Submitted URL: http://desdemonapay.com/
Effective URL: https://www.desdemonapay.com/
Submission: On April 30 via api from US

Summary

This website contacted 15 IPs in 3 countries across 11 domains to perform 35 HTTP transactions. The main IP is 2606:4700:3035::6815:568c, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.desdemonapay.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 20th 2020. Valid for: a year.
This is the only time www.desdemonapay.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 4 2606:4700:303... 13335 (CLOUDFLAR...)
2 99.84.144.20 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:210... 16509 (AMAZON-02)
1 51.105.195.14 8075 (MICROSOFT...)
1 1 104.18.72.113 13335 (CLOUDFLAR...)
11 104.18.70.113 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 99.84.155.146 16509 (AMAZON-02)
1 23.22.247.80 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 104.16.51.111 13335 (CLOUDFLAR...)
35 15
Domain Requested by
10 static.zdassets.com www.desdemonapay.com
assets.zendesk.com
static.zdassets.com
7 fonts.gstatic.com fonts.googleapis.com
2 helpsupporthub.zendesk.com assets.zendesk.com
static.zdassets.com
2 d9hhrg4mnvzow.cloudfront.net www.desdemonapay.com
2 d34qb8suadcc4g.cloudfront.net www.desdemonapay.com
d34qb8suadcc4g.cloudfront.net
2 builder-assets.unbounce.com www.desdemonapay.com
2 www.desdemonapay.com www.desdemonapay.com
2 desdemonapay.com 2 redirects
1 ekr.zdassets.com assets.zendesk.com
1 events.ub-analytics.com www.desdemonapay.com
1 maxcdn.bootstrapcdn.com tickets.hubpeople.com
1 code.jquery.com tickets.hubpeople.com
1 fonts.googleapis.com builder-assets.unbounce.com
1 assets.zendesk.com 1 redirects
1 tickets.hubpeople.com www.desdemonapay.com
1 ajax.googleapis.com www.desdemonapay.com
35 16

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-08-20 -
2021-08-20
a year crt.sh
*.unbounce.com
Amazon
2021-03-10 -
2022-04-08
a year crt.sh
upload.video.google.com
GTS CA 1O1
2021-03-23 -
2021-06-15
3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2
2021-02-22 -
2022-02-21
a year crt.sh
*.hubpeople.com
RapidSSL RSA CA 2018
2020-03-09 -
2021-06-08
a year crt.sh
ssl911790.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2021-04-07 -
2021-10-14
6 months crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA
2020-10-06 -
2021-10-16
a year crt.sh
*.ub-analytics.com
Amazon
2020-06-08 -
2021-07-08
a year crt.sh
*.gstatic.com
GTS CA 1C3
2021-04-13 -
2021-07-06
3 months crt.sh
helpsupporthub.zendesk.com
Cloudflare Inc ECC CA-3
2020-07-20 -
2021-07-20
a year crt.sh

This page contains 4 frames:

Primary Page: https://www.desdemonapay.com/
Frame ID: BE42A81B7C41C2188F953257E4FE1A8B
Requests: 20 HTTP requests in this frame

Frame: https://tickets.hubpeople.com/CreateTicketUnreg.aspx?siteId=1
Frame ID: 67D789943B475BCCE6C2BB6EDEA85BA7
Requests: 3 HTTP requests in this frame

Frame: https://static.zdassets.com/ekr/asset_composer.js
Frame ID: F5CA9EB52ED2FA6FF1BB2B8E630ECF75
Requests: 3 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/preload.9a14237b65d299e5c585.js
Frame ID: B9D228E7A9621E72DAF54D303EFB9EF2
Requests: 10 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://desdemonapay.com/ HTTP 301
    https://www.desdemonapay.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

35
Requests

97 %
HTTPS

53 %
IPv6

11
Domains

16
Subdomains

15
IPs

3
Countries

935 kB
Transfer

3212 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://desdemonapay.com/ HTTP 301
    https://www.desdemonapay.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://desdemonapay.com/js/jquery.cookie.js HTTP 301
  • https://www.desdemonapay.com/
Request Chain 7
  • https://assets.zendesk.com/embeddable_framework/main.js HTTP 301
  • https://static.zdassets.com/ekr/asset_composer.js

35 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.desdemonapay.com/
Redirect Chain
  • http://desdemonapay.com/
  • https://www.desdemonapay.com/
73 KB
10 KB
Document
General
Full URL
https://www.desdemonapay.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:568c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c19ec28881bb4fc041df4c8c2c27e5383dbdaf7114ec9b77cee3c2e897d547b

Request headers

:method
GET
:authority
www.desdemonapay.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 30 Apr 2021 08:22:26 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d7b2f9139737141a637b54044ffedf11f1619770946; expires=Sun, 30-May-21 08:22:26 GMT; path=/; domain=.desdemonapay.com; HttpOnly; SameSite=Lax; Secure ubpv=a%2C0eae7143-ecf9-421d-bad1-f53cd82d49ab; Max-Age=15897600; Expires=Sun, 31 Oct 2021 08:22:26 GMT; Path=/; SameSite=Lax ubvs=b15a430d-2b48-402b-aaa5-564b94af17a0; Max-Age=15552000; Expires=Wed, 27 Oct 2021 08:22:26 GMT; Path=/; SameSite=Lax ubvt=b15a430d-2b48-402b-aaa5-564b94af17a0; Max-Age=259200; Expires=Mon, 03 May 2021 08:22:26 GMT; Path=/; Domain=desdemonapay.com; SameSite=Lax
p3p
CP="This is not a privacy policy."
x-unbounce-pageid
0eae7143-ecf9-421d-bad1-f53cd82d49ab
last-modified
Wed, 17 Feb 2021 10:05:32 GMT
x-unbounce-visitorid
b15a430d-2b48-402b-aaa5-564b94af17a0
x-unbounce-variant
a
content-location
https://www.desdemonapay.com/
link
<https://www.desdemonapay.com/>; rel="canonical"
x-proxy-backend
page-server
cf-cache-status
DYNAMIC
cf-request-id
09c3784ab6000017729539f000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=suDvxwrN73%2BY4CufsgDp1THWsdW2z5f5z8fC6%2BD9nwOK9jw8VgcKYPX6ND87DpSm9p8LzHlBquuLdY%2FLdeM22fFGCHHXYfeBZdNfetWWc0ZYmDVCHUkljYgbhq4VWoMMEg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
cf-ray
647f5cbdecfd1772-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date
Fri, 30 Apr 2021 08:22:26 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Fri, 30 Apr 2021 09:22:26 GMT
Location
https://www.desdemonapay.com
cf-request-id
09c3784a8900002b95aba4c000000001
Report-To
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=twGxznu%2BfkDI8%2F%2BX37pO%2BDS1u3oKAKJOKBgvT1kDnzfcvzhaUU96LGsErpreNYhIM%2BGzJ9cCpJ0C6BdwODIynGfVB9wxazcEONH4xaX8M%2Fkvk%2BmKhpgbGuK9Hxa%2F"}],"max_age":604800}
NEL
{"max_age":604800,"report_to":"cf-nel"}
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
647f5cbdacbb2b95-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
main-7b78720.z.css
builder-assets.unbounce.com/published-css/
15 KB
3 KB
Stylesheet
General
Full URL
https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by
Host: www.desdemonapay.com
URL: https://www.desdemonapay.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.144.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-144-20.txl52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

Referer
https://www.desdemonapay.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 05 Feb 2021 01:12:18 GMT
content-encoding
gzip
last-modified
Thu, 14 Jan 2021 00:04:15 GMT
server
AmazonS3
age
7283409
etag
"387bd017c5b4c65e427e652174ec93b6"
x-cache
Hit from cloudfront
x-amz-version-id
g0dWGVKuz6Te2m6gM.NTNKySvNlc4fV3
via
1.1 f66aaf2d9f6a8e65595a1e24d5f18bcd.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
TXL52-C1
accept-ranges
bytes
content-type
text/css
content-length
2902
x-amz-cf-id
_iqLv18H9tAV-2JGeU5raSxu5ZlGmWRd8UKk4CYYS2-kZZDHpJ-aqg==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.0/
94 KB
94 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Requested by
Host: www.desdemonapay.com
URL: https://www.desdemonapay.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.desdemonapay.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 28 Apr 2021 15:08:17 GMT
x-content-type-options
nosniff
age
148449
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
96381
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Apr 2022 15:08:17 GMT
/
www.desdemonapay.com/
Redirect Chain
  • https://desdemonapay.com/js/jquery.cookie.js
  • https://www.desdemonapay.com/
73 KB
9 KB
Script
General
Full URL
https://www.desdemonapay.com/
Requested by
Host: www.desdemonapay.com
URL: https://www.desdemonapay.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:568c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23f4c80991f1f5510d9fe48414ae48f8a1a59f3a60a78e41cc0acdbdcab3232d

Request headers

:path
/
pragma
no-cache
cookie
__cfduid=d7b2f9139737141a637b54044ffedf11f1619770946; ubpv=a%2C0eae7143-ecf9-421d-bad1-f53cd82d49ab; ubvs=b15a430d-2b48-402b-aaa5-564b94af17a0; ubvt=b15a430d-2b48-402b-aaa5-564b94af17a0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.desdemonapay.com
referer
https://www.desdemonapay.com/
:scheme
https
sec-fetch-site
same-site
:method
GET
Referer
https://www.desdemonapay.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 30 Apr 2021 08:22:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
p3p
CP="This is not a privacy policy."
content-location
https://www.desdemonapay.com/
x-unbounce-pageid
0eae7143-ecf9-421d-bad1-f53cd82d49ab
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09c3784b960000177a25b1c000000001
x-proxy-backend
page-server
last-modified
Wed, 17 Feb 2021 10:05:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ag%2BNgsREtM2MEsXOIqNwEaCgEsA3V2%2FEhDV6g9YUyxc4E%2FhAT0Ao3Kc9QbdMPngBKajypUcwIm3N7Dvqyx03UGnMwqbHfEFLuzqRLr3lW4j8kmIU8LTjFncfCI%2B%2FHdVCQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
x-unbounce-variant
a
set-cookie
ubvs=b15a430d-2b48-402b-aaa5-564b94af17a0; Max-Age=15552000; Expires=Wed, 27 Oct 2021 08:22:26 GMT; Path=/; SameSite=Lax ubvt=b15a430d-2b48-402b-aaa5-564b94af17a0; Max-Age=259200; Expires=Mon, 03 May 2021 08:22:26 GMT; Path=/; Domain=desdemonapay.com; SameSite=Lax
cf-ray
647f5cbf4d4a177a-FRA
link
<https://www.desdemonapay.com/>; rel="canonical"
x-unbounce-visitorid
b15a430d-2b48-402b-aaa5-564b94af17a0

Redirect headers

date
Fri, 30 Apr 2021 08:22:26 GMT
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qshfqEBEpk%2B4336xhGWTB5Xe6tVn%2BiGt5zyu%2FtduPfqeqUGxChOxlcFGFMXgZ1xxiZ1UulkGQJMMgygvnigeLjJVFKbq3qHO5NiydGr1KxfYbCj3PWTNawH0jJfP"}],"max_age":604800,"group":"cf-nel"}
location
https://www.desdemonapay.com
cache-control
max-age=3600
cf-ray
647f5cbf1f0d1772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09c3784b6c00001772cc34f000000001
expires
Fri, 30 Apr 2021 09:22:26 GMT
ub.js
d34qb8suadcc4g.cloudfront.net/
5 KB
2 KB
Script
General
Full URL
https://d34qb8suadcc4g.cloudfront.net/ub.js?1618514266
Requested by
Host: www.desdemonapay.com
URL: https://www.desdemonapay.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:b000:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0bbb0c157e8aad81455cc5e2d258b835053a0b404b32632adaed6a9075042bc4

Request headers

Referer
https://www.desdemonapay.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 15 Apr 2021 21:43:56 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 19:15:08 GMT
server
AmazonS3
age
1247911
etag
"f6420c864830b5860bfaadd47a2bb21b"
x-cache
Hit from cloudfront
x-amz-version-id
bKC28ufbc849z_LglraHgQe9TbPw1SIU
via
1.1 682270ef163d219cc7a50d1af232b97f.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-type
application/javascript
content-length
1856
x-amz-cf-id
DShcA1DluUomL-txDFKeD81D7ylU-UlMFU2Y2JlV04Y9Jn2Sd9X0BA==
main.bundle-5c6e41c.z.js
builder-assets.unbounce.com/published-js/
104 KB
33 KB
Script
General
Full URL
https://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js
Requested by
Host: www.desdemonapay.com
URL: https://www.desdemonapay.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.144.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-144-20.txl52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5c6e41cab44d3fc8958df6b852e4e728360a81d7a5fc3079b36e677cc07f8edb

Request headers

Referer
https://www.desdemonapay.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 17 Mar 2021 03:07:39 GMT
content-encoding
gzip
last-modified
Thu, 14 Jan 2021 00:04:10 GMT
server
AmazonS3
age
3820488
etag
"bb50eefe0cf9244bc17fe34bb55821bb"
x-cache
Hit from cloudfront
x-amz-version-id
ipR703zeXb6Y9CZFo9gIWbPXuPKHmpp3
via
1.1 f66aaf2d9f6a8e65595a1e24d5f18bcd.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
TXL52-C1
accept-ranges
bytes
content-type
application/javascript
content-length
33645
x-amz-cf-id
AuiPOfYfvUCLjqhcbeULZUkFjuBEWO-APk8fkSkBCTk-zOWUKbDnUQ==
CreateTicketUnreg.aspx
tickets.hubpeople.com/ Frame 67D7
6 KB
2 KB
Document
General
Full URL
https://tickets.hubpeople.com/CreateTicketUnreg.aspx?siteId=1
Requested by
Host: www.desdemonapay.com
URL: https://www.desdemonapay.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.105.195.14 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
bebb3c5179d448bfbd6950f3a8d4ac7d6c299504098386b16ae8812a9a571289

Request headers

:method
GET
:authority
tickets.hubpeople.com
:scheme
https
:path
/CreateTicketUnreg.aspx?siteId=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.desdemonapay.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1
Referer
https://www.desdemonapay.com/

Response headers

date
Fri, 30 Apr 2021 08:22:26 GMT
content-type
text/html; charset=utf-8
content-length
2082
cache-control
private
content-encoding
gzip
vary
Accept-Encoding
server
Microsoft-IIS/10.0
set-cookie
ASP.NET_SessionId=4dp0jrrqsqqbqndndpyijwfy; path=/; HttpOnly; SameSite=Lax
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
truncated
/
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/gif
asset_composer.js
static.zdassets.com/ekr/ Frame F5CA
Redirect Chain
  • https://assets.zendesk.com/embeddable_framework/main.js
  • https://static.zdassets.com/ekr/asset_composer.js
19 KB
6 KB
Script
General
Full URL
https://static.zdassets.com/ekr/asset_composer.js
Requested by
Host: www.desdemonapay.com
URL: https://www.desdemonapay.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51ac1255b3e991ea897c6a3fa4f652fffac4fb490e037fbfc21337fd8694ed04
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.desdemonapay.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 30 Apr 2021 08:22:26 GMT
content-encoding
br
cf-cache-status
HIT
age
49
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
strict-transport-security
max-age=0
x-amz-request-id
EZZX1V9E7V0M5BG7
x-amz-id-2
nki8NcDYW8ecEj8vA24XuWt4SRMN8bk8645KRSDtTuZr8OfdbC7vcRg9WShXKXOE5i9bKaLJo0I=
last-modified
Mon, 22 Mar 2021 23:03:56 GMT
server
cloudflare
etag
W/"7f3954777ce44f906bb3321e70ee7f5b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600, s-maxage=60
x-amz-version-id
B9qG7ZAygvAtYc6yfmpYsBnoqgC0e7YM
cf-request-id
09c3784ca400000857199d8000000001
cf-ray
647f5cc1089c0857-CDG

Redirect headers

date
Fri, 30 Apr 2021 08:22:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
location
https://static.zdassets.com/ekr/asset_composer.js
cache-control
max-age=3600
strict-transport-security
max-age=0
cf-ray
647f5cc0792f32a7-CDG
cf-request-id
09c3784c4a000032a7a3184000000001
expires
Fri, 30 Apr 2021 09:22:26 GMT
sp-2.14.0.js
d34qb8suadcc4g.cloudfront.net/
98 KB
30 KB
Script
General
Full URL
https://d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
Requested by
Host: d34qb8suadcc4g.cloudfront.net
URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1618514266
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:b000:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

Referer
https://www.desdemonapay.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 28 Jan 2021 03:08:39 GMT
content-encoding
gzip
last-modified
Wed, 04 Nov 2020 01:35:32 GMT
server
AmazonS3
age
7967628
etag
"73de733c308b8b5e44d2a6242dc4bd99"
x-cache
Hit from cloudfront
x-amz-version-id
rVTqklA1qqyT_0VdOCY323BKPISR0uej
via
1.1 682270ef163d219cc7a50d1af232b97f.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-type
application/javascript
content-length
30399
x-amz-cf-id
1VEgCWFGah5itqjmoYF2r9sQthbJ-oYzwULsqCWBi0Gay6QmNkWiJQ==
feb6acf0-835a-4df6-921a-35c32669d593
https://www.desdemonapay.com/
5 KB
0
Stylesheet
General
Full URL
blob:https://www.desdemonapay.com/feb6acf0-835a-4df6-921a-35c32669d593
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

Content-Length
5603
Content-Type
text/css
css
fonts.googleapis.com/
13 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Josefin+Sans:700,regular,italic,300,300italic,700italic%7CRoboto:regular%7CMontserrat:regular,italic%7CCarme:regular%7CRacing+Sans+One:regular,400
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d790d1054c27184c817dbcd078e78f7258511a198c15ea54bc466f9c043bfac1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.desdemonapay.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
date
Fri, 30 Apr 2021 08:22:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Fri, 30 Apr 2021 08:22:26 GMT
jquery-1.12.4.min.js
code.jquery.com/ Frame 67D7
95 KB
33 KB
Script
General
Full URL
https://code.jquery.com/jquery-1.12.4.min.js
Requested by
Host: tickets.hubpeople.com
URL: https://tickets.hubpeople.com/CreateTicketUnreg.aspx?siteId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Origin
https://tickets.hubpeople.com
Referer
https://tickets.hubpeople.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 30 Apr 2021 08:22:26 GMT
content-encoding
gzip
last-modified
Fri, 20 May 2016 17:18:54 GMT
server
nginx
etag
W/"573f46fe-17b8b"
vary
Accept-Encoding
x-hw
1619770946.dop097.fr8.t,1619770946.cds284.fr8.hn,1619770946.cds167.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33738
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ Frame 67D7
118 KB
19 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: tickets.hubpeople.com
URL: https://tickets.hubpeople.com/CreateTicketUnreg.aspx?siteId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://tickets.hubpeople.com
Referer
https://tickets.hubpeople.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 30 Apr 2021 08:22:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 617, 617
age
615663
cdn-cachedat
2021-04-23 06:29:02
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09c3784c4100004a5c8e03e000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
e30310d7da1cdf9ce8a9d975e17dd29f
cf-ray
647f5cc06b1f4a5c-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
351029a4-screenshot-2020-09-10-at-16-39-37_10d504e0cy047003004028.png
d9hhrg4mnvzow.cloudfront.net/www.desdemonapay.com/
5 KB
6 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/www.desdemonapay.com/351029a4-screenshot-2020-09-10-at-16-39-37_10d504e0cy047003004028.png
Requested by
Host: www.desdemonapay.com
URL: https://www.desdemonapay.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.155.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-155-146.txl52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dffe4f67bb2332cae86265b2f977fd6612df4a03721ee4cabc070e17b5732530

Request headers

Referer
https://www.desdemonapay.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 26 Apr 2021 17:29:38 GMT
via
1.1 fa133af2508a341e1ff6bfff526ba095.cloudfront.net (CloudFront)
last-modified
Wed, 17 Feb 2021 10:05:32 GMT
server
AmazonS3
age
312768
etag
"034262dc2e18219be2d1b85481b408c3"
x-cache
Hit from cloudfront
x-amz-version-id
1K1Su30774jTn7f7xR4i8uJbTCI2X3Xv
cache-control
max-age=31557600
x-amz-cf-pop
TXL52-C1
accept-ranges
bytes
content-type
image/png
content-length
5278
x-amz-cf-id
1kxnu8GgN7tkr3fW3jf19dpE5Pk0qZNpcrqz1vSpfR7r4hktz_ihMg==
e07545bf-shutterstock-547750483_10fd0a904w06f08v01w01o.jpg
d9hhrg4mnvzow.cloudfront.net/www.desdemonapay.com/
5 KB
6 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/www.desdemonapay.com/e07545bf-shutterstock-547750483_10fd0a904w06f08v01w01o.jpg
Requested by
Host: www.desdemonapay.com
URL: https://www.desdemonapay.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.155.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-155-146.txl52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
057ec78a6992f3f09d7742dbff2411519cb9bd5c95b9edb0f607b29bbba2b070

Request headers

Referer
https://www.desdemonapay.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 29 Apr 2021 14:45:20 GMT
via
1.1 fa133af2508a341e1ff6bfff526ba095.cloudfront.net (CloudFront)
last-modified
Wed, 17 Feb 2021 10:05:32 GMT
server
AmazonS3
age
63427
etag
"4c4f4183b5602927e45972cab52c4534"
x-cache
Hit from cloudfront
x-amz-version-id
ZRGoipdmbW.QZWY04ivCSkEcWCAgjM_D
cache-control
max-age=31557600
x-amz-cf-pop
TXL52-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
5597
x-amz-cf-id
apYB_MW_1Z0NY70F1ENGzkiPcTfgCbVNbQrnBkrSkDZs4fz94tV1kQ==
i
events.ub-analytics.com/
43 B
245 B
Image
General
Full URL
https://events.ub-analytics.com/i?stm=1619770946624&e=pv&url=https%3A%2F%2Fwww.desdemonapay.com%2F&page=Why%20does%20my%20bank%20statement%20have%20a%20charge%20for%20desdemonapay.com&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&eid=62dc7c65-95a3-4dbf-90e1-f7189bc065a0&dtm=1619770946623&vp=1600x1200&ds=1600x2224&vid=1&sid=6e0f3982-4874-441a-ad88-c91c3bd5c4b2&duid=b2026512-706d-4899-84a5-4dfee7abc14b&uid=b15a430d-2b48-402b-aaa5-564b94af17a0&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiMGVhZTcxNDMtZWNmOS00MjFkLWJhZDEtZjUzY2Q4MmQ0OWFiIiwidmFyaWFudElkIjoiYSIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6IndlaWdodGVkIn19XX0
Requested by
Host: www.desdemonapay.com
URL: https://www.desdemonapay.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.22.247.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-247-80.compute-1.amazonaws.com
Software
akka-http/10.0.9 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer
https://www.desdemonapay.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin
*
date
Fri, 30 Apr 2021 08:22:26 GMT
access-control-allow-credentials
true
server
akka-http/10.0.9
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length
43
content-type
image/gif
Qw3aZQNVED7rKGKxtqIqX5EUDXx4Vn8sig.woff2
fonts.gstatic.com/s/josefinsans/v17/
26 KB
26 KB
Font
General
Full URL
https://fonts.gstatic.com/s/josefinsans/v17/Qw3aZQNVED7rKGKxtqIqX5EUDXx4Vn8sig.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Josefin+Sans:700,regular,italic,300,300italic,700italic%7CRoboto:regular%7CMontserrat:regular,italic%7CCarme:regular%7CRacing+Sans+One:regular,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad8e530eb16a53ebe93503917fa69e2ef37d1385e737045e966740697a3786a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.desdemonapay.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 25 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 23:14:23 GMT
server
sffe
age
425928
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26876
x-xss-protection
0
expires
Mon, 25 Apr 2022 10:03:38 GMT
Qw3EZQNVED7rKGKxtqIqX5EUCEx6XHgOiJM6.woff2
fonts.gstatic.com/s/josefinsans/v17/
28 KB
28 KB
Font
General
Full URL
https://fonts.gstatic.com/s/josefinsans/v17/Qw3EZQNVED7rKGKxtqIqX5EUCEx6XHgOiJM6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Josefin+Sans:700,regular,italic,300,300italic,700italic%7CRoboto:regular%7CMontserrat:regular,italic%7CCarme:regular%7CRacing+Sans+One:regular,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e3194c7bcc5f1e6329825cb77371304b98de0ca609a2d15104bcbfa007de685
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.desdemonapay.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 25 Apr 2021 10:03:43 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 22:44:43 GMT
server
sffe
age
425923
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29048
x-xss-protection
0
expires
Mon, 25 Apr 2022 10:03:43 GMT
ptRHTiWdbvZIDNjBzrJJxubY.woff2
fonts.gstatic.com/s/carme/v11/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/carme/v11/ptRHTiWdbvZIDNjBzrJJxubY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Josefin+Sans:700,regular,italic,300,300italic,700italic%7CRoboto:regular%7CMontserrat:regular,italic%7CCarme:regular%7CRacing+Sans+One:regular,400
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05a68faa5927c41ff8d46de3b9147dc2a019cc5161faf1aa59558b0daeb821fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.desdemonapay.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 25 Apr 2021 06:06:21 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Jul 2020 19:50:26 GMT
server
sffe
age
440165
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12396
x-xss-protection
0
expires
Mon, 25 Apr 2022 06:06:21 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v27/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Josefin+Sans:700,regular,italic,300,300italic,700italic%7CRoboto:regular%7CMontserrat:regular,italic%7CCarme:regular%7CRacing+Sans+One:regular,400
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a986c26c40febdfac5074b57a925fe2d7b901e75b7bcad4a19a5cbe3987b51bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.desdemonapay.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 29 Apr 2021 15:44:13 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:38 GMT
server
sffe
age
59893
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11032
x-xss-protection
0
expires
Fri, 29 Apr 2022 15:44:13 GMT
JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v15/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Josefin+Sans:700,regular,italic,300,300italic,700italic%7CRoboto:regular%7CMontserrat:regular,italic%7CCarme:regular%7CRacing+Sans+One:regular,400
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.desdemonapay.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 29 Apr 2021 00:42:29 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:14 GMT
server
sffe
age
113997
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13708
x-xss-protection
0
expires
Fri, 29 Apr 2022 00:42:29 GMT
JTUQjIg1_i6t8kCHKm459WxRyS7m0dR9pA.woff2
fonts.gstatic.com/s/montserrat/v15/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTUQjIg1_i6t8kCHKm459WxRyS7m0dR9pA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Josefin+Sans:700,regular,italic,300,300italic,700italic%7CRoboto:regular%7CMontserrat:regular,italic%7CCarme:regular%7CRacing+Sans+One:regular,400
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff4eb7e4df6e09b7fba76e1957f3fc0f703496a13d23a5a245bb2709810b0c43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.desdemonapay.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 29 Apr 2021 15:35:35 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:11 GMT
server
sffe
age
60411
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14024
x-xss-protection
0
expires
Fri, 29 Apr 2022 15:35:35 GMT
sykr-yRtm7EvTrXNxkv5jfKKyDCAKHDneJERtQ.woff2
fonts.gstatic.com/s/racingsansone/v8/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/racingsansone/v8/sykr-yRtm7EvTrXNxkv5jfKKyDCAKHDneJERtQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Josefin+Sans:700,regular,italic,300,300italic,700italic%7CRoboto:regular%7CMontserrat:regular,italic%7CCarme:regular%7CRacing+Sans+One:regular,400
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
529aa84f2c42052821ed0a586039622c95ce8613760c3cc5dd40771596773fdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.desdemonapay.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 29 Apr 2021 21:13:37 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Sep 2020 05:33:39 GMT
server
sffe
age
40129
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14400
x-xss-protection
0
expires
Fri, 29 Apr 2022 21:13:37 GMT
helpsupporthub.zendesk.com
ekr.zdassets.com/compose/web_widget/ Frame F5CA
675 B
820 B
XHR
General
Full URL
https://ekr.zdassets.com/compose/web_widget/helpsupporthub.zendesk.com
Requested by
Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92ad5e7cc0d0aeba4a73f65fb16e0a94011f744d2c3b2613377888edd9f8e009
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.desdemonapay.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 30 Apr 2021 08:22:27 GMT
content-encoding
br
vary
Origin, Accept-Encoding
cf-cache-status
MISS
status
200 OK
strict-transport-security
max-age=0
cf-request-id
09c3784cfb0000edf733280000000001
x-request-id
8e247096-2f2c-4bc5-9855-7f365952c78d
x-runtime
0.003326
server
cloudflare
etag
W/"92ad5e7cc0d0aeba4a73f65fb16e0a94"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray
647f5cc19f07edf7-CDG
preload.9a14237b65d299e5c585.js
static.zdassets.com/web_widget/latest/ Frame B9D2
63 KB
19 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/latest/preload.9a14237b65d299e5c585.js
Requested by
Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a8f5497f6f8ec5a90805f42a3652e1cee7d8afae25ad35890f856e971fcba73
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 30 Apr 2021 08:22:27 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
181229
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
3QN1ZEXJKCZ7MAGE
x-amz-id-2
zlquWzmywCnDuWykuYRXuiRqt0tCB7xlrUkbl1mox3E80xGhAvZW7VdYgE//0P/dp5y35vCO1Rw=
last-modified
Mon, 26 Apr 2021 23:04:05 GMT
server
cloudflare
etag
W/"125494c4185ec4b23a7eee71077abd55"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
zXtpFm9NtvYP8aT0BNT_DBqq6jy9yxXq
cf-request-id
09c3784fbf000008573795a000000001
cf-ray
647f5cc5fcaa0857-CDG
expires
Tue, 26 Apr 2022 23:04:03 GMT
framework.643fdc2929fffe842692.chunk.js
static.zdassets.com/web_widget/latest/ Frame B9D2
54 KB
17 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/latest/framework.643fdc2929fffe842692.chunk.js
Requested by
Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5952c748421000575ab0c7036058d838b12b421630c70c91869156462804ce9
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 30 Apr 2021 08:22:27 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
181229
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
3QNFSAHDEVYB7SGT
x-amz-id-2
1LUX67ZByDQpqr5dkDPtxl7FmyxcKDKSDcQ5YqIBl5QdRLQ66Y3IFd+wECgyoQDWLEkMcpKOitY=
last-modified
Mon, 26 Apr 2021 23:03:12 GMT
server
cloudflare
etag
W/"ea7e1499f63bbcde044ec0e0fb425cd0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
hlXYtcBhilYaS3M.zr6rC.0.wR4S8wcp
cf-request-id
09c3784fc00000085719a23000000001
cf-ray
647f5cc5fcac0857-CDG
expires
Tue, 26 Apr 2022 23:03:11 GMT
vendors~framework.b1ea516911eb6ecd8755.chunk.js
static.zdassets.com/web_widget/latest/ Frame B9D2
186 KB
57 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/latest/vendors~framework.b1ea516911eb6ecd8755.chunk.js
Requested by
Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8d31e623c56bfa8b08f9a0d324173f1915b4c191a9d0f16daf93074d3f8b57a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 30 Apr 2021 08:22:27 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
617249
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
492JT5RJY09F7J8W
x-amz-id-2
UNt4Q3Scuj1jlzX4lu8omk18z42KLGbHuCoV1PWafS0Bm99YGNnEyD4zHXsQBIt8HrQpFe2HmdY=
last-modified
Fri, 23 Apr 2021 04:51:05 GMT
server
cloudflare
etag
W/"63eb8c69fdfc903cbfe7a15434f62da9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
cdtFZZfM44QGnSCYn.AbxJs6UBqkUakZ
cf-request-id
09c3784fc1000008575c25a000000001
cf-ray
647f5cc60cb00857-CDG
expires
Sat, 23 Apr 2022 04:51:04 GMT
chat-sdk.34475bc42f3df2dfabe9.chunk.js
static.zdassets.com/web_widget/latest/ Frame B9D2
257 KB
50 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/latest/chat-sdk.34475bc42f3df2dfabe9.chunk.js
Requested by
Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6143820fcef6fd6b2f1106b89182d01e582a43c8f739faf9972c17f82192efc8
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 30 Apr 2021 08:22:27 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
617251
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
YWK3FJ1CRM20C2ZE
x-amz-id-2
h5gYXscs4bWrhC/elwdc80sov2Y8H5hd24NTxA+vOykmoMd5kmuIESv+fVML7ZA6HDDPOsimsKY=
last-modified
Fri, 23 Apr 2021 04:50:11 GMT
server
cloudflare
etag
W/"c40bc1f5ccc9a7542723391ad6b5db23"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
BbnA0zXTxxSV2yCc9vefEBqrQPORHy2d
cf-request-id
09c3784fc1000008570516a000000001
cf-ray
647f5cc60cb30857-CDG
expires
Sat, 23 Apr 2022 04:50:10 GMT
config
helpsupporthub.zendesk.com/embeddable/ Frame F5CA
750 B
1 KB
XHR
General
Full URL
https://helpsupporthub.zendesk.com/embeddable/config
Requested by
Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.51.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
493d325636478b6f5cd651faa79c8a7aa0372810d7f058479b72cb836f0cd265
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.desdemonapay.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 30 Apr 2021 08:22:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server
embeddable-app-server-678b589c4d-rc6xc
access-control-allow-methods
GET
vary
Origin, Accept-Encoding
cf-request-id
09c378502b0000edafd3b8d000000001
x-request-id
647f5cc6ac5eedaf-FRA
x-runtime
0.001047
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
1728000
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Bu6xyOYWRWwBc05QpIvveIDWzwSkC9NB9dd2GTB8KM5UKUF60%2BSZ1xRm55PTt8DD5NidBlTspC3230aVRYY%2BpG9UDKGOrwwlb%2FTKT3L6o2hdiCH5BntuY%2FVvRQ%3D%3D"}],"group":"cf-nel"}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray
647f5cc6ac5eedaf-CDG
en-us-json.81c93c29a397263e2f54.chunk.js
static.zdassets.com/web_widget/latest/locales/ Frame B9D2
30 KB
6 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/latest/locales/en-us-json.81c93c29a397263e2f54.chunk.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/preload.9a14237b65d299e5c585.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67e7792ff2ff166d7f8e7150f7905e1dca63ee6def6a82d959b712f51586e56d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 30 Apr 2021 08:22:27 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
617250
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
1BJWB822N0N2Z4DV
x-amz-id-2
5RtqebhKrjSVxz48OumxmI0rOEKgRQBSistdaOhEC5kDQQoH/OFLXRVFzzczurMDS47mB7efz3s=
last-modified
Fri, 23 Apr 2021 04:50:31 GMT
server
cloudflare
etag
W/"bfcb6abe12d1784811bf840f9159a6fb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
z9cEntnE8UY_YAaJC7uMP9udzUYTAHRh
cf-request-id
09c3785099000008574a161000000001
cf-ray
647f5cc758360857-CDG
expires
Sat, 23 Apr 2022 04:50:30 GMT
web_widget~messenger.88c46634dcce586eee9e.chunk.js
static.zdassets.com/web_widget/latest/vendors~lazy/ Frame B9D2
338 KB
98 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/latest/vendors~lazy/web_widget~messenger.88c46634dcce586eee9e.chunk.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/preload.9a14237b65d299e5c585.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d0720423a32be2b84ca745e9eff439f3988da5f5edd0d53a4d2c478fa9800f6
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 30 Apr 2021 08:22:27 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
7556
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
YWK32P1VV54AXQY2
x-amz-id-2
Z8xlC5kkzaENdaAyoP+gF+uReUY9kh2P9elPnrKElycouKTYqDPrH6yRrOxdnsRcBuZ495m/Y5U=
last-modified
Fri, 23 Apr 2021 04:51:06 GMT
server
cloudflare
etag
W/"e8a8918b86cb69524e8c66ed379775d5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
noV0IUb76yyZxOW5SdIVKtL.0ClyXv86
cf-request-id
09c378509f000008577f8d0000000001
cf-ray
647f5cc758490857-CDG
expires
Sat, 23 Apr 2022 04:51:05 GMT
web_widget.2f80a0c45270ff6aa17e.chunk.js
static.zdassets.com/web_widget/latest/vendors~lazy/ Frame B9D2
594 KB
139 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/latest/vendors~lazy/web_widget.2f80a0c45270ff6aa17e.chunk.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/preload.9a14237b65d299e5c585.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fe7c018ff531007abce7ae3cea84c3fd6e4e2651aa49cd1418cbf98ccb36887
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 30 Apr 2021 08:22:27 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
7339
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
1BJRRGSYBX25TRCZ
x-amz-id-2
xa7sYFQd7KxUz8lHQ59PjBZcyLCYVaIjQbjIDkXlxWyJ0caPyx4lzGWhT2oVpwkdt9DVE5RuMnU=
last-modified
Fri, 23 Apr 2021 04:51:05 GMT
server
cloudflare
etag
W/"1b7d305478d45aa65afa198646e44cbe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
EpWBnsdNBIYX69dubutIgrIOQ2nh8BWe
cf-request-id
09c378509d000008573525b000000001
cf-ray
647f5cc768530857-CDG
expires
Sat, 23 Apr 2022 04:51:04 GMT
web_widget.df767bc7a1ab781662a9.chunk.js
static.zdassets.com/web_widget/latest/lazy/ Frame B9D2
823 KB
153 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/latest/lazy/web_widget.df767bc7a1ab781662a9.chunk.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/preload.9a14237b65d299e5c585.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7381d50107a2102c7e42aaf87314a12cc2c47375a253f28e96d3f5fa7195bb8
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 30 Apr 2021 08:22:27 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
24
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
7GXYTRXHMAH35JK4
x-amz-id-2
sAmyFhwAcIjjPI+l8aP0tRaThs4IpScXQ1AXfviTOT8U+LOlcGidGiEpjG2RAHkssj+7QvsWSmo=
last-modified
Mon, 26 Apr 2021 23:03:14 GMT
server
cloudflare
etag
W/"bdb0155abaa153b3ae5fbde30c538066"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
YAAsh0P58crS1q..a0KYltI3PlfKweH2
cf-request-id
09c37850a0000008573525c000000001
cf-ray
647f5cc768560857-CDG
expires
Tue, 26 Apr 2022 23:03:12 GMT
embeddable_blip
helpsupporthub.zendesk.com/ Frame B9D2
0
615 B
XHR
General
Full URL
https://helpsupporthub.zendesk.com/embeddable_blip?type=pageView&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInBhZ2VWaWV3Ijp7InJlZmVycmVyIjoiaHR0cHM6Ly93d3cuZGVzZGVtb25hcGF5LmNvbS8iLCJ0aW1lIjo0OCwibG9hZFRpbWUiOm51bGwsIm5hdmlnYXRvckxhbmd1YWdlIjoiZW4tVVMiLCJwYWdlVGl0bGUiOiJXaHkgZG9lcyBteSBiYW5rIHN0YXRlbWVudCBoYXZlIGEgY2hhcmdlIGZvciBkZXNkZW1vbmFwYXkuY29tIiwidXNlckFnZW50IjoiTW96aWxsYS81LjAgKGlQaG9uZTsgQ1BVIGlQaG9uZSBPUyAxM181IGxpa2UgTWFjIE9TIFgpIEFwcGxlV2ViS2l0LzYwNS4xLjE1IChLSFRNTCwgbGlrZSBHZWNrbykgQ3JpT1MvODMuMC40MTAzLjg4IE1vYmlsZS8xNUUxNDggU2FmYXJpLzYwNC4xIiwiaXNNb2JpbGUiOnRydWUsImlzUmVzcG9uc2l2ZSI6dHJ1ZSwidmlld3BvcnRNZXRhIjoid2lkdGg9ZGV2aWNlLXdpZHRoLCBpbml0aWFsLXNjYWxlPTEuMCwgbWF4aW11bS1zY2FsZT0xIiwiaGVscENlbnRlckRlZHVwIjpmYWxzZX0sImJ1aWQiOiI0NGYyMGQ5YzM5Nzk0YzhlZjJjNzQ1NmNkMzRiYjBjNSIsInN1aWQiOiJlMTI5ZTc1NDYzNmQxMGM1ZmY1OTUxYjI1NDc5MWZmMSIsInZlcnNpb24iOiIwYWQ1ZTkyNDkiLCJ0aW1lc3RhbXAiOiIyMDIxLTA0LTMwVDA4OjIyOjI4LjAyNVoiLCJ1cmwiOiJodHRwczovL3d3dy5kZXNkZW1vbmFwYXkuY29tLyJ9
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~framework.b1ea516911eb6ecd8755.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.51.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 30 Apr 2021 08:22:28 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qlLGVOcevfhuMtegHLFP5Sg9EF9uqS%2BFcdZ%2BBBODJE%2Btj5vP7xXBHzCW3u1YMED6JtrcPKOmJ4WJsMxn8ZOODx2lFPBeKxdBTI4vMZ7c5YUrv%2Bo2fs19OduEyw%3D%3D"}],"group":"cf-nel"}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.desdemonapay.com
cache-control
no-store, no-cache, must-revalidate
cf-ray
647f5cc93917edaf-CDG
cf-request-id
09c37851c50000edafa80c9000000001
chat-incoming-message-notification.mp3
static.zdassets.com/web_widget/static/ Frame B9D2
19 KB
20 KB
Media
General
Full URL
https://static.zdassets.com/web_widget/static/chat-incoming-message-notification.mp3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1
Range
bytes=0-

Response headers

date
Fri, 30 Apr 2021 08:22:28 GMT
cf-cache-status
DYNAMIC
x-amz-request-id
RHB5FF4ES2HAAREM
x-amz-server-side-encryption
AES256
cf-ray
647f5ccbeac70857-CDG
Content-Range
bytes 0-19697/19698
x-amz-replication-status
COMPLETED
Content-Length
19698
x-amz-id-2
CzE04NKI3UwGhYxh2IiNOUG7VPyFCcN7VzHBPW/9ZDFN8SgBPB9BoyQf0/OhwBRcDYDWoy9ydBo=
last-modified
Tue, 12 Feb 2019 01:07:53 GMT
server
cloudflare
etag
"f11ce9e8f40a392830217253fe75d6de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
x-amz-version-id
7QfN44DQ.h7tzqx9G_4CeAsccdu5t2pF
cache-control
public, max-age=31536000
cf-request-id
09c37853730000085719133000000001
accept-ranges
bytes
content-type
audio/mpeg; charset=utf-8
expires
Wed, 12 Feb 2020 01:07:52 GMT

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| ub object| module function| $ function| jQuery function| openZendeskChat function| zEmbed function| zE object| UnbounceSnowplowNamespace function| ubSnowplow function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_ function| ownKeys function| _objectSpread function| _defineProperty function| _typeof object| Snowplow boolean| zEACLoaded function| $zopim

4 Cookies

Domain/Path Name / Value
www.desdemonapay.com/ Name: ubvs
Value: b15a430d-2b48-402b-aaa5-564b94af17a0
www.desdemonapay.com/ Name: ubpv
Value: a%2C0eae7143-ecf9-421d-bad1-f53cd82d49ab
.desdemonapay.com/ Name: ubvt
Value: b15a430d-2b48-402b-aaa5-564b94af17a0
.desdemonapay.com/ Name: __cfduid
Value: d7b2f9139737141a637b54044ffedf11f1619770946

1 Console Messages

Source Level URL
Text
console-api error URL: https://static.zdassets.com/web_widget/latest/vendors~framework.b1ea516911eb6ecd8755.chunk.js(Line 4)
Message:
An error occurred in your use of the legacy v1 Zendesk Widget API: Check out the Developer API docs to make sure you're using it correctly https://developer.zendesk.com/embeddables/docs/widget/api TypeError: $.cookie is not a function at https://www.desdemonapay.com/:1716:9 at j (https://static.zdassets.com/web_widget/latest/framework.643fdc2929fffe842692.chunk.js:2:49812) at https://static.zdassets.com/web_widget/latest/framework.643fdc2929fffe842692.chunk.js:2:50294 at Array.forEach (<anonymous>) at Object.run (https://static.zdassets.com/web_widget/latest/framework.643fdc2929fffe842692.chunk.js:2:50268) at https://static.zdassets.com/web_widget/latest/framework.643fdc2929fffe842692.chunk.js:2:10379 at Array.forEach (<anonymous>) at https://static.zdassets.com/web_widget/latest/framework.643fdc2929fffe842692.chunk.js:2:10307 at c (https://static.zdassets.com/web_widget/latest/vendors~framework.b1ea516911eb6ecd8755.chunk.js:4:9989) at Generator._invoke (https://static.zdassets.com/web_widget/latest/vendors~framework.b1ea516911eb6ecd8755.chunk.js:4:9742)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
assets.zendesk.com
builder-assets.unbounce.com
code.jquery.com
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
desdemonapay.com
ekr.zdassets.com
events.ub-analytics.com
fonts.googleapis.com
fonts.gstatic.com
helpsupporthub.zendesk.com
maxcdn.bootstrapcdn.com
static.zdassets.com
tickets.hubpeople.com
www.desdemonapay.com
104.16.51.111
104.18.70.113
104.18.72.113
2001:4de0:ac18::1:a:1b
23.22.247.80
2600:9000:2104:b000:1d:11cf:5800:93a1
2606:4700:3035::6815:568c
2606:4700::6812:bcf
2a00:1450:4001:801::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:828::200a
2a00:1450:4001:829::2003
51.105.195.14
99.84.144.20
99.84.155.146
057ec78a6992f3f09d7742dbff2411519cb9bd5c95b9edb0f607b29bbba2b070
05a68faa5927c41ff8d46de3b9147dc2a019cc5161faf1aa59558b0daeb821fc
0bbb0c157e8aad81455cc5e2d258b835053a0b404b32632adaed6a9075042bc4
0c19ec28881bb4fc041df4c8c2c27e5383dbdaf7114ec9b77cee3c2e897d547b
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
1a8f5497f6f8ec5a90805f42a3652e1cee7d8afae25ad35890f856e971fcba73
23f4c80991f1f5510d9fe48414ae48f8a1a59f3a60a78e41cc0acdbdcab3232d
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
493d325636478b6f5cd651faa79c8a7aa0372810d7f058479b72cb836f0cd265
4fe7c018ff531007abce7ae3cea84c3fd6e4e2651aa49cd1418cbf98ccb36887
51ac1255b3e991ea897c6a3fa4f652fffac4fb490e037fbfc21337fd8694ed04
529aa84f2c42052821ed0a586039622c95ce8613760c3cc5dd40771596773fdc
5c6e41cab44d3fc8958df6b852e4e728360a81d7a5fc3079b36e677cc07f8edb
5e3194c7bcc5f1e6329825cb77371304b98de0ca609a2d15104bcbfa007de685
6143820fcef6fd6b2f1106b89182d01e582a43c8f739faf9972c17f82192efc8
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
67e7792ff2ff166d7f8e7150f7905e1dca63ee6def6a82d959b712f51586e56d
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
8d0720423a32be2b84ca745e9eff439f3988da5f5edd0d53a4d2c478fa9800f6
92ad5e7cc0d0aeba4a73f65fb16e0a94011f744d2c3b2613377888edd9f8e009
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7
a986c26c40febdfac5074b57a925fe2d7b901e75b7bcad4a19a5cbe3987b51bf
ad8e530eb16a53ebe93503917fa69e2ef37d1385e737045e966740697a3786a0
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
bebb3c5179d448bfbd6950f3a8d4ac7d6c299504098386b16ae8812a9a571289
c8d31e623c56bfa8b08f9a0d324173f1915b4c191a9d0f16daf93074d3f8b57a
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
d5952c748421000575ab0c7036058d838b12b421630c70c91869156462804ce9
d790d1054c27184c817dbcd078e78f7258511a198c15ea54bc466f9c043bfac1
dffe4f67bb2332cae86265b2f977fd6612df4a03721ee4cabc070e17b5732530
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7381d50107a2102c7e42aaf87314a12cc2c47375a253f28e96d3f5fa7195bb8
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
ff4eb7e4df6e09b7fba76e1957f3fc0f703496a13d23a5a245bb2709810b0c43