urlscan.io logo urlscan.io
SecurityTrails logo

www.connectandpay.com Open in urlscan Pro
65.19.133.93  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://connectandpay.app.link/createAccount?accountId=26e9d8b6d080d1a98ee2043081d9e6f1&email=CHRIS.OVERMAN%40L3T.COM&locale=en...
Effective URL: https://www.connectandpay.com/newaccount_step2?accountId=26e9d8b6d080d1a98ee2043081d9e6f1&email=CHRIS.OVERMAN%40L3T.COM&locale...
Submission: On May 21 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 7 domains to perform 17 HTTP transactions. The main IP is 65.19.133.93, located in United States and belongs to ,. The main domain is www.connectandpay.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 14th 2017. Valid for: 2 years.
This is the only time www.connectandpay.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2600:9000:200c:4a00:19:9934:6a80:93a1 (United States)

ASN16509 (,)
connectandpay.app.link
10    65.19.133.93 (United States)

ASN6939 (,)
www.connectandpay.com
1    2a04:4e42::621 (Ascension Island)

ASN54113 (,)
cdn.polyfill.io
1    65.118.49.60 (United States)

ASN209 (,)
api.heartlandportico.com
2    151.101.0.176 (United States)

ASN54113 (,)
js.stripe.com
1    52.73.254.191 (Ashburn, United States)

ASN14618 (,)
PTR: ec2-52-73-254-191.compute-1.amazonaws.com
img.365retailmarkets.com
2    65.19.133.94 (United States)

ASN6939 (,)
tally.prod.readytouchpos.com
Domain Requested by
10 www.connectandpay.com www.connectandpay.com
2 tally.prod.readytouchpos.com www.connectandpay.com
2 js.stripe.com www.connectandpay.com
js.stripe.com
1 img.365retailmarkets.com www.connectandpay.com
1 api.heartlandportico.com www.connectandpay.com
1 cdn.polyfill.io www.connectandpay.com
1 connectandpay.app.link 1 redirects
17 7

This site contains links to these domains. Also see Links.

Domain
contents.365retailmarkets.com
Subject Issuer Validity Valid
connectandpay.com
Go Daddy Secure Certificate Authority - G2		 2017-08-14 -
2019-08-14		 2 years crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-05-14 -
2020-04-23		 a year crt.sh
*.heartlandportico.com
Entrust Certification Authority - L1K		 2017-07-31 -
2019-07-31		 2 years crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2019-02-27 -
2019-06-04		 3 months crt.sh
*.365retailmarkets.com
Go Daddy Secure Certificate Authority - G2		 2017-07-22 -
2019-08-22		 2 years crt.sh
tally.prod.readytouchpos.com
Let's Encrypt Authority X3		 2019-05-13 -
2019-08-11		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.connectandpay.com/newaccount_step2?accountId=26e9d8b6d080d1a98ee2043081d9e6f1&email=CHRIS.OVERMAN%40L3T.COM&locale=en-US&firstname=&lastname=&pin=n&_branch_match_id=659454540894580587
Frame ID: 13FA6C54A1AFCE4A7FBF800A9EE8F709
Requests: 16 HTTP requests in this frame

Frame: https://js.stripe.com/v2/m/outer.html
Frame ID: 4DDD2141D4EFCC27DF31F32179EE870B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://connectandpay.app.link/createAccount?accountId=26e9d8b6d080d1a98ee2043081d9e6f1&email=CHRIS.OVERMAN... HTTP 307
    https://www.connectandpay.com/newaccount_step2?accountId=26e9d8b6d080d1a98ee2043081d9e6f1&email=CHRIS.OVER... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /js\.stripe\.com/i
  • env /^Stripe$/i

Page Statistics

17
Requests

100 %
HTTPS

29 %
IPv6

7
Domains

7
Subdomains

6
IPs

2
Countries

961 kB
Transfer

2107 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://connectandpay.app.link/createAccount?accountId=26e9d8b6d080d1a98ee2043081d9e6f1&email=CHRIS.OVERMAN%40L3T.COM&locale=en-US&firstname=&lastname=&pin=n HTTP 307
    https://www.connectandpay.com/newaccount_step2?accountId=26e9d8b6d080d1a98ee2043081d9e6f1&email=CHRIS.OVERMAN%40L3T.COM&locale=en-US&firstname=&lastname=&pin=n&_branch_match_id=659454540894580587 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request newaccount_step2
www.connectandpay.com/
Redirect Chain
  • https://connectandpay.app.link/createAccount?accountId=26e9d8b6d080d1a98ee2043081d9e6f1&email=CHRIS.OVERMAN%40L3T.COM&locale=en-US&firstname=&lastname=&pin=n
  • https://www.connectandpay.com/newaccount_step2?accountId=26e9d8b6d080d1a98ee2043081d9e6f1&email=CHRIS.OVERMAN%40L3T.COM&locale=en-US&firstname=&lastname=&pin=n&_branch_match_id=659454540894580587
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.connectandpay.com/newaccount_step2?accountId=26e9d8b6d080d1a98ee2043081d9e6f1&email=CHRIS.OVERMAN%40L3T.COM&locale=en-US&firstname=&lastname=&pin=n&_branch_match_id=659454540894580587
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
65.19.133.93 , United States, ASN6939 (,),
Reverse DNS
Software
Apache / Express
Resource Hash
cda074c8aa345157e76cbaea8516146558947e5594f9444214e2e1a88f9920b6

Request headers

Host
www.connectandpay.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 21 May 2019 18:47:21 GMT
Server
Apache
X-Powered-By
Express
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Access-Control-Allow-Headers
Content-Type, Origin, X-Requested-With, X-AUTHENTICATION, X-IP
Access-Control-Allow-Credentials
true
Content-Type
text/html; charset=utf-8
ETag
W/"76f-F5QOPkoQ+AqkbaASRpmdbJhYywA-gzip"
set-cookie
gmaweb=s%3AGFHun2LseZJMXsmfEZoCTwKGifd6AhTT.zJE0xnpir7ofnMHUUfediwGsqhbWZNzBbymbhwjKEvM; Path=/; HttpOnly
Vary
Accept-Encoding
Content-Encoding
gzip
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked

Redirect headers

Content-Length
0
Connection
keep-alive
Server
openresty/1.13.6.2
Date
Tue, 21 May 2019 18:47:21 GMT
X-Powered-By
Express
Set-Cookie
_s=RXpuAxTZ5y%2FkZCSBl4BbobGhnhBkKbXwihM7CBZhDG7hXoLcFGGSiaP%2F%2Fi9%2BXGHl; Max-Age=31536000; Domain=.app.link; Path=/; Expires=Wed, 20 May 2020 18:47:21 GMT
Last-Modified
Tue, 21 May 2019 18:47:21 GMT
Location
https://www.connectandpay.com/newaccount_step2?accountId=26e9d8b6d080d1a98ee2043081d9e6f1&email=CHRIS.OVERMAN%40L3T.COM&locale=en-US&firstname=&lastname=&pin=n&_branch_match_id=659454540894580587
X-Cache
Miss from cloudfront
Via
1.1 87de52593927dfce090da0b24ddc3123.cloudfront.net (CloudFront)
X-Amz-Cf-Id
IouIUTy1ZDBEuH35w-y0Li0_f_3wwp92-h9-m1vkzFr7Q08qc5QibA==
login.css
www.connectandpay.com/css/ 		120 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.connectandpay.com/css/login.css
Requested by
Host: www.connectandpay.com
URL: https://www.connectandpay.com/newaccount_step2?accountId=26e9d8b6d080d1a98ee2043081d9e6f1&email=CHRIS.OVERMAN%40L3T.COM&locale=en-US&firstname=&lastname=&pin=n&_branch_match_id=659454540894580587
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
65.19.133.93 , United States, ASN6939 (,),
Reverse DNS
Software
Apache / Express
Resource Hash
25bc1953ff74da1f04af2dc8faab798626bb195a2547c54d365005e6116c9bcd

Request headers

Referer
https://www.connectandpay.com/newaccount_step2?accountId=26e9d8b6d080d1a98ee2043081d9e6f1&email=CHRIS.OVERMAN%40L3T.COM&locale=en-US&firstname=&lastname=&pin=n&_branch_match_id=659454540894580587
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 21 May 2019 18:47:22 GMT
Content-Encoding
gzip
X-Powered-By
Express
Connection
Keep-Alive
Content-Length
19957
Keep-Alive
timeout=5, max=99
Last-Modified
Mon, 29 Apr 2019 23:41:08 GMT
Server
Apache
ETag
W/"1de10-16a6b793aa5-gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
text/css; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=0
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type, Origin, X-Requested-With, X-AUTHENTICATION, X-IP
oldbrowser.js
www.connectandpay.com/js/ 		21 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.connectandpay.com/js/oldbrowser.js
Requested by
Host: www.connectandpay.com
URL: https://www.connectandpay.com/newaccount_step2?accountId=26e9d8b6d080d1a98ee2043081d9e6f1&email=CHRIS.OVERMAN%40L3T.COM&locale=en-US&firstname=&lastname=&pin=n&_branch_match_id=659454540894580587
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
65.19.133.93 , United States, ASN6939 (,),
Reverse DNS
Software
Apache / Express
Resource Hash
2ded3e222d502e7e70c06c3c212593471c708792707f28e42373e64e3c726374

Request headers

Referer
https://www.connectandpay.com/newaccount_step2?accountId=26e9d8b6d080d1a98ee2043081d9e6f1&email=CHRIS.OVERMAN%40L3T.COM&locale=en-US&firstname=&lastname=&pin=n&_branch_match_id=659454540894580587
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 21 May 2019 18:47:22 GMT
Content-Encoding
gzip
X-Powered-By
Express
Connection
Keep-Alive
Content-Length
4225
Keep-Alive
timeout=5, max=98
Last-Modified
Mon, 29 Apr 2019 23:42:06 GMT
Server
Apache
ETag
W/"5377-16a6b7a1ea8-gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=0
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type, Origin, X-Requested-With, X-AUTHENTICATION, X-IP
polyfill.min.js
cdn.polyfill.io/v2/ 		222 B
555 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js?features=Intl.~locale.en
Requested by
Host: www.connectandpay.com
URL: https://www.connectandpay.com/newaccount_step2?accountId=26e9d8b6d080d1a98ee2043081d9e6f1&email=CHRIS.OVERMAN%40L3T.COM&locale=en-US&firstname=&lastname=&pin=n&_branch_match_id=659454540894580587
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::621 , Ascension Island, ASN54113 (,),
Reverse DNS
Software
/
Resource Hash
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.connectandpay.com/newaccount_step2?accountId=26e9d8b6d080d1a98ee2043081d9e6f1&email=CHRIS.OVERMAN%40L3T.COM&locale=en-US&firstname=&lastname=&pin=n&_branch_match_id=659454540894580587
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
age
545343
normalized-user-agent
chrome/67.0.0
detected-user-agent
Chrome/67.0.3396
status
200
date
Tue, 21 May 2019 18:47:22 GMT
request_came_from_shield
FRA
server-timing
HIT, fastly;desc="Edge time";dur=0, HIT-CLUSTER, fastly;desc="Edge time";dur=2
content-length
126
referrer-policy
origin-when-cross-origin
etag
W/"7e-Lg1mQtlDtrujPBTtidtsoNmOeEQ"
vary
User-Agent, Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
securesubmit.js
api.heartlandportico.com/SecureSubmit.v1/token/2.1/ 		105 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.heartlandportico.com/SecureSubmit.v1/token/2.1/securesubmit.js
Requested by
Host: www.connectandpay.com
URL: https://www.connectandpay.com/newaccount_step2?accountId=26e9d8b6d080d1a98ee2043081d9e6f1&email=CHRIS.OVERMAN%40L3T.COM&locale=en-US&firstname=&lastname=&pin=n&_branch_match_id=659454540894580587
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
65.118.49.60 , United States, ASN209 (,),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
aa0fdda48e7c81e32ad57589de4ab49b87622e06c3b038f0347ff48c83a13dee
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.connectandpay.com/newaccount_step2?accountId=26e9d8b6d080d1a98ee2043081d9e6f1&email=CHRIS.OVERMAN%40L3T.COM&locale=en-US&firstname=&lastname=&pin=n&_branch_match_id=659454540894580587
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 21 May 2019 18:47:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 05 Jul 2018 14:24:22 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
23104
ETag
"06fcde6b14d41:0"
/
js.stripe.com/v3/ 		125 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: www.connectandpay.com
URL: https://www.connectandpay.com/newaccount_step2?accountId=26e9d8b6d080d1a98ee2043081d9e6f1&email=CHRIS.OVERMAN%40L3T.COM&locale=en-US&firstname=&lastname=&pin=n&_branch_match_id=659454540894580587
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (,),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f48289ce3aabc352575941aad480fe997feec28548c9b2fe7774ba07ad0c205f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://www.connectandpay.com/newaccount_step2?accountId=26e9d8b6d080d1a98ee2043081d9e6f1&email=CHRIS.OVERMAN%40L3T.COM&locale=en-US&firstname=&lastname=&pin=n&_branch_match_id=659454540894580587
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 21 May 2019 18:47:22 GMT
content-encoding
gzip
content-type
application/javascript; charset=utf-8
age
88
x-cache
HIT
status
200
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-length
33627
x-amz-id-2
/wO2sgdq3upjX8J+t5SR+ETGw8y221BajvaeFnIMfNaGG0GsVOn7TL/EFn/lQlh1kGRNKx7+kQg=
x-served-by
cache-hhn1547-HHN
last-modified
Mon, 20 May 2019 19:04:55 GMT
server
AmazonS3
x-timer
S1558464442.019658,VS0,VE0
etag
"efd64b70ceb700892f58aaa44e84b3e6"
vary
Accept-Encoding
x-amz-request-id
A8BAF936EB1B39CE
via
1.1 varnish
cache-control
public, max-age=300
content-security-policy
default-src 'self'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
136
login.js
www.connectandpay.com/js/ 		1 MB
306 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.connectandpay.com/js/login.js
Requested by
Host: www.connectandpay.com
URL: https://www.connectandpay.com/newaccount_step2?accountId=26e9d8b6d080d1a98ee2043081d9e6f1&email=CHRIS.OVERMAN%40L3T.COM&locale=en-US&firstname=&lastname=&pin=n&_branch_match_id=659454540894580587
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
65.19.133.93 , United States, ASN6939 (,),
Reverse DNS
Software
Apache / Express
Resource Hash
6d88ed89a0b57a7c716fba35fc84a28709f1e8e1ee342df8ddade2220c50acbe

Request headers

Referer
https://www.connectandpay.com/newaccount_step2?accountId=26e9d8b6d080d1a98ee2043081d9e6f1&email=CHRIS.OVERMAN%40L3T.COM&locale=en-US&firstname=&lastname=&pin=n&_branch_match_id=659454540894580587
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 21 May 2019 18:47:22 GMT
Content-Encoding
gzip
X-Powered-By
Express
Transfer-Encoding
chunked
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Last-Modified
Mon, 29 Apr 2019 23:42:06 GMT
Server
Apache
ETag
W/"123c42-16a6b7a1ea8-gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=0
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type, Origin, X-Requested-With, X-AUTHENTICATION, X-IP
canteen-bg.png
www.connectandpay.com/img/ 		307 KB
307 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.connectandpay.com/img/canteen-bg.png
Requested by
Host: www.connectandpay.com
URL: https://www.connectandpay.com/newaccount_step2?accountId=26e9d8b6d080d1a98ee2043081d9e6f1&email=CHRIS.OVERMAN%40L3T.COM&locale=en-US&firstname=&lastname=&pin=n&_branch_match_id=659454540894580587
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
65.19.133.93 , United States, ASN6939 (,),
Reverse DNS
Software
Apache / Express
Resource Hash
fcb4069d58be06c29b8f8cb36b4a89cbc65e1bf50d847cfda43b5f6ab0e5841f

Request headers

Referer
https://www.connectandpay.com/css/login.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 21 May 2019 18:47:23 GMT
ETag
W/"4cb6b-16a6b791a5d"
Last-Modified
Mon, 29 Apr 2019 23:40:59 GMT
Server
Apache
X-Powered-By
Express
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=0
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type, Origin, X-Requested-With, X-AUTHENTICATION, X-IP
Content-Length
314219
Keep-Alive
timeout=5, max=97
gmaapiUrl
www.connectandpay.com/config/ 		45 B
521 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.connectandpay.com/config/gmaapiUrl
Requested by
Host: www.connectandpay.com
URL: https://www.connectandpay.com/js/login.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
65.19.133.93 , United States, ASN6939 (,),
Reverse DNS
Software
Apache / Express
Resource Hash
f0dd0767b413d6e88f92b7ea1476f835054073d964830e1ad8b37f669087e3ac

Request headers

Referer
https://www.connectandpay.com/newaccount_step2?accountId=26e9d8b6d080d1a98ee2043081d9e6f1&email=CHRIS.OVERMAN%40L3T.COM&locale=en-US&firstname=&lastname=&pin=n&_branch_match_id=659454540894580587
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 21 May 2019 18:47:23 GMT
Server
Apache
X-Powered-By
Express
ETag
W/"2d-ze/PZau8HRmWcVQtOEpgFkGMhVo"
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Access-Control-Allow-Headers
Content-Type, Origin, X-Requested-With, X-AUTHENTICATION, X-IP
Content-Length
45
Keep-Alive
timeout=5, max=99
outer.html
js.stripe.com/v2/m/ Frame 4DDD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v2/m/outer.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (,),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v2/m/outer.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.connectandpay.com/newaccount_step2?accountId=26e9d8b6d080d1a98ee2043081d9e6f1&email=CHRIS.OVERMAN%40L3T.COM&locale=en-US&firstname=&lastname=&pin=n&_branch_match_id=659454540894580587
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.connectandpay.com/newaccount_step2?accountId=26e9d8b6d080d1a98ee2043081d9e6f1&email=CHRIS.OVERMAN%40L3T.COM&locale=en-US&firstname=&lastname=&pin=n&_branch_match_id=659454540894580587

Response headers

status
200
x-amz-id-2
LAnsnsTNoVpv6oi25DHhwB+VaRUVxEaAhsEuN0tFYht8X6gbRjq7UyDq8YWTSaSI1W/cDKT2MrY=
x-amz-request-id
536C64458FAC5A43
last-modified
Wed, 06 Sep 2017 17:40:34 GMT
etag
"51b76bd7931c50d2bf6d4c5a93d343f9"
cache-control
public, max-age=300
content-type
text/html; charset=utf-8
server
AmazonS3
content-encoding
gzip
accept-ranges
bytes
date
Tue, 21 May 2019 18:47:23 GMT
via
1.1 varnish
age
243
x-served-by
cache-hhn1547-HHN
x-cache
HIT
x-cache-hits
486
x-timer
S1558464443.388165,VS0,VE0
vary
Accept-Encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
content-length
388
canteenlogo.png
img.365retailmarkets.com/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.365retailmarkets.com/canteenlogo.png
Requested by
Host: www.connectandpay.com
URL: https://www.connectandpay.com/newaccount_step2?accountId=26e9d8b6d080d1a98ee2043081d9e6f1&email=CHRIS.OVERMAN%40L3T.COM&locale=en-US&firstname=&lastname=&pin=n&_branch_match_id=659454540894580587
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.254.191 Ashburn, United States, ASN14618 (,),
Reverse DNS
ec2-52-73-254-191.compute-1.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
4d41093bb9a8de18870e8450ced7f0a7fb6236c44bc7bbd5ee514129410821fd

Request headers

Referer
https://www.connectandpay.com/css/login.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 21 May 2019 18:47:23 GMT
Last-Modified
Fri, 30 Mar 2018 17:38:45 GMT
Server
Apache/2.4.25 (Debian)
ETag
"250e-568a4b63e1340"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
9486
GothamHTF-Bold.otf
www.connectandpay.com/fonts/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.connectandpay.com/fonts/GothamHTF-Bold.otf
Requested by
Host: www.connectandpay.com
URL: https://www.connectandpay.com/newaccount_step2?accountId=26e9d8b6d080d1a98ee2043081d9e6f1&email=CHRIS.OVERMAN%40L3T.COM&locale=en-US&firstname=&lastname=&pin=n&_branch_match_id=659454540894580587
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
65.19.133.93 , United States, ASN6939 (,),
Reverse DNS
Software
Apache / Express
Resource Hash
20b0829cd37e62f168f7d001e09ad8af2640d71b5219daaa1aed68df4fbef8f8

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.connectandpay.com/css/login.css
Origin
https://www.connectandpay.com

Response headers

Date
Tue, 21 May 2019 18:47:23 GMT
ETag
W/"867c-16a6b79109d"
Last-Modified
Mon, 29 Apr 2019 23:40:57 GMT
Server
Apache
X-Powered-By
Express
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
font/otf
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=0
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type, Origin, X-Requested-With, X-AUTHENTICATION, X-IP
Content-Length
34428
Keep-Alive
timeout=5, max=100
ionicons.ttf
www.connectandpay.com/fonts/ 		184 KB
185 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.connectandpay.com/fonts/ionicons.ttf?v=2.0.0
Requested by
Host: www.connectandpay.com
URL: https://www.connectandpay.com/newaccount_step2?accountId=26e9d8b6d080d1a98ee2043081d9e6f1&email=CHRIS.OVERMAN%40L3T.COM&locale=en-US&firstname=&lastname=&pin=n&_branch_match_id=659454540894580587
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
65.19.133.93 , United States, ASN6939 (,),
Reverse DNS
Software
Apache / Express
Resource Hash
2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.connectandpay.com/css/login.css
Origin
https://www.connectandpay.com

Response headers

Date
Tue, 21 May 2019 18:47:23 GMT
ETag
W/"2e05c-16a6b7910e1"
Last-Modified
Mon, 29 Apr 2019 23:40:57 GMT
Server
Apache
X-Powered-By
Express
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
application/x-font-ttf
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=0
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type, Origin, X-Requested-With, X-AUTHENTICATION, X-IP
Content-Length
188508
Keep-Alive
timeout=5, max=98
GothamHTF-Book.otf
www.connectandpay.com/fonts/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.connectandpay.com/fonts/GothamHTF-Book.otf
Requested by
Host: www.connectandpay.com
URL: https://www.connectandpay.com/newaccount_step2?accountId=26e9d8b6d080d1a98ee2043081d9e6f1&email=CHRIS.OVERMAN%40L3T.COM&locale=en-US&firstname=&lastname=&pin=n&_branch_match_id=659454540894580587
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
65.19.133.93 , United States, ASN6939 (,),
Reverse DNS
Software
Apache / Express
Resource Hash
10aecc1b975aa9c32b3d9ec00c2f7ed3c5031ba1b05cb73097db001db085cfbc

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.connectandpay.com/css/login.css
Origin
https://www.connectandpay.com

Response headers

Date
Tue, 21 May 2019 18:47:23 GMT
ETag
W/"82ac-16a6b7910d5"
Last-Modified
Mon, 29 Apr 2019 23:40:57 GMT
Server
Apache
X-Powered-By
Express
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
font/otf
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=0
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type, Origin, X-Requested-With, X-AUTHENTICATION, X-IP
Content-Length
33452
Keep-Alive
timeout=5, max=99
login
www.connectandpay.com/auth/ 		224 B
701 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.connectandpay.com/auth/login
Requested by
Host: www.connectandpay.com
URL: https://www.connectandpay.com/js/login.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
65.19.133.93 , United States, ASN6939 (,),
Reverse DNS
Software
Apache / Express
Resource Hash
845dcdf3313ea8bc2993e46b3a51ba249e5678ec455eb53de283a18080eb049b

Request headers

Accept
application/json
Referer
https://www.connectandpay.com/newaccount_step2?accountId=26e9d8b6d080d1a98ee2043081d9e6f1&email=CHRIS.OVERMAN%40L3T.COM&locale=en-US&firstname=&lastname=&pin=n&_branch_match_id=659454540894580587
Origin
https://www.connectandpay.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/json

Response headers

Date
Tue, 21 May 2019 18:47:23 GMT
Server
Apache
X-Powered-By
Express
ETag
W/"e0-WXazi/30ltnMLyOm9ViIBpZTfWw"
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Access-Control-Allow-Headers
Content-Type, Origin, X-Requested-With, X-AUTHENTICATION, X-IP
Content-Length
224
Keep-Alive
timeout=5, max=96
show
tally.prod.readytouchpos.com/gmaapi/mka/ 		0
487 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tally.prod.readytouchpos.com/gmaapi/mka/show?id=26e9d8b6d080d1a98ee2043081d9e6f1
Requested by
Host: www.connectandpay.com
URL: https://www.connectandpay.com/js/login.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
65.19.133.94 , United States, ASN6939 (,),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
GET
Origin
https://www.connectandpay.com
Referer
https://www.connectandpay.com/newaccount_step2?accountId=26e9d8b6d080d1a98ee2043081d9e6f1&email=CHRIS.OVERMAN%40L3T.COM&locale=en-US&firstname=&lastname=&pin=n&_branch_match_id=659454540894580587
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers
authorization,content-type

Response headers

Date
Tue, 21 May 2019 18:47:24 GMT
Server
Apache/2.4.18 (Ubuntu)
X-Powered-By
Express
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Access-Control-Allow-Origin
https://www.connectandpay.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Request-Id
e5ed20ba-ebba-4b4c-a582-9103fb8a31a2
Access-Control-Allow-Headers
Content-Type, Origin, X-Requested-With, X-AUTHENTICATION, X-IP, Authorization
Keep-Alive
timeout=5, max=100
show
tally.prod.readytouchpos.com/gmaapi/mka/ 		1002 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tally.prod.readytouchpos.com/gmaapi/mka/show?id=26e9d8b6d080d1a98ee2043081d9e6f1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
65.19.133.94 , United States, ASN6939 (,),
Reverse DNS
Software
Jetty(9.2.6.v20141205) / Express
Resource Hash
5f2dd3e54edb00824d6f2821bf33ac2a6559ffdede5a8b0a8ff9ac1f9f58dd46

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.connectandpay.com/newaccount_step2?accountId=26e9d8b6d080d1a98ee2043081d9e6f1&email=CHRIS.OVERMAN%40L3T.COM&locale=en-US&firstname=&lastname=&pin=n&_branch_match_id=659454540894580587
Origin
https://www.connectandpay.com
Authorization
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhcGlrZXkiOiI2ZTU4M2QzMTRkYjVlZGQyMzNkZjRkMjk1NDEyZGFmNyIsInJvbGVzIjpbImdtYWFwaSJdLCJpYXQiOjE1NTg0NjQ0NDMsImV4cCI6MTU1ODQ3MTY0M30.ZYLYgwM6mev4weCQHtv1cQihzuZzHd3ONHPu-BRLjxk
Content-Type
application/json;charset=UTF-8

Response headers

Date
Tue, 21 May 2019 18:47:25 GMT
Server
Jetty(9.2.6.v20141205)
Access-Control-Allow-Headers
Content-Type, Origin, X-Requested-With, X-AUTHENTICATION, X-IP, Authorization
X-Powered-By
Express
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.connectandpay.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
content-length
1002
X-Request-Id
87ea75a8-f876-4241-954c-e70f0099a9c3

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| Heartland function| HPS function| Stripe object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| Login function| $

3 Cookies

Domain/Path Name / Value
.www.connectandpay.com/ Name: __stripe_sid
Value: 933cd21e-3655-4600-844b-9cc3fe1a0c2b
.www.connectandpay.com/ Name: __stripe_mid
Value: 4542f8fc-50bf-4975-92b0-c98b6954b124
www.connectandpay.com/ Name: gmaweb
Value: s%3AGFHun2LseZJMXsmfEZoCTwKGifd6AhTT.zJE0xnpir7ofnMHUUfediwGsqhbWZNzBbymbhwjKEvM