payments.staging-2.songtradr.dev

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 6 HTTP transactions. The main IP is 13.225.78.115, located in United States and belongs to AMAZON-02, US. The main domain is payments.staging-2.songtradr.dev.
TLS certificate: Issued by Amazon on May 9th 2022. Valid for: a year.

This is the only time payments.staging-2.songtradr.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
5	13.225.78.115 13.225.78.115		16509 (AMAZON-02) (AMAZON-02)
6	2

5 13.225.78.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-115.fra2.r.cloudfront.net

payments.staging-2.songtradr.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	songtradr.dev payments.staging-2.songtradr.dev	204 KB
0	cloudfront.net Failed d2wbsh8jsobsq.cloudfront.net Failed
6	2

	Domain	Requested by
5	payments.staging-2.songtradr.dev	payments.staging-2.songtradr.dev
0	d2wbsh8jsobsq.cloudfront.net Failed	payments.staging-2.songtradr.dev
6	2

This site contains links to these domains. Also see Links.

Domain
www.songtradr.com
songtradr.com
www.facebook.com
twitter.com
www.linkedin.com
www.instagram.com
www.youtube.com
support.songtradr.com
themusicsolution.songtradr.com

Subject Issuer	Validity	Valid
payments.staging-2.songtradr.dev Amazon	`2022-05-09` - `2023-06-07`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://payments.staging-2.songtradr.dev/
Frame ID: EA519847CDD39E0111CC655D58164911
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SPA Typescript Boilerplate

Detected technologies

Ant Design (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]*class="ant-(?:btn|col|row|layout|breadcrumb|menu|pagination|steps|select|cascader|checkbox|calendar|form|input-number|input|mention|rate|radio|slider|switch|tree-select|time-picker|transfer|upload|avatar|badge|card|carousel|collapse|list|popover|tooltip|table|tabs|tag|timeline|tree|alert|modal|message|notification|progress|popconfirm|spin|anchor|back-top|divider|drawer)

Page Statistics

6
Requests

83 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

204 kB
Transfer

921 kB
Size

0
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.songtradr.com/user/dashboard/seller

Search URL Search Domain Scan URL

URL: https://songtradr.com/
Title: songtradr.com

Search URL Search Domain Scan URL

URL: https://www.facebook.com/songtradr

Search URL Search Domain Scan URL

URL: https://twitter.com/songtradr

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/6392408/admin/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/songtradr/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/songtradr

Search URL Search Domain Scan URL

URL: https://www.songtradr.com/user/about
Title: ABOUT SONGTRADR

Search URL Search Domain Scan URL

URL: https://support.songtradr.com/
Title: HELP

Search URL Search Domain Scan URL

URL: https://themusicsolution.songtradr.com/
Title: BLOG

Search URL Search Domain Scan URL

URL: https://www.songtradr.com/user/legals
Title: LEGAL

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
payments.staging-2.songtradr.dev/ 772 B
1 KB 588ms
477ms Document
text/html 13.225.78.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.staging-2.songtradr.dev/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-115.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

cace65ee91a4a594c81ef3feaabb195928865b0db84db0adb6eb3fee900d264a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; connect-src 'self'; frame-src https://widget.paymentrails.com; font-src 'self' https://.typekit.net data:; img-src 'self' data: https://.gravatar.com ; manifest-src 'self'; object-src 'none'; script-src 'self' https://.google.com https://.gstatic.com https://www.google-analytics.com; style-src 'self' https://*.typekit.net 'unsafe-inline'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-length: 772
content-security-policy: default-src 'none'; connect-src 'self'; frame-src https://widget.paymentrails.com; font-src 'self' https://*.typekit.net data:; img-src 'self' data: https://*.gravatar.com ; manifest-src 'self'; object-src 'none'; script-src 'self' https://*.google.com https://*.gstatic.com https://www.google-analytics.com; style-src 'self' https://*.typekit.net 'unsafe-inline'
content-type: text/html
date: Fri, 24 Feb 2023 04:56:58 GMT
etag: "06c8da36416a7a31342070f32a633e4a"
last-modified: Thu, 12 Aug 2021 23:10:42 GMT
referrer-policy: same-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
x-amz-cf-id: r73MaprxD6O68xtEHUbBcb8quQ-0prYxgsPzYY6ka4r_-pMWGbfvjw==
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 main.806e87f4.chunk.css
payments.staging-2.songtradr.dev/static/css/ 492 KB
64 KB 492ms
491ms Stylesheet
text/css 13.225.78.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.staging-2.songtradr.dev/static/css/main.806e87f4.chunk.css

Requested by

Host: payments.staging-2.songtradr.dev
URL: https://payments.staging-2.songtradr.dev/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-115.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b13e6a37cdfb6e59f1de3ea84c163b86e9a23b7bdcc53d561bd67ba5e2cf0345

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; connect-src 'self'; frame-src https://widget.paymentrails.com; font-src 'self' https://.typekit.net data:; img-src 'self' data: https://.gravatar.com ; manifest-src 'self'; object-src 'none'; script-src 'self' https://.google.com https://.gstatic.com https://www.google-analytics.com; style-src 'self' https://*.typekit.net 'unsafe-inline'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.staging-2.songtradr.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 04:56:59 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'none'; connect-src 'self'; frame-src https://widget.paymentrails.com; font-src 'self' https://*.typekit.net data:; img-src 'self' data: https://*.gravatar.com ; manifest-src 'self'; object-src 'none'; script-src 'self' https://*.google.com https://*.gstatic.com https://www.google-analytics.com; style-src 'self' https://*.typekit.net 'unsafe-inline'
content-encoding: gzip
x-amz-cf-pop: FRA2-C2
via: 1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 12 Aug 2021 23:10:42 GMT
server: AmazonS3
etag: W/"08145361a19185c260dc6641c4a90a41"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
x-amz-cf-id: CTsebN4XOu2C1sS59oYMYxU3VKQtGEuusJOmW8yboa3uts9yFAeGrg==

GET
H2 200 runtime-main.e8ffd88b.js Show response
payments.staging-2.songtradr.dev/static/js/ 2 KB
2 KB 629ms
629ms Script
application/javascript 13.225.78.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.staging-2.songtradr.dev/static/js/runtime-main.e8ffd88b.js

Requested by

Host: payments.staging-2.songtradr.dev
URL: https://payments.staging-2.songtradr.dev/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-115.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

699a8908724def34ea065404a0a2d832030e49ffe761dc1afd126a1f553fe6a8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; connect-src 'self'; frame-src https://widget.paymentrails.com; font-src 'self' https://.typekit.net data:; img-src 'self' data: https://.gravatar.com ; manifest-src 'self'; object-src 'none'; script-src 'self' https://.google.com https://.gstatic.com https://www.google-analytics.com; style-src 'self' https://*.typekit.net 'unsafe-inline'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.staging-2.songtradr.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 04:56:59 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'none'; connect-src 'self'; frame-src https://widget.paymentrails.com; font-src 'self' https://*.typekit.net data:; img-src 'self' data: https://*.gravatar.com ; manifest-src 'self'; object-src 'none'; script-src 'self' https://*.google.com https://*.gstatic.com https://www.google-analytics.com; style-src 'self' https://*.typekit.net 'unsafe-inline'
content-encoding: gzip
x-amz-cf-pop: FRA2-C2
via: 1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 12 Aug 2021 23:10:42 GMT
server: AmazonS3
etag: W/"c398a38f1e56af0f7c44bce10964a031"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
x-amz-cf-id: 4CDkQxedI8HiYYAmNiVGR6FbXAGkdXMPB2cnnNiRQZLBUzzpI0Mokw==

GET
H2 200 2.8068d3d3.chunk.js Show response
payments.staging-2.songtradr.dev/static/js/ 400 KB
126 KB 526ms
525ms Script
application/javascript 13.225.78.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.staging-2.songtradr.dev/static/js/2.8068d3d3.chunk.js

Requested by

Host: payments.staging-2.songtradr.dev
URL: https://payments.staging-2.songtradr.dev/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-115.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

881f6791a8ac5d513df6c376584f160e775b8e837aee08fc675af05ba3e14066

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; connect-src 'self'; frame-src https://widget.paymentrails.com; font-src 'self' https://.typekit.net data:; img-src 'self' data: https://.gravatar.com ; manifest-src 'self'; object-src 'none'; script-src 'self' https://.google.com https://.gstatic.com https://www.google-analytics.com; style-src 'self' https://*.typekit.net 'unsafe-inline'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.staging-2.songtradr.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 04:56:59 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'none'; connect-src 'self'; frame-src https://widget.paymentrails.com; font-src 'self' https://*.typekit.net data:; img-src 'self' data: https://*.gravatar.com ; manifest-src 'self'; object-src 'none'; script-src 'self' https://*.google.com https://*.gstatic.com https://www.google-analytics.com; style-src 'self' https://*.typekit.net 'unsafe-inline'
content-encoding: gzip
x-amz-cf-pop: FRA2-C2
via: 1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 12 Aug 2021 23:10:43 GMT
server: AmazonS3
etag: W/"7477d589df476506f0c3ac5722215cd6"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
x-amz-cf-id: u-nyyD3-_hqgKps2QOyYy3eQDDltatUDq6d5yHSnt4HCSFouwG75vA==

GET
H2 200 main.9c2f87a7.chunk.js Show response
payments.staging-2.songtradr.dev/static/js/ 21 KB
11 KB 458ms
458ms Script
application/javascript 13.225.78.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.staging-2.songtradr.dev/static/js/main.9c2f87a7.chunk.js

Requested by

Host: payments.staging-2.songtradr.dev
URL: https://payments.staging-2.songtradr.dev/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-115.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c7776f023bdafb5e54c7100afb6fe4f693c8ac9a20752503acc87d773cc6b7bf

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; connect-src 'self'; frame-src https://widget.paymentrails.com; font-src 'self' https://.typekit.net data:; img-src 'self' data: https://.gravatar.com ; manifest-src 'self'; object-src 'none'; script-src 'self' https://.google.com https://.gstatic.com https://www.google-analytics.com; style-src 'self' https://*.typekit.net 'unsafe-inline'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.staging-2.songtradr.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 04:56:59 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'none'; connect-src 'self'; frame-src https://widget.paymentrails.com; font-src 'self' https://*.typekit.net data:; img-src 'self' data: https://*.gravatar.com ; manifest-src 'self'; object-src 'none'; script-src 'self' https://*.google.com https://*.gstatic.com https://www.google-analytics.com; style-src 'self' https://*.typekit.net 'unsafe-inline'
content-encoding: gzip
x-amz-cf-pop: FRA2-C2
via: 1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 12 Aug 2021 23:10:43 GMT
server: AmazonS3
etag: W/"0d1fb47f091b4ec03acc5a33bc84d942"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
x-amz-cf-id: ohWFq5Snc_wvpkzqCf2W4xOoB0tQy2ynb8rqs7afAh-i1YZUCnYGnQ==

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8fe69d0338a47dbaf5875bcd6a0761c8662700aeb931d8beab7bf11a7d14be79

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET social-footer-icons_d2020.png
d2wbsh8jsobsq.cloudfront.net/general/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: d2wbsh8jsobsq.cloudfront.net
URL: https://d2wbsh8jsobsq.cloudfront.net/general/social-footer-icons_d2020.png

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| webpackJsonppayments-spa object| regeneratorRuntime

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://payments.staging-2.songtradr.dev/missing-info Message: Refused to load the image 'https://d2wbsh8jsobsq.cloudfront.net/general/social-footer-icons_d2020.png' because it violates the following Content Security Policy directive: "img-src 'self' data: https://*.gravatar.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'none'; connect-src 'self'; frame-src https://widget.paymentrails.com; font-src 'self' https://.typekit.net data:; img-src 'self' data: https://.gravatar.com ; manifest-src 'self'; object-src 'none'; script-src 'self' https://.google.com https://.gstatic.com https://www.google-analytics.com; style-src 'self' https://*.typekit.net 'unsafe-inline'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d2wbsh8jsobsq.cloudfront.net
payments.staging-2.songtradr.dev
d2wbsh8jsobsq.cloudfront.net
13.225.78.115
699a8908724def34ea065404a0a2d832030e49ffe761dc1afd126a1f553fe6a8
881f6791a8ac5d513df6c376584f160e775b8e837aee08fc675af05ba3e14066
8fe69d0338a47dbaf5875bcd6a0761c8662700aeb931d8beab7bf11a7d14be79
b13e6a37cdfb6e59f1de3ea84c163b86e9a23b7bdcc53d561bd67ba5e2cf0345
c7776f023bdafb5e54c7100afb6fe4f693c8ac9a20752503acc87d773cc6b7bf
cace65ee91a4a594c81ef3feaabb195928865b0db84db0adb6eb3fee900d264a

payments.staging-2.songtradr.dev Open in urlscan Pro 13.225.78.115 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

6 Requests

83 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

204 kBTransfer

921 kBSize

0 Cookies

11 Outgoing links

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

payments.staging-2.songtradr.dev Open in urlscan Pro
13.225.78.115 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

83 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

204 kB
Transfer

921 kB
Size

0
Cookies

6 HTTP transactions
1 data transactions