urlscan.io logo urlscan.io
SecurityTrails logo

payment-api-dev.drbridge.org Open in urlscan Pro
2606:4700::6813:db01  Public Scan

Go To Rescan Add Verdict Report
URL: https://payment-api-dev.drbridge.org/
Submission: On September 05 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 8 HTTP transactions. The main IP is 2606:4700::6813:db01, located in United States and belongs to CLOUDFLARENET, US. The main domain is payment-api-dev.drbridge.org.
TLS certificate: Issued by WE1 on August 27th 2024. Valid for: 3 months.
This is the only time payment-api-dev.drbridge.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 9 2606:4700::68... 13335 (CLOUDFLAR...)
8 1
Apex Domain
Subdomains		 Transfer
9 drbridge.org
payment-api-dev.drbridge.org
100 KB
8 1
Domain Requested by
9 payment-api-dev.drbridge.org 1 redirects payment-api-dev.drbridge.org
8 1

This site contains links to these domains. Also see Links.

Domain
asp.net
go.microsoft.com
Subject Issuer Validity Valid
payment-api-dev.drbridge.org
WE1		 2024-08-27 -
2024-11-25		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://payment-api-dev.drbridge.org/
Frame ID: 5A3FCA712C89BA7A1860EDD13D28B5FF
Requests: 6 HTTP requests in this frame

Frame: https://payment-api-dev.drbridge.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/a5b175b00260/main.js
Frame ID: F89E43DA204D3B829A0BC3239FE37478
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home Page

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

8
Requests

88 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

100 kB
Transfer

292 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://payment-api-dev.drbridge.org/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://payment-api-dev.drbridge.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/a5b175b00260/main.js

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
payment-api-dev.drbridge.org/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://payment-api-dev.drbridge.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:db01 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
273adfa3678e6509bad4054eee2f0785b984bd83a198d26f5bd2a1d967d9470a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Authorization,cache-control,postman-token
access-control-allow-methods
GET, POST, PUT, DELETE
access-control-allow-origin
*
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
8be1f370cc29d374-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 05 Sep 2024 00:02:31 GMT
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-aspnetmvc-version
5.2
x-powered-by
ASP.NET
css
payment-api-dev.drbridge.org/Content/ 		118 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment-api-dev.drbridge.org/Content/css?v=wsY4eiW9QSpK69Gagy2TurKDaD2CKhsHpIFio-6wrMo1
Requested by
Host: payment-api-dev.drbridge.org
URL: https://payment-api-dev.drbridge.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:db01 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d5f4a85e1c7dd0acbd2593631c5e8e1bcc9454ed9a0ff7a6ff68d6adc5e97c13
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

Referer
https://payment-api-dev.drbridge.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 00:02:31 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
strict-transport-security
max-age=0; includeSubDomains
content-length
27556
last-modified
Thu, 05 Sep 2024 00:02:31 GMT
server
cloudflare
vary
User-Agent,Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public
cf-ray
8be1f371bd8cd374-FRA
access-control-allow-headers
Authorization,cache-control,postman-token
expires
Fri, 05 Sep 2025 00:02:31 GMT
modernizr
payment-api-dev.drbridge.org/bundles/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment-api-dev.drbridge.org/bundles/modernizr?v=inCVuEFe6J4Q07A0AcRsbJic_UE5MwpRMNGcOtk94TE1
Requested by
Host: payment-api-dev.drbridge.org
URL: https://payment-api-dev.drbridge.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:db01 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
9e83216908224ffbc39992a5e60f93ca21b8e2240ba28025ba679c4b70f7112d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

Referer
https://payment-api-dev.drbridge.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 00:02:31 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
strict-transport-security
max-age=0; includeSubDomains
content-length
5292
last-modified
Thu, 05 Sep 2024 00:02:31 GMT
server
cloudflare
vary
User-Agent,Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public
cf-ray
8be1f371bd90d374-FRA
access-control-allow-headers
Authorization,cache-control,postman-token
expires
Fri, 05 Sep 2025 00:02:31 GMT
jquery
payment-api-dev.drbridge.org/bundles/ 		85 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment-api-dev.drbridge.org/bundles/jquery?v=MRjVrMuK9DXe6nW0tFmw9cj1pT5oo4Jf-eJQmGfwEF01
Requested by
Host: payment-api-dev.drbridge.org
URL: https://payment-api-dev.drbridge.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:db01 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
917bc9ea44f5bcaa60686a693983530d2f5d42df8206e3931006ea742bb007cf
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

Referer
https://payment-api-dev.drbridge.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 00:02:31 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
strict-transport-security
max-age=0; includeSubDomains
content-length
39273
last-modified
Thu, 05 Sep 2024 00:02:31 GMT
server
cloudflare
vary
User-Agent,Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public
cf-ray
8be1f371bd91d374-FRA
access-control-allow-headers
Authorization,cache-control,postman-token
expires
Fri, 05 Sep 2025 00:02:31 GMT
bootstrap
payment-api-dev.drbridge.org/bundles/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment-api-dev.drbridge.org/bundles/bootstrap?v=lescQEuG5u4jd-GcVDBcbpUOSyTDIg0Kk9zHDX55GCw1
Requested by
Host: payment-api-dev.drbridge.org
URL: https://payment-api-dev.drbridge.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:db01 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
72c93f899b0c28052a481f2e4177bfc6d400c3a10f51585cfbf079e9706aa003
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

Referer
https://payment-api-dev.drbridge.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 00:02:31 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
strict-transport-security
max-age=0; includeSubDomains
content-length
12922
last-modified
Thu, 05 Sep 2024 00:02:31 GMT
server
cloudflare
vary
User-Agent,Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public
cf-ray
8be1f371bd94d374-FRA
access-control-allow-headers
Authorization,cache-control,postman-token
expires
Fri, 05 Sep 2025 00:02:31 GMT
main.js
payment-api-dev.drbridge.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/a5b175b00260/ Frame F89E
Redirect Chain
  • https://payment-api-dev.drbridge.org/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://payment-api-dev.drbridge.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/a5b175b00260/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment-api-dev.drbridge.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/a5b175b00260/main.js?
Protocol
H2
Server
2606:4700::6813:db01 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8af81066c5e29965a0fecfecafa521fd7f2936732a9bc159a14eda033f3533cf
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 00:02:31 GMT
strict-transport-security
max-age=0; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray
8be1f3736fe7d374-FRA

Redirect headers

date
Thu, 05 Sep 2024 00:02:31 GMT
strict-transport-security
max-age=0; includeSubDomains
server
cloudflare
vary
Accept-Encoding
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/a5b175b00260/main.js?
access-control-allow-origin
*
cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray
8be1f3731f96d374-FRA
content-length
0
favicon.ico
payment-api-dev.drbridge.org/ 		31 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://payment-api-dev.drbridge.org/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:db01 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a94f8a8553caea8430dd4ca3cc01d4e318d19828f74cb65453ffb7f5d9e2f44d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

Referer
https://payment-api-dev.drbridge.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 00:02:31 GMT
strict-transport-security
max-age=0; includeSubDomains
content-encoding
gzip
cf-cache-status
MISS
x-powered-by
ASP.NET
content-security-policy-report-only
script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=rppDsaf04wSla3p3hZil.2M9l7K5QGjevc74JvxrwGA-1725494551-1.0.1.1-X9r7qJ3WoeNdBSs.H6V.I6TbGlNuZhY0MgJcruFbOxWfxKP30O66HmAA1nqX6KOVrhop6B2Moq8C_6Woiydd7DZE1hvJxmkmYIgVphjKxkE8IZKySDQzkBtplqbch7tzgb5xbad7D4fOD4iaViejPSIuxob3qVFJ8DsXcSzDzNY; report-to cf-csp-endpoint
last-modified
Mon, 15 Jan 2024 14:12:06 GMT
server
cloudflare
etag
W/"0bfcad1bc47da1:0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
image/x-icon
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=rppDsaf04wSla3p3hZil.2M9l7K5QGjevc74JvxrwGA-1725494551-1.0.1.1-X9r7qJ3WoeNdBSs.H6V.I6TbGlNuZhY0MgJcruFbOxWfxKP30O66HmAA1nqX6KOVrhop6B2Moq8C_6Woiydd7DZE1hvJxmkmYIgVphjKxkE8IZKySDQzkBtplqbch7tzgb5xbad7D4fOD4iaViejPSIuxob3qVFJ8DsXcSzDzNY"}],"group":"cf-csp-endpoint","max_age":86400}
cache-control
public, max-age=14400
cf-ray
8be1f3732fa9d374-FRA
access-control-allow-headers
Authorization,cache-control,postman-token
expires
Thu, 05 Sep 2024 04:02:31 GMT
8be1f370cc29d374
payment-api-dev.drbridge.org/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame F89E 		0
589 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://payment-api-dev.drbridge.org/cdn-cgi/challenge-platform/h/b/jsd/r/8be1f370cc29d374
Requested by
Host: payment-api-dev.drbridge.org
URL: https://payment-api-dev.drbridge.org/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:db01 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 05 Sep 2024 00:02:31 GMT
strict-transport-security
max-age=0; includeSubDomains
server
cloudflare
cf-ray
8be1f374291fd374-FRA
content-length
0
content-type
text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| html5 object| Modernizr function| $ function| jQuery

1 Cookies

Domain/Path Name / Value
.drbridge.org/ Name: cf_clearance
Value: EgMWR4s1XKWTcSeO3hARYhWf1OJexPyBmWUihnLAcvw-1725494551-1.2.1.1-WCdrpIgJnwUWsmng2epq2_Uf_epH_hvWis0FODkadcF0.ZcmP_DRQ3dJMLSg1Vxh5.W.G.oGqPdADeaVn3c3LtW6MgCcxahTWNMv7EapLLTeqlZpfcWRXQAn.xQ_ktdtUlWALbQQRfx0Av7CvMY71PY.ahu.sW9ovnW4_ojiyr8D6EJ2ihAIO3Eu0jWJx17sctEO04AIUs6.1cDjxK2qqDLk__v4DqHOHPWOBRTsqgk7rZgeU6uIlFKcNPkIClcumGc_RJaORH8r0_F3Xa0iGgn0rrZqObwUCUM8YSaaN4tnUnAWLJMvGqxoKPuP0MaBnaFoduWIIp7VlKVpMDwJGlm5RTPPBfiXNmU3np9C6vL3iaBOB3blFDUsPfRiN0aq

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0; includeSubDomains