urlscan.io logo urlscan.io
SecurityTrails logo

staging.pay.bargreen.io Open in urlscan Pro
34.217.163.78  Public Scan

Go To Rescan Add Verdict Report
URL: https://staging.pay.bargreen.io/
Submission: On March 18 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 9 HTTP transactions. The main IP is 34.217.163.78, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is staging.pay.bargreen.io.
TLS certificate: Issued by Amazon on April 16th 2020. Valid for: a year.
This is the only time staging.pay.bargreen.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 34.217.163.78 16509 (AMAZON-02)
4 151.101.112.176 54113 (FASTLY)
1 34.213.158.125 16509 (AMAZON-02)
9 3
Domain Requested by
4 staging.pay.bargreen.io staging.pay.bargreen.io
3 js.stripe.com staging.pay.bargreen.io
js.stripe.com
1 m.stripe.com m.stripe.network
1 m.stripe.network js.stripe.com
9 4

This site contains no links.

Subject Issuer Validity Valid
pay.bargreen.io
Amazon		 2020-04-16 -
2021-05-16		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2021-01-19 -
2021-05-04		 3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-20 -
2021-05-04		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://staging.pay.bargreen.io/
Frame ID: 2CB54E798EB8369C9CC84FE023673ED0
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-0cba8a995d163797499ab006bbb6b889.html
Frame ID: 5FF99852B9BD2CA85DC9E37D37C082ED
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: F41A41FFE0064740A34160AA768F3C8E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /js\.stripe\.com/i

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

631 kB
Transfer

811 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
staging.pay.bargreen.io/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://staging.pay.bargreen.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.217.163.78 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-217-163-78.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
c6ecc2a03a2ce783462b6b290d4895749a761c46e0682b2164350679ad2a773f

Request headers

:method
GET
:authority
staging.pay.bargreen.io
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 00:19:38 GMT
content-type
text/html
content-length
2277
x-amzn-requestid
9bbd9ce8-b913-4ad2-851c-2fb5f014a13c
x-amz-apigw-id
cW1oHGlGvHcFnYA=
x-amzn-trace-id
Root=1-60529c9a-27d935bf3273d6a5563527f3;Sampled=0
bootstrap.min.css
staging.pay.bargreen.io/lib/bootstrap/dist/css/ 		152 KB
153 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://staging.pay.bargreen.io/lib/bootstrap/dist/css/bootstrap.min.css
Requested by
Host: staging.pay.bargreen.io
URL: https://staging.pay.bargreen.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.217.163.78 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-217-163-78.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ae576713bc196098f7438dede6ff1f835a23291c32b745ad7e6fb6db809a719b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://staging.pay.bargreen.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 00:19:38 GMT
x-amzn-requestid
956bd9fe-952c-42d1-8ffd-781193477656
x-amzn-remapped-content-length
155764
last-modified
Thu, 17 Dec 2020 08:07:20 GMT
etag
"1d6d44ba46b4c74"
strict-transport-security
max-age=2592000
content-type
text/css
x-amzn-trace-id
Root=1-60529c9a-2a2e5f5b1834c8e537b270c8;Sampled=0
accept-ranges
bytes
x-amz-apigw-id
cW1oKGdTPHcFh0w=
content-length
155764
site.css
staging.pay.bargreen.io/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://staging.pay.bargreen.io/css/site.css
Requested by
Host: staging.pay.bargreen.io
URL: https://staging.pay.bargreen.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.217.163.78 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-217-163-78.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
3b065c06c6e1fa0d5785a5bee6e088200960d6fec7ff033288fbedf646f9d785
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://staging.pay.bargreen.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 00:19:41 GMT
x-amzn-requestid
97bb9dd9-e52b-449b-abb6-e6db34f612e0
x-amzn-remapped-content-length
1622
last-modified
Thu, 17 Dec 2020 08:07:20 GMT
etag
"1d6d44ba4692a56"
strict-transport-security
max-age=2592000
content-type
text/css
x-amzn-trace-id
Root=1-60529c9a-5b3f17e65c28a0ef7a9ab9ba;Sampled=0
accept-ranges
bytes
x-amz-apigw-id
cW1oKEIoPHcFnIw=
content-length
1622
logo.png
staging.pay.bargreen.io/ 		402 KB
403 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staging.pay.bargreen.io/logo.png
Requested by
Host: staging.pay.bargreen.io
URL: https://staging.pay.bargreen.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.217.163.78 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-217-163-78.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
c6914759841ea24dc813b196245f389d9ce7d30879e01d0cf80892b24c0793ae
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://staging.pay.bargreen.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 00:19:38 GMT
x-amzn-requestid
e77179f7-a614-41b5-b59a-068319211c35
x-amzn-remapped-content-length
411847
last-modified
Thu, 17 Dec 2020 08:07:20 GMT
etag
"1d6d44ba46f64c7"
strict-transport-security
max-age=2592000
content-type
image/png
x-amzn-trace-id
Root=1-60529c9a-3661fda648e669557e581d16;Sampled=0
accept-ranges
bytes
x-amz-apigw-id
cW1oKFnhPHcFi8A=
content-length
411847
/
js.stripe.com/v3/ 		218 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: staging.pay.bargreen.io
URL: https://staging.pay.bargreen.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e803ad819fa33f1a074bdf1cbe859f4dbd49102af3e576caae8b83df4ff9b4a2
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://staging.pay.bargreen.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 00:19:38 GMT
content-encoding
gzip
vary
Accept-Encoding
age
232
via
1.1 varnish
x-cache
HIT
content-length
57903
x-amz-id-2
HFG56z/pYwAFHKbW0ytsiuOwvtH6VmlHpTNK4j71S65Pas9TQ0o+qMvqF5I2iWvgFhHdLtcZ994=
x-served-by
cache-hhn4022-HHN
timing-allow-origin
*
last-modified
Tue, 16 Mar 2021 23:16:56 GMT
server
AmazonS3
etag
"bcad590fc8d82dfc7f0cec7577a834ec"
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-amz-request-id
J97Q9F9F3R9PTQ7C
access-control-allow-origin
*
cache-control
public, max-age=300
content-security-policy
connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
72
m-outer-0cba8a995d163797499ab006bbb6b889.html
js.stripe.com/v3/ Frame 5FF9 		215 B
589 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-0cba8a995d163797499ab006bbb6b889.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e755df7fd0c4d557bcefdd1186cc8ddb518d001d6ee462335a6debee465090b
Security Headers
Name Value
Content-Security-Policy connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v3/m-outer-0cba8a995d163797499ab006bbb6b889.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://staging.pay.bargreen.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://staging.pay.bargreen.io/

Response headers

x-amz-id-2
FcOT4EVqwvMimRfYW0z0WAbg/1xhDZzS0Lkf2Q75TAVjJBf49Q+onHAEonnYC4OTT0HBR6BbbBg=
x-amz-request-id
K7VTE7RKAXJAC4S3
last-modified
Tue, 09 Mar 2021 20:21:15 GMT
etag
"0cba8a995d163797499ab006bbb6b889"
cache-control
public, max-age=300
content-type
text/html; charset=utf-8
server
AmazonS3
content-encoding
gzip
accept-ranges
bytes
date
Thu, 18 Mar 2021 00:19:41 GMT
via
1.1 varnish
age
16
x-served-by
cache-hhn4022-HHN
x-cache
HIT
x-cache-hits
13
vary
Accept-Encoding
access-control-allow-origin
*
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
content-security-policy
connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
content-length
185
m-outer-a7fed991536d116dae496abb616e06f8.js
js.stripe.com/v3/fingerprinted/js/ Frame 5FF9 		1 KB
879 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-a7fed991536d116dae496abb616e06f8.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-0cba8a995d163797499ab006bbb6b889.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ab54291096b12653d08ff248c02373efdda237c3689ac3bc132c93e1b5fb9ff3
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://js.stripe.com/v3/m-outer-0cba8a995d163797499ab006bbb6b889.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 00:19:41 GMT
content-encoding
gzip
vary
Accept-Encoding
age
107
via
1.1 varnish
x-cache
HIT
content-length
699
x-amz-id-2
nIrNdFl1a8Tdu6i70K137Xa/qwaYsinH1fe+BTxePuWEwh5h1fnFyN26Q5MpTsE2fjKW8D7pwzs=
x-served-by
cache-hhn4022-HHN
timing-allow-origin
*
last-modified
Tue, 09 Mar 2021 20:21:16 GMT
server
AmazonS3
etag
"356a16407e7a019ffdf35f454b7438a9"
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-amz-request-id
6DXEX37GGWBMD4A2
access-control-allow-origin
*
cache-control
public, max-age=300
content-security-policy
connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
60
inner.html
m.stripe.network/ Frame F41A 		33 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-a7fed991536d116dae496abb616e06f8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
63429c42ee14e4837aceda0ee0546b64f0d424d9401e94948625e17d126e7778
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://m.stripe.com https://stripensrq.global.ssl.fastly.net/; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
m.stripe.network
:scheme
https
:path
/inner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://js.stripe.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js.stripe.com/

Response headers

server
nginx
content-type
text/html; charset=utf-8
last-modified
Fri, 04 Dec 2020 19:17:49 GMT
etag
W/"5fca8b5d-84a0"
strict-transport-security
max-age=31556926; includeSubDomains; preload
cache-control
public, max-age=300
timing-allow-origin
*
content-security-policy
default-src 'self'; connect-src 'self' https://m.stripe.com https://stripensrq.global.ssl.fastly.net/; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
date
Thu, 18 Mar 2021 00:19:41 GMT
age
188
x-served-by
cache-sea4482-SEA, cache-hhn4022-HHN
x-cache
HIT, HIT
x-cache-hits
2, 111
x-timer
S1616026782.980903,VS0,VE0
vary
Accept-Encoding
content-length
12226
6
m.stripe.com/ Frame F41A 		156 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.213.158.125 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4b8c7b47eecc96a2aee8c2fe259aada42dde3c9ec9685947fa4223aa2488a035
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 18 Mar 2021 00:19:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
strict-transport-security
max-age=31556926; includeSubDomains; preload
access-control-allow-headers
Content-Type

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| __webpackStripeJSv3Jsonp function| Stripe

0 Cookies