payment-dev.up.education Open in urlscan Pro
2620:1ec:bdf::42 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://payment-dev.up.education/
Submission: On September 04 via automatic, source certstream-suspicious (September 4th 2024, 2:00:45 am UTC) — Scanned from DE

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 9 HTTP transactions. The main IP is 2620:1ec:bdf::42, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is payment-dev.up.education.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on December 7th 2023. Valid for: a year.

This is the only time payment-dev.up.education was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
9	2620:1ec:bdf::42 2620:1ec:bdf::42		8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
9	1

9 2620:1ec:bdf::42 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

payment-dev.up.education	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	up.education payment-dev.up.education	814 KB
9	1

	Domain	Requested by
9	payment-dev.up.education	payment-dev.up.education
9	1

This site contains no links.

Subject Issuer	Validity	Valid
payment-Dev.up.education DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://payment-dev.up.education/
Frame ID: 4677015D0696B97D97C29A8A216D837A
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Adhoc Payments

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Page Statistics

9
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

814 kB
Transfer

812 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response payment-dev.up.education/	633 B 1 KB	1348ms 1120ms	Document text/html	2620:1ec:bdf::42 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://payment-dev.up.education/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash `b7909ac6eabd887558b888488165a8f4e3eb68e2c157ebf2b607e518b4a6252d` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers accept-ranges bytes content-length 633 content-type text/html date Wed, 04 Sep 2024 02:00:36 GMT etag "63720ea8-279" last-modified Mon, 14 Nov 2022 09:47:20 GMT x-azure-ref 20240904T020035Z-166b9c58d6cxk2w97k4mbwpn74000000071000000000fsun x-cache CONFIG_NOCACHE
GET H2	200	main.71211533.js Show response payment-dev.up.education/static/js/	790 KB 791 KB	1123ms 1122ms	Script application/javascript	2620:1ec:bdf::42 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://payment-dev.up.education/static/js/main.71211533.js Requested by Host: payment-dev.up.education URL: https://payment-dev.up.education/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash `85faf5eb695a91391cbe3b6dcede690705eb2d6b098d95d1b1aa665ae5723622` Request headers Referer https://payment-dev.up.education/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Wed, 04 Sep 2024 02:00:37 GMT last-modified Mon, 14 Nov 2022 09:47:20 GMT etag "63720ea8-c5768" x-azure-ref 20240904T020036Z-166b9c58d6cxk2w97k4mbwpn74000000071000000000fsvu x-cache CONFIG_NOCACHE content-type application/javascript accept-ranges bytes content-length 808808
GET H2	200	main.e6c13ad2.css payment-dev.up.education/static/css/	337 B 547 B	301ms 301ms	Stylesheet text/css	2620:1ec:bdf::42 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://payment-dev.up.education/static/css/main.e6c13ad2.css Requested by Host: payment-dev.up.education URL: https://payment-dev.up.education/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash `439b3301299d2f3614d9ede61bceaeb7d023f5975147e08f33d6e4ca82cfed56` Request headers Referer https://payment-dev.up.education/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Wed, 04 Sep 2024 02:00:37 GMT last-modified Mon, 14 Nov 2022 09:47:20 GMT etag "63720ea8-151" x-azure-ref 20240904T020036Z-166b9c58d6cxk2w97k4mbwpn74000000071000000000fsvt x-cache CONFIG_NOCACHE content-type text/css accept-ranges bytes content-length 337
GET H2	200	translation.json Show response payment-dev.up.education/locales/en/	3 KB 3 KB	307ms 307ms	XHR application/json	2620:1ec:bdf::42 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://payment-dev.up.education/locales/en/translation.json Requested by Host: payment-dev.up.education URL: https://payment-dev.up.education/static/js/main.71211533.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash `7d20d6cf1f89cda79d6076cbb231af3f0856d94e6abf6fba9b4640d153c60819` Request headers Referer https://payment-dev.up.education/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 X-Requested-With XMLHttpRequest Response headers date Wed, 04 Sep 2024 02:00:40 GMT last-modified Mon, 14 Nov 2022 09:46:06 GMT etag "63720e5e-a2f" x-azure-ref 20240904T020040Z-166b9c58d6cxk2w97k4mbwpn74000000071000000000fsz8 x-cache CONFIG_NOCACHE content-type application/json accept-ranges bytes content-length 2607
GET H2	200	up-education-logo.png payment-dev.up.education/providers/up/	9 KB 10 KB	1093ms 1092ms	Image image/png	2620:1ec:bdf::42 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://payment-dev.up.education/providers/up/up-education-logo.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash `53697d1eb61cc560dda6d446ff5e2413485b727895a7f22699efcf5d6783c209` Request headers Referer https://payment-dev.up.education/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Wed, 04 Sep 2024 02:00:41 GMT last-modified Mon, 14 Nov 2022 09:46:06 GMT etag "63720e5e-2552" x-azure-ref 20240904T020040Z-166b9c58d6cxk2w97k4mbwpn74000000071000000000fsza x-cache CONFIG_NOCACHE content-type image/png accept-ranges bytes content-length 9554
GET H2	200	ichm-logo.svg payment-dev.up.education/providers/ichm/	2 KB 2 KB	301ms 301ms	Image image/svg+xml	2620:1ec:bdf::42 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://payment-dev.up.education/providers/ichm/ichm-logo.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash `2413d3c4e1964d392bfc2f3e09980678100610695a12f6f88205b67d70875a07` Request headers Referer https://payment-dev.up.education/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Wed, 04 Sep 2024 02:00:40 GMT last-modified Mon, 14 Nov 2022 09:46:06 GMT etag "63720e5e-796" x-azure-ref 20240904T020040Z-166b9c58d6cxk2w97k4mbwpn74000000071000000000fszb x-cache CONFIG_NOCACHE content-type image/svg+xml accept-ranges bytes content-length 1942
GET H2	200	favicon.ico payment-dev.up.education/	633 B 844 B	1091ms 1090ms	Other text/html	2620:1ec:bdf::42 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://payment-dev.up.education/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash `b7909ac6eabd887558b888488165a8f4e3eb68e2c157ebf2b607e518b4a6252d` Request headers Referer https://payment-dev.up.education/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Wed, 04 Sep 2024 02:00:41 GMT last-modified Mon, 14 Nov 2022 09:47:20 GMT etag "63720ea8-279" x-azure-ref 20240904T020040Z-166b9c58d6cxk2w97k4mbwpn74000000071000000000fszc x-cache CONFIG_NOCACHE content-type text/html accept-ranges bytes content-length 633
GET H2	200	favicon.svg payment-dev.up.education/providers/up/	6 KB 6 KB	1148ms 1147ms	Other image/svg+xml	2620:1ec:bdf::42 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://payment-dev.up.education/providers/up/favicon.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash `e05a0bdb8bf9993fa6a3fc6ac412cc4290f55324634c71c2256a29722200bc55` Request headers Referer https://payment-dev.up.education/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Wed, 04 Sep 2024 02:00:41 GMT last-modified Mon, 14 Nov 2022 09:46:06 GMT etag "63720e5e-1924" x-azure-ref 20240904T020040Z-166b9c58d6cxk2w97k4mbwpn74000000071000000000fszd x-cache CONFIG_NOCACHE content-type image/svg+xml accept-ranges bytes content-length 6436
GET H2	200	favicon.ico payment-dev.up.education/	633 B 0	0ms 0ms	Other text/html	2620:1ec:bdf::42 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://payment-dev.up.education/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash `b7909ac6eabd887558b888488165a8f4e3eb68e2c157ebf2b607e518b4a6252d` Request headers Referer https://payment-dev.up.education/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Wed, 04 Sep 2024 02:00:41 GMT last-modified Mon, 14 Nov 2022 09:47:20 GMT etag "63720ea8-279" x-azure-ref 20240904T020040Z-166b9c58d6cxk2w97k4mbwpn74000000071000000000fszc x-cache CONFIG_NOCACHE content-type text/html accept-ranges bytes content-length 633

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackChunkadhoc_payments function| _

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.payment-dev.up.education/	1969-12-31 23:59:59	Name: ARRAffinity Value: c252867f926a7dc390a26570f3c345d28521b1a31168a89d00cb889acb0a9237
.payment-dev.up.education/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: c252867f926a7dc390a26570f3c345d28521b1a31168a89d00cb889acb0a9237
payment-dev.up.education/	1970-01-21 08:02:31	Name: ai_user Value: nDqhbYRRugPjOBXfA3kVhu\|2024-09-04T02:00:40.148Z

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

payment-dev.up.education
2620:1ec:bdf::42
2413d3c4e1964d392bfc2f3e09980678100610695a12f6f88205b67d70875a07
439b3301299d2f3614d9ede61bceaeb7d023f5975147e08f33d6e4ca82cfed56
53697d1eb61cc560dda6d446ff5e2413485b727895a7f22699efcf5d6783c209
7d20d6cf1f89cda79d6076cbb231af3f0856d94e6abf6fba9b4640d153c60819
85faf5eb695a91391cbe3b6dcede690705eb2d6b098d95d1b1aa665ae5723622
b7909ac6eabd887558b888488165a8f4e3eb68e2c157ebf2b607e518b4a6252d
e05a0bdb8bf9993fa6a3fc6ac412cc4290f55324634c71c2256a29722200bc55

payment-dev.up.education Open in urlscan Pro 2620:1ec:bdf::42 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

814 kBTransfer

812 kBSize

3 Cookies

0 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

3 Cookies

Indicators

payment-dev.up.education Open in urlscan Pro
2620:1ec:bdf::42 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

814 kB
Transfer

812 kB
Size

3
Cookies

9 HTTP transactions
0 data transactions