urlscan.io logo urlscan.io
SecurityTrails logo

direct-demo.currencycloud.com Open in urlscan Pro
2606:4700:4400::ac40:95ce  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://direct-demo.currencycloud.com/
Effective URL: https://direct-demo.currencycloud.com/login
Submission: On October 31 via manual — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 1 countries across 5 domains to perform 26 HTTP transactions. The main IP is 2606:4700:4400::ac40:95ce, located in United States and belongs to CLOUDFLARENET, US. The main domain is direct-demo.currencycloud.com.
TLS certificate: Issued by E5 on October 13th 2024. Valid for: 3 months.
This is the only time direct-demo.currencycloud.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 20 2606:4700:440... 13335 (CLOUDFLAR...)
4 34.107.253.133 396982 (GOOGLE-CL...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:1901:0:b... 15169 (GOOGLE)
1 2600:1901:0:a... 15169 (GOOGLE)
26 5
20    2606:4700:4400::ac40:95ce (United States)

ASN13335 (CLOUDFLARENET, US)
direct-demo.currencycloud.com
direct-assets-demo.currencycloud.com
4    34.107.253.133 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 133.253.107.34.bc.googleusercontent.com
policy.cookiereports.com
1    2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    2600:1901:0:bc29:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
cdn.mxpnl.com
1    2600:1901:0:a9f9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
browser-intake-datadoghq.eu
Apex Domain
Subdomains		 Transfer
20 currencycloud.com
direct-demo.currencycloud.com
direct-assets-demo.currencycloud.com
2 MB
4 cookiereports.com
policy.cookiereports.com — Cisco Umbrella Rank: 65053
55 KB
1 browser-intake-datadoghq.eu
browser-intake-datadoghq.eu — Cisco Umbrella Rank: 8623
340 B
1 mxpnl.com
cdn.mxpnl.com — Cisco Umbrella Rank: 3511
19 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 683
7 KB
26 5
Domain Requested by
16 direct-demo.currencycloud.com 1 redirects direct-demo.currencycloud.com
4 direct-assets-demo.currencycloud.com direct-demo.currencycloud.com
4 policy.cookiereports.com direct-demo.currencycloud.com
policy.cookiereports.com
1 browser-intake-datadoghq.eu direct-demo.currencycloud.com
1 cdn.mxpnl.com direct-demo.currencycloud.com
1 static.cloudflareinsights.com direct-demo.currencycloud.com
26 6

This site contains links to these domains. Also see Links.

Domain
www.currencycloud.com
policy.cookiereports.com
www.visa.com
www.digitalcontrolroom.com
Subject Issuer Validity Valid
currencycloud.com
E5		 2024-10-13 -
2025-01-11		 3 months crt.sh
policy.cookiereports.com
Gandi RSA Domain Validation Secure Server CA 3		 2024-05-07 -
2025-05-24		 a year crt.sh
cloudflareinsights.com
WE1		 2024-09-03 -
2024-12-02		 3 months crt.sh
*.mxpnl.com
GeoTrust TLS RSA CA G1		 2024-07-15 -
2025-07-29		 a year crt.sh
*.browser-intake-datadoghq.eu
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-30 -
2025-08-03		 a year crt.sh

This page contains 1 frames:

Primary Page: https://direct-demo.currencycloud.com/login
Frame ID: 32AFF7F764219FC30450BE348C1DE0F3
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Currencycloud Direct

Page URL History Show full URLs

  1. https://direct-demo.currencycloud.com/ HTTP 302
    https://direct-demo.currencycloud.com/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

26
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

6
Subdomains

5
IPs

1
Countries

2074 kB
Transfer

7731 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://direct-demo.currencycloud.com/ HTTP 302
    https://direct-demo.currencycloud.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
direct-demo.currencycloud.com/
Redirect Chain
  • https://direct-demo.currencycloud.com/
  • https://direct-demo.currencycloud.com/login
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://direct-demo.currencycloud.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6be7b0d1a13867377f33f116a2cc78c3230731c59a5a9a54484925cfd21ef43f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' www.google-analytics.com stats.g.doubleclick.net policy.cookiereports.com api.mixpanel.com insights.currencycloud.com insights.paydirect.io static.zdassets.com ekr.zdassets.com currencycloud.zendesk.com currencycloud1567520168.zendesk.com wss://currencycloud.zendesk.com wss://currencycloud1567520168.zendesk.com wss://*.zopim.com browser-intake-datadoghq.eu datadoghq.eu zendesk-eu.my.sentry.io api.smooch.io/faye wss://api.smooch.io/faye; font-src 'self' data: https:; frame-src 'self' insights.currencycloud.com insights.paydirect.io; img-src 'self' https: data: *.nonprod.ccycloud.io minio:9000; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline' blob: *.nonprod.ccycloud.io minio:9000; worker-src blob:; report-uri https://browser-intake-datadoghq.eu/api/v2/logs?dd-api-key=pubbf05e090e63688bb9c29a3939115954b&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Adirect%2C
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
private, no-store
cf-cache-status
DYNAMIC
cf-ray
8db2cf0279053802-FRA
content-encoding
gzip
content-security-policy
default-src 'self'; connect-src 'self' www.google-analytics.com stats.g.doubleclick.net policy.cookiereports.com api.mixpanel.com insights.currencycloud.com insights.paydirect.io static.zdassets.com ekr.zdassets.com currencycloud.zendesk.com currencycloud1567520168.zendesk.com wss://currencycloud.zendesk.com wss://currencycloud1567520168.zendesk.com wss://*.zopim.com browser-intake-datadoghq.eu datadoghq.eu zendesk-eu.my.sentry.io api.smooch.io/faye wss://api.smooch.io/faye; font-src 'self' data: https:; frame-src 'self' insights.currencycloud.com insights.paydirect.io; img-src 'self' https: data: *.nonprod.ccycloud.io minio:9000; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline' blob: *.nonprod.ccycloud.io minio:9000; worker-src blob:; report-uri https://browser-intake-datadoghq.eu/api/v2/logs?dd-api-key=pubbf05e090e63688bb9c29a3939115954b&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Adirect%2C
content-type
text/html; charset=utf-8
date
Thu, 31 Oct 2024 10:02:17 GMT
expires
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC"
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-download-options
noopen
x-envoy-upstream-service-time
62
x-frame-options
sameorigin
x-permitted-cross-domain-policies
none
x-request-id
b3a656cb-042b-4e12-94a8-c64a94d66d68
x-runtime
0.059586
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8db2cf01e8823802-FRA
content-security-policy
default-src 'self'; connect-src 'self' www.google-analytics.com stats.g.doubleclick.net policy.cookiereports.com api.mixpanel.com insights.currencycloud.com insights.paydirect.io static.zdassets.com ekr.zdassets.com currencycloud.zendesk.com currencycloud1567520168.zendesk.com wss://currencycloud.zendesk.com wss://currencycloud1567520168.zendesk.com wss://*.zopim.com browser-intake-datadoghq.eu datadoghq.eu zendesk-eu.my.sentry.io api.smooch.io/faye wss://api.smooch.io/faye; font-src 'self' data: https:; frame-src 'self' insights.currencycloud.com insights.paydirect.io; img-src 'self' https: data: *.nonprod.ccycloud.io minio:9000; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline' blob: *.nonprod.ccycloud.io minio:9000; worker-src blob:; report-uri https://browser-intake-datadoghq.eu/api/v2/logs?dd-api-key=pubbf05e090e63688bb9c29a3939115954b&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Adirect%2C
content-type
text/html; charset=utf-8
date
Thu, 31 Oct 2024 10:02:17 GMT
location
https://direct-demo.currencycloud.com/login
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC"
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-download-options
noopen
x-envoy-upstream-service-time
5
x-frame-options
sameorigin
x-permitted-cross-domain-policies
none
x-request-id
a368807e-7c82-4ba1-a8df-69e83523d3d2
x-runtime
0.002347
x-xss-protection
1; mode=block
07d065c0_panel-en-gb.js
policy.cookiereports.com/ 		105 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://policy.cookiereports.com/07d065c0_panel-en-gb.js
Requested by
Host: direct-demo.currencycloud.com
URL: https://direct-demo.currencycloud.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.253.133 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
133.253.107.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
ffde1f1d48b3b9541b0ca4a4fbd78cb572bd56f2cab23c4ba52bbbcad83eb8ac
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'self'; img-src 'self'; script-src https://policy.cookiereports.com/f/frame.js;
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://direct-demo.currencycloud.com/

Response headers

content-security-policy
default-src 'none'; style-src 'self'; img-src 'self'; script-src https://policy.cookiereports.com/f/frame.js;
cache-control
public,max-age=3600
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 10:02:17 GMT
content-type
application/javascript
vary
Accept-Encoding
server
Apache
datadog-rum-e6976814829685da05faf5b93c837870331a1d0cb77a0311a7d1ab3010905235.js
direct-demo.currencycloud.com/assets/ 		163 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://direct-demo.currencycloud.com/assets/datadog-rum-e6976814829685da05faf5b93c837870331a1d0cb77a0311a7d1ab3010905235.js
Requested by
Host: direct-demo.currencycloud.com
URL: https://direct-demo.currencycloud.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f58ba644962b9d387b3d42f5f88f7775fcb9bd03164f326fd1a9f6e8487319cd
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' www.google-analytics.com stats.g.doubleclick.net policy.cookiereports.com api.mixpanel.com insights.currencycloud.com insights.paydirect.io static.zdassets.com ekr.zdassets.com currencycloud.zendesk.com currencycloud1567520168.zendesk.com wss://currencycloud.zendesk.com wss://currencycloud1567520168.zendesk.com wss://*.zopim.com browser-intake-datadoghq.eu datadoghq.eu zendesk-eu.my.sentry.io api.smooch.io/faye wss://api.smooch.io/faye; font-src 'self' data: https:; frame-src 'self' insights.currencycloud.com insights.paydirect.io; img-src 'self' https: data: *.nonprod.ccycloud.io minio:9000; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline' blob: *.nonprod.ccycloud.io minio:9000; worker-src blob:; report-uri https://browser-intake-datadoghq.eu/api/v2/logs?dd-api-key=pubbf05e090e63688bb9c29a3939115954b&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Adirect%2C
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://direct-demo.currencycloud.com/login

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
2860
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Thu, 31 Oct 2024 10:32:17 GMT
date
Thu, 31 Oct 2024 10:02:17 GMT
content-type
application/javascript
last-modified
Tue, 29 Oct 2024 18:09:03 GMT
vary
Accept-Encoding
x-frame-options
sameorigin
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self'; connect-src 'self' www.google-analytics.com stats.g.doubleclick.net policy.cookiereports.com api.mixpanel.com insights.currencycloud.com insights.paydirect.io static.zdassets.com ekr.zdassets.com currencycloud.zendesk.com currencycloud1567520168.zendesk.com wss://currencycloud.zendesk.com wss://currencycloud1567520168.zendesk.com wss://*.zopim.com browser-intake-datadoghq.eu datadoghq.eu zendesk-eu.my.sentry.io api.smooch.io/faye wss://api.smooch.io/faye; font-src 'self' data: https:; frame-src 'self' insights.currencycloud.com insights.paydirect.io; img-src 'self' https: data: *.nonprod.ccycloud.io minio:9000; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline' blob: *.nonprod.ccycloud.io minio:9000; worker-src blob:; report-uri https://browser-intake-datadoghq.eu/api/v2/logs?dd-api-key=pubbf05e090e63688bb9c29a3939115954b&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Adirect%2C
cache-control
public, max-age=1800
x-envoy-upstream-service-time
2
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8db2cf03da633802-FRA
accept-ranges
bytes
content-length
54971
x-xss-protection
1; mode=block
server
cloudflare
isbot-a88d9b2bde970c9def3614bbaf31516bbea8f95675595b6e8bd63eb245d73c19.js
direct-demo.currencycloud.com/assets/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://direct-demo.currencycloud.com/assets/isbot-a88d9b2bde970c9def3614bbaf31516bbea8f95675595b6e8bd63eb245d73c19.js
Requested by
Host: direct-demo.currencycloud.com
URL: https://direct-demo.currencycloud.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f24ad940a17cf08dfe4cd3f47cd70a62e2aad68e513ef99de3f31898aea58abd
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' www.google-analytics.com stats.g.doubleclick.net policy.cookiereports.com api.mixpanel.com insights.currencycloud.com insights.paydirect.io static.zdassets.com ekr.zdassets.com currencycloud.zendesk.com currencycloud1567520168.zendesk.com wss://currencycloud.zendesk.com wss://currencycloud1567520168.zendesk.com wss://*.zopim.com browser-intake-datadoghq.eu datadoghq.eu zendesk-eu.my.sentry.io api.smooch.io/faye wss://api.smooch.io/faye; font-src 'self' data: https:; frame-src 'self' insights.currencycloud.com insights.paydirect.io; img-src 'self' https: data: *.nonprod.ccycloud.io minio:9000; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline' blob: *.nonprod.ccycloud.io minio:9000; worker-src blob:; report-uri https://browser-intake-datadoghq.eu/api/v2/logs?dd-api-key=pubbf05e090e63688bb9c29a3939115954b&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Adirect%2C
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://direct-demo.currencycloud.com/login

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Thu, 31 Oct 2024 10:32:17 GMT
date
Thu, 31 Oct 2024 10:02:17 GMT
content-type
application/javascript
last-modified
Tue, 29 Oct 2024 18:09:03 GMT
vary
Accept-Encoding
x-frame-options
sameorigin
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self'; connect-src 'self' www.google-analytics.com stats.g.doubleclick.net policy.cookiereports.com api.mixpanel.com insights.currencycloud.com insights.paydirect.io static.zdassets.com ekr.zdassets.com currencycloud.zendesk.com currencycloud1567520168.zendesk.com wss://currencycloud.zendesk.com wss://currencycloud1567520168.zendesk.com wss://*.zopim.com browser-intake-datadoghq.eu datadoghq.eu zendesk-eu.my.sentry.io api.smooch.io/faye wss://api.smooch.io/faye; font-src 'self' data: https:; frame-src 'self' insights.currencycloud.com insights.paydirect.io; img-src 'self' https: data: *.nonprod.ccycloud.io minio:9000; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline' blob: *.nonprod.ccycloud.io minio:9000; worker-src blob:; report-uri https://browser-intake-datadoghq.eu/api/v2/logs?dd-api-key=pubbf05e090e63688bb9c29a3939115954b&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Adirect%2C
cache-control
public, max-age=1800
x-envoy-upstream-service-time
3
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8db2cf03da653802-FRA
accept-ranges
bytes
content-length
1409
x-xss-protection
1; mode=block
server
cloudflare
332-eb19e1e5.css
direct-demo.currencycloud.com/packs/css/ 		674 KB
111 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://direct-demo.currencycloud.com/packs/css/332-eb19e1e5.css
Requested by
Host: direct-demo.currencycloud.com
URL: https://direct-demo.currencycloud.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61409d5ffab15eddc9f46b1a104bd1cebfd45960bd73ae5fbdef7ace5eb9c7ca
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' www.google-analytics.com stats.g.doubleclick.net policy.cookiereports.com api.mixpanel.com insights.currencycloud.com insights.paydirect.io static.zdassets.com ekr.zdassets.com currencycloud.zendesk.com currencycloud1567520168.zendesk.com wss://currencycloud.zendesk.com wss://currencycloud1567520168.zendesk.com wss://*.zopim.com browser-intake-datadoghq.eu datadoghq.eu zendesk-eu.my.sentry.io api.smooch.io/faye wss://api.smooch.io/faye; font-src 'self' data: https:; frame-src 'self' insights.currencycloud.com insights.paydirect.io; img-src 'self' https: data: *.nonprod.ccycloud.io minio:9000; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline' blob: *.nonprod.ccycloud.io minio:9000; worker-src blob:; report-uri https://browser-intake-datadoghq.eu/api/v2/logs?dd-api-key=pubbf05e090e63688bb9c29a3939115954b&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Adirect%2C
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://direct-demo.currencycloud.com/login

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
2860
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Thu, 31 Oct 2024 10:32:17 GMT
date
Thu, 31 Oct 2024 10:02:17 GMT
content-type
text/css
last-modified
Tue, 29 Oct 2024 18:10:56 GMT
vary
Accept-Encoding
x-frame-options
sameorigin
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self'; connect-src 'self' www.google-analytics.com stats.g.doubleclick.net policy.cookiereports.com api.mixpanel.com insights.currencycloud.com insights.paydirect.io static.zdassets.com ekr.zdassets.com currencycloud.zendesk.com currencycloud1567520168.zendesk.com wss://currencycloud.zendesk.com wss://currencycloud1567520168.zendesk.com wss://*.zopim.com browser-intake-datadoghq.eu datadoghq.eu zendesk-eu.my.sentry.io api.smooch.io/faye wss://api.smooch.io/faye; font-src 'self' data: https:; frame-src 'self' insights.currencycloud.com insights.paydirect.io; img-src 'self' https: data: *.nonprod.ccycloud.io minio:9000; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline' blob: *.nonprod.ccycloud.io minio:9000; worker-src blob:; report-uri https://browser-intake-datadoghq.eu/api/v2/logs?dd-api-key=pubbf05e090e63688bb9c29a3939115954b&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Adirect%2C
cache-control
public, max-age=1800
x-envoy-upstream-service-time
2
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8db2cf03da5d3802-FRA
x-xss-protection
1; mode=block
server
cloudflare
843-b754e343.css
direct-demo.currencycloud.com/packs/css/ 		281 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://direct-demo.currencycloud.com/packs/css/843-b754e343.css
Requested by
Host: direct-demo.currencycloud.com
URL: https://direct-demo.currencycloud.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a59f3afe7c5ff7a44ede1f1ee413c5d6f2d73002f5129cbf9ae9b94a166d564
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' www.google-analytics.com stats.g.doubleclick.net policy.cookiereports.com api.mixpanel.com insights.currencycloud.com insights.paydirect.io static.zdassets.com ekr.zdassets.com currencycloud.zendesk.com currencycloud1567520168.zendesk.com wss://currencycloud.zendesk.com wss://currencycloud1567520168.zendesk.com wss://*.zopim.com browser-intake-datadoghq.eu datadoghq.eu zendesk-eu.my.sentry.io api.smooch.io/faye wss://api.smooch.io/faye; font-src 'self' data: https:; frame-src 'self' insights.currencycloud.com insights.paydirect.io; img-src 'self' https: data: *.nonprod.ccycloud.io minio:9000; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline' blob: *.nonprod.ccycloud.io minio:9000; worker-src blob:; report-uri https://browser-intake-datadoghq.eu/api/v2/logs?dd-api-key=pubbf05e090e63688bb9c29a3939115954b&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Adirect%2C
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://direct-demo.currencycloud.com/login

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
2860
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Thu, 31 Oct 2024 10:32:17 GMT
date
Thu, 31 Oct 2024 10:02:17 GMT
content-type
text/css
last-modified
Tue, 29 Oct 2024 18:10:56 GMT
vary
Accept-Encoding
x-frame-options
sameorigin
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self'; connect-src 'self' www.google-analytics.com stats.g.doubleclick.net policy.cookiereports.com api.mixpanel.com insights.currencycloud.com insights.paydirect.io static.zdassets.com ekr.zdassets.com currencycloud.zendesk.com currencycloud1567520168.zendesk.com wss://currencycloud.zendesk.com wss://currencycloud1567520168.zendesk.com wss://*.zopim.com browser-intake-datadoghq.eu datadoghq.eu zendesk-eu.my.sentry.io api.smooch.io/faye wss://api.smooch.io/faye; font-src 'self' data: https:; frame-src 'self' insights.currencycloud.com insights.paydirect.io; img-src 'self' https: data: *.nonprod.ccycloud.io minio:9000; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline' blob: *.nonprod.ccycloud.io minio:9000; worker-src blob:; report-uri https://browser-intake-datadoghq.eu/api/v2/logs?dd-api-key=pubbf05e090e63688bb9c29a3939115954b&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Adirect%2C
cache-control
public, max-age=1800
x-envoy-upstream-service-time
2
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8db2cf03da5e3802-FRA
x-xss-protection
1; mode=block
server
cloudflare
898-ed8c34f7.css
direct-demo.currencycloud.com/packs/css/ 		155 KB
82 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://direct-demo.currencycloud.com/packs/css/898-ed8c34f7.css
Requested by
Host: direct-demo.currencycloud.com
URL: https://direct-demo.currencycloud.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
520b8f8b4e947e6c684d522cfb34bbc1ed44f495a9daea6a3e938b275f02c51f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' www.google-analytics.com stats.g.doubleclick.net policy.cookiereports.com api.mixpanel.com insights.currencycloud.com insights.paydirect.io static.zdassets.com ekr.zdassets.com currencycloud.zendesk.com currencycloud1567520168.zendesk.com wss://currencycloud.zendesk.com wss://currencycloud1567520168.zendesk.com wss://*.zopim.com browser-intake-datadoghq.eu datadoghq.eu zendesk-eu.my.sentry.io api.smooch.io/faye wss://api.smooch.io/faye; font-src 'self' data: https:; frame-src 'self' insights.currencycloud.com insights.paydirect.io; img-src 'self' https: data: *.nonprod.ccycloud.io minio:9000; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline' blob: *.nonprod.ccycloud.io minio:9000; worker-src blob:; report-uri https://browser-intake-datadoghq.eu/api/v2/logs?dd-api-key=pubbf05e090e63688bb9c29a3939115954b&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Adirect%2C
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://direct-demo.currencycloud.com/login

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
2860
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Thu, 31 Oct 2024 10:32:17 GMT
date
Thu, 31 Oct 2024 10:02:17 GMT
content-type
text/css
last-modified
Tue, 29 Oct 2024 18:10:56 GMT
vary
Accept-Encoding
x-frame-options
sameorigin
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self'; connect-src 'self' www.google-analytics.com stats.g.doubleclick.net policy.cookiereports.com api.mixpanel.com insights.currencycloud.com insights.paydirect.io static.zdassets.com ekr.zdassets.com currencycloud.zendesk.com currencycloud1567520168.zendesk.com wss://currencycloud.zendesk.com wss://currencycloud1567520168.zendesk.com wss://*.zopim.com browser-intake-datadoghq.eu datadoghq.eu zendesk-eu.my.sentry.io api.smooch.io/faye wss://api.smooch.io/faye; font-src 'self' data: https:; frame-src 'self' insights.currencycloud.com insights.paydirect.io; img-src 'self' https: data: *.nonprod.ccycloud.io minio:9000; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline' blob: *.nonprod.ccycloud.io minio:9000; worker-src blob:; report-uri https://browser-intake-datadoghq.eu/api/v2/logs?dd-api-key=pubbf05e090e63688bb9c29a3939115954b&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Adirect%2C
cache-control
public, max-age=1800
x-envoy-upstream-service-time
2
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8db2cf03da603802-FRA
x-xss-protection
1; mode=block
server
cloudflare
session-a8fc684d.css
direct-demo.currencycloud.com/packs/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://direct-demo.currencycloud.com/packs/css/session-a8fc684d.css
Requested by
Host: direct-demo.currencycloud.com
URL: https://direct-demo.currencycloud.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92bfc9aca412fc3734af0ecede30f44ca0a4da7dab5915790f195be38e431784
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' www.google-analytics.com stats.g.doubleclick.net policy.cookiereports.com api.mixpanel.com insights.currencycloud.com insights.paydirect.io static.zdassets.com ekr.zdassets.com currencycloud.zendesk.com currencycloud1567520168.zendesk.com wss://currencycloud.zendesk.com wss://currencycloud1567520168.zendesk.com wss://*.zopim.com browser-intake-datadoghq.eu datadoghq.eu zendesk-eu.my.sentry.io api.smooch.io/faye wss://api.smooch.io/faye; font-src 'self' data: https:; frame-src 'self' insights.currencycloud.com insights.paydirect.io; img-src 'self' https: data: *.nonprod.ccycloud.io minio:9000; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline' blob: *.nonprod.ccycloud.io minio:9000; worker-src blob:; report-uri https://browser-intake-datadoghq.eu/api/v2/logs?dd-api-key=pubbf05e090e63688bb9c29a3939115954b&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Adirect%2C
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://direct-demo.currencycloud.com/login

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
2860
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Thu, 31 Oct 2024 10:32:17 GMT
date
Thu, 31 Oct 2024 10:02:17 GMT
content-type
text/css
last-modified
Tue, 29 Oct 2024 18:10:56 GMT
vary
Accept-Encoding
x-frame-options
sameorigin
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self'; connect-src 'self' www.google-analytics.com stats.g.doubleclick.net policy.cookiereports.com api.mixpanel.com insights.currencycloud.com insights.paydirect.io static.zdassets.com ekr.zdassets.com currencycloud.zendesk.com currencycloud1567520168.zendesk.com wss://currencycloud.zendesk.com wss://currencycloud1567520168.zendesk.com wss://*.zopim.com browser-intake-datadoghq.eu datadoghq.eu zendesk-eu.my.sentry.io api.smooch.io/faye wss://api.smooch.io/faye; font-src 'self' data: https:; frame-src 'self' insights.currencycloud.com insights.paydirect.io; img-src 'self' https: data: *.nonprod.ccycloud.io minio:9000; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline' blob: *.nonprod.ccycloud.io minio:9000; worker-src blob:; report-uri https://browser-intake-datadoghq.eu/api/v2/logs?dd-api-key=pubbf05e090e63688bb9c29a3939115954b&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Adirect%2C
cache-control
public, max-age=1800
x-envoy-upstream-service-time
1
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8db2cf03da613802-FRA
x-xss-protection
1; mode=block
server
cloudflare
currencycloud.css
direct-assets-demo.currencycloud.com/styles/attachments/000/005/992/original/ 		25 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://direct-assets-demo.currencycloud.com/styles/attachments/000/005/992/original/currencycloud.css?1695809979
Requested by
Host: direct-demo.currencycloud.com
URL: https://direct-demo.currencycloud.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f228c9359c4888ac3efb0bf2d329af2482ea6fc5a5b0fa9717e4cc8aef2899e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://direct-demo.currencycloud.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"2c54e500386d092f4523b2b34eecaff8"
x-amz-version-id
QHFw68O_eyJQG6pex8jfmKMctORhZK9k
age
2860
x-content-type-options
nosniff
expires
Thu, 31 Oct 2024 10:32:17 GMT
x-cache
Miss from cloudfront
x-amz-cf-id
vrDQJuqOlOctef3wjJf1pjcU3v7PV4NuyY4T1tuFAhEjyIMY392QTA==
date
Thu, 31 Oct 2024 10:02:17 GMT
content-type
text/css
last-modified
Wed, 27 Sep 2023 10:19:40 GMT
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-replication-status
COMPLETED
cache-control
public, max-age=1800
referrer-policy
strict-origin-when-cross-origin
via
1.1 e3f435228cbc8657d81bd707948f5910.cloudfront.net (CloudFront)
cf-ray
8db2cf040a903802-FRA
x-xss-protection
1; mode=block
x-amz-cf-pop
DUB56-P1
server
cloudflare
x-amz-server-side-encryption
AES256
runtime-d5df08e45ee7f0ac9c68.js
direct-demo.currencycloud.com/packs/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://direct-demo.currencycloud.com/packs/js/runtime-d5df08e45ee7f0ac9c68.js
Requested by
Host: direct-demo.currencycloud.com
URL: https://direct-demo.currencycloud.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ed0c98499592d388326c7a2acf923bac6e6dbb5035488118619cd8c5e7680f9
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' www.google-analytics.com stats.g.doubleclick.net policy.cookiereports.com api.mixpanel.com insights.currencycloud.com insights.paydirect.io static.zdassets.com ekr.zdassets.com currencycloud.zendesk.com currencycloud1567520168.zendesk.com wss://currencycloud.zendesk.com wss://currencycloud1567520168.zendesk.com wss://*.zopim.com browser-intake-datadoghq.eu datadoghq.eu zendesk-eu.my.sentry.io api.smooch.io/faye wss://api.smooch.io/faye; font-src 'self' data: https:; frame-src 'self' insights.currencycloud.com insights.paydirect.io; img-src 'self' https: data: *.nonprod.ccycloud.io minio:9000; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline' blob: *.nonprod.ccycloud.io minio:9000; worker-src blob:; report-uri https://browser-intake-datadoghq.eu/api/v2/logs?dd-api-key=pubbf05e090e63688bb9c29a3939115954b&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Adirect%2C
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://direct-demo.currencycloud.com/login

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Thu, 31 Oct 2024 10:32:17 GMT
date
Thu, 31 Oct 2024 10:02:17 GMT
content-type
application/javascript
last-modified
Tue, 29 Oct 2024 18:10:56 GMT
vary
Accept-Encoding
x-frame-options
sameorigin
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self'; connect-src 'self' www.google-analytics.com stats.g.doubleclick.net policy.cookiereports.com api.mixpanel.com insights.currencycloud.com insights.paydirect.io static.zdassets.com ekr.zdassets.com currencycloud.zendesk.com currencycloud1567520168.zendesk.com wss://currencycloud.zendesk.com wss://currencycloud1567520168.zendesk.com wss://*.zopim.com browser-intake-datadoghq.eu datadoghq.eu zendesk-eu.my.sentry.io api.smooch.io/faye wss://api.smooch.io/faye; font-src 'self' data: https:; frame-src 'self' insights.currencycloud.com insights.paydirect.io; img-src 'self' https: data: *.nonprod.ccycloud.io minio:9000; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline' blob: *.nonprod.ccycloud.io minio:9000; worker-src blob:; report-uri https://browser-intake-datadoghq.eu/api/v2/logs?dd-api-key=pubbf05e090e63688bb9c29a3939115954b&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Adirect%2C
cache-control
public, max-age=1800
x-envoy-upstream-service-time
2
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8db2cf054be63802-FRA
x-xss-protection
1; mode=block
server
cloudflare
498-d4f8741a4076b2b2b6c3.js
direct-demo.currencycloud.com/packs/js/ 		208 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://direct-demo.currencycloud.com/packs/js/498-d4f8741a4076b2b2b6c3.js
Requested by
Host: direct-demo.currencycloud.com
URL: https://direct-demo.currencycloud.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9e5a491e917f3ae86e6d09f5ff998b373c65de2fc4d05ad1b2a5d63951c548c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' www.google-analytics.com stats.g.doubleclick.net policy.cookiereports.com api.mixpanel.com insights.currencycloud.com insights.paydirect.io static.zdassets.com ekr.zdassets.com currencycloud.zendesk.com currencycloud1567520168.zendesk.com wss://currencycloud.zendesk.com wss://currencycloud1567520168.zendesk.com wss://*.zopim.com browser-intake-datadoghq.eu datadoghq.eu zendesk-eu.my.sentry.io api.smooch.io/faye wss://api.smooch.io/faye; font-src 'self' data: https:; frame-src 'self' insights.currencycloud.com insights.paydirect.io; img-src 'self' https: data: *.nonprod.ccycloud.io minio:9000; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline' blob: *.nonprod.ccycloud.io minio:9000; worker-src blob:; report-uri https://browser-intake-datadoghq.eu/api/v2/logs?dd-api-key=pubbf05e090e63688bb9c29a3939115954b&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Adirect%2C
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://direct-demo.currencycloud.com/login

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
2860
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Thu, 31 Oct 2024 10:32:17 GMT
date
Thu, 31 Oct 2024 10:02:17 GMT
content-type
application/javascript
last-modified
Tue, 29 Oct 2024 18:10:56 GMT
vary
Accept-Encoding
x-frame-options
sameorigin
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self'; connect-src 'self' www.google-analytics.com stats.g.doubleclick.net policy.cookiereports.com api.mixpanel.com insights.currencycloud.com insights.paydirect.io static.zdassets.com ekr.zdassets.com currencycloud.zendesk.com currencycloud1567520168.zendesk.com wss://currencycloud.zendesk.com wss://currencycloud1567520168.zendesk.com wss://*.zopim.com browser-intake-datadoghq.eu datadoghq.eu zendesk-eu.my.sentry.io api.smooch.io/faye wss://api.smooch.io/faye; font-src 'self' data: https:; frame-src 'self' insights.currencycloud.com insights.paydirect.io; img-src 'self' https: data: *.nonprod.ccycloud.io minio:9000; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline' blob: *.nonprod.ccycloud.io minio:9000; worker-src blob:; report-uri https://browser-intake-datadoghq.eu/api/v2/logs?dd-api-key=pubbf05e090e63688bb9c29a3939115954b&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Adirect%2C
cache-control
public, max-age=1800
x-envoy-upstream-service-time
2
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8db2cf058c1f3802-FRA
x-xss-protection
1; mode=block
server
cloudflare
332-fcea4ab8397a39b20372.js
direct-demo.currencycloud.com/packs/js/ 		5 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://direct-demo.currencycloud.com/packs/js/332-fcea4ab8397a39b20372.js
Requested by
Host: direct-demo.currencycloud.com
URL: https://direct-demo.currencycloud.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6e2a1ff7d0b2545ad8bb8c525ea3910ab6c36c4c514b2dbc681f8567f039a55
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' www.google-analytics.com stats.g.doubleclick.net policy.cookiereports.com api.mixpanel.com insights.currencycloud.com insights.paydirect.io static.zdassets.com ekr.zdassets.com currencycloud.zendesk.com currencycloud1567520168.zendesk.com wss://currencycloud.zendesk.com wss://currencycloud1567520168.zendesk.com wss://*.zopim.com browser-intake-datadoghq.eu datadoghq.eu zendesk-eu.my.sentry.io api.smooch.io/faye wss://api.smooch.io/faye; font-src 'self' data: https:; frame-src 'self' insights.currencycloud.com insights.paydirect.io; img-src 'self' https: data: *.nonprod.ccycloud.io minio:9000; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline' blob: *.nonprod.ccycloud.io minio:9000; worker-src blob:; report-uri https://browser-intake-datadoghq.eu/api/v2/logs?dd-api-key=pubbf05e090e63688bb9c29a3939115954b&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Adirect%2C
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://direct-demo.currencycloud.com/login

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
2860
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Thu, 31 Oct 2024 10:32:17 GMT
date
Thu, 31 Oct 2024 10:02:17 GMT
content-type
application/javascript
last-modified
Tue, 29 Oct 2024 18:10:56 GMT
vary
Accept-Encoding
x-frame-options
sameorigin
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self'; connect-src 'self' www.google-analytics.com stats.g.doubleclick.net policy.cookiereports.com api.mixpanel.com insights.currencycloud.com insights.paydirect.io static.zdassets.com ekr.zdassets.com currencycloud.zendesk.com currencycloud1567520168.zendesk.com wss://currencycloud.zendesk.com wss://currencycloud1567520168.zendesk.com wss://*.zopim.com browser-intake-datadoghq.eu datadoghq.eu zendesk-eu.my.sentry.io api.smooch.io/faye wss://api.smooch.io/faye; font-src 'self' data: https:; frame-src 'self' insights.currencycloud.com insights.paydirect.io; img-src 'self' https: data: *.nonprod.ccycloud.io minio:9000; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline' blob: *.nonprod.ccycloud.io minio:9000; worker-src blob:; report-uri https://browser-intake-datadoghq.eu/api/v2/logs?dd-api-key=pubbf05e090e63688bb9c29a3939115954b&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Adirect%2C
cache-control
public, max-age=1800
x-envoy-upstream-service-time
2
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8db2cf058c223802-FRA
x-xss-protection
1; mode=block
server
cloudflare
1-47f02c3de611d36496fa.js
direct-demo.currencycloud.com/packs/js/ 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://direct-demo.currencycloud.com/packs/js/1-47f02c3de611d36496fa.js
Requested by
Host: direct-demo.currencycloud.com
URL: https://direct-demo.currencycloud.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52faa949042fb28d029dda4b77111112b7d89fc1d739e6b7d9c2bc3759efb97e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' www.google-analytics.com stats.g.doubleclick.net policy.cookiereports.com api.mixpanel.com insights.currencycloud.com insights.paydirect.io static.zdassets.com ekr.zdassets.com currencycloud.zendesk.com currencycloud1567520168.zendesk.com wss://currencycloud.zendesk.com wss://currencycloud1567520168.zendesk.com wss://*.zopim.com browser-intake-datadoghq.eu datadoghq.eu zendesk-eu.my.sentry.io api.smooch.io/faye wss://api.smooch.io/faye; font-src 'self' data: https:; frame-src 'self' insights.currencycloud.com insights.paydirect.io; img-src 'self' https: data: *.nonprod.ccycloud.io minio:9000; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline' blob: *.nonprod.ccycloud.io minio:9000; worker-src blob:; report-uri https://browser-intake-datadoghq.eu/api/v2/logs?dd-api-key=pubbf05e090e63688bb9c29a3939115954b&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Adirect%2C
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://direct-demo.currencycloud.com/login

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
2860
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Thu, 31 Oct 2024 10:32:17 GMT
date
Thu, 31 Oct 2024 10:02:17 GMT
content-type
application/javascript
last-modified
Tue, 29 Oct 2024 18:10:56 GMT
vary
Accept-Encoding
x-frame-options
sameorigin
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self'; connect-src 'self' www.google-analytics.com stats.g.doubleclick.net policy.cookiereports.com api.mixpanel.com insights.currencycloud.com insights.paydirect.io static.zdassets.com ekr.zdassets.com currencycloud.zendesk.com currencycloud1567520168.zendesk.com wss://currencycloud.zendesk.com wss://currencycloud1567520168.zendesk.com wss://*.zopim.com browser-intake-datadoghq.eu datadoghq.eu zendesk-eu.my.sentry.io api.smooch.io/faye wss://api.smooch.io/faye; font-src 'self' data: https:; frame-src 'self' insights.currencycloud.com insights.paydirect.io; img-src 'self' https: data: *.nonprod.ccycloud.io minio:9000; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline' blob: *.nonprod.ccycloud.io minio:9000; worker-src blob:; report-uri https://browser-intake-datadoghq.eu/api/v2/logs?dd-api-key=pubbf05e090e63688bb9c29a3939115954b&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Adirect%2C
cache-control
public, max-age=1800
x-envoy-upstream-service-time
2
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8db2cf058c233802-FRA
x-xss-protection
1; mode=block
server
cloudflare
898-8ebaa3a50c1f74ae1d08.js
direct-demo.currencycloud.com/packs/js/ 		333 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://direct-demo.currencycloud.com/packs/js/898-8ebaa3a50c1f74ae1d08.js
Requested by
Host: direct-demo.currencycloud.com
URL: https://direct-demo.currencycloud.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b6b175825719002d974f8877c156ae6beccd76cc9f0804e7c661d8dde16eafa
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' www.google-analytics.com stats.g.doubleclick.net policy.cookiereports.com api.mixpanel.com insights.currencycloud.com insights.paydirect.io static.zdassets.com ekr.zdassets.com currencycloud.zendesk.com currencycloud1567520168.zendesk.com wss://currencycloud.zendesk.com wss://currencycloud1567520168.zendesk.com wss://*.zopim.com browser-intake-datadoghq.eu datadoghq.eu zendesk-eu.my.sentry.io api.smooch.io/faye wss://api.smooch.io/faye; font-src 'self' data: https:; frame-src 'self' insights.currencycloud.com insights.paydirect.io; img-src 'self' https: data: *.nonprod.ccycloud.io minio:9000; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline' blob: *.nonprod.ccycloud.io minio:9000; worker-src blob:; report-uri https://browser-intake-datadoghq.eu/api/v2/logs?dd-api-key=pubbf05e090e63688bb9c29a3939115954b&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Adirect%2C
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://direct-demo.currencycloud.com/login

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
2860
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Thu, 31 Oct 2024 10:32:17 GMT
date
Thu, 31 Oct 2024 10:02:17 GMT
content-type
application/javascript
last-modified
Tue, 29 Oct 2024 18:10:56 GMT
vary
Accept-Encoding
x-frame-options
sameorigin
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self'; connect-src 'self' www.google-analytics.com stats.g.doubleclick.net policy.cookiereports.com api.mixpanel.com insights.currencycloud.com insights.paydirect.io static.zdassets.com ekr.zdassets.com currencycloud.zendesk.com currencycloud1567520168.zendesk.com wss://currencycloud.zendesk.com wss://currencycloud1567520168.zendesk.com wss://*.zopim.com browser-intake-datadoghq.eu datadoghq.eu zendesk-eu.my.sentry.io api.smooch.io/faye wss://api.smooch.io/faye; font-src 'self' data: https:; frame-src 'self' insights.currencycloud.com insights.paydirect.io; img-src 'self' https: data: *.nonprod.ccycloud.io minio:9000; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline' blob: *.nonprod.ccycloud.io minio:9000; worker-src blob:; report-uri https://browser-intake-datadoghq.eu/api/v2/logs?dd-api-key=pubbf05e090e63688bb9c29a3939115954b&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Adirect%2C
cache-control
public, max-age=1800
x-envoy-upstream-service-time
1
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8db2cf058c263802-FRA
x-xss-protection
1; mode=block
server
cloudflare
session-7e8d66c3c563ac60563d.js
direct-demo.currencycloud.com/packs/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://direct-demo.currencycloud.com/packs/js/session-7e8d66c3c563ac60563d.js
Requested by
Host: direct-demo.currencycloud.com
URL: https://direct-demo.currencycloud.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cb5ce0618bd91c718d75c2b607f3b600be1c6f3da200ee9a3f629d5d0b96e9e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' www.google-analytics.com stats.g.doubleclick.net policy.cookiereports.com api.mixpanel.com insights.currencycloud.com insights.paydirect.io static.zdassets.com ekr.zdassets.com currencycloud.zendesk.com currencycloud1567520168.zendesk.com wss://currencycloud.zendesk.com wss://currencycloud1567520168.zendesk.com wss://*.zopim.com browser-intake-datadoghq.eu datadoghq.eu zendesk-eu.my.sentry.io api.smooch.io/faye wss://api.smooch.io/faye; font-src 'self' data: https:; frame-src 'self' insights.currencycloud.com insights.paydirect.io; img-src 'self' https: data: *.nonprod.ccycloud.io minio:9000; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline' blob: *.nonprod.ccycloud.io minio:9000; worker-src blob:; report-uri https://browser-intake-datadoghq.eu/api/v2/logs?dd-api-key=pubbf05e090e63688bb9c29a3939115954b&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Adirect%2C
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://direct-demo.currencycloud.com/login

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
191
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Thu, 31 Oct 2024 10:32:17 GMT
date
Thu, 31 Oct 2024 10:02:17 GMT
content-type
application/javascript
last-modified
Tue, 29 Oct 2024 18:10:56 GMT
vary
Accept-Encoding
x-frame-options
sameorigin
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self'; connect-src 'self' www.google-analytics.com stats.g.doubleclick.net policy.cookiereports.com api.mixpanel.com insights.currencycloud.com insights.paydirect.io static.zdassets.com ekr.zdassets.com currencycloud.zendesk.com currencycloud1567520168.zendesk.com wss://currencycloud.zendesk.com wss://currencycloud1567520168.zendesk.com wss://*.zopim.com browser-intake-datadoghq.eu datadoghq.eu zendesk-eu.my.sentry.io api.smooch.io/faye wss://api.smooch.io/faye; font-src 'self' data: https:; frame-src 'self' insights.currencycloud.com insights.paydirect.io; img-src 'self' https: data: *.nonprod.ccycloud.io minio:9000; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline' blob: *.nonprod.ccycloud.io minio:9000; worker-src blob:; report-uri https://browser-intake-datadoghq.eu/api/v2/logs?dd-api-key=pubbf05e090e63688bb9c29a3939115954b&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Adirect%2C
cache-control
public, max-age=1800
x-envoy-upstream-service-time
1
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8db2cf058c273802-FRA
x-xss-protection
1; mode=block
server
cloudflare
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: direct-demo.currencycloud.com
URL: https://direct-demo.currencycloud.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://direct-demo.currencycloud.com
Referer
https://direct-demo.currencycloud.com/

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8db2cf061e9f4d54-FRA
access-control-allow-origin
*
date
Thu, 31 Oct 2024 10:02:17 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
jquery.min.js
policy.cookiereports.com/j/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://policy.cookiereports.com/j/jquery.min.js
Requested by
Host: policy.cookiereports.com
URL: https://policy.cookiereports.com/07d065c0_panel-en-gb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.253.133 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
133.253.107.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'self'; img-src 'self'; script-src https://policy.cookiereports.com/f/frame.js;
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://direct-demo.currencycloud.com/

Response headers

content-security-policy
default-src 'none'; style-src 'self'; img-src 'self'; script-src https://policy.cookiereports.com/f/frame.js;
cache-control
public,max-age=3600
content-encoding
gzip
etag
"15d84-5c2854430b2e4-gzip"
age
1498
x-content-type-options
nosniff
via
1.1 google
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30910
date
Thu, 31 Oct 2024 09:37:19 GMT
last-modified
Mon, 17 May 2021 11:55:14 GMT
content-type
text/javascript
server
Apache
vary
Accept-Encoding
mixpanel-2-latest.min.js
cdn.mxpnl.com/libs/ 		55 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by
Host: direct-demo.currencycloud.com
URL: https://direct-demo.currencycloud.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:bc29:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
5357d3283ddf27fc4156d8c48f95dadf544139b198c43db3162c8cf18b3de996

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://direct-demo.currencycloud.com/

Response headers

x-goog-metageneration
2
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding
gzip
x-goog-hash
crc32c=rciEWw==, md5=Ay7nz7moeiyGH/GIFXVIQg==
etag
"032ee7cfb9a87a2c861ff18815754842"
age
459
x-goog-stored-content-encoding
gzip
expires
Thu, 31 Oct 2024 10:04:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
19057
date
Thu, 31 Oct 2024 09:54:38 GMT
last-modified
Tue, 27 Aug 2024 18:10:17 GMT
content-type
text/javascript
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY0w0VTFOMcMHe1TSAThHSJ0-Y2nAxsUNewHfKiDvnn98SCJ0feVcBkhu_Xh-LPcGbSHkSM
cache-control
public,max-age=600
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1724782217794014
content-length
19057
server
UploadServer
new-window-gold.svg
policy.cookiereports.com/i/visa/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://policy.cookiereports.com/i/visa/new-window-gold.svg
Requested by
Host: direct-demo.currencycloud.com
URL: https://direct-demo.currencycloud.com/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.253.133 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
133.253.107.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
d7a1298b26ab030556f43bfd890a3dde2cdf7ef61c85c93c775662cba24e3717
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'self'; img-src 'self'; script-src https://policy.cookiereports.com/f/frame.js;
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://direct-demo.currencycloud.com/

Response headers

content-security-policy
default-src 'none'; style-src 'self'; img-src 'self'; script-src https://policy.cookiereports.com/f/frame.js;
cache-control
public,max-age=3600
etag
"97a-5d28c2bf6f2a9"
age
514
x-content-type-options
nosniff
via
1.1 google
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2426
date
Thu, 31 Oct 2024 09:53:44 GMT
last-modified
Tue, 07 Dec 2021 10:52:38 GMT
content-type
image/svg+xml
server
Apache
vary
Accept-Encoding
white_trans_down_18px.png
policy.cookiereports.com/i/visa/ 		762 B
784 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://policy.cookiereports.com/i/visa/white_trans_down_18px.png
Requested by
Host: direct-demo.currencycloud.com
URL: https://direct-demo.currencycloud.com/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.253.133 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
133.253.107.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
ae7146fe6947c9f4043ad729faa948ac33d65a8ff7dee841c6951224bb5caa68
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'self'; img-src 'self'; script-src https://policy.cookiereports.com/f/frame.js;
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://direct-demo.currencycloud.com/

Response headers

content-security-policy
default-src 'none'; style-src 'self'; img-src 'self'; script-src https://policy.cookiereports.com/f/frame.js;
cache-control
public,max-age=3600
etag
"2fa-599308093c0d6"
age
1355
x-content-type-options
nosniff
via
1.1 google
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
762
date
Thu, 31 Oct 2024 09:39:43 GMT
last-modified
Sun, 08 Dec 2019 12:34:38 GMT
content-type
image/png
server
Apache
vary
Accept-Encoding
rum
browser-intake-datadoghq.eu/api/v2/ 		53 B
340 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.23.0%2Capi%3Afetch%2Cenv%3Ademonstration%2Cservice%3Adirect&dd-api-key=pubbf05e090e63688bb9c29a3939115954b&dd-evp-origin-version=5.23.0&dd-evp-origin=browser&dd-request-id=3bb9b7c5-7c8d-43bb-b9a4-206761340283&batch_time=1730368938078
Requested by
Host: direct-demo.currencycloud.com
URL: https://direct-demo.currencycloud.com/assets/datadog-rum-e6976814829685da05faf5b93c837870331a1d0cb77a0311a7d1ab3010905235.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:a9f9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
cb9720154d8cb5700817e27f58cd614171ecd6057a61565b87d913517eaf34cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://direct-demo.currencycloud.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
date
Thu, 31 Oct 2024 10:02:17 GMT
content-type
application/json
dd-request-id
3bb9b7c5-7c8d-43bb-b9a4-206761340283
LogoLogin_1693994388.png
direct-assets-demo.currencycloud.com/logo_logins/attachments/000/005/989/retina/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://direct-assets-demo.currencycloud.com/logo_logins/attachments/000/005/989/retina/LogoLogin_1693994388.png?1693994388
Requested by
Host: direct-demo.currencycloud.com
URL: https://direct-demo.currencycloud.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b69c355b3aaec087e4b57ecbef6fc4a269d9466626b63cb9e176b33e31fc0169
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://direct-demo.currencycloud.com/

Response headers

cf-cache-status
HIT
etag
"4f18b0105bfd525d5cffffd2a5a71f6b"
age
2860
x-amz-version-id
jk23pLhKzPxAWac4AhovZg8hUBIHytB8
x-content-type-options
nosniff
expires
Thu, 31 Oct 2024 10:32:18 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
ebhxy5ljk06qiW4lkct7Vo3eQlMw4fN-LaIdQbM7X3YcWYa28lR6NQ==
date
Thu, 31 Oct 2024 10:02:18 GMT
content-type
image/png
last-modified
Wed, 06 Sep 2023 09:59:49 GMT
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-replication-status
COMPLETED
cache-control
public, max-age=1800
referrer-policy
strict-origin-when-cross-origin
via
1.1 6c764dc941201b2dee59f4fdf4cd1602.cloudfront.net (CloudFront)
cf-ray
8db2cf0a78843802-FRA
accept-ranges
bytes
content-length
49282
x-xss-protection
1; mode=block
x-amz-cf-pop
DUB56-P1
server
cloudflare
x-amz-server-side-encryption
AES256
global-collections-banner-4f051c758bb567d4a489f14e3be1b38f7885e609c10c6f135284a614f419b8a9.png
direct-demo.currencycloud.com/assets/banners/ 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://direct-demo.currencycloud.com/assets/banners/global-collections-banner-4f051c758bb567d4a489f14e3be1b38f7885e609c10c6f135284a614f419b8a9.png
Requested by
Host: direct-demo.currencycloud.com
URL: https://direct-demo.currencycloud.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af24fef8b9732dfc4869a2a45985657359a50fdce938abbb1cfc571e4bebbc53
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' www.google-analytics.com stats.g.doubleclick.net policy.cookiereports.com api.mixpanel.com insights.currencycloud.com insights.paydirect.io static.zdassets.com ekr.zdassets.com currencycloud.zendesk.com currencycloud1567520168.zendesk.com wss://currencycloud.zendesk.com wss://currencycloud1567520168.zendesk.com wss://*.zopim.com browser-intake-datadoghq.eu datadoghq.eu zendesk-eu.my.sentry.io api.smooch.io/faye wss://api.smooch.io/faye; font-src 'self' data: https:; frame-src 'self' insights.currencycloud.com insights.paydirect.io; img-src 'self' https: data: *.nonprod.ccycloud.io minio:9000; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline' blob: *.nonprod.ccycloud.io minio:9000; worker-src blob:; report-uri https://browser-intake-datadoghq.eu/api/v2/logs?dd-api-key=pubbf05e090e63688bb9c29a3939115954b&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Adirect%2C
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://direct-demo.currencycloud.com/login

Response headers

cf-cache-status
HIT
age
2860
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Thu, 31 Oct 2024 10:32:18 GMT
date
Thu, 31 Oct 2024 10:02:18 GMT
content-type
image/png
last-modified
Tue, 29 Oct 2024 18:09:03 GMT
vary
Accept-Encoding
x-frame-options
sameorigin
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self'; connect-src 'self' www.google-analytics.com stats.g.doubleclick.net policy.cookiereports.com api.mixpanel.com insights.currencycloud.com insights.paydirect.io static.zdassets.com ekr.zdassets.com currencycloud.zendesk.com currencycloud1567520168.zendesk.com wss://currencycloud.zendesk.com wss://currencycloud1567520168.zendesk.com wss://*.zopim.com browser-intake-datadoghq.eu datadoghq.eu zendesk-eu.my.sentry.io api.smooch.io/faye wss://api.smooch.io/faye; font-src 'self' data: https:; frame-src 'self' insights.currencycloud.com insights.paydirect.io; img-src 'self' https: data: *.nonprod.ccycloud.io minio:9000; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline' blob: *.nonprod.ccycloud.io minio:9000; worker-src blob:; report-uri https://browser-intake-datadoghq.eu/api/v2/logs?dd-api-key=pubbf05e090e63688bb9c29a3939115954b&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Adirect%2C
cache-control
public, max-age=1800
x-envoy-upstream-service-time
3
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8db2cf0a78873802-FRA
accept-ranges
bytes
content-length
62484
x-xss-protection
1; mode=block
server
cloudflare
FooterIcon_1544007601.png
direct-assets-demo.currencycloud.com/footer_icons/attachments/000/005/990/retina/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://direct-assets-demo.currencycloud.com/footer_icons/attachments/000/005/990/retina/FooterIcon_1544007601.png?1693994327
Requested by
Host: direct-demo.currencycloud.com
URL: https://direct-demo.currencycloud.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8806e90442340674f12b4d161fabce4c40d0c9ab9f4b9fd5ba1ff95069a9ac2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://direct-demo.currencycloud.com/

Response headers

cf-cache-status
HIT
etag
"91eee8c266f924c035c2daa5fe600935"
age
2860
x-amz-version-id
P7DFSVveuuWI83dWtBVoEtfY5r27aMks
x-content-type-options
nosniff
expires
Thu, 31 Oct 2024 10:32:18 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
7uFmafLBnP_Reu8QyzEBbMvFgmE4RayaWKaaZrRFI1yQSGRfO5qG2A==
date
Thu, 31 Oct 2024 10:02:18 GMT
content-type
image/png
last-modified
Wed, 06 Sep 2023 09:58:49 GMT
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-replication-status
COMPLETED
cache-control
public, max-age=1800
referrer-policy
strict-origin-when-cross-origin
via
1.1 7f761c2ffb9626f6a53e34913ba35aee.cloudfront.net (CloudFront)
cf-ray
8db2cf0a78883802-FRA
accept-ranges
bytes
content-length
6389
x-xss-protection
1; mode=block
x-amz-cf-pop
DUB56-P1
server
cloudflare
x-amz-server-side-encryption
AES256
rum
direct-demo.currencycloud.com/cdn-cgi/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://direct-demo.currencycloud.com/cdn-cgi/rum?
Requested by
Host: direct-demo.currencycloud.com
URL: https://direct-demo.currencycloud.com/assets/datadog-rum-e6976814829685da05faf5b93c837870331a1d0cb77a0311a7d1ab3010905235.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
application/json
Referer
https://direct-demo.currencycloud.com/login

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
cf-ray
8db2cf0c2a933802-FRA
access-control-allow-origin
https://direct-demo.currencycloud.com
date
Thu, 31 Oct 2024 10:02:18 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
Favicon_1538582248.png
direct-assets-demo.currencycloud.com/favicons/attachments/000/005/991/retina/ 		2 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://direct-assets-demo.currencycloud.com/favicons/attachments/000/005/991/retina/Favicon_1538582248.png?1693994328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d14d33dc65bc8693f420e8bcb09f82adc784941d9a4b186b649e26ba44c18c54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://direct-demo.currencycloud.com/

Response headers

cf-cache-status
HIT
etag
"27f6a51fcbc80f17adb7e977b386d1fe"
age
2860
x-amz-version-id
LkIrXTZMApyP_jI_wmqlZ750xAFHoaFC
x-content-type-options
nosniff
expires
Thu, 31 Oct 2024 10:32:18 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
DDHGOkjUvZ3d3TwIdAXARWFxHfhajZAShTcRjxhKSKYOf-jel-3e7g==
date
Thu, 31 Oct 2024 10:02:18 GMT
content-type
image/png
last-modified
Wed, 06 Sep 2023 09:58:49 GMT
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-replication-status
COMPLETED
cache-control
public, max-age=1800
referrer-policy
strict-origin-when-cross-origin
via
1.1 ce024f609b66dae59e41a6b53a8757ba.cloudfront.net (CloudFront)
cf-ray
8db2cf0c2a943802-FRA
accept-ranges
bytes
content-length
2493
x-xss-protection
1; mode=block
x-amz-cf-pop
DUB2-C1
server
cloudflare
x-amz-server-side-encryption
AES256

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _cookiereports object| DD_RUM function| isbot function| ddSampleRate object| mixpanel object| webpackChunk object| cookieTable function| setImmediate function| clearImmediate function| _ object| FontAwesomeConfig object| ___FONT_AWESOME___ object| core object| __cfBeacon

6 Cookies

Domain/Path Name / Value
.currencycloud.com/ Name: __cf_bm
Value: FBkBsKPs33_2d9lD4hMKPu450VDjsWmhFonN0YTTC9c-1730368937-1.0.1.1-NQltJKpp9zGMVrgQJRSS7GP7MVaSYEFVJvGTi7Hg5OxhbaCkVJ.i1Viz5yaP__e0Ah2gqWbpAFkUiieOBs.Axw
.currencycloud.com/ Name: _cfuvid
Value: zxpt6Haeo1zfC5ZF4ZkHIwWavzujqSC2xg_vraJ.fC0-1730368937348-0.0.1.1-604800000
direct-demo.currencycloud.com/ Name: skip_browser_check
Value: true
direct-demo.currencycloud.com/ Name: _customer_app_session
Value: bb9880728cd2c155b20086a5c4574320
.currencycloud.com/ Name: mp_371976a5f1155e7be4e09d743eca2bdc_mixpanel
Value: %7B%22distinct_id%22%3A%20%22%24device%3A192e206a0a53d0-009386e0f989eb-17462c6e-1d4c00-192e206a0a53d0%22%2C%22%24device_id%22%3A%20%22192e206a0a53d0-009386e0f989eb-17462c6e-1d4c00-192e206a0a53d0%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22__mps%22%3A%20%7B%7D%2C%22__mpso%22%3A%20%7B%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%7D
direct-demo.currencycloud.com/ Name: _dd_s
Value: rum=2&id=fd3d60fb-36b3-47eb-b762-0d05c30d801b&created=1730368937806&expire=1730369837806

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; connect-src 'self' www.google-analytics.com stats.g.doubleclick.net policy.cookiereports.com api.mixpanel.com insights.currencycloud.com insights.paydirect.io static.zdassets.com ekr.zdassets.com currencycloud.zendesk.com currencycloud1567520168.zendesk.com wss://currencycloud.zendesk.com wss://currencycloud1567520168.zendesk.com wss://*.zopim.com browser-intake-datadoghq.eu datadoghq.eu zendesk-eu.my.sentry.io api.smooch.io/faye wss://api.smooch.io/faye; font-src 'self' data: https:; frame-src 'self' insights.currencycloud.com insights.paydirect.io; img-src 'self' https: data: *.nonprod.ccycloud.io minio:9000; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline' blob: *.nonprod.ccycloud.io minio:9000; worker-src blob:; report-uri https://browser-intake-datadoghq.eu/api/v2/logs?dd-api-key=pubbf05e090e63688bb9c29a3939115954b&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Adirect%2C
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser-intake-datadoghq.eu
cdn.mxpnl.com
direct-assets-demo.currencycloud.com
direct-demo.currencycloud.com
policy.cookiereports.com
static.cloudflareinsights.com
2600:1901:0:a9f9::
2600:1901:0:bc29::
2606:4700:4400::ac40:95ce
2606:4700::6810:5049
34.107.253.133
3b6b175825719002d974f8877c156ae6beccd76cc9f0804e7c661d8dde16eafa
520b8f8b4e947e6c684d522cfb34bbc1ed44f495a9daea6a3e938b275f02c51f
52faa949042fb28d029dda4b77111112b7d89fc1d739e6b7d9c2bc3759efb97e
5357d3283ddf27fc4156d8c48f95dadf544139b198c43db3162c8cf18b3de996
5f228c9359c4888ac3efb0bf2d329af2482ea6fc5a5b0fa9717e4cc8aef2899e
61409d5ffab15eddc9f46b1a104bd1cebfd45960bd73ae5fbdef7ace5eb9c7ca
6be7b0d1a13867377f33f116a2cc78c3230731c59a5a9a54484925cfd21ef43f
6cb5ce0618bd91c718d75c2b607f3b600be1c6f3da200ee9a3f629d5d0b96e9e
7a59f3afe7c5ff7a44ede1f1ee413c5d6f2d73002f5129cbf9ae9b94a166d564
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8ed0c98499592d388326c7a2acf923bac6e6dbb5035488118619cd8c5e7680f9
92bfc9aca412fc3734af0ecede30f44ca0a4da7dab5915790f195be38e431784
a9e5a491e917f3ae86e6d09f5ff998b373c65de2fc4d05ad1b2a5d63951c548c
ae7146fe6947c9f4043ad729faa948ac33d65a8ff7dee841c6951224bb5caa68
af24fef8b9732dfc4869a2a45985657359a50fdce938abbb1cfc571e4bebbc53
b69c355b3aaec087e4b57ecbef6fc4a269d9466626b63cb9e176b33e31fc0169
cb9720154d8cb5700817e27f58cd614171ecd6057a61565b87d913517eaf34cd
d14d33dc65bc8693f420e8bcb09f82adc784941d9a4b186b649e26ba44c18c54
d7a1298b26ab030556f43bfd890a3dde2cdf7ef61c85c93c775662cba24e3717
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f24ad940a17cf08dfe4cd3f47cd70a62e2aad68e513ef99de3f31898aea58abd
f58ba644962b9d387b3d42f5f88f7775fcb9bd03164f326fd1a9f6e8487319cd
f6e2a1ff7d0b2545ad8bb8c525ea3910ab6c36c4c514b2dbc681f8567f039a55
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8806e90442340674f12b4d161fabce4c40d0c9ab9f4b9fd5ba1ff95069a9ac2
ffde1f1d48b3b9541b0ca4a4fbd78cb572bd56f2cab23c4ba52bbbcad83eb8ac