urlscan.io logo urlscan.io
SecurityTrails logo

partners.paymentspring.engineering Open in urlscan Pro
18.206.36.39  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://partners.paymentspring.engineering/
Effective URL: https://partners.paymentspring.engineering/users/sign_in
Submission: On February 21 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 8 HTTP transactions. The main IP is 18.206.36.39, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is partners.paymentspring.engineering.
TLS certificate: Issued by Amazon on January 16th 2023. Valid for: a year.
This is the only time partners.paymentspring.engineering was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 18.206.36.39 14618 (AMAZON-AES)
1 2606:4700::68... 13335 (CLOUDFLAR...)
8 2
Apex Domain
Subdomains		 Transfer
8 paymentspring.engineering
partners.paymentspring.engineering
405 KB
1 myfonts.net
hello.myfonts.net — Cisco Umbrella Rank: 7611
352 B
8 2
Domain Requested by
8 partners.paymentspring.engineering 1 redirects partners.paymentspring.engineering
1 hello.myfonts.net partners.paymentspring.engineering
8 2

This site contains links to these domains. Also see Links.

Domain
paymentspring.com
dashboard.paymentspring.com
Subject Issuer Validity Valid
partners.paymentspring.engineering
Amazon		 2023-01-16 -
2024-02-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-09 -
2023-06-09		 a year crt.sh

This page contains 1 frames:

Primary Page: https://partners.paymentspring.engineering/users/sign_in
Frame ID: FB2001B11B97A51FF58C420EB1BB0E88
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

PaymentSpring Partner Dashboard

Page URL History Show full URLs

  1. https://partners.paymentspring.engineering/ HTTP 302
    https://partners.paymentspring.engineering/users/sign_in Page URL

Page Statistics

8
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

404 kB
Transfer

584 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://partners.paymentspring.engineering/ HTTP 302
    https://partners.paymentspring.engineering/users/sign_in Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request sign_in
partners.paymentspring.engineering/users/
Redirect Chain
  • https://partners.paymentspring.engineering/
  • https://partners.paymentspring.engineering/users/sign_in
4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://partners.paymentspring.engineering/users/sign_in
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.206.36.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-36-39.compute-1.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
5d3f5d33e870a77e78c64ac3c696fc5b29a27dbf48c3b66c39b400c52727a2e9
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self'; font-src 'self' data:; img-src 'self' data:; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline'; style-src 'self' hello.myfonts.net 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-security-policy
default-src 'self'; connect-src 'self'; font-src 'self' data:; img-src 'self' data:; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline'; style-src 'self' hello.myfonts.net 'unsafe-eval' 'unsafe-inline'
content-type
text/html; charset=utf-8
date
Tue, 21 Feb 2023 04:54:26 GMT
etag
W/"5d3f5d33e870a77e78c64ac3c696fc5b"
referrer-policy
same-origin
server
nginx/1.22.0
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
ac2a5224-3b92-4309-af5d-d19bdfafa03b
x-runtime
0.004474
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache
content-security-policy
default-src 'self'; connect-src 'self'; font-src 'self' data:; img-src 'self' data:; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline'; style-src 'self' hello.myfonts.net 'unsafe-eval' 'unsafe-inline'
content-type
text/html; charset=utf-8
date
Tue, 21 Feb 2023 04:54:26 GMT
location
https://partners.paymentspring.engineering/users/sign_in
referrer-policy
same-origin
server
nginx/1.22.0
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
ff0cab7f-4d1e-445b-99b0-faccf170046a
x-runtime
0.004312
x-xss-protection
1; mode=block
application-5e00c01c6e3a5fc4c28683cfdf6a584d0b53355320bebd8099e6f5a2248768a9.css
partners.paymentspring.engineering/assets/ 		215 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://partners.paymentspring.engineering/assets/application-5e00c01c6e3a5fc4c28683cfdf6a584d0b53355320bebd8099e6f5a2248768a9.css
Requested by
Host: partners.paymentspring.engineering
URL: https://partners.paymentspring.engineering/users/sign_in
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.206.36.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-36-39.compute-1.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
6ca7a5b49d3cf21ef7637c9d4dd384f02db4b24b51e0b488700e15c288e5f6ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partners.paymentspring.engineering/users/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 04:54:26 GMT
content-encoding
gzip
last-modified
Wed, 28 Sep 2022 16:39:10 GMT
server
nginx/1.22.0
etag
W/"633478ae-35a38"
content-type
text/css
application-004390bef8dd0470469d3b43553a0811c15c10a441189b02958460258f1e3023.js
partners.paymentspring.engineering/assets/ 		299 KB
300 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://partners.paymentspring.engineering/assets/application-004390bef8dd0470469d3b43553a0811c15c10a441189b02958460258f1e3023.js
Requested by
Host: partners.paymentspring.engineering
URL: https://partners.paymentspring.engineering/users/sign_in
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.206.36.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-36-39.compute-1.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
004390bef8dd0470469d3b43553a0811c15c10a441189b02958460258f1e3023

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partners.paymentspring.engineering/users/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 04:54:26 GMT
last-modified
Wed, 28 Sep 2022 16:39:10 GMT
server
nginx/1.22.0
accept-ranges
bytes
etag
"633478ae-4ad4b"
content-length
306507
content-type
application/javascript
paymentspring_outside_logo-1a7eab12b441740ae9a71a539186489e4433ec70b656ea3258e9dc6344ca85da.svg
partners.paymentspring.engineering/assets/ 		15 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.paymentspring.engineering/assets/paymentspring_outside_logo-1a7eab12b441740ae9a71a539186489e4433ec70b656ea3258e9dc6344ca85da.svg
Requested by
Host: partners.paymentspring.engineering
URL: https://partners.paymentspring.engineering/users/sign_in
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.206.36.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-36-39.compute-1.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
1a7eab12b441740ae9a71a539186489e4433ec70b656ea3258e9dc6344ca85da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partners.paymentspring.engineering/users/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 04:54:27 GMT
content-encoding
gzip
last-modified
Wed, 28 Sep 2022 16:34:32 GMT
server
nginx/1.22.0
etag
W/"63347798-3d5c"
content-type
image/svg+xml
paymentspring_icon_white-b8a82135706ed711600a2ab88ed5b9038b55b3b678cd2e8ee519ca66e4f1a06e.png
partners.paymentspring.engineering/assets/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.paymentspring.engineering/assets/paymentspring_icon_white-b8a82135706ed711600a2ab88ed5b9038b55b3b678cd2e8ee519ca66e4f1a06e.png
Requested by
Host: partners.paymentspring.engineering
URL: https://partners.paymentspring.engineering/users/sign_in
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.206.36.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-36-39.compute-1.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
b8a82135706ed711600a2ab88ed5b9038b55b3b678cd2e8ee519ca66e4f1a06e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partners.paymentspring.engineering/users/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 04:54:27 GMT
last-modified
Wed, 28 Sep 2022 16:34:32 GMT
server
nginx/1.22.0
accept-ranges
bytes
etag
"63347798-3a20"
content-length
14880
content-type
image/png
loading-29e3806a94dfdc6c01dc8fb275caad66a053ea571c6199dc14814881023effa5.svg
partners.paymentspring.engineering/assets/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.paymentspring.engineering/assets/loading-29e3806a94dfdc6c01dc8fb275caad66a053ea571c6199dc14814881023effa5.svg
Requested by
Host: partners.paymentspring.engineering
URL: https://partners.paymentspring.engineering/users/sign_in
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.206.36.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-36-39.compute-1.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
29e3806a94dfdc6c01dc8fb275caad66a053ea571c6199dc14814881023effa5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partners.paymentspring.engineering/users/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 04:54:27 GMT
content-encoding
gzip
last-modified
Wed, 28 Sep 2022 16:34:32 GMT
server
nginx/1.22.0
etag
W/"63347798-8e2"
content-type
image/svg+xml
32829d
hello.myfonts.net/count/ 		0
352 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hello.myfonts.net/count/32829d
Requested by
Host: partners.paymentspring.engineering
URL: https://partners.paymentspring.engineering/assets/application-5e00c01c6e3a5fc4c28683cfdf6a584d0b53355320bebd8099e6f5a2248768a9.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:f449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 04:54:27 GMT
server
cloudflare
age
1
expect-ct
null
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
79cce253c98f922f-FRA
content-length
0
expires
Wed, 21 Feb 2024 04:54:27 GMT
32829D_3_0-4e218c157a787eeb4e40e38fad29b410239172b4660838a5c2bb077c8b6ec027.woff2
partners.paymentspring.engineering/assets/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://partners.paymentspring.engineering/assets/32829D_3_0-4e218c157a787eeb4e40e38fad29b410239172b4660838a5c2bb077c8b6ec027.woff2
Requested by
Host: partners.paymentspring.engineering
URL: https://partners.paymentspring.engineering/assets/application-5e00c01c6e3a5fc4c28683cfdf6a584d0b53355320bebd8099e6f5a2248768a9.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.206.36.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-36-39.compute-1.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
4e218c157a787eeb4e40e38fad29b410239172b4660838a5c2bb077c8b6ec027

Request headers

Referer
https://partners.paymentspring.engineering/assets/application-5e00c01c6e3a5fc4c28683cfdf6a584d0b53355320bebd8099e6f5a2248768a9.css
Origin
https://partners.paymentspring.engineering
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 04:54:27 GMT
last-modified
Wed, 28 Sep 2022 16:34:32 GMT
server
nginx/1.22.0
accept-ranges
bytes
etag
"63347798-88bb"
content-length
35003
content-type
font/woff2

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange function| FetchUtility function| FormUtility function| OperationUtility function| PageUtility function| TaskUtility function| FetchTask function| FormTask object| merchant_manager object| session_manager object| settings_manager function| $ function| jQuery object| jQuery112409066841153067413 object| Handlebars object| ActionCable object| App object| HandlebarsTemplates

2 Cookies

Domain/Path Name / Value
partners.paymentspring.engineering/ Name: _partner-dashboard_session
Value: UlBYbUxyK2hkTC8yencxTHkwTTR6eG9jekVzejJtZmJ0ZVM0RW1UenZackZjZXd5OExCcHFobnliSVgvVnQvaWRhbzNwUUNpSUV5SklMRU1xYzdLM1pORHI5MkppYXpqYzAxVU4yYUdsNWhVYnVoSmFpVTZkazYvcXhSTXUrWlkwZm9MQnZLU3NFc05KY3JyRmZPcmNZcTJUbDJVbk9zVDhTTm9yNTdtNE9CT1NKUTJtLy9UdHFXK2gvT2ppc2g5LS1ocnpDUlJhaXV3TWNVUWtOdzRHQlRnPT0%3D--996a46b54456edea38ba8207b1f8cb17762aa227
.myfonts.net/ Name: __cf_bm
Value: jZMMaZ.MP8atC40iwGi7T2Fa0glsCDE9cdRKEbKc3WI-1676955267-0-AZvNuDXmmc7VVOoHUdNq5cwWXwhadI1ATM4SwMIs5ZL2rE5kRO0qJ0dvvawERgnS8Wh3vQ7bGZRV2Q0fqpChHjM=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; connect-src 'self'; font-src 'self' data:; img-src 'self' data:; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline'; style-src 'self' hello.myfonts.net 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block