urlscan.io logo urlscan.io
SecurityTrails logo

merchant-login.dev.us.zip.co Open in urlscan Pro
104.17.254.182  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://merchant-portal.dev.us.zip.co/
Effective URL: https://merchant-login.dev.us.zip.co/u/login?state=hKFo2SBfR0ZGdVFob0ExdW1oX1F6bjUwaU5jWkRPenptbENnWKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIE...
Submission Tags: @phish_report
Submission: On September 11 via api from FI — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 20 HTTP transactions. The main IP is 104.17.254.182, located in and belongs to CLOUDFLARENET, US. The main domain is merchant-login.dev.us.zip.co.
TLS certificate: Issued by E5 on August 13th 2024. Valid for: 3 months.
This is the only time merchant-login.dev.us.zip.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 13.107.246.31 8075 (MICROSOFT...)
1 104.18.65.57 13335 (CLOUDFLAR...)
1 2 104.17.254.182 13335 (CLOUDFLAR...)
1 108.158.21.40 16509 (AMAZON-02)
1 172.64.150.121 13335 (CLOUDFLAR...)
1 172.64.147.196 13335 (CLOUDFLAR...)
20 7
12    13.107.246.31 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
merchant-portal.dev.us.zip.co
1    104.18.65.57 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.optimizely.com
2    104.17.254.182 (None, )

ASN13335 (CLOUDFLARENET, US)
merchant-login.dev.us.zip.co
1    108.158.21.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-21-40.syd62.r.cloudfront.net
cdn.auth0.com
1    172.64.150.121 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
zip.co
1    172.64.147.196 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
assets.quadpay.com
Apex Domain
Subdomains		 Transfer
15 zip.co
merchant-portal.dev.us.zip.co
merchant-login.dev.us.zip.co
zip.co — Cisco Umbrella Rank: 35679
854 KB
1 quadpay.com
assets.quadpay.com — Cisco Umbrella Rank: 82636
51 KB
1 auth0.com
cdn.auth0.com — Cisco Umbrella Rank: 10656
63 KB
1 optimizely.com
cdn.optimizely.com — Cisco Umbrella Rank: 1042
2 KB
0 wpengine.com Failed
zipus.wpengine.com Failed
20 5
Domain Requested by
12 merchant-portal.dev.us.zip.co merchant-portal.dev.us.zip.co
2 merchant-login.dev.us.zip.co 1 redirects merchant-portal.dev.us.zip.co
1 assets.quadpay.com merchant-login.dev.us.zip.co
1 zip.co merchant-login.dev.us.zip.co
1 cdn.auth0.com merchant-login.dev.us.zip.co
1 cdn.optimizely.com merchant-portal.dev.us.zip.co
0 zipus.wpengine.com Failed
20 7

This site contains links to these domains. Also see Links.

Domain
zip.co
Subject Issuer Validity Valid
merchant-portal.dev.us.zip.co
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2024-09-10 -
2025-03-10		 6 months crt.sh
cdn.optimizely.com
WE1		 2024-08-23 -
2024-11-21		 3 months crt.sh
merchant-login.dev.us.zip.co
E5		 2024-08-13 -
2024-11-11		 3 months crt.sh
*.auth0.com
Amazon RSA 2048 M03		 2024-01-25 -
2025-02-22		 a year crt.sh
zip.co
WE1		 2024-09-03 -
2024-12-02		 3 months crt.sh
quadpay.com
WE1		 2024-08-08 -
2024-11-06		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://merchant-login.dev.us.zip.co/u/login?state=hKFo2SBfR0ZGdVFob0ExdW1oX1F6bjUwaU5jWkRPenptbENnWKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIEZWUm5zQVVnYVptVGlGeEVMaTh0MkRfM1JsVGItU1RJo2NpZNkgUFpWVUIybkVpNWpxZ0F1NzVGVTJQaWVsQnVxMXd5TGM
Frame ID: 93E0351C99C40DC0B2126005DD8C1565
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Log in | React Merchant Portal (CI)

Page URL History Show full URLs

  1. http://merchant-portal.dev.us.zip.co/ HTTP 307
    https://merchant-portal.dev.us.zip.co/ Page URL
  2. https://merchant-login.dev.us.zip.co/authorize?audience=https%3A%2F%2Fmerchants-auth-dev.quadpay.com&scope=openid... HTTP 302
    https://merchant-login.dev.us.zip.co/u/login?state=hKFo2SBfR0ZGdVFob0ExdW1oX1F6bjUwaU5jWkRPenptbENnWKFur3VuaXZlcn... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • zip\.co
Overall confidence: 100%
Detected patterns
  • optimizely\.com.*\.js

Page Statistics

20
Requests

85 %
HTTPS

0 %
IPv6

5
Domains

7
Subdomains

7
IPs

2
Countries

968 kB
Transfer

3144 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://merchant-portal.dev.us.zip.co/ HTTP 307
    https://merchant-portal.dev.us.zip.co/ Page URL
  2. https://merchant-login.dev.us.zip.co/authorize?audience=https%3A%2F%2Fmerchants-auth-dev.quadpay.com&scope=openid%20profile%20email&client_id=PZVUB2nEi5jqgAu75FU2PielBuq1wyLc&redirect_uri=https%3A%2F%2Fmerchant-portal.dev.us.zip.co%3FreturnUrl%3D%2F&response_type=code&response_mode=query&state=RXY5R0hZbEFMckFsM0ZweHItanByOEF1VldZSTRHa29ycTBRZTU3b1dkVw%3D%3D&nonce=aTNCTUN6SlgyREVfNVVqZzFIanQwbmNYYUxxOUM0SE1wS0RYakFjZDljWQ%3D%3D&code_challenge=DqcNSaC2vi_jZUTX2QmzK9MQEHWrzaFuymCqzRQQhWg&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4xMi4xIn0%3D HTTP 302
    https://merchant-login.dev.us.zip.co/u/login?state=hKFo2SBfR0ZGdVFob0ExdW1oX1F6bjUwaU5jWkRPenptbENnWKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIEZWUm5zQVVnYVptVGlGeEVMaTh0MkRfM1JsVGItU1RJo2NpZNkgUFpWVUIybkVpNWpxZ0F1NzVGVTJQaWVsQnVxMXd5TGM Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://merchant-portal.dev.us.zip.co/ HTTP 307
  • https://merchant-portal.dev.us.zip.co/

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
merchant-portal.dev.us.zip.co/
Redirect Chain
  • http://merchant-portal.dev.us.zip.co/
  • https://merchant-portal.dev.us.zip.co/
5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://merchant-portal.dev.us.zip.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Next.js
Resource Hash
6f2e73482ec9b325238ca7e1d6b8638b31893478ccf542dae51fc056bb5a3b12

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

cache-control
s-maxage=31536000, stale-while-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 11 Sep 2024 10:22:40 GMT
etag
"yqbw75hnrm410:dtagent10297240712040816VCvC"
server-timing
dtSInfo;desc="0", dtRpid;desc="848197351"
vary
Accept-Encoding
x-azure-ref
20240911T102239Z-r15988889dfn7p7rguqg99uszg0000000k7g0000000011hu
x-cache
CONFIG_NOCACHE
x-envoy-upstream-service-time
8
x-nextjs-cache
HIT
x-oneagent-js-injection
true
x-powered-by
Next.js
x-ruxit-js-agent
true

Redirect headers

Location
https://merchant-portal.dev.us.zip.co/
Non-Authoritative-Reason
HttpsUpgrades
ruxitagentjs_ICA7NVfqrux_10297240712040816.js
merchant-portal.dev.us.zip.co/ 		217 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://merchant-portal.dev.us.zip.co/ruxitagentjs_ICA7NVfqrux_10297240712040816.js
Requested by
Host: merchant-portal.dev.us.zip.co
URL: https://merchant-portal.dev.us.zip.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
622e9e6b0136a039c8f23225161f19a546bc2f1a4049206884ce828b0d4623e6

Request headers

Referer
https://merchant-portal.dev.us.zip.co/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 11 Sep 2024 10:22:41 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2010 07:01:40 GMT
x-azure-ref
20240911T102240Z-r15988889dfn7p7rguqg99uszg0000000k7g0000000011mv
x-cache
CONFIG_NOCACHE
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
x-envoy-upstream-service-time
8
accept-ranges
bytes
content-length
84111
expires
Thu, 11 Sep 2025 10:22:40 GMT
ff0b19aba3a4776f.css
merchant-portal.dev.us.zip.co/_next/static/css/ 		3 KB
941 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://merchant-portal.dev.us.zip.co/_next/static/css/ff0b19aba3a4776f.css
Requested by
Host: merchant-portal.dev.us.zip.co
URL: https://merchant-portal.dev.us.zip.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ab1ba22c7e3e842772e01a8820d5b3de5643ad87e37aaaa133ac1f78e1760ae7

Request headers

Referer
https://merchant-portal.dev.us.zip.co/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 11 Sep 2024 10:22:40 GMT
content-encoding
gzip
last-modified
Wed, 11 Sep 2024 05:22:27 GMT
etag
W/"a54-191df887238"
vary
Accept-Encoding
x-azure-ref
20240911T102240Z-r15988889dfn7p7rguqg99uszg0000000k7g0000000011mu
content-type
text/css; charset=UTF-8
x-cache
CONFIG_NOCACHE
cache-control
public, max-age=31536000, immutable
x-envoy-upstream-service-time
5
server-timing
dtSInfo;desc="0", dtRpid;desc="-1733389636"
webpack-e00aa6e53c89487e.js
merchant-portal.dev.us.zip.co/_next/static/chunks/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://merchant-portal.dev.us.zip.co/_next/static/chunks/webpack-e00aa6e53c89487e.js
Requested by
Host: merchant-portal.dev.us.zip.co
URL: https://merchant-portal.dev.us.zip.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3387a4ff4d6d15d7e402f42557cc00a0636a24266313019d405ac4fa989e9f55

Request headers

Referer
https://merchant-portal.dev.us.zip.co/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 11 Sep 2024 10:22:40 GMT
content-encoding
gzip
last-modified
Wed, 11 Sep 2024 05:22:27 GMT
etag
W/"10bb-191df887238"
vary
Accept-Encoding
x-azure-ref
20240911T102240Z-r15988889dfn7p7rguqg99uszg0000000k7g0000000011nr
content-type
application/javascript; charset=UTF-8
x-cache
CONFIG_NOCACHE
cache-control
public, max-age=31536000, immutable
x-envoy-upstream-service-time
4
server-timing
dtSInfo;desc="0", dtRpid;desc="1977010577"
framework-92584e9d970f1310.js
merchant-portal.dev.us.zip.co/_next/static/chunks/ 		138 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://merchant-portal.dev.us.zip.co/_next/static/chunks/framework-92584e9d970f1310.js
Requested by
Host: merchant-portal.dev.us.zip.co
URL: https://merchant-portal.dev.us.zip.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
af237019a692d4303533e13c7d2db4c3ca9649416c3ae20cfa80c591e7a7c370

Request headers

Referer
https://merchant-portal.dev.us.zip.co/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 11 Sep 2024 10:22:41 GMT
content-encoding
gzip
last-modified
Wed, 11 Sep 2024 05:22:27 GMT
etag
W/"22749-191df887238"
vary
Accept-Encoding
x-azure-ref
20240911T102240Z-r15988889dfn7p7rguqg99uszg0000000k7g0000000011pf
content-type
application/javascript; charset=UTF-8
x-cache
CONFIG_NOCACHE
cache-control
public, max-age=31536000, immutable
x-envoy-upstream-service-time
3
server-timing
dtSInfo;desc="0", dtRpid;desc="1440358319"
main-358f189c8a1377ad.js
merchant-portal.dev.us.zip.co/_next/static/chunks/ 		101 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://merchant-portal.dev.us.zip.co/_next/static/chunks/main-358f189c8a1377ad.js
Requested by
Host: merchant-portal.dev.us.zip.co
URL: https://merchant-portal.dev.us.zip.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
829c0248894ee5d0f45159e4ff77819a47c225f5625496b9a9675a41501298f1

Request headers

Referer
https://merchant-portal.dev.us.zip.co/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 11 Sep 2024 10:22:41 GMT
content-encoding
gzip
last-modified
Wed, 11 Sep 2024 05:22:27 GMT
etag
W/"1944c-191df887238"
vary
Accept-Encoding
x-azure-ref
20240911T102241Z-r15988889dfn7p7rguqg99uszg0000000k7g0000000011rr
content-type
application/javascript; charset=UTF-8
x-cache
CONFIG_NOCACHE
cache-control
public, max-age=31536000, immutable
x-envoy-upstream-service-time
4
server-timing
dtSInfo;desc="0", dtRpid;desc="1327461813"
_app-43a61ba52be07081.js
merchant-portal.dev.us.zip.co/_next/static/chunks/pages/ 		2 MB
631 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://merchant-portal.dev.us.zip.co/_next/static/chunks/pages/_app-43a61ba52be07081.js
Requested by
Host: merchant-portal.dev.us.zip.co
URL: https://merchant-portal.dev.us.zip.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
df20b96e1145507819c3847abd339e932767a3ff4b66c82fc74c1b50148bcd98

Request headers

Referer
https://merchant-portal.dev.us.zip.co/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 11 Sep 2024 10:22:41 GMT
content-encoding
gzip
last-modified
Wed, 11 Sep 2024 05:22:27 GMT
etag
W/"21b5b7-191df887238"
vary
Accept-Encoding
x-azure-ref
20240911T102241Z-r15988889dfn7p7rguqg99uszg0000000k7g0000000011ru
content-type
application/javascript; charset=UTF-8
x-cache
CONFIG_NOCACHE
cache-control
public, max-age=31536000, immutable
x-envoy-upstream-service-time
3
server-timing
dtSInfo;desc="0", dtRpid;desc="-1281019285"
index-d66b49bd48e2b3be.js
merchant-portal.dev.us.zip.co/_next/static/chunks/pages/ 		720 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://merchant-portal.dev.us.zip.co/_next/static/chunks/pages/index-d66b49bd48e2b3be.js
Requested by
Host: merchant-portal.dev.us.zip.co
URL: https://merchant-portal.dev.us.zip.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0f49f94ffe04d3fe8501ae1285e813e3945609c3c99b26765fb7b2c2addb424c

Request headers

Referer
https://merchant-portal.dev.us.zip.co/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 11 Sep 2024 10:22:42 GMT
last-modified
Wed, 11 Sep 2024 05:22:27 GMT
etag
W/"2d0-191df887238"
vary
Accept-Encoding
x-azure-ref
20240911T102241Z-r15988889dfn7p7rguqg99uszg0000000k7g0000000011rw
content-type
application/javascript; charset=UTF-8
x-cache
CONFIG_NOCACHE
cache-control
public, max-age=31536000, immutable
x-envoy-upstream-service-time
2
server-timing
dtSInfo;desc="0", dtRpid;desc="-957877051"
accept-ranges
bytes
content-length
720
_buildManifest.js
merchant-portal.dev.us.zip.co/_next/static/0U2eAS5Gj1GTAxCCKwFCR/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://merchant-portal.dev.us.zip.co/_next/static/0U2eAS5Gj1GTAxCCKwFCR/_buildManifest.js
Requested by
Host: merchant-portal.dev.us.zip.co
URL: https://merchant-portal.dev.us.zip.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c2953567720cd937aab77250caf276592efb3399f2b1831f324f8c4c5189da0c

Request headers

Referer
https://merchant-portal.dev.us.zip.co/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 11 Sep 2024 10:22:42 GMT
content-encoding
gzip
last-modified
Wed, 11 Sep 2024 05:22:27 GMT
etag
W/"86d-191df887238"
vary
Accept-Encoding
x-azure-ref
20240911T102241Z-r15988889dfn7p7rguqg99uszg0000000k7g0000000011rx
content-type
application/javascript; charset=UTF-8
x-cache
CONFIG_NOCACHE
cache-control
public, max-age=31536000, immutable
x-envoy-upstream-service-time
9
server-timing
dtSInfo;desc="0", dtRpid;desc="337255126"
_ssgManifest.js
merchant-portal.dev.us.zip.co/_next/static/0U2eAS5Gj1GTAxCCKwFCR/ 		421 B
783 B 		Script
General
Check archive.org
Download Go to
Full URL
https://merchant-portal.dev.us.zip.co/_next/static/0U2eAS5Gj1GTAxCCKwFCR/_ssgManifest.js
Requested by
Host: merchant-portal.dev.us.zip.co
URL: https://merchant-portal.dev.us.zip.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
51a27d012ed5c27eab96361882e16da4fcf06a2ca7b27df0f09094fa2c5bf982

Request headers

Referer
https://merchant-portal.dev.us.zip.co/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 11 Sep 2024 10:22:42 GMT
last-modified
Wed, 11 Sep 2024 05:22:41 GMT
etag
W/"1a5-191df88a8e8"
vary
Accept-Encoding
x-azure-ref
20240911T102241Z-r15988889dfn7p7rguqg99uszg0000000k7g0000000011ry
content-type
application/javascript; charset=UTF-8
x-cache
CONFIG_NOCACHE
cache-control
public, max-age=31536000, immutable
x-envoy-upstream-service-time
9
server-timing
dtSInfo;desc="0", dtRpid;desc="2147326198"
accept-ranges
bytes
content-length
421
Aw1bx3q4xwfwHKNGfzQAZ.json
cdn.optimizely.com/datafiles/ 		11 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/datafiles/Aw1bx3q4xwfwHKNGfzQAZ.json
Requested by
Host: merchant-portal.dev.us.zip.co
URL: https://merchant-portal.dev.us.zip.co/ruxitagentjs_ICA7NVfqrux_10297240712040816.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.65.57 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://merchant-portal.dev.us.zip.co/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

x-amz-meta-pci_enabled
False
date
Wed, 11 Sep 2024 10:22:42 GMT
content-encoding
gzip
x-amz-version-id
.tVbplG.fvf_SyIU497IEDjVONsbUxTX
cf-cache-status
HIT
x-amz-request-id
50W6WCV5AZ31AZ8Z
x-amz-server-side-encryption
AES256
x-amz-meta-revision
279
x-amz-replication-status
COMPLETED
content-length
1804
x-amz-id-2
O6aquEnabOqQdeqtahc2JakNLGYHqORD3iMjeLLe1RY+URFRzWyOXbNzTjHUZZdBAmn3XTeseb0=
last-modified
Mon, 05 Feb 2024 22:48:17 GMT
server
cloudflare
etag
"cdbed44d26dad11d12cbc597796974c7"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=120
access-control-allow-credentials
false
access-control-max-age
604800
accept-ranges
bytes
cf-ray
8c16f02c7a55a974-SYD
access-control-allow-headers
*
favicon.ico
merchant-portal.dev.us.zip.co/ 		25 KB
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://merchant-portal.dev.us.zip.co/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://merchant-portal.dev.us.zip.co/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 11 Sep 2024 10:22:42 GMT
content-encoding
gzip
last-modified
Wed, 11 Sep 2024 05:20:49 GMT
etag
W/"654b-191df86f368"
vary
Accept-Encoding
x-azure-ref
20240911T102242Z-r15988889dfn7p7rguqg99uszg0000000k7g0000000011v9
content-type
image/x-icon
x-cache
CONFIG_NOCACHE
cache-control
public, max-age=0
x-envoy-upstream-service-time
3
server-timing
dtSInfo;desc="0", dtRpid;desc="-1068809448"
Primary Request login
merchant-login.dev.us.zip.co/u/
Redirect Chain
  • https://merchant-login.dev.us.zip.co/authorize?audience=https%3A%2F%2Fmerchants-auth-dev.quadpay.com&scope=openid%20profile%20email&client_id=PZVUB2nEi5jqgAu75FU2PielBuq1wyLc&redirect_uri=https%3A%...
  • https://merchant-login.dev.us.zip.co/u/login?state=hKFo2SBfR0ZGdVFob0ExdW1oX1F6bjUwaU5jWkRPenptbENnWKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIEZWUm5zQVVnYVptVGlGeEVMaTh0MkRfM1JsVGItU1RJo2NpZNkgUFpWVUIybkVpNW...
42 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://merchant-login.dev.us.zip.co/u/login?state=hKFo2SBfR0ZGdVFob0ExdW1oX1F6bjUwaU5jWkRPenptbENnWKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIEZWUm5zQVVnYVptVGlGeEVMaTh0MkRfM1JsVGItU1RJo2NpZNkgUFpWVUIybkVpNWpxZ0F1NzVGVTJQaWVsQnVxMXd5TGM
Requested by
Host: merchant-portal.dev.us.zip.co
URL: https://merchant-portal.dev.us.zip.co/_next/static/chunks/pages/_app-43a61ba52be07081.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.254.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afb896b34dd7bfff705e122bee66c2b3dd35766b206d3835b12875c27643043d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://merchant-portal.dev.us.zip.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
8c16f0325dcdaae9-SYD
content-language
en
content-security-policy
frame-ancestors 'none'
content-type
text/html; charset=utf-8
date
Wed, 11 Sep 2024 10:22:44 GMT
etag
W/"a727-exKK4e3WXhKQHM3cIpWE5VjP1UM"
expires
Wed, 11 Sep 2024 10:22:43 GMT
pragma
no-cache
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-auth0-dl
349
x-auth0-requestid
f2f182cf239dec53d905
x-content-type-options
nosniff
x-frame-options
deny
x-ratelimit-limit
20
x-ratelimit-remaining
19
x-ratelimit-reset
1726050170
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
8c16f02e895daae9-SYD
content-length
424
content-type
text/html; charset=utf-8
date
Wed, 11 Sep 2024 10:22:43 GMT
location
/u/login?state=hKFo2SBfR0ZGdVFob0ExdW1oX1F6bjUwaU5jWkRPenptbENnWKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIEZWUm5zQVVnYVptVGlGeEVMaTh0MkRfM1JsVGItU1RJo2NpZNkgUFpWVUIybkVpNWpxZ0F1NzVGVTJQaWVsQnVxMXd5TGM
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept, Accept-Encoding
x-auth0-requestid
0492c228a076cce51b71
x-content-type-options
nosniff
x-ratelimit-limit
100
x-ratelimit-remaining
99
x-ratelimit-reset
1726050164
rb_bf34146yuy
merchant-portal.dev.us.zip.co/ 		118 B
391 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://merchant-portal.dev.us.zip.co/rb_bf34146yuy?type=js3&sn=v_4_srv_4_sn_1ACB190FBC1147723A663F4B3C163266_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1&svrid=4&flavor=post&vi=MPIGDWSCPPHPHJRJJKHEDQGQFRFOPDFE-0&modifiedSince=1725232913417&rf=https%3A%2F%2Fmerchant-portal.dev.us.zip.co%2F&bp=3&app=ea7c4b59f27d43eb&crc=4193718487&en=ojm5tdgw&end=1
Requested by
Host: merchant-portal.dev.us.zip.co
URL: https://merchant-portal.dev.us.zip.co/ruxitagentjs_ICA7NVfqrux_10297240712040816.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://merchant-portal.dev.us.zip.co/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 11 Sep 2024 10:22:42 GMT
x-azure-ref
20240911T102242Z-r15988889dfn7p7rguqg99uszg0000000k7g0000000011vc
x-cache
CONFIG_NOCACHE
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://merchant-portal.dev.us.zip.co
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
accept-ranges
bytes
content-length
118
rb_bf34146yuy
merchant-portal.dev.us.zip.co/ 		0
0
main.cdn.min.css
cdn.auth0.com/ulp/react-components/1.95.0/css/ 		278 KB
63 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/ulp/react-components/1.95.0/css/main.cdn.min.css
Requested by
Host: merchant-login.dev.us.zip.co
URL: https://merchant-login.dev.us.zip.co/u/login?state=hKFo2SBfR0ZGdVFob0ExdW1oX1F6bjUwaU5jWkRPenptbENnWKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIEZWUm5zQVVnYVptVGlGeEVMaTh0MkRfM1JsVGItU1RJo2NpZNkgUFpWVUIybkVpNWpxZ0F1NzVGVTJQaWVsQnVxMXd5TGM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.21.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-21-40.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e01ee182c3edd33151075d139238cd34bfd31434ffd3b93d6caf940a2cad19a0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id
E38Qx_Fb50f02Wuf_xHfOlOM1q.Euraw
content-encoding
gzip
via
1.1 7f1eebb2ab7fd9ddd5ae296bfe0194d2.cloudfront.net (CloudFront)
date
Wed, 11 Sep 2024 04:52:14 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-cf-pop
SYD62-P3
age
19831
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
last-modified
Fri, 30 Aug 2024 18:26:34 GMT
server
AmazonS3
etag
W/"8f2ea3821b702993163ea3db8580e9f7"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400
x-robots-tag
noindex
x-amz-cf-id
ng5Lg9jQq7ubS9tZrzkkoxHq3WEGKNVPNcV70tS1-revi4GnkZFfaw==
black.svg
zip.co/assets/fearless/logos/zip/ 		975 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zip.co/assets/fearless/logos/zip/black.svg
Requested by
Host: merchant-login.dev.us.zip.co
URL: https://merchant-login.dev.us.zip.co/u/login?state=hKFo2SBfR0ZGdVFob0ExdW1oX1F6bjUwaU5jWkRPenptbENnWKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIEZWUm5zQVVnYVptVGlGeEVMaTh0MkRfM1JsVGItU1RJo2NpZNkgUFpWVUIybkVpNWpxZ0F1NzVGVTJQaWVsQnVxMXd5TGM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.150.121 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6857f1ddbfc8d2211fbac2383e1e0ede3b3e1f9c86a748e7807fc96023b9ba8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 11 Sep 2024 10:22:44 GMT
via
1.1 f2132080e9d6401d1cc8e856e53672f6.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 30 Oct 2023 02:59:26 GMT
server
cloudflare
strict-transport-security
max-age=31536000; preload
x-amz-cf-pop
SYD62-P3
age
27448
etag
W/"9aacd22f7596f10f319b4cded5536266"
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cf-ray
8c16f03828e6d5e2-SYD
x-amz-cf-id
6bSALb7xB1pm22hjXqvf9h-sBsW4IUHX4thrpa1PBkKz3svsQpM60g==
auth0-login-background_US.svg
assets.quadpay.com/auth0-universal/ 		157 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.quadpay.com/auth0-universal/auth0-login-background_US.svg
Requested by
Host: merchant-login.dev.us.zip.co
URL: https://merchant-login.dev.us.zip.co/u/login?state=hKFo2SBfR0ZGdVFob0ExdW1oX1F6bjUwaU5jWkRPenptbENnWKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIEZWUm5zQVVnYVptVGlGeEVMaTh0MkRfM1JsVGItU1RJo2NpZNkgUFpWVUIybkVpNWpxZ0F1NzVGVTJQaWVsQnVxMXd5TGM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.147.196 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14997af1d3d5ece87d847eb290efcbefd476033ac066bfaed3f166bd0ebe66fa

Request headers

Referer
https://merchant-login.dev.us.zip.co/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 11 Sep 2024 10:22:44 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
2VKk6ZaRxId/2Shw/uLSMg==
age
589
alt-svc
h3=":443"; ma=86400
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 28 Jul 2022 11:34:05 GMT
server
cloudflare
etag
W/"0x8DA708D14350098"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
465a4cc4-701e-00a3-4f5a-7975d6000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type
x-ms-version
2014-02-14
cf-ray
8c16f039aa1d555d-SYD
truncated
/ 		650 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aaf1eac584819e98c7f78a20216bd2fb10ee29e10b290983bc0fa82d0f293bce

Request headers

Referer
Origin
https://merchant-login.dev.us.zip.co
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/svg+xml;charset=utf-8
sharp-grotesk-book-20.woff2
zip.co/static-assets/fonts/ 		0
0
Square-Favicon.svg
zipus.wpengine.com/wp-content/uploads/2021/08/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
merchant-portal.dev.us.zip.co
URL
https://merchant-portal.dev.us.zip.co/rb_bf34146yuy?type=js3&sn=v_4_srv_4_sn_1ACB190FBC1147723A663F4B3C163266_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1&svrid=4&flavor=post&vi=MPIGDWSCPPHPHJRJJKHEDQGQFRFOPDFE-0&modifiedSince=1725232913417&rf=https%3A%2F%2Fmerchant-portal.dev.us.zip.co%2F&bp=3&app=ea7c4b59f27d43eb&crc=994226128&en=ojm5tdgw&end=1
Domain
zip.co
URL
https://zip.co/static-assets/fonts/sharp-grotesk-book-20.woff2
Domain
zipus.wpengine.com
URL
https://zipus.wpengine.com/wp-content/uploads/2021/08/Square-Favicon.svg

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| customizeResetPasswordEmailScreen function| customizeSignUpUrlInLoginScreen object| ulpFlags

11 Cookies

Domain/Path Name / Value
.zip.co/ Name: dtCookieojm5tdgw
Value: v_4_srv_4_sn_1ACB190FBC1147723A663F4B3C163266_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1
.zip.co/ Name: rxVisitorojm5tdgw
Value: 1726050161478NOURK43P7IF0UJKDKTKSS59Q51M9Q5RJ
.zip.co/ Name: rxvtojm5tdgw
Value: 1726051962480|1726050161479
.zip.co/ Name: dtSaojm5tdgw
Value: false%7Cxhr%7C2%7Cx%7Cx%7C1726050162323%7C450161477_648%7Chttps%3A%2F%2Fmerchant-portal.dev.us.zip.co%2F%7C%7C%7C%7C
merchant-login.dev.us.zip.co/ Name: did
Value: s%3Av0%3A17190672-d516-418a-a3f6-8eb1c1b1c8a6.uE0qbRSSv84m38hlRfH6f%2FbQliLVqrbRoqGFi3r9Gck
merchant-login.dev.us.zip.co/ Name: auth0
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQBiAbPH3M961_TYwrD6SUnkTakAshILlkcrfpWWRKqOIVv_SRJHi3jGqgl87QLNM-9PD6j24x3c6nCijE1IyTDumY29va2llg6dleHBpcmVz1_9y6vIAZuVj865vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.s%2BAkg06pASB3iPsNhsRixok%2BkU7Ha%2FxZ60ytV0nhvrg
merchant-login.dev.us.zip.co/ Name: did_compat
Value: s%3Av0%3A17190672-d516-418a-a3f6-8eb1c1b1c8a6.uE0qbRSSv84m38hlRfH6f%2FbQliLVqrbRoqGFi3r9Gck
merchant-login.dev.us.zip.co/ Name: auth0_compat
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQBiAbPH3M961_TYwrD6SUnkTakAshILlkcrfpWWRKqOIVv_SRJHi3jGqgl87QLNM-9PD6j24x3c6nCijE1IyTDumY29va2llg6dleHBpcmVz1_9y6vIAZuVj865vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.s%2BAkg06pASB3iPsNhsRixok%2BkU7Ha%2FxZ60ytV0nhvrg
.zip.co/ Name: dtPCojm5tdgw
Value: 4$450161477_648h-vMPIGDWSCPPHPHJRJJKHEDQGQFRFOPDFE-0e0
.zip.co/ Name: __cf_bm
Value: NtvhGfrJ19mEsv9a3_n8S5TDgCxYzTeBJdndywLyPTU-1726050164-1.0.1.1-vpe_FUHSqmfG8ZXeY.ck_GNxPMsuRRko9fZroj62gaWhy92a7K9heqky.3AYcB5LgcmLQzv_oSei6drTRpdN1Q
.quadpay.com/ Name: __cf_bm
Value: 3VlX.686_1.nwiv41AVv5eU85_Q2mEXk1Ptg4BEPNBM-1726050164-1.0.1.1-iJmnzyh8byzC0WRxflb9pAPSv67Wgyq92zX4tsnye.3OioolDoLlDfES5iCaS3tM27tYm.LEalg6T4XT8Lf5nA

2 Console Messages

Source Level URL
Text
javascript error URL: https://merchant-login.dev.us.zip.co/u/login?state=hKFo2SBfR0ZGdVFob0ExdW1oX1F6bjUwaU5jWkRPenptbENnWKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIEZWUm5zQVVnYVptVGlGeEVMaTh0MkRfM1JsVGItU1RJo2NpZNkgUFpWVUIybkVpNWpxZ0F1NzVGVTJQaWVsQnVxMXd5TGM
Message:
Access to font at 'https://zip.co/static-assets/fonts/sharp-grotesk-book-20.woff2' from origin 'https://merchant-login.dev.us.zip.co' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://zip.co/static-assets/fonts/sharp-grotesk-book-20.woff2
Message:
Failed to load resource: net::ERR_FAILED