urlscan.io logo urlscan.io
SecurityTrails logo

atb.payfirma.com Open in urlscan Pro
2606:4700:10::6814:73d  Public Scan

Go To Rescan Add Verdict Report
URL: https://atb.payfirma.com/
Submission: On March 22 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 1 countries across 4 domains to perform 30 HTTP transactions. The main IP is 2606:4700:10::6814:73d, located in United States and belongs to CLOUDFLARENET, US. The main domain is atb.payfirma.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on December 5th 2023. Valid for: a year.
This is the only time atb.payfirma.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
25 2606:4700:10:... 13335 (CLOUDFLAR...)
1 18.164.116.82 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2602:816:5001... 54113 (FASTLY)
1 54.160.7.164 14618 (AMAZON-AES)
1 162.247.241.14 23467 (NEWRELIC-...)
30 7
25    2606:4700:10::6814:73d (United States)

ASN13335 (CLOUDFLARENET, US)
atb.payfirma.com
1    18.164.116.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-82.jfk50.r.cloudfront.net
cdn.heapanalytics.com
1    2606:4700:10::6814:63d (United States)

ASN13335 (CLOUDFLARENET, US)
file.payfirma.com
1    2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    54.160.7.164 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-160-7-164.compute-1.amazonaws.com
heapanalytics.com
1    162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
Apex Domain
Subdomains		 Transfer
26 payfirma.com
atb.payfirma.com
file.payfirma.com
2 MB
2 heapanalytics.com
cdn.heapanalytics.com — Cisco Umbrella Rank: 3829
heapanalytics.com — Cisco Umbrella Rank: 3292
37 KB
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 439
676 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 1410
10 KB
30 4
Domain Requested by
25 atb.payfirma.com atb.payfirma.com
1 bam.nr-data.net js-agent.newrelic.com
1 heapanalytics.com
1 js-agent.newrelic.com atb.payfirma.com
1 file.payfirma.com atb.payfirma.com
1 cdn.heapanalytics.com atb.payfirma.com
30 6

This site contains no links.

Subject Issuer Validity Valid
*.payfirma.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-05 -
2024-12-13		 a year crt.sh
cdn.heapanalytics.com
Amazon RSA 2048 M01		 2023-06-29 -
2024-07-27		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-03-21 -
2025-04-22		 a year crt.sh
heapanalytics.com
Amazon RSA 2048 M02		 2023-11-09 -
2024-12-08		 a year crt.sh
*.nr-data.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2024-10-01		 a year crt.sh

This page contains 1 frames:

Primary Page: https://atb.payfirma.com/
Frame ID: 14EF1503BC6D5ED251CEECE2F2C34351
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ATB Financial

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • heap-\d+\.js

Page Statistics

30
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

6
Subdomains

7
IPs

1
Countries

2395 kB
Transfer

6427 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
atb.payfirma.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://atb.payfirma.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15918781699f304b8f70c572a172230b2b311318261506077c4b1679f6aa7382
Security Headers
Name Value
Content-Security-Policy frame-src https://www.google.com/; child-src 'none'; object-src 'none'; frame-ancestors 'self'
Public-Key-Pins pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

allow
PUT, GET, POST, DELETE, PATCH, OPTIONS
cache-control
no-store
cf-cache-status
DYNAMIC
cf-ray
868686ec4bcf498c-MIA
content-encoding
gzip
content-security-policy
frame-src https://www.google.com/; child-src 'none'; object-src 'none'; frame-ancestors 'self'
content-type
text/html; charset=UTF-8
date
Fri, 22 Mar 2024 13:28:49 GMT
public-key-pins
pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
massautocomplete-ed09ab0a44.theme.css
atb.payfirma.com/bower_components/angular-mass-autocomplete/ 		877 B
501 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://atb.payfirma.com/bower_components/angular-mass-autocomplete/massautocomplete-ed09ab0a44.theme.css
Requested by
Host: atb.payfirma.com
URL: https://atb.payfirma.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21794d285b0073cf47edb87743649e7801beea333ce78b6ea978e6f103888e46
Security Headers
Name Value
Content-Security-Policy frame-src https://www.google.com/; child-src 'none'; object-src 'none'; frame-ancestors 'self'
Public-Key-Pins pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://atb.payfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 13:28:50 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 22 Feb 2024 19:51:48 GMT
server
cloudflare
content-security-policy
frame-src https://www.google.com/; child-src 'none'; object-src 'none'; frame-ancestors 'self'
etag
W/"36d-611fdc6161d00"
allow
PUT, GET, POST, DELETE, PATCH, OPTIONS
vary
Accept-Encoding
content-type
text/css
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
868686ef3842498c-MIA
public-key-pins
pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
ngProgress-3daf094b9e.css
atb.payfirma.com/bower_components/ngprogress/ 		354 B
283 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://atb.payfirma.com/bower_components/ngprogress/ngProgress-3daf094b9e.css
Requested by
Host: atb.payfirma.com
URL: https://atb.payfirma.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86a826608948ce650c3754e8e8e13e5db84cbf0bd24312327cae64bf84e58214
Security Headers
Name Value
Content-Security-Policy frame-src https://www.google.com/; child-src 'none'; object-src 'none'; frame-ancestors 'self'
Public-Key-Pins pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://atb.payfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 13:28:50 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 22 Feb 2024 19:51:48 GMT
server
cloudflare
content-security-policy
frame-src https://www.google.com/; child-src 'none'; object-src 'none'; frame-ancestors 'self'
etag
W/"162-611fdc6161d00"
allow
PUT, GET, POST, DELETE, PATCH, OPTIONS
vary
Accept-Encoding
content-type
text/css
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
868686ef3848498c-MIA
public-key-pins
pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
spectrum-4830896897.css
atb.payfirma.com/bower_components/spectrum/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://atb.payfirma.com/bower_components/spectrum/spectrum-4830896897.css
Requested by
Host: atb.payfirma.com
URL: https://atb.payfirma.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e487161cfc6f3eecac1e19ed6f0f6c7dc36ce1523919ffe0ae93687730c061a2
Security Headers
Name Value
Content-Security-Policy frame-src https://www.google.com/; child-src 'none'; object-src 'none'; frame-ancestors 'self'
Public-Key-Pins pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://atb.payfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 13:28:50 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 22 Feb 2024 19:52:00 GMT
server
cloudflare
content-security-policy
frame-src https://www.google.com/; child-src 'none'; object-src 'none'; frame-ancestors 'self'
etag
W/"2c5d-611fdc6cd3800"
allow
PUT, GET, POST, DELETE, PATCH, OPTIONS
vary
Accept-Encoding
content-type
text/css
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
868686ef384b498c-MIA
public-key-pins
pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
daterangepicker-6a7e47d413.css
atb.payfirma.com/bower_components/bootstrap-daterangepicker/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://atb.payfirma.com/bower_components/bootstrap-daterangepicker/daterangepicker-6a7e47d413.css
Requested by
Host: atb.payfirma.com
URL: https://atb.payfirma.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20cfa9398db43dea8559d4ce351c0ec28706287d10daf77ecb84a2f3be266399
Security Headers
Name Value
Content-Security-Policy frame-src https://www.google.com/; child-src 'none'; object-src 'none'; frame-ancestors 'self'
Public-Key-Pins pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://atb.payfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 13:28:50 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 22 Feb 2024 19:52:03 GMT
server
cloudflare
content-security-policy
frame-src https://www.google.com/; child-src 'none'; object-src 'none'; frame-ancestors 'self'
etag
W/"15ea-611fdc6fafec0"
allow
PUT, GET, POST, DELETE, PATCH, OPTIONS
vary
Accept-Encoding
content-type
text/css
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
868686ef384f498c-MIA
public-key-pins
pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
darkroom-49b1a83cbc.css
atb.payfirma.com/bower_components/darkroom/build/ 		1 KB
559 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://atb.payfirma.com/bower_components/darkroom/build/darkroom-49b1a83cbc.css
Requested by
Host: atb.payfirma.com
URL: https://atb.payfirma.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bd5a36f639a029e57b8c3123b88cd360a9132b7e3815ea14116ca228e87da7d
Security Headers
Name Value
Content-Security-Policy frame-src https://www.google.com/; child-src 'none'; object-src 'none'; frame-ancestors 'self'
Public-Key-Pins pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://atb.payfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 13:28:50 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 22 Feb 2024 19:52:03 GMT
server
cloudflare
content-security-policy
frame-src https://www.google.com/; child-src 'none'; object-src 'none'; frame-ancestors 'self'
etag
W/"4e7-611fdc6fafec0"
allow
PUT, GET, POST, DELETE, PATCH, OPTIONS
vary
Accept-Encoding
content-type
text/css
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
868686ef3850498c-MIA
public-key-pins
pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
style-d89c31c0bc.css
atb.payfirma.com/app/css/ 		290 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://atb.payfirma.com/app/css/style-d89c31c0bc.css
Requested by
Host: atb.payfirma.com
URL: https://atb.payfirma.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
410034eec5a02f0a8092ade8420a9c9caee53961b7cc19bec64a2c7025fea6fe
Security Headers
Name Value
Content-Security-Policy frame-src https://www.google.com/; child-src 'none'; object-src 'none'; frame-ancestors 'self'
Public-Key-Pins pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://atb.payfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 13:28:50 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 22 Feb 2024 19:51:47 GMT
server
cloudflare
content-security-policy
frame-src https://www.google.com/; child-src 'none'; object-src 'none'; frame-ancestors 'self'
etag
W/"48728-611fdc606dac0"
allow
PUT, GET, POST, DELETE, PATCH, OPTIONS
vary
Accept-Encoding
content-type
text/css
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
868686ef3852498c-MIA
public-key-pins
pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
bundle-db381d0aa9.js
atb.payfirma.com/app/js/ 		4 MB
875 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://atb.payfirma.com/app/js/bundle-db381d0aa9.js
Requested by
Host: atb.payfirma.com
URL: https://atb.payfirma.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ac690dab2fbc9e4d1b6bd85c01f45e5ed9b8cd0a2f1db84480437e5e3cfb62b
Security Headers
Name Value
Content-Security-Policy frame-src https://www.google.com/; child-src 'none'; object-src 'none'; frame-ancestors 'self'
Public-Key-Pins pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://atb.payfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 13:28:50 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 22 Feb 2024 19:52:28 GMT
server
cloudflare
content-security-policy
frame-src https://www.google.com/; child-src 'none'; object-src 'none'; frame-ancestors 'self'
etag
W/"3b03d4-611fdc8787700"
allow
PUT, GET, POST, DELETE, PATCH, OPTIONS
vary
Accept-Encoding
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
868686ef3854498c-MIA
public-key-pins
pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
OpenSans-Regular.ttf
atb.payfirma.com/app/css/fonts/open-sans/ 		212 KB
114 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://atb.payfirma.com/app/css/fonts/open-sans/OpenSans-Regular.ttf
Requested by
Host: atb.payfirma.com
URL: https://atb.payfirma.com/app/css/style-d89c31c0bc.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e64e508b2aa2880f907e470c4550980ec4c0694d103a43f36150ac3f93189bee
Security Headers
Name Value
Content-Security-Policy frame-src https://www.google.com/; child-src 'none'; object-src 'none'; frame-ancestors 'self'
Public-Key-Pins pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://atb.payfirma.com/app/css/style-d89c31c0bc.css
Origin
https://atb.payfirma.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 13:28:51 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 22 Feb 2024 19:52:28 GMT
server
cloudflare
content-security-policy
frame-src https://www.google.com/; child-src 'none'; object-src 'none'; frame-ancestors 'self'
etag
W/"35110-611fdc8787700"
allow
PUT, GET, POST, DELETE, PATCH, OPTIONS
vary
Accept-Encoding
content-type
font/ttf
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
868686f40f09498c-MIA
public-key-pins
pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
heap-1463243271.js
cdn.heapanalytics.com/js/ 		114 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.heapanalytics.com/js/heap-1463243271.js
Requested by
Host: atb.payfirma.com
URL: https://atb.payfirma.com/app/js/bundle-db381d0aa9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-82.jfk50.r.cloudfront.net
Software
nginx / Express
Resource Hash
49857823f726b90a15874f563bd4220c5bc5188ce141e6db104db21705d1556b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://atb.payfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 13:28:05 GMT
content-encoding
br
via
1.1 7c55514b62254664b7255cfc5da6dc92.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
x-amz-cf-pop
JFK50-P6
age
46
x-powered-by
Express
etag
W/"1c9d3-LFSopDCWN+9YbEpFLSFJxC/GkQw"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=120
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
KuB5682rzAGTBqzUU05ffImvNIkLUw8totTLKFHjcfEpDNZpAQ3Tqg==
atb
file.payfirma.com/theme/ 		637 KB
439 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://file.payfirma.com/theme/atb
Requested by
Host: atb.payfirma.com
URL: https://atb.payfirma.com/app/js/bundle-db381d0aa9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:63d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d0da844222681729c4001754007e089f47493cda6a16d4836add9264156bc7d
Security Headers
Name Value
Public-Key-Pins pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://atb.payfirma.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 13:28:52 GMT
strict-transport-security
max-age=2592000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
x-xss-protection
1; mode=block
x-application-context
application:4443
public-key-pins
pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
pragma
no-cache
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST, GET, PUT, OPTIONS, DELETE, PATCH
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
vary
Accept-Encoding
cf-ray
868686fa0d478dd8-MIA
access-control-allow-headers
Authorization,Accept,Content-Type,X-Requested-With,Referer,Origin
expires
0
en.json
atb.payfirma.com/languages/ 		59 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://atb.payfirma.com/languages/en.json
Requested by
Host: atb.payfirma.com
URL: https://atb.payfirma.com/app/js/bundle-db381d0aa9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2efc6ae7e0b2fbcb69c82d29e5c9286f3674cd6175653494d0000157290afa5
Security Headers
Name Value
Content-Security-Policy frame-src https://www.google.com/; child-src 'none'; object-src 'none'; frame-ancestors 'self'
Public-Key-Pins pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://atb.payfirma.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 13:28:51 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 22 Feb 2024 19:51:46 GMT
server
cloudflare
content-security-policy
frame-src https://www.google.com/; child-src 'none'; object-src 'none'; frame-ancestors 'self'
etag
W/"eda4-611fdc5f79880"
allow
PUT, GET, POST, DELETE, PATCH, OPTIONS
x-frame-options
SAMEORIGIN
content-type
application/json
vary
Accept-Encoding
cf-ray
868686f93e90498c-MIA
public-key-pins
pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
paper-system-idle.html
atb.payfirma.com/component/paper-system-idle/ 		594 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://atb.payfirma.com/component/paper-system-idle/paper-system-idle.html
Requested by
Host: atb.payfirma.com
URL: https://atb.payfirma.com/app/js/bundle-db381d0aa9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd8fc83879a38ff57f0ceb0719509dd62b4d7425bd59ba2f0119d1eb81ab8a9d
Security Headers
Name Value
Content-Security-Policy frame-src https://www.google.com/; child-src 'none'; object-src 'none'; frame-ancestors 'self'
Public-Key-Pins pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://atb.payfirma.com/
accept-language
en-US,en;q=0.9
Authorization
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 13:28:51 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 22 Feb 2024 19:51:48 GMT
server
cloudflare
content-security-policy
frame-src https://www.google.com/; child-src 'none'; object-src 'none'; frame-ancestors 'self'
allow
PUT, GET, POST, DELETE, PATCH, OPTIONS
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cf-ray
868686f93e91498c-MIA
public-key-pins
pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
paper-system-error.html
atb.payfirma.com/component/paper-system-error/ 		351 B
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://atb.payfirma.com/component/paper-system-error/paper-system-error.html
Requested by
Host: atb.payfirma.com
URL: https://atb.payfirma.com/app/js/bundle-db381d0aa9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
265403a714edc648cf1ff7bb4f45ef75cfb1202251889fe974daa3053960b683
Security Headers
Name Value
Content-Security-Policy frame-src https://www.google.com/; child-src 'none'; object-src 'none'; frame-ancestors 'self'
Public-Key-Pins pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://atb.payfirma.com/
accept-language
en-US,en;q=0.9
Authorization
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 13:28:51 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 22 Feb 2024 19:51:47 GMT
server
cloudflare
content-security-policy
frame-src https://www.google.com/; child-src 'none'; object-src 'none'; frame-ancestors 'self'
allow
PUT, GET, POST, DELETE, PATCH, OPTIONS
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cf-ray
868686f93e92498c-MIA
public-key-pins
pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
paper-toast.html
atb.payfirma.com/component/paper-toast/ 		449 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://atb.payfirma.com/component/paper-toast/paper-toast.html
Requested by
Host: atb.payfirma.com
URL: https://atb.payfirma.com/app/js/bundle-db381d0aa9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
682aa78340c9e27d13b7d503ea3a4500a4726ae4c029a48f22982f4656fc1e80
Security Headers
Name Value
Content-Security-Policy frame-src https://www.google.com/; child-src 'none'; object-src 'none'; frame-ancestors 'self'
Public-Key-Pins pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://atb.payfirma.com/
accept-language
en-US,en;q=0.9
Authorization
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 13:28:51 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 22 Feb 2024 19:51:48 GMT
server
cloudflare
content-security-policy
frame-src https://www.google.com/; child-src 'none'; object-src 'none'; frame-ancestors 'self'
allow
PUT, GET, POST, DELETE, PATCH, OPTIONS
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cf-ray
868686f93e94498c-MIA
public-key-pins
pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
paper-navigation.html
atb.payfirma.com/component/paper-navigation/ 		1011 B
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://atb.payfirma.com/component/paper-navigation/paper-navigation.html
Requested by
Host: atb.payfirma.com
URL: https://atb.payfirma.com/app/js/bundle-db381d0aa9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5f9333be74fe6b4d2a3c4b6c4a94313d73b0670135715ef07283399f67ce939
Security Headers
Name Value
Content-Security-Policy frame-src https://www.google.com/; child-src 'none'; object-src 'none'; frame-ancestors 'self'
Public-Key-Pins pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://atb.payfirma.com/
accept-language
en-US,en;q=0.9
Authorization
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 13:28:51 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 22 Feb 2024 19:51:47 GMT
server
cloudflare
content-security-policy
frame-src https://www.google.com/; child-src 'none'; object-src 'none'; frame-ancestors 'self'
allow
PUT, GET, POST, DELETE, PATCH, OPTIONS
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cf-ray
868686f95ebf498c-MIA
public-key-pins
pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
paper-header.html
atb.payfirma.com/component/paper-header/ 		393 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://atb.payfirma.com/component/paper-header/paper-header.html
Requested by
Host: atb.payfirma.com
URL: https://atb.payfirma.com/app/js/bundle-db381d0aa9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03c7ce89e30b60549229d938d3c8f693178689860bcaddc338a0b5b4dfcfb7a3
Security Headers
Name Value
Content-Security-Policy frame-src https://www.google.com/; child-src 'none'; object-src 'none'; frame-ancestors 'self'
Public-Key-Pins pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://atb.payfirma.com/
accept-language
en-US,en;q=0.9
Authorization
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 13:28:51 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 22 Feb 2024 19:51:47 GMT
server
cloudflare
content-security-policy
frame-src https://www.google.com/; child-src 'none'; object-src 'none'; frame-ancestors 'self'
allow
PUT, GET, POST, DELETE, PATCH, OPTIONS
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cf-ray
868686f95ec2498c-MIA
public-key-pins
pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
nr-1044.min.js
js-agent.newrelic.com/ 		22 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1044.min.js
Requested by
Host: atb.payfirma.com
URL: https://atb.payfirma.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2602:816:5001::39 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
574558bc99cbcc4c8a0e57519cb6a317a0a4e0b70094fbec41946138d576486b
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://atb.payfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
7HtucEuUII5n9P5t3z5IzYZpz_YC7K5u
content-encoding
br
via
1.1 varnish
date
Fri, 22 Mar 2024 13:28:51 GMT
strict-transport-security
max-age=300
x-amz-request-id
3G4XEN9MMFCMVRSW
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
9269
x-amz-id-2
jY2BwTy+7R60a8iObyXbbiPDjM+UzZPlxjrTjgltfsUAyCfKY01YDlb/jnI2BSBmPOyZEZT8e+0=
x-served-by
cache-mia-kmia1760022-MIA
last-modified
Wed, 18 Oct 2023 20:58:59 GMT
server
AmazonS3
etag
"6442aaa45ec28f8b2c541026f3c24871"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
297
h
heapanalytics.com/ 		37 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/h?a=1463243271&u=5995206272324416&v=6041075872860029&s=8365146406255678&b=web&tv=4.0&z=0&g=%23%2Flogin&h=%2F&d=atb.payfirma.com&t=Payfirma%20HQ&ts=1711114131701&st=1711114131710
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.160.7.164 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-160-7-164.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://atb.payfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Mar 2024 13:28:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
etag
W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
paper-header-help.html
atb.payfirma.com/component/paper-header-help/ 		2 KB
845 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://atb.payfirma.com/component/paper-header-help/paper-header-help.html
Requested by
Host: atb.payfirma.com
URL: https://atb.payfirma.com/app/js/bundle-db381d0aa9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c613cb1f75a5ced0d1d2362052c7eb65ea54761affe8f42032697c37c0c2054
Security Headers
Name Value
Content-Security-Policy frame-src https://www.google.com/; child-src 'none'; object-src 'none'; frame-ancestors 'self'
Public-Key-Pins pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://atb.payfirma.com/
accept-language
en-US,en;q=0.9
Authorization
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 13:28:51 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 22 Feb 2024 19:51:47 GMT
server
cloudflare
content-security-policy
frame-src https://www.google.com/; child-src 'none'; object-src 'none'; frame-ancestors 'self'
allow
PUT, GET, POST, DELETE, PATCH, OPTIONS
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cf-ray
868686fbeab5498c-MIA
public-key-pins
pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
paper-dropdown.html
atb.payfirma.com/component/paper-dropdown/ 		377 B
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://atb.payfirma.com/component/paper-dropdown/paper-dropdown.html
Requested by
Host: atb.payfirma.com
URL: https://atb.payfirma.com/app/js/bundle-db381d0aa9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
349e4fdf73f3af97a518eaf5a29635cf38f6b1ae607c55e08a99bd630d9a5442
Security Headers
Name Value
Content-Security-Policy frame-src https://www.google.com/; child-src 'none'; object-src 'none'; frame-ancestors 'self'
Public-Key-Pins pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://atb.payfirma.com/
accept-language
en-US,en;q=0.9
Authorization
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 13:28:52 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 22 Feb 2024 19:51:46 GMT
server
cloudflare
content-security-policy
frame-src https://www.google.com/; child-src 'none'; object-src 'none'; frame-ancestors 'self'
allow
PUT, GET, POST, DELETE, PATCH, OPTIONS
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cf-ray
868686fbeabb498c-MIA
public-key-pins
pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
4fdf79737a
bam.nr-data.net/1/ 		56 B
676 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/4fdf79737a?a=32788498&sa=1&v=1044.a6554e7&t=Unnamed%20Transaction&rst=2641&ref=https://atb.payfirma.com/&be=1723&fe=2508&dc=2198&perf=%7B%22timing%22:%7B%22of%22:1711114129199,%22n%22:0,%22f%22:1,%22dn%22:33,%22dne%22:33,%22c%22:33,%22s%22:66,%22ce%22:109,%22rq%22:110,%22rp%22:536,%22rpe%22:537,%22dl%22:540,%22di%22:2102,%22ds%22:2102,%22de%22:2199,%22dc%22:2508,%22l%22:2508,%22le%22:2509%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1044.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
978cb457b9642722b602ab2f8442966b720f56959197ed53553128b628876c99

Request headers

accept-language
en-US,en;q=0.9
Referer
https://atb.payfirma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 13:28:52 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
access-control-expose-headers
Date
Vary
Accept-Encoding
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
CF-Ray
868686fd1f404c33-MIA
timing-allow-origin
*
login.html
atb.payfirma.com/view/login/ 		5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://atb.payfirma.com/view/login/login.html
Requested by
Host: atb.payfirma.com
URL: https://atb.payfirma.com/app/js/bundle-db381d0aa9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23f8b5b47d08ba37ff8b3dca0eaa155174a4197c8f458a2f73bec9a48066d646
Security Headers
Name Value
Content-Security-Policy frame-src https://www.google.com/; child-src 'none'; object-src 'none'; frame-ancestors 'self'
Public-Key-Pins pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://atb.payfirma.com/
accept-language
en-US,en;q=0.9
Authorization
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 13:28:52 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 22 Feb 2024 19:51:47 GMT
server
cloudflare
content-security-policy
frame-src https://www.google.com/; child-src 'none'; object-src 'none'; frame-ancestors 'self'
allow
PUT, GET, POST, DELETE, PATCH, OPTIONS
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cf-ray
868686fcec14498c-MIA
public-key-pins
pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
paper-language.html
atb.payfirma.com/component/paper-language/ 		158 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://atb.payfirma.com/component/paper-language/paper-language.html
Requested by
Host: atb.payfirma.com
URL: https://atb.payfirma.com/app/js/bundle-db381d0aa9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd2beeedd70a89256092802a654f21cb612f807e5c8b3ba75c52c99711887c52
Security Headers
Name Value
Content-Security-Policy frame-src https://www.google.com/; child-src 'none'; object-src 'none'; frame-ancestors 'self'
Public-Key-Pins pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://atb.payfirma.com/
accept-language
en-US,en;q=0.9
Authorization
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 13:28:52 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 22 Feb 2024 19:51:47 GMT
server
cloudflare
content-security-policy
frame-src https://www.google.com/; child-src 'none'; object-src 'none'; frame-ancestors 'self'
allow
PUT, GET, POST, DELETE, PATCH, OPTIONS
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cf-ray
868686ff7fe8498c-MIA
public-key-pins
pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
paper-input.html
atb.payfirma.com/component/paper-input/ 		8 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://atb.payfirma.com/component/paper-input/paper-input.html
Requested by
Host: atb.payfirma.com
URL: https://atb.payfirma.com/app/js/bundle-db381d0aa9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26314aed26260fe5eb740cb9e675f4772286c983c5ce935a6fade5488868872a
Security Headers
Name Value
Content-Security-Policy frame-src https://www.google.com/; child-src 'none'; object-src 'none'; frame-ancestors 'self'
Public-Key-Pins pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://atb.payfirma.com/
accept-language
en-US,en;q=0.9
Authorization
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 13:28:52 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 22 Feb 2024 19:51:47 GMT
server
cloudflare
content-security-policy
frame-src https://www.google.com/; child-src 'none'; object-src 'none'; frame-ancestors 'self'
allow
PUT, GET, POST, DELETE, PATCH, OPTIONS
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cf-ray
868686ff7feb498c-MIA
public-key-pins
pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
paper-button.html
atb.payfirma.com/component/paper-button/ 		267 B
228 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://atb.payfirma.com/component/paper-button/paper-button.html
Requested by
Host: atb.payfirma.com
URL: https://atb.payfirma.com/app/js/bundle-db381d0aa9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c641cfce3a0befdb6fa22ac4d3aa0496e6d604ecb87d907d75f4974984aee8b4
Security Headers
Name Value
Content-Security-Policy frame-src https://www.google.com/; child-src 'none'; object-src 'none'; frame-ancestors 'self'
Public-Key-Pins pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://atb.payfirma.com/
accept-language
en-US,en;q=0.9
Authorization
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 13:28:52 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 22 Feb 2024 19:51:46 GMT
server
cloudflare
content-security-policy
frame-src https://www.google.com/; child-src 'none'; object-src 'none'; frame-ancestors 'self'
allow
PUT, GET, POST, DELETE, PATCH, OPTIONS
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cf-ray
868686ff8ff9498c-MIA
public-key-pins
pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
1.jpg
atb.payfirma.com/app/css/background/ 		608 KB
608 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atb.payfirma.com/app/css/background/1.jpg
Requested by
Host: atb.payfirma.com
URL: https://atb.payfirma.com/app/css/style-d89c31c0bc.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b79d0419c7072aac6df963e7d951f7f5d4b8d586f7925871d56b1f3b0e35fd03
Security Headers
Name Value
Content-Security-Policy frame-src https://www.google.com/; child-src 'none'; object-src 'none'; frame-ancestors 'self'
Public-Key-Pins pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://atb.payfirma.com/app/css/style-d89c31c0bc.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 13:28:52 GMT
strict-transport-security
max-age=2592000; includeSubDomains
cf-cache-status
MISS
content-security-policy
frame-src https://www.google.com/; child-src 'none'; object-src 'none'; frame-ancestors 'self'
content-length
622196
public-key-pins
pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
last-modified
Thu, 22 Feb 2024 19:52:28 GMT
server
cloudflare
etag
"97e74-611fdc8787700"
allow
PUT, GET, POST, DELETE, PATCH, OPTIONS
vary
Accept-Encoding
content-type
image/jpeg
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
868686ff8ffe498c-MIA
logo-payfirma-orange.png
atb.payfirma.com/app/css/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atb.payfirma.com/app/css/images/logo-payfirma-orange.png
Requested by
Host: atb.payfirma.com
URL: https://atb.payfirma.com/app/css/style-d89c31c0bc.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6204aeae5f72d3cc34ab96efecb0e60dba476bf9e25e9f2a8c18199951f73331
Security Headers
Name Value
Content-Security-Policy frame-src https://www.google.com/; child-src 'none'; object-src 'none'; frame-ancestors 'self'
Public-Key-Pins pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://atb.payfirma.com/app/css/style-d89c31c0bc.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 13:28:52 GMT
strict-transport-security
max-age=2592000; includeSubDomains
cf-cache-status
MISS
content-security-policy
frame-src https://www.google.com/; child-src 'none'; object-src 'none'; frame-ancestors 'self'
content-length
5820
public-key-pins
pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
last-modified
Thu, 22 Feb 2024 19:52:02 GMT
server
cloudflare
etag
"16bc-611fdc6ebbc80"
allow
PUT, GET, POST, DELETE, PATCH, OPTIONS
vary
Accept-Encoding
content-type
image/png
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
868686ff8ffb498c-MIA
OpenSans-Light.ttf
atb.payfirma.com/app/css/fonts/open-sans/ 		217 KB
116 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://atb.payfirma.com/app/css/fonts/open-sans/OpenSans-Light.ttf
Requested by
Host: atb.payfirma.com
URL: https://atb.payfirma.com/app/css/style-d89c31c0bc.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf5f5184c1441a1660aa52526328e9d5c2793e77b6d8d3a3ad654bdb07ab8424
Security Headers
Name Value
Content-Security-Policy frame-src https://www.google.com/; child-src 'none'; object-src 'none'; frame-ancestors 'self'
Public-Key-Pins pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://atb.payfirma.com/app/css/style-d89c31c0bc.css
Origin
https://atb.payfirma.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 13:28:52 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 22 Feb 2024 19:52:28 GMT
server
cloudflare
content-security-policy
frame-src https://www.google.com/; child-src 'none'; object-src 'none'; frame-ancestors 'self'
etag
W/"364cc-611fdc8787700"
allow
PUT, GET, POST, DELETE, PATCH, OPTIONS
vary
Accept-Encoding
content-type
font/ttf
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
868686ff8ff6498c-MIA
public-key-pins
pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
OpenSans-Semibold.ttf
atb.payfirma.com/app/css/fonts/open-sans/ 		216 KB
117 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://atb.payfirma.com/app/css/fonts/open-sans/OpenSans-Semibold.ttf
Requested by
Host: atb.payfirma.com
URL: https://atb.payfirma.com/app/css/style-d89c31c0bc.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa3b0ef53db12e3d45094030cac0e69d384e44cc5978643dd4390041cad546e2
Security Headers
Name Value
Content-Security-Policy frame-src https://www.google.com/; child-src 'none'; object-src 'none'; frame-ancestors 'self'
Public-Key-Pins pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://atb.payfirma.com/app/css/style-d89c31c0bc.css
Origin
https://atb.payfirma.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 13:28:53 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 22 Feb 2024 19:52:28 GMT
server
cloudflare
content-security-policy
frame-src https://www.google.com/; child-src 'none'; object-src 'none'; frame-ancestors 'self'
etag
W/"36090-611fdc8787700"
allow
PUT, GET, POST, DELETE, PATCH, OPTIONS
vary
Accept-Encoding
content-type
font/ttf
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
868687013a70498c-MIA
public-key-pins
pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
truncated
/ 		219 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f6de3ea26868b8dc6fe502c5456a8c7d779574fab215d2ab126bb9440097de0a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f81f6b15a084d02795b83db72d2c244fd004126125394d20aa2891942f61fa40

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
94c9da396d4fbb25e431176b342a2e7202df13f1cfa43ecd8b5ae2de41a7029d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| globalAntiCSRFToken object| angular number| ng339 object| NREUM object| newrelic function| __nr_require function| $ function| jQuery function| P object| L object| fabric function| Darkroom function| tinycolor object| PAYFIRMA function| _ function| moment object| Rx object| heap

4 Cookies

Domain/Path Name / Value
atb.payfirma.com/ Name: COOKIE_LOCALE_LANG
Value: %22en-US%22
.payfirma.com/ Name: _hp2_id.1463243271
Value: %7B%22userId%22%3A%225995206272324416%22%2C%22pageviewId%22%3A%226041075872860029%22%2C%22sessionId%22%3A%228365146406255678%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.payfirma.com/ Name: _hp2_ses_props.1463243271
Value: %7B%22ts%22%3A1711114131701%2C%22d%22%3A%22atb.payfirma.com%22%2C%22h%22%3A%22%2F%22%2C%22g%22%3A%22%23%2Flogin%22%7D
.nr-data.net/ Name: JSESSIONID
Value: 734ff0e61358a2eb

3 Console Messages

Source Level URL
Text
security error URL: https://atb.payfirma.com/
Message:
The Content Security Policy directive 'frame-ancestors' is ignored when delivered via a <meta> element.
rendering warning URL: https://atb.payfirma.com/
Message:
The key "target-densitydpi" is not supported.
other warning URL: https://atb.payfirma.com/#/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-src https://www.google.com/; child-src 'none'; object-src 'none'; frame-ancestors 'self'
Public-Key-Pins pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

atb.payfirma.com
bam.nr-data.net
cdn.heapanalytics.com
file.payfirma.com
heapanalytics.com
js-agent.newrelic.com
162.247.241.14
18.164.116.82
2602:816:5001::39
2606:4700:10::6814:63d
2606:4700:10::6814:73d
54.160.7.164
03c7ce89e30b60549229d938d3c8f693178689860bcaddc338a0b5b4dfcfb7a3
0c613cb1f75a5ced0d1d2362052c7eb65ea54761affe8f42032697c37c0c2054
15918781699f304b8f70c572a172230b2b311318261506077c4b1679f6aa7382
20cfa9398db43dea8559d4ce351c0ec28706287d10daf77ecb84a2f3be266399
21794d285b0073cf47edb87743649e7801beea333ce78b6ea978e6f103888e46
23f8b5b47d08ba37ff8b3dca0eaa155174a4197c8f458a2f73bec9a48066d646
26314aed26260fe5eb740cb9e675f4772286c983c5ce935a6fade5488868872a
265403a714edc648cf1ff7bb4f45ef75cfb1202251889fe974daa3053960b683
349e4fdf73f3af97a518eaf5a29635cf38f6b1ae607c55e08a99bd630d9a5442
410034eec5a02f0a8092ade8420a9c9caee53961b7cc19bec64a2c7025fea6fe
49857823f726b90a15874f563bd4220c5bc5188ce141e6db104db21705d1556b
574558bc99cbcc4c8a0e57519cb6a317a0a4e0b70094fbec41946138d576486b
6204aeae5f72d3cc34ab96efecb0e60dba476bf9e25e9f2a8c18199951f73331
682aa78340c9e27d13b7d503ea3a4500a4726ae4c029a48f22982f4656fc1e80
6bd5a36f639a029e57b8c3123b88cd360a9132b7e3815ea14116ca228e87da7d
86a826608948ce650c3754e8e8e13e5db84cbf0bd24312327cae64bf84e58214
94c9da396d4fbb25e431176b342a2e7202df13f1cfa43ecd8b5ae2de41a7029d
978cb457b9642722b602ab2f8442966b720f56959197ed53553128b628876c99
9ac690dab2fbc9e4d1b6bd85c01f45e5ed9b8cd0a2f1db84480437e5e3cfb62b
9d0da844222681729c4001754007e089f47493cda6a16d4836add9264156bc7d
aa3b0ef53db12e3d45094030cac0e69d384e44cc5978643dd4390041cad546e2
b79d0419c7072aac6df963e7d951f7f5d4b8d586f7925871d56b1f3b0e35fd03
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c641cfce3a0befdb6fa22ac4d3aa0496e6d604ecb87d907d75f4974984aee8b4
cd8fc83879a38ff57f0ceb0719509dd62b4d7425bd59ba2f0119d1eb81ab8a9d
cf5f5184c1441a1660aa52526328e9d5c2793e77b6d8d3a3ad654bdb07ab8424
d2efc6ae7e0b2fbcb69c82d29e5c9286f3674cd6175653494d0000157290afa5
dd2beeedd70a89256092802a654f21cb612f807e5c8b3ba75c52c99711887c52
e487161cfc6f3eecac1e19ed6f0f6c7dc36ce1523919ffe0ae93687730c061a2
e64e508b2aa2880f907e470c4550980ec4c0694d103a43f36150ac3f93189bee
f5f9333be74fe6b4d2a3c4b6c4a94313d73b0670135715ef07283399f67ce939
f6de3ea26868b8dc6fe502c5456a8c7d779574fab215d2ab126bb9440097de0a
f81f6b15a084d02795b83db72d2c244fd004126125394d20aa2891942f61fa40