Amazon		 2020-05-17 -
2021-06-17		 a year crt.sh

This page contains 1 frames:

Primary Page: https://payments.paystation.co.nz/pay/index.php?paystation_id=612852&gateway_id=FAIRFAX&currency_type=NZD&passed_amount=8736&passed_reference=1000052673/1393814
Frame ID: 35730ECB14E5969E14838D1D3FC1F3D5
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://blk46c7y.r.us-west-2.awstrack.me/L0/https:%2F%2Fpayments.paystation.co.nz%2Fpay%2Findex.php%3Fpaystation_id=6... HTTP 302
    https://payments.paystation.co.nz/pay/index.php?paystation_id=612852&gateway_id=FAIRFAX&currency_type=NZD&pass... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

169 kB
Transfer

164 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://blk46c7y.r.us-west-2.awstrack.me/L0/https:%2F%2Fpayments.paystation.co.nz%2Fpay%2Findex.php%3Fpaystation_id=612852%26gateway_id=FAIRFAX%26currency_type=NZD%26passed_amount=8736%26passed_reference=1000052673%2F1393814/1/010101776971268a-cdeb1664-e6e7-42bf-a388-4bc160d6bbba-000000/MTWme7rD9v7syqPkIFNxSQysXlw=199 HTTP 302
    https://payments.paystation.co.nz/pay/index.php?paystation_id=612852&gateway_id=FAIRFAX&currency_type=NZD&passed_amount=8736&passed_reference=1000052673/1393814 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.php
payments.paystation.co.nz/pay/
Redirect Chain
  • https://blk46c7y.r.us-west-2.awstrack.me/L0/https:%2F%2Fpayments.paystation.co.nz%2Fpay%2Findex.php%3Fpaystation_id=612852%26gateway_id=FAIRFAX%26currency_type=NZD%26passed_amount=8736%26passed_ref...
  • https://payments.paystation.co.nz/pay/index.php?paystation_id=612852&gateway_id=FAIRFAX&currency_type=NZD&passed_amount=8736&passed_reference=1000052673/1393814
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://payments.paystation.co.nz/pay/index.php?paystation_id=612852&gateway_id=FAIRFAX&currency_type=NZD&passed_amount=8736&passed_reference=1000052673/1393814
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.105.149.157 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-105-149-157.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
d450a0fe8f37e8a6d7f66de222337168558fcf3817be36907be5d6b65322bf04
Security Headers
Name Value
Content-Security-Policy default-src 'none';script-src 'self' 'unsafe-inline';style-src 'self' 'unsafe-inline' user-themes.paystation.co.nz:*;img-src 'self' user-themes.paystation.co.nz:*;font-src 'self';connect-src 'self';frame-src *;frame-ancestors *;form-action *; script-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=60000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
payments.paystation.co.nz
:scheme
https
:path
/pay/index.php?paystation_id=612852&gateway_id=FAIRFAX&currency_type=NZD&passed_amount=8736&passed_reference=1000052673/1393814
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Feb 2021 01:31:27 GMT
content-type
text/html; charset=UTF-8
server
nginx
content-security-policy
default-src 'none';script-src 'self' 'unsafe-inline';style-src 'self' 'unsafe-inline' user-themes.paystation.co.nz:*;img-src 'self' user-themes.paystation.co.nz:*;font-src 'self';connect-src 'self';frame-src *;frame-ancestors *;form-action *; script-src 'self' 'unsafe-inline'
referrer-policy
no-referrer
strict-transport-security
max-age=60000
x-content-type-options
nosniff
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; layout-animations 'none'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'none'; publickey-credentials 'none'; sync-xhr 'none'; unoptimized-images 'none'; unsized-media 'none'; usb 'none'; xr-spatial-tracking 'none'
x-xss-protection
1; mode=block

Redirect headers

Date
Fri, 05 Feb 2021 01:31:26 GMT
Location
https://payments.paystation.co.nz/pay/index.php?paystation_id=612852&gateway_id=FAIRFAX&currency_type=NZD&passed_amount=8736&passed_reference=1000052673/1393814
Server
Apache-Coyote/1.1
Content-Length
0
Connection
keep-alive
responsive.css
payments.paystation.co.nz/hosted/elements/css/ 		10 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payments.paystation.co.nz/hosted/elements/css/responsive.css?20200904
Requested by
Host: payments.paystation.co.nz
URL: https://payments.paystation.co.nz/pay/index.php?paystation_id=612852&gateway_id=FAIRFAX&currency_type=NZD&passed_amount=8736&passed_reference=1000052673/1393814
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.105.149.157 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-105-149-157.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
56d28b090c4f0e9ea257347d36962c347fc5361ed170493687e062bf0c0afc1f
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=60000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
script-src 'self' 'unsafe-inline'
referrer-policy
no-referrer
last-modified
Mon, 01 Feb 2021 03:01:54 GMT
server
nginx
etag
"60176f22-2685"
date
Fri, 05 Feb 2021 01:31:27 GMT
strict-transport-security
max-age=60000
content-type
text/css
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; layout-animations 'none'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'none'; publickey-credentials 'none'; sync-xhr 'none'; unoptimized-images 'none'; unsized-media 'none'; usb 'none'; xr-spatial-tracking 'none'
x-content-type-options
nosniff
accept-ranges
bytes
content-length
9861
x-xss-protection
1; mode=block
jquery-3.3.1.min.js
payments.paystation.co.nz/hosted/elements/js/ 		85 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments.paystation.co.nz/hosted/elements/js/jquery-3.3.1.min.js
Requested by
Host: payments.paystation.co.nz
URL: https://payments.paystation.co.nz/pay/index.php?paystation_id=612852&gateway_id=FAIRFAX&currency_type=NZD&passed_amount=8736&passed_reference=1000052673/1393814
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.105.149.157 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-105-149-157.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=60000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
script-src 'self' 'unsafe-inline'
referrer-policy
no-referrer
last-modified
Mon, 01 Feb 2021 03:01:54 GMT
server
nginx
etag
"60176f22-1538f"
date
Fri, 05 Feb 2021 01:31:27 GMT
strict-transport-security
max-age=60000
content-type
application/javascript
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; layout-animations 'none'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'none'; publickey-credentials 'none'; sync-xhr 'none'; unoptimized-images 'none'; unsized-media 'none'; usb 'none'; xr-spatial-tracking 'none'
x-content-type-options
nosniff
accept-ranges
bytes
content-length
86927
x-xss-protection
1; mode=block
cleave.min.js
payments.paystation.co.nz/hosted/elements/js/ 		21 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments.paystation.co.nz/hosted/elements/js/cleave.min.js
Requested by
Host: payments.paystation.co.nz
URL: https://payments.paystation.co.nz/pay/index.php?paystation_id=612852&gateway_id=FAIRFAX&currency_type=NZD&passed_amount=8736&passed_reference=1000052673/1393814
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.105.149.157 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-105-149-157.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
7eb194c2648de022cb8f29399b9f4409d5ec0cc5314d6e4eea175c78d1d5089a
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=60000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
script-src 'self' 'unsafe-inline'
referrer-policy
no-referrer
last-modified
Mon, 01 Feb 2021 03:01:54 GMT
server
nginx
etag
"60176f22-528d"
date
Fri, 05 Feb 2021 01:31:27 GMT
strict-transport-security
max-age=60000
content-type
application/javascript
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; layout-animations 'none'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'none'; publickey-credentials 'none'; sync-xhr 'none'; unoptimized-images 'none'; unsized-media 'none'; usb 'none'; xr-spatial-tracking 'none'
x-content-type-options
nosniff
accept-ranges
bytes
content-length
21133
x-xss-protection
1; mode=block
paystation.js
payments.paystation.co.nz/hosted/elements/js/ 		32 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments.paystation.co.nz/hosted/elements/js/paystation.js?20200904
Requested by
Host: payments.paystation.co.nz
URL: https://payments.paystation.co.nz/pay/index.php?paystation_id=612852&gateway_id=FAIRFAX&currency_type=NZD&passed_amount=8736&passed_reference=1000052673/1393814
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.105.149.157 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-105-149-157.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
72bbd10540066a704095315fdfbb29b8a8cab9e7157f437b07a4ea16abd2775d
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=60000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
script-src 'self' 'unsafe-inline'
referrer-policy
no-referrer
last-modified
Tue, 02 Feb 2021 02:17:24 GMT
server
nginx
etag
"6018b634-812a"
date
Fri, 05 Feb 2021 01:31:27 GMT
strict-transport-security
max-age=60000
content-type
application/javascript
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; layout-animations 'none'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'none'; publickey-credentials 'none'; sync-xhr 'none'; unoptimized-images 'none'; unsized-media 'none'; usb 'none'; xr-spatial-tracking 'none'
x-content-type-options
nosniff
accept-ranges
bytes
content-length
33066
x-xss-protection
1; mode=block
paystation_logo.svg
payments.paystation.co.nz/hosted/elements/img/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payments.paystation.co.nz/hosted/elements/img/paystation_logo.svg
Requested by
Host: payments.paystation.co.nz
URL: https://payments.paystation.co.nz/hosted/elements/css/responsive.css?20200904
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.105.149.157 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-105-149-157.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a6ba2e449832cfc373ee943c2c9c88576778398a9a5fe3189f077d8382828a77
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=60000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
script-src 'self' 'unsafe-inline'
referrer-policy
no-referrer
last-modified
Mon, 01 Feb 2021 03:01:54 GMT
server
nginx
etag
"60176f22-3bd9"
date
Fri, 05 Feb 2021 01:31:29 GMT
strict-transport-security
max-age=60000
content-type
image/svg+xml
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; layout-animations 'none'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'none'; publickey-credentials 'none'; sync-xhr 'none'; unoptimized-images 'none'; unsized-media 'none'; usb 'none'; xr-spatial-tracking 'none'
x-content-type-options
nosniff
accept-ranges
bytes
content-length
15321
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| Cleave object| _css string| _ajaxUrl string| _backgroundColour object| _lookupTimeout boolean| _futurePay boolean| _saveOnly boolean| _enforceCVC boolean| _enforceExpiry object| _initialResponse boolean| _polling boolean| _demoMode boolean| _isSafari function| setStyle function| luhnCheckSum function| getCardType function| formatFourPadding function| setNumericInput function| setExpiryDateInput function| inIframe function| setHostedKey function| setBackgroundColour function| confirmExit function| pollPaymentLookup function| setInputValid function| validateExpiry function| validateCardInput function| validateCvcInput function| onCardDetailsResponse function| setDisplayAmount function| setResultMessage function| showResult function| transactionTimedOut function| htmlEncode function| stopPolling function| onPaymentLookupResponse function| onPaymentButtonResponse function| ifTransactionFinishedDisplayResult function| post function| setPaymentMethod function| initPaymentPage function| closeIframe function| onCheckVersionResponse function| toggleLoaderScreen function| togglePaymentScreen function| authenticationResponse function| verify3DSResponse function| cardDetails function| paymentLookup function| submitForm function| poliTransaction function| unionPayTransaction function| visaCheckoutTransaction function| getBrowserData

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'none';script-src 'self' 'unsafe-inline';style-src 'self' 'unsafe-inline' user-themes.paystation.co.nz:*;img-src 'self' user-themes.paystation.co.nz:*;font-src 'self';connect-src 'self';frame-src *;frame-ancestors *;form-action *; script-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=60000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block