sp-payments-adminspa-prev.draycir.dev Open in urlscan Pro
20.118.48.5 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sp-payments-adminspa-prev.draycir.dev/
Submission: On December 19 via automatic, source certstream-suspicious (December 19th 2024, 1:21:31 pm UTC) — Scanned from DE

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 8 HTTP transactions. The main IP is 20.118.48.5, located in Des Moines, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is sp-payments-adminspa-prev.draycir.dev.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on December 19th 2024. Valid for: 6 months.

This is the only time sp-payments-adminspa-prev.draycir.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	20.118.48.5 20.118.48.5	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
8	3

4 20.118.48.5 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sp-payments-adminspa-prev.draycir.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	draycir.dev sp-payments-adminspa-prev.draycir.dev sp-payments-api-prev.draycir.dev Failed	2 MB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	4 KB
8	2

	Domain	Requested by
4	sp-payments-adminspa-prev.draycir.dev	sp-payments-adminspa-prev.draycir.dev
3	fonts.googleapis.com	sp-payments-adminspa-prev.draycir.dev
0	sp-payments-api-prev.draycir.dev Failed	sp-payments-adminspa-prev.draycir.dev
8	3

This site contains no links.

Subject Issuer	Validity	Valid
sp-payments-adminspa-prev.draycir.dev GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2024-12-19` - `2025-06-19`	6 months	crt.sh
upload.video.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://sp-payments-adminspa-prev.draycir.dev/
Frame ID: 6F9F0B567D8B797ED69EB2B9011D08DE
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PayThem Admin Portal

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

8
Requests

88 %
HTTPS

50 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

2018 kB
Transfer

2067 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
sp-payments-adminspa-prev.draycir.dev/ 2 KB
4 KB 1294ms
773ms Document
text/html 20.118.48.5
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://sp-payments-adminspa-prev.draycir.dev/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.118.48.5 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

12657579054fb9642f1c3890ba771247fd3fb4155054f28e7b055c45a8c28f16

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'self' https://static.cloudflareinsights.com;style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com;img-src 'self' blob: https: data:;connect-src 'self' https://dc.services.visualstudio.com/v2/track https://api.iconify.design https://api.simplesvg.com https://api.unisvg.com https://sp-payments-api-prev.draycir.dev https://accounts.draycir.com https://credithound-api-stab.draycir.dev;object-src 'self' blob:;frame-src 'self' https://app.svix.com https://demo.capitalise.com https://capitalise.com blob:;frame-ancestors 'self' https://localhost:44322 https://credithound-dev.draycir.dev https://credithound-test.draycir.dev;font-src 'self' https://use.fontawesome.com https://fonts.googleapis.com https://fonts.gstatic.com;upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM #{adminSiteFrameAncestors}#
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Content-Length: 2267
Content-Security-Policy: default-src 'self';script-src 'self' https://static.cloudflareinsights.com;style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com;img-src 'self' blob: https: data:;connect-src 'self' https://dc.services.visualstudio.com/v2/track https://api.iconify.design https://api.simplesvg.com https://api.unisvg.com https://sp-payments-api-prev.draycir.dev https://accounts.draycir.com https://credithound-api-stab.draycir.dev;object-src 'self' blob:;frame-src 'self' https://app.svix.com https://demo.capitalise.com https://capitalise.com blob:;frame-ancestors 'self' https://localhost:44322 https://credithound-dev.draycir.dev https://credithound-test.draycir.dev;font-src 'self' https://use.fontawesome.com https://fonts.googleapis.com https://fonts.gstatic.com;upgrade-insecure-requests
Content-Type: text/html
Date: Thu, 19 Dec 2024 13:21:22 GMT
ETag: "0981dcb4151db1:0"
Last-Modified: Wed, 18 Dec 2024 11:41:36 GMT
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Referrer-Policy: strict-origin
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: ALLOW-FROM #{adminSiteFrameAncestors}#
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 85ms
19ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Public+Sans:wght@400;500;600;700;800;900&display=swap

Requested by

Host: sp-payments-adminspa-prev.draycir.dev
URL: https://sp-payments-adminspa-prev.draycir.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

404a18b009a81412dec51d34ed7fc2e96421db42f6f63848211529e6591e2c9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://sp-payments-adminspa-prev.draycir.dev/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 19 Dec 2024 13:21:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Dec 2024 13:21:23 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 19 Dec 2024 13:21:23 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
681 B 84ms
18ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;600;700;800;900&display=swap

Requested by

Host: sp-payments-adminspa-prev.draycir.dev
URL: https://sp-payments-adminspa-prev.draycir.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b578a6adc97cf5e3806b9376983e5249ceafe4905c1b4d1fef8cfa1b645f57fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://sp-payments-adminspa-prev.draycir.dev/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 19 Dec 2024 13:21:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Dec 2024 13:21:23 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 19 Dec 2024 13:21:14 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 45 KB
2 KB 88ms
22ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;500;600;700;800;900&family=Roboto+Condensed:wght@400;500;600;700;800;900&display=swap

Requested by

Host: sp-payments-adminspa-prev.draycir.dev
URL: https://sp-payments-adminspa-prev.draycir.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

266532d4d742d0ed5409d158ca68dc20a3a4be026a59f6693774b1d0172eec29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://sp-payments-adminspa-prev.draycir.dev/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 19 Dec 2024 13:21:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Dec 2024 13:21:23 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 19 Dec 2024 13:21:23 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H/1.1 200
OK index-CaJQsOm7.js Show response
sp-payments-adminspa-prev.draycir.dev/assets/ 2 MB
2 MB 557ms
556ms Script
application/x-javascript 20.118.48.5
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://sp-payments-adminspa-prev.draycir.dev/assets/index-CaJQsOm7.js

Requested by

Host: sp-payments-adminspa-prev.draycir.dev
URL: https://sp-payments-adminspa-prev.draycir.dev/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.118.48.5 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4b29e075f6f3a9ff7f9942db0613810db225c29ed7336305761aef5cf1fd78f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'self' https://static.cloudflareinsights.com;style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com;img-src 'self' blob: https: data:;connect-src 'self' https://dc.services.visualstudio.com/v2/track https://api.iconify.design https://api.simplesvg.com https://api.unisvg.com https://sp-payments-api-prev.draycir.dev https://accounts.draycir.com https://credithound-api-stab.draycir.dev;object-src 'self' blob:;frame-src 'self' https://app.svix.com https://demo.capitalise.com https://capitalise.com blob:;frame-ancestors 'self' https://localhost:44322 https://credithound-dev.draycir.dev https://credithound-test.draycir.dev;font-src 'self' https://use.fontawesome.com https://fonts.googleapis.com https://fonts.gstatic.com;upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM #{adminSiteFrameAncestors}#
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://sp-payments-adminspa-prev.draycir.dev
Referer: https://sp-payments-adminspa-prev.draycir.dev/

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Security-Policy: default-src 'self';script-src 'self' https://static.cloudflareinsights.com;style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com;img-src 'self' blob: https: data:;connect-src 'self' https://dc.services.visualstudio.com/v2/track https://api.iconify.design https://api.simplesvg.com https://api.unisvg.com https://sp-payments-api-prev.draycir.dev https://accounts.draycir.com https://credithound-api-stab.draycir.dev;object-src 'self' blob:;frame-src 'self' https://app.svix.com https://demo.capitalise.com https://capitalise.com blob:;frame-ancestors 'self' https://localhost:44322 https://credithound-dev.draycir.dev https://credithound-test.draycir.dev;font-src 'self' https://use.fontawesome.com https://fonts.googleapis.com https://fonts.gstatic.com;upgrade-insecure-requests
ETag: "0c91791952db1:0"
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
X-Download-Options: noopen
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Accept-Ranges: bytes
Content-Length: 1640044
Date: Thu, 19 Dec 2024 13:21:24 GMT
X-XSS-Protection: 1; mode=block
Content-Type: application/x-javascript
Last-Modified: Thu, 19 Dec 2024 11:31:38 GMT
X-Frame-Options: ALLOW-FROM #{adminSiteFrameAncestors}#

GET
H/1.1 200
OK index-CCNase7L.css
sp-payments-adminspa-prev.draycir.dev/assets/ 3 KB
4 KB 1155ms
759ms Stylesheet
text/css 20.118.48.5
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://sp-payments-adminspa-prev.draycir.dev/assets/index-CCNase7L.css

Requested by

Host: sp-payments-adminspa-prev.draycir.dev
URL: https://sp-payments-adminspa-prev.draycir.dev/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.118.48.5 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0c976e4c06e4c2c6ac89525997e0ad239dad1ae9164ef75f7bed1bdc6841bb12

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'self' https://static.cloudflareinsights.com;style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com;img-src 'self' blob: https: data:;connect-src 'self' https://dc.services.visualstudio.com/v2/track https://api.iconify.design https://api.simplesvg.com https://api.unisvg.com https://sp-payments-api-prev.draycir.dev https://accounts.draycir.com https://credithound-api-stab.draycir.dev;object-src 'self' blob:;frame-src 'self' https://app.svix.com https://demo.capitalise.com https://capitalise.com blob:;frame-ancestors 'self' https://localhost:44322 https://credithound-dev.draycir.dev https://credithound-test.draycir.dev;font-src 'self' https://use.fontawesome.com https://fonts.googleapis.com https://fonts.gstatic.com;upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM #{adminSiteFrameAncestors}#
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://sp-payments-adminspa-prev.draycir.dev
Referer: https://sp-payments-adminspa-prev.draycir.dev/

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Security-Policy: default-src 'self';script-src 'self' https://static.cloudflareinsights.com;style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com;img-src 'self' blob: https: data:;connect-src 'self' https://dc.services.visualstudio.com/v2/track https://api.iconify.design https://api.simplesvg.com https://api.unisvg.com https://sp-payments-api-prev.draycir.dev https://accounts.draycir.com https://credithound-api-stab.draycir.dev;object-src 'self' blob:;frame-src 'self' https://app.svix.com https://demo.capitalise.com https://capitalise.com blob:;frame-ancestors 'self' https://localhost:44322 https://credithound-dev.draycir.dev https://credithound-test.draycir.dev;font-src 'self' https://use.fontawesome.com https://fonts.googleapis.com https://fonts.gstatic.com;upgrade-insecure-requests
ETag: "0981dcb4151db1:0"
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
X-Download-Options: noopen
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Accept-Ranges: bytes
Content-Length: 3113
Date: Thu, 19 Dec 2024 13:21:24 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/css
Last-Modified: Wed, 18 Dec 2024 11:41:36 GMT
X-Frame-Options: ALLOW-FROM #{adminSiteFrameAncestors}#

GET feature-flags
sp-payments-api-prev.draycir.dev/api/v0/info/ 0
0

GET
H/1.1 200
OK paythem-favicon.ico
sp-payments-adminspa-prev.draycir.dev/favicon/ 401 KB
402 KB 182ms
182ms Other
image/x-icon 20.118.48.5
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://sp-payments-adminspa-prev.draycir.dev/favicon/paythem-favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.118.48.5 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

efd30d7b3c22dc9cc60bfefe7ee7cd59976248081c5930b98a2e99a529e3bc31

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'self' https://static.cloudflareinsights.com;style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com;img-src 'self' blob: https: data:;connect-src 'self' https://dc.services.visualstudio.com/v2/track https://api.iconify.design https://api.simplesvg.com https://api.unisvg.com https://sp-payments-api-prev.draycir.dev https://accounts.draycir.com https://credithound-api-stab.draycir.dev;object-src 'self' blob:;frame-src 'self' https://app.svix.com https://demo.capitalise.com https://capitalise.com blob:;frame-ancestors 'self' https://localhost:44322 https://credithound-dev.draycir.dev https://credithound-test.draycir.dev;font-src 'self' https://use.fontawesome.com https://fonts.googleapis.com https://fonts.gstatic.com;upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM #{adminSiteFrameAncestors}#
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://sp-payments-adminspa-prev.draycir.dev/

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Security-Policy: default-src 'self';script-src 'self' https://static.cloudflareinsights.com;style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com;img-src 'self' blob: https: data:;connect-src 'self' https://dc.services.visualstudio.com/v2/track https://api.iconify.design https://api.simplesvg.com https://api.unisvg.com https://sp-payments-api-prev.draycir.dev https://accounts.draycir.com https://credithound-api-stab.draycir.dev;object-src 'self' blob:;frame-src 'self' https://app.svix.com https://demo.capitalise.com https://capitalise.com blob:;frame-ancestors 'self' https://localhost:44322 https://credithound-dev.draycir.dev https://credithound-test.draycir.dev;font-src 'self' https://use.fontawesome.com https://fonts.googleapis.com https://fonts.gstatic.com;upgrade-insecure-requests
ETag: "0981dcb4151db1:0"
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
X-Download-Options: noopen
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Accept-Ranges: bytes
Content-Length: 410598
Date: Thu, 19 Dec 2024 13:21:27 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/x-icon
Last-Modified: Wed, 18 Dec 2024 11:41:36 GMT
X-Frame-Options: ALLOW-FROM #{adminSiteFrameAncestors}#

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sp-payments-api-prev.draycir.dev
URL: https://sp-payments-api-prev.draycir.dev/api/v0/info/feature-flags?target=adminPortal

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| __reactRouterVersion

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.sp-payments-adminspa-prev.draycir.dev/	1969-12-31 23:59:59	Name: ARRAffinity Value: 77976561c63f98d451b1fee7312feef9a5218211d48402c1c8c77d6f0c027b62
			.sp-payments-adminspa-prev.draycir.dev/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 77976561c63f98d451b1fee7312feef9a5218211d48402c1c8c77d6f0c027b62

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://sp-payments-adminspa-prev.draycir.dev/(Line 59) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' https://static.cloudflareinsights.com". Either the 'unsafe-inline' keyword, a hash ('sha256-20j3WcL/cq9Bb1jvtRZ3Eo1NIAIovziWZTzuq2rpaa4='), or a nonce ('nonce-...') is required to enable inline execution.
javascript	error	URL: https://sp-payments-adminspa-prev.draycir.dev/ Message: Access to XMLHttpRequest at 'https://sp-payments-api-prev.draycir.dev/api/v0/info/feature-flags?target=adminPortal' from origin 'https://sp-payments-adminspa-prev.draycir.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://sp-payments-api-prev.draycir.dev/api/v0/info/feature-flags?target=adminPortal Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self';script-src 'self' https://static.cloudflareinsights.com;style-src 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com;img-src 'self' blob: https: data:;connect-src 'self' https://dc.services.visualstudio.com/v2/track https://api.iconify.design https://api.simplesvg.com https://api.unisvg.com https://sp-payments-api-prev.draycir.dev https://accounts.draycir.com https://credithound-api-stab.draycir.dev;object-src 'self' blob:;frame-src 'self' https://app.svix.com https://demo.capitalise.com https://capitalise.com blob:;frame-ancestors 'self' https://localhost:44322 https://credithound-dev.draycir.dev https://credithound-test.draycir.dev;font-src 'self' https://use.fontawesome.com https://fonts.googleapis.com https://fonts.gstatic.com;upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM #{adminSiteFrameAncestors}#
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
sp-payments-adminspa-prev.draycir.dev
sp-payments-api-prev.draycir.dev
sp-payments-api-prev.draycir.dev
20.118.48.5
2a00:1450:4001:828::200a
0c976e4c06e4c2c6ac89525997e0ad239dad1ae9164ef75f7bed1bdc6841bb12
12657579054fb9642f1c3890ba771247fd3fb4155054f28e7b055c45a8c28f16
266532d4d742d0ed5409d158ca68dc20a3a4be026a59f6693774b1d0172eec29
404a18b009a81412dec51d34ed7fc2e96421db42f6f63848211529e6591e2c9f
4b29e075f6f3a9ff7f9942db0613810db225c29ed7336305761aef5cf1fd78f8
b578a6adc97cf5e3806b9376983e5249ceafe4905c1b4d1fef8cfa1b645f57fb
efd30d7b3c22dc9cc60bfefe7ee7cd59976248081c5930b98a2e99a529e3bc31

sp-payments-adminspa-prev.draycir.dev Open in urlscan Pro 20.118.48.5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

8 Requests

88 %HTTPS

50 %IPv6

2 Domains

3 Subdomains

3 IPs

2 Countries

2018 kBTransfer

2067 kBSize

2 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

2 Cookies

3 Console Messages

Security Headers

Indicators

sp-payments-adminspa-prev.draycir.dev Open in urlscan Pro
20.118.48.5 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

88 %
HTTPS

50 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

2018 kB
Transfer

2067 kB
Size

2
Cookies

8 HTTP transactions
0 data transactions