Submitted URL: http://jetpay.com/
Effective URL: https://payments.ncr.com/
Submission: On August 13 via api from CH

Summary

This website contacted 26 IPs in 4 countries across 24 domains to perform 76 HTTP transactions. The main IP is 3.208.137.166, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is payments.ncr.com.
TLS certificate: Issued by Amazon on March 5th 2021. Valid for: a year.
This is the only time payments.ncr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.71.63.84 14618 (AMAZON-AES)
30 3.208.137.166 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
6 6 54.85.165.246 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2 2620:119:50e1... 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
1 108.174.10.14 14413 (LINKEDIN)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a03:2880:f01... 32934 (FACEBOOK)
2 2a03:2880:f14... 32934 (FACEBOOK)
76 26
Domain Requested by
30 payments.ncr.com payments.ncr.com
6 www.jetpay.com 6 redirects
5 track.hubspot.com
5 fonts.gstatic.com fonts.googleapis.com
4 forms.hsforms.com js.hsforms.net
4 pro.fontawesome.com payments.ncr.com
pro.fontawesome.com
3 connect.facebook.net js.hsadspixel.net
connect.facebook.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 www.googletagmanager.com payments.ncr.com
www.googletagmanager.com
2 www.facebook.com connect.facebook.net
2 px.ads.linkedin.com 2 redirects
2 snap.licdn.com payments.ncr.com
js.hsadspixel.net
2 unpkg.com payments.ncr.com
2 fonts.googleapis.com payments.ncr.com
1 api.hubapi.com js.hsadspixel.net
1 js.hs-banner.com js.hs-scripts.com
1 js.hsadspixel.net js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 www.google.de payments.ncr.com
1 www.google.com payments.ncr.com
1 cdn2.hubspot.net payments.ncr.com
1 stats.g.doubleclick.net www.google-analytics.com
1 px4.ads.linkedin.com payments.ncr.com
1 www.linkedin.com 1 redirects
1 js.hs-scripts.com payments.ncr.com
1 js.hsforms.net payments.ncr.com
1 jetpay.com 1 redirects
76 27

This site contains links to these domains. Also see Links.

Domain
www.ncr.com
ncr.com
Subject Issuer Validity Valid
*.ncr.com
Amazon
2021-03-05 -
2022-04-03
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-13 -
2021-12-14
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-07-02 -
2022-07-01
a year crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA
2021-04-30 -
2022-05-11
a year crt.sh
*.gstatic.com
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA
2021-04-15 -
2021-10-15
6 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
hubspot.net
Cloudflare Inc ECC CA-3
2021-06-06 -
2022-06-05
a year crt.sh
www.google.com
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
www.google.de
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
hubspot.com
Cloudflare Inc ECC CA-3
2021-06-26 -
2022-06-25
a year crt.sh
hubapi.com
Cloudflare Inc ECC CA-3
2021-06-07 -
2022-06-06
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-07-20 -
2021-10-18
3 months crt.sh

This page contains 1 frames:

Primary Page: https://payments.ncr.com/
Frame ID: B6278B6316A974C7A3786741BB53AD31
Requests: 76 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://jetpay.com/ HTTP 301
    https://payments.ncr.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<link [^>]*href=(?:"|')[^"']*elementor\/assets/i
  • html /<link [^>]*href=(?:"|')[^"']*uploads\/elementor\/css/i

Overall confidence: 100%
Detected patterns
  • html /<link [^>]*href=(?:"|')[^"']*elementor\/assets/i
  • html /<link [^>]*href=(?:"|')[^"']*uploads\/elementor\/css/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<link [^>]*href=(?:"|')[^"']*elementor\/assets/i
  • html /<link [^>]*href=(?:"|')[^"']*uploads\/elementor\/css/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<link [^>]*href=(?:"|')[^"']*elementor\/assets/i
  • html /<link [^>]*href=(?:"|')[^"']*uploads\/elementor\/css/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • html /<!-- (?:End )?Google Tag Manager -->/i

Page Statistics

76
Requests

100 %
HTTPS

87 %
IPv6

24
Domains

27
Subdomains

26
IPs

4
Countries

1755 kB
Transfer

3913 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://jetpay.com/ HTTP 301
    https://payments.ncr.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34
  • https://www.jetpay.com/wp-content/uploads/2019/02/FRONTPAGE.jpg HTTP 301
  • https://payments.ncr.com/wp-content/uploads/2019/02/FRONTPAGE.jpg
Request Chain 35
  • https://www.jetpay.com/wp-content/uploads/2019/02/cardhands.jpg HTTP 301
  • https://payments.ncr.com/wp-content/uploads/2019/02/cardhands.jpg
Request Chain 36
  • https://www.jetpay.com/wp-content/uploads/2019/02/hrp.jpg HTTP 301
  • https://payments.ncr.com/wp-content/uploads/2019/02/hrp.jpg
Request Chain 37
  • https://www.jetpay.com/wp-content/uploads/2019/02/govt.jpg HTTP 301
  • https://payments.ncr.com/wp-content/uploads/2019/02/govt.jpg
Request Chain 38
  • https://www.jetpay.com/wp-content/uploads/2019/02/partnership.jpg HTTP 301
  • https://payments.ncr.com/wp-content/uploads/2019/02/partnership.jpg
Request Chain 44
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=903866&time=1628853380232&url=https%3A%2F%2Fpayments.ncr.com%2F HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D903866%26time%3D1628853380232%26url%3Dhttps%253A%252F%252Fpayments.ncr.com%252F%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=903866&time=1628853380232&url=https%3A%2F%2Fpayments.ncr.com%2F&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=903866&time=1628853380232&url=https%3A%2F%2Fpayments.ncr.com%2F&liSync=true&e_ipv6=AQIGP2rVA2xeEAAAAXs_OiaXt_KPzW6606QRY8ZKymYc2fpZxZnH1d4g1Ln1F-gc2lpgQCP3
Request Chain 46
  • https://www.jetpay.com/wp-content/uploads/2019/02/JetPayMeeting.jpg HTTP 301
  • https://payments.ncr.com/wp-content/uploads/2019/02/JetPayMeeting.jpg

76 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
payments.ncr.com/
Redirect Chain
  • http://jetpay.com/
  • https://payments.ncr.com/
49 KB
10 KB
Document
General
Full URL
https://payments.ncr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.137.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-137-166.compute-1.amazonaws.com
Software
nginx / PHP/5.6.40
Resource Hash
5c79dae1b6d0257181db1c63247545e2ccdd1e731f44379287c68be10bd9631a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
payments.ncr.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:19 GMT
content-type
text/html; charset=UTF-8
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/5.6.40
link
<https://payments.ncr.com/wp-json/>; rel="https://api.w.org/" <https://payments.ncr.com/>; rel=shortlink
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
content-encoding
gzip

Redirect headers

Server
nginx
Date
Fri, 13 Aug 2021 11:16:18 GMT
Content-Type
text/html
Content-Length
178
Connection
keep-alive
Location
https://payments.ncr.com/
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
js
www.googletagmanager.com/gtag/
100 KB
40 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-96363913-1
Requested by
Host: payments.ncr.com
URL: https://payments.ncr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4f5561bf2fa5bf44ac3f148280075f8c6b2115163b34d94935fa66b10f785798
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:19 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40906
x-xss-protection
0
last-modified
Fri, 13 Aug 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 13 Aug 2021 11:16:19 GMT
style.min.css
payments.ncr.com/wp-includes/css/dist/block-library/
29 KB
5 KB
Stylesheet
General
Full URL
https://payments.ncr.com/wp-includes/css/dist/block-library/style.min.css?ver=5.2.11
Requested by
Host: payments.ncr.com
URL: https://payments.ncr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.137.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-137-166.compute-1.amazonaws.com
Software
nginx /
Resource Hash
857c89b90bea6b75f04b6cc7b659594ea58b72724f1c6dde3955c958d4627245
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-includes/css/dist/block-library/style.min.css?ver=5.2.11
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
payments.ncr.com
referer
https://payments.ncr.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Apr 2021 07:54:20 GMT
server
nginx
etag
W/"6077f12c-7257"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=315360000
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
elementor-icons.min.css
payments.ncr.com/wp-content/plugins/elementor/assets/lib/eicons/css/
11 KB
3 KB
Stylesheet
General
Full URL
https://payments.ncr.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=4.3.0
Requested by
Host: payments.ncr.com
URL: https://payments.ncr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.137.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-137-166.compute-1.amazonaws.com
Software
nginx /
Resource Hash
3b4cfe724d0ef7840099ced8aa63bee82833a04358b8102a2b0df13ee7b98655
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=4.3.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
payments.ncr.com
referer
https://payments.ncr.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 04 Mar 2019 20:36:38 GMT
server
nginx
etag
W/"5c7d8c56-2cfa"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=315360000
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
font-awesome.min.css
payments.ncr.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://payments.ncr.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
Requested by
Host: payments.ncr.com
URL: https://payments.ncr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.137.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-137-166.compute-1.amazonaws.com
Software
nginx /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
payments.ncr.com
referer
https://payments.ncr.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 04 Mar 2019 20:36:38 GMT
server
nginx
etag
W/"5c7d8c56-7918"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=315360000
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
animations.min.css
payments.ncr.com/wp-content/plugins/elementor/assets/lib/animations/
18 KB
3 KB
Stylesheet
General
Full URL
https://payments.ncr.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=2.5.1
Requested by
Host: payments.ncr.com
URL: https://payments.ncr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.137.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-137-166.compute-1.amazonaws.com
Software
nginx /
Resource Hash
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=2.5.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
payments.ncr.com
referer
https://payments.ncr.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 04 Mar 2019 20:36:38 GMT
server
nginx
etag
W/"5c7d8c56-4824"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=315360000
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
custom-frontend.min.css
payments.ncr.com/wp-content/uploads/elementor/css/
92 KB
13 KB
Stylesheet
General
Full URL
https://payments.ncr.com/wp-content/uploads/elementor/css/custom-frontend.min.css?ver=1566593596
Requested by
Host: payments.ncr.com
URL: https://payments.ncr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.137.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-137-166.compute-1.amazonaws.com
Software
nginx /
Resource Hash
508191fb54ef758c953e53918a3e817c499cfb642fa92b48d053db9456b467e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/elementor/css/custom-frontend.min.css?ver=1566593596
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
payments.ncr.com
referer
https://payments.ncr.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Aug 2019 20:53:16 GMT
server
nginx
etag
W/"5d60523c-17181"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=315360000
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
custom-pro-frontend.min.css
payments.ncr.com/wp-content/uploads/elementor/css/
191 KB
20 KB
Stylesheet
General
Full URL
https://payments.ncr.com/wp-content/uploads/elementor/css/custom-pro-frontend.min.css?ver=1566593596
Requested by
Host: payments.ncr.com
URL: https://payments.ncr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.137.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-137-166.compute-1.amazonaws.com
Software
nginx /
Resource Hash
84f1fabceac49962479ab2c7d63e0a744059976e5a15e31214ae1c00b2c738a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/elementor/css/custom-pro-frontend.min.css?ver=1566593596
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
payments.ncr.com
referer
https://payments.ncr.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Aug 2019 20:53:16 GMT
server
nginx
etag
W/"5d60523c-2fa18"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=315360000
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
global.css
payments.ncr.com/wp-content/uploads/elementor/css/
138 B
449 B
Stylesheet
General
Full URL
https://payments.ncr.com/wp-content/uploads/elementor/css/global.css?ver=1574719103
Requested by
Host: payments.ncr.com
URL: https://payments.ncr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.137.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-137-166.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2a618868c33965ca18cd39434e87fd5c9d6069a3af3c98487409266c45bff9d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/elementor/css/global.css?ver=1574719103
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
payments.ncr.com
referer
https://payments.ncr.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 25 Nov 2019 21:58:23 GMT
server
nginx
etag
W/"5ddc4e7f-8a"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=315360000
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
post-29.css
payments.ncr.com/wp-content/uploads/elementor/css/
18 KB
2 KB
Stylesheet
General
Full URL
https://payments.ncr.com/wp-content/uploads/elementor/css/post-29.css?ver=1601660084
Requested by
Host: payments.ncr.com
URL: https://payments.ncr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.137.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-137-166.compute-1.amazonaws.com
Software
nginx /
Resource Hash
df53c272c23b5f3c4079b546de8f58ef60a84fda740ae64703d8072aaea3840f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/elementor/css/post-29.css?ver=1601660084
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
payments.ncr.com
referer
https://payments.ncr.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 02 Oct 2020 17:34:44 GMT
server
nginx
etag
W/"5f7764b4-46c9"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=315360000
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
app.703eb01b870b018641fe.css
payments.ncr.com/wp-content/themes/jetpay/build/
84 KB
10 KB
Stylesheet
General
Full URL
https://payments.ncr.com/wp-content/themes/jetpay/build/app.703eb01b870b018641fe.css
Requested by
Host: payments.ncr.com
URL: https://payments.ncr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.137.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-137-166.compute-1.amazonaws.com
Software
nginx /
Resource Hash
c5621e8777b989c71259b0ea933265998d7f0c751a867b3c77dbd76a30e8a83c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/themes/jetpay/build/app.703eb01b870b018641fe.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
payments.ncr.com
referer
https://payments.ncr.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 08 Mar 2019 18:43:35 GMT
server
nginx
etag
W/"5c82b7d7-14e05"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=315360000
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts.googleapis.com/
27 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Raleway%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.2.11
Requested by
Host: payments.ncr.com
URL: https://payments.ncr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f859096ae2b753f5d7fec25ac5d59f567eeee8279ba6d42fe36c9f662e32ee51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 13 Aug 2021 11:10:44 GMT
server
ESF
date
Fri, 13 Aug 2021 11:16:19 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 13 Aug 2021 11:16:19 GMT
jquery.js
payments.ncr.com/wp-includes/js/jquery/
95 KB
33 KB
Script
General
Full URL
https://payments.ncr.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: payments.ncr.com
URL: https://payments.ncr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.137.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-137-166.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
payments.ncr.com
referer
https://payments.ncr.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 17 May 2019 17:08:53 GMT
server
nginx
etag
W/"5cdeeaa5-17a69"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=315360000
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-migrate.min.js
payments.ncr.com/wp-includes/js/jquery/
10 KB
4 KB
Script
General
Full URL
https://payments.ncr.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: payments.ncr.com
URL: https://payments.ncr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.137.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-137-166.compute-1.amazonaws.com
Software
nginx /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
payments.ncr.com
referer
https://payments.ncr.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 20 May 2016 06:11:28 GMT
server
nginx
etag
W/"573eaa90-2748"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=315360000
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
all.css
pro.fontawesome.com/releases/v5.5.0/css/
71 KB
15 KB
Stylesheet
General
Full URL
https://pro.fontawesome.com/releases/v5.5.0/css/all.css
Requested by
Host: payments.ncr.com
URL: https://payments.ncr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b03898672d84cf2362e40d6459d9ade748ecd338ffbeeee256e07630bd07e48c

Request headers

Origin
https://payments.ncr.com
Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:19 GMT
content-encoding
gzip
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
age
3863632
x-amz-request-id
BS9590B2EM044G8E
x-amz-id-2
KAwTKYneO5AT5EbbmbCAcJo9LVfwlccvluI9f0HhmweKWk+cy/gC4MBE6Fj5tvQDa7kd01V1noc=
last-modified
Mon, 28 Jun 2021 17:28:43 GMT
server
cloudflare
etag
W/"75f13e3f5bea848834d983b9f682aa15"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
67e187d6dc864309-FRA
ncr-acquisition-banner.esm.js
unpkg.com/ncr-acquisition-banner@0.0.1/dist/ncr-acquisition-banner/
211 B
575 B
Script
General
Full URL
https://unpkg.com/ncr-acquisition-banner@0.0.1/dist/ncr-acquisition-banner/ncr-acquisition-banner.esm.js
Requested by
Host: payments.ncr.com
URL: https://payments.ncr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd217155c2287724b9f110e8715e8a9cea927770511a8e75b2aadc5afc34ec94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://payments.ncr.com
Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:19 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
content-encoding
br
vary
Accept-Encoding
fly-request-id
01FCZKM8K3C7VKFQATM7550AG8
server
cloudflare
etag
W/"d3-6lbB5fkz8ok7FX7DgtsFA8PxH7c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
67e187d6ed13dfd7-FRA
NcrLogo.svg
payments.ncr.com/wp-content/uploads/2019/04/
3 KB
2 KB
Image
General
Full URL
https://payments.ncr.com/wp-content/uploads/2019/04/NcrLogo.svg
Requested by
Host: payments.ncr.com
URL: https://payments.ncr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.137.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-137-166.compute-1.amazonaws.com
Software
nginx /
Resource Hash
216295e0b9bb543ef899bb5b93ae58ad7f162b819b4bee211c6def5530ae215b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/2019/04/NcrLogo.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
payments.ncr.com
referer
https://payments.ncr.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 26 Apr 2019 14:56:46 GMT
server
nginx
etag
W/"5cc31c2e-d77"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-xss-protection
1; mode=block
v2.js
js.hsforms.net/forms/
570 KB
145 KB
Script
General
Full URL
https://js.hsforms.net/forms/v2.js
Requested by
Host: payments.ncr.com
URL: https://payments.ncr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b849 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b1a8f3b6f90faae30e65739ef166d60336c68e163c07e7f8a2a9df624493944
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:19 GMT
via
1.1 c84ecfd128e1f4c41a53a2b42410f3b8.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
181
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-replication-status
COMPLETED
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Thu, 12 Aug 2021 02:30:48 UTC
server
cloudflare
etag
W/"5b7321f57deebc79b8cc5ee735fa60d4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2tg15kPgoP348FfOU5wO%2FbRm4YcmAwKcdtd%2B1NdyvKWq%2Bse6OEy3JoccFDmmQKN8Ico%2B9cVB841uyYbwToOttF9libO%2BE6N2p935gZQ9uZvAuYQg6mjR6rM2owsc8B%2BiviPLCzZ5%2FjH2rmF8"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
LL0ErcE2VQWo._Lu06L_R7fT8dckAz.Q
access-control-allow-origin
*
cache-control
s-maxage=600, max-age=0
x-hs-cache-status
HIT
x-amz-cf-pop
IAD89-C3
cf-ray
67e187d8dd314ed3-FRA
x-amz-cf-id
gC1q094X8qJFZN5zIIjz4x2V8sv0lCguCvcNNCFQ6lXBbh6ZU69g8Q==
x-hs-target-asset
FormsNext/static-5.354/bundles/project_with_deps.js
appbundle.869cf794.js
payments.ncr.com/wp-content/themes/jetpay/build/
362 KB
133 KB
Script
General
Full URL
https://payments.ncr.com/wp-content/themes/jetpay/build/appbundle.869cf794.js
Requested by
Host: payments.ncr.com
URL: https://payments.ncr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.137.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-137-166.compute-1.amazonaws.com
Software
nginx /
Resource Hash
0e4c929fd79e8edff6b17067753d1f9a59e2770258c80e535a662ce871ba0465
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/themes/jetpay/build/appbundle.869cf794.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
payments.ncr.com
referer
https://payments.ncr.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 08 Mar 2019 18:43:35 GMT
server
nginx
etag
W/"5c82b7d7-5a745"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=315360000
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
wp-embed.min.js
payments.ncr.com/wp-includes/js/
1 KB
1 KB
Script
General
Full URL
https://payments.ncr.com/wp-includes/js/wp-embed.min.js?ver=5.2.11
Requested by
Host: payments.ncr.com
URL: https://payments.ncr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.137.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-137-166.compute-1.amazonaws.com
Software
nginx /
Resource Hash
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-includes/js/wp-embed.min.js?ver=5.2.11
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
payments.ncr.com
referer
https://payments.ncr.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Apr 2021 07:54:20 GMT
server
nginx
etag
W/"6077f12c-56f"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=315360000
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
frontend-modules.js
payments.ncr.com/wp-content/plugins/elementor/assets/js/
23 KB
6 KB
Script
General
Full URL
https://payments.ncr.com/wp-content/plugins/elementor/assets/js/frontend-modules.js?ver=2.5.1
Requested by
Host: payments.ncr.com
URL: https://payments.ncr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.137.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-137-166.compute-1.amazonaws.com
Software
nginx /
Resource Hash
19ef96421bedd477b0c56c641ce0678208710f70e265f7524c9a3d9f02f57476
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/plugins/elementor/assets/js/frontend-modules.js?ver=2.5.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
payments.ncr.com
referer
https://payments.ncr.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 04 Mar 2019 20:36:38 GMT
server
nginx
etag
W/"5c7d8c56-5a2a"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=315360000
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.sticky.min.js
payments.ncr.com/wp-content/plugins/elementor-pro/assets/lib/sticky/
6 KB
2 KB
Script
General
Full URL
https://payments.ncr.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=2.4.6
Requested by
Host: payments.ncr.com
URL: https://payments.ncr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.137.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-137-166.compute-1.amazonaws.com
Software
nginx /
Resource Hash
eab347af732bc8b6dff914e54ff3e5dec6a84e8aa8315c2f9b64c17978f80fae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=2.4.6
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
payments.ncr.com
referer
https://payments.ncr.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 04 Mar 2019 20:36:41 GMT
server
nginx
etag
W/"5c7d8c59-191f"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=315360000
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
frontend.min.js
payments.ncr.com/wp-content/plugins/elementor-pro/assets/js/
78 KB
15 KB
Script
General
Full URL
https://payments.ncr.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=2.4.6
Requested by
Host: payments.ncr.com
URL: https://payments.ncr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.137.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-137-166.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6f642e4c27cb7fadcbba9872d65804d85409da6f47269bd25ebc75e93cd445a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=2.4.6
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
payments.ncr.com
referer
https://payments.ncr.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 04 Mar 2019 20:36:41 GMT
server
nginx
etag
W/"5c7d8c59-13884"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=315360000
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
position.min.js
payments.ncr.com/wp-includes/js/jquery/ui/
6 KB
3 KB
Script
General
Full URL
https://payments.ncr.com/wp-includes/js/jquery/ui/position.min.js?ver=1.11.4
Requested by
Host: payments.ncr.com
URL: https://payments.ncr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.137.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-137-166.compute-1.amazonaws.com
Software
nginx /
Resource Hash
0ce51090b148a45a0e3d652719ed6ef7f1a38e5d272dbf874f86a49664e897a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-includes/js/jquery/ui/position.min.js?ver=1.11.4
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
payments.ncr.com
referer
https://payments.ncr.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Apr 2021 07:54:20 GMT
server
nginx
etag
W/"6077f12c-1926"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=315360000
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
dialog.min.js
payments.ncr.com/wp-content/plugins/elementor/assets/lib/dialog/
10 KB
4 KB
Script
General
Full URL
https://payments.ncr.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.7.1
Requested by
Host: payments.ncr.com
URL: https://payments.ncr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.137.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-137-166.compute-1.amazonaws.com
Software
nginx /
Resource Hash
226493c7f7a033b43e24d0ce2115ef8d2be36fe6de4dbf6a3cbba6dca53be7c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.7.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
payments.ncr.com
referer
https://payments.ncr.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 04 Mar 2019 20:36:38 GMT
server
nginx
etag
W/"5c7d8c56-2948"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=315360000
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
waypoints.min.js
payments.ncr.com/wp-content/plugins/elementor/assets/lib/waypoints/
12 KB
3 KB
Script
General
Full URL
https://payments.ncr.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
Requested by
Host: payments.ncr.com
URL: https://payments.ncr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.137.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-137-166.compute-1.amazonaws.com
Software
nginx /
Resource Hash
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
payments.ncr.com
referer
https://payments.ncr.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 04 Mar 2019 20:36:38 GMT
server
nginx
etag
W/"5c7d8c56-2fa6"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=315360000
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
swiper.min.js
payments.ncr.com/wp-content/plugins/elementor/assets/lib/swiper/
123 KB
32 KB
Script
General
Full URL
https://payments.ncr.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=4.4.6
Requested by
Host: payments.ncr.com
URL: https://payments.ncr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.137.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-137-166.compute-1.amazonaws.com
Software
nginx /
Resource Hash
765d1654297c8d730165fbe731eca09c1d3e6efaa9e7006aaa567c5a2f7994ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=4.4.6
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
payments.ncr.com
referer
https://payments.ncr.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 04 Mar 2019 20:36:38 GMT
server
nginx
etag
W/"5c7d8c56-1eab1"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=315360000
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
frontend.min.js
payments.ncr.com/wp-content/plugins/elementor/assets/js/
40 KB
11 KB
Script
General
Full URL
https://payments.ncr.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=2.5.1
Requested by
Host: payments.ncr.com
URL: https://payments.ncr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.137.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-137-166.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b67f6ac26438a2c97721a0309c1f8d5a69699f2dfa5419e917e2310a76f70b2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=2.5.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
payments.ncr.com
referer
https://payments.ncr.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 04 Mar 2019 20:36:38 GMT
server
nginx
etag
W/"5c7d8c56-9eef"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=315360000
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
2004225.js
js.hs-scripts.com/
1 KB
924 B
Script
General
Full URL
https://js.hs-scripts.com/2004225.js
Requested by
Host: payments.ncr.com
URL: https://payments.ncr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:d5cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e52a23f52b385ea77d260c3534a0cc1a4aa78e43610669df602be6a0453ce998

Request headers

Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:20 GMT
content-encoding
br
cf-cache-status
EXPIRED
server
cloudflare
x-hubspot-correlation-id
f54747ff-88a2-42ba-9a0d-30eb08e7af9a
x-trace
2B5A4CEC093B0E174F124196D825797113DFAF0FCD000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://payments.ncr.com
access-control-max-age
3600
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
67e187d8dcbfd6b5-FRA
expires
Fri, 13 Aug 2021 11:17:20 GMT
gtm.js
www.googletagmanager.com/
148 KB
53 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P2KBNGQ
Requested by
Host: payments.ncr.com
URL: https://payments.ncr.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dcf93691199885af1cd15b7946cbeef24eb0ab6083d14a1b43b11fae0cec92de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:20 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54631
x-xss-protection
0
last-modified
Fri, 13 Aug 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 13 Aug 2021 11:16:20 GMT
wp-emoji-release.min.js
payments.ncr.com/wp-includes/js/
13 KB
5 KB
Script
General
Full URL
https://payments.ncr.com/wp-includes/js/wp-emoji-release.min.js?ver=5.2.11
Requested by
Host: payments.ncr.com
URL: https://payments.ncr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.137.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-137-166.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f04d3dd5603c6d02b1e77e3e89830a3a925fd9e576f70a319077d0648de8c7d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js?ver=5.2.11
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
payments.ncr.com
referer
https://payments.ncr.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Apr 2021 07:54:20 GMT
server
nginx
etag
W/"6077f12c-35bd"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=315360000
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-96363913-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
5985
date
Fri, 13 Aug 2021 09:36:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Fri, 13 Aug 2021 11:36:34 GMT
js
www.googletagmanager.com/gtag/
101 KB
40 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-62103607-4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-96363913-1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
18072410001a650380620c9904d578f5b9cf6ffd488d028c7cd50737747af2ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:20 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40945
x-xss-protection
0
last-modified
Fri, 13 Aug 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 13 Aug 2021 11:16:20 GMT
css
fonts.googleapis.com/
43 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Raleway:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Fira+Mono:500
Requested by
Host: payments.ncr.com
URL: https://payments.ncr.com/wp-content/themes/jetpay/build/app.703eb01b870b018641fe.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7028fec1080311caa427fc79f99a124ee18b44fe9bdfa5e1ef887c9b6916e0f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 13 Aug 2021 11:16:19 GMT
server
ESF
date
Fri, 13 Aug 2021 11:16:19 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 13 Aug 2021 11:16:19 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/
5 KB
2 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: payments.ncr.com
URL: https://payments.ncr.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28c::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6e6e6a03e72a528c28884b50bf296425667f38dd0aaf1dd17ce89199ffc85271

Request headers

Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 11:16:19 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 Jun 2021 01:25:13 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=49869
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2079
FRONTPAGE.jpg
payments.ncr.com/wp-content/uploads/2019/02/
Redirect Chain
  • https://www.jetpay.com/wp-content/uploads/2019/02/FRONTPAGE.jpg
  • https://payments.ncr.com/wp-content/uploads/2019/02/FRONTPAGE.jpg
86 KB
86 KB
Image
General
Full URL
https://payments.ncr.com/wp-content/uploads/2019/02/FRONTPAGE.jpg
Requested by
Host: payments.ncr.com
URL: https://payments.ncr.com/wp-content/uploads/elementor/css/post-29.css?ver=1601660084
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.137.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-137-166.compute-1.amazonaws.com
Software
nginx /
Resource Hash
5947942f9f299853d94b0ad82273e15b644b9b146590101e574db2984b14e422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/2019/02/FRONTPAGE.jpg
pragma
no-cache
cookie
_ga=GA1.2.919435309.1628853380; _gid=GA1.2.599506145.1628853380; _gat_gtag_UA_96363913_1=1; _gat_gtag_UA_62103607_4=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
payments.ncr.com
referer
https://payments.ncr.com/
:scheme
https
sec-fetch-site
cross-site
:method
GET
Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:20 GMT
x-content-type-options
nosniff
last-modified
Wed, 27 Feb 2019 01:36:24 GMT
server
nginx
etag
"5c75e998-15665"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
87653
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

location
https://payments.ncr.com:443/wp-content/uploads/2019/02/FRONTPAGE.jpg
date
Fri, 13 Aug 2021 11:16:20 GMT
server
awselb/2.0
content-length
134
content-type
text/html
cardhands.jpg
payments.ncr.com/wp-content/uploads/2019/02/
Redirect Chain
  • https://www.jetpay.com/wp-content/uploads/2019/02/cardhands.jpg
  • https://payments.ncr.com/wp-content/uploads/2019/02/cardhands.jpg
12 KB
13 KB
Image
General
Full URL
https://payments.ncr.com/wp-content/uploads/2019/02/cardhands.jpg
Requested by
Host: payments.ncr.com
URL: https://payments.ncr.com/wp-content/uploads/elementor/css/post-29.css?ver=1601660084
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.137.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-137-166.compute-1.amazonaws.com
Software
nginx /
Resource Hash
edf86b15e7112e7f4e3ef8362ca11175e2cbe6a6ac5e017320c0a9443620c0ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/2019/02/cardhands.jpg
pragma
no-cache
cookie
_ga=GA1.2.919435309.1628853380; _gid=GA1.2.599506145.1628853380; _gat_gtag_UA_96363913_1=1; _gat_gtag_UA_62103607_4=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
payments.ncr.com
referer
https://payments.ncr.com/
:scheme
https
sec-fetch-site
cross-site
:method
GET
Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:20 GMT
x-content-type-options
nosniff
last-modified
Wed, 27 Feb 2019 01:36:18 GMT
server
nginx
etag
"5c75e992-3193"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
12691
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

location
https://payments.ncr.com:443/wp-content/uploads/2019/02/cardhands.jpg
date
Fri, 13 Aug 2021 11:16:20 GMT
server
awselb/2.0
content-length
134
content-type
text/html
hrp.jpg
payments.ncr.com/wp-content/uploads/2019/02/
Redirect Chain
  • https://www.jetpay.com/wp-content/uploads/2019/02/hrp.jpg
  • https://payments.ncr.com/wp-content/uploads/2019/02/hrp.jpg
13 KB
13 KB
Image
General
Full URL
https://payments.ncr.com/wp-content/uploads/2019/02/hrp.jpg
Requested by
Host: payments.ncr.com
URL: https://payments.ncr.com/wp-content/uploads/elementor/css/post-29.css?ver=1601660084
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.137.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-137-166.compute-1.amazonaws.com
Software
nginx /
Resource Hash
de27356e5541377ec178dee65beb8c43fcff7415cc9c303ec13a67659a34e524
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/2019/02/hrp.jpg
pragma
no-cache
cookie
_ga=GA1.2.919435309.1628853380; _gid=GA1.2.599506145.1628853380; _gat_gtag_UA_96363913_1=1; _gat_gtag_UA_62103607_4=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
payments.ncr.com
referer
https://payments.ncr.com/
:scheme
https
sec-fetch-site
cross-site
:method
GET
Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:20 GMT
x-content-type-options
nosniff
last-modified
Wed, 27 Feb 2019 01:36:24 GMT
server
nginx
etag
"5c75e998-334b"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
13131
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

location
https://payments.ncr.com:443/wp-content/uploads/2019/02/hrp.jpg
date
Fri, 13 Aug 2021 11:16:20 GMT
server
awselb/2.0
content-length
134
content-type
text/html
govt.jpg
payments.ncr.com/wp-content/uploads/2019/02/
Redirect Chain
  • https://www.jetpay.com/wp-content/uploads/2019/02/govt.jpg
  • https://payments.ncr.com/wp-content/uploads/2019/02/govt.jpg
17 KB
17 KB
Image
General
Full URL
https://payments.ncr.com/wp-content/uploads/2019/02/govt.jpg
Requested by
Host: payments.ncr.com
URL: https://payments.ncr.com/wp-content/uploads/elementor/css/post-29.css?ver=1601660084
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.137.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-137-166.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f057676a2f9df41efb80b456d4bfffe6b3c8b836d1433231b0887e56921022b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/2019/02/govt.jpg
pragma
no-cache
cookie
_ga=GA1.2.919435309.1628853380; _gid=GA1.2.599506145.1628853380; _gat_gtag_UA_96363913_1=1; _gat_gtag_UA_62103607_4=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
payments.ncr.com
referer
https://payments.ncr.com/
:scheme
https
sec-fetch-site
cross-site
:method
GET
Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:20 GMT
x-content-type-options
nosniff
last-modified
Wed, 27 Feb 2019 01:36:24 GMT
server
nginx
etag
"5c75e998-4333"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
17203
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

location
https://payments.ncr.com:443/wp-content/uploads/2019/02/govt.jpg
date
Fri, 13 Aug 2021 11:16:20 GMT
server
awselb/2.0
content-length
134
content-type
text/html
partnership.jpg
payments.ncr.com/wp-content/uploads/2019/02/
Redirect Chain
  • https://www.jetpay.com/wp-content/uploads/2019/02/partnership.jpg
  • https://payments.ncr.com/wp-content/uploads/2019/02/partnership.jpg
13 KB
13 KB
Image
General
Full URL
https://payments.ncr.com/wp-content/uploads/2019/02/partnership.jpg
Requested by
Host: payments.ncr.com
URL: https://payments.ncr.com/wp-content/uploads/elementor/css/post-29.css?ver=1601660084
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.137.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-137-166.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a63ef15257f894b6cd091168924979fa2387890e0d92ac16509e2996fc16c791
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/2019/02/partnership.jpg
pragma
no-cache
cookie
_ga=GA1.2.919435309.1628853380; _gid=GA1.2.599506145.1628853380; _gat_gtag_UA_96363913_1=1; _gat_gtag_UA_62103607_4=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
payments.ncr.com
referer
https://payments.ncr.com/
:scheme
https
sec-fetch-site
cross-site
:method
GET
Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:20 GMT
x-content-type-options
nosniff
last-modified
Wed, 27 Feb 2019 01:36:24 GMT
server
nginx
etag
"5c75e998-3253"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
12883
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

location
https://payments.ncr.com:443/wp-content/uploads/2019/02/partnership.jpg
date
Fri, 13 Aug 2021 11:16:20 GMT
server
awselb/2.0
content-length
134
content-type
text/html
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v22/
46 KB
46 KB
Font
General
Full URL
https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Raleway:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Fira+Mono:500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://payments.ncr.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 21:18:35 GMT
x-content-type-options
nosniff
age
309464
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47312
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 19:40:30 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 Aug 2022 21:18:35 GMT
mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UNirkOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Raleway:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Fira+Mono:500
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://payments.ncr.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 00:29:56 GMT
x-content-type-options
nosniff
age
297984
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14956
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:23:40 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 00:29:56 GMT
fa-solid-900.woff2
pro.fontawesome.com/releases/v5.5.0/webfonts/
108 KB
109 KB
Font
General
Full URL
https://pro.fontawesome.com/releases/v5.5.0/webfonts/fa-solid-900.woff2
Requested by
Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.5.0/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88876fcd5eb71de865d889ea63df11b023ef1d1365124305c2708f61cbb04339

Request headers

Origin
https://payments.ncr.com
Referer
https://pro.fontawesome.com/releases/v5.5.0/css/all.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:20 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
age
3863629
cf-ray
67e187d8fa1c4309-FRA
content-length
110892
x-amz-id-2
tHcj/nnRQUy8jSAiESkeJepaUQnNCPh1CoC3miGMOwNfmyA2Dqj4alx5x0hcyx7gxFO0tHxq544=
last-modified
Mon, 28 Jun 2021 17:29:43 GMT
server
cloudflare
etag
"a265bbc20e40ae6e6b45e0b78ab08c41"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
KQ5JZTKMNC73GAG8
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Raleway:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Fira+Mono:500
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://payments.ncr.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 00:29:56 GMT
x-content-type-options
nosniff
age
297984
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:23:25 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 00:29:56 GMT
p-be350923.js
unpkg.com/ncr-acquisition-banner@0.0.1/dist/ncr-acquisition-banner/
8 KB
4 KB
Script
General
Full URL
https://unpkg.com/ncr-acquisition-banner@0.0.1/dist/ncr-acquisition-banner/p-be350923.js
Requested by
Host: payments.ncr.com
URL: https://payments.ncr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58369d6b15c39b051f6551685d39a3ea6e3fa2e7bfc7b72fb60397d2590e86f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://payments.ncr.com
Referer
https://unpkg.com/ncr-acquisition-banner@0.0.1/dist/ncr-acquisition-banner/ncr-acquisition-banner.esm.js
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:20 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
7200353
fly-request-id
01F690TR212VAY8QG244Y9YCZ2
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"20f7-NA2+dw1U30afEoor3q4jGo3Uq4M"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
67e187da3a00dfd7-FRA
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=903866&time=1628853380232&url=https%3A%2F%2Fpayments.ncr.com%2F
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D903866%26time%3D1628853380232%26url%3Dhttps%253A%252F%252Fpayments.ncr.com%252F%2...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=903866&time=1628853380232&url=https%3A%2F%2Fpayments.ncr.com%2F&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=903866&time=1628853380232&url=https%3A%2F%2Fpayments.ncr.com%2F&liSync=true&e_ipv6=AQIGP2rVA2xeEAAAAXs_OiaXt_KPzW6606QRY8ZKymYc2fpZxZnH1d4g1Ln1F-...
0
64 B
Image
General
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=903866&time=1628853380232&url=https%3A%2F%2Fpayments.ncr.com%2F&liSync=true&e_ipv6=AQIGP2rVA2xeEAAAAXs_OiaXt_KPzW6606QRY8ZKymYc2fpZxZnH1d4g1Ln1F-gc2lpgQCP3
Requested by
Host: payments.ncr.com
URL: https://payments.ncr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
108-174-10-14.fwd.linkedin.com
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:20 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
x-li-proto
http/2
x-li-pop
prod-edc2
content-type
application/javascript
content-length
0
x-li-uuid
I+pCF4XZmhbQNsHegSsAAA==

Redirect headers

date
Fri, 13 Aug 2021 11:16:20 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=903866&time=1628853380232&url=https%3A%2F%2Fpayments.ncr.com%2F&liSync=true&e_ipv6=AQIGP2rVA2xeEAAAAXs_OiaXt_KPzW6606QRY8ZKymYc2fpZxZnH1d4g1Ln1F-gc2lpgQCP3
x-li-proto
http/2
x-li-pop
prod-esv5
content-length
0
x-li-uuid
udwQDoXZmhbAQN6n6yoAAA==
968144c2-3db2-4799-9fb8-c7610283d682
forms.hsforms.com/embed/v3/form/2004225/
3 KB
2 KB
Script
General
Full URL
https://forms.hsforms.com/embed/v3/form/2004225/968144c2-3db2-4799-9fb8-c7610283d682?callback=hs_reqwest_0&hutk=
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e43fee7bdbfb114bfd5d2bd1f0178691fc452b92fdbf0616a70e82b5d50820cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-hubspot-correlation-id
428fcbab-638b-451a-8bb7-0bb6859f84c5
content-disposition
attachment; filename=no-rfd.txt
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server
cloudflare
x-trace
2B89BF59ECF4F6F96BE41E17F1F967712FD0155EE4000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
cf-ray
67e187dabe9c4309-FRA
JetPayMeeting.jpg
payments.ncr.com/wp-content/uploads/2019/02/
Redirect Chain
  • https://www.jetpay.com/wp-content/uploads/2019/02/JetPayMeeting.jpg
  • https://payments.ncr.com/wp-content/uploads/2019/02/JetPayMeeting.jpg
306 KB
306 KB
Image
General
Full URL
https://payments.ncr.com/wp-content/uploads/2019/02/JetPayMeeting.jpg
Requested by
Host: payments.ncr.com
URL: https://payments.ncr.com/wp-content/uploads/elementor/css/post-29.css?ver=1601660084
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.137.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-137-166.compute-1.amazonaws.com
Software
nginx /
Resource Hash
72151a99482b6477685150d22a5ab69abb33a4e3ac8423f9f99241338f544d18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/2019/02/JetPayMeeting.jpg
pragma
no-cache
cookie
_ga=GA1.2.919435309.1628853380; _gid=GA1.2.599506145.1628853380; _gat_gtag_UA_96363913_1=1; _gat_gtag_UA_62103607_4=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
payments.ncr.com
referer
https://payments.ncr.com/
:scheme
https
sec-fetch-site
cross-site
:method
GET
Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:20 GMT
x-content-type-options
nosniff
last-modified
Wed, 27 Feb 2019 01:36:29 GMT
server
nginx
etag
"5c75e99d-4c62d"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
312877
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

location
https://payments.ncr.com:443/wp-content/uploads/2019/02/JetPayMeeting.jpg
date
Fri, 13 Aug 2021 11:16:20 GMT
server
awselb/2.0
content-length
134
content-type
text/html
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Raleway:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Fira+Mono:500
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://payments.ncr.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 00:29:56 GMT
x-content-type-options
nosniff
age
297984
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15112
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:23:34 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 00:29:56 GMT
collect
www.google-analytics.com/j/
2 B
25 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1334827701&t=pageview&_s=1&dl=https%3A%2F%2Fpayments.ncr.com%2F&ul=en-us&de=UTF-8&dt=NCR%20Payments%20%7C%20Dedicated%20Payments%20Platform&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=884556713&gjid=512209867&cid=919435309.1628853380&tid=UA-96363913-1&_gid=599506145.1628853380&_r=1&gtm=2ou8b0&z=1293967131
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 Aug 2021 11:16:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://payments.ncr.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
1 B
24 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1334827701&t=pageview&_s=1&dl=https%3A%2F%2Fpayments.ncr.com%2F&ul=en-us&de=UTF-8&dt=NCR%20Payments%20%7C%20Dedicated%20Payments%20Platform&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=1333079683&gjid=796284010&cid=919435309.1628853380&tid=UA-62103607-4&_gid=599506145.1628853380&_r=1&gtm=2ou8b0&z=808894284
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 Aug 2021 11:16:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://payments.ncr.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
95acab41-97b5-418e-bb96-5d924119eec8
forms.hsforms.com/embed/v3/form/2004225/
7 KB
2 KB
Script
General
Full URL
https://forms.hsforms.com/embed/v3/form/2004225/95acab41-97b5-418e-bb96-5d924119eec8?callback=hs_reqwest_1&hutk=
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91fe6f1d904d41c0614ea503e870c3e7088ed7de3c001e90b3a9d6628c6f344b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-hubspot-correlation-id
b5c6db48-0b13-4c5b-88b0-6e35b53229e8
content-disposition
attachment; filename=no-rfd.txt
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server
cloudflare
x-trace
2BF411E0F65C4F81613A6B8B1B2EE8195BC2A073C7000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
cf-ray
67e187daff7a4309-FRA
1d95b4eb-7f1b-4017-895d-6e2551926fd5
forms.hsforms.com/embed/v3/form/2004225/
6 KB
2 KB
Script
General
Full URL
https://forms.hsforms.com/embed/v3/form/2004225/1d95b4eb-7f1b-4017-895d-6e2551926fd5?callback=hs_reqwest_2&hutk=
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
435e9e6777b02dcb8f28ee58ad7a769f3c74d9a8b461ac95b828321cf34ea7ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-hubspot-correlation-id
ac613b55-97dd-4a23-ad60-d34d350bb61e
content-disposition
attachment; filename=no-rfd.txt
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server
cloudflare
x-trace
2B311B05FDADF16EAA16A7D97754AFB1834811D231000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
cf-ray
67e187daff9e4309-FRA
bf7b5ffb-fb93-4792-98eb-4121badb0fe0
forms.hsforms.com/embed/v3/form/2004225/
6 KB
2 KB
Script
General
Full URL
https://forms.hsforms.com/embed/v3/form/2004225/bf7b5ffb-fb93-4792-98eb-4121badb0fe0?callback=hs_reqwest_3&hutk=
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47478147fd39d147e88f5d4e63814eaf8d9d4dd3c0d95ab5b19a379e6c0b82a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-hubspot-correlation-id
1a8e8048-5c3b-4e04-a815-6762f71cebda
content-disposition
attachment; filename=no-rfd.txt
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server
cloudflare
x-trace
2BFCDE32C7574B9F1DCBDE39A7AADD52FECD2E51C9000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
cf-ray
67e187db0fd24309-FRA
collect
stats.g.doubleclick.net/j/
4 B
88 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-96363913-1&cid=919435309.1628853380&jid=884556713&gjid=512209867&_gid=599506145.1628853380&_u=YEBAAUAAAAAAAC~&z=1918751664
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 13 Aug 2021 11:16:20 GMT
content-type
text/plain
access-control-allow-origin
https://payments.ncr.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
PolygonBackgroundsRGB-02.svg
cdn2.hubspot.net/hubfs/2004225/
36 KB
14 KB
Image
General
Full URL
https://cdn2.hubspot.net/hubfs/2004225/PolygonBackgroundsRGB-02.svg
Requested by
Host: payments.ncr.com
URL: https://payments.ncr.com/wp-content/themes/jetpay/build/app.703eb01b870b018641fe.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ffa141c254871fe3cafc82eebb7a76e234fd70f72faaff6eaed7955e9f986ac

Request headers

Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-methods
GET
date
Fri, 13 Aug 2021 11:16:20 GMT
via
1.1 3dd91613764eafe7ad199013ce202443.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag
F-7398079384,P-2004225,FLS-ALL
age
1814304
edge-cache-tag
F-7398079384,P-2004225,FLS-ALL
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
content-encoding
br
x-amz-request-id
3NBPZABXS9HVXP18
x-amz-id-2
0q/5OWLoytVSoKpbXF57s0v7H0KiFWb8GmybDXbakcrgNcbjLOTsLdlRHo+Wa70iEz5RdpqIJ7Y=
last-modified
Mon, 04 Feb 2019 05:29:07 GMT
server
cloudflare
etag
W/"568f313afd5d03c3a366b4555a6dd2f6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FqW9mCA4SH0zEb8Fmxpjs%2BiBx7lEwpotYWU2FanWfUm8LIagzDmFP0miuWGb1TvHH7uhRsu7CLMPHL6ys3xS1yNkgzJbwp2PVyZ9xENXo9a6KGoPDB3BwiAXr2WQgaQLdhs64rcOLCjLSu5c64o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id
B87HXHWke5XLGB6pSVGpC7t5D9b60jZm
x-amz-cf-pop
FRA56-C1
cf-ray
67e187db4aad4327-FRA
x-amz-cf-id
pvaiUhrAa_ManzUBo3OTcHDAu_z2fameqro6AHTQaRWbycNQMKEG1w==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
fa-light-300.woff2
pro.fontawesome.com/releases/v5.5.0/webfonts/
142 KB
143 KB
Font
General
Full URL
https://pro.fontawesome.com/releases/v5.5.0/webfonts/fa-light-300.woff2
Requested by
Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.5.0/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
448f45a0ba44410ee2f4a475d56719fd1531dcd274876d8e3ef96b4cf01125e1

Request headers

Origin
https://payments.ncr.com
Referer
https://pro.fontawesome.com/releases/v5.5.0/css/all.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:20 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
age
3863627
cf-ray
67e187dbb9dc4309-FRA
content-length
145656
x-amz-id-2
yd+0RRuRI4Erf9drLSigU88hpR9pfNV8HiIBuP8ACNjZ3Z7gJrO+oep8PC+b4wVTm46TNjwaOc4=
last-modified
Mon, 28 Jun 2021 17:29:43 GMT
server
cloudflare
etag
"b076f7ccd174eeb6ea55b9857c50f37c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
40RKTZTSGR1FF8HQ
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
fa-regular-400.woff2
pro.fontawesome.com/releases/v5.5.0/webfonts/
132 KB
133 KB
Font
General
Full URL
https://pro.fontawesome.com/releases/v5.5.0/webfonts/fa-regular-400.woff2
Requested by
Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.5.0/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee41bc0e3059351bcca7313fe1d7f9053a164ba2f2e1df3df39260217298a03b

Request headers

Origin
https://payments.ncr.com
Referer
https://pro.fontawesome.com/releases/v5.5.0/css/all.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:20 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
age
1830599
cf-ray
67e187dbb9e04309-FRA
content-length
135488
x-amz-id-2
AHUo/zzxwiPE6F3ivu6zxaYTTn5WMPrFeS//hqZUFiECQt3ylr6NzgEKbwNgMoag0pTnqNu3A0Y=
last-modified
Mon, 28 Jun 2021 17:29:43 GMT
server
cloudflare
etag
"8b13141deffa0a1d715d14a470aea6de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
NCGRF6Y8RBPJDTZT
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-96363913-1&cid=919435309.1628853380&jid=884556713&_u=YEBAAUAAAAAAAC~&z=1410461553
Requested by
Host: payments.ncr.com
URL: https://payments.ncr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Aug 2021 11:16:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-96363913-1&cid=919435309.1628853380&jid=884556713&_u=YEBAAUAAAAAAAC~&z=1410461553
Requested by
Host: payments.ncr.com
URL: https://payments.ncr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Aug 2021 11:16:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2004225.js
js.hs-analytics.net/analytics/1628853300000/
64 KB
20 KB
Script
General
Full URL
https://js.hs-analytics.net/analytics/1628853300000/2004225.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2004225.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:45b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ebeb739a0c8f80a684598fa2ba1dd46ded2bc4b0ab1b2997ee08296fa7307b3

Request headers

Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:20 GMT
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
PEE8GYE4NFDCY5GC
x-amz-server-side-encryption
AES256
cf-ray
67e187dc2e0f4e14-FRA
x-amz-id-2
khh1LRv134YxO2609E6EbrWa5jOgXPIdYVWvGWB1Jjm/8oyWBMAsfsmzC/vKD4tEkmLuayb5IN0=
last-modified
Mon, 19 Jul 2021 14:18:57 GMT
server
cloudflare
etag
W/"e90bb978626281448c47ffcb3aa7e244"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
null
cache-control
max-age=300, public
access-control-allow-credentials
false
content-type
text/javascript
expires
Fri, 13 Aug 2021 11:21:20 GMT
fb.js
js.hsadspixel.net/
6 KB
3 KB
Script
General
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2004225.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:70b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61804551df4850738aa4af379b154e46c0bcb9c200a2d2dc5e845ee702948c19

Request headers

Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:20 GMT
via
1.1 8d6071bd169bbf5fd46638140132b1d1.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
34
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.240/bundles/pixels-release.js&cfRay=67e187052e854e9e-EWR
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-replication-status
COMPLETED
content-encoding
br
last-modified
Tue, 10 Aug 2021 02:40:31 UTC
server
cloudflare
etag
W/"8ee0488507384d951abdd5a2c4850b8f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
CrG.3GFsy7oo.WK92RlW399Ge142Cqti
cache-control
max-age=600
x-hs-cache-status
EXPIRED
x-amz-cf-pop
IAD89-C3
cf-ray
67e187dc2b9b4e6e-FRA
x-amz-cf-id
44jXh39lUFa5IE6bDtbTml_t9GqJz3dF7oOxLspDAKpS3QPSJaE83w==
x-hs-target-asset
adsscriptloaderstatic/static-1.240/bundles/pixels-release.js
2004225.js
js.hs-banner.com/
60 KB
16 KB
Script
General
Full URL
https://js.hs-banner.com/2004225.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2004225.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22b70ffa341025f60938a9bf2318a603e4443f2208cd48f1f6bb4d4b7bd04b6d

Request headers

Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:20 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
9BWNB2JV2R76N9EW
x-amz-server-side-encryption
AES256
content-type
text/javascript; charset=UTF-8
access-control-max-age
604800
x-amz-id-2
QoCnOZWE3kzCg/FsC4J4+5YETho4rlJb6ZgZJJF1DK0oyXJMLfxZ6jCiN0Lnpblj/JRanpv+7Ic=
timing-allow-origin
*
last-modified
Wed, 14 Jul 2021 14:28:04 GMT
server
cloudflare
etag
W/"15b468f6efa09d9fceea958fff553f6f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id
n1B8EhSkutmi9WIhHKh5jzpGcCAl9rpu
access-control-allow-origin
https://payments.ncr.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
cf-ray
67e187dc29014ac2-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires
Fri, 13 Aug 2021 11:21:20 GMT
mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
fonts.gstatic.com/s/opensans/v23/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Raleway:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Fira+Mono:500
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f7216d2f53a731d9749077c22e15cfb38bcdc40806511ccf736f440c7569d64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://payments.ncr.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 00:33:02 GMT
x-content-type-options
nosniff
age
297798
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14992
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:22:57 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 00:33:02 GMT
__ptq.gif
track.hubspot.com/
45 B
358 B
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=15&fi=968144c2-3db2-4799-9fb8-c7610283d682&fci=bd09f94d-137c-4a20-a8c6-02f90a42f3b9&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=2004225&rcu=https%3A%2F%2Fpayments.ncr.com%2F&pu=https%3A%2F%2Fpayments.ncr.com%2F&t=NCR+Payments+%7C+Dedicated+Payments+Platform&cts=1628853381040&vi=1e704b9a073246e40405c222919fe526&nc=true&ce=false&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:21 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
7ea44fac-c0d3-476a-91a6-a0ffc38a50cc
cf-ray
67e187dfba3ed6b5-FRA
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iCPJPUDNZGJZh3QPP%2FR%2BQdzER%2FxBSsdOqG0hZhV833dJRq6GKkouISb1Wt5wUwvAlurlaOs33zHvZrONQ2ovNF7wEqT8Q2NpNyhzfYVEjHxxLc2tjen4mBHeLmf5QqXdm8wS0GPQWJ90bLAANSBJ"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
__ptq.gif
track.hubspot.com/
45 B
359 B
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=15&fi=95acab41-97b5-418e-bb96-5d924119eec8&fci=73e180c7-f516-4ac3-949c-4cee008e5284&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=2004225&rcu=https%3A%2F%2Fpayments.ncr.com%2F&pu=https%3A%2F%2Fpayments.ncr.com%2F&t=NCR+Payments+%7C+Dedicated+Payments+Platform&cts=1628853381046&vi=1e704b9a073246e40405c222919fe526&nc=true&ce=false&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:21 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
e5381b38-89fb-4e03-ae36-c5a4d7e9551e
cf-ray
67e187dfba42d6b5-FRA
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kh6xZRbHbfQ1Vf3GKGEAmrV8GVClSZkvLg3q6AnX6RM6r%2FjU7b4MIHND3ZrEG6bP7QWKoodOxjGzoT0ULYmVbPbAaSYXH85FPFLd%2BXQ8gGfXZNlMrMSjl7xq7fF%2BBxI9pGveut9t14CFjcVXaF0R"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
__ptq.gif
track.hubspot.com/
45 B
796 B
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=15&fi=1d95b4eb-7f1b-4017-895d-6e2551926fd5&fci=9a413d3e-927c-4d3c-a62a-152aa4605361&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=2004225&rcu=https%3A%2F%2Fpayments.ncr.com%2F&pu=https%3A%2F%2Fpayments.ncr.com%2F&t=NCR+Payments+%7C+Dedicated+Payments+Platform&cts=1628853381050&vi=1e704b9a073246e40405c222919fe526&nc=true&ce=false&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:21 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
e13bcf9b-f293-4012-81cc-045c93614788
cf-ray
67e187dfba44d6b5-FRA
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4C2MvV6%2FRUFP4zaaQtP3LgOOCW8U84BcWbRcXUYb2Z81155nZaVYWbx2Pv46z6MK928Mg1jgrGBnxgmTDHy%2Bo0mV6plfOqy3tbDuXcFftbqKTAibs4pv0EI9ko2SDuQmEpPeFBNsP4QDrQ4Q7Zig"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
__ptq.gif
track.hubspot.com/
45 B
362 B
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=15&fi=bf7b5ffb-fb93-4792-98eb-4121badb0fe0&fci=ba4ed416-1648-4700-8514-96b428675f31&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=2004225&rcu=https%3A%2F%2Fpayments.ncr.com%2F&pu=https%3A%2F%2Fpayments.ncr.com%2F&t=NCR+Payments+%7C+Dedicated+Payments+Platform&cts=1628853381052&vi=1e704b9a073246e40405c222919fe526&nc=true&ce=false&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:21 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
1c393cf3-819e-422a-921b-f26cd7c95f5e
cf-ray
67e187dfba46d6b5-FRA
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1wUeBniWD70IBkIvovhogBRm93cIXE9%2Bz02m9j6Qd%2FOOaYoAHBZX9qFR%2FJHYoxfXcm97Q2B97UhE5CZvJ%2FdAACmJa0OXFnTqhJyIw8JWcrkTizLigzTCpgqAN%2F3mKZuPLy5cX27c%2B7mlxwmRO54D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
__ptq.gif
track.hubspot.com/
45 B
359 B
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=2004225&rcu=https%3A%2F%2Fpayments.ncr.com%2F&pu=https%3A%2F%2Fpayments.ncr.com%2F&t=NCR+Payments+%7C+Dedicated+Payments+Platform&cts=1628853381053&vi=1e704b9a073246e40405c222919fe526&nc=true&ce=false&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:21 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
b327402a-851c-4cbd-ab62-1bd482e06235
cf-ray
67e187dfba47d6b5-FRA
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yvqXowm7ZfPbTyw1SRPR86UnbFe1YjGkvOZnsz26WsQYodP05JTW%2BeuG3ee61rxEEZJgx4j%2FGDaUsb%2BPNimRXFInGoj3rodUK8RM1TM%2BgD%2FQwsyDOSP3PHGAHb73f7cQdd9uQg9scoxwPYumuU5s"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
json
api.hubapi.com/hs-script-loader-public/v1/config/pixel/
139 B
966 B
XHR
General
Full URL
https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=2004225
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c9cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
694cb89cd233607b346fd5717fec439e8f4ddae0c7f5c745e10dab019e6c5dd1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:21 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
4b7ff8c3-542b-4cda-b75c-fb28437922aa
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server
cloudflare
x-trace
2B189CBABC5A656487EDCCE051D9740ECE8C2F267B000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xxpdhEUdJH2HLrqKR31I%2BB6N6KXHYt2xk1yxpCclrOAhvEOB0P6JD8xS5gwq5pS6rCQnVz264KQZbpm0id4zA8c9lSRV%2FKJMin9EUdIUJtAKoG2gaSZAnAF8d63V%2BVX6dMiC3SkiOdlQxMxg"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=utf-8
access-control-allow-origin
https://payments.ncr.com
access-control-allow-credentials
false
cf-ray
67e187dfb8804e67-FRA
access-control-allow-headers
*
fbevents.js
connect.facebook.net/en_US/
98 KB
25 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25944
x-xss-protection
0
pragma
public
x-fb-debug
J2Hm9lpXFG0nEeXkMMmBE7A8qEHaf93ofGOqkKimk853tWbT+EcbOV7ha3Ll1HiO2SIrv3Na+DT5RBUud1wrpw==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
date
Fri, 13 Aug 2021 11:16:21 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/
5 KB
2 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28c::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6e6e6a03e72a528c28884b50bf296425667f38dd0aaf1dd17ce89199ffc85271

Request headers

Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 11:16:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 Jun 2021 01:25:13 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=49867
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2079
identity.js
connect.facebook.net/signals/plugins/
11 KB
5 KB
Script
General
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
4673
x-xss-protection
0
pragma
public
x-fb-debug
PLPfDcGlIIcL2BDt+8wGJWjhHzL78iAQ28UGVRqdPdhQ5ca1D2AXZuygCv4/labNCsFCKWMvNvowDnHoLI+Biw==
x-frame-options
DENY
date
Fri, 13 Aug 2021 11:16:21 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
1004222889767748
connect.facebook.net/signals/config/
253 KB
72 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1004222889767748?v=2.9.44&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
03744fbda8b1a45baa4499ea7ad24f4750c7260ac9b76d65f7c3fbf520f09c07
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
L0MKmGeqxsmdfSrUufCtBSQvzKxdAB+6Lsz6poBmEILHwG0TulJElMLYBc2asR4ArqoX81GJ/LLZJqprZANNsQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 13 Aug 2021 11:16:21 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
44 B
147 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1004222889767748&ev=PageView&dl=https%3A%2F%2Fpayments.ncr.com%2F&rl=&if=false&ts=1628853381916&sw=1600&sh=1200&ud[external_id]=1e704b9a073246e40405c222919fe526&v=2.9.44&r=stable&a=tmhubspot&ec=0&o=30&fbp=fb.1.1628853381915.604617033&it=1628853381760&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 11:16:21 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 13 Aug 2021 11:16:21 GMT
/
www.facebook.com/tr/
0
18 B
Ping
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://payments.ncr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary2cPYWM7cG9ar7jY0

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Fri, 13 Aug 2021 11:16:22 GMT
content-type
text/plain
access-control-allow-origin
https://payments.ncr.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| dataLayer function| gtag object| _wpemojiSettings object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga undefined| $ function| jQuery string| _linkedin_partner_id object| _linkedin_data_partner_ids function| lintrk boolean| _already_called_lintrk function| bindToWindowOnError object| globalRoot function| hns object| hubspot object| hbspt object| __hsRoot object| hspreserve undefined| React undefined| reqwest function| OutpostErrorReporter undefined| Pikaday function| hns2 function| hmerge undefined| I18n undefined| ReactDOM undefined| require undefined| requirejs undefined| define undefined| exports undefined| module undefined| bootstrap object| HSFR object| _hsq function| hs_reqwest_0 object| gaplugins object| gaGlobal object| gaData object| twemoji object| wp function| hs_reqwest_1 function| hs_reqwest_2 function| hs_reqwest_3 string| _linkedin_data_partner_id object| wpMenu string| wpFormEntryResponse string| wpPostType string| wpPageTitle string| wpId string| wpSite string| wpFormId object| ElementorProFrontendConfig object| elementorFrontendConfig function| __sc_import_ncr_acquisition_banner function| setImmediate function| clearImmediate function| _ object| vue object| elementorModules function| Sticky object| jQuery1124016823877871441018 object| elementorProFrontend object| DialogsManager function| Waypoint function| Swiper object| elementorFrontend object| _hsp boolean| PIXELS_RAN object| _paq function| sanitizeKey boolean| _hstc_loaded boolean| _hspb_loaded boolean| _hstc_ran string| __hsUserToken number| expireDateTime boolean| _hspb_ran function| fbq function| _fbq

8 Cookies

Domain/Path Name / Value
.ncr.com/ Name: __hssrc
Value: 1
.ncr.com/ Name: hubspotutk
Value: 1e704b9a073246e40405c222919fe526
.ncr.com/ Name: __hstc
Value: 106540956.1e704b9a073246e40405c222919fe526.1628853381034.1628853381034.1628853381034.1
.ncr.com/ Name: _gat_gtag_UA_62103607_4
Value: 1
.ncr.com/ Name: __hssc
Value: 106540956.1.1628853381034
.ncr.com/ Name: _gid
Value: GA1.2.599506145.1628853380
.ncr.com/ Name: _gat_gtag_UA_96363913_1
Value: 1
.ncr.com/ Name: _ga
Value: GA1.2.919435309.1628853380

5 Console Messages

Source Level URL
Text
console-api log URL: https://payments.ncr.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1
console-api log URL: https://payments.ncr.com/wp-content/themes/jetpay/build/appbundle.869cf794.js(Line 1)
Message:
parents: [object Object]
console-api log URL: https://payments.ncr.com/wp-content/themes/jetpay/build/appbundle.869cf794.js(Line 1)
Message:
children: [object Object]
console-api log URL: https://payments.ncr.com/wp-content/themes/jetpay/build/appbundle.869cf794.js(Line 1)
Message:
common
console-api log URL: https://payments.ncr.com/wp-content/themes/jetpay/build/appbundle.869cf794.js(Line 1)
Message:
home

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubapi.com
cdn2.hubspot.net
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
jetpay.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hsforms.net
payments.ncr.com
pro.fontawesome.com
px.ads.linkedin.com
px4.ads.linkedin.com
snap.licdn.com
stats.g.doubleclick.net
track.hubspot.com
unpkg.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.jetpay.com
www.linkedin.com
108.174.10.14
2606:4700::6810:5505
2606:4700::6810:7aaf
2606:4700::6811:45b0
2606:4700::6811:70b0
2606:4700::6811:b849
2606:4700::6811:c9cc
2606:4700::6811:d5cc
2606:4700::6811:f3cc
2606:4700::6812:14bf
2606:4700::6812:1634
2606:4700::6813:9a53
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:812::2004
2a00:1450:4001:812::200e
2a00:1450:4001:827::2008
2a00:1450:4001:830::2003
2a00:1450:4001:830::200a
2a00:1450:4001:831::2003
2a00:1450:400c:c08::9d
2a02:26f0:6c00:28c::25ea
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f145:82:face:b00c:0:25de
3.208.137.166
52.71.63.84
54.85.165.246
03744fbda8b1a45baa4499ea7ad24f4750c7260ac9b76d65f7c3fbf520f09c07
0ce51090b148a45a0e3d652719ed6ef7f1a38e5d272dbf874f86a49664e897a3
0e4c929fd79e8edff6b17067753d1f9a59e2770258c80e535a662ce871ba0465
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
18072410001a650380620c9904d578f5b9cf6ffd488d028c7cd50737747af2ee
19ef96421bedd477b0c56c641ce0678208710f70e265f7524c9a3d9f02f57476
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
216295e0b9bb543ef899bb5b93ae58ad7f162b819b4bee211c6def5530ae215b
226493c7f7a033b43e24d0ce2115ef8d2be36fe6de4dbf6a3cbba6dca53be7c3
22b70ffa341025f60938a9bf2318a603e4443f2208cd48f1f6bb4d4b7bd04b6d
2a618868c33965ca18cd39434e87fd5c9d6069a3af3c98487409266c45bff9d3
3b1a8f3b6f90faae30e65739ef166d60336c68e163c07e7f8a2a9df624493944
3b4cfe724d0ef7840099ced8aa63bee82833a04358b8102a2b0df13ee7b98655
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
435e9e6777b02dcb8f28ee58ad7a769f3c74d9a8b461ac95b828321cf34ea7ae
448f45a0ba44410ee2f4a475d56719fd1531dcd274876d8e3ef96b4cf01125e1
47478147fd39d147e88f5d4e63814eaf8d9d4dd3c0d95ab5b19a379e6c0b82a8
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4ebeb739a0c8f80a684598fa2ba1dd46ded2bc4b0ab1b2997ee08296fa7307b3
4f5561bf2fa5bf44ac3f148280075f8c6b2115163b34d94935fa66b10f785798
508191fb54ef758c953e53918a3e817c499cfb642fa92b48d053db9456b467e6
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
58369d6b15c39b051f6551685d39a3ea6e3fa2e7bfc7b72fb60397d2590e86f6
5947942f9f299853d94b0ad82273e15b644b9b146590101e574db2984b14e422
5c79dae1b6d0257181db1c63247545e2ccdd1e731f44379287c68be10bd9631a
61804551df4850738aa4af379b154e46c0bcb9c200a2d2dc5e845ee702948c19
694cb89cd233607b346fd5717fec439e8f4ddae0c7f5c745e10dab019e6c5dd1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e6e6a03e72a528c28884b50bf296425667f38dd0aaf1dd17ce89199ffc85271
6f642e4c27cb7fadcbba9872d65804d85409da6f47269bd25ebc75e93cd445a1
6ffa141c254871fe3cafc82eebb7a76e234fd70f72faaff6eaed7955e9f986ac
7028fec1080311caa427fc79f99a124ee18b44fe9bdfa5e1ef887c9b6916e0f5
72151a99482b6477685150d22a5ab69abb33a4e3ac8423f9f99241338f544d18
765d1654297c8d730165fbe731eca09c1d3e6efaa9e7006aaa567c5a2f7994ba
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84f1fabceac49962479ab2c7d63e0a744059976e5a15e31214ae1c00b2c738a1
857c89b90bea6b75f04b6cc7b659594ea58b72724f1c6dde3955c958d4627245
88876fcd5eb71de865d889ea63df11b023ef1d1365124305c2708f61cbb04339
91fe6f1d904d41c0614ea503e870c3e7088ed7de3c001e90b3a9d6628c6f344b
9f7216d2f53a731d9749077c22e15cfb38bcdc40806511ccf736f440c7569d64
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a63ef15257f894b6cd091168924979fa2387890e0d92ac16509e2996fc16c791
b03898672d84cf2362e40d6459d9ade748ecd338ffbeeee256e07630bd07e48c
b67f6ac26438a2c97721a0309c1f8d5a69699f2dfa5419e917e2310a76f70b2c
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b
c5621e8777b989c71259b0ea933265998d7f0c751a867b3c77dbd76a30e8a83c
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcf93691199885af1cd15b7946cbeef24eb0ab6083d14a1b43b11fae0cec92de
dd217155c2287724b9f110e8715e8a9cea927770511a8e75b2aadc5afc34ec94
de27356e5541377ec178dee65beb8c43fcff7415cc9c303ec13a67659a34e524
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df53c272c23b5f3c4079b546de8f58ef60a84fda740ae64703d8072aaea3840f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43fee7bdbfb114bfd5d2bd1f0178691fc452b92fdbf0616a70e82b5d50820cd
e52a23f52b385ea77d260c3534a0cc1a4aa78e43610669df602be6a0453ce998
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
eab347af732bc8b6dff914e54ff3e5dec6a84e8aa8315c2f9b64c17978f80fae
edf86b15e7112e7f4e3ef8362ca11175e2cbe6a6ac5e017320c0a9443620c0ee
ee41bc0e3059351bcca7313fe1d7f9053a164ba2f2e1df3df39260217298a03b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04d3dd5603c6d02b1e77e3e89830a3a925fd9e576f70a319077d0648de8c7d4
f057676a2f9df41efb80b456d4bfffe6b3c8b836d1433231b0887e56921022b1
f859096ae2b753f5d7fec25ac5d59f567eeee8279ba6d42fe36c9f662e32ee51
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c