pay.conekta.com Open in urlscan Pro
3.231.180.42 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u15438629.ct.sendgrid.net/ls/click?upn=zAKuZd21nGOplxZF2Jw5R1KDFSvCULlgpUbouX7oFvjKVQ327NdV7P2IpjmkP456CoD-2FYcPgpI3JYPovR...
Effective URL:
https://pay.conekta.com/link/f84ae83130bd4d9c93866781813ff013
Submission: On July 31 via api (July 31st 2023, 5:28:16 am UTC) from DE — Scanned from DE

Summary HTTP 46 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 46 HTTP transactions. The main IP is 3.231.180.42, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is pay.conekta.com. The Cisco Umbrella rank of the primary domain is 731794.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 24th 2023. Valid for: 10 months.

This is the only time pay.conekta.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.115.54 167.89.115.54	11377 (SENDGRID) (SENDGRID)
24	3.231.180.42 3.231.180.42	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
12	2600:9000:26d... 2600:9000:26db:4800:17:c5a4:5ac0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::c6... 2606:4700::c6d9:fbfa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1f18:24e... 2600:1f18:24e6:b902:396c:5768:f8c3:756e	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
46	7

1 167.89.115.54 (Herndon, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789115x54.outbound-mail.sendgrid.net

u15438629.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 3.231.180.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-231-180-42.compute-1.amazonaws.com

pay.conekta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2600:9000:26db:4800:17:c5a4:5ac0:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.conekta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::c6d9:fbfa (United States)

ASN13335 (CLOUDFLARENET, US)

songbird.cardinalcommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:24e6:b902:396c:5768:f8c3:756e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rum.browser-intake-datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	conekta.com pay.conekta.com — Cisco Umbrella Rank: 731794 assets.conekta.com	2 MB
4	gstatic.com fonts.gstatic.com	527 KB
2	cardinalcommerce.com songbird.cardinalcommerce.com — Cisco Umbrella Rank: 21529	115 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	160 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 79	775 B
1	browser-intake-datadoghq.com rum.browser-intake-datadoghq.com — Cisco Umbrella Rank: 2175
1	sendgrid.net 1 redirects u15438629.ct.sendgrid.net	264 B
46	7

	Domain	Requested by
24	pay.conekta.com	pay.conekta.com
12	assets.conekta.com	pay.conekta.com
4	fonts.gstatic.com	pay.conekta.com fonts.googleapis.com
2	songbird.cardinalcommerce.com	pay.conekta.com songbird.cardinalcommerce.com
2	www.googletagmanager.com	pay.conekta.com
1	fonts.googleapis.com	pay.conekta.com
1	rum.browser-intake-datadoghq.com	pay.conekta.com
1	u15438629.ct.sendgrid.net	1 redirects
46	8

This site contains links to these domains. Also see Links.

Domain
help.conekta.com

Subject Issuer	Validity	Valid
conekta.com Amazon RSA 2048 M01	`2023-02-24` - `2023-12-17`	10 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.cardinalcommerce.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-02-23` - `2024-03-25`	a year	crt.sh
*.browser-intake-datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-17` - `2024-06-18`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://pay.conekta.com/link/f84ae83130bd4d9c93866781813ff013
Frame ID: 6ADF81EC33B2085956CFA7F1F4CBAB51
Requests: 10 HTTP requests in this frame

Frame: https://pay.conekta.com/components/self-hosted-checkout-frame?locale=es
Frame ID: 3A61D39D20AD6BB0C3B90B3EDEBAD7D2
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Link de pago

Page URL History Show full URLs

https://u15438629.ct.sendgrid.net/ls/click?upn=zAKuZd21nGOplxZF2Jw5R1KDFSvCULlgpUbouX7oFvjKVQ327NdV7P2IpjmkP45... HTTP 302
https://pay.conekta.com/link/f84ae83130bd4d9c93866781813ff013 Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

46
Requests

100 %
HTTPS

75 %
IPv6

7
Domains

8
Subdomains

7
IPs

2
Countries

3262 kB
Transfer

3796 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://help.conekta.com/hc/es-419/sections/360007368253-Link-de-Pago
Title: Centro de ayuda

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u15438629.ct.sendgrid.net/ls/click?upn=zAKuZd21nGOplxZF2Jw5R1KDFSvCULlgpUbouX7oFvjKVQ327NdV7P2IpjmkP456CoD-2FYcPgpI3JYPovR2ygK2XHDI3pTT0ElIIlBN0Rwf8-3D8O8r_TVzRKlxn5POn3qvAVdf5RSzjpWn-2BbPsowaKR5ScfS9U4MIL2gLpBidr4SQbVKs8lsxgi2abdvyj9Gy9y59FuyqI98JfIIGyK64GP6YTNZK3zAF0neOkW74Sjf8wzCjfO14hj0sbUNgA2WqQbbzXcMqtF-2FJjoU38o1NfuDuIBA5cSByZI0pvpHsdJbao8yCUwwLPjU0-2FSpiqpOnAMUprCNqOftcxzzG3pb-2Ff8oXcgb8UqztqomnE2pyPTaP-2FGI-2BCuq1HNK-2BmHWjvpxnnHlLSR77B0-2BgvGAOBeEFRxn59NDRKzPQeyzDil5gUN0vOz6RxPI-2BoxBr7DT99DEmprUekENGZBOz1dj1aWjBHVef69M1Q-3D HTTP 302
https://pay.conekta.com/link/f84ae83130bd4d9c93866781813ff013 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request f84ae83130bd4d9c93866781813ff013 Show response
pay.conekta.com/link/
Redirect Chain

https://u15438629.ct.sendgrid.net/ls/click?upn=zAKuZd21nGOplxZF2Jw5R1KDFSvCULlgpUbouX7oFvjKVQ327NdV7P2IpjmkP456CoD-2FYcPgpI3JYPovR2ygK2XHDI3pTT0ElIIlBN0Rwf8-3D8O8r_TVzRKlxn5POn3qvAVdf5RSzjpWn-2BbPs...
https://pay.conekta.com/link/f84ae83130bd4d9c93866781813ff013

35 KB
37 KB

424ms
197ms

Document
text/html

3.231.180.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.conekta.com/link/f84ae83130bd4d9c93866781813ff013

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.231.180.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-231-180-42.compute-1.amazonaws.com

Software

Resource Hash

5b89a1af6698220db1acadb4f9fa1e9c7ec02abb995954c9dec19ad6253aba70

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' ;object-src 'none';script-src 'self' www.googletagmanager.com 'nonce-So9FNi5X/7MjBkurYlt46/W+w6/K3rzMI8h93hdRlng=' https://songbird.cardinalcommerce.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ .cardinalcommerce.com .conekta.com .datadoghq.com .browser-intake-datadoghq.com;frame-src 'self' .modirum.com .bancochile.cl .euronet3dsecure.com .fssnet.co.in .nccc.com.tw .commerzbank.de .revolut.com .hdfcbank.com .wlp-acs.com .securesuite.co.uk .asseco-see.hr .ecclients.btrl.ro .secure22gw.ro .americanexpress.com .taipeifubon.com.tw .touch.tech .arcot.com .monext.fr .touchtechpayments.com .bpcbt.com .abanca.com .cardcenter.ch .secure2gw.ro .otpbank.hu .redbanc.cl .rsa3dsauth.com .seglan.com .qnb.com .icicibank.com .placetopay.com .tricard.cl .bci.cl .cimbniaga.com .alignet-acs.com .cic.fr .cardinalcommerce.com .3dsecure-vrp.de .redsys.es .wibmo.com .crqsbiacs.sbi .netsgroup.com .eglobal.com.mx .acssecure.com .capitalone.com .mtbank.by .ccb.com.cn .halykbank.kz .cornercard.ch .mycardsecure.com .cimb.com .rsa3dsauth.co.uk .nexigroup.com .viseca.ch .lloydstsb.com .citibank.co.in .bankserv.co.za .marqeta.com .maybank.com.my .abmb.com.my .capitecbank.co.za .santander.cl .uobgroup.com .alignet.io .dkb.de .bkm.com.tr .n26.com .apata.io .gps.com.bh .shinhancard.com .vietcombank.com.vn .kkb.kz .monzo.com .gpesecure.com .cafis-paynet.jp .verifiedbyvisa.com .ocbc.com .3dsecure.no .santander.com.br .privatbank.ua .cartoes-itau.com.br .samsungcard.com .usaa360.com .securesuite.net .optar.com.ec .mycardplace.com *.secureacs.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-language: es
content-length: 35472
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' *;object-src 'none';script-src 'self' www.googletagmanager.com 'nonce-So9FNi5X/7MjBkurYlt46/W+w6/K3rzMI8h93hdRlng=' https://songbird.cardinalcommerce.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ *.cardinalcommerce.com *.conekta.com *.datadoghq.com *.browser-intake-datadoghq.com;frame-src 'self' *.modirum.com *.bancochile.cl *.euronet3dsecure.com *.fssnet.co.in *.nccc.com.tw *.commerzbank.de *.revolut.com *.hdfcbank.com *.wlp-acs.com *.securesuite.co.uk *.asseco-see.hr *.ecclients.btrl.ro *.secure22gw.ro *.americanexpress.com *.taipeifubon.com.tw *.touch.tech *.arcot.com *.monext.fr *.touchtechpayments.com *.bpcbt.com *.abanca.com *.cardcenter.ch *.secure2gw.ro *.otpbank.hu *.redbanc.cl *.rsa3dsauth.com *.seglan.com *.qnb.com *.icicibank.com *.placetopay.com *.tricard.cl *.bci.cl *.cimbniaga.com *.alignet-acs.com *.cic.fr *.cardinalcommerce.com *.3dsecure-vrp.de *.redsys.es *.wibmo.com *.crqsbiacs.sbi *.netsgroup.com *.eglobal.com.mx *.acssecure.com *.capitalone.com *.mtbank.by *.ccb.com.cn *.halykbank.kz *.cornercard.ch *.mycardsecure.com *.cimb.com *.rsa3dsauth.co.uk *.nexigroup.com *.viseca.ch *.lloydstsb.com *.citibank.co.in *.bankserv.co.za *.marqeta.com *.maybank.com.my *.abmb.com.my *.capitecbank.co.za *.santander.cl *.uobgroup.com *.alignet.io *.dkb.de *.bkm.com.tr *.n26.com *.apata.io *.gps.com.bh *.shinhancard.com *.vietcombank.com.vn *.kkb.kz *.monzo.com *.gpesecure.com *.cafis-paynet.jp *.verifiedbyvisa.com *.ocbc.com *.3dsecure.no *.santander.com.br *.privatbank.ua *.cartoes-itau.com.br *.samsungcard.com *.usaa360.com *.securesuite.net *.optar.com.ec *.mycardplace.com *.secureacs.com
content-type: text/html; charset=utf-8
date: Mon, 31 Jul 2023 05:28:11 GMT
etag: W/"8a90-wNFNqIb/OhWeXmdy3TxSVsYr38g"
expect-ct: max-age=0
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

Redirect headers

Connection: keep-alive
Content-Length: 84
Content-Type: text/html; charset=utf-8
Date: Mon, 31 Jul 2023 05:28:11 GMT
Location: https://pay.conekta.com/link/f84ae83130bd4d9c93866781813ff013
Server: nginx
X-Robots-Tag: noindex, nofollow

GET
H2 200 94.d995bab3.css
pay.conekta.com/static/css/ 38 KB
39 KB 95ms
94ms Stylesheet
text/css 3.231.180.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.conekta.com/static/css/94.d995bab3.css

Requested by

Host: pay.conekta.com
URL: https://pay.conekta.com/link/f84ae83130bd4d9c93866781813ff013

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.231.180.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-231-180-42.compute-1.amazonaws.com

Software

Resource Hash

acb6e257f16872adcf38eac2feb211a226da2029f2d1052bba464b56722e815f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' ;object-src 'none';script-src 'self' www.googletagmanager.com 'nonce-8VoduhkKzHd/e2lIw+8CBjObGPJudKKbB6b0gE+09x4=' https://songbird.cardinalcommerce.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ .cardinalcommerce.com .conekta.com .datadoghq.com .browser-intake-datadoghq.com;frame-src 'self' .modirum.com .bancochile.cl .euronet3dsecure.com .fssnet.co.in .nccc.com.tw .commerzbank.de .revolut.com .hdfcbank.com .wlp-acs.com .securesuite.co.uk .asseco-see.hr .ecclients.btrl.ro .secure22gw.ro .americanexpress.com .taipeifubon.com.tw .touch.tech .arcot.com .monext.fr .touchtechpayments.com .bpcbt.com .abanca.com .cardcenter.ch .secure2gw.ro .otpbank.hu .redbanc.cl .rsa3dsauth.com .seglan.com .qnb.com .icicibank.com .placetopay.com .tricard.cl .bci.cl .cimbniaga.com .alignet-acs.com .cic.fr .cardinalcommerce.com .3dsecure-vrp.de .redsys.es .wibmo.com .crqsbiacs.sbi .netsgroup.com .eglobal.com.mx .acssecure.com .capitalone.com .mtbank.by .ccb.com.cn .halykbank.kz .cornercard.ch .mycardsecure.com .cimb.com .rsa3dsauth.co.uk .nexigroup.com .viseca.ch .lloydstsb.com .citibank.co.in .bankserv.co.za .marqeta.com .maybank.com.my .abmb.com.my .capitecbank.co.za .santander.cl .uobgroup.com .alignet.io .dkb.de .bkm.com.tr .n26.com .apata.io .gps.com.bh .shinhancard.com .vietcombank.com.vn .kkb.kz .monzo.com .gpesecure.com .cafis-paynet.jp .verifiedbyvisa.com .ocbc.com .3dsecure.no .santander.com.br .privatbank.ua .cartoes-itau.com.br .samsungcard.com .usaa360.com .securesuite.net .optar.com.ec .mycardplace.com *.secureacs.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 05:28:11 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' *;object-src 'none';script-src 'self' www.googletagmanager.com 'nonce-8VoduhkKzHd/e2lIw+8CBjObGPJudKKbB6b0gE+09x4=' https://songbird.cardinalcommerce.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ *.cardinalcommerce.com *.conekta.com *.datadoghq.com *.browser-intake-datadoghq.com;frame-src 'self' *.modirum.com *.bancochile.cl *.euronet3dsecure.com *.fssnet.co.in *.nccc.com.tw *.commerzbank.de *.revolut.com *.hdfcbank.com *.wlp-acs.com *.securesuite.co.uk *.asseco-see.hr *.ecclients.btrl.ro *.secure22gw.ro *.americanexpress.com *.taipeifubon.com.tw *.touch.tech *.arcot.com *.monext.fr *.touchtechpayments.com *.bpcbt.com *.abanca.com *.cardcenter.ch *.secure2gw.ro *.otpbank.hu *.redbanc.cl *.rsa3dsauth.com *.seglan.com *.qnb.com *.icicibank.com *.placetopay.com *.tricard.cl *.bci.cl *.cimbniaga.com *.alignet-acs.com *.cic.fr *.cardinalcommerce.com *.3dsecure-vrp.de *.redsys.es *.wibmo.com *.crqsbiacs.sbi *.netsgroup.com *.eglobal.com.mx *.acssecure.com *.capitalone.com *.mtbank.by *.ccb.com.cn *.halykbank.kz *.cornercard.ch *.mycardsecure.com *.cimb.com *.rsa3dsauth.co.uk *.nexigroup.com *.viseca.ch *.lloydstsb.com *.citibank.co.in *.bankserv.co.za *.marqeta.com *.maybank.com.my *.abmb.com.my *.capitecbank.co.za *.santander.cl *.uobgroup.com *.alignet.io *.dkb.de *.bkm.com.tr *.n26.com *.apata.io *.gps.com.bh *.shinhancard.com *.vietcombank.com.vn *.kkb.kz *.monzo.com *.gpesecure.com *.cafis-paynet.jp *.verifiedbyvisa.com *.ocbc.com *.3dsecure.no *.santander.com.br *.privatbank.ua *.cartoes-itau.com.br *.samsungcard.com *.usaa360.com *.securesuite.net *.optar.com.ec *.mycardplace.com *.secureacs.com
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
content-length: 38537
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Tue, 06 Jun 2023 19:09:16 GMT
etag: W/"9689-188921d0760"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
x-download-options: noopen
cache-control: public, max-age=300
accept-ranges: bytes

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 230 KB
80 KB 56ms
26ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FE2LZVDP0L

Requested by

Host: pay.conekta.com
URL: https://pay.conekta.com/link/f84ae83130bd4d9c93866781813ff013

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3e83c9946f98bb860bb51c23c2aa714061e5c1808db105548d51958fb6f2bfe2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 05:28:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81798
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 31 Jul 2023 05:28:11 GMT

GET
H2 200 vendor.3871d977.js Show response
pay.conekta.com/static/js/ 230 KB
232 KB 99ms
95ms Script
application/javascript 3.231.180.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.conekta.com/static/js/vendor.3871d977.js

Requested by

Host: pay.conekta.com
URL: https://pay.conekta.com/link/f84ae83130bd4d9c93866781813ff013

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.231.180.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-231-180-42.compute-1.amazonaws.com

Software

Resource Hash

8cbf1614be6ef5c8648b0cc1942b12e75c7c01f1c50b754a2f2474bad0ee2935

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' ;object-src 'none';script-src 'self' www.googletagmanager.com 'nonce-qfOtFCQaGfCjHbqxKJj/wuXhmuiMLYsLIf377eTBaEQ=' https://songbird.cardinalcommerce.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ .cardinalcommerce.com .conekta.com .datadoghq.com .browser-intake-datadoghq.com;frame-src 'self' .modirum.com .bancochile.cl .euronet3dsecure.com .fssnet.co.in .nccc.com.tw .commerzbank.de .revolut.com .hdfcbank.com .wlp-acs.com .securesuite.co.uk .asseco-see.hr .ecclients.btrl.ro .secure22gw.ro .americanexpress.com .taipeifubon.com.tw .touch.tech .arcot.com .monext.fr .touchtechpayments.com .bpcbt.com .abanca.com .cardcenter.ch .secure2gw.ro .otpbank.hu .redbanc.cl .rsa3dsauth.com .seglan.com .qnb.com .icicibank.com .placetopay.com .tricard.cl .bci.cl .cimbniaga.com .alignet-acs.com .cic.fr .cardinalcommerce.com .3dsecure-vrp.de .redsys.es .wibmo.com .crqsbiacs.sbi .netsgroup.com .eglobal.com.mx .acssecure.com .capitalone.com .mtbank.by .ccb.com.cn .halykbank.kz .cornercard.ch .mycardsecure.com .cimb.com .rsa3dsauth.co.uk .nexigroup.com .viseca.ch .lloydstsb.com .citibank.co.in .bankserv.co.za .marqeta.com .maybank.com.my .abmb.com.my .capitecbank.co.za .santander.cl .uobgroup.com .alignet.io .dkb.de .bkm.com.tr .n26.com .apata.io .gps.com.bh .shinhancard.com .vietcombank.com.vn .kkb.kz .monzo.com .gpesecure.com .cafis-paynet.jp .verifiedbyvisa.com .ocbc.com .3dsecure.no .santander.com.br .privatbank.ua .cartoes-itau.com.br .samsungcard.com .usaa360.com .securesuite.net .optar.com.ec .mycardplace.com *.secureacs.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 05:28:11 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' *;object-src 'none';script-src 'self' www.googletagmanager.com 'nonce-qfOtFCQaGfCjHbqxKJj/wuXhmuiMLYsLIf377eTBaEQ=' https://songbird.cardinalcommerce.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ *.cardinalcommerce.com *.conekta.com *.datadoghq.com *.browser-intake-datadoghq.com;frame-src 'self' *.modirum.com *.bancochile.cl *.euronet3dsecure.com *.fssnet.co.in *.nccc.com.tw *.commerzbank.de *.revolut.com *.hdfcbank.com *.wlp-acs.com *.securesuite.co.uk *.asseco-see.hr *.ecclients.btrl.ro *.secure22gw.ro *.americanexpress.com *.taipeifubon.com.tw *.touch.tech *.arcot.com *.monext.fr *.touchtechpayments.com *.bpcbt.com *.abanca.com *.cardcenter.ch *.secure2gw.ro *.otpbank.hu *.redbanc.cl *.rsa3dsauth.com *.seglan.com *.qnb.com *.icicibank.com *.placetopay.com *.tricard.cl *.bci.cl *.cimbniaga.com *.alignet-acs.com *.cic.fr *.cardinalcommerce.com *.3dsecure-vrp.de *.redsys.es *.wibmo.com *.crqsbiacs.sbi *.netsgroup.com *.eglobal.com.mx *.acssecure.com *.capitalone.com *.mtbank.by *.ccb.com.cn *.halykbank.kz *.cornercard.ch *.mycardsecure.com *.cimb.com *.rsa3dsauth.co.uk *.nexigroup.com *.viseca.ch *.lloydstsb.com *.citibank.co.in *.bankserv.co.za *.marqeta.com *.maybank.com.my *.abmb.com.my *.capitecbank.co.za *.santander.cl *.uobgroup.com *.alignet.io *.dkb.de *.bkm.com.tr *.n26.com *.apata.io *.gps.com.bh *.shinhancard.com *.vietcombank.com.vn *.kkb.kz *.monzo.com *.gpesecure.com *.cafis-paynet.jp *.verifiedbyvisa.com *.ocbc.com *.3dsecure.no *.santander.com.br *.privatbank.ua *.cartoes-itau.com.br *.samsungcard.com *.usaa360.com *.securesuite.net *.optar.com.ec *.mycardplace.com *.secureacs.com
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
content-length: 235659
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Tue, 06 Jun 2023 19:09:16 GMT
etag: W/"3988b-188921d0760"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
x-download-options: noopen
cache-control: public, max-age=300
accept-ranges: bytes

GET
H2 200 hosted-checkout.checkout.d995bab3.js Show response
pay.conekta.com/static/js/ 349 KB
352 KB 276ms
272ms Script
application/javascript 3.231.180.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.conekta.com/static/js/hosted-checkout.checkout.d995bab3.js

Requested by

Host: pay.conekta.com
URL: https://pay.conekta.com/link/f84ae83130bd4d9c93866781813ff013

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.231.180.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-231-180-42.compute-1.amazonaws.com

Software

Resource Hash

0621a6ea3b1735e42c6371547396ca94c39931e65cff24a1b2a2bfce11510c3e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' ;object-src 'none';script-src 'self' www.googletagmanager.com 'nonce-fr9jZKh6SKNkH749U4yxOCMEVOBBPS34H2Mwgo9Qks4=' https://songbird.cardinalcommerce.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ .cardinalcommerce.com .conekta.com .datadoghq.com .browser-intake-datadoghq.com;frame-src 'self' .modirum.com .bancochile.cl .euronet3dsecure.com .fssnet.co.in .nccc.com.tw .commerzbank.de .revolut.com .hdfcbank.com .wlp-acs.com .securesuite.co.uk .asseco-see.hr .ecclients.btrl.ro .secure22gw.ro .americanexpress.com .taipeifubon.com.tw .touch.tech .arcot.com .monext.fr .touchtechpayments.com .bpcbt.com .abanca.com .cardcenter.ch .secure2gw.ro .otpbank.hu .redbanc.cl .rsa3dsauth.com .seglan.com .qnb.com .icicibank.com .placetopay.com .tricard.cl .bci.cl .cimbniaga.com .alignet-acs.com .cic.fr .cardinalcommerce.com .3dsecure-vrp.de .redsys.es .wibmo.com .crqsbiacs.sbi .netsgroup.com .eglobal.com.mx .acssecure.com .capitalone.com .mtbank.by .ccb.com.cn .halykbank.kz .cornercard.ch .mycardsecure.com .cimb.com .rsa3dsauth.co.uk .nexigroup.com .viseca.ch .lloydstsb.com .citibank.co.in .bankserv.co.za .marqeta.com .maybank.com.my .abmb.com.my .capitecbank.co.za .santander.cl .uobgroup.com .alignet.io .dkb.de .bkm.com.tr .n26.com .apata.io .gps.com.bh .shinhancard.com .vietcombank.com.vn .kkb.kz .monzo.com .gpesecure.com .cafis-paynet.jp .verifiedbyvisa.com .ocbc.com .3dsecure.no .santander.com.br .privatbank.ua .cartoes-itau.com.br .samsungcard.com .usaa360.com .securesuite.net .optar.com.ec .mycardplace.com *.secureacs.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 05:28:11 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' *;object-src 'none';script-src 'self' www.googletagmanager.com 'nonce-fr9jZKh6SKNkH749U4yxOCMEVOBBPS34H2Mwgo9Qks4=' https://songbird.cardinalcommerce.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ *.cardinalcommerce.com *.conekta.com *.datadoghq.com *.browser-intake-datadoghq.com;frame-src 'self' *.modirum.com *.bancochile.cl *.euronet3dsecure.com *.fssnet.co.in *.nccc.com.tw *.commerzbank.de *.revolut.com *.hdfcbank.com *.wlp-acs.com *.securesuite.co.uk *.asseco-see.hr *.ecclients.btrl.ro *.secure22gw.ro *.americanexpress.com *.taipeifubon.com.tw *.touch.tech *.arcot.com *.monext.fr *.touchtechpayments.com *.bpcbt.com *.abanca.com *.cardcenter.ch *.secure2gw.ro *.otpbank.hu *.redbanc.cl *.rsa3dsauth.com *.seglan.com *.qnb.com *.icicibank.com *.placetopay.com *.tricard.cl *.bci.cl *.cimbniaga.com *.alignet-acs.com *.cic.fr *.cardinalcommerce.com *.3dsecure-vrp.de *.redsys.es *.wibmo.com *.crqsbiacs.sbi *.netsgroup.com *.eglobal.com.mx *.acssecure.com *.capitalone.com *.mtbank.by *.ccb.com.cn *.halykbank.kz *.cornercard.ch *.mycardsecure.com *.cimb.com *.rsa3dsauth.co.uk *.nexigroup.com *.viseca.ch *.lloydstsb.com *.citibank.co.in *.bankserv.co.za *.marqeta.com *.maybank.com.my *.abmb.com.my *.capitecbank.co.za *.santander.cl *.uobgroup.com *.alignet.io *.dkb.de *.bkm.com.tr *.n26.com *.apata.io *.gps.com.bh *.shinhancard.com *.vietcombank.com.vn *.kkb.kz *.monzo.com *.gpesecure.com *.cafis-paynet.jp *.verifiedbyvisa.com *.ocbc.com *.3dsecure.no *.santander.com.br *.privatbank.ua *.cartoes-itau.com.br *.samsungcard.com *.usaa360.com *.securesuite.net *.optar.com.ec *.mycardplace.com *.secureacs.com
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
content-length: 357695
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Tue, 06 Jun 2023 19:09:16 GMT
etag: W/"5753f-188921d0760"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
x-download-options: noopen
cache-control: public, max-age=300
accept-ranges: bytes

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
fonts.gstatic.com/s/materialicons/v103/ 108 KB
109 KB 75ms
10ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v103/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2

Requested by

Host: pay.conekta.com
URL: https://pay.conekta.com/static/css/94.d995bab3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

338ffbe62e90f79cd80fb87c40162013b7fcbc47ef8457e9e998c90177c03bfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://pay.conekta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 01:07:32 GMT
x-content-type-options: nosniff
age: 188439
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110532
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 17:44:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jul 2024 01:07:32 GMT

GET
H2 200 Inter-Bold.woff2
assets.conekta.com/cpanel/statics/assets/fonts/Inter/ 105 KB
105 KB 122ms
32ms Font
binary/octet-stream 2600:9000:26db:4800:17:c5a4:5ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.conekta.com/cpanel/statics/assets/fonts/Inter/Inter-Bold.woff2?v=3.13
Requested by: Host: pay.conekta.com
URL: https://pay.conekta.com/static/css/94.d995bab3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:4800:17:c5a4:5ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f5e9a23c31da569497ae9c233b3a3176b33da9ecd52caa3b45dea57805a0cf8

Request headers

Referer
Origin: https://pay.conekta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: sQyeI.jCkyM51QeyIWH2g50l916emNmt
date: Sun, 30 Jul 2023 14:55:51 GMT
via: 1.1 667b60dd320c04dc9adf041517122fc2.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 52341
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
content-length: 107144
last-modified: Fri, 08 May 2020 22:33:01 GMT
server: AmazonS3
etag: "aed27700d84e327fda56b4a427b03061"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: RE1GIMjy0IITh8Nyyd8xIA20TcmISNoQAmfqmM_l7g88-pGzReHdpA==

GET
H2 200 kJF1BvYX7BgnkSrUwT8OhrdQw4oELdPIeeII9v6oDMzByHX9rA6RzaxHMPdY43zj-jCxv3fzvRNU22ZXGJpEpjC_1v-p_4MrImHCIJIZrDCvHOelbd5zrDAt.woff
fonts.gstatic.com/s/sandbox/materialsymbolsoutlined/v7/ 185 KB
185 KB 101ms
36ms Font
font/woff 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sandbox/materialsymbolsoutlined/v7/kJF1BvYX7BgnkSrUwT8OhrdQw4oELdPIeeII9v6oDMzByHX9rA6RzaxHMPdY43zj-jCxv3fzvRNU22ZXGJpEpjC_1v-p_4MrImHCIJIZrDCvHOelbd5zrDAt.woff

Requested by

Host: pay.conekta.com
URL: https://pay.conekta.com/static/css/94.d995bab3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b236c1802618fabe99d8042cd834122b99527c6f007a203d1ce9b8c64bc2af6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://pay.conekta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 16:42:12 GMT
x-content-type-options: nosniff
age: 132359
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 189012
x-xss-protection: 0
last-modified: Thu, 31 Mar 2022 07:35:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jul 2024 16:42:12 GMT

GET
H2 200 Inter-Regular.woff2
assets.conekta.com/cpanel/statics/assets/fonts/Inter/ 98 KB
99 KB 115ms
24ms Font
binary/octet-stream 2600:9000:26db:4800:17:c5a4:5ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.conekta.com/cpanel/statics/assets/fonts/Inter/Inter-Regular.woff2?v=3.13
Requested by: Host: pay.conekta.com
URL: https://pay.conekta.com/static/css/94.d995bab3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:4800:17:c5a4:5ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 89d406b02758799cff68155930829b69a9fb49c39de3e264de966466d8cc7814

Request headers

Referer
Origin: https://pay.conekta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: wiYHZlVvYK2vbVMWFXUgHjpvzUcgo9QQ
date: Sun, 30 Jul 2023 14:28:35 GMT
via: 1.1 667b60dd320c04dc9adf041517122fc2.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 53977
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
content-length: 100368
last-modified: Fri, 08 May 2020 22:33:08 GMT
server: AmazonS3
etag: "4dd66a113d54a7f9a1ae913049610617"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: h716gHahPL6FiIWwMbRCFDYSiuRHUczLcThchZMISBcKkvJrBabCEQ==

GET
H2 200 Inter-SemiBold.woff2
assets.conekta.com/cpanel/statics/assets/fonts/Inter/ 104 KB
105 KB 140ms
50ms Font
binary/octet-stream 2600:9000:26db:4800:17:c5a4:5ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.conekta.com/cpanel/statics/assets/fonts/Inter/Inter-SemiBold.woff2?v=3.13
Requested by: Host: pay.conekta.com
URL: https://pay.conekta.com/static/css/94.d995bab3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:4800:17:c5a4:5ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c7c3befe28a2fe45fb772f93cc52c828a71ccebc4b9fa5c971db452f712f3e78

Request headers

Referer
Origin: https://pay.conekta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: QL6CRVLCrOfXeDISmJDb8JrNstDwCFRF
date: Mon, 31 Jul 2023 05:28:11 GMT
via: 1.1 667b60dd320c04dc9adf041517122fc2.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 54424
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
content-length: 106916
last-modified: Fri, 08 May 2020 22:33:09 GMT
server: AmazonS3
etag: "dd8a55ef7058cdaeb96ef9fc65344726"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: cyOZrQ9hQiAC67km_edb9McGuIr94qQP_SKQyqZtZ5IfwVjhT_zgMA==

GET
H2 200 self-hosted-checkout-frame Show response
pay.conekta.com/components/ Frame 3A61 33 KB
34 KB 101ms
101ms Document
text/html 3.231.180.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.conekta.com/components/self-hosted-checkout-frame?locale=es

Requested by

Host: pay.conekta.com
URL: https://pay.conekta.com/static/js/hosted-checkout.checkout.d995bab3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.231.180.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-231-180-42.compute-1.amazonaws.com

Software

Resource Hash

cbfaa06f2c69cf7792a94e25215c699a93184e915447b158ab6d454f8f3bf16a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' ;object-src 'none';script-src 'self' www.googletagmanager.com 'nonce-/L/oRJa/suATM1swEUpKGFE5Pci7G0jrmqCVrd/FSZM=' https://songbird.cardinalcommerce.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ .cardinalcommerce.com .conekta.com .datadoghq.com .browser-intake-datadoghq.com;frame-src 'self' .modirum.com .bancochile.cl .euronet3dsecure.com .fssnet.co.in .nccc.com.tw .commerzbank.de .revolut.com .hdfcbank.com .wlp-acs.com .securesuite.co.uk .asseco-see.hr .ecclients.btrl.ro .secure22gw.ro .americanexpress.com .taipeifubon.com.tw .touch.tech .arcot.com .monext.fr .touchtechpayments.com .bpcbt.com .abanca.com .cardcenter.ch .secure2gw.ro .otpbank.hu .redbanc.cl .rsa3dsauth.com .seglan.com .qnb.com .icicibank.com .placetopay.com .tricard.cl .bci.cl .cimbniaga.com .alignet-acs.com .cic.fr .cardinalcommerce.com .3dsecure-vrp.de .redsys.es .wibmo.com .crqsbiacs.sbi .netsgroup.com .eglobal.com.mx .acssecure.com .capitalone.com .mtbank.by .ccb.com.cn .halykbank.kz .cornercard.ch .mycardsecure.com .cimb.com .rsa3dsauth.co.uk .nexigroup.com .viseca.ch .lloydstsb.com .citibank.co.in .bankserv.co.za .marqeta.com .maybank.com.my .abmb.com.my .capitecbank.co.za .santander.cl .uobgroup.com .alignet.io .dkb.de .bkm.com.tr .n26.com .apata.io .gps.com.bh .shinhancard.com .vietcombank.com.vn .kkb.kz .monzo.com .gpesecure.com .cafis-paynet.jp .verifiedbyvisa.com .ocbc.com .3dsecure.no .santander.com.br .privatbank.ua .cartoes-itau.com.br .samsungcard.com .usaa360.com .securesuite.net .optar.com.ec .mycardplace.com *.secureacs.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-language: es
content-length: 33296
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' *;object-src 'none';script-src 'self' www.googletagmanager.com 'nonce-/L/oRJa/suATM1swEUpKGFE5Pci7G0jrmqCVrd/FSZM=' https://songbird.cardinalcommerce.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ *.cardinalcommerce.com *.conekta.com *.datadoghq.com *.browser-intake-datadoghq.com;frame-src 'self' *.modirum.com *.bancochile.cl *.euronet3dsecure.com *.fssnet.co.in *.nccc.com.tw *.commerzbank.de *.revolut.com *.hdfcbank.com *.wlp-acs.com *.securesuite.co.uk *.asseco-see.hr *.ecclients.btrl.ro *.secure22gw.ro *.americanexpress.com *.taipeifubon.com.tw *.touch.tech *.arcot.com *.monext.fr *.touchtechpayments.com *.bpcbt.com *.abanca.com *.cardcenter.ch *.secure2gw.ro *.otpbank.hu *.redbanc.cl *.rsa3dsauth.com *.seglan.com *.qnb.com *.icicibank.com *.placetopay.com *.tricard.cl *.bci.cl *.cimbniaga.com *.alignet-acs.com *.cic.fr *.cardinalcommerce.com *.3dsecure-vrp.de *.redsys.es *.wibmo.com *.crqsbiacs.sbi *.netsgroup.com *.eglobal.com.mx *.acssecure.com *.capitalone.com *.mtbank.by *.ccb.com.cn *.halykbank.kz *.cornercard.ch *.mycardsecure.com *.cimb.com *.rsa3dsauth.co.uk *.nexigroup.com *.viseca.ch *.lloydstsb.com *.citibank.co.in *.bankserv.co.za *.marqeta.com *.maybank.com.my *.abmb.com.my *.capitecbank.co.za *.santander.cl *.uobgroup.com *.alignet.io *.dkb.de *.bkm.com.tr *.n26.com *.apata.io *.gps.com.bh *.shinhancard.com *.vietcombank.com.vn *.kkb.kz *.monzo.com *.gpesecure.com *.cafis-paynet.jp *.verifiedbyvisa.com *.ocbc.com *.3dsecure.no *.santander.com.br *.privatbank.ua *.cartoes-itau.com.br *.samsungcard.com *.usaa360.com *.securesuite.net *.optar.com.ec *.mycardplace.com *.secureacs.com
content-type: text/html; charset=utf-8
date: Mon, 31 Jul 2023 05:28:12 GMT
etag: W/"8210-YxNWB8Hf6+FtfxJBk2Y04Ymozg4"
expect-ct: max-age=0
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 200 993.b2bb25a4.css
pay.conekta.com/static/css/ Frame 3A61 17 KB
19 KB 187ms
185ms Stylesheet
text/css 3.231.180.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.conekta.com/static/css/993.b2bb25a4.css

Requested by

Host: pay.conekta.com
URL: https://pay.conekta.com/components/self-hosted-checkout-frame?locale=es

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.231.180.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-231-180-42.compute-1.amazonaws.com

Software

Resource Hash

4ba432e359247ffd72d8ac78b26e6fdc674c67782ab055f85d8f58cf3a2ab0b9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' ;object-src 'none';script-src 'self' www.googletagmanager.com 'nonce-xR9iUtGY0aK+40PDP0TTsu84xIprzM2FjHQcEMiC9QQ=' https://songbird.cardinalcommerce.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ .cardinalcommerce.com .conekta.com .datadoghq.com .browser-intake-datadoghq.com;frame-src 'self' .modirum.com .bancochile.cl .euronet3dsecure.com .fssnet.co.in .nccc.com.tw .commerzbank.de .revolut.com .hdfcbank.com .wlp-acs.com .securesuite.co.uk .asseco-see.hr .ecclients.btrl.ro .secure22gw.ro .americanexpress.com .taipeifubon.com.tw .touch.tech .arcot.com .monext.fr .touchtechpayments.com .bpcbt.com .abanca.com .cardcenter.ch .secure2gw.ro .otpbank.hu .redbanc.cl .rsa3dsauth.com .seglan.com .qnb.com .icicibank.com .placetopay.com .tricard.cl .bci.cl .cimbniaga.com .alignet-acs.com .cic.fr .cardinalcommerce.com .3dsecure-vrp.de .redsys.es .wibmo.com .crqsbiacs.sbi .netsgroup.com .eglobal.com.mx .acssecure.com .capitalone.com .mtbank.by .ccb.com.cn .halykbank.kz .cornercard.ch .mycardsecure.com .cimb.com .rsa3dsauth.co.uk .nexigroup.com .viseca.ch .lloydstsb.com .citibank.co.in .bankserv.co.za .marqeta.com .maybank.com.my .abmb.com.my .capitecbank.co.za .santander.cl .uobgroup.com .alignet.io .dkb.de .bkm.com.tr .n26.com .apata.io .gps.com.bh .shinhancard.com .vietcombank.com.vn .kkb.kz .monzo.com .gpesecure.com .cafis-paynet.jp .verifiedbyvisa.com .ocbc.com .3dsecure.no .santander.com.br .privatbank.ua .cartoes-itau.com.br .samsungcard.com .usaa360.com .securesuite.net .optar.com.ec .mycardplace.com *.secureacs.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 05:28:12 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' *;object-src 'none';script-src 'self' www.googletagmanager.com 'nonce-xR9iUtGY0aK+40PDP0TTsu84xIprzM2FjHQcEMiC9QQ=' https://songbird.cardinalcommerce.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ *.cardinalcommerce.com *.conekta.com *.datadoghq.com *.browser-intake-datadoghq.com;frame-src 'self' *.modirum.com *.bancochile.cl *.euronet3dsecure.com *.fssnet.co.in *.nccc.com.tw *.commerzbank.de *.revolut.com *.hdfcbank.com *.wlp-acs.com *.securesuite.co.uk *.asseco-see.hr *.ecclients.btrl.ro *.secure22gw.ro *.americanexpress.com *.taipeifubon.com.tw *.touch.tech *.arcot.com *.monext.fr *.touchtechpayments.com *.bpcbt.com *.abanca.com *.cardcenter.ch *.secure2gw.ro *.otpbank.hu *.redbanc.cl *.rsa3dsauth.com *.seglan.com *.qnb.com *.icicibank.com *.placetopay.com *.tricard.cl *.bci.cl *.cimbniaga.com *.alignet-acs.com *.cic.fr *.cardinalcommerce.com *.3dsecure-vrp.de *.redsys.es *.wibmo.com *.crqsbiacs.sbi *.netsgroup.com *.eglobal.com.mx *.acssecure.com *.capitalone.com *.mtbank.by *.ccb.com.cn *.halykbank.kz *.cornercard.ch *.mycardsecure.com *.cimb.com *.rsa3dsauth.co.uk *.nexigroup.com *.viseca.ch *.lloydstsb.com *.citibank.co.in *.bankserv.co.za *.marqeta.com *.maybank.com.my *.abmb.com.my *.capitecbank.co.za *.santander.cl *.uobgroup.com *.alignet.io *.dkb.de *.bkm.com.tr *.n26.com *.apata.io *.gps.com.bh *.shinhancard.com *.vietcombank.com.vn *.kkb.kz *.monzo.com *.gpesecure.com *.cafis-paynet.jp *.verifiedbyvisa.com *.ocbc.com *.3dsecure.no *.santander.com.br *.privatbank.ua *.cartoes-itau.com.br *.samsungcard.com *.usaa360.com *.securesuite.net *.optar.com.ec *.mycardplace.com *.secureacs.com
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
content-length: 17481
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Tue, 06 Jun 2023 19:09:16 GMT
etag: W/"4449-188921d0760"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
x-download-options: noopen
cache-control: public, max-age=300
accept-ranges: bytes

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 3A61 230 KB
80 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FE2LZVDP0L

Requested by

Host: pay.conekta.com
URL: https://pay.conekta.com/components/self-hosted-checkout-frame?locale=es

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7c78829457f0ab12257c0a65167e19d6acfad39997a1b3f4d2d310804ad6d98b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 05:28:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81955
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 31 Jul 2023 05:28:12 GMT

GET
H2 200 conekta-self-hosted-checkout.min.js Show response
pay.conekta.com/v1.0/js/ Frame 3A61 102 KB
104 KB 185ms
184ms Script
application/javascript 3.231.180.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.conekta.com/v1.0/js/conekta-self-hosted-checkout.min.js

Requested by

Host: pay.conekta.com
URL: https://pay.conekta.com/components/self-hosted-checkout-frame?locale=es

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.231.180.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-231-180-42.compute-1.amazonaws.com

Software

Resource Hash

0a3884ca7a5c7f732d5aea0524fe7d03a45774527f500ad29d85ed4f200504f6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' ;object-src 'none';script-src 'self' www.googletagmanager.com 'nonce-KlqNOQXbRJ8zElenxyazYn4hS1RhGhUCJaaFO9HGa/U=' https://songbird.cardinalcommerce.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ .cardinalcommerce.com .conekta.com .datadoghq.com .browser-intake-datadoghq.com;frame-src 'self' .modirum.com .bancochile.cl .euronet3dsecure.com .fssnet.co.in .nccc.com.tw .commerzbank.de .revolut.com .hdfcbank.com .wlp-acs.com .securesuite.co.uk .asseco-see.hr .ecclients.btrl.ro .secure22gw.ro .americanexpress.com .taipeifubon.com.tw .touch.tech .arcot.com .monext.fr .touchtechpayments.com .bpcbt.com .abanca.com .cardcenter.ch .secure2gw.ro .otpbank.hu .redbanc.cl .rsa3dsauth.com .seglan.com .qnb.com .icicibank.com .placetopay.com .tricard.cl .bci.cl .cimbniaga.com .alignet-acs.com .cic.fr .cardinalcommerce.com .3dsecure-vrp.de .redsys.es .wibmo.com .crqsbiacs.sbi .netsgroup.com .eglobal.com.mx .acssecure.com .capitalone.com .mtbank.by .ccb.com.cn .halykbank.kz .cornercard.ch .mycardsecure.com .cimb.com .rsa3dsauth.co.uk .nexigroup.com .viseca.ch .lloydstsb.com .citibank.co.in .bankserv.co.za .marqeta.com .maybank.com.my .abmb.com.my .capitecbank.co.za .santander.cl .uobgroup.com .alignet.io .dkb.de .bkm.com.tr .n26.com .apata.io .gps.com.bh .shinhancard.com .vietcombank.com.vn .kkb.kz .monzo.com .gpesecure.com .cafis-paynet.jp .verifiedbyvisa.com .ocbc.com .3dsecure.no .santander.com.br .privatbank.ua .cartoes-itau.com.br .samsungcard.com .usaa360.com .securesuite.net .optar.com.ec .mycardplace.com *.secureacs.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 05:28:12 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' *;object-src 'none';script-src 'self' www.googletagmanager.com 'nonce-KlqNOQXbRJ8zElenxyazYn4hS1RhGhUCJaaFO9HGa/U=' https://songbird.cardinalcommerce.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ *.cardinalcommerce.com *.conekta.com *.datadoghq.com *.browser-intake-datadoghq.com;frame-src 'self' *.modirum.com *.bancochile.cl *.euronet3dsecure.com *.fssnet.co.in *.nccc.com.tw *.commerzbank.de *.revolut.com *.hdfcbank.com *.wlp-acs.com *.securesuite.co.uk *.asseco-see.hr *.ecclients.btrl.ro *.secure22gw.ro *.americanexpress.com *.taipeifubon.com.tw *.touch.tech *.arcot.com *.monext.fr *.touchtechpayments.com *.bpcbt.com *.abanca.com *.cardcenter.ch *.secure2gw.ro *.otpbank.hu *.redbanc.cl *.rsa3dsauth.com *.seglan.com *.qnb.com *.icicibank.com *.placetopay.com *.tricard.cl *.bci.cl *.cimbniaga.com *.alignet-acs.com *.cic.fr *.cardinalcommerce.com *.3dsecure-vrp.de *.redsys.es *.wibmo.com *.crqsbiacs.sbi *.netsgroup.com *.eglobal.com.mx *.acssecure.com *.capitalone.com *.mtbank.by *.ccb.com.cn *.halykbank.kz *.cornercard.ch *.mycardsecure.com *.cimb.com *.rsa3dsauth.co.uk *.nexigroup.com *.viseca.ch *.lloydstsb.com *.citibank.co.in *.bankserv.co.za *.marqeta.com *.maybank.com.my *.abmb.com.my *.capitecbank.co.za *.santander.cl *.uobgroup.com *.alignet.io *.dkb.de *.bkm.com.tr *.n26.com *.apata.io *.gps.com.bh *.shinhancard.com *.vietcombank.com.vn *.kkb.kz *.monzo.com *.gpesecure.com *.cafis-paynet.jp *.verifiedbyvisa.com *.ocbc.com *.3dsecure.no *.santander.com.br *.privatbank.ua *.cartoes-itau.com.br *.samsungcard.com *.usaa360.com *.securesuite.net *.optar.com.ec *.mycardplace.com *.secureacs.com
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
content-length: 104314
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Tue, 06 Jun 2023 19:09:16 GMT
etag: W/"1977a-188921d0760"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
content-language: es
x-download-options: noopen
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 songbird.js Show response
songbird.cardinalcommerce.com/edge/v1/ Frame 3A61 5 KB
3 KB 75ms
35ms Script
application/javascript 2606:4700::c6d9:fbfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://songbird.cardinalcommerce.com/edge/v1/songbird.js

Requested by

Host: pay.conekta.com
URL: https://pay.conekta.com/components/self-hosted-checkout-frame?locale=es

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2606:4700::c6d9:fbfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee137b22cf3783b2d9e3d4583e4e871fc3e562da74149a0e775a065f4545e59b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 05:28:12 GMT
strict-transport-security: max-age=15552000
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 844
cf-bgj: minify
last-modified: Tue, 01 Mar 2022 19:58:10 GMT
server: cloudflare
etag: W/"0f522ada62dd81:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NEFCOH%2FENrUbbCafCeHoUWPnI2I3zx5oVDx0%2B%2B5b5%2FkKEp0kDOGIVPCEa6DBjNDxHqDSUFu%2B8KFRe8L%2B6DiOW11obsL3sDX5yAC%2FEmNS05OVL8C5RO0QR7uPmfOC%2BOFm991qJBLKiTrPJAMUc6Zk0X7SfVDoPQlDtZpD"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
cf-ray: 7ef36fc64a3603ac-FRA
expires: Mon, 31 Jul 2023 09:28:12 GMT

GET
H2 200 vendor.3871d977.js Show response
pay.conekta.com/static/js/ Frame 3A61 230 KB
232 KB 93ms
93ms Script
application/javascript 3.231.180.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.conekta.com/static/js/vendor.3871d977.js

Requested by

Host: pay.conekta.com
URL: https://pay.conekta.com/components/self-hosted-checkout-frame?locale=es

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.231.180.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-231-180-42.compute-1.amazonaws.com

Software

Resource Hash

8cbf1614be6ef5c8648b0cc1942b12e75c7c01f1c50b754a2f2474bad0ee2935

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' ;object-src 'none';script-src 'self' www.googletagmanager.com 'nonce-K1sU7khQKODv+f4Ks7cv3dGraNoIAMO60L30Lqj6gAc=' https://songbird.cardinalcommerce.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ .cardinalcommerce.com .conekta.com .datadoghq.com .browser-intake-datadoghq.com;frame-src 'self' .modirum.com .bancochile.cl .euronet3dsecure.com .fssnet.co.in .nccc.com.tw .commerzbank.de .revolut.com .hdfcbank.com .wlp-acs.com .securesuite.co.uk .asseco-see.hr .ecclients.btrl.ro .secure22gw.ro .americanexpress.com .taipeifubon.com.tw .touch.tech .arcot.com .monext.fr .touchtechpayments.com .bpcbt.com .abanca.com .cardcenter.ch .secure2gw.ro .otpbank.hu .redbanc.cl .rsa3dsauth.com .seglan.com .qnb.com .icicibank.com .placetopay.com .tricard.cl .bci.cl .cimbniaga.com .alignet-acs.com .cic.fr .cardinalcommerce.com .3dsecure-vrp.de .redsys.es .wibmo.com .crqsbiacs.sbi .netsgroup.com .eglobal.com.mx .acssecure.com .capitalone.com .mtbank.by .ccb.com.cn .halykbank.kz .cornercard.ch .mycardsecure.com .cimb.com .rsa3dsauth.co.uk .nexigroup.com .viseca.ch .lloydstsb.com .citibank.co.in .bankserv.co.za .marqeta.com .maybank.com.my .abmb.com.my .capitecbank.co.za .santander.cl .uobgroup.com .alignet.io .dkb.de .bkm.com.tr .n26.com .apata.io .gps.com.bh .shinhancard.com .vietcombank.com.vn .kkb.kz .monzo.com .gpesecure.com .cafis-paynet.jp .verifiedbyvisa.com .ocbc.com .3dsecure.no .santander.com.br .privatbank.ua .cartoes-itau.com.br .samsungcard.com .usaa360.com .securesuite.net .optar.com.ec .mycardplace.com *.secureacs.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 05:28:12 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' *;object-src 'none';script-src 'self' www.googletagmanager.com 'nonce-K1sU7khQKODv+f4Ks7cv3dGraNoIAMO60L30Lqj6gAc=' https://songbird.cardinalcommerce.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ *.cardinalcommerce.com *.conekta.com *.datadoghq.com *.browser-intake-datadoghq.com;frame-src 'self' *.modirum.com *.bancochile.cl *.euronet3dsecure.com *.fssnet.co.in *.nccc.com.tw *.commerzbank.de *.revolut.com *.hdfcbank.com *.wlp-acs.com *.securesuite.co.uk *.asseco-see.hr *.ecclients.btrl.ro *.secure22gw.ro *.americanexpress.com *.taipeifubon.com.tw *.touch.tech *.arcot.com *.monext.fr *.touchtechpayments.com *.bpcbt.com *.abanca.com *.cardcenter.ch *.secure2gw.ro *.otpbank.hu *.redbanc.cl *.rsa3dsauth.com *.seglan.com *.qnb.com *.icicibank.com *.placetopay.com *.tricard.cl *.bci.cl *.cimbniaga.com *.alignet-acs.com *.cic.fr *.cardinalcommerce.com *.3dsecure-vrp.de *.redsys.es *.wibmo.com *.crqsbiacs.sbi *.netsgroup.com *.eglobal.com.mx *.acssecure.com *.capitalone.com *.mtbank.by *.ccb.com.cn *.halykbank.kz *.cornercard.ch *.mycardsecure.com *.cimb.com *.rsa3dsauth.co.uk *.nexigroup.com *.viseca.ch *.lloydstsb.com *.citibank.co.in *.bankserv.co.za *.marqeta.com *.maybank.com.my *.abmb.com.my *.capitecbank.co.za *.santander.cl *.uobgroup.com *.alignet.io *.dkb.de *.bkm.com.tr *.n26.com *.apata.io *.gps.com.bh *.shinhancard.com *.vietcombank.com.vn *.kkb.kz *.monzo.com *.gpesecure.com *.cafis-paynet.jp *.verifiedbyvisa.com *.ocbc.com *.3dsecure.no *.santander.com.br *.privatbank.ua *.cartoes-itau.com.br *.samsungcard.com *.usaa360.com *.securesuite.net *.optar.com.ec *.mycardplace.com *.secureacs.com
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
content-length: 235659
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Tue, 06 Jun 2023 19:09:16 GMT
etag: W/"3988b-188921d0760"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
x-download-options: noopen
cache-control: public, max-age=300
accept-ranges: bytes

GET
H2 200 frame.self-hosted-checkout.b2bb25a4.js Show response
pay.conekta.com/static/js/ Frame 3A61 153 KB
155 KB 186ms
186ms Script
application/javascript 3.231.180.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.conekta.com/static/js/frame.self-hosted-checkout.b2bb25a4.js

Requested by

Host: pay.conekta.com
URL: https://pay.conekta.com/components/self-hosted-checkout-frame?locale=es

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.231.180.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-231-180-42.compute-1.amazonaws.com

Software

Resource Hash

cebd583704d06fde12de96ee34d4701b9a4ee8d08c58c83bcf97d365952376cd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' ;object-src 'none';script-src 'self' www.googletagmanager.com 'nonce-xCtqRBnuvzYR6bGNrPD6Beh/jXUEYmHXo4Ke4ovewIw=' https://songbird.cardinalcommerce.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ .cardinalcommerce.com .conekta.com .datadoghq.com .browser-intake-datadoghq.com;frame-src 'self' .modirum.com .bancochile.cl .euronet3dsecure.com .fssnet.co.in .nccc.com.tw .commerzbank.de .revolut.com .hdfcbank.com .wlp-acs.com .securesuite.co.uk .asseco-see.hr .ecclients.btrl.ro .secure22gw.ro .americanexpress.com .taipeifubon.com.tw .touch.tech .arcot.com .monext.fr .touchtechpayments.com .bpcbt.com .abanca.com .cardcenter.ch .secure2gw.ro .otpbank.hu .redbanc.cl .rsa3dsauth.com .seglan.com .qnb.com .icicibank.com .placetopay.com .tricard.cl .bci.cl .cimbniaga.com .alignet-acs.com .cic.fr .cardinalcommerce.com .3dsecure-vrp.de .redsys.es .wibmo.com .crqsbiacs.sbi .netsgroup.com .eglobal.com.mx .acssecure.com .capitalone.com .mtbank.by .ccb.com.cn .halykbank.kz .cornercard.ch .mycardsecure.com .cimb.com .rsa3dsauth.co.uk .nexigroup.com .viseca.ch .lloydstsb.com .citibank.co.in .bankserv.co.za .marqeta.com .maybank.com.my .abmb.com.my .capitecbank.co.za .santander.cl .uobgroup.com .alignet.io .dkb.de .bkm.com.tr .n26.com .apata.io .gps.com.bh .shinhancard.com .vietcombank.com.vn .kkb.kz .monzo.com .gpesecure.com .cafis-paynet.jp .verifiedbyvisa.com .ocbc.com .3dsecure.no .santander.com.br .privatbank.ua .cartoes-itau.com.br .samsungcard.com .usaa360.com .securesuite.net .optar.com.ec .mycardplace.com *.secureacs.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 05:28:12 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' *;object-src 'none';script-src 'self' www.googletagmanager.com 'nonce-xCtqRBnuvzYR6bGNrPD6Beh/jXUEYmHXo4Ke4ovewIw=' https://songbird.cardinalcommerce.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ *.cardinalcommerce.com *.conekta.com *.datadoghq.com *.browser-intake-datadoghq.com;frame-src 'self' *.modirum.com *.bancochile.cl *.euronet3dsecure.com *.fssnet.co.in *.nccc.com.tw *.commerzbank.de *.revolut.com *.hdfcbank.com *.wlp-acs.com *.securesuite.co.uk *.asseco-see.hr *.ecclients.btrl.ro *.secure22gw.ro *.americanexpress.com *.taipeifubon.com.tw *.touch.tech *.arcot.com *.monext.fr *.touchtechpayments.com *.bpcbt.com *.abanca.com *.cardcenter.ch *.secure2gw.ro *.otpbank.hu *.redbanc.cl *.rsa3dsauth.com *.seglan.com *.qnb.com *.icicibank.com *.placetopay.com *.tricard.cl *.bci.cl *.cimbniaga.com *.alignet-acs.com *.cic.fr *.cardinalcommerce.com *.3dsecure-vrp.de *.redsys.es *.wibmo.com *.crqsbiacs.sbi *.netsgroup.com *.eglobal.com.mx *.acssecure.com *.capitalone.com *.mtbank.by *.ccb.com.cn *.halykbank.kz *.cornercard.ch *.mycardsecure.com *.cimb.com *.rsa3dsauth.co.uk *.nexigroup.com *.viseca.ch *.lloydstsb.com *.citibank.co.in *.bankserv.co.za *.marqeta.com *.maybank.com.my *.abmb.com.my *.capitecbank.co.za *.santander.cl *.uobgroup.com *.alignet.io *.dkb.de *.bkm.com.tr *.n26.com *.apata.io *.gps.com.bh *.shinhancard.com *.vietcombank.com.vn *.kkb.kz *.monzo.com *.gpesecure.com *.cafis-paynet.jp *.verifiedbyvisa.com *.ocbc.com *.3dsecure.no *.santander.com.br *.privatbank.ua *.cartoes-itau.com.br *.samsungcard.com *.usaa360.com *.securesuite.net *.optar.com.ec *.mycardplace.com *.secureacs.com
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
content-length: 157014
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Tue, 06 Jun 2023 19:09:16 GMT
etag: W/"26556-188921d0760"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
x-download-options: noopen
cache-control: public, max-age=300
accept-ranges: bytes

GET
H2 200 Inter-Regular.woff2
assets.conekta.com/cpanel/statics/assets/fonts/Inter/ Frame 3A61 98 KB
99 KB 8ms
8ms Font
binary/octet-stream 2600:9000:26db:4800:17:c5a4:5ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.conekta.com/cpanel/statics/assets/fonts/Inter/Inter-Regular.woff2?v=3.13
Requested by: Host: pay.conekta.com
URL: https://pay.conekta.com/static/css/993.b2bb25a4.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:4800:17:c5a4:5ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 89d406b02758799cff68155930829b69a9fb49c39de3e264de966466d8cc7814

Request headers

Referer
Origin: https://pay.conekta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: wiYHZlVvYK2vbVMWFXUgHjpvzUcgo9QQ
date: Sun, 30 Jul 2023 14:28:35 GMT
via: 1.1 667b60dd320c04dc9adf041517122fc2.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 53978
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
content-length: 100368
last-modified: Fri, 08 May 2020 22:33:08 GMT
server: AmazonS3
etag: "4dd66a113d54a7f9a1ae913049610617"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: Xd0Ive2ocF3cKBHTT1NRuJgklccmatKRUd5w3-FiMlBItPIMYj3ymQ==

GET
H2 200 1.597f4104d311c33d4189.songbird.js Show response
songbird.cardinalcommerce.com/edge/v1/597f4104d311c33d4189/ Frame 3A61 388 KB
112 KB 58ms
36ms Script
application/javascript 2606:4700::c6d9:fbfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://songbird.cardinalcommerce.com/edge/v1/597f4104d311c33d4189/1.597f4104d311c33d4189.songbird.js

Requested by

Host: songbird.cardinalcommerce.com
URL: https://songbird.cardinalcommerce.com/edge/v1/songbird.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2606:4700::c6d9:fbfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c61f0140fce603b105c57026c9c21a3e799d1223f0b893641e6d735a649bb780

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
Origin: https://pay.conekta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 05:28:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 199825
cf-polished: origSize=397453
cf-bgj: minify
last-modified: Tue, 01 Mar 2022 19:58:10 GMT
server: cloudflare
etag: W/"0f522ada62dd81:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2FgIc6DNcqmuWI3uAvKQZ5IkgYedbah6nMc9pcPBAq0ij2sVVqqwReKk69K7%2FzMoBhH38dm82Rcnk%2Fi2B%2FlsvZCmE4S86Q0IFtuR6bFatYVGk6oOS4t7qoUjbK5VOozQ40Fak2w42rbFqAYgmNakkOQub%2F9CtDp%2B%2FtSv"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=15552000
cf-ray: 7ef36fc7cc903a70-FRA
expires: Sat, 27 Jan 2024 05:28:12 GMT

GET
H2 200 427.2fa7093b.js Show response
pay.conekta.com/static/js/chunks/ Frame 3A61 224 KB
226 KB 115ms
114ms Script
application/javascript 3.231.180.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.conekta.com/static/js/chunks/427.2fa7093b.js

Requested by

Host: pay.conekta.com
URL: https://pay.conekta.com/static/js/frame.self-hosted-checkout.b2bb25a4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.231.180.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-231-180-42.compute-1.amazonaws.com

Software

Resource Hash

e48963ff20c371a8942956315b59bd739789668cc502ff35b97d164f608d351a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' ;object-src 'none';script-src 'self' www.googletagmanager.com 'nonce-7m//qTKRj0jx26TNUESpYsXNzO0HSEGVsERQhtwoZBg=' https://songbird.cardinalcommerce.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ .cardinalcommerce.com .conekta.com .datadoghq.com .browser-intake-datadoghq.com;frame-src 'self' .modirum.com .bancochile.cl .euronet3dsecure.com .fssnet.co.in .nccc.com.tw .commerzbank.de .revolut.com .hdfcbank.com .wlp-acs.com .securesuite.co.uk .asseco-see.hr .ecclients.btrl.ro .secure22gw.ro .americanexpress.com .taipeifubon.com.tw .touch.tech .arcot.com .monext.fr .touchtechpayments.com .bpcbt.com .abanca.com .cardcenter.ch .secure2gw.ro .otpbank.hu .redbanc.cl .rsa3dsauth.com .seglan.com .qnb.com .icicibank.com .placetopay.com .tricard.cl .bci.cl .cimbniaga.com .alignet-acs.com .cic.fr .cardinalcommerce.com .3dsecure-vrp.de .redsys.es .wibmo.com .crqsbiacs.sbi .netsgroup.com .eglobal.com.mx .acssecure.com .capitalone.com .mtbank.by .ccb.com.cn .halykbank.kz .cornercard.ch .mycardsecure.com .cimb.com .rsa3dsauth.co.uk .nexigroup.com .viseca.ch .lloydstsb.com .citibank.co.in .bankserv.co.za .marqeta.com .maybank.com.my .abmb.com.my .capitecbank.co.za .santander.cl .uobgroup.com .alignet.io .dkb.de .bkm.com.tr .n26.com .apata.io .gps.com.bh .shinhancard.com .vietcombank.com.vn .kkb.kz .monzo.com .gpesecure.com .cafis-paynet.jp .verifiedbyvisa.com .ocbc.com .3dsecure.no .santander.com.br .privatbank.ua .cartoes-itau.com.br .samsungcard.com .usaa360.com .securesuite.net .optar.com.ec .mycardplace.com *.secureacs.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 05:28:12 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' *;object-src 'none';script-src 'self' www.googletagmanager.com 'nonce-7m//qTKRj0jx26TNUESpYsXNzO0HSEGVsERQhtwoZBg=' https://songbird.cardinalcommerce.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ *.cardinalcommerce.com *.conekta.com *.datadoghq.com *.browser-intake-datadoghq.com;frame-src 'self' *.modirum.com *.bancochile.cl *.euronet3dsecure.com *.fssnet.co.in *.nccc.com.tw *.commerzbank.de *.revolut.com *.hdfcbank.com *.wlp-acs.com *.securesuite.co.uk *.asseco-see.hr *.ecclients.btrl.ro *.secure22gw.ro *.americanexpress.com *.taipeifubon.com.tw *.touch.tech *.arcot.com *.monext.fr *.touchtechpayments.com *.bpcbt.com *.abanca.com *.cardcenter.ch *.secure2gw.ro *.otpbank.hu *.redbanc.cl *.rsa3dsauth.com *.seglan.com *.qnb.com *.icicibank.com *.placetopay.com *.tricard.cl *.bci.cl *.cimbniaga.com *.alignet-acs.com *.cic.fr *.cardinalcommerce.com *.3dsecure-vrp.de *.redsys.es *.wibmo.com *.crqsbiacs.sbi *.netsgroup.com *.eglobal.com.mx *.acssecure.com *.capitalone.com *.mtbank.by *.ccb.com.cn *.halykbank.kz *.cornercard.ch *.mycardsecure.com *.cimb.com *.rsa3dsauth.co.uk *.nexigroup.com *.viseca.ch *.lloydstsb.com *.citibank.co.in *.bankserv.co.za *.marqeta.com *.maybank.com.my *.abmb.com.my *.capitecbank.co.za *.santander.cl *.uobgroup.com *.alignet.io *.dkb.de *.bkm.com.tr *.n26.com *.apata.io *.gps.com.bh *.shinhancard.com *.vietcombank.com.vn *.kkb.kz *.monzo.com *.gpesecure.com *.cafis-paynet.jp *.verifiedbyvisa.com *.ocbc.com *.3dsecure.no *.santander.com.br *.privatbank.ua *.cartoes-itau.com.br *.samsungcard.com *.usaa360.com *.securesuite.net *.optar.com.ec *.mycardplace.com *.secureacs.com
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
content-length: 229052
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Tue, 06 Jun 2023 19:09:16 GMT
etag: W/"37ebc-188921d0760"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
x-download-options: noopen
cache-control: public, max-age=300
accept-ranges: bytes

GET
H2 200 880.417ca121.js Show response
pay.conekta.com/static/js/chunks/ Frame 3A61 108 KB
109 KB 211ms
210ms Script
application/javascript 3.231.180.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.conekta.com/static/js/chunks/880.417ca121.js

Requested by

Host: pay.conekta.com
URL: https://pay.conekta.com/static/js/frame.self-hosted-checkout.b2bb25a4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.231.180.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-231-180-42.compute-1.amazonaws.com

Software

Resource Hash

2c04360ee1d975cfe366729b8915598bf3e9de65992f9f0dadfb93a721755017

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' ;object-src 'none';script-src 'self' www.googletagmanager.com 'nonce-035sb7KAEywBS+UcV0fJkd4l0nlLbnQlDWN7FVFQm1c=' https://songbird.cardinalcommerce.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ .cardinalcommerce.com .conekta.com .datadoghq.com .browser-intake-datadoghq.com;frame-src 'self' .modirum.com .bancochile.cl .euronet3dsecure.com .fssnet.co.in .nccc.com.tw .commerzbank.de .revolut.com .hdfcbank.com .wlp-acs.com .securesuite.co.uk .asseco-see.hr .ecclients.btrl.ro .secure22gw.ro .americanexpress.com .taipeifubon.com.tw .touch.tech .arcot.com .monext.fr .touchtechpayments.com .bpcbt.com .abanca.com .cardcenter.ch .secure2gw.ro .otpbank.hu .redbanc.cl .rsa3dsauth.com .seglan.com .qnb.com .icicibank.com .placetopay.com .tricard.cl .bci.cl .cimbniaga.com .alignet-acs.com .cic.fr .cardinalcommerce.com .3dsecure-vrp.de .redsys.es .wibmo.com .crqsbiacs.sbi .netsgroup.com .eglobal.com.mx .acssecure.com .capitalone.com .mtbank.by .ccb.com.cn .halykbank.kz .cornercard.ch .mycardsecure.com .cimb.com .rsa3dsauth.co.uk .nexigroup.com .viseca.ch .lloydstsb.com .citibank.co.in .bankserv.co.za .marqeta.com .maybank.com.my .abmb.com.my .capitecbank.co.za .santander.cl .uobgroup.com .alignet.io .dkb.de .bkm.com.tr .n26.com .apata.io .gps.com.bh .shinhancard.com .vietcombank.com.vn .kkb.kz .monzo.com .gpesecure.com .cafis-paynet.jp .verifiedbyvisa.com .ocbc.com .3dsecure.no .santander.com.br .privatbank.ua .cartoes-itau.com.br .samsungcard.com .usaa360.com .securesuite.net .optar.com.ec .mycardplace.com *.secureacs.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 05:28:12 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' *;object-src 'none';script-src 'self' www.googletagmanager.com 'nonce-035sb7KAEywBS+UcV0fJkd4l0nlLbnQlDWN7FVFQm1c=' https://songbird.cardinalcommerce.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ *.cardinalcommerce.com *.conekta.com *.datadoghq.com *.browser-intake-datadoghq.com;frame-src 'self' *.modirum.com *.bancochile.cl *.euronet3dsecure.com *.fssnet.co.in *.nccc.com.tw *.commerzbank.de *.revolut.com *.hdfcbank.com *.wlp-acs.com *.securesuite.co.uk *.asseco-see.hr *.ecclients.btrl.ro *.secure22gw.ro *.americanexpress.com *.taipeifubon.com.tw *.touch.tech *.arcot.com *.monext.fr *.touchtechpayments.com *.bpcbt.com *.abanca.com *.cardcenter.ch *.secure2gw.ro *.otpbank.hu *.redbanc.cl *.rsa3dsauth.com *.seglan.com *.qnb.com *.icicibank.com *.placetopay.com *.tricard.cl *.bci.cl *.cimbniaga.com *.alignet-acs.com *.cic.fr *.cardinalcommerce.com *.3dsecure-vrp.de *.redsys.es *.wibmo.com *.crqsbiacs.sbi *.netsgroup.com *.eglobal.com.mx *.acssecure.com *.capitalone.com *.mtbank.by *.ccb.com.cn *.halykbank.kz *.cornercard.ch *.mycardsecure.com *.cimb.com *.rsa3dsauth.co.uk *.nexigroup.com *.viseca.ch *.lloydstsb.com *.citibank.co.in *.bankserv.co.za *.marqeta.com *.maybank.com.my *.abmb.com.my *.capitecbank.co.za *.santander.cl *.uobgroup.com *.alignet.io *.dkb.de *.bkm.com.tr *.n26.com *.apata.io *.gps.com.bh *.shinhancard.com *.vietcombank.com.vn *.kkb.kz *.monzo.com *.gpesecure.com *.cafis-paynet.jp *.verifiedbyvisa.com *.ocbc.com *.3dsecure.no *.santander.com.br *.privatbank.ua *.cartoes-itau.com.br *.samsungcard.com *.usaa360.com *.securesuite.net *.optar.com.ec *.mycardplace.com *.secureacs.com
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
content-length: 110102
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Tue, 06 Jun 2023 19:09:16 GMT
etag: W/"1ae16-188921d0760"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
x-download-options: noopen
cache-control: public, max-age=300
accept-ranges: bytes

GET
H2 200 908.6c44739a.js Show response
pay.conekta.com/static/js/chunks/ Frame 3A61 56 KB
58 KB 116ms
115ms Script
application/javascript 3.231.180.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.conekta.com/static/js/chunks/908.6c44739a.js

Requested by

Host: pay.conekta.com
URL: https://pay.conekta.com/static/js/frame.self-hosted-checkout.b2bb25a4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.231.180.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-231-180-42.compute-1.amazonaws.com

Software

Resource Hash

b33c8b83d0ddbba6aae081fd40424d87fe8ac708313bbe4e9bf2bb38c24a2d79

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' ;object-src 'none';script-src 'self' www.googletagmanager.com 'nonce-hzufM4UjgWlm9yYH5Y2CCbddOC9UId8cryKpl6FzWZg=' https://songbird.cardinalcommerce.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ .cardinalcommerce.com .conekta.com .datadoghq.com .browser-intake-datadoghq.com;frame-src 'self' .modirum.com .bancochile.cl .euronet3dsecure.com .fssnet.co.in .nccc.com.tw .commerzbank.de .revolut.com .hdfcbank.com .wlp-acs.com .securesuite.co.uk .asseco-see.hr .ecclients.btrl.ro .secure22gw.ro .americanexpress.com .taipeifubon.com.tw .touch.tech .arcot.com .monext.fr .touchtechpayments.com .bpcbt.com .abanca.com .cardcenter.ch .secure2gw.ro .otpbank.hu .redbanc.cl .rsa3dsauth.com .seglan.com .qnb.com .icicibank.com .placetopay.com .tricard.cl .bci.cl .cimbniaga.com .alignet-acs.com .cic.fr .cardinalcommerce.com .3dsecure-vrp.de .redsys.es .wibmo.com .crqsbiacs.sbi .netsgroup.com .eglobal.com.mx .acssecure.com .capitalone.com .mtbank.by .ccb.com.cn .halykbank.kz .cornercard.ch .mycardsecure.com .cimb.com .rsa3dsauth.co.uk .nexigroup.com .viseca.ch .lloydstsb.com .citibank.co.in .bankserv.co.za .marqeta.com .maybank.com.my .abmb.com.my .capitecbank.co.za .santander.cl .uobgroup.com .alignet.io .dkb.de .bkm.com.tr .n26.com .apata.io .gps.com.bh .shinhancard.com .vietcombank.com.vn .kkb.kz .monzo.com .gpesecure.com .cafis-paynet.jp .verifiedbyvisa.com .ocbc.com .3dsecure.no .santander.com.br .privatbank.ua .cartoes-itau.com.br .samsungcard.com .usaa360.com .securesuite.net .optar.com.ec .mycardplace.com *.secureacs.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 05:28:12 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' *;object-src 'none';script-src 'self' www.googletagmanager.com 'nonce-hzufM4UjgWlm9yYH5Y2CCbddOC9UId8cryKpl6FzWZg=' https://songbird.cardinalcommerce.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ *.cardinalcommerce.com *.conekta.com *.datadoghq.com *.browser-intake-datadoghq.com;frame-src 'self' *.modirum.com *.bancochile.cl *.euronet3dsecure.com *.fssnet.co.in *.nccc.com.tw *.commerzbank.de *.revolut.com *.hdfcbank.com *.wlp-acs.com *.securesuite.co.uk *.asseco-see.hr *.ecclients.btrl.ro *.secure22gw.ro *.americanexpress.com *.taipeifubon.com.tw *.touch.tech *.arcot.com *.monext.fr *.touchtechpayments.com *.bpcbt.com *.abanca.com *.cardcenter.ch *.secure2gw.ro *.otpbank.hu *.redbanc.cl *.rsa3dsauth.com *.seglan.com *.qnb.com *.icicibank.com *.placetopay.com *.tricard.cl *.bci.cl *.cimbniaga.com *.alignet-acs.com *.cic.fr *.cardinalcommerce.com *.3dsecure-vrp.de *.redsys.es *.wibmo.com *.crqsbiacs.sbi *.netsgroup.com *.eglobal.com.mx *.acssecure.com *.capitalone.com *.mtbank.by *.ccb.com.cn *.halykbank.kz *.cornercard.ch *.mycardsecure.com *.cimb.com *.rsa3dsauth.co.uk *.nexigroup.com *.viseca.ch *.lloydstsb.com *.citibank.co.in *.bankserv.co.za *.marqeta.com *.maybank.com.my *.abmb.com.my *.capitecbank.co.za *.santander.cl *.uobgroup.com *.alignet.io *.dkb.de *.bkm.com.tr *.n26.com *.apata.io *.gps.com.bh *.shinhancard.com *.vietcombank.com.vn *.kkb.kz *.monzo.com *.gpesecure.com *.cafis-paynet.jp *.verifiedbyvisa.com *.ocbc.com *.3dsecure.no *.santander.com.br *.privatbank.ua *.cartoes-itau.com.br *.samsungcard.com *.usaa360.com *.securesuite.net *.optar.com.ec *.mycardplace.com *.secureacs.com
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
content-length: 57050
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Tue, 06 Jun 2023 19:09:16 GMT
etag: W/"deda-188921d0760"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
x-download-options: noopen
cache-control: public, max-age=300
accept-ranges: bytes

GET
H2 200 956.a70730a8.js Show response
pay.conekta.com/static/js/chunks/ Frame 3A61 29 KB
31 KB 207ms
206ms Script
application/javascript 3.231.180.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.conekta.com/static/js/chunks/956.a70730a8.js

Requested by

Host: pay.conekta.com
URL: https://pay.conekta.com/static/js/frame.self-hosted-checkout.b2bb25a4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.231.180.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-231-180-42.compute-1.amazonaws.com

Software

Resource Hash

2e2a638b5f407344059c868ff7e4ab55e684082ca09032ae073ff73e52ecbad7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' ;object-src 'none';script-src 'self' www.googletagmanager.com 'nonce-0qoi7NPI3geqkdPKSM7vHJmMzlgavXKk3xDopFgEzWU=' https://songbird.cardinalcommerce.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ .cardinalcommerce.com .conekta.com .datadoghq.com .browser-intake-datadoghq.com;frame-src 'self' .modirum.com .bancochile.cl .euronet3dsecure.com .fssnet.co.in .nccc.com.tw .commerzbank.de .revolut.com .hdfcbank.com .wlp-acs.com .securesuite.co.uk .asseco-see.hr .ecclients.btrl.ro .secure22gw.ro .americanexpress.com .taipeifubon.com.tw .touch.tech .arcot.com .monext.fr .touchtechpayments.com .bpcbt.com .abanca.com .cardcenter.ch .secure2gw.ro .otpbank.hu .redbanc.cl .rsa3dsauth.com .seglan.com .qnb.com .icicibank.com .placetopay.com .tricard.cl .bci.cl .cimbniaga.com .alignet-acs.com .cic.fr .cardinalcommerce.com .3dsecure-vrp.de .redsys.es .wibmo.com .crqsbiacs.sbi .netsgroup.com .eglobal.com.mx .acssecure.com .capitalone.com .mtbank.by .ccb.com.cn .halykbank.kz .cornercard.ch .mycardsecure.com .cimb.com .rsa3dsauth.co.uk .nexigroup.com .viseca.ch .lloydstsb.com .citibank.co.in .bankserv.co.za .marqeta.com .maybank.com.my .abmb.com.my .capitecbank.co.za .santander.cl .uobgroup.com .alignet.io .dkb.de .bkm.com.tr .n26.com .apata.io .gps.com.bh .shinhancard.com .vietcombank.com.vn .kkb.kz .monzo.com .gpesecure.com .cafis-paynet.jp .verifiedbyvisa.com .ocbc.com .3dsecure.no .santander.com.br .privatbank.ua .cartoes-itau.com.br .samsungcard.com .usaa360.com .securesuite.net .optar.com.ec .mycardplace.com *.secureacs.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 05:28:12 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' *;object-src 'none';script-src 'self' www.googletagmanager.com 'nonce-0qoi7NPI3geqkdPKSM7vHJmMzlgavXKk3xDopFgEzWU=' https://songbird.cardinalcommerce.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ *.cardinalcommerce.com *.conekta.com *.datadoghq.com *.browser-intake-datadoghq.com;frame-src 'self' *.modirum.com *.bancochile.cl *.euronet3dsecure.com *.fssnet.co.in *.nccc.com.tw *.commerzbank.de *.revolut.com *.hdfcbank.com *.wlp-acs.com *.securesuite.co.uk *.asseco-see.hr *.ecclients.btrl.ro *.secure22gw.ro *.americanexpress.com *.taipeifubon.com.tw *.touch.tech *.arcot.com *.monext.fr *.touchtechpayments.com *.bpcbt.com *.abanca.com *.cardcenter.ch *.secure2gw.ro *.otpbank.hu *.redbanc.cl *.rsa3dsauth.com *.seglan.com *.qnb.com *.icicibank.com *.placetopay.com *.tricard.cl *.bci.cl *.cimbniaga.com *.alignet-acs.com *.cic.fr *.cardinalcommerce.com *.3dsecure-vrp.de *.redsys.es *.wibmo.com *.crqsbiacs.sbi *.netsgroup.com *.eglobal.com.mx *.acssecure.com *.capitalone.com *.mtbank.by *.ccb.com.cn *.halykbank.kz *.cornercard.ch *.mycardsecure.com *.cimb.com *.rsa3dsauth.co.uk *.nexigroup.com *.viseca.ch *.lloydstsb.com *.citibank.co.in *.bankserv.co.za *.marqeta.com *.maybank.com.my *.abmb.com.my *.capitecbank.co.za *.santander.cl *.uobgroup.com *.alignet.io *.dkb.de *.bkm.com.tr *.n26.com *.apata.io *.gps.com.bh *.shinhancard.com *.vietcombank.com.vn *.kkb.kz *.monzo.com *.gpesecure.com *.cafis-paynet.jp *.verifiedbyvisa.com *.ocbc.com *.3dsecure.no *.santander.com.br *.privatbank.ua *.cartoes-itau.com.br *.samsungcard.com *.usaa360.com *.securesuite.net *.optar.com.ec *.mycardplace.com *.secureacs.com
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
content-length: 29587
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Tue, 06 Jun 2023 19:09:16 GMT
etag: W/"7393-188921d0760"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
x-download-options: noopen
cache-control: public, max-age=300
accept-ranges: bytes

GET
H2 200 23.c47d8f4d.css
pay.conekta.com/static/css/ Frame 3A61 18 KB
20 KB 114ms
113ms Stylesheet
text/css 3.231.180.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.conekta.com/static/css/23.c47d8f4d.css

Requested by

Host: pay.conekta.com
URL: https://pay.conekta.com/static/js/frame.self-hosted-checkout.b2bb25a4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.231.180.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-231-180-42.compute-1.amazonaws.com

Software

Resource Hash

8860ad99095794e9af472e994230b1d10685f6b613b8c2d39525fc8893f936f3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' ;object-src 'none';script-src 'self' www.googletagmanager.com 'nonce-EOC8xuSkqhXPo1WhA83mz/ugGxZea3RXUnGh9S0HfQQ=' https://songbird.cardinalcommerce.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ .cardinalcommerce.com .conekta.com .datadoghq.com .browser-intake-datadoghq.com;frame-src 'self' .modirum.com .bancochile.cl .euronet3dsecure.com .fssnet.co.in .nccc.com.tw .commerzbank.de .revolut.com .hdfcbank.com .wlp-acs.com .securesuite.co.uk .asseco-see.hr .ecclients.btrl.ro .secure22gw.ro .americanexpress.com .taipeifubon.com.tw .touch.tech .arcot.com .monext.fr .touchtechpayments.com .bpcbt.com .abanca.com .cardcenter.ch .secure2gw.ro .otpbank.hu .redbanc.cl .rsa3dsauth.com .seglan.com .qnb.com .icicibank.com .placetopay.com .tricard.cl .bci.cl .cimbniaga.com .alignet-acs.com .cic.fr .cardinalcommerce.com .3dsecure-vrp.de .redsys.es .wibmo.com .crqsbiacs.sbi .netsgroup.com .eglobal.com.mx .acssecure.com .capitalone.com .mtbank.by .ccb.com.cn .halykbank.kz .cornercard.ch .mycardsecure.com .cimb.com .rsa3dsauth.co.uk .nexigroup.com .viseca.ch .lloydstsb.com .citibank.co.in .bankserv.co.za .marqeta.com .maybank.com.my .abmb.com.my .capitecbank.co.za .santander.cl .uobgroup.com .alignet.io .dkb.de .bkm.com.tr .n26.com .apata.io .gps.com.bh .shinhancard.com .vietcombank.com.vn .kkb.kz .monzo.com .gpesecure.com .cafis-paynet.jp .verifiedbyvisa.com .ocbc.com .3dsecure.no .santander.com.br .privatbank.ua .cartoes-itau.com.br .samsungcard.com .usaa360.com .securesuite.net .optar.com.ec .mycardplace.com *.secureacs.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 05:28:12 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' *;object-src 'none';script-src 'self' www.googletagmanager.com 'nonce-EOC8xuSkqhXPo1WhA83mz/ugGxZea3RXUnGh9S0HfQQ=' https://songbird.cardinalcommerce.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ *.cardinalcommerce.com *.conekta.com *.datadoghq.com *.browser-intake-datadoghq.com;frame-src 'self' *.modirum.com *.bancochile.cl *.euronet3dsecure.com *.fssnet.co.in *.nccc.com.tw *.commerzbank.de *.revolut.com *.hdfcbank.com *.wlp-acs.com *.securesuite.co.uk *.asseco-see.hr *.ecclients.btrl.ro *.secure22gw.ro *.americanexpress.com *.taipeifubon.com.tw *.touch.tech *.arcot.com *.monext.fr *.touchtechpayments.com *.bpcbt.com *.abanca.com *.cardcenter.ch *.secure2gw.ro *.otpbank.hu *.redbanc.cl *.rsa3dsauth.com *.seglan.com *.qnb.com *.icicibank.com *.placetopay.com *.tricard.cl *.bci.cl *.cimbniaga.com *.alignet-acs.com *.cic.fr *.cardinalcommerce.com *.3dsecure-vrp.de *.redsys.es *.wibmo.com *.crqsbiacs.sbi *.netsgroup.com *.eglobal.com.mx *.acssecure.com *.capitalone.com *.mtbank.by *.ccb.com.cn *.halykbank.kz *.cornercard.ch *.mycardsecure.com *.cimb.com *.rsa3dsauth.co.uk *.nexigroup.com *.viseca.ch *.lloydstsb.com *.citibank.co.in *.bankserv.co.za *.marqeta.com *.maybank.com.my *.abmb.com.my *.capitecbank.co.za *.santander.cl *.uobgroup.com *.alignet.io *.dkb.de *.bkm.com.tr *.n26.com *.apata.io *.gps.com.bh *.shinhancard.com *.vietcombank.com.vn *.kkb.kz *.monzo.com *.gpesecure.com *.cafis-paynet.jp *.verifiedbyvisa.com *.ocbc.com *.3dsecure.no *.santander.com.br *.privatbank.ua *.cartoes-itau.com.br *.samsungcard.com *.usaa360.com *.securesuite.net *.optar.com.ec *.mycardplace.com *.secureacs.com
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
content-length: 18323
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Tue, 06 Jun 2023 19:09:16 GMT
etag: W/"4793-188921d0760"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
x-download-options: noopen
cache-control: public, max-age=300
accept-ranges: bytes

GET
H2 200 23.c47d8f4d.js Show response
pay.conekta.com/static/js/chunks/ Frame 3A61 24 KB
26 KB 211ms
210ms Script
application/javascript 3.231.180.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.conekta.com/static/js/chunks/23.c47d8f4d.js

Requested by

Host: pay.conekta.com
URL: https://pay.conekta.com/static/js/frame.self-hosted-checkout.b2bb25a4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.231.180.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-231-180-42.compute-1.amazonaws.com

Software

Resource Hash

82d7c568fd26fe065586525d5d9f90fe76a63e479c75c01e44ec00012bb5e286

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' ;object-src 'none';script-src 'self' www.googletagmanager.com 'nonce-25kI70NLZWJX/wVI+vhqXsi7BpiO9TTcw9OQrKQ6V1M=' https://songbird.cardinalcommerce.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ .cardinalcommerce.com .conekta.com .datadoghq.com .browser-intake-datadoghq.com;frame-src 'self' .modirum.com .bancochile.cl .euronet3dsecure.com .fssnet.co.in .nccc.com.tw .commerzbank.de .revolut.com .hdfcbank.com .wlp-acs.com .securesuite.co.uk .asseco-see.hr .ecclients.btrl.ro .secure22gw.ro .americanexpress.com .taipeifubon.com.tw .touch.tech .arcot.com .monext.fr .touchtechpayments.com .bpcbt.com .abanca.com .cardcenter.ch .secure2gw.ro .otpbank.hu .redbanc.cl .rsa3dsauth.com .seglan.com .qnb.com .icicibank.com .placetopay.com .tricard.cl .bci.cl .cimbniaga.com .alignet-acs.com .cic.fr .cardinalcommerce.com .3dsecure-vrp.de .redsys.es .wibmo.com .crqsbiacs.sbi .netsgroup.com .eglobal.com.mx .acssecure.com .capitalone.com .mtbank.by .ccb.com.cn .halykbank.kz .cornercard.ch .mycardsecure.com .cimb.com .rsa3dsauth.co.uk .nexigroup.com .viseca.ch .lloydstsb.com .citibank.co.in .bankserv.co.za .marqeta.com .maybank.com.my .abmb.com.my .capitecbank.co.za .santander.cl .uobgroup.com .alignet.io .dkb.de .bkm.com.tr .n26.com .apata.io .gps.com.bh .shinhancard.com .vietcombank.com.vn .kkb.kz .monzo.com .gpesecure.com .cafis-paynet.jp .verifiedbyvisa.com .ocbc.com .3dsecure.no .santander.com.br .privatbank.ua .cartoes-itau.com.br .samsungcard.com .usaa360.com .securesuite.net .optar.com.ec .mycardplace.com *.secureacs.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 05:28:12 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' *;object-src 'none';script-src 'self' www.googletagmanager.com 'nonce-25kI70NLZWJX/wVI+vhqXsi7BpiO9TTcw9OQrKQ6V1M=' https://songbird.cardinalcommerce.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ *.cardinalcommerce.com *.conekta.com *.datadoghq.com *.browser-intake-datadoghq.com;frame-src 'self' *.modirum.com *.bancochile.cl *.euronet3dsecure.com *.fssnet.co.in *.nccc.com.tw *.commerzbank.de *.revolut.com *.hdfcbank.com *.wlp-acs.com *.securesuite.co.uk *.asseco-see.hr *.ecclients.btrl.ro *.secure22gw.ro *.americanexpress.com *.taipeifubon.com.tw *.touch.tech *.arcot.com *.monext.fr *.touchtechpayments.com *.bpcbt.com *.abanca.com *.cardcenter.ch *.secure2gw.ro *.otpbank.hu *.redbanc.cl *.rsa3dsauth.com *.seglan.com *.qnb.com *.icicibank.com *.placetopay.com *.tricard.cl *.bci.cl *.cimbniaga.com *.alignet-acs.com *.cic.fr *.cardinalcommerce.com *.3dsecure-vrp.de *.redsys.es *.wibmo.com *.crqsbiacs.sbi *.netsgroup.com *.eglobal.com.mx *.acssecure.com *.capitalone.com *.mtbank.by *.ccb.com.cn *.halykbank.kz *.cornercard.ch *.mycardsecure.com *.cimb.com *.rsa3dsauth.co.uk *.nexigroup.com *.viseca.ch *.lloydstsb.com *.citibank.co.in *.bankserv.co.za *.marqeta.com *.maybank.com.my *.abmb.com.my *.capitecbank.co.za *.santander.cl *.uobgroup.com *.alignet.io *.dkb.de *.bkm.com.tr *.n26.com *.apata.io *.gps.com.bh *.shinhancard.com *.vietcombank.com.vn *.kkb.kz *.monzo.com *.gpesecure.com *.cafis-paynet.jp *.verifiedbyvisa.com *.ocbc.com *.3dsecure.no *.santander.com.br *.privatbank.ua *.cartoes-itau.com.br *.samsungcard.com *.usaa360.com *.securesuite.net *.optar.com.ec *.mycardplace.com *.secureacs.com
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
content-length: 24415
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Tue, 06 Jun 2023 19:09:16 GMT
etag: W/"5f5f-188921d0760"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
x-download-options: noopen
cache-control: public, max-age=300
accept-ranges: bytes

GET
H2 200 f84ae831-30bd-4d9c-9386-6781813ff013 Show response
pay.conekta.com/api/checkout/ Frame 3A61 1 KB
3 KB 153ms
153ms Fetch
application/json 3.231.180.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.conekta.com/api/checkout/f84ae831-30bd-4d9c-9386-6781813ff013

Requested by

Host: pay.conekta.com
URL: https://pay.conekta.com/static/js/frame.self-hosted-checkout.b2bb25a4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.231.180.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-231-180-42.compute-1.amazonaws.com

Software

Resource Hash

ba34fe871ae9c6cdce3f71ad4c3fd4b4e9daa4438eaba12683259bd68b6c7390

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' ;object-src 'none';script-src 'self' www.googletagmanager.com 'nonce-Gzoh9XC6gePGTYhRdSAqP+ALXqQrELAbDcxOC5MSV6E=' https://songbird.cardinalcommerce.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ .cardinalcommerce.com .conekta.com .datadoghq.com .browser-intake-datadoghq.com;frame-src 'self' .modirum.com .bancochile.cl .euronet3dsecure.com .fssnet.co.in .nccc.com.tw .commerzbank.de .revolut.com .hdfcbank.com .wlp-acs.com .securesuite.co.uk .asseco-see.hr .ecclients.btrl.ro .secure22gw.ro .americanexpress.com .taipeifubon.com.tw .touch.tech .arcot.com .monext.fr .touchtechpayments.com .bpcbt.com .abanca.com .cardcenter.ch .secure2gw.ro .otpbank.hu .redbanc.cl .rsa3dsauth.com .seglan.com .qnb.com .icicibank.com .placetopay.com .tricard.cl .bci.cl .cimbniaga.com .alignet-acs.com .cic.fr .cardinalcommerce.com .3dsecure-vrp.de .redsys.es .wibmo.com .crqsbiacs.sbi .netsgroup.com .eglobal.com.mx .acssecure.com .capitalone.com .mtbank.by .ccb.com.cn .halykbank.kz .cornercard.ch .mycardsecure.com .cimb.com .rsa3dsauth.co.uk .nexigroup.com .viseca.ch .lloydstsb.com .citibank.co.in .bankserv.co.za .marqeta.com .maybank.com.my .abmb.com.my .capitecbank.co.za .santander.cl .uobgroup.com .alignet.io .dkb.de .bkm.com.tr .n26.com .apata.io .gps.com.bh .shinhancard.com .vietcombank.com.vn .kkb.kz .monzo.com .gpesecure.com .cafis-paynet.jp .verifiedbyvisa.com .ocbc.com .3dsecure.no .santander.com.br .privatbank.ua .cartoes-itau.com.br .samsungcard.com .usaa360.com .securesuite.net .optar.com.ec .mycardplace.com *.secureacs.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
x-source: payment-link
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 31 Jul 2023 05:28:13 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' *;object-src 'none';script-src 'self' www.googletagmanager.com 'nonce-Gzoh9XC6gePGTYhRdSAqP+ALXqQrELAbDcxOC5MSV6E=' https://songbird.cardinalcommerce.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ *.cardinalcommerce.com *.conekta.com *.datadoghq.com *.browser-intake-datadoghq.com;frame-src 'self' *.modirum.com *.bancochile.cl *.euronet3dsecure.com *.fssnet.co.in *.nccc.com.tw *.commerzbank.de *.revolut.com *.hdfcbank.com *.wlp-acs.com *.securesuite.co.uk *.asseco-see.hr *.ecclients.btrl.ro *.secure22gw.ro *.americanexpress.com *.taipeifubon.com.tw *.touch.tech *.arcot.com *.monext.fr *.touchtechpayments.com *.bpcbt.com *.abanca.com *.cardcenter.ch *.secure2gw.ro *.otpbank.hu *.redbanc.cl *.rsa3dsauth.com *.seglan.com *.qnb.com *.icicibank.com *.placetopay.com *.tricard.cl *.bci.cl *.cimbniaga.com *.alignet-acs.com *.cic.fr *.cardinalcommerce.com *.3dsecure-vrp.de *.redsys.es *.wibmo.com *.crqsbiacs.sbi *.netsgroup.com *.eglobal.com.mx *.acssecure.com *.capitalone.com *.mtbank.by *.ccb.com.cn *.halykbank.kz *.cornercard.ch *.mycardsecure.com *.cimb.com *.rsa3dsauth.co.uk *.nexigroup.com *.viseca.ch *.lloydstsb.com *.citibank.co.in *.bankserv.co.za *.marqeta.com *.maybank.com.my *.abmb.com.my *.capitecbank.co.za *.santander.cl *.uobgroup.com *.alignet.io *.dkb.de *.bkm.com.tr *.n26.com *.apata.io *.gps.com.bh *.shinhancard.com *.vietcombank.com.vn *.kkb.kz *.monzo.com *.gpesecure.com *.cafis-paynet.jp *.verifiedbyvisa.com *.ocbc.com *.3dsecure.no *.santander.com.br *.privatbank.ua *.cartoes-itau.com.br *.samsungcard.com *.usaa360.com *.securesuite.net *.optar.com.ec *.mycardplace.com *.secureacs.com
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
content-length: 1483
x-xss-protection: 0
referrer-policy: no-referrer
etag: W/"5cb-ZgOwINaaCCEuHxUJZVWTs44nxwk"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
content-language: es
access-control-allow-origin: *
x-download-options: noopen
access-control-allow-headers: Content-Type, Authorization

GET
H2 200 08d54490-92a4-4196-b232-320e311f13c7 Show response
pay.conekta.com/api/entity/ Frame 3A61 265 B
2 KB 119ms
119ms Fetch
application/json 3.231.180.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.conekta.com/api/entity/08d54490-92a4-4196-b232-320e311f13c7

Requested by

Host: pay.conekta.com
URL: https://pay.conekta.com/static/js/frame.self-hosted-checkout.b2bb25a4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.231.180.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-231-180-42.compute-1.amazonaws.com

Software

Resource Hash

b061cd7741afb7a16c718c63c0638c8718aba2d3f71edb420d0aa8453ab7fcc1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' ;object-src 'none';script-src 'self' www.googletagmanager.com 'nonce-4eHxrbBaxnIuPhdqEW19U98KypvKAyltwTQNywUFZMI=' https://songbird.cardinalcommerce.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ .cardinalcommerce.com .conekta.com .datadoghq.com .browser-intake-datadoghq.com;frame-src 'self' .modirum.com .bancochile.cl .euronet3dsecure.com .fssnet.co.in .nccc.com.tw .commerzbank.de .revolut.com .hdfcbank.com .wlp-acs.com .securesuite.co.uk .asseco-see.hr .ecclients.btrl.ro .secure22gw.ro .americanexpress.com .taipeifubon.com.tw .touch.tech .arcot.com .monext.fr .touchtechpayments.com .bpcbt.com .abanca.com .cardcenter.ch .secure2gw.ro .otpbank.hu .redbanc.cl .rsa3dsauth.com .seglan.com .qnb.com .icicibank.com .placetopay.com .tricard.cl .bci.cl .cimbniaga.com .alignet-acs.com .cic.fr .cardinalcommerce.com .3dsecure-vrp.de .redsys.es .wibmo.com .crqsbiacs.sbi .netsgroup.com .eglobal.com.mx .acssecure.com .capitalone.com .mtbank.by .ccb.com.cn .halykbank.kz .cornercard.ch .mycardsecure.com .cimb.com .rsa3dsauth.co.uk .nexigroup.com .viseca.ch .lloydstsb.com .citibank.co.in .bankserv.co.za .marqeta.com .maybank.com.my .abmb.com.my .capitecbank.co.za .santander.cl .uobgroup.com .alignet.io .dkb.de .bkm.com.tr .n26.com .apata.io .gps.com.bh .shinhancard.com .vietcombank.com.vn .kkb.kz .monzo.com .gpesecure.com .cafis-paynet.jp .verifiedbyvisa.com .ocbc.com .3dsecure.no .santander.com.br .privatbank.ua .cartoes-itau.com.br .samsungcard.com .usaa360.com .securesuite.net .optar.com.ec .mycardplace.com *.secureacs.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
x-source: payment-link
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 31 Jul 2023 05:28:13 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' *;object-src 'none';script-src 'self' www.googletagmanager.com 'nonce-4eHxrbBaxnIuPhdqEW19U98KypvKAyltwTQNywUFZMI=' https://songbird.cardinalcommerce.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ *.cardinalcommerce.com *.conekta.com *.datadoghq.com *.browser-intake-datadoghq.com;frame-src 'self' *.modirum.com *.bancochile.cl *.euronet3dsecure.com *.fssnet.co.in *.nccc.com.tw *.commerzbank.de *.revolut.com *.hdfcbank.com *.wlp-acs.com *.securesuite.co.uk *.asseco-see.hr *.ecclients.btrl.ro *.secure22gw.ro *.americanexpress.com *.taipeifubon.com.tw *.touch.tech *.arcot.com *.monext.fr *.touchtechpayments.com *.bpcbt.com *.abanca.com *.cardcenter.ch *.secure2gw.ro *.otpbank.hu *.redbanc.cl *.rsa3dsauth.com *.seglan.com *.qnb.com *.icicibank.com *.placetopay.com *.tricard.cl *.bci.cl *.cimbniaga.com *.alignet-acs.com *.cic.fr *.cardinalcommerce.com *.3dsecure-vrp.de *.redsys.es *.wibmo.com *.crqsbiacs.sbi *.netsgroup.com *.eglobal.com.mx *.acssecure.com *.capitalone.com *.mtbank.by *.ccb.com.cn *.halykbank.kz *.cornercard.ch *.mycardsecure.com *.cimb.com *.rsa3dsauth.co.uk *.nexigroup.com *.viseca.ch *.lloydstsb.com *.citibank.co.in *.bankserv.co.za *.marqeta.com *.maybank.com.my *.abmb.com.my *.capitecbank.co.za *.santander.cl *.uobgroup.com *.alignet.io *.dkb.de *.bkm.com.tr *.n26.com *.apata.io *.gps.com.bh *.shinhancard.com *.vietcombank.com.vn *.kkb.kz *.monzo.com *.gpesecure.com *.cafis-paynet.jp *.verifiedbyvisa.com *.ocbc.com *.3dsecure.no *.santander.com.br *.privatbank.ua *.cartoes-itau.com.br *.samsungcard.com *.usaa360.com *.securesuite.net *.optar.com.ec *.mycardplace.com *.secureacs.com
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
content-length: 265
x-xss-protection: 0
referrer-policy: no-referrer
etag: W/"109-fOfedQxcGzfykYaRivzLCbxQvOI"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
access-control-allow-methods: *
content-type: application/json; charset=utf-8
content-language: es
access-control-allow-origin: *
x-download-options: noopen
access-control-allow-headers: Content-Type, Authorization,bin,IdempotencyKey,userId, x-source

GET
H2 200 776.634f54d6.js Show response
pay.conekta.com/static/js/chunks/ Frame 3A61 117 KB
119 KB 96ms
95ms Script
application/javascript 3.231.180.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.conekta.com/static/js/chunks/776.634f54d6.js

Requested by

Host: pay.conekta.com
URL: https://pay.conekta.com/static/js/frame.self-hosted-checkout.b2bb25a4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.231.180.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-231-180-42.compute-1.amazonaws.com

Software

Resource Hash

427a457fd6aeae3ff2b08b8511c80df5b7df9ac2de9e8dec7b4420e63c77fdd7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' ;object-src 'none';script-src 'self' www.googletagmanager.com 'nonce-qIwpajQAIdofJaClXv2BP8acrZXWNDjwX8YLFCy8/qs=' https://songbird.cardinalcommerce.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ .cardinalcommerce.com .conekta.com .datadoghq.com .browser-intake-datadoghq.com;frame-src 'self' .modirum.com .bancochile.cl .euronet3dsecure.com .fssnet.co.in .nccc.com.tw .commerzbank.de .revolut.com .hdfcbank.com .wlp-acs.com .securesuite.co.uk .asseco-see.hr .ecclients.btrl.ro .secure22gw.ro .americanexpress.com .taipeifubon.com.tw .touch.tech .arcot.com .monext.fr .touchtechpayments.com .bpcbt.com .abanca.com .cardcenter.ch .secure2gw.ro .otpbank.hu .redbanc.cl .rsa3dsauth.com .seglan.com .qnb.com .icicibank.com .placetopay.com .tricard.cl .bci.cl .cimbniaga.com .alignet-acs.com .cic.fr .cardinalcommerce.com .3dsecure-vrp.de .redsys.es .wibmo.com .crqsbiacs.sbi .netsgroup.com .eglobal.com.mx .acssecure.com .capitalone.com .mtbank.by .ccb.com.cn .halykbank.kz .cornercard.ch .mycardsecure.com .cimb.com .rsa3dsauth.co.uk .nexigroup.com .viseca.ch .lloydstsb.com .citibank.co.in .bankserv.co.za .marqeta.com .maybank.com.my .abmb.com.my .capitecbank.co.za .santander.cl .uobgroup.com .alignet.io .dkb.de .bkm.com.tr .n26.com .apata.io .gps.com.bh .shinhancard.com .vietcombank.com.vn .kkb.kz .monzo.com .gpesecure.com .cafis-paynet.jp .verifiedbyvisa.com .ocbc.com .3dsecure.no .santander.com.br .privatbank.ua .cartoes-itau.com.br .samsungcard.com .usaa360.com .securesuite.net .optar.com.ec .mycardplace.com *.secureacs.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 05:28:13 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' *;object-src 'none';script-src 'self' www.googletagmanager.com 'nonce-qIwpajQAIdofJaClXv2BP8acrZXWNDjwX8YLFCy8/qs=' https://songbird.cardinalcommerce.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ *.cardinalcommerce.com *.conekta.com *.datadoghq.com *.browser-intake-datadoghq.com;frame-src 'self' *.modirum.com *.bancochile.cl *.euronet3dsecure.com *.fssnet.co.in *.nccc.com.tw *.commerzbank.de *.revolut.com *.hdfcbank.com *.wlp-acs.com *.securesuite.co.uk *.asseco-see.hr *.ecclients.btrl.ro *.secure22gw.ro *.americanexpress.com *.taipeifubon.com.tw *.touch.tech *.arcot.com *.monext.fr *.touchtechpayments.com *.bpcbt.com *.abanca.com *.cardcenter.ch *.secure2gw.ro *.otpbank.hu *.redbanc.cl *.rsa3dsauth.com *.seglan.com *.qnb.com *.icicibank.com *.placetopay.com *.tricard.cl *.bci.cl *.cimbniaga.com *.alignet-acs.com *.cic.fr *.cardinalcommerce.com *.3dsecure-vrp.de *.redsys.es *.wibmo.com *.crqsbiacs.sbi *.netsgroup.com *.eglobal.com.mx *.acssecure.com *.capitalone.com *.mtbank.by *.ccb.com.cn *.halykbank.kz *.cornercard.ch *.mycardsecure.com *.cimb.com *.rsa3dsauth.co.uk *.nexigroup.com *.viseca.ch *.lloydstsb.com *.citibank.co.in *.bankserv.co.za *.marqeta.com *.maybank.com.my *.abmb.com.my *.capitecbank.co.za *.santander.cl *.uobgroup.com *.alignet.io *.dkb.de *.bkm.com.tr *.n26.com *.apata.io *.gps.com.bh *.shinhancard.com *.vietcombank.com.vn *.kkb.kz *.monzo.com *.gpesecure.com *.cafis-paynet.jp *.verifiedbyvisa.com *.ocbc.com *.3dsecure.no *.santander.com.br *.privatbank.ua *.cartoes-itau.com.br *.samsungcard.com *.usaa360.com *.securesuite.net *.optar.com.ec *.mycardplace.com *.secureacs.com
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
content-length: 120041
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Tue, 06 Jun 2023 19:09:16 GMT
etag: W/"1d4e9-188921d0760"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
x-download-options: noopen
cache-control: public, max-age=300
accept-ranges: bytes

GET
H2 200 642.b4a1f75f.js Show response
pay.conekta.com/static/js/chunks/ Frame 3A61 38 KB
40 KB 99ms
98ms Script
application/javascript 3.231.180.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.conekta.com/static/js/chunks/642.b4a1f75f.js

Requested by

Host: pay.conekta.com
URL: https://pay.conekta.com/static/js/frame.self-hosted-checkout.b2bb25a4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.231.180.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-231-180-42.compute-1.amazonaws.com

Software

Resource Hash

70c8f699143e229dedd26ea4f6778a6e616902d74c60bc356aebc5cf4fc228eb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' ;object-src 'none';script-src 'self' www.googletagmanager.com 'nonce-B+V9bg0iiD6HQtR2VNDQ726ttWOrp00JARp6N+Holts=' https://songbird.cardinalcommerce.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ .cardinalcommerce.com .conekta.com .datadoghq.com .browser-intake-datadoghq.com;frame-src 'self' .modirum.com .bancochile.cl .euronet3dsecure.com .fssnet.co.in .nccc.com.tw .commerzbank.de .revolut.com .hdfcbank.com .wlp-acs.com .securesuite.co.uk .asseco-see.hr .ecclients.btrl.ro .secure22gw.ro .americanexpress.com .taipeifubon.com.tw .touch.tech .arcot.com .monext.fr .touchtechpayments.com .bpcbt.com .abanca.com .cardcenter.ch .secure2gw.ro .otpbank.hu .redbanc.cl .rsa3dsauth.com .seglan.com .qnb.com .icicibank.com .placetopay.com .tricard.cl .bci.cl .cimbniaga.com .alignet-acs.com .cic.fr .cardinalcommerce.com .3dsecure-vrp.de .redsys.es .wibmo.com .crqsbiacs.sbi .netsgroup.com .eglobal.com.mx .acssecure.com .capitalone.com .mtbank.by .ccb.com.cn .halykbank.kz .cornercard.ch .mycardsecure.com .cimb.com .rsa3dsauth.co.uk .nexigroup.com .viseca.ch .lloydstsb.com .citibank.co.in .bankserv.co.za .marqeta.com .maybank.com.my .abmb.com.my .capitecbank.co.za .santander.cl .uobgroup.com .alignet.io .dkb.de .bkm.com.tr .n26.com .apata.io .gps.com.bh .shinhancard.com .vietcombank.com.vn .kkb.kz .monzo.com .gpesecure.com .cafis-paynet.jp .verifiedbyvisa.com .ocbc.com .3dsecure.no .santander.com.br .privatbank.ua .cartoes-itau.com.br .samsungcard.com .usaa360.com .securesuite.net .optar.com.ec .mycardplace.com *.secureacs.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 05:28:13 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' *;object-src 'none';script-src 'self' www.googletagmanager.com 'nonce-B+V9bg0iiD6HQtR2VNDQ726ttWOrp00JARp6N+Holts=' https://songbird.cardinalcommerce.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ *.cardinalcommerce.com *.conekta.com *.datadoghq.com *.browser-intake-datadoghq.com;frame-src 'self' *.modirum.com *.bancochile.cl *.euronet3dsecure.com *.fssnet.co.in *.nccc.com.tw *.commerzbank.de *.revolut.com *.hdfcbank.com *.wlp-acs.com *.securesuite.co.uk *.asseco-see.hr *.ecclients.btrl.ro *.secure22gw.ro *.americanexpress.com *.taipeifubon.com.tw *.touch.tech *.arcot.com *.monext.fr *.touchtechpayments.com *.bpcbt.com *.abanca.com *.cardcenter.ch *.secure2gw.ro *.otpbank.hu *.redbanc.cl *.rsa3dsauth.com *.seglan.com *.qnb.com *.icicibank.com *.placetopay.com *.tricard.cl *.bci.cl *.cimbniaga.com *.alignet-acs.com *.cic.fr *.cardinalcommerce.com *.3dsecure-vrp.de *.redsys.es *.wibmo.com *.crqsbiacs.sbi *.netsgroup.com *.eglobal.com.mx *.acssecure.com *.capitalone.com *.mtbank.by *.ccb.com.cn *.halykbank.kz *.cornercard.ch *.mycardsecure.com *.cimb.com *.rsa3dsauth.co.uk *.nexigroup.com *.viseca.ch *.lloydstsb.com *.citibank.co.in *.bankserv.co.za *.marqeta.com *.maybank.com.my *.abmb.com.my *.capitecbank.co.za *.santander.cl *.uobgroup.com *.alignet.io *.dkb.de *.bkm.com.tr *.n26.com *.apata.io *.gps.com.bh *.shinhancard.com *.vietcombank.com.vn *.kkb.kz *.monzo.com *.gpesecure.com *.cafis-paynet.jp *.verifiedbyvisa.com *.ocbc.com *.3dsecure.no *.santander.com.br *.privatbank.ua *.cartoes-itau.com.br *.samsungcard.com *.usaa360.com *.securesuite.net *.optar.com.ec *.mycardplace.com *.secureacs.com
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
content-length: 39177
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Tue, 06 Jun 2023 19:09:16 GMT
etag: W/"9909-188921d0760"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
x-download-options: noopen
cache-control: public, max-age=300
accept-ranges: bytes

GET
H2 200 107.4b9eb88e.css
pay.conekta.com/static/css/ Frame 3A61 26 KB
28 KB 97ms
96ms Stylesheet
text/css 3.231.180.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.conekta.com/static/css/107.4b9eb88e.css

Requested by

Host: pay.conekta.com
URL: https://pay.conekta.com/static/js/frame.self-hosted-checkout.b2bb25a4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.231.180.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-231-180-42.compute-1.amazonaws.com

Software

Resource Hash

e4b2c26f22ddd4e05b828ba091fb6c263d6549eba807934513b099f2ac6c9468

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' ;object-src 'none';script-src 'self' www.googletagmanager.com 'nonce-HDZryADNy7Ehc5Zi8PDcfZVUr8B4ypK7/xcAczbh1VM=' https://songbird.cardinalcommerce.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ .cardinalcommerce.com .conekta.com .datadoghq.com .browser-intake-datadoghq.com;frame-src 'self' .modirum.com .bancochile.cl .euronet3dsecure.com .fssnet.co.in .nccc.com.tw .commerzbank.de .revolut.com .hdfcbank.com .wlp-acs.com .securesuite.co.uk .asseco-see.hr .ecclients.btrl.ro .secure22gw.ro .americanexpress.com .taipeifubon.com.tw .touch.tech .arcot.com .monext.fr .touchtechpayments.com .bpcbt.com .abanca.com .cardcenter.ch .secure2gw.ro .otpbank.hu .redbanc.cl .rsa3dsauth.com .seglan.com .qnb.com .icicibank.com .placetopay.com .tricard.cl .bci.cl .cimbniaga.com .alignet-acs.com .cic.fr .cardinalcommerce.com .3dsecure-vrp.de .redsys.es .wibmo.com .crqsbiacs.sbi .netsgroup.com .eglobal.com.mx .acssecure.com .capitalone.com .mtbank.by .ccb.com.cn .halykbank.kz .cornercard.ch .mycardsecure.com .cimb.com .rsa3dsauth.co.uk .nexigroup.com .viseca.ch .lloydstsb.com .citibank.co.in .bankserv.co.za .marqeta.com .maybank.com.my .abmb.com.my .capitecbank.co.za .santander.cl .uobgroup.com .alignet.io .dkb.de .bkm.com.tr .n26.com .apata.io .gps.com.bh .shinhancard.com .vietcombank.com.vn .kkb.kz .monzo.com .gpesecure.com .cafis-paynet.jp .verifiedbyvisa.com .ocbc.com .3dsecure.no .santander.com.br .privatbank.ua .cartoes-itau.com.br .samsungcard.com .usaa360.com .securesuite.net .optar.com.ec .mycardplace.com *.secureacs.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 05:28:13 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' *;object-src 'none';script-src 'self' www.googletagmanager.com 'nonce-HDZryADNy7Ehc5Zi8PDcfZVUr8B4ypK7/xcAczbh1VM=' https://songbird.cardinalcommerce.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ *.cardinalcommerce.com *.conekta.com *.datadoghq.com *.browser-intake-datadoghq.com;frame-src 'self' *.modirum.com *.bancochile.cl *.euronet3dsecure.com *.fssnet.co.in *.nccc.com.tw *.commerzbank.de *.revolut.com *.hdfcbank.com *.wlp-acs.com *.securesuite.co.uk *.asseco-see.hr *.ecclients.btrl.ro *.secure22gw.ro *.americanexpress.com *.taipeifubon.com.tw *.touch.tech *.arcot.com *.monext.fr *.touchtechpayments.com *.bpcbt.com *.abanca.com *.cardcenter.ch *.secure2gw.ro *.otpbank.hu *.redbanc.cl *.rsa3dsauth.com *.seglan.com *.qnb.com *.icicibank.com *.placetopay.com *.tricard.cl *.bci.cl *.cimbniaga.com *.alignet-acs.com *.cic.fr *.cardinalcommerce.com *.3dsecure-vrp.de *.redsys.es *.wibmo.com *.crqsbiacs.sbi *.netsgroup.com *.eglobal.com.mx *.acssecure.com *.capitalone.com *.mtbank.by *.ccb.com.cn *.halykbank.kz *.cornercard.ch *.mycardsecure.com *.cimb.com *.rsa3dsauth.co.uk *.nexigroup.com *.viseca.ch *.lloydstsb.com *.citibank.co.in *.bankserv.co.za *.marqeta.com *.maybank.com.my *.abmb.com.my *.capitecbank.co.za *.santander.cl *.uobgroup.com *.alignet.io *.dkb.de *.bkm.com.tr *.n26.com *.apata.io *.gps.com.bh *.shinhancard.com *.vietcombank.com.vn *.kkb.kz *.monzo.com *.gpesecure.com *.cafis-paynet.jp *.verifiedbyvisa.com *.ocbc.com *.3dsecure.no *.santander.com.br *.privatbank.ua *.cartoes-itau.com.br *.samsungcard.com *.usaa360.com *.securesuite.net *.optar.com.ec *.mycardplace.com *.secureacs.com
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
content-length: 26606
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Tue, 06 Jun 2023 19:09:16 GMT
etag: W/"67ee-188921d0760"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
x-download-options: noopen
cache-control: public, max-age=300
accept-ranges: bytes

GET
H2 200 107.4b9eb88e.js Show response
pay.conekta.com/static/js/chunks/ Frame 3A61 14 KB
15 KB 96ms
95ms Script
application/javascript 3.231.180.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.conekta.com/static/js/chunks/107.4b9eb88e.js

Requested by

Host: pay.conekta.com
URL: https://pay.conekta.com/static/js/frame.self-hosted-checkout.b2bb25a4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.231.180.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-231-180-42.compute-1.amazonaws.com

Software

Resource Hash

d60b810f2b6d902b3767c83aef5de870646b98e241192a71e0d1d237ce3d8279

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' ;object-src 'none';script-src 'self' www.googletagmanager.com 'nonce-sZgy/srA2Oc+kk2gLGiqEiDuEz0nc7CxxYQwyyPcwEM=' https://songbird.cardinalcommerce.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ .cardinalcommerce.com .conekta.com .datadoghq.com .browser-intake-datadoghq.com;frame-src 'self' .modirum.com .bancochile.cl .euronet3dsecure.com .fssnet.co.in .nccc.com.tw .commerzbank.de .revolut.com .hdfcbank.com .wlp-acs.com .securesuite.co.uk .asseco-see.hr .ecclients.btrl.ro .secure22gw.ro .americanexpress.com .taipeifubon.com.tw .touch.tech .arcot.com .monext.fr .touchtechpayments.com .bpcbt.com .abanca.com .cardcenter.ch .secure2gw.ro .otpbank.hu .redbanc.cl .rsa3dsauth.com .seglan.com .qnb.com .icicibank.com .placetopay.com .tricard.cl .bci.cl .cimbniaga.com .alignet-acs.com .cic.fr .cardinalcommerce.com .3dsecure-vrp.de .redsys.es .wibmo.com .crqsbiacs.sbi .netsgroup.com .eglobal.com.mx .acssecure.com .capitalone.com .mtbank.by .ccb.com.cn .halykbank.kz .cornercard.ch .mycardsecure.com .cimb.com .rsa3dsauth.co.uk .nexigroup.com .viseca.ch .lloydstsb.com .citibank.co.in .bankserv.co.za .marqeta.com .maybank.com.my .abmb.com.my .capitecbank.co.za .santander.cl .uobgroup.com .alignet.io .dkb.de .bkm.com.tr .n26.com .apata.io .gps.com.bh .shinhancard.com .vietcombank.com.vn .kkb.kz .monzo.com .gpesecure.com .cafis-paynet.jp .verifiedbyvisa.com .ocbc.com .3dsecure.no .santander.com.br .privatbank.ua .cartoes-itau.com.br .samsungcard.com .usaa360.com .securesuite.net .optar.com.ec .mycardplace.com *.secureacs.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 05:28:13 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' *;object-src 'none';script-src 'self' www.googletagmanager.com 'nonce-sZgy/srA2Oc+kk2gLGiqEiDuEz0nc7CxxYQwyyPcwEM=' https://songbird.cardinalcommerce.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ *.cardinalcommerce.com *.conekta.com *.datadoghq.com *.browser-intake-datadoghq.com;frame-src 'self' *.modirum.com *.bancochile.cl *.euronet3dsecure.com *.fssnet.co.in *.nccc.com.tw *.commerzbank.de *.revolut.com *.hdfcbank.com *.wlp-acs.com *.securesuite.co.uk *.asseco-see.hr *.ecclients.btrl.ro *.secure22gw.ro *.americanexpress.com *.taipeifubon.com.tw *.touch.tech *.arcot.com *.monext.fr *.touchtechpayments.com *.bpcbt.com *.abanca.com *.cardcenter.ch *.secure2gw.ro *.otpbank.hu *.redbanc.cl *.rsa3dsauth.com *.seglan.com *.qnb.com *.icicibank.com *.placetopay.com *.tricard.cl *.bci.cl *.cimbniaga.com *.alignet-acs.com *.cic.fr *.cardinalcommerce.com *.3dsecure-vrp.de *.redsys.es *.wibmo.com *.crqsbiacs.sbi *.netsgroup.com *.eglobal.com.mx *.acssecure.com *.capitalone.com *.mtbank.by *.ccb.com.cn *.halykbank.kz *.cornercard.ch *.mycardsecure.com *.cimb.com *.rsa3dsauth.co.uk *.nexigroup.com *.viseca.ch *.lloydstsb.com *.citibank.co.in *.bankserv.co.za *.marqeta.com *.maybank.com.my *.abmb.com.my *.capitecbank.co.za *.santander.cl *.uobgroup.com *.alignet.io *.dkb.de *.bkm.com.tr *.n26.com *.apata.io *.gps.com.bh *.shinhancard.com *.vietcombank.com.vn *.kkb.kz *.monzo.com *.gpesecure.com *.cafis-paynet.jp *.verifiedbyvisa.com *.ocbc.com *.3dsecure.no *.santander.com.br *.privatbank.ua *.cartoes-itau.com.br *.samsungcard.com *.usaa360.com *.securesuite.net *.optar.com.ec *.mycardplace.com *.secureacs.com
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
content-length: 13854
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Tue, 06 Jun 2023 19:09:16 GMT
etag: W/"361e-188921d0760"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
x-download-options: noopen
cache-control: public, max-age=300
accept-ranges: bytes

GET
H2 200 498.41ce32f7.js Show response
pay.conekta.com/static/js/chunks/ Frame 3A61 12 KB
14 KB 98ms
96ms Script
application/javascript 3.231.180.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.conekta.com/static/js/chunks/498.41ce32f7.js

Requested by

Host: pay.conekta.com
URL: https://pay.conekta.com/static/js/frame.self-hosted-checkout.b2bb25a4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.231.180.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-231-180-42.compute-1.amazonaws.com

Software

Resource Hash

a3c0bbe6c1f196a01c47cd719b7eb3de3944545ecd783679ffb7520f3e0e48b9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' ;object-src 'none';script-src 'self' www.googletagmanager.com 'nonce-KTWKVIjNTIzHosKCjoDoa25+s4vSjsdU7uhk35Pz6eY=' https://songbird.cardinalcommerce.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ .cardinalcommerce.com .conekta.com .datadoghq.com .browser-intake-datadoghq.com;frame-src 'self' .modirum.com .bancochile.cl .euronet3dsecure.com .fssnet.co.in .nccc.com.tw .commerzbank.de .revolut.com .hdfcbank.com .wlp-acs.com .securesuite.co.uk .asseco-see.hr .ecclients.btrl.ro .secure22gw.ro .americanexpress.com .taipeifubon.com.tw .touch.tech .arcot.com .monext.fr .touchtechpayments.com .bpcbt.com .abanca.com .cardcenter.ch .secure2gw.ro .otpbank.hu .redbanc.cl .rsa3dsauth.com .seglan.com .qnb.com .icicibank.com .placetopay.com .tricard.cl .bci.cl .cimbniaga.com .alignet-acs.com .cic.fr .cardinalcommerce.com .3dsecure-vrp.de .redsys.es .wibmo.com .crqsbiacs.sbi .netsgroup.com .eglobal.com.mx .acssecure.com .capitalone.com .mtbank.by .ccb.com.cn .halykbank.kz .cornercard.ch .mycardsecure.com .cimb.com .rsa3dsauth.co.uk .nexigroup.com .viseca.ch .lloydstsb.com .citibank.co.in .bankserv.co.za .marqeta.com .maybank.com.my .abmb.com.my .capitecbank.co.za .santander.cl .uobgroup.com .alignet.io .dkb.de .bkm.com.tr .n26.com .apata.io .gps.com.bh .shinhancard.com .vietcombank.com.vn .kkb.kz .monzo.com .gpesecure.com .cafis-paynet.jp .verifiedbyvisa.com .ocbc.com .3dsecure.no .santander.com.br .privatbank.ua .cartoes-itau.com.br .samsungcard.com .usaa360.com .securesuite.net .optar.com.ec .mycardplace.com *.secureacs.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 05:28:13 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' *;object-src 'none';script-src 'self' www.googletagmanager.com 'nonce-KTWKVIjNTIzHosKCjoDoa25+s4vSjsdU7uhk35Pz6eY=' https://songbird.cardinalcommerce.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ *.cardinalcommerce.com *.conekta.com *.datadoghq.com *.browser-intake-datadoghq.com;frame-src 'self' *.modirum.com *.bancochile.cl *.euronet3dsecure.com *.fssnet.co.in *.nccc.com.tw *.commerzbank.de *.revolut.com *.hdfcbank.com *.wlp-acs.com *.securesuite.co.uk *.asseco-see.hr *.ecclients.btrl.ro *.secure22gw.ro *.americanexpress.com *.taipeifubon.com.tw *.touch.tech *.arcot.com *.monext.fr *.touchtechpayments.com *.bpcbt.com *.abanca.com *.cardcenter.ch *.secure2gw.ro *.otpbank.hu *.redbanc.cl *.rsa3dsauth.com *.seglan.com *.qnb.com *.icicibank.com *.placetopay.com *.tricard.cl *.bci.cl *.cimbniaga.com *.alignet-acs.com *.cic.fr *.cardinalcommerce.com *.3dsecure-vrp.de *.redsys.es *.wibmo.com *.crqsbiacs.sbi *.netsgroup.com *.eglobal.com.mx *.acssecure.com *.capitalone.com *.mtbank.by *.ccb.com.cn *.halykbank.kz *.cornercard.ch *.mycardsecure.com *.cimb.com *.rsa3dsauth.co.uk *.nexigroup.com *.viseca.ch *.lloydstsb.com *.citibank.co.in *.bankserv.co.za *.marqeta.com *.maybank.com.my *.abmb.com.my *.capitecbank.co.za *.santander.cl *.uobgroup.com *.alignet.io *.dkb.de *.bkm.com.tr *.n26.com *.apata.io *.gps.com.bh *.shinhancard.com *.vietcombank.com.vn *.kkb.kz *.monzo.com *.gpesecure.com *.cafis-paynet.jp *.verifiedbyvisa.com *.ocbc.com *.3dsecure.no *.santander.com.br *.privatbank.ua *.cartoes-itau.com.br *.samsungcard.com *.usaa360.com *.securesuite.net *.optar.com.ec *.mycardplace.com *.secureacs.com
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
content-length: 12753
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Tue, 06 Jun 2023 19:09:16 GMT
etag: W/"31d1-188921d0760"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
x-download-options: noopen
cache-control: public, max-age=300
accept-ranges: bytes

GET
H2 200 675.3ef110c2.css
pay.conekta.com/static/css/ Frame 3A61 8 KB
10 KB 99ms
98ms Stylesheet
text/css 3.231.180.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.conekta.com/static/css/675.3ef110c2.css

Requested by

Host: pay.conekta.com
URL: https://pay.conekta.com/static/js/frame.self-hosted-checkout.b2bb25a4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.231.180.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-231-180-42.compute-1.amazonaws.com

Software

Resource Hash

def30d687690568c6dbba7a6df7dccb14d4531c7c7333d1dd702fe517e44a87e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' ;object-src 'none';script-src 'self' www.googletagmanager.com 'nonce-+Xocpd5VrOaJQ+vxUs8bUGtEJqNSA72PjuZHzX9wWb0=' https://songbird.cardinalcommerce.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ .cardinalcommerce.com .conekta.com .datadoghq.com .browser-intake-datadoghq.com;frame-src 'self' .modirum.com .bancochile.cl .euronet3dsecure.com .fssnet.co.in .nccc.com.tw .commerzbank.de .revolut.com .hdfcbank.com .wlp-acs.com .securesuite.co.uk .asseco-see.hr .ecclients.btrl.ro .secure22gw.ro .americanexpress.com .taipeifubon.com.tw .touch.tech .arcot.com .monext.fr .touchtechpayments.com .bpcbt.com .abanca.com .cardcenter.ch .secure2gw.ro .otpbank.hu .redbanc.cl .rsa3dsauth.com .seglan.com .qnb.com .icicibank.com .placetopay.com .tricard.cl .bci.cl .cimbniaga.com .alignet-acs.com .cic.fr .cardinalcommerce.com .3dsecure-vrp.de .redsys.es .wibmo.com .crqsbiacs.sbi .netsgroup.com .eglobal.com.mx .acssecure.com .capitalone.com .mtbank.by .ccb.com.cn .halykbank.kz .cornercard.ch .mycardsecure.com .cimb.com .rsa3dsauth.co.uk .nexigroup.com .viseca.ch .lloydstsb.com .citibank.co.in .bankserv.co.za .marqeta.com .maybank.com.my .abmb.com.my .capitecbank.co.za .santander.cl .uobgroup.com .alignet.io .dkb.de .bkm.com.tr .n26.com .apata.io .gps.com.bh .shinhancard.com .vietcombank.com.vn .kkb.kz .monzo.com .gpesecure.com .cafis-paynet.jp .verifiedbyvisa.com .ocbc.com .3dsecure.no .santander.com.br .privatbank.ua .cartoes-itau.com.br .samsungcard.com .usaa360.com .securesuite.net .optar.com.ec .mycardplace.com *.secureacs.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 05:28:13 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' *;object-src 'none';script-src 'self' www.googletagmanager.com 'nonce-+Xocpd5VrOaJQ+vxUs8bUGtEJqNSA72PjuZHzX9wWb0=' https://songbird.cardinalcommerce.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ *.cardinalcommerce.com *.conekta.com *.datadoghq.com *.browser-intake-datadoghq.com;frame-src 'self' *.modirum.com *.bancochile.cl *.euronet3dsecure.com *.fssnet.co.in *.nccc.com.tw *.commerzbank.de *.revolut.com *.hdfcbank.com *.wlp-acs.com *.securesuite.co.uk *.asseco-see.hr *.ecclients.btrl.ro *.secure22gw.ro *.americanexpress.com *.taipeifubon.com.tw *.touch.tech *.arcot.com *.monext.fr *.touchtechpayments.com *.bpcbt.com *.abanca.com *.cardcenter.ch *.secure2gw.ro *.otpbank.hu *.redbanc.cl *.rsa3dsauth.com *.seglan.com *.qnb.com *.icicibank.com *.placetopay.com *.tricard.cl *.bci.cl *.cimbniaga.com *.alignet-acs.com *.cic.fr *.cardinalcommerce.com *.3dsecure-vrp.de *.redsys.es *.wibmo.com *.crqsbiacs.sbi *.netsgroup.com *.eglobal.com.mx *.acssecure.com *.capitalone.com *.mtbank.by *.ccb.com.cn *.halykbank.kz *.cornercard.ch *.mycardsecure.com *.cimb.com *.rsa3dsauth.co.uk *.nexigroup.com *.viseca.ch *.lloydstsb.com *.citibank.co.in *.bankserv.co.za *.marqeta.com *.maybank.com.my *.abmb.com.my *.capitecbank.co.za *.santander.cl *.uobgroup.com *.alignet.io *.dkb.de *.bkm.com.tr *.n26.com *.apata.io *.gps.com.bh *.shinhancard.com *.vietcombank.com.vn *.kkb.kz *.monzo.com *.gpesecure.com *.cafis-paynet.jp *.verifiedbyvisa.com *.ocbc.com *.3dsecure.no *.santander.com.br *.privatbank.ua *.cartoes-itau.com.br *.samsungcard.com *.usaa360.com *.securesuite.net *.optar.com.ec *.mycardplace.com *.secureacs.com
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
content-length: 8159
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Tue, 06 Jun 2023 19:09:16 GMT
etag: W/"1fdf-188921d0760"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
x-download-options: noopen
cache-control: public, max-age=300
accept-ranges: bytes

GET
H2 200 675.3ef110c2.js Show response
pay.conekta.com/static/js/chunks/ Frame 3A61 536 B
2 KB 189ms
188ms Script
application/javascript 3.231.180.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.conekta.com/static/js/chunks/675.3ef110c2.js

Requested by

Host: pay.conekta.com
URL: https://pay.conekta.com/static/js/frame.self-hosted-checkout.b2bb25a4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.231.180.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-231-180-42.compute-1.amazonaws.com

Software

Resource Hash

664a3f3882973c3098b1f72fc6d304ee662ea8f7a074d84772f42fc28c74be75

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' ;object-src 'none';script-src 'self' www.googletagmanager.com 'nonce-qyVT67Jkl54c+jquARgAU609ooozrwGi7JEtWWcI1jk=' https://songbird.cardinalcommerce.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ .cardinalcommerce.com .conekta.com .datadoghq.com .browser-intake-datadoghq.com;frame-src 'self' .modirum.com .bancochile.cl .euronet3dsecure.com .fssnet.co.in .nccc.com.tw .commerzbank.de .revolut.com .hdfcbank.com .wlp-acs.com .securesuite.co.uk .asseco-see.hr .ecclients.btrl.ro .secure22gw.ro .americanexpress.com .taipeifubon.com.tw .touch.tech .arcot.com .monext.fr .touchtechpayments.com .bpcbt.com .abanca.com .cardcenter.ch .secure2gw.ro .otpbank.hu .redbanc.cl .rsa3dsauth.com .seglan.com .qnb.com .icicibank.com .placetopay.com .tricard.cl .bci.cl .cimbniaga.com .alignet-acs.com .cic.fr .cardinalcommerce.com .3dsecure-vrp.de .redsys.es .wibmo.com .crqsbiacs.sbi .netsgroup.com .eglobal.com.mx .acssecure.com .capitalone.com .mtbank.by .ccb.com.cn .halykbank.kz .cornercard.ch .mycardsecure.com .cimb.com .rsa3dsauth.co.uk .nexigroup.com .viseca.ch .lloydstsb.com .citibank.co.in .bankserv.co.za .marqeta.com .maybank.com.my .abmb.com.my .capitecbank.co.za .santander.cl .uobgroup.com .alignet.io .dkb.de .bkm.com.tr .n26.com .apata.io .gps.com.bh .shinhancard.com .vietcombank.com.vn .kkb.kz .monzo.com .gpesecure.com .cafis-paynet.jp .verifiedbyvisa.com .ocbc.com .3dsecure.no .santander.com.br .privatbank.ua .cartoes-itau.com.br .samsungcard.com .usaa360.com .securesuite.net .optar.com.ec .mycardplace.com *.secureacs.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 05:28:13 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' *;object-src 'none';script-src 'self' www.googletagmanager.com 'nonce-qyVT67Jkl54c+jquARgAU609ooozrwGi7JEtWWcI1jk=' https://songbird.cardinalcommerce.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ *.cardinalcommerce.com *.conekta.com *.datadoghq.com *.browser-intake-datadoghq.com;frame-src 'self' *.modirum.com *.bancochile.cl *.euronet3dsecure.com *.fssnet.co.in *.nccc.com.tw *.commerzbank.de *.revolut.com *.hdfcbank.com *.wlp-acs.com *.securesuite.co.uk *.asseco-see.hr *.ecclients.btrl.ro *.secure22gw.ro *.americanexpress.com *.taipeifubon.com.tw *.touch.tech *.arcot.com *.monext.fr *.touchtechpayments.com *.bpcbt.com *.abanca.com *.cardcenter.ch *.secure2gw.ro *.otpbank.hu *.redbanc.cl *.rsa3dsauth.com *.seglan.com *.qnb.com *.icicibank.com *.placetopay.com *.tricard.cl *.bci.cl *.cimbniaga.com *.alignet-acs.com *.cic.fr *.cardinalcommerce.com *.3dsecure-vrp.de *.redsys.es *.wibmo.com *.crqsbiacs.sbi *.netsgroup.com *.eglobal.com.mx *.acssecure.com *.capitalone.com *.mtbank.by *.ccb.com.cn *.halykbank.kz *.cornercard.ch *.mycardsecure.com *.cimb.com *.rsa3dsauth.co.uk *.nexigroup.com *.viseca.ch *.lloydstsb.com *.citibank.co.in *.bankserv.co.za *.marqeta.com *.maybank.com.my *.abmb.com.my *.capitecbank.co.za *.santander.cl *.uobgroup.com *.alignet.io *.dkb.de *.bkm.com.tr *.n26.com *.apata.io *.gps.com.bh *.shinhancard.com *.vietcombank.com.vn *.kkb.kz *.monzo.com *.gpesecure.com *.cafis-paynet.jp *.verifiedbyvisa.com *.ocbc.com *.3dsecure.no *.santander.com.br *.privatbank.ua *.cartoes-itau.com.br *.samsungcard.com *.usaa360.com *.securesuite.net *.optar.com.ec *.mycardplace.com *.secureacs.com
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
content-length: 536
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Tue, 06 Jun 2023 19:09:16 GMT
etag: W/"218-188921d0760"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
x-download-options: noopen
cache-control: public, max-age=300
accept-ranges: bytes

GET
H2 200 conekta-logo-blue-full.svg
assets.conekta.com/cpanel/statics/assets/img/ Frame 3A61 4 KB
2 KB 40ms
24ms Image
image/svg+xml 2600:9000:26db:4800:17:c5a4:5ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.conekta.com/cpanel/statics/assets/img/conekta-logo-blue-full.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:4800:17:c5a4:5ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fe56ca2de0543e6b2498179a8f8629aca01002fcd181717098a4d5ebc2bd45c1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 19:31:18 GMT
x-amz-version-id: 4AwVKfMjJQN62ulKWg2jzqFvIu8LmbxG
content-encoding: br
last-modified: Tue, 04 Oct 2022 20:44:35 GMT
server: AmazonS3
via: 1.1 9564791ed47030dad53c797ee814c66e.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
etag: W/"4811ed4544c8207594ad5a40080d525a"
age: 35816
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: awJA3ut3aaq58bUMhTkqatk4sj3VpeSS0IEg_uZYpgZyHFBlkd1Rfg==

GET
H2 200 mastercard.svg
assets.conekta.com/cpanel/statics/assets/brands/logos/ Frame 3A61 812 B
1 KB 41ms
24ms Image
image/svg+xml 2600:9000:26db:4800:17:c5a4:5ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.conekta.com/cpanel/statics/assets/brands/logos/mastercard.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:4800:17:c5a4:5ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: da7d8085a96244413072e1fe64d5c9e5bd1b3f5e12aee3dc1a08fd3334b67e86

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: aAAaxjnsRHkD1xpyWC967B1RbGvmtgZz
date: Sun, 30 Jul 2023 16:43:13 GMT
via: 1.1 9564791ed47030dad53c797ee814c66e.cloudfront.net (CloudFront)
last-modified: Fri, 20 May 2022 22:19:55 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
age: 45901
etag: "232c7edaf9ad5c2531ada433e44be09a"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 812
x-amz-cf-id: GicyzOKpm50nrmR_LoxemhgWnjOWzyXN_VBF7GAe2NmAuxNPSvysEQ==

GET
H2 200 visa.svg
assets.conekta.com/cpanel/statics/assets/brands/logos/ Frame 3A61 2 KB
1 KB 51ms
34ms Image
image/svg+xml 2600:9000:26db:4800:17:c5a4:5ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.conekta.com/cpanel/statics/assets/brands/logos/visa.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:4800:17:c5a4:5ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4d8cf70ef9fa2d3ead1d5ee5d6d083a1cf6ce3976ce9b15d2de36755989113b6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:43:13 GMT
x-amz-version-id: 9IZEC1psU5XFbNEmkPBSw_yycyNKvaGP
content-encoding: br
last-modified: Fri, 20 May 2022 22:19:55 GMT
server: AmazonS3
via: 1.1 9564791ed47030dad53c797ee814c66e.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
etag: W/"4c8cf187938c6a55890df9eac215e751"
age: 45901
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: mhd-5-nYWRo9vXT-rUsw74Vd5w6d4u4QVzgzoRZhmxZC9hR26FHO5w==

GET
H2 200 amex.svg
assets.conekta.com/cpanel/statics/assets/brands/logos/ Frame 3A61 1 KB
987 B 50ms
34ms Image
image/svg+xml 2600:9000:26db:4800:17:c5a4:5ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.conekta.com/cpanel/statics/assets/brands/logos/amex.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:4800:17:c5a4:5ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7d5c445291433416a571a67c98c58bbbaf9febc9e067b33f6ed0c62428060522

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 16:43:13 GMT
x-amz-version-id: fGEVN2fvHBNKwgpgg2oHHHKSG7914SlK
content-encoding: br
last-modified: Fri, 20 May 2022 22:19:54 GMT
server: AmazonS3
via: 1.1 9564791ed47030dad53c797ee814c66e.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
etag: W/"e8c7728f675281e3da0fc4fc24a5f5a8"
age: 45901
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: XjZHZfye2s7Uz0dhPcakFesjzVwHRt9BseKJSmeGBozZImJokyKJCg==

GET
H2 200 https_black_24dp-%201.svg
assets.conekta.com/cpanel/statics/assets/img/ Frame 3A61 869 B
1 KB 34ms
18ms Image
image/svg+xml 2600:9000:26db:4800:17:c5a4:5ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.conekta.com/cpanel/statics/assets/img/https_black_24dp-%201.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:4800:17:c5a4:5ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b1ea56d7d424d6ca2637ad5550c884b2c9dfcfe80b18a85d105acd2c141b2a63

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: objAst1p8Yl65OkoKgr6lPAQPfT2fsIV
date: Mon, 31 Jul 2023 05:28:13 GMT
via: 1.1 9564791ed47030dad53c797ee814c66e.cloudfront.net (CloudFront)
last-modified: Tue, 19 Oct 2021 21:22:10 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
age: 62765
etag: "8ae390dd2dcf6aacd7415817ddba9b83"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-replication-status: REPLICA
accept-ranges: bytes
content-length: 869
x-amz-cf-id: Ar5eGDx5RdvDLCXwMJJuTaK2RIB0IhO74Ew5HOLbJLU2RwV3PeNQsw==

GET
H2 200 conekta-powered-by-20px.svg
assets.conekta.com/cpanel/statics/assets/img/ Frame 3A61 8 KB
3 KB 41ms
25ms Image
image/svg+xml 2600:9000:26db:4800:17:c5a4:5ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.conekta.com/cpanel/statics/assets/img/conekta-powered-by-20px.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:4800:17:c5a4:5ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 62f25a77154a68f4cb4351a4824159dcb88173ca886c91a9aadd0664dc427a20

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: nkQJSe6FwIty1vz1BKqjKe76Qr0vHG8i
content-encoding: gzip
via: 1.1 9564791ed47030dad53c797ee814c66e.cloudfront.net (CloudFront)
date: Mon, 31 Jul 2023 05:28:13 GMT
last-modified: Tue, 04 Oct 2022 20:58:31 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
age: 45901
etag: W/"6e84d946963facbf324bd767db0255e6"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: ayRERFlLf6dPJRcUv1sJzPHNpJOxzs4CXgUkH_GeuDWsjSksdGmxfQ==

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
fonts.gstatic.com/s/materialicons/v103/ Frame 3A61 108 KB
108 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v103/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2

Requested by

Host: pay.conekta.com
URL: https://pay.conekta.com/static/css/23.c47d8f4d.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

338ffbe62e90f79cd80fb87c40162013b7fcbc47ef8457e9e998c90177c03bfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://pay.conekta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 01:07:32 GMT
x-content-type-options: nosniff
age: 188441
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110532
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 17:44:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jul 2024 01:07:32 GMT

GET
H2 200 Inter-Bold.woff2
assets.conekta.com/cpanel/statics/assets/fonts/Inter/ Frame 3A61 105 KB
105 KB 11ms
10ms Font
binary/octet-stream 2600:9000:26db:4800:17:c5a4:5ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.conekta.com/cpanel/statics/assets/fonts/Inter/Inter-Bold.woff2?v=3.13
Requested by: Host: pay.conekta.com
URL: https://pay.conekta.com/static/css/993.b2bb25a4.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:4800:17:c5a4:5ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f5e9a23c31da569497ae9c233b3a3176b33da9ecd52caa3b45dea57805a0cf8

Request headers

Referer
Origin: https://pay.conekta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: sQyeI.jCkyM51QeyIWH2g50l916emNmt
date: Sun, 30 Jul 2023 14:55:51 GMT
via: 1.1 667b60dd320c04dc9adf041517122fc2.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 52343
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
content-length: 107144
last-modified: Fri, 08 May 2020 22:33:01 GMT
server: AmazonS3
etag: "aed27700d84e327fda56b4a427b03061"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: lmxkbARORD6mO89_p9J3-3kHQLqWEUHdtK4KIeAdVcKJv2kk9Akzug==

POST
H2 202 rum
rum.browser-intake-datadoghq.com/api/v2/ Frame 3A61 0
0 394ms
192ms Ping
application/json 2600:1f18:24e6:b902:396c:5768:f8c3:756e
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.16.1%2Cenv%3Aproduction%2Cservice%3Act-checkout-fe%2Cversion%3A4.1.3&dd-api-key=pub8881789f5eaf78caf153ee2817d96d88&dd-evp-origin-version=4.16.1&dd-evp-origin=browser&dd-request-id=e810b8f0-996a-4139-81c4-6f7e98348560&batch_time=1690781293540
Requested by: Host: pay.conekta.com
URL: https://pay.conekta.com/static/js/frame.self-hosted-checkout.b2bb25a4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b902:396c:5768:f8c3:756e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 icon
fonts.googleapis.com/ Frame 3A61 569 B
775 B 43ms
18ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: pay.conekta.com
URL: https://pay.conekta.com/static/css/107.4b9eb88e.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 31 Jul 2023 05:28:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 05:28:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 31 Jul 2023 05:28:13 GMT

GET
H3 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ Frame 3A61 125 KB
125 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pay.conekta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:35:16 GMT
x-content-type-options: nosniff
age: 251577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jul 2024 07:35:16 GMT

GET
H2 200 conekta-icons.ttf
assets.conekta.com/cpanel/statics/assets/fonts/icons/ Frame 3A61 29 KB
29 KB 33ms
33ms Font
binary/octet-stream 2600:9000:26db:4800:17:c5a4:5ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.conekta.com/cpanel/statics/assets/fonts/icons/conekta-icons.ttf
Requested by: Host: pay.conekta.com
URL: https://pay.conekta.com/static/css/993.b2bb25a4.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:4800:17:c5a4:5ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5066aa48a7fea764bb5a2f8f7e34593e36a6e7630b095fe5151f6e7b1251566e

Request headers

Referer
Origin: https://pay.conekta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: 2mtDuzyVFBmnXBHMjMbD.KnY1PntfC7d
date: Sun, 30 Jul 2023 16:43:14 GMT
via: 1.1 667b60dd320c04dc9adf041517122fc2.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 45900
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
content-length: 29340
last-modified: Sat, 27 Jul 2019 03:12:22 GMT
server: AmazonS3
etag: "3420b242ab6c1760cc816aa3470d7289"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: FQbBCBx-oEBAp-lK1h7KcTGgkg1rTo5-5NCo3mEOZ1fSVkRIci4jwQ==

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pay.conekta.com/	1970-01-20 22:26:43	Name: locale Value: es
.conekta.com/	1970-01-20 23:15:41	Name: _ga Value: GA1.1.685045746.1690781292
pay.conekta.com/	1970-01-20 13:39:42	Name: _dd_s Value: rum=1&id=61b7aee7-751d-4905-99a9-ea9a309f09dd&created=1690781292302&expire=1690782192804
.conekta.com/	1970-01-20 23:15:41	Name: _ga_FE2LZVDP0L Value: GS1.1.1690781291.1.1.1690781293.0.0.0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-FE2LZVDP0L(Line 137) Message: Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-FE2LZVDP0L&gtm=45je37q0&_p=1710794284&cid=685045746.1690781292&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1690781291&sct=1&seg=0&dl=https%3A%2F%2Fpay.conekta.com%2Flink%2Ff84ae83130bd4d9c93866781813ff013&dt=Link%20de%20pago&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1' because it violates the following Content Security Policy directive: "connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ .cardinalcommerce.com .conekta.com .datadoghq.com .browser-intake-datadoghq.com".
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-FE2LZVDP0L(Line 137) Message: Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-FE2LZVDP0L&gtm=45je37q0&_p=2108745109&cid=685045746.1690781292&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1690781291&sct=1&seg=1&dl=https%3A%2F%2Fpay.conekta.com%2Fcomponents%2Fself-hosted-checkout-frame%3Flocale%3Des&dt=Conekta%20Self%20Hosted&en=page_view&_ee=1' because it violates the following Content Security Policy directive: "connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ .cardinalcommerce.com .conekta.com .datadoghq.com .browser-intake-datadoghq.com".
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-FE2LZVDP0L(Line 137) Message: Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-FE2LZVDP0L&gtm=45je37q0&_p=2108745109&cid=685045746.1690781292&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1690781291&sct=1&seg=1&dl=https%3A%2F%2Fpay.conekta.com%2Fcomponents%2Fself-hosted-checkout-frame%3Flocale%3Des&dt=Conekta%20Self%20Hosted&en=scroll&epn.percent_scrolled=90' because it violates the following Content Security Policy directive: "connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ .cardinalcommerce.com .conekta.com .datadoghq.com .browser-intake-datadoghq.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' ;object-src 'none';script-src 'self' www.googletagmanager.com 'nonce-So9FNi5X/7MjBkurYlt46/W+w6/K3rzMI8h93hdRlng=' https://songbird.cardinalcommerce.com;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests;connect-src 'self' rum-http-intake.logs.datadoghq.com www.google-analytics.com https://api.conekta.io/ https://kg668dbov0.execute-api.us-east-1.amazonaws.com/ .cardinalcommerce.com .conekta.com .datadoghq.com .browser-intake-datadoghq.com;frame-src 'self' .modirum.com .bancochile.cl .euronet3dsecure.com .fssnet.co.in .nccc.com.tw .commerzbank.de .revolut.com .hdfcbank.com .wlp-acs.com .securesuite.co.uk .asseco-see.hr .ecclients.btrl.ro .secure22gw.ro .americanexpress.com .taipeifubon.com.tw .touch.tech .arcot.com .monext.fr .touchtechpayments.com .bpcbt.com .abanca.com .cardcenter.ch .secure2gw.ro .otpbank.hu .redbanc.cl .rsa3dsauth.com .seglan.com .qnb.com .icicibank.com .placetopay.com .tricard.cl .bci.cl .cimbniaga.com .alignet-acs.com .cic.fr .cardinalcommerce.com .3dsecure-vrp.de .redsys.es .wibmo.com .crqsbiacs.sbi .netsgroup.com .eglobal.com.mx .acssecure.com .capitalone.com .mtbank.by .ccb.com.cn .halykbank.kz .cornercard.ch .mycardsecure.com .cimb.com .rsa3dsauth.co.uk .nexigroup.com .viseca.ch .lloydstsb.com .citibank.co.in .bankserv.co.za .marqeta.com .maybank.com.my .abmb.com.my .capitecbank.co.za .santander.cl .uobgroup.com .alignet.io .dkb.de .bkm.com.tr .n26.com .apata.io .gps.com.bh .shinhancard.com .vietcombank.com.vn .kkb.kz .monzo.com .gpesecure.com .cafis-paynet.jp .verifiedbyvisa.com .ocbc.com .3dsecure.no .santander.com.br .privatbank.ua .cartoes-itau.com.br .samsungcard.com .usaa360.com .securesuite.net .optar.com.ec .mycardplace.com *.secureacs.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.conekta.com
fonts.googleapis.com
fonts.gstatic.com
pay.conekta.com
rum.browser-intake-datadoghq.com
songbird.cardinalcommerce.com
u15438629.ct.sendgrid.net
www.googletagmanager.com
167.89.115.54
2600:1f18:24e6:b902:396c:5768:f8c3:756e
2600:9000:26db:4800:17:c5a4:5ac0:93a1
2606:4700::c6d9:fbfa
2a00:1450:4001:828::200a
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2003
3.231.180.42
0621a6ea3b1735e42c6371547396ca94c39931e65cff24a1b2a2bfce11510c3e
0a3884ca7a5c7f732d5aea0524fe7d03a45774527f500ad29d85ed4f200504f6
2c04360ee1d975cfe366729b8915598bf3e9de65992f9f0dadfb93a721755017
2e2a638b5f407344059c868ff7e4ab55e684082ca09032ae073ff73e52ecbad7
338ffbe62e90f79cd80fb87c40162013b7fcbc47ef8457e9e998c90177c03bfa
3e83c9946f98bb860bb51c23c2aa714061e5c1808db105548d51958fb6f2bfe2
427a457fd6aeae3ff2b08b8511c80df5b7df9ac2de9e8dec7b4420e63c77fdd7
4ba432e359247ffd72d8ac78b26e6fdc674c67782ab055f85d8f58cf3a2ab0b9
4d8cf70ef9fa2d3ead1d5ee5d6d083a1cf6ce3976ce9b15d2de36755989113b6
5066aa48a7fea764bb5a2f8f7e34593e36a6e7630b095fe5151f6e7b1251566e
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
5b89a1af6698220db1acadb4f9fa1e9c7ec02abb995954c9dec19ad6253aba70
62f25a77154a68f4cb4351a4824159dcb88173ca886c91a9aadd0664dc427a20
664a3f3882973c3098b1f72fc6d304ee662ea8f7a074d84772f42fc28c74be75
6b236c1802618fabe99d8042cd834122b99527c6f007a203d1ce9b8c64bc2af6
6f5e9a23c31da569497ae9c233b3a3176b33da9ecd52caa3b45dea57805a0cf8
70c8f699143e229dedd26ea4f6778a6e616902d74c60bc356aebc5cf4fc228eb
7c78829457f0ab12257c0a65167e19d6acfad39997a1b3f4d2d310804ad6d98b
7d5c445291433416a571a67c98c58bbbaf9febc9e067b33f6ed0c62428060522
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
82d7c568fd26fe065586525d5d9f90fe76a63e479c75c01e44ec00012bb5e286
8860ad99095794e9af472e994230b1d10685f6b613b8c2d39525fc8893f936f3
89d406b02758799cff68155930829b69a9fb49c39de3e264de966466d8cc7814
8cbf1614be6ef5c8648b0cc1942b12e75c7c01f1c50b754a2f2474bad0ee2935
a3c0bbe6c1f196a01c47cd719b7eb3de3944545ecd783679ffb7520f3e0e48b9
acb6e257f16872adcf38eac2feb211a226da2029f2d1052bba464b56722e815f
b061cd7741afb7a16c718c63c0638c8718aba2d3f71edb420d0aa8453ab7fcc1
b1ea56d7d424d6ca2637ad5550c884b2c9dfcfe80b18a85d105acd2c141b2a63
b33c8b83d0ddbba6aae081fd40424d87fe8ac708313bbe4e9bf2bb38c24a2d79
ba34fe871ae9c6cdce3f71ad4c3fd4b4e9daa4438eaba12683259bd68b6c7390
c61f0140fce603b105c57026c9c21a3e799d1223f0b893641e6d735a649bb780
c7c3befe28a2fe45fb772f93cc52c828a71ccebc4b9fa5c971db452f712f3e78
cbfaa06f2c69cf7792a94e25215c699a93184e915447b158ab6d454f8f3bf16a
cebd583704d06fde12de96ee34d4701b9a4ee8d08c58c83bcf97d365952376cd
d60b810f2b6d902b3767c83aef5de870646b98e241192a71e0d1d237ce3d8279
da7d8085a96244413072e1fe64d5c9e5bd1b3f5e12aee3dc1a08fd3334b67e86
def30d687690568c6dbba7a6df7dccb14d4531c7c7333d1dd702fe517e44a87e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48963ff20c371a8942956315b59bd739789668cc502ff35b97d164f608d351a
e4b2c26f22ddd4e05b828ba091fb6c263d6549eba807934513b099f2ac6c9468
ee137b22cf3783b2d9e3d4583e4e871fc3e562da74149a0e775a065f4545e59b
fe56ca2de0543e6b2498179a8f8629aca01002fcd181717098a4d5ebc2bd45c1

pay.conekta.com Open in urlscan Pro 3.231.180.42 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

46 Requests

100 %HTTPS

75 %IPv6

7 Domains

8 Subdomains

7 IPs

2 Countries

3262 kBTransfer

3796 kBSize

4 Cookies

1 Outgoing links

Page URL History

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pay.conekta.com Open in urlscan Pro
3.231.180.42 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

100 %
HTTPS

75 %
IPv6

7
Domains

8
Subdomains

7
IPs

2
Countries

3262 kB
Transfer

3796 kB
Size

4
Cookies

46 HTTP transactions
0 data transactions