login.paymentevolution.com Open in urlscan Pro
216.105.88.39 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://saml.paymentevolution.com/
Effective URL:
https://login.paymentevolution.com/login?signin=d9f6692b57e588066bc0e3a39406955d
Submission: On June 21 via automatic, source certstream-suspicious (June 21st 2023, 1:12:59 pm UTC) — Scanned from CA

Summary HTTP 45 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 11 domains to perform 45 HTTP transactions. The main IP is 216.105.88.39, located in St. Catharines, Canada and belongs to COLOSSEUM-ONL, CA. The main domain is login.paymentevolution.com.
TLS certificate: Issued by GeoTrust RSA CA 2018 on December 6th 2022. Valid for: a year.

This is the only time login.paymentevolution.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 3	216.105.88.30 216.105.88.30	19842 (COLOSSEUM...) (COLOSSEUM-ONL)
2 29	216.105.88.39 216.105.88.39	19842 (COLOSSEUM...) (COLOSSEUM-ONL)
2	2607:f8b0:402... 2607:f8b0:4020:804::2008	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:817::200e	15169 (GOOGLE) (GOOGLE)
2	52.237.33.21 52.237.33.21	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2620:1ec:48:1... 2620:1ec:48:1::40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	20.110.205.119 20.110.205.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
45	7

3 216.105.88.30 (St. Catharines, Canada) 3 redirects

ASN19842 (COLOSSEUM-ONL, CA)

saml.paymentevolution.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 216.105.88.39 (St. Catharines, Canada) 2 redirects

ASN19842 (COLOSSEUM-ONL, CA)

login.paymentevolution.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:804::2008 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:817::200e (Flushing, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.237.33.21 (Toronto, Canada)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

1d0f88455d1b45598a4a9839bc69aa2d.svc.dynamics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:48:1::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.110.205.119 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	paymentevolution.com 5 redirects saml.paymentevolution.com login.paymentevolution.com	4 MB
4	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1007 v.clarity.ms Failed c.clarity.ms — Cisco Umbrella Rank: 1573	22 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 60	21 KB
2	dynamics.com 1d0f88455d1b45598a4a9839bc69aa2d.svc.dynamics.com	3 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 82	166 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 246	739 B
0	google.ca Failed www.google.ca Failed
0	doubleclick.net Failed stats.g.doubleclick.net Failed googleads.g.doubleclick.net Failed
0	plausible.io Failed plausible.io Failed
0	licdn.com Failed snap.licdn.com Failed
0	googleadservices.com Failed www.googleadservices.com Failed
45	11

	Domain	Requested by
29	login.paymentevolution.com	2 redirects login.paymentevolution.com www.googletagmanager.com www.google-analytics.com www.clarity.ms
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com login.paymentevolution.com
3	saml.paymentevolution.com	3 redirects
2	c.clarity.ms	1 redirects
2	www.clarity.ms	login.paymentevolution.com www.clarity.ms
2	1d0f88455d1b45598a4a9839bc69aa2d.svc.dynamics.com	login.paymentevolution.com
2	www.googletagmanager.com	login.paymentevolution.com www.googletagmanager.com
1	c.bing.com	1 redirects
0	v.clarity.ms Failed	www.clarity.ms
0	www.google.ca Failed	login.paymentevolution.com
0	googleads.g.doubleclick.net Failed	www.googletagmanager.com
0	stats.g.doubleclick.net Failed	www.google-analytics.com
0	plausible.io Failed	www.googletagmanager.com
0	snap.licdn.com Failed	login.paymentevolution.com
0	www.googleadservices.com Failed	www.googletagmanager.com
45	15

This site contains links to these domains. Also see Links.

Domain
help.paymentevolution.com
paymentevolution.com
secure.paymentevolution.com

Subject Issuer	Validity	Valid
*.paymentevolution.com GeoTrust RSA CA 2018	`2022-12-06` - `2024-01-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.svc.dynamics.com Microsoft Azure TLS Issuing CA 02	`2023-04-14` - `2024-04-08`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://login.paymentevolution.com/login?signin=d9f6692b57e588066bc0e3a39406955d
Frame ID: 3BC8AB5511B03EF8A789092FF5ACDE5D
Requests: 45 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login - PayEvo

Page URL History Show full URLs

https://saml.paymentevolution.com/ HTTP 302
https://saml.paymentevolution.com/payroll/prmainlogin.aspx HTTP 301
https://saml.paymentevolution.com/payroll/prmainlogin HTTP 302
https://login.paymentevolution.com/account/login/payevo HTTP 302
https://login.paymentevolution.com/connect/authorize?client_id=webhost&response_type=code&scope=openid+profile+... HTTP 302
https://login.paymentevolution.com/login?signin=d9f6692b57e588066bc0e3a39406955d Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

45
Requests

80 %
HTTPS

50 %
IPv6

11
Domains

15
Subdomains

7
IPs

2
Countries

4416 kB
Transfer

5506 kB
Size

21
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://help.paymentevolution.com/

Search URL Search Domain Scan URL

URL: https://paymentevolution.com/BusinessPlans?signin=d9f6692b57e588066bc0e3a39406955d
Title: New User

Search URL Search Domain Scan URL

URL: https://secure.paymentevolution.com/Employee/Login?signin=d9f6692b57e588066bc0e3a39406955d
Title: Employee Login

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://saml.paymentevolution.com/ HTTP 302
https://saml.paymentevolution.com/payroll/prmainlogin.aspx HTTP 301
https://saml.paymentevolution.com/payroll/prmainlogin HTTP 302
https://login.paymentevolution.com/account/login/payevo HTTP 302
https://login.paymentevolution.com/connect/authorize?client_id=webhost&response_type=code&scope=openid+profile+read+write+offline_access&redirect_uri=https%3A%2F%2Flogin.paymentevolution.com%2FManage%2FDashboard&state=27f6130bdb414e92a29bcf2232023857&nonce=59f4305a544c46c289180dcb1bf7bbdd&acr_values=tenant%3Apayevo HTTP 302
https://login.paymentevolution.com/login?signin=d9f6692b57e588066bc0e3a39406955d Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=4A08FCF2CB674B7DA1CE48E9182057AA&RedC=c.clarity.ms&MXFR=0EEAE17AA09562483D12F24DA4956CF1 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4A08FCF2CB674B7DA1CE48E9182057AA&MUID=103FF51AD52D619024FFE62DD416605C

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request login Show response
login.paymentevolution.com/
Redirect Chain

https://saml.paymentevolution.com/
https://saml.paymentevolution.com/payroll/prmainlogin.aspx
https://saml.paymentevolution.com/payroll/prmainlogin
https://login.paymentevolution.com/account/login/payevo
https://login.paymentevolution.com/connect/authorize?client_id=webhost&response_type=code&scope=openid+profile+read+write+offline_access&redirect_uri=https%3A%2F%2Flogin.paymentevolution.com%2FMana...
https://login.paymentevolution.com/login?signin=d9f6692b57e588066bc0e3a39406955d

26 KB
28 KB

61ms
61ms

Document
text/html

216.105.88.39
COLOSSEUM-ONL

General

Check archive.org

Show headers Download Go to

Full URL

https://login.paymentevolution.com/login?signin=d9f6692b57e588066bc0e3a39406955d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

216.105.88.39 St. Catharines, Canada, ASN19842 (COLOSSEUM-ONL, CA),

Reverse DNS

Software

Resource Hash

137118b7750848c6a05bf5052bb7753def92662a142bc7690bf4abef475c40e8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'self' ajax.googleapis.com code.jquery.com https://tag.manager.google.com/ https://www.googletagmanager.com https://ssl.google-analytics.com https://www.google-analytics.com/analytics.js https://.dynamics.com https://www.clarity.ms/ 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline' ; img-src 'self' www.googletagmanager.com https://.dynamics.com https://c.clarity.ms/c.gif https://c.bing.com https://www.google-analytics.com https://payevo01.imgix.net/; font-src 'self' data:;;connect-src 'self' https://www.google-analytics.com https://www.clarity.ms/; report-uri https://login.paymentevolution.com/csp/report
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'self' ajax.googleapis.com code.jquery.com https://tag.manager.google.com/ https://www.googletagmanager.com https://ssl.google-analytics.com https://www.google-analytics.com/analytics.js https://.dynamics.com https://www.clarity.ms/ 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline' ; img-src 'self' www.googletagmanager.com https://.dynamics.com https://c.clarity.ms/c.gif https://c.bing.com https://www.google-analytics.com https://payevo01.imgix.net/; font-src 'self' data:;;connect-src 'self' https://www.google-analytics.com https://www.clarity.ms/; report-uri https://login.paymentevolution.com/csp/report
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 26880
Content-Security-Policy: default-src 'self'; script-src 'self' 'self' ajax.googleapis.com code.jquery.com https://tag.manager.google.com/ https://www.googletagmanager.com https://ssl.google-analytics.com https://www.google-analytics.com/analytics.js https://*.dynamics.com https://www.clarity.ms/ 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline' ; img-src 'self' www.googletagmanager.com https://*.dynamics.com https://c.clarity.ms/c.gif https://c.bing.com https://www.google-analytics.com https://payevo01.imgix.net/; font-src 'self' data:;;connect-src 'self' https://www.google-analytics.com https://www.clarity.ms/; report-uri https://login.paymentevolution.com/csp/report
Content-Type: text/html; charset=utf-8
Date: Wed, 21 Jun 2023 13:12:44 GMT
Expires: -1
Pragma: no-cache
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'self' ajax.googleapis.com code.jquery.com https://tag.manager.google.com/ https://www.googletagmanager.com https://ssl.google-analytics.com https://www.google-analytics.com/analytics.js https://*.dynamics.com https://www.clarity.ms/ 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline' ; img-src 'self' www.googletagmanager.com https://*.dynamics.com https://c.clarity.ms/c.gif https://c.bing.com https://www.google-analytics.com https://payevo01.imgix.net/; font-src 'self' data:;;connect-src 'self' https://www.google-analytics.com https://www.clarity.ms/; report-uri https://login.paymentevolution.com/csp/report
X-Content-Type-Options: nosniff nosniff
X-Frame-Options: SAMEORIGIN SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-UA-Compatible: IE=Edge
X-Xss-Protection: 1; mode=block

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 0
Date: Wed, 21 Jun 2023 13:12:44 GMT
Expires: -1
Location: https://login.paymentevolution.com/login?signin=d9f6692b57e588066bc0e3a39406955d
Pragma: no-cache
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-UA-Compatible: IE=Edge
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK all.min.css
login.paymentevolution.com/fonts/fontawesome/css/ 153 KB
30 KB 34ms
21ms Stylesheet
text/css 216.105.88.39
COLOSSEUM-ONL

General

Check archive.org

Show headers Download Go to

Full URL

https://login.paymentevolution.com/fonts/fontawesome/css/all.min.css

Requested by

Host: login.paymentevolution.com
URL: https://login.paymentevolution.com/login?signin=d9f6692b57e588066bc0e3a39406955d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

216.105.88.39 St. Catharines, Canada, ASN19842 (COLOSSEUM-ONL, CA),

Reverse DNS

Software

Resource Hash

e8c34e34c951245aafccc07782b0dabfcee5cd379a59feb2c5af07a10a690d50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 21 Jun 2023 13:12:44 GMT
X-Permitted-Cross-Domain-Policies: none
Content-Length: 30237
X-Xss-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Pragma: no-cache
Referrer-Policy: no-referrer
Last-Modified: Wed, 29 Jan 2020 20:12:56 GMT
ETag: "054767ee0d6d51:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Expires: -1

GET
H/1.1 200
OK kendo.material-v2.min.css
login.paymentevolution.com/content/ 592 KB
132 KB 88ms
50ms Stylesheet
text/css 216.105.88.39
COLOSSEUM-ONL

General

Check archive.org

Show headers Download Go to

Full URL

https://login.paymentevolution.com/content/kendo.material-v2.min.css

Requested by

Host: login.paymentevolution.com
URL: https://login.paymentevolution.com/login?signin=d9f6692b57e588066bc0e3a39406955d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

216.105.88.39 St. Catharines, Canada, ASN19842 (COLOSSEUM-ONL, CA),

Reverse DNS

Software

Resource Hash

6fb3181d32133c64bdbaef95d8c28e19c8b3dbf0425382879c15f608fadcfebd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 21 Jun 2023 13:12:44 GMT
X-Permitted-Cross-Domain-Policies: none
Content-Length: 134668
X-Xss-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Pragma: no-cache
Referrer-Policy: no-referrer
Last-Modified: Wed, 29 Jan 2020 20:12:54 GMT
ETag: "027457de0d6d51:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Expires: -1

GET
H/1.1 200
OK bootstrap4.min.css
login.paymentevolution.com/content/ 152 KB
23 KB 132ms
94ms Stylesheet
text/css 216.105.88.39
COLOSSEUM-ONL

General

Check archive.org

Show headers Download Go to

Full URL

https://login.paymentevolution.com/content/bootstrap4.min.css

Requested by

Host: login.paymentevolution.com
URL: https://login.paymentevolution.com/login?signin=d9f6692b57e588066bc0e3a39406955d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

216.105.88.39 St. Catharines, Canada, ASN19842 (COLOSSEUM-ONL, CA),

Reverse DNS

Software

Resource Hash

ae576713bc196098f7438dede6ff1f835a23291c32b745ad7e6fb6db809a719b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 21 Jun 2023 13:12:44 GMT
X-Permitted-Cross-Domain-Policies: none
Content-Length: 23230
X-Xss-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Pragma: no-cache
Referrer-Policy: no-referrer
Last-Modified: Wed, 29 Jan 2020 20:12:54 GMT
ETag: "027457de0d6d51:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Expires: -1

GET
H/1.1 200
OK idsrvStyles
login.paymentevolution.com/bundles/ 113 KB
113 KB 129ms
92ms Stylesheet
text/css 216.105.88.39
COLOSSEUM-ONL

General

Check archive.org

Show headers Download Go to

Full URL

https://login.paymentevolution.com/bundles/idsrvStyles?v=o7h30E392yQuq9w3-cOtin6LesKaUz9_qm7MVNJjDaA1

Requested by

Host: login.paymentevolution.com
URL: https://login.paymentevolution.com/login?signin=d9f6692b57e588066bc0e3a39406955d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

216.105.88.39 St. Catharines, Canada, ASN19842 (COLOSSEUM-ONL, CA),

Reverse DNS

Software

Resource Hash

8316466d378856995d1470e1c2fa00dce16738e0bba8e525654d98586d654173

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

X-UA-Compatible: IE=Edge
Pragma: no-cache
Strict-Transport-Security: max-age=31536000
Date: Wed, 21 Jun 2023 13:12:44 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
X-Permitted-Cross-Domain-Policies: none
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 115304
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H/1.1 200
OK allJS Show response
login.paymentevolution.com/bundles/ 4 MB
4 MB 128ms
90ms Script
text/javascript 216.105.88.39
COLOSSEUM-ONL

General

Check archive.org

Show headers Download Go to

Full URL

https://login.paymentevolution.com/bundles/allJS?v=yHJuDlHv0S9rL8NSavlT3Ne1kfNWgeqDHoVnj3F-CAw1

Requested by

Host: login.paymentevolution.com
URL: https://login.paymentevolution.com/login?signin=d9f6692b57e588066bc0e3a39406955d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

216.105.88.39 St. Catharines, Canada, ASN19842 (COLOSSEUM-ONL, CA),

Reverse DNS

Software

Resource Hash

0e80cde3a8e391fc2263ffcf892978eee9047f92dff28a43e49071d71a87bb44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

X-UA-Compatible: IE=Edge
Pragma: no-cache
Strict-Transport-Security: max-age=31536000
Date: Wed, 21 Jun 2023 13:12:44 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
X-Permitted-Cross-Domain-Policies: none
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 3687693
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H/1.1 200
OK jqueryval Show response
login.paymentevolution.com/bundles/ 25 KB
26 KB 131ms
93ms Script
text/javascript 216.105.88.39
COLOSSEUM-ONL

General

Check archive.org

Show headers Download Go to

Full URL

https://login.paymentevolution.com/bundles/jqueryval?v=hEGG8cMxk9p0ncdRUOJ-CnKN7NezhnPnWIvn6REucZo1

Requested by

Host: login.paymentevolution.com
URL: https://login.paymentevolution.com/login?signin=d9f6692b57e588066bc0e3a39406955d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

216.105.88.39 St. Catharines, Canada, ASN19842 (COLOSSEUM-ONL, CA),

Reverse DNS

Software

Resource Hash

52a8b689a73c228618294e3e544fac3e62507eabf2fe490dc77a00c16e34c452

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

X-UA-Compatible: IE=Edge
Pragma: no-cache
Strict-Transport-Security: max-age=31536000
Date: Wed, 21 Jun 2023 13:12:44 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
X-Permitted-Cross-Domain-Policies: none
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 26101
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H/1.1 200
OK fontsOS.css
login.paymentevolution.com/Content/ 2 KB
2 KB 86ms
50ms Stylesheet
text/css 216.105.88.39
COLOSSEUM-ONL

General

Check archive.org

Show headers Download Go to

Full URL

https://login.paymentevolution.com/Content/fontsOS.css

Requested by

Host: login.paymentevolution.com
URL: https://login.paymentevolution.com/login?signin=d9f6692b57e588066bc0e3a39406955d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

216.105.88.39 St. Catharines, Canada, ASN19842 (COLOSSEUM-ONL, CA),

Reverse DNS

Software

Resource Hash

798285a439b5ee36be0588b52fec343f0fdd40b6d7afd9b06734694ee3c6243e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Wed, 21 Jun 2023 13:12:44 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Content-Length: 1813
X-Xss-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Pragma: no-cache
Referrer-Policy: no-referrer
Last-Modified: Wed, 29 Jan 2020 20:12:54 GMT
ETag: "027457de0d6d51:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Expires: -1

GET
H/1.1 200
OK registration-validation-scripts.js Show response
login.paymentevolution.com/Scripts/helperScripts/ 19 KB
2 KB 112ms
22ms Script
application/javascript 216.105.88.39
COLOSSEUM-ONL

General

Check archive.org

Show headers Download Go to

Full URL

https://login.paymentevolution.com/Scripts/helperScripts/registration-validation-scripts.js

Requested by

Host: login.paymentevolution.com
URL: https://login.paymentevolution.com/login?signin=d9f6692b57e588066bc0e3a39406955d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

216.105.88.39 St. Catharines, Canada, ASN19842 (COLOSSEUM-ONL, CA),

Reverse DNS

Software

Resource Hash

f36282fb098a73c4d26debfede20df6aa02cc47665a4c83e40156ee31dfad179

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 21 Jun 2023 13:12:44 GMT
X-Permitted-Cross-Domain-Policies: none
Content-Length: 1450
X-Xss-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Pragma: no-cache
Referrer-Policy: no-referrer
Last-Modified: Tue, 20 Sep 2022 16:33:58 GMT
ETag: "05f3bc8ecdd81:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Expires: -1

GET
H/1.1 200
OK culture-helper.js Show response
login.paymentevolution.com/Scripts/helperScripts/ 2 KB
2 KB 131ms
21ms Script
application/javascript 216.105.88.39
COLOSSEUM-ONL

General

Check archive.org

Show headers Download Go to

Full URL

https://login.paymentevolution.com/Scripts/helperScripts/culture-helper.js

Requested by

Host: login.paymentevolution.com
URL: https://login.paymentevolution.com/login?signin=d9f6692b57e588066bc0e3a39406955d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

216.105.88.39 St. Catharines, Canada, ASN19842 (COLOSSEUM-ONL, CA),

Reverse DNS

Software

Resource Hash

8295e5bfbd98662ffe574dd399e1469931eef95269561e9a6ef144563fc747a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Wed, 21 Jun 2023 13:12:44 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Content-Length: 1728
X-Xss-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Pragma: no-cache
Referrer-Policy: no-referrer
Last-Modified: Mon, 15 Mar 2021 13:07:54 GMT
ETag: "031dd359c19d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Expires: -1

GET
H/1.1 200
OK PAYEVO_21.svg
login.paymentevolution.com/images/ 2 KB
3 KB 20ms
20ms Image
image/svg+xml 216.105.88.39
COLOSSEUM-ONL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.paymentevolution.com/images/PAYEVO_21.svg

Requested by

Host: login.paymentevolution.com
URL: https://login.paymentevolution.com/login?signin=d9f6692b57e588066bc0e3a39406955d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

216.105.88.39 St. Catharines, Canada, ASN19842 (COLOSSEUM-ONL, CA),

Reverse DNS

Software

Resource Hash

f8adb0c5a6805167f150e671aa40192668ae4b0d76566518915b4719e6c46eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Wed, 21 Jun 2023 13:12:44 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Content-Length: 2263
X-Xss-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Pragma: no-cache
Referrer-Policy: no-referrer
Last-Modified: Mon, 15 Mar 2021 13:07:54 GMT
ETag: "031dd359c19d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Expires: -1

GET
H/1.1 200
OK payevo%20paychequer%20greyscale%20logomark.svg
login.paymentevolution.com/images/ 769 B
1 KB 24ms
24ms Image
image/svg+xml 216.105.88.39
COLOSSEUM-ONL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.paymentevolution.com/images/payevo%20paychequer%20greyscale%20logomark.svg

Requested by

Host: login.paymentevolution.com
URL: https://login.paymentevolution.com/login?signin=d9f6692b57e588066bc0e3a39406955d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

216.105.88.39 St. Catharines, Canada, ASN19842 (COLOSSEUM-ONL, CA),

Reverse DNS

Software

Resource Hash

32cb92501afe2fa33dd01ea218b13d7b4a26bea193a67394137a450fe85797d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Wed, 21 Jun 2023 13:12:44 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Content-Length: 769
X-Xss-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Pragma: no-cache
Referrer-Policy: no-referrer
Last-Modified: Tue, 18 May 2021 20:33:34 GMT
ETag: "0639512254cd71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Expires: -1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 175 KB
67 KB 93ms
50ms Script
application/javascript 2607:f8b0:4020:804::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W2C5345

Requested by

Host: login.paymentevolution.com
URL: https://login.paymentevolution.com/login?signin=d9f6692b57e588066bc0e3a39406955d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c22405032819161edc51f89f6a3e737bb1a3e067e2fc00f3f034926b4030f3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 13:12:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67704
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Jun 2023 13:12:49 GMT

GET
H/1.1 200
OK cn_tower.jpg
login.paymentevolution.com/images/ 61 KB
62 KB 23ms
22ms Image
image/jpeg 216.105.88.39
COLOSSEUM-ONL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.paymentevolution.com/images/cn_tower.jpg

Requested by

Host: login.paymentevolution.com
URL: https://login.paymentevolution.com/login?signin=d9f6692b57e588066bc0e3a39406955d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

216.105.88.39 St. Catharines, Canada, ASN19842 (COLOSSEUM-ONL, CA),

Reverse DNS

Software

Resource Hash

558608ffada89720cac99fb83cf96ba5e8a5f4930bbbce1d3883776c044b5edc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.paymentevolution.com/login?signin=d9f6692b57e588066bc0e3a39406955d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Wed, 21 Jun 2023 13:12:48 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Content-Length: 62688
X-Xss-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Pragma: no-cache
Referrer-Policy: no-referrer
Last-Modified: Wed, 29 Jan 2020 20:13:04 GMT
ETag: "083b83e0d6d51:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Expires: -1

GET
H/1.1 200
OK fa-duotone-900.woff2
login.paymentevolution.com/fonts/fontawesome/webfonts/ 159 KB
160 KB 28ms
28ms Font
font/woff2 216.105.88.39
COLOSSEUM-ONL

General

Check archive.org

Show headers Download Go to

Full URL

https://login.paymentevolution.com/fonts/fontawesome/webfonts/fa-duotone-900.woff2

Requested by

Host: login.paymentevolution.com
URL: https://login.paymentevolution.com/fonts/fontawesome/css/all.min.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

216.105.88.39 St. Catharines, Canada, ASN19842 (COLOSSEUM-ONL, CA),

Reverse DNS

Software

Resource Hash

68efcc4d90150b20ab86a17a6a57b1d3ce70fe8ea6a4bfee509a62f252bfc5ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://login.paymentevolution.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Wed, 21 Jun 2023 13:12:48 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Content-Length: 163296
X-Xss-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Pragma: no-cache
Referrer-Policy: no-referrer
Last-Modified: Wed, 29 Jan 2020 20:13:04 GMT
ETag: "083b83e0d6d51:0"
X-Frame-Options: SAMEORIGIN
Content-Type: font/woff2
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Expires: -1

GET
H/1.1 200
OK open-sans-v17-latin-regular.woff2
login.paymentevolution.com/fonts/ 14 KB
15 KB 371ms
370ms Font
font/woff2 216.105.88.39
COLOSSEUM-ONL

General

Check archive.org

Show headers Download Go to

Full URL

https://login.paymentevolution.com/fonts/open-sans-v17-latin-regular.woff2

Requested by

Host: login.paymentevolution.com
URL: https://login.paymentevolution.com/Content/fontsOS.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

216.105.88.39 St. Catharines, Canada, ASN19842 (COLOSSEUM-ONL, CA),

Reverse DNS

Software

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://login.paymentevolution.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Wed, 21 Jun 2023 13:12:48 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Content-Length: 14380
X-Xss-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Pragma: no-cache
Referrer-Policy: no-referrer
Last-Modified: Wed, 29 Jan 2020 20:13:04 GMT
ETag: "083b83e0d6d51:0"
X-Frame-Options: SAMEORIGIN
Content-Type: font/woff2
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Expires: -1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 73ms
21ms Script
text/javascript 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2C5345

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200e Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 21 Jun 2023 12:11:08 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3701
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 21 Jun 2023 14:11:08 GMT

POST
H/1.1 204
No Content report
login.paymentevolution.com/csp/ 0
384 B 20ms
20ms Other
text/plain 216.105.88.39
COLOSSEUM-ONL

General

Check archive.org

Show headers Download Go to

Full URL

https://login.paymentevolution.com/csp/report

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2C5345

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

216.105.88.39 St. Catharines, Canada, ASN19842 (COLOSSEUM-ONL, CA),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/csp-report

Response headers

Expires: -1
Pragma: no-cache
Strict-Transport-Security: max-age=31536000
Date: Wed, 21 Jun 2023 13:12:48 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Cache-Control: no-cache, no-store, must-revalidate
X-Xss-Protection: 1; mode=block
X-UA-Compatible: IE=Edge

GET /
www.googleadservices.com/pagead/conversion/1014293447/ 0
0

GET
H2 200 w Show response
1d0f88455d1b45598a4a9839bc69aa2d.svc.dynamics.com/t/ 2 KB
2 KB 131ms
36ms Script
application/javascript 52.237.33.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://1d0f88455d1b45598a4a9839bc69aa2d.svc.dynamics.com/t/w

Requested by

Host: login.paymentevolution.com
URL: https://login.paymentevolution.com/login?signin=d9f6692b57e588066bc0e3a39406955d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.237.33.21 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

46bfb9a1323985fd7c764cdc776fe85cc63d2b0cd163167b1be8cdff985c7997

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 21 Jun 2023 13:12:48 GMT
x-content-type-options: nosniff
server: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
x-servicefabricrequestid: 6b0bd462-7d5c-4de3-a3f1-260f334b8f50, 10b651f9-0f04-4efd-b282-365b9684f9df
content-type: application/javascript
x-activity-id: 7eb0fc7f-2b6f-4e8c-880a-b9d278c15a06
x-ms-activity-id: 7eb0fc7f-2b6f-4e8c-880a-b9d278c15a06
content-length: 2067
api-deprecated: False

GET
H2 200 3w4408jr6n Show response
www.clarity.ms/tag/ 1015 B
1 KB 91ms
49ms Script
application/x-javascript 2620:1ec:48:1::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/3w4408jr6n
Requested by: Host: login.paymentevolution.com
URL: https://login.paymentevolution.com/login?signin=d9f6692b57e588066bc0e3a39406955d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2cb10352c9dd7bf900b7b39a234380d07cfc3614cb62f3e03bb43b01b638f135

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
date: Wed, 21 Jun 2023 13:12:48 GMT
x-azure-ref: 0UfeSZAAAAAC4f5a2zWv6RaVNq7lCxFisWVRPMjIxMDkwODE3MDM3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
content-length: 1015
expires: -1

POST
H/1.1 204
No Content report
login.paymentevolution.com/csp/ 0
384 B 20ms
19ms Other
text/plain 216.105.88.39
COLOSSEUM-ONL

General

Check archive.org

Show headers Download Go to

Full URL

https://login.paymentevolution.com/csp/report

Requested by

Host: login.paymentevolution.com
URL: https://login.paymentevolution.com/login?signin=d9f6692b57e588066bc0e3a39406955d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

216.105.88.39 St. Catharines, Canada, ASN19842 (COLOSSEUM-ONL, CA),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/csp-report

Response headers

Expires: -1
Pragma: no-cache
Strict-Transport-Security: max-age=31536000
Date: Wed, 21 Jun 2023 13:12:48 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Cache-Control: no-cache, no-store, must-revalidate
X-Xss-Protection: 1; mode=block
X-UA-Compatible: IE=Edge

GET insight.min.js
snap.licdn.com/li.lms-analytics/ 0
0

POST
H/1.1 204
No Content report
login.paymentevolution.com/csp/ 0
384 B 21ms
20ms Other
text/plain 216.105.88.39
COLOSSEUM-ONL

General

Check archive.org

Show headers Download Go to

Full URL

https://login.paymentevolution.com/csp/report

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2C5345

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

216.105.88.39 St. Catharines, Canada, ASN19842 (COLOSSEUM-ONL, CA),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/csp-report

Response headers

Expires: -1
Pragma: no-cache
Strict-Transport-Security: max-age=31536000
Date: Wed, 21 Jun 2023 13:12:48 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Cache-Control: no-cache, no-store, must-revalidate
X-Xss-Protection: 1; mode=block
X-UA-Compatible: IE=Edge

GET plausible.js
plausible.io/js/ 0
0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 296 KB
99 KB 67ms
66ms Script
application/javascript 2607:f8b0:4020:804::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TRH82TF5Y5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2C5345

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c809e63c8c04ee895230e5879ee68259371ba840e71f2c3289a35f44c814aa96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 13:12:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 101265
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 21 Jun 2023 13:12:49 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
216 B 37ms
35ms XHR
text/plain 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1051074265&t=pageview&_s=1&dl=https%3A%2F%2Flogin.paymentevolution.com%2Flogin%3Fsignin%3Dd9f6692b57e588066bc0e3a39406955d&ul=en-us&de=UTF-8&dt=Login%20-%20PayEvo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=283452866&gjid=1401301499&cid=321799765.1687353169&tid=UA-11789239-13&_gid=1095271403.1687353169&_r=1&_slc=1&gtm=45He36e2n81W2C5345&z=915672122

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200e Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 13:12:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://login.paymentevolution.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.8/ 57 KB
20 KB 21ms
20ms Script
application/javascript 2620:1ec:48:1::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.8/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/3w4408jr6n
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 13:12:48 GMT
content-encoding: br
last-modified: Mon, 19 Jun 2023 09:56:44 GMT
x-azure-ref-originshield: 0CtSRZAAAAADlZOP3T36pSarSnU218eUlTU5aMjIxMDYwNjEyMDM5ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag: "0x8DB70AB7D215D1F"
x-azure-ref: 0UfeSZAAAAAAfmAXyOS6URJioQYzimrcEWVRPMjIxMDkwODE3MDM3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: d4b2e1dd-401e-001a-360c-a34f04000000
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 22ms
21ms Image
image/gif 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1051074265&t=event&ni=1&_s=2&dl=https%3A%2F%2Flogin.paymentevolution.com%2Flogin%3Fsignin%3Dd9f6692b57e588066bc0e3a39406955d&ul=en-us&de=UTF-8&dt=Login%20-%20PayEvo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=1m87kci&_u=aHBAAAABAAAAAC~&jid=&gjid=&cid=321799765.1687353169&tid=UA-11789239-13&_gid=1095271403.1687353169&gtm=45He36e2n81W2C5345&cd1=https%3A%2F%2Fclarity.microsoft.com%2Fga%2F3w4408jr6n%2Filvuda%2F1m87kci&z=804167418

Requested by

Host: login.paymentevolution.com
URL: https://login.paymentevolution.com/login?signin=d9f6692b57e588066bc0e3a39406955d

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200e Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 03:57:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 33304
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content report
login.paymentevolution.com/csp/ 0
384 B 21ms
20ms Other
text/plain 216.105.88.39
COLOSSEUM-ONL

General

Check archive.org

Show headers Download Go to

Full URL

https://login.paymentevolution.com/csp/report

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

216.105.88.39 St. Catharines, Canada, ASN19842 (COLOSSEUM-ONL, CA),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/csp-report

Response headers

Expires: -1
Pragma: no-cache
Strict-Transport-Security: max-age=31536000
Date: Wed, 21 Jun 2023 13:12:48 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Cache-Control: no-cache, no-store, must-revalidate
X-Xss-Protection: 1; mode=block
X-UA-Compatible: IE=Edge

POST collect
stats.g.doubleclick.net/j/ 0
0

POST
H/1.1 204
No Content report
login.paymentevolution.com/csp/ 0
384 B 22ms
21ms Other
text/plain 216.105.88.39
COLOSSEUM-ONL

General

Check archive.org

Show headers Download Go to

Full URL

https://login.paymentevolution.com/csp/report

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TRH82TF5Y5&l=dataLayer&cx=c

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

216.105.88.39 St. Catharines, Canada, ASN19842 (COLOSSEUM-ONL, CA),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/csp-report

Response headers

Expires: -1
Pragma: no-cache
Strict-Transport-Security: max-age=31536000
Date: Wed, 21 Jun 2023 13:12:48 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Cache-Control: no-cache, no-store, must-revalidate
X-Xss-Protection: 1; mode=block
X-UA-Compatible: IE=Edge

GET /
googleads.g.doubleclick.net/pagead/viewthroughconversion/1014293447/ 0
0

POST
H/1.1 204
No Content report
login.paymentevolution.com/csp/ 0
384 B 20ms
19ms Other
text/plain 216.105.88.39
COLOSSEUM-ONL

General

Check archive.org

Show headers Download Go to

Full URL

https://login.paymentevolution.com/csp/report

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TRH82TF5Y5&l=dataLayer&cx=c

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

216.105.88.39 St. Catharines, Canada, ASN19842 (COLOSSEUM-ONL, CA),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/csp-report

Response headers

Expires: -1
Pragma: no-cache
Strict-Transport-Security: max-age=31536000
Date: Wed, 21 Jun 2023 13:12:48 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Cache-Control: no-cache, no-store, must-revalidate
X-Xss-Protection: 1; mode=block
X-UA-Compatible: IE=Edge

POST
H/1.1 204
No Content report
login.paymentevolution.com/csp/ 0
384 B 21ms
21ms Other
text/plain 216.105.88.39
COLOSSEUM-ONL

General

Check archive.org

Show headers Download Go to

Full URL

https://login.paymentevolution.com/csp/report

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TRH82TF5Y5&l=dataLayer&cx=c

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

216.105.88.39 St. Catharines, Canada, ASN19842 (COLOSSEUM-ONL, CA),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/csp-report

Response headers

Expires: -1
Pragma: no-cache
Strict-Transport-Security: max-age=31536000
Date: Wed, 21 Jun 2023 13:12:48 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Cache-Control: no-cache, no-store, must-revalidate
X-Xss-Protection: 1; mode=block
X-UA-Compatible: IE=Edge

POST
H/1.1 204
No Content report
login.paymentevolution.com/csp/ 0
384 B 21ms
21ms Other
text/plain 216.105.88.39
COLOSSEUM-ONL

General

Check archive.org

Show headers Download Go to

Full URL

https://login.paymentevolution.com/csp/report

Requested by

Host: login.paymentevolution.com
URL: https://login.paymentevolution.com/login?signin=d9f6692b57e588066bc0e3a39406955d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

216.105.88.39 St. Catharines, Canada, ASN19842 (COLOSSEUM-ONL, CA),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/csp-report

Response headers

Expires: -1
Pragma: no-cache
Strict-Transport-Security: max-age=31536000
Date: Wed, 21 Jun 2023 13:12:48 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Cache-Control: no-cache, no-store, must-revalidate
X-Xss-Protection: 1; mode=block
X-UA-Compatible: IE=Edge

GET ga-audiences
www.google.ca/ads/ 0
0

GET
H2 200 IL9anAUzxPjuZDAIOM4KKfjOFGwAIEzdvWBVlcp_5pE
1d0f88455d1b45598a4a9839bc69aa2d.svc.dynamics.com/t/v/ 49 B
451 B 1581ms
1581ms Image
image/jpeg 52.237.33.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1d0f88455d1b45598a4a9839bc69aa2d.svc.dynamics.com/t/v/IL9anAUzxPjuZDAIOM4KKfjOFGwAIEzdvWBVlcp_5pE?ad=https%3A%2F%2Flogin.paymentevolution.com%2Flogin%3Fsignin%3Dd9f6692b57e588066bc0e3a39406955d&rf=&id=6706688354

Requested by

Host: login.paymentevolution.com
URL: https://login.paymentevolution.com/login?signin=d9f6692b57e588066bc0e3a39406955d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.237.33.21 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 21 Jun 2023 13:12:50 GMT
x-content-type-options: nosniff
server: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
x-servicefabricrequestid: 7bfc39f9-bdfa-478f-b6e5-ca2514b4522f, 7cf0eb3b-73bd-437b-bc71-7874fa718a3c
content-type: image/jpeg
x-activity-id: d12d69c8-7100-4cb9-95d2-987a8471367d
x-ms-activity-id: d12d69c8-7100-4cb9-95d2-987a8471367d
content-length: 49
api-deprecated: False

POST
H/1.1 204
No Content report
login.paymentevolution.com/csp/ 0
384 B 21ms
20ms Other
text/plain 216.105.88.39
COLOSSEUM-ONL

General

Check archive.org

Show headers Download Go to

Full URL

https://login.paymentevolution.com/csp/report

Requested by

Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

216.105.88.39 St. Catharines, Canada, ASN19842 (COLOSSEUM-ONL, CA),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/csp-report

Response headers

Expires: -1
Pragma: no-cache
Strict-Transport-Security: max-age=31536000
Date: Wed, 21 Jun 2023 13:12:48 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Cache-Control: no-cache, no-store, must-revalidate
X-Xss-Protection: 1; mode=block
X-UA-Compatible: IE=Edge

POST collect
v.clarity.ms/ 0
0

POST
H/1.1 204
No Content report
login.paymentevolution.com/csp/ 0
384 B 21ms
20ms Other
text/plain 216.105.88.39
COLOSSEUM-ONL

General

Check archive.org

Show headers Download Go to

Full URL

https://login.paymentevolution.com/csp/report

Requested by

Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

216.105.88.39 St. Catharines, Canada, ASN19842 (COLOSSEUM-ONL, CA),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/csp-report

Response headers

Expires: -1
Pragma: no-cache
Strict-Transport-Security: max-age=31536000
Date: Wed, 21 Jun 2023 13:12:48 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Cache-Control: no-cache, no-store, must-revalidate
X-Xss-Protection: 1; mode=block
X-UA-Compatible: IE=Edge

POST collect
v.clarity.ms/ 0
0

POST
H/1.1 204
No Content report
login.paymentevolution.com/csp/ 0
384 B 21ms
20ms Other
text/plain 216.105.88.39
COLOSSEUM-ONL

General

Check archive.org

Show headers Download Go to

Full URL

https://login.paymentevolution.com/csp/report

Requested by

Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

216.105.88.39 St. Catharines, Canada, ASN19842 (COLOSSEUM-ONL, CA),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/csp-report

Response headers

Expires: -1
Pragma: no-cache
Strict-Transport-Security: max-age=31536000
Date: Wed, 21 Jun 2023 13:12:48 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Cache-Control: no-cache, no-store, must-revalidate
X-Xss-Protection: 1; mode=block
X-UA-Compatible: IE=Edge

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=4A08FCF2CB674B7DA1CE48E9182057AA&RedC=c.clarity.ms&MXFR=0EEAE17AA09562483D12F24DA4956CF1
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4A08FCF2CB674B7DA1CE48E9182057AA&MUID=103FF51AD52D619024FFE62DD416605C

42 B
442 B

31ms
31ms

Image
image/gif

20.110.205.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4A08FCF2CB674B7DA1CE48E9182057AA&MUID=103FF51AD52D619024FFE62DD416605C
Protocol: H2
Server: 20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 13:12:50 GMT
last-modified: Tue, 06 Jun 2023 17:31:18 GMT
server: Microsoft-IIS/10.0
etag: "7cd81bb49c98d91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 13:12:51 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D8EA05E3612048239D0314699C84071C Ref B: YMQ01EDGE0521 Ref C: 2023-06-21T13:12:51Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4A08FCF2CB674B7DA1CE48E9182057AA&MUID=103FF51AD52D619024FFE62DD416605C
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H/1.1 204
No Content report
login.paymentevolution.com/csp/ 0
384 B 22ms
21ms Other
text/plain 216.105.88.39
COLOSSEUM-ONL

General

Check archive.org

Show headers Download Go to

Full URL

https://login.paymentevolution.com/csp/report

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TRH82TF5Y5&l=dataLayer&cx=c

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

216.105.88.39 St. Catharines, Canada, ASN19842 (COLOSSEUM-ONL, CA),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/csp-report

Response headers

Expires: -1
Pragma: no-cache
Strict-Transport-Security: max-age=31536000
Date: Wed, 21 Jun 2023 13:12:53 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Cache-Control: no-cache, no-store, must-revalidate
X-Xss-Protection: 1; mode=block
X-UA-Compatible: IE=Edge

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion/1014293447/?random=1687353169380&cv=11&fst=1687353169380&bg=ffffff&guid=ON&async=1&gtm=45He36e2&u_w=1600&u_h=1200&url=https%3A%2F%2Flogin.paymentevolution.com%2Flogin%3Fsignin%3Dd9f6692b57e588066bc0e3a39406955d&label=IpsECLnk6gEQx8fT4wM&hn=www.googleadservices.com&frm=0&tiba=Login%20-%20PayEvo&value=0&bttype=purchase&auid=2018086591.1687353169&uamb=0&uaw=0&rfmt=3&fmt=4

Domain: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Domain: plausible.io
URL: https://plausible.io/js/plausible.js

Domain: stats.g.doubleclick.net
URL: https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-11789239-13&cid=321799765.1687353169&jid=283452866&gjid=1401301499&_gid=1095271403.1687353169&_u=YEBAAAAAAAAAAC~&z=921278187

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014293447/?random=1687353169574&cv=11&fst=1687353169574&bg=ffffff&guid=ON&async=1&gtm=45je36e2&u_w=1600&u_h=1200&url=https%3A%2F%2Flogin.paymentevolution.com%2Flogin%3Fsignin%3Dd9f6692b57e588066bc0e3a39406955d&hn=www.googleadservices.com&frm=0&tiba=Login%20-%20PayEvo&auid=2018086591.1687353169&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Domain: www.google.ca
URL: https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-TRH82TF5Y5&cid=321799765.1687353169&gtm=45je36e2&aip=1&z=1506487365

Domain: v.clarity.ms
URL: https://v.clarity.ms/collect

Domain: v.clarity.ms
URL: https://v.clarity.ms/collect

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
login.paymentevolution.com/	1970-01-20 21:29:35	Name: _culture Value: en-CA
login.paymentevolution.com/	1969-12-31 23:59:59	Name: .AspNet.TempState Value: WRolhB-f-S8mBFgDoYFzSyKtKh3MTZdxSQleuO-LVYkCKvJ7SfC-3R2eg-Dy48kYjLbY_AS79KfqgDnjE7EtFnnceiunFqojVLSKeIefCMLzwLWdahgqQJ4kFWTuvRJ6-tFOLAJ1pOe0Ddg4QlclQPCyY99TzwuovfgftkfnYBSRHGrXoGYNe5ayPAcPdsanyGEAMAnMo2o7Kur4J4EPVUXuzTwuJXYi7bZ6l1RXhx54OInsmcsSOhyIWpI5Z64fbIgfALKA6dsr1UJDHdLkO4-QA6d4fKDUR6iwo7rGIfM
login.paymentevolution.com/	1969-12-31 23:59:59	Name: SignInMessage.d9f6692b57e588066bc0e3a39406955d Value: Bf_qhKaRFkBe08qhSpyqT4tJPrzo3w-BuTDrmukIgjh5T6rf5ycAtRZesvvO5y61d34BelnkU9RKdD9qW8V_JyGKgR-wffuyliBdTpqBYthPV5D7UolwYbRXD993ynBfVU-kXO8zoRL5Zx15V_QlCaPbCt-XED_hp0m7U1pq5CfF0_Ma8HdPaq_OR_uKldRiHbMQDcLfiDrFss8Inff-TmaU_85LQ1bx1goPGR36q_LWWll7RM-vNnM1HCPBdxAs0HkVbSfaI0F2dTc0SPAOkW-44du2nYGkeFxZFIRdpRM_pPvayYFE7tn66DKgvWWtlYMwmUnm6N2D46SGV-7h7mr1DvWZi7NEyTVdobWhu4F3OaeeBuV2Ja8uoY2BlOERHo-6ZlqgRlYvYh2RE44u4mE-Y6Ww-ENpwwaQZByECL6x1-09RqKILouKdM14Qgqnue8IgaP19za97VoJqEmcFj_ZdarGCkBK8wMC5IaFO6vHBRFQReua3iNPmA_cXe1BVoxBghtx2El-yFBZ1kEW0awZQo04YK50EPRWRNEc1YLCoD0oytEbOL4nrpMvdG3_ZdLkAKDG2NNjWh0lrOvkDi3R1A6q8kRwdHS7REFj8eF75xQs_weIQZGNWwUoIGP2
login.paymentevolution.com/	1969-12-31 23:59:59	Name: idsrv.xsrf Value: 1XaJjs0HF6JSo9pWAN-QD5_0YHwsrVlCClBujSdfp4OppmIhhYmyal4neJozlI_keJnj8KtWy8zPrC48C-kffGPqrQ14U_1zwGvpYbs0vfY
.paymentevolution.com/	1970-01-20 14:52:09	Name: _gcl_au Value: 1.1.2018086591.1687353169
.login.paymentevolution.com/	1970-01-20 22:18:33	Name: _ga Value: GA1.3.321799765.1687353169
.login.paymentevolution.com/	1970-01-20 12:43:59	Name: _gid Value: GA1.3.1095271403.1687353169
.login.paymentevolution.com/	1970-01-20 12:42:33	Name: _gat_UA-11789239-13 Value: 1
www.clarity.ms/	1970-01-20 21:28:09	Name: CLID Value: 07c0958865524b4e841ca4231d052437.20230621.20240620
.paymentevolution.com/	1970-01-20 21:28:09	Name: _clck Value: ilvuda\|2\|fcn\|0\|1267
.paymentevolution.com/	1970-01-20 22:18:33	Name: _ga Value: GA1.1.321799765.1687353169
.paymentevolution.com/	1970-01-20 22:18:33	Name: _ga_TRH82TF5Y5 Value: GS1.1.1687353169.1.0.1687353169.60.0.0
1d0f88455d1b45598a4a9839bc69aa2d.svc.dynamics.com/	1970-01-20 22:18:33	Name: 79f08280-5c63-4331-b04d-fb6f39afda51 Value: DNZkwlavo_U_aoiqY00fSqRB_JJ9W7MxGurKCwOrIKU
1d0f88455d1b45598a4a9839bc69aa2d.svc.dynamics.com/	1969-12-31 23:59:59	Name: 319af4c0-e197-4de9-8a9b-fe98c8a2ca04 Value: DNZkwlavo_U_aoiqY00fSqRB_JJ9W7MxGurKCwOrIKU
.bing.com/	1970-01-20 22:04:09	Name: MUID Value: 103FF51AD52D619024FFE62DD416605C
.c.bing.com/	1970-01-20 12:52:37	Name: MR Value: 0
.c.bing.com/	1970-01-20 22:04:09	Name: SRM_B Value: 103FF51AD52D619024FFE62DD416605C
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 22:04:09	Name: MUID Value: 103FF51AD52D619024FFE62DD416605C
.c.clarity.ms/	1970-01-20 12:52:37	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 12:42:33	Name: ANONCHK Value: 0

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2C5345(Line 70) Message: Refused to load the script 'https://www.googleadservices.com/pagead/conversion/1014293447/?random=1687353169380&cv=11&fst=1687353169380&bg=ffffff&guid=ON&async=1&gtm=45He36e2&u_w=1600&u_h=1200&url=https%3A%2F%2Flogin.paymentevolution.com%2Flogin%3Fsignin%3Dd9f6692b57e588066bc0e3a39406955d&label=IpsECLnk6gEQx8fT4wM&hn=www.googleadservices.com&frm=0&tiba=Login%20-%20PayEvo&value=0&bttype=purchase&auid=2018086591.1687353169&uamb=0&uaw=0&rfmt=3&fmt=4' because it violates the following Content Security Policy directive: "script-src 'self' 'self' ajax.googleapis.com code.jquery.com https://tag.manager.google.com/ https://www.googletagmanager.com https://ssl.google-analytics.com https://www.google-analytics.com/analytics.js https://*.dynamics.com https://www.clarity.ms/ 'unsafe-eval' 'unsafe-inline'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	Message: Refused to load the script 'https://snap.licdn.com/li.lms-analytics/insight.min.js' because it violates the following Content Security Policy directive: "script-src 'self' 'self' ajax.googleapis.com code.jquery.com https://tag.manager.google.com/ https://www.googletagmanager.com https://ssl.google-analytics.com https://www.google-analytics.com/analytics.js https://*.dynamics.com https://www.clarity.ms/ 'unsafe-eval' 'unsafe-inline'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2C5345(Line 398) Message: Refused to load the script 'https://plausible.io/js/plausible.js' because it violates the following Content Security Policy directive: "script-src 'self' 'self' ajax.googleapis.com code.jquery.com https://tag.manager.google.com/ https://www.googletagmanager.com https://ssl.google-analytics.com https://www.google-analytics.com/analytics.js https://*.dynamics.com https://www.clarity.ms/ 'unsafe-eval' 'unsafe-inline'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.google-analytics.com/analytics.js(Line 35) Message: Refused to connect to 'https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-11789239-13&cid=321799765.1687353169&jid=283452866&gjid=1401301499&_gid=1095271403.1687353169&_u=YEBAAAAAAAAAAC~&z=921278187' because it violates the following Content Security Policy directive: "connect-src 'self' https://www.google-analytics.com https://www.clarity.ms/".
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-TRH82TF5Y5&l=dataLayer&cx=c(Line 195) Message: Refused to load the script 'https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014293447/?random=1687353169574&cv=11&fst=1687353169574&bg=ffffff&guid=ON&async=1&gtm=45je36e2&u_w=1600&u_h=1200&url=https%3A%2F%2Flogin.paymentevolution.com%2Flogin%3Fsignin%3Dd9f6692b57e588066bc0e3a39406955d&hn=www.googleadservices.com&frm=0&tiba=Login%20-%20PayEvo&auid=2018086591.1687353169&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4' because it violates the following Content Security Policy directive: "script-src 'self' 'self' ajax.googleapis.com code.jquery.com https://tag.manager.google.com/ https://www.googletagmanager.com https://ssl.google-analytics.com https://www.google-analytics.com/analytics.js https://*.dynamics.com https://www.clarity.ms/ 'unsafe-eval' 'unsafe-inline'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-TRH82TF5Y5&l=dataLayer&cx=c(Line 199) Message: Refused to connect to 'https://analytics.google.com/g/collect?v=2&tid=G-TRH82TF5Y5&gtm=45je36e2&_p=1051074265&_gaz=1&cid=321799765.1687353169&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1687353169&sct=1&seg=0&dl=https%3A%2F%2Flogin.paymentevolution.com%2Flogin%3Fsignin%3Dd9f6692b57e588066bc0e3a39406955d&dt=Login%20-%20PayEvo&en=page_view&_fv=2&_ss=1' because it violates the following Content Security Policy directive: "connect-src 'self' https://www.google-analytics.com https://www.clarity.ms/".
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-TRH82TF5Y5&l=dataLayer&cx=c(Line 199) Message: Refused to connect to 'https://stats.g.doubleclick.net/g/collect?v=2&tid=G-TRH82TF5Y5&cid=321799765.1687353169&gtm=45je36e2&aip=1' because it violates the following Content Security Policy directive: "connect-src 'self' https://www.google-analytics.com https://www.clarity.ms/".
security	error	URL: https://login.paymentevolution.com/login?signin=d9f6692b57e588066bc0e3a39406955d Message: Refused to load the image 'https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-TRH82TF5Y5&cid=321799765.1687353169&gtm=45je36e2&aip=1&z=1506487365' because it violates the following Content Security Policy directive: "img-src 'self' www.googletagmanager.com https://*.dynamics.com https://c.clarity.ms/c.gif https://c.bing.com https://www.google-analytics.com https://payevo01.imgix.net/".
security	error	URL: https://www.clarity.ms/s/0.7.8/clarity.js(Line 1) Message: Refused to connect to 'https://v.clarity.ms/collect' because it violates the following Content Security Policy directive: "connect-src 'self' https://www.google-analytics.com https://www.clarity.ms/".
security	error	URL: https://www.clarity.ms/s/0.7.8/clarity.js(Line 1) Message: Refused to connect to 'https://v.clarity.ms/collect' because it violates the following Content Security Policy directive: "connect-src 'self' https://www.google-analytics.com https://www.clarity.ms/".
security	error	URL: https://www.clarity.ms/s/0.7.8/clarity.js(Line 1) Message: Refused to connect to 'https://v.clarity.ms/collect' because it violates the following Content Security Policy directive: "connect-src 'self' https://www.google-analytics.com https://www.clarity.ms/".
security	error	URL: https://www.clarity.ms/s/0.7.8/clarity.js(Line 1) Message: Refused to connect to 'https://v.clarity.ms/collect' because it violates the following Content Security Policy directive: "connect-src 'self' https://www.google-analytics.com https://www.clarity.ms/".
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-TRH82TF5Y5&l=dataLayer&cx=c(Line 199) Message: Refused to connect to 'https://analytics.google.com/g/collect?v=2&tid=G-TRH82TF5Y5&gtm=45je36e2&_p=1051074265&cid=321799765.1687353169&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1687353169&sct=1&seg=0&dl=https%3A%2F%2Flogin.paymentevolution.com%2Flogin%3Fsignin%3Dd9f6692b57e588066bc0e3a39406955d&dt=Login%20-%20PayEvo&en=scroll&epn.percent_scrolled=90&_et=14' because it violates the following Content Security Policy directive: "connect-src 'self' https://www.google-analytics.com https://www.clarity.ms/".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'self' ajax.googleapis.com code.jquery.com https://tag.manager.google.com/ https://www.googletagmanager.com https://ssl.google-analytics.com https://www.google-analytics.com/analytics.js https://.dynamics.com https://www.clarity.ms/ 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline' ; img-src 'self' www.googletagmanager.com https://.dynamics.com https://c.clarity.ms/c.gif https://c.bing.com https://www.google-analytics.com https://payevo01.imgix.net/; font-src 'self' data:;;connect-src 'self' https://www.google-analytics.com https://www.clarity.ms/; report-uri https://login.paymentevolution.com/csp/report
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'self' ajax.googleapis.com code.jquery.com https://tag.manager.google.com/ https://www.googletagmanager.com https://ssl.google-analytics.com https://www.google-analytics.com/analytics.js https://.dynamics.com https://www.clarity.ms/ 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline' ; img-src 'self' www.googletagmanager.com https://.dynamics.com https://c.clarity.ms/c.gif https://c.bing.com https://www.google-analytics.com https://payevo01.imgix.net/; font-src 'self' data:;;connect-src 'self' https://www.google-analytics.com https://www.clarity.ms/; report-uri https://login.paymentevolution.com/csp/report
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1d0f88455d1b45598a4a9839bc69aa2d.svc.dynamics.com
c.bing.com
c.clarity.ms
googleads.g.doubleclick.net
login.paymentevolution.com
plausible.io
saml.paymentevolution.com
snap.licdn.com
stats.g.doubleclick.net
v.clarity.ms
www.clarity.ms
www.google-analytics.com
www.google.ca
www.googleadservices.com
www.googletagmanager.com
googleads.g.doubleclick.net
plausible.io
snap.licdn.com
stats.g.doubleclick.net
v.clarity.ms
www.google.ca
www.googleadservices.com
20.110.205.119
216.105.88.30
216.105.88.39
2607:f8b0:4006:817::200e
2607:f8b0:4020:804::2008
2620:1ec:48:1::40
2620:1ec:c11::200
52.237.33.21
0e80cde3a8e391fc2263ffcf892978eee9047f92dff28a43e49071d71a87bb44
137118b7750848c6a05bf5052bb7753def92662a142bc7690bf4abef475c40e8
2cb10352c9dd7bf900b7b39a234380d07cfc3614cb62f3e03bb43b01b638f135
32cb92501afe2fa33dd01ea218b13d7b4a26bea193a67394137a450fe85797d7
46bfb9a1323985fd7c764cdc776fe85cc63d2b0cd163167b1be8cdff985c7997
52a8b689a73c228618294e3e544fac3e62507eabf2fe490dc77a00c16e34c452
558608ffada89720cac99fb83cf96ba5e8a5f4930bbbce1d3883776c044b5edc
68efcc4d90150b20ab86a17a6a57b1d3ce70fe8ea6a4bfee509a62f252bfc5ae
6fb3181d32133c64bdbaef95d8c28e19c8b3dbf0425382879c15f608fadcfebd
798285a439b5ee36be0588b52fec343f0fdd40b6d7afd9b06734694ee3c6243e
8295e5bfbd98662ffe574dd399e1469931eef95269561e9a6ef144563fc747a3
8316466d378856995d1470e1c2fa00dce16738e0bba8e525654d98586d654173
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
ae576713bc196098f7438dede6ff1f835a23291c32b745ad7e6fb6db809a719b
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
c22405032819161edc51f89f6a3e737bb1a3e067e2fc00f3f034926b4030f3df
c809e63c8c04ee895230e5879ee68259371ba840e71f2c3289a35f44c814aa96
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8c34e34c951245aafccc07782b0dabfcee5cd379a59feb2c5af07a10a690d50
f36282fb098a73c4d26debfede20df6aa02cc47665a4c83e40156ee31dfad179
f8adb0c5a6805167f150e671aa40192668ae4b0d76566518915b4719e6c46eec

login.paymentevolution.com Open in urlscan Pro 216.105.88.39 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

45 Requests

80 %HTTPS

50 %IPv6

11 Domains

15 Subdomains

7 IPs

2 Countries

4416 kBTransfer

5506 kBSize

21 Cookies

3 Outgoing links

Page URL History

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

login.paymentevolution.com Open in urlscan Pro
216.105.88.39 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

80 %
HTTPS

50 %
IPv6

11
Domains

15
Subdomains

7
IPs

2
Countries

4416 kB
Transfer

5506 kB
Size

21
Cookies

45 HTTP transactions
0 data transactions