urlscan.io logo urlscan.io
SecurityTrails logo

merchant.cloud.telepasspay.com Open in urlscan Pro
34.95.98.231  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://merchant.cloud.telepasspay.com/
Effective URL: https://merchant.cloud.telepasspay.com/KCB/login
Submission: On January 19 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 9 HTTP transactions. The main IP is 34.95.98.231, located in United States and belongs to GOOGLE, US. The main domain is merchant.cloud.telepasspay.com.
TLS certificate: Issued by GTS CA 1D2 on November 23rd 2020. Valid for: 3 months.
This is the only time merchant.cloud.telepasspay.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 12 34.95.98.231 15169 (GOOGLE)
9 1
Apex Domain
Subdomains		 Transfer
12 telepasspay.com
merchant.cloud.telepasspay.com
434 KB
9 1
Domain Requested by
12 merchant.cloud.telepasspay.com 3 redirects merchant.cloud.telepasspay.com
9 1

This site contains links to these domains. Also see Links.

Domain
www.atlantia.it
Subject Issuer Validity Valid
merchant.cloud.telepasspay.com
GTS CA 1D2		 2020-11-23 -
2021-02-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://merchant.cloud.telepasspay.com/KCB/login
Frame ID: 1BD55DBD3B163EFD5D437A6B50E02747
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://merchant.cloud.telepasspay.com/ HTTP 302
    https://merchant.cloud.telepasspay.com/KCB HTTP 302
    https://merchant.cloud.telepasspay.com/KCB/ HTTP 302
    https://merchant.cloud.telepasspay.com/KCB/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /^1\.1 google$/i

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

434 kB
Transfer

432 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://merchant.cloud.telepasspay.com/ HTTP 302
    https://merchant.cloud.telepasspay.com/KCB HTTP 302
    https://merchant.cloud.telepasspay.com/KCB/ HTTP 302
    https://merchant.cloud.telepasspay.com/KCB/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
merchant.cloud.telepasspay.com/KCB/
Redirect Chain
  • https://merchant.cloud.telepasspay.com/
  • https://merchant.cloud.telepasspay.com/KCB
  • https://merchant.cloud.telepasspay.com/KCB/
  • https://merchant.cloud.telepasspay.com/KCB/login
8 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://merchant.cloud.telepasspay.com/KCB/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.98.231 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
231.98.95.34.bc.googleusercontent.com
Software
JBoss-EAP/7 / Undertow/1 JSP/2.3
Resource Hash
bd6a342939fbfcf2081ae1f39d60e0e40bd354adc2446bc0bbb50fa8c3ce2c99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
merchant.cloud.telepasspay.com
:scheme
https
:path
/KCB/login
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
JSESSIONID=ZrJ30xbRmtSCnbZJvcbvBdkQ9MckBq7biKl7Ci5r.ig-kcb-instance-b439; GCLB=CIDXrKr2vq6qtQE
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 22:27:15 GMT
server
JBoss-EAP/7
expires
0
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-powered-by
Undertow/1 JSP/2.3
x-xss-protection
1; mode=block
pragma
no-cache
x-frame-options
DENY
x-content-type-options
nosniff
strict-transport-security
max-age=31536000 ; includeSubDomains
content-type
text/html;charset=UTF-8
content-language
it-
via
1.1 google
alt-svc
clear

Redirect headers

date
Tue, 19 Jan 2021 22:27:15 GMT
server
JBoss-EAP/7
expires
0
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-powered-by
Undertow/1
x-xss-protection
1; mode=block
pragma
no-cache
x-frame-options
DENY
location
https://merchant.cloud.telepasspay.com/KCB/login
x-content-type-options
nosniff
strict-transport-security
max-age=31536000 ; includeSubDomains
content-length
0
set-cookie
JSESSIONID=ZrJ30xbRmtSCnbZJvcbvBdkQ9MckBq7biKl7Ci5r.ig-kcb-instance-b439; path=/KCB
via
1.1 google
alt-svc
clear
jquery-1.12.1.min.js
merchant.cloud.telepasspay.com/KCB/resources/jquery/ 		95 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://merchant.cloud.telepasspay.com/KCB/resources/jquery/jquery-1.12.1.min.js
Requested by
Host: merchant.cloud.telepasspay.com
URL: https://merchant.cloud.telepasspay.com/KCB/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.98.231 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
231.98.95.34.bc.googleusercontent.com
Software
JBoss-EAP/7 / Undertow/1
Resource Hash
2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://merchant.cloud.telepasspay.com/KCB/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 22:27:15 GMT
via
1.1 google
x-content-type-options
nosniff
x-powered-by
Undertow/1
alt-svc
clear
content-length
97403
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Mon, 18 Jan 2021 10:42:16 GMT
server
JBoss-EAP/7
x-frame-options
DENY
strict-transport-security
max-age=31536000 ; includeSubDomains
content-type
application/javascript; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
expires
0
styles.css
merchant.cloud.telepasspay.com/KCB/resources/custom/css/ 		180 KB
180 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://merchant.cloud.telepasspay.com/KCB/resources/custom/css/styles.css
Requested by
Host: merchant.cloud.telepasspay.com
URL: https://merchant.cloud.telepasspay.com/KCB/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.98.231 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
231.98.95.34.bc.googleusercontent.com
Software
JBoss-EAP/7 / Undertow/1
Resource Hash
40d916c711bd0f35604058dd8e170b71ae0d4675aff69084aed94c7fc9cf8d2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://merchant.cloud.telepasspay.com/KCB/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 22:27:15 GMT
via
1.1 google
x-content-type-options
nosniff
x-powered-by
Undertow/1
alt-svc
clear
content-length
183987
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Mon, 18 Jan 2021 10:42:16 GMT
server
JBoss-EAP/7
x-frame-options
DENY
strict-transport-security
max-age=31536000 ; includeSubDomains
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
expires
0
ajax-loader.gif
merchant.cloud.telepasspay.com/KCB/resources/imgs/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://merchant.cloud.telepasspay.com/KCB/resources/imgs/ajax-loader.gif
Requested by
Host: merchant.cloud.telepasspay.com
URL: https://merchant.cloud.telepasspay.com/KCB/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.98.231 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
231.98.95.34.bc.googleusercontent.com
Software
JBoss-EAP/7 / Undertow/1
Resource Hash
483c4a0396691993a641ec409c44b8b7e1daab0ae7e2b2944c4bc59520bb7655
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://merchant.cloud.telepasspay.com/KCB/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 22:27:15 GMT
via
1.1 google
x-content-type-options
nosniff
x-powered-by
Undertow/1
alt-svc
clear
content-length
2545
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Mon, 18 Jan 2021 10:41:42 GMT
server
JBoss-EAP/7
x-frame-options
DENY
strict-transport-security
max-age=31536000 ; includeSubDomains
content-type
image/gif; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
expires
0
bootstrap.min.js
merchant.cloud.telepasspay.com/KCB/resources/bootstrap/dist/js/ 		36 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://merchant.cloud.telepasspay.com/KCB/resources/bootstrap/dist/js/bootstrap.min.js
Requested by
Host: merchant.cloud.telepasspay.com
URL: https://merchant.cloud.telepasspay.com/KCB/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.98.231 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
231.98.95.34.bc.googleusercontent.com
Software
JBoss-EAP/7 / Undertow/1
Resource Hash
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://merchant.cloud.telepasspay.com/KCB/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 22:27:15 GMT
via
1.1 google
x-content-type-options
nosniff
x-powered-by
Undertow/1
alt-svc
clear
content-length
36868
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Mon, 18 Jan 2021 10:42:16 GMT
server
JBoss-EAP/7
x-frame-options
DENY
strict-transport-security
max-age=31536000 ; includeSubDomains
content-type
application/javascript; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
expires
0
ajaxforms.js
merchant.cloud.telepasspay.com/KCB/resources/custom/js/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://merchant.cloud.telepasspay.com/KCB/resources/custom/js/ajaxforms.js
Requested by
Host: merchant.cloud.telepasspay.com
URL: https://merchant.cloud.telepasspay.com/KCB/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.98.231 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
231.98.95.34.bc.googleusercontent.com
Software
JBoss-EAP/7 / Undertow/1
Resource Hash
596d05893879bb8b84e9957bacad0e8d93323c937d012d6059060d065e90bcb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://merchant.cloud.telepasspay.com/KCB/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 22:27:15 GMT
via
1.1 google
x-content-type-options
nosniff
x-powered-by
Undertow/1
alt-svc
clear
content-length
9612
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Mon, 18 Jan 2021 10:42:16 GMT
server
JBoss-EAP/7
x-frame-options
DENY
strict-transport-security
max-age=31536000 ; includeSubDomains
content-type
application/javascript; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
expires
0
common.js
merchant.cloud.telepasspay.com/KCB/resources/custom/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://merchant.cloud.telepasspay.com/KCB/resources/custom/js/common.js
Requested by
Host: merchant.cloud.telepasspay.com
URL: https://merchant.cloud.telepasspay.com/KCB/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.98.231 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
231.98.95.34.bc.googleusercontent.com
Software
JBoss-EAP/7 / Undertow/1
Resource Hash
19dbc036ddfd7f351564f693d7d6b52483e65b73ff57d008fcdbc3b3f57ae1fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://merchant.cloud.telepasspay.com/KCB/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 22:27:15 GMT
via
1.1 google
x-content-type-options
nosniff
x-powered-by
Undertow/1
alt-svc
clear
content-length
3181
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Mon, 18 Jan 2021 10:42:16 GMT
server
JBoss-EAP/7
x-frame-options
DENY
strict-transport-security
max-age=31536000 ; includeSubDomains
content-type
application/javascript; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
expires
0
login.js
merchant.cloud.telepasspay.com/KCB/resources/custom/js/login/ 		381 B
453 B 		Script
General
Check archive.org
Download Go to
Full URL
https://merchant.cloud.telepasspay.com/KCB/resources/custom/js/login/login.js
Requested by
Host: merchant.cloud.telepasspay.com
URL: https://merchant.cloud.telepasspay.com/KCB/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.98.231 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
231.98.95.34.bc.googleusercontent.com
Software
JBoss-EAP/7 / Undertow/1
Resource Hash
11c64d9792bc844876b59e6f3e1f6b0bdacf9cb78a4df9361de26ffdaec92860
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://merchant.cloud.telepasspay.com/KCB/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 22:27:15 GMT
via
1.1 google
x-content-type-options
nosniff
x-powered-by
Undertow/1
alt-svc
clear
content-length
381
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Mon, 18 Jan 2021 10:42:16 GMT
server
JBoss-EAP/7
x-frame-options
DENY
strict-transport-security
max-age=31536000 ; includeSubDomains
content-type
application/javascript; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
expires
0
sprite.png
merchant.cloud.telepasspay.com/KCB/resources/imgs/ 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://merchant.cloud.telepasspay.com/KCB/resources/imgs/sprite.png
Requested by
Host: merchant.cloud.telepasspay.com
URL: https://merchant.cloud.telepasspay.com/KCB/resources/custom/css/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.98.231 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
231.98.95.34.bc.googleusercontent.com
Software
JBoss-EAP/7 / Undertow/1
Resource Hash
c3970b0ad89bc4460218b1a0069e43c16cc89b3c69e0a8df1f1bd727b7021bf3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://merchant.cloud.telepasspay.com/KCB/resources/custom/css/styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 22:27:15 GMT
via
1.1 google
x-content-type-options
nosniff
x-powered-by
Undertow/1
alt-svc
clear
content-length
99957
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Mon, 18 Jan 2021 10:41:42 GMT
server
JBoss-EAP/7
x-frame-options
DENY
strict-transport-security
max-age=31536000 ; includeSubDomains
content-type
image/png; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
expires
0

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| jQuery112105865715492392654 function| updateSynchToken function| showLoader function| hideLoader function| showValidationError function| hideValidationError function| showValidationSuccess function| showValidationErrors function| showGenericErrors function| buildErrorMessageHtml function| saveForm function| InplaceEdit function| ModalEdit function| getCookie function| supportSessionStorage object| userSettingMgr function| UserSettingMgr

2 Cookies

Domain/Path Name / Value
merchant.cloud.telepasspay.com/ Name: GCLB
Value: CIDXrKr2vq6qtQE
merchant.cloud.telepasspay.com/KCB Name: JSESSIONID
Value: ZrJ30xbRmtSCnbZJvcbvBdkQ9MckBq7biKl7Ci5r.ig-kcb-instance-b439

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block