urlscan.io logo urlscan.io
SecurityTrails logo

pay.tesorio.com Open in urlscan Pro
108.138.106.120  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://tracking.us.nylas.com/l/a147742b45834eb485c13abaaebbd62d/0/066b543b6d3aace19a5359ee756df30c0b5654d983e5a2e36d881955212...
Effective URL: https://pay.tesorio.com/?payment_token=eyJjdXN0b21lcl9pZCI6MTQzNzE1NDN9:1tPF4t:tsHLiBWg_eJRpvlwKRFl6AX-96CjmPv1c7bKVPP6Um8
Submission: On December 23 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 1 countries across 11 domains to perform 59 HTTP transactions. The main IP is 108.138.106.120, located in United States and belongs to AMAZON-02, US. The main domain is pay.tesorio.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 14th 2024. Valid for: a year.
This is the only time pay.tesorio.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 151.101.131.52 54113 (FASTLY)
25 108.138.106.120 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2a04:4e42:400... 54113 (FASTLY)
4 142.250.80.35 15169 (GOOGLE)
5 34.120.195.249 396982 (GOOGLE-CL...)
6 13.249.86.140 16509 (AMAZON-02)
1 52.85.61.48 16509 (AMAZON-02)
1 3.5.11.228 14618 (AMAZON-AES)
3 52.85.61.121 16509 (AMAZON-02)
4 35.160.151.220 16509 (AMAZON-02)
1 34.36.213.229 396982 (GOOGLE-CL...)
6 34.107.204.85 396982 (GOOGLE-CL...)
1 2607:f8b0:400... 15169 (GOOGLE)
59 14
1    151.101.131.52 (San Francisco, United States)

ASN54113 (FASTLY, US)
tracking.us.nylas.com
25    108.138.106.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-120.jfk50.r.cloudfront.net
pay.tesorio.com
1    2607:f8b0:4006:81f::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a04:4e42:400::729 (United States)

ASN54113 (FASTLY, US)
browser.sentry-cdn.com
4    142.250.80.35 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f3.1e100.net
fonts.gstatic.com
5    34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o249981.ingest.sentry.io
6    13.249.86.140 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-86-140.jfk52.r.cloudfront.net
cdn.segment.com
1    52.85.61.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-48.ewr53.r.cloudfront.net
js.stripe.com
1    3.5.11.228 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com
tesorio-dashboard-media-files-production.s3.amazonaws.com
3    52.85.61.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-121.ewr53.r.cloudfront.net
js.stripe.com
4    35.160.151.220 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-160-151-220.us-west-2.compute.amazonaws.com
api.segment.io
1    34.36.213.229 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 229.213.36.34.bc.googleusercontent.com
cdn.pendo.io
6    34.107.204.85 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 85.204.107.34.bc.googleusercontent.com
data.pendo.io
1    2607:f8b0:4006:80d::201b (United States)

ASN15169 (GOOGLE, US)
pendo-static-6266681333514240.storage.googleapis.com
Apex Domain
Subdomains		 Transfer
25 tesorio.com
pay.tesorio.com
1 MB
7 pendo.io
cdn.pendo.io — Cisco Umbrella Rank: 641
data.pendo.io — Cisco Umbrella Rank: 671
166 KB
6 segment.com
cdn.segment.com — Cisco Umbrella Rank: 1935
58 KB
5 sentry.io
o249981.ingest.sentry.io
556 B
4 segment.io
api.segment.io — Cisco Umbrella Rank: 1510
689 B
4 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1073
167 KB
4 gstatic.com
fonts.gstatic.com
73 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
pendo-static-6266681333514240.storage.googleapis.com
4 KB
1 amazonaws.com
tesorio-dashboard-media-files-production.s3.amazonaws.com
6 KB
1 sentry-cdn.com
browser.sentry-cdn.com — Cisco Umbrella Rank: 4270
16 KB
1 nylas.com
tracking.us.nylas.com — Cisco Umbrella Rank: 350383
621 B
59 11
Domain Requested by
25 pay.tesorio.com pay.tesorio.com
6 data.pendo.io cdn.pendo.io
6 cdn.segment.com pay.tesorio.com
cdn.segment.com
5 o249981.ingest.sentry.io pay.tesorio.com
4 api.segment.io pay.tesorio.com
4 js.stripe.com pay.tesorio.com
js.stripe.com
4 fonts.gstatic.com fonts.googleapis.com
1 pendo-static-6266681333514240.storage.googleapis.com cdn.pendo.io
1 cdn.pendo.io cdn.segment.com
1 tesorio-dashboard-media-files-production.s3.amazonaws.com
1 browser.sentry-cdn.com pay.tesorio.com
1 fonts.googleapis.com pay.tesorio.com
1 tracking.us.nylas.com 1 redirects
59 13

This site contains links to these domains. Also see Links.

Domain
www.tesorio.com
help.tesorio.com
Subject Issuer Validity Valid
*.production.tesorio.com
Amazon RSA 2048 M02		 2024-02-14 -
2025-03-14		 a year crt.sh
upload.video.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2024 Q2		 2024-06-04 -
2025-07-06		 a year crt.sh
*.gstatic.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-10-03 -
2025-07-29		 10 months crt.sh
*.segment.com
Amazon RSA 2048 M02		 2024-10-15 -
2025-11-14		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-12-16 -
2025-04-03		 4 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2024-04-22 -
2025-04-07		 a year crt.sh
*.segment.io
Amazon RSA 2048 M03		 2024-11-13 -
2025-12-13		 a year crt.sh
cdn.pendo.io
WR3		 2024-11-16 -
2025-02-14		 3 months crt.sh
pendo.io
WR3		 2024-11-10 -
2025-02-08		 3 months crt.sh
*.storage.googleapis.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://pay.tesorio.com/?payment_token=eyJjdXN0b21lcl9pZCI6MTQzNzE1NDN9:1tPF4t:tsHLiBWg_eJRpvlwKRFl6AX-96CjmPv1c7bKVPP6Um8
Frame ID: 5CD4EFBBA4D8726D44FAE570A4C3E5D6
Requests: 59 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-db14bd2d48cb82741ee875d715343273.html
Frame ID: 0910E37B9225814F707480B986D4D832
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 59F612CF5A0E847A1044357FC03D8AA6
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: D27ABCD9DF811DAB1DCB3E406B04445B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

monday.com | Tesorio Payment Portal

Page URL History Show full URLs

  1. https://tracking.us.nylas.com/l/a147742b45834eb485c13abaaebbd62d/0/066b543b6d3aace19a5359ee756df30c0b5654d... HTTP 301
    https://pay.tesorio.com/?payment_token=eyJjdXN0b21lcl9pZCI6MTQzNzE1NDN9:1tPF4t:tsHLiBWg_eJRpvlwKRFl6... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <script[^>]*src="[^"]*browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
  • browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js

Page Statistics

59
Requests

100 %
HTTPS

21 %
IPv6

11
Domains

13
Subdomains

14
IPs

1
Countries

1960 kB
Transfer

2985 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://tracking.us.nylas.com/l/a147742b45834eb485c13abaaebbd62d/0/066b543b6d3aace19a5359ee756df30c0b5654d983e5a2e36d881955212f4041?cache_buster=1734847475 HTTP 301
    https://pay.tesorio.com/?payment_token=eyJjdXN0b21lcl9pZCI6MTQzNzE1NDN9:1tPF4t:tsHLiBWg_eJRpvlwKRFl6AX-96CjmPv1c7bKVPP6Um8 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

59 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
pay.tesorio.com/
Redirect Chain
  • https://tracking.us.nylas.com/l/a147742b45834eb485c13abaaebbd62d/0/066b543b6d3aace19a5359ee756df30c0b5654d983e5a2e36d881955212f4041?cache_buster=1734847475
  • https://pay.tesorio.com/?payment_token=eyJjdXN0b21lcl9pZCI6MTQzNzE1NDN9:1tPF4t:tsHLiBWg_eJRpvlwKRFl6AX-96CjmPv1c7bKVPP6Um8
2 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.tesorio.com/?payment_token=eyJjdXN0b21lcl9pZCI6MTQzNzE1NDN9:1tPF4t:tsHLiBWg_eJRpvlwKRFl6AX-96CjmPv1c7bKVPP6Um8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-120.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
38415f0456a06978032018256b3df5abc92460045d423150016b042440a8a9d3
Security Headers
Name Value
Content-Security-Policy img-src * https: blob: data:; form-action 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; report-to csp-endpoint; base-uri 'self'; style-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; worker-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io blob:; default-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; font-src * https:; frame-ancestors 'self' https://*.salesforce.com https://*.develop.my.salesforce.com https://*.lightning.force.com https://*.visualforce.com https://*.force.com; manifest-src 'self'; report-uri https://browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubf5c26cc97be54fb1b2d0c3a83793a312&dd-evp-origin=content-security-policy&ddsource=csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-security-policy
img-src * https: blob: data:; form-action 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; report-to csp-endpoint; base-uri 'self'; style-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; worker-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io blob:; default-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; font-src * https:; frame-ancestors 'self' https://*.salesforce.com https://*.develop.my.salesforce.com https://*.lightning.force.com https://*.visualforce.com https://*.force.com; manifest-src 'self'; report-uri https://browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubf5c26cc97be54fb1b2d0c3a83793a312&dd-evp-origin=content-security-policy&ddsource=csp-report
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
date
Mon, 23 Dec 2024 15:12:28 GMT
referrer-policy
same-origin
reporting-endpoints
csp-endpoint="https://browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubf5c26cc97be54fb1b2d0c3a83793a312&dd-evp-origin=content-security-policy&ddsource=csp-report"
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Cookie accept-encoding
via
1.1 67b919f32fa9ff0607f0c0df49f2c116.cloudfront.net (CloudFront)
x-amz-cf-id
sMs7FOJ5DECFezdV4LzeBgsemR8N-yzAycQfPhIxtfPva6KJ3BsJrg==
x-amz-cf-pop
JFK50-P3
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
DENY

Redirect headers

accept-ranges
bytes
cache-control
no-store, no-cache, must-revalidate, max-age=0, no-store
content-length
157
content-type
text/html; charset=utf-8
date
Mon, 23 Dec 2024 15:12:27 GMT
location
https://pay.tesorio.com/?payment_token=eyJjdXN0b21lcl9pZCI6MTQzNzE1NDN9:1tPF4t:tsHLiBWg_eJRpvlwKRFl6AX-96CjmPv1c7bKVPP6Um8
strict-transport-security
max-age=31557600
via
1.1 google, 1.1 varnish, 1.1 varnish
x-cache
MISS, MISS, MISS
x-cache-hits
0, 0, 0
x-fastly-id
175387759
x-served-by
cache-chi-kigq8000048-CHI, cache-chi-kigq8000048-CHI, cache-lax-kwhp1940035-LAX
x-timer
S1734966748.733746,VS0,VE164
x-unique-id
1735644003-a1600c32-cbf6-471f-962d-703935522f58
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Requested by
Host: pay.tesorio.com
URL: https://pay.tesorio.com/?payment_token=eyJjdXN0b21lcl9pZCI6MTQzNzE1NDN9:1tPF4t:tsHLiBWg_eJRpvlwKRFl6AX-96CjmPv1c7bKVPP6Um8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8e878b38c0c357b63eb23d45c6182fd4f1ac0e92a5601a7e27f04edcfad5b4af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 23 Dec 2024 15:12:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 23 Dec 2024 15:12:29 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Mon, 23 Dec 2024 14:07:07 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
bundle.min.js
browser.sentry-cdn.com/5.6.1/ 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/5.6.1/bundle.min.js
Requested by
Host: pay.tesorio.com
URL: https://pay.tesorio.com/?payment_token=eyJjdXN0b21lcl9pZCI6MTQzNzE1NDN9:1tPF4t:tsHLiBWg_eJRpvlwKRFl6AX-96CjmPv1c7bKVPP6Um8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
fd576f0b9f3a7da553a1f10dc955374e6e6ea76f762b006a01f94b5daf9a6571
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://pay.tesorio.com
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=31536000
content-encoding
gzip
etag
"cf2c86760cd8b3e7f70404177bd22fd0"
age
896720
expires
Mon, 08 Dec 2025 16:41:35 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
16539
date
Mon, 23 Dec 2024 15:12:29 GMT
last-modified
Thu, 08 Aug 2019 10:06:49 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
server
Fastly
index-DnDpeOx6.js
pay.tesorio.com/static/assets/ 		70 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.tesorio.com/static/assets/index-DnDpeOx6.js
Requested by
Host: pay.tesorio.com
URL: https://pay.tesorio.com/?payment_token=eyJjdXN0b21lcl9pZCI6MTQzNzE1NDN9:1tPF4t:tsHLiBWg_eJRpvlwKRFl6AX-96CjmPv1c7bKVPP6Um8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-120.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a192889f3b11609352b83e8f905b4a2425b960e1ff957fee3da2660e704c1e81

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://pay.tesorio.com
Referer
https://pay.tesorio.com/?payment_token=eyJjdXN0b21lcl9pZCI6MTQzNzE1NDN9:1tPF4t:tsHLiBWg_eJRpvlwKRFl6AX-96CjmPv1c7bKVPP6Um8

Response headers

access-control-max-age
0
x-amz-version-id
uQksH9RHVjnNr0E3RUq33rPcs_aeW4zr
etag
"a2728e26f3937bff30e18c6d630a9285"
age
4880
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
e-131FQrOl6U9wpG3JpiT1aLQeWLTQSTdsMYaJ__oUBRY6JvG1js2w==
date
Mon, 23 Dec 2024 13:51:10 GMT
content-type
text/javascript
last-modified
Thu, 19 Dec 2024 22:03:43 GMT
via
1.1 67b919f32fa9ff0607f0c0df49f2c116.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
71355
x-amz-cf-pop
JFK50-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
vendor-DXx3QJ7G.js
pay.tesorio.com/static/assets/ 		1001 KB
1002 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.tesorio.com/static/assets/vendor-DXx3QJ7G.js
Requested by
Host: pay.tesorio.com
URL: https://pay.tesorio.com/?payment_token=eyJjdXN0b21lcl9pZCI6MTQzNzE1NDN9:1tPF4t:tsHLiBWg_eJRpvlwKRFl6AX-96CjmPv1c7bKVPP6Um8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-120.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a7943580121cf9d12764b3501e6e9efcfc6ec1a8b3a940ce361f0dcc12a32eee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://pay.tesorio.com
Referer
https://pay.tesorio.com/?payment_token=eyJjdXN0b21lcl9pZCI6MTQzNzE1NDN9:1tPF4t:tsHLiBWg_eJRpvlwKRFl6AX-96CjmPv1c7bKVPP6Um8

Response headers

access-control-max-age
0
x-amz-version-id
VO6FHNWHVpqXVWNFrcVW2Wcf1wpieO0g
etag
"94201f3c0287fb721fafec60c156b3ff"
age
4880
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
-82w-7RG_vDiLFWPIwRYsP3awRYoQQBd2JmHhLqQUYuYXrsmPfFocw==
date
Mon, 23 Dec 2024 13:51:10 GMT
content-type
text/javascript
last-modified
Thu, 19 Dec 2024 22:03:45 GMT
via
1.1 67b919f32fa9ff0607f0c0df49f2c116.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
1024703
x-amz-cf-pop
JFK50-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
index-COcTSR02.css
pay.tesorio.com/static/assets/ 		249 KB
249 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pay.tesorio.com/static/assets/index-COcTSR02.css
Requested by
Host: pay.tesorio.com
URL: https://pay.tesorio.com/?payment_token=eyJjdXN0b21lcl9pZCI6MTQzNzE1NDN9:1tPF4t:tsHLiBWg_eJRpvlwKRFl6AX-96CjmPv1c7bKVPP6Um8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-120.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f1b4468189524801068bb5c4942e34431122837f508a4164c708cec4b10126c6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://pay.tesorio.com
Referer
https://pay.tesorio.com/?payment_token=eyJjdXN0b21lcl9pZCI6MTQzNzE1NDN9:1tPF4t:tsHLiBWg_eJRpvlwKRFl6AX-96CjmPv1c7bKVPP6Um8

Response headers

access-control-max-age
0
x-amz-version-id
Iilu9Jl2rvtxysztKA9Srvmr0OW4fQ2.
etag
"98ad3400a62c240b06f72555a2dd2b7e"
age
4880
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
tcUPpQUI6o3_my9thTkgVLfqMOJRCmytkIG9JGZbOw9muRLS5omwkg==
date
Mon, 23 Dec 2024 13:51:10 GMT
content-type
text/css
last-modified
Thu, 19 Dec 2024 22:03:42 GMT
via
1.1 67b919f32fa9ff0607f0c0df49f2c116.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
254611
x-amz-cf-pop
JFK50-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.35 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f3.1e100.net
Software
sffe /
Resource Hash
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://pay.tesorio.com
Referer
https://fonts.googleapis.com/

Response headers

age
326082
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 19 Dec 2025 20:37:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Dec 2024 20:37:48 GMT
last-modified
Thu, 01 Aug 2024 20:41:19 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18492
x-xss-protection
0
server
sffe
/
pay.tesorio.com/api/v1/config/ 		319 B
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.tesorio.com/api/v1/config/
Requested by
Host: pay.tesorio.com
URL: https://pay.tesorio.com/static/assets/vendor-DXx3QJ7G.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-120.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
b183b65def146be3218aa4864770be5a11a64587e8d0ecc014911a38599e65d6
Security Headers
Name Value
Content-Security-Policy font-src * https:; frame-ancestors 'self' https://*.salesforce.com https://*.develop.my.salesforce.com https://*.lightning.force.com https://*.visualforce.com https://*.force.com; default-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; img-src * https: blob: data:; form-action 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; style-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; report-to csp-endpoint; worker-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io blob:; base-uri 'self'; report-uri https://browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubf5c26cc97be54fb1b2d0c3a83793a312&dd-evp-origin=content-security-policy&ddsource=csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://pay.tesorio.com/?payment_token=eyJjdXN0b21lcl9pZCI6MTQzNzE1NDN9:1tPF4t:tsHLiBWg_eJRpvlwKRFl6AX-96CjmPv1c7bKVPP6Um8

Response headers

x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
1O0rH2XrmzshXCkZf8xxTr67BpY1ZdJ0LLFtouEsPQ36MfJE_jOTZQ==
date
Mon, 23 Dec 2024 15:12:30 GMT
content-type
application/json
vary
Cookie
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains
reporting-endpoints
csp-endpoint="https://browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubf5c26cc97be54fb1b2d0c3a83793a312&dd-evp-origin=content-security-policy&ddsource=csp-report"
content-security-policy
font-src * https:; frame-ancestors 'self' https://*.salesforce.com https://*.develop.my.salesforce.com https://*.lightning.force.com https://*.visualforce.com https://*.force.com; default-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; img-src * https: blob: data:; form-action 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; style-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; report-to csp-endpoint; worker-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io blob:; base-uri 'self'; report-uri https://browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubf5c26cc97be54fb1b2d0c3a83793a312&dd-evp-origin=content-security-policy&ddsource=csp-report
cross-origin-opener-policy
same-origin
referrer-policy
same-origin
allow
GET, HEAD, OPTIONS
via
1.1 67b919f32fa9ff0607f0c0df49f2c116.cloudfront.net (CloudFront)
content-length
319
x-amz-cf-pop
JFK50-P3
server
nginx
favicon.ico
pay.tesorio.com/static/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pay.tesorio.com/static/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-120.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b5864f8b008648bda926ee12ee2397a433d730c304e65a6f65c0d7aa87a75598

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pay.tesorio.com/?payment_token=eyJjdXN0b21lcl9pZCI6MTQzNzE1NDN9:1tPF4t:tsHLiBWg_eJRpvlwKRFl6AX-96CjmPv1c7bKVPP6Um8

Response headers

x-amz-version-id
E2tIBIJR7Xd_.WycdeawZsZQflRLrD8w
etag
"fd15f5822d701414404d305656a7bb00"
age
6584
via
1.1 67b919f32fa9ff0607f0c0df49f2c116.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
15086
x-amz-cf-id
wL59iM3ijgINC51GB2F4vtFe3Tj3O3EiY13UsYX0rfJDj5f6OQoaMA==
date
Mon, 23 Dec 2024 13:22:47 GMT
content-type
image/vnd.microsoft.icon
last-modified
Thu, 19 Dec 2024 22:03:45 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
x-amz-server-side-encryption
AES256
/
o249981.ingest.sentry.io/api/154139/envelope/ 		2 B
297 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o249981.ingest.sentry.io/api/154139/envelope/?sentry_key=9df03d7299214c22b702900c27801c5c&sentry_version=7&sentry_client=sentry.javascript.react%2F8.8.0
Requested by
Host: pay.tesorio.com
URL: https://pay.tesorio.com/static/assets/vendor-DXx3QJ7G.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://pay.tesorio.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 23 Dec 2024 15:12:30 GMT
content-type
application/json
vary
origin, access-control-request-method, access-control-request-headers
server
nginx
analytics.min.js
cdn.segment.com/analytics.js/v1/BhPXsaDRG5HCTnZZOWVYnQj3wMDfcbGT/ 		106 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/BhPXsaDRG5HCTnZZOWVYnQj3wMDfcbGT/analytics.min.js
Requested by
Host: pay.tesorio.com
URL: https://pay.tesorio.com/?payment_token=eyJjdXN0b21lcl9pZCI6MTQzNzE1NDN9:1tPF4t:tsHLiBWg_eJRpvlwKRFl6AX-96CjmPv1c7bKVPP6Um8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.86.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-86-140.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b5132c1012528fcf2b345cc647c7907001262043840f83e52b244f86b746350d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
3000
content-encoding
br
x-amz-version-id
zgx9TmWaNDus_6kPx948pul44Gm4AcjJ
etag
W/"c8b32853cd910be3671777a01ac175c5"
age
90
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
0gaG2l3WbTr6WNoo8-4fBTKi4joAB4iCaNA6vP0Ess189yYMHH85fg==
date
Mon, 23 Dec 2024 15:12:30 GMT
content-type
text/javascript; charset=utf-8
vary
accept-encoding
last-modified
Wed, 13 Nov 2024 18:31:07 GMT
x-amz-replication-status
COMPLETED
cache-control
public, max-age=120
via
1.1 701ab3b5f13105928d49d7d81df91c8a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
JFK52-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
/
pay.tesorio.com/api/v1/me/ 		3 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.tesorio.com/api/v1/me/?payment_token=eyJjdXN0b21lcl9pZCI6MTQzNzE1NDN9%3A1tPF4t%3AtsHLiBWg_eJRpvlwKRFl6AX-96CjmPv1c7bKVPP6Um8
Requested by
Host: pay.tesorio.com
URL: https://pay.tesorio.com/static/assets/vendor-DXx3QJ7G.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-120.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
babe3e8b998f6ef05c3eeb4ad565dff77d8e9cba3bcf7d53559f0a2492001643
Security Headers
Name Value
Content-Security-Policy img-src * https: blob: data:; form-action 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; report-to csp-endpoint; base-uri 'self'; style-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; worker-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io blob:; default-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; font-src * https:; frame-ancestors 'self' https://*.salesforce.com https://*.develop.my.salesforce.com https://*.lightning.force.com https://*.visualforce.com https://*.force.com; manifest-src 'self'; report-uri https://browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubf5c26cc97be54fb1b2d0c3a83793a312&dd-evp-origin=content-security-policy&ddsource=csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://pay.tesorio.com/?payment_token=eyJjdXN0b21lcl9pZCI6MTQzNzE1NDN9:1tPF4t:tsHLiBWg_eJRpvlwKRFl6AX-96CjmPv1c7bKVPP6Um8

Response headers

content-encoding
gzip
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
g8FwDCOhexB-GYgW6buAsKnhJT7_Wg_VCWZmGqaHPQ2Y6tk7vafZEQ==
date
Mon, 23 Dec 2024 15:12:30 GMT
content-type
application/json
vary
Cookie, accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains
reporting-endpoints
csp-endpoint="https://browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubf5c26cc97be54fb1b2d0c3a83793a312&dd-evp-origin=content-security-policy&ddsource=csp-report"
content-security-policy
img-src * https: blob: data:; form-action 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; report-to csp-endpoint; base-uri 'self'; style-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; worker-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io blob:; default-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; font-src * https:; frame-ancestors 'self' https://*.salesforce.com https://*.develop.my.salesforce.com https://*.lightning.force.com https://*.visualforce.com https://*.force.com; manifest-src 'self'; report-uri https://browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubf5c26cc97be54fb1b2d0c3a83793a312&dd-evp-origin=content-security-policy&ddsource=csp-report
cross-origin-opener-policy
same-origin
referrer-policy
same-origin
allow
GET, HEAD, OPTIONS
via
1.1 67b919f32fa9ff0607f0c0df49f2c116.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
server
nginx
/
o249981.ingest.sentry.io/api/154139/envelope/ 		2 B
55 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o249981.ingest.sentry.io/api/154139/envelope/?sentry_key=9df03d7299214c22b702900c27801c5c&sentry_version=7&sentry_client=sentry.javascript.react%2F8.8.0
Requested by
Host: pay.tesorio.com
URL: https://pay.tesorio.com/static/assets/vendor-DXx3QJ7G.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://pay.tesorio.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 23 Dec 2024 15:12:30 GMT
content-type
application/json
vary
origin, access-control-request-method, access-control-request-headers
server
nginx
/
o249981.ingest.sentry.io/api/154139/envelope/ 		2 B
55 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o249981.ingest.sentry.io/api/154139/envelope/?sentry_key=9df03d7299214c22b702900c27801c5c&sentry_version=7&sentry_client=sentry.javascript.react%2F8.8.0
Requested by
Host: pay.tesorio.com
URL: https://pay.tesorio.com/static/assets/vendor-DXx3QJ7G.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://pay.tesorio.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 23 Dec 2024 15:12:30 GMT
content-type
application/json
vary
origin, access-control-request-method, access-control-request-headers
server
nginx
index-C_EIh02r.js
pay.tesorio.com/static/assets/ 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.tesorio.com/static/assets/index-C_EIh02r.js
Requested by
Host: pay.tesorio.com
URL: https://pay.tesorio.com/static/assets/index-DnDpeOx6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-120.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cc74a0faaca6977bf9fff163f226310cac4d2694684862b542faed8e174ee126

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://pay.tesorio.com
Referer

Response headers

access-control-max-age
0
etag
"430ab550a87cc694837a515719ce92a8"
x-amz-version-id
lW0Ky2CWaE0zeZISO7wW79vcqUS4W9Qa
age
84536
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
6QLPdLsHDS6G1LpGAggBDthHSAykvX2-99Z2ZpfCxj4yiKuH1S-_Kw==
date
Sun, 22 Dec 2024 15:43:35 GMT
content-type
text/javascript
last-modified
Thu, 19 Dec 2024 22:03:42 GMT
via
1.1 67b919f32fa9ff0607f0c0df49f2c116.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
13338
x-amz-cf-pop
JFK50-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
index-DZ5JiZaQ.js
pay.tesorio.com/static/assets/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.tesorio.com/static/assets/index-DZ5JiZaQ.js
Requested by
Host: pay.tesorio.com
URL: https://pay.tesorio.com/static/assets/index-DnDpeOx6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-120.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fccd33b84ede0720c25e2b54d35cbf4066d2e6ff7981d043e860193faa78a55b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://pay.tesorio.com
Referer

Response headers

access-control-max-age
0
x-amz-version-id
vaArz4uRGKi8DSNYO2kFWhxY3HyKUylT
etag
"2e5dffc5eda613f552a9b387d839d39f"
age
4348
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
K9NABvEgYjmyAGIZHa2CduOhF2ii3SKAqWc0FZdL_sLQRIGPGDNOJA==
date
Mon, 23 Dec 2024 14:00:03 GMT
content-type
text/javascript
last-modified
Thu, 19 Dec 2024 22:03:43 GMT
via
1.1 67b919f32fa9ff0607f0c0df49f2c116.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
4111
x-amz-cf-pop
JFK50-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
big-zf_EpVz6.js
pay.tesorio.com/static/assets/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.tesorio.com/static/assets/big-zf_EpVz6.js
Requested by
Host: pay.tesorio.com
URL: https://pay.tesorio.com/static/assets/index-DnDpeOx6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-120.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e932fca8dd3751365257e09a36bcb6a581fa9c7f76b9f68071dbf328fa59a8c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://pay.tesorio.com
Referer

Response headers

access-control-max-age
0
etag
"465095ef0a1ead46850951b789d70764"
x-amz-version-id
y8j69d7AYKcnCV29Wb_rYURfZ4hMJIqD
age
1995
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
xoywpS568Mu-6TWGoHuutAri0Ob0noqS_VPG0gsrCsmyYt3IztYnrw==
date
Mon, 23 Dec 2024 14:39:16 GMT
content-type
text/javascript
last-modified
Thu, 19 Dec 2024 22:03:41 GMT
via
1.1 67b919f32fa9ff0607f0c0df49f2c116.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
5899
x-amz-cf-pop
JFK50-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
useConfirmation-jFr2D3lE.js
pay.tesorio.com/static/assets/ 		31 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.tesorio.com/static/assets/useConfirmation-jFr2D3lE.js
Requested by
Host: pay.tesorio.com
URL: https://pay.tesorio.com/static/assets/index-DnDpeOx6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-120.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
116e6e44c5b426ff95812839d167a9a52c3510bb2759d02e235850580f103f39

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://pay.tesorio.com
Referer

Response headers

access-control-max-age
0
etag
"6da39d3a8d4f887534a0e061c4a42399"
x-amz-version-id
dYNka9hEctelxBUwITXsrS60YvCQj14F
age
84536
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
yaTni2eRXxHlTpwdY0Xs1jH2_h3tpK-Ws4wbTE7WycSmx3GjoyBbGg==
date
Sun, 22 Dec 2024 15:43:35 GMT
content-type
text/javascript
last-modified
Thu, 19 Dec 2024 22:03:44 GMT
via
1.1 67b919f32fa9ff0607f0c0df49f2c116.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
31232
x-amz-cf-pop
JFK50-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
index-ioex45Yw.js
pay.tesorio.com/static/assets/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.tesorio.com/static/assets/index-ioex45Yw.js
Requested by
Host: pay.tesorio.com
URL: https://pay.tesorio.com/static/assets/index-DnDpeOx6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-120.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4dee561ca92a0347d3e816ed4f61f1c2be9d098453aa9087f17f7bdbb65a8303

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://pay.tesorio.com
Referer

Response headers

access-control-max-age
0
etag
"e6bccdd4d1e9bfb036691c9f38e89cca"
x-amz-version-id
duBa9xsGx1hKEI5f2tCTZVXIt59dNUyQ
age
84536
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
ylxDhh8CQ1FwQOuUmTwXVoqxWk5Ecz2dzTHUQlqsTz0gjZp5ZAvH2w==
date
Sun, 22 Dec 2024 15:43:35 GMT
content-type
text/javascript
last-modified
Thu, 19 Dec 2024 22:03:43 GMT
via
1.1 67b919f32fa9ff0607f0c0df49f2c116.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
1143
x-amz-cf-pop
JFK50-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
index.es-yvuv80Sj.js
pay.tesorio.com/static/assets/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.tesorio.com/static/assets/index.es-yvuv80Sj.js
Requested by
Host: pay.tesorio.com
URL: https://pay.tesorio.com/static/assets/index-DnDpeOx6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-120.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1fe85783242cd1366298afb1464a713be0c038e9726f1164ccde027408f75e4d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://pay.tesorio.com
Referer

Response headers

access-control-max-age
0
etag
"d93fffe77b86f7769f4020bb0eb5443c"
x-amz-version-id
dxOd4byoJqupMHQRK49zYHsYrG4FIZXM
age
84536
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
s3jh5Uv881EOpzTR5R8a-q6CkNdMsJhKDvdGjRyHsJr-BZPylwVThw==
date
Sun, 22 Dec 2024 15:43:35 GMT
content-type
text/javascript
last-modified
Thu, 19 Dec 2024 22:03:44 GMT
via
1.1 67b919f32fa9ff0607f0c0df49f2c116.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
2156
x-amz-cf-pop
JFK50-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
usePayments-DL-hgJKw.js
pay.tesorio.com/static/assets/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.tesorio.com/static/assets/usePayments-DL-hgJKw.js
Requested by
Host: pay.tesorio.com
URL: https://pay.tesorio.com/static/assets/index-DnDpeOx6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-120.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2761484b56ee8f6634c5388c5866a55276efd1596aa26987f55e2309cbea9d95

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://pay.tesorio.com
Referer

Response headers

access-control-max-age
0
etag
"128b37d9a1a4a028b1f097964f8a9fc4"
x-amz-version-id
b3.jR7rGQyzESgJYBGcobJkutI98ak24
age
84536
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
Q3ty4cG8sgUTrlEUNVsyzRLljg2CTm6-EtBPPPeS6ROKxXNJWpxFSA==
date
Sun, 22 Dec 2024 15:43:35 GMT
content-type
text/javascript
last-modified
Thu, 19 Dec 2024 22:03:44 GMT
via
1.1 67b919f32fa9ff0607f0c0df49f2c116.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
2306
x-amz-cf-pop
JFK50-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
usePaymentMethods-B4CiB92b.js
pay.tesorio.com/static/assets/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.tesorio.com/static/assets/usePaymentMethods-B4CiB92b.js
Requested by
Host: pay.tesorio.com
URL: https://pay.tesorio.com/static/assets/index-DnDpeOx6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-120.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8482bff60f7c8161dc9d1980760146ed0900ddf2ff7579aae35245ae5df03e11

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://pay.tesorio.com
Referer

Response headers

access-control-max-age
0
etag
"ee675073ef3ed0760c4e392fbfc1b2ca"
x-amz-version-id
riXZm1nIAgSo6_TfCUNstFbHg701sgmI
age
84536
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
2uaP-vG8u_kC3Xa1Wt1qi5YwPt-T-KLcgQPAgkmtKkHBZBfKxOthuA==
date
Sun, 22 Dec 2024 15:43:35 GMT
content-type
text/javascript
last-modified
Thu, 19 Dec 2024 22:03:44 GMT
via
1.1 67b919f32fa9ff0607f0c0df49f2c116.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
1168
x-amz-cf-pop
JFK50-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
paymentStatus-C8CcaWq2.js
pay.tesorio.com/static/assets/ 		435 B
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.tesorio.com/static/assets/paymentStatus-C8CcaWq2.js
Requested by
Host: pay.tesorio.com
URL: https://pay.tesorio.com/static/assets/index-DnDpeOx6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-120.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f59b6043ba211f401728c5ccb942cea1dc5fb9400421886600d0b78e0d0fd6a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://pay.tesorio.com
Referer

Response headers

access-control-max-age
0
etag
"98e8b0f5249039ba534d6b76890f3dcc"
x-amz-version-id
KLN4OftxYbujavMk1OBtUFn7L3qMw4cT
age
84536
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
EvJlBk5VgDYLMoThkv1vko2s42oxqMB3yIFcMQBcGhi1UdcWM_2HAg==
date
Sun, 22 Dec 2024 15:43:35 GMT
content-type
text/javascript
last-modified
Thu, 19 Dec 2024 22:03:44 GMT
via
1.1 67b919f32fa9ff0607f0c0df49f2c116.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
435
x-amz-cf-pop
JFK50-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.35 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f3.1e100.net
Software
sffe /
Resource Hash
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://pay.tesorio.com
Referer
https://fonts.googleapis.com/

Response headers

age
428235
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 18 Dec 2025 16:15:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 16:15:15 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18588
x-xss-protection
0
server
sffe
/
js.stripe.com/v3/ 		693 KB
167 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: pay.tesorio.com
URL: https://pay.tesorio.com/static/assets/index-DnDpeOx6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-48.ewr53.r.cloudfront.net
Software
Cloudfront /
Resource Hash
e74a6a0b16f16ab84e3e2173f8307cdb0c26fba47e457c40d4e3f1184880c4c3
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
W/"4de224cce760591772bc5d7230627e82"
age
34
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
Cny9am5e9zMOFBgG8qGIZYyNZucGNd4HftmOZ4W6Ra82EGdTRWDfhA==
date
Mon, 23 Dec 2024 15:11:58 GMT
content-type
text/javascript; charset=utf-8
last-modified
Fri, 20 Dec 2024 21:52:05 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
cache-control
max-age=60
timing-allow-origin
*
via
1.1 3c5c6d0ac004d7cc9b79e2835fc1f6a4.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
EWR53-P1
server
Cloudfront
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.35 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f3.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://pay.tesorio.com
Referer
https://fonts.googleapis.com/

Response headers

age
442078
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 18 Dec 2025 12:24:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 12:24:32 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
monday_logo_for_print.png
tesorio-dashboard-media-files-production.s3.amazonaws.com/subsidiarypaymentsettings/logo/1596a0bee54d40ca9b1721dbe5799781/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tesorio-dashboard-media-files-production.s3.amazonaws.com/subsidiarypaymentsettings/logo/1596a0bee54d40ca9b1721dbe5799781/monday_logo_for_print.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=ASIA4KVLNHIYWOG5ITF2%2F20241223%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241223T151230Z&X-Amz-Expires=3600&X-Amz-SignedHeaders=host&X-Amz-Security-Token=IQoJb3JpZ2luX2VjEBAaCXVzLWVhc3QtMSJGMEQCIEMc8DODy5BOpkuGGNez%2FNzeg33a1wrXmKaJlrUnRrzjAiBCWk8kM2l392KdO%2Bjs%2BMfAvr5YvJ%2FFay%2FUULBUhHrrqSqABQjY%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F8BEAEaDDg0NzU0MTc3ODk5MyIMgHQFo0z5Kzdb%2F45%2FKtQEAPE670GrBv9phTkjN3EpN5jJQKIDQJRqw%2B1AvadJRwmgoicHqp2EC%2F4rFY%2Fue3wbQYzjc36yjVvnaDTh1BnLJnpm0c5%2FK8ojNpncOiMb93O%2FzRv8Tav7tnwaecYc3mvJ368rJlsxBgHt9ncwq5x%2BxtrAe3mB8cfQlRzww77w921qV4ZOBDpap93grvuaSO91S8AcuEBXZWlHocFZwFdB%2BescUOVr3EbTcrNrokoKPplVXnsiIzDhYTfgP2%2FEoYJzgRkly%2B6ObqF2fFIDJwlhjZK5dH5k0vXC6jajnm5WDdn1pnDvb%2Fx8ujNxWsXjxfPK%2Bavf5x9Py1FWmarJBjOIBy3fOXbPgamMifI9mPGg6pPFDXVsTAgsUJGRSMlTlrKXrfIbM6fxdOsxhlqUFkUxeicQK7FDiKeo723rX4SPuMxZSFia0XvsxU9UBvIGbcgOIWxe8VLju3M3hJmv7tXkEmSIqjcvRWVKBubHccVB6KC1gOKGwFP1wgSyKlM1O7A5whad3rUdnmw5v6Zkqb2P0n1maHhD6THdHbJClZ32VDglEAcFMb%2BvLe%2FY8t2ADpyKCxYC7gV7mc2%2B7QUC%2FzDfjQ6AbWdjY0u%2BfZwVWrZnPskTLBYspxCTlOF2bFyFIpmoVdEAVcVlrMElRDlIVEhyDjGW090YS7a4yZtuw2tkJDEl0GJpQecsEtzNFx4X054NJ8CuMkV3xAPIZ1oYBlH6O47dGG3zLVlaZmHkw5G%2F%2FCj82Z2qr1DEu9N3HJCwgt7hBek3amXDLQq6GWRNx9ZZGP0qarMwtfuluwY6mwFU3Vm0eBPp55NLcVUFzt9kOnAItUyfgksRjoQhPfYNJ9UAwJgIJAuF%2BkIcmNBVJVbEULlPFf3EsQl%2BdL%2FoQqIqRcm5Zo51vXwFJ9NquXF9%2Fn8ug%2F%2F97xHHsP6mZcHp3QBi1FoBDoVaJ9UThfLBOGOfqH4wzAaW6OeZZ3alZyhNzRGQE8aGl%2B3%2BmVeBpbZPQBUZ%2B4184Fg0Mi3zCg%3D%3D&X-Amz-Signature=1cd9a3bdf1991cc3424eee516d172fb6f235b4fd656eb3bda375e877be3356e6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.5.11.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
5e6bd82f8d339ad99e3ef57f1efa4f9a2e8dab1b8c2908e7dd5b220c81d3cf94

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-amz-id-2
q9B4L7ebQrgBRbz9lPtEc9WFcRrUVVT3rxbEhgY+GpBYiWfi4DGeIchwE+kKOYVggFPuYlmTxAXa/MNEWugrZQ==
x-amz-server-side-encryption-bucket-key-enabled
true
Cache-Control
private,max-age=86400
ETag
"3c1b50545ea53e1e4616862c520e3842"
x-amz-version-id
LLi9Tfz0XOcGtJPWpo9oX6W5QL3YVi_P
x-amz-request-id
XAGPFFCAHTND4AFC
Accept-Ranges
bytes
Content-Length
5969
Date
Mon, 23 Dec 2024 15:12:32 GMT
Last-Modified
Wed, 20 Sep 2023 09:25:54 GMT
Content-Type
image/png
Server
AmazonS3
x-amz-server-side-encryption-aws-kms-key-id
arn:aws:kms:us-east-1:847541778993:key/dec3d836-e7ed-4e0d-a8af-f53abd634774
x-amz-server-side-encryption
aws:kms
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
98eafd72d3a10e93278e22da6b3253c8ee9f60ad06c53b83a0a1a51bfd74a0de

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
pci-check-logo-Bh3R6m7H.png
pay.tesorio.com/static/assets/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay.tesorio.com/static/assets/pci-check-logo-Bh3R6m7H.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-120.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0fc92d4d78d236cfc51309f1eb5e6b133757edc17ea2403d95710def0c3d620e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pay.tesorio.com/pay-now

Response headers

x-amz-version-id
18N1h6pe8xydZBTPlFuvzM1cvHVy9UET
etag
"d36b43cc725e256e918039d0b036981d"
age
4881
via
1.1 67b919f32fa9ff0607f0c0df49f2c116.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
8647
x-amz-cf-id
nnIoKjwzgPxpcs1DxVsZC4zqwDSUOjchWvYC78wigw62gIZKI58SaQ==
date
Mon, 23 Dec 2024 13:51:10 GMT
content-type
image/png
last-modified
Thu, 19 Dec 2024 22:03:44 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
x-amz-server-side-encryption
AES256
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
38fbceaa1829df33ca086a15f00d1b2161efb4f6c500120ee34259e720b51022

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
/
pay.tesorio.com/api/v1/invoices/subsidiaries/ 		29 B
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.tesorio.com/api/v1/invoices/subsidiaries/?
Requested by
Host: pay.tesorio.com
URL: https://pay.tesorio.com/static/assets/vendor-DXx3QJ7G.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-120.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
0eaf2dde124a8fe23ab413c3600ce97912c2b4097c1c78b15c775faccdc09e0f
Security Headers
Name Value
Content-Security-Policy font-src * https:; frame-ancestors 'self' https://*.salesforce.com https://*.develop.my.salesforce.com https://*.lightning.force.com https://*.visualforce.com https://*.force.com; default-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; img-src * https: blob: data:; form-action 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; style-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; report-to csp-endpoint; worker-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io blob:; base-uri 'self'; report-uri https://browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubf5c26cc97be54fb1b2d0c3a83793a312&dd-evp-origin=content-security-policy&ddsource=csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://pay.tesorio.com/pay-now
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-Tesorio-Customer-Id
14371543

Response headers

x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
1SkTG3PgsK1kiFI44jg_DO2l1wZS9YSW1t-ujVAfF3kzQuRy8zTXKw==
date
Mon, 23 Dec 2024 15:12:31 GMT
content-type
application/json
vary
Cookie
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains
reporting-endpoints
csp-endpoint="https://browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubf5c26cc97be54fb1b2d0c3a83793a312&dd-evp-origin=content-security-policy&ddsource=csp-report"
content-security-policy
font-src * https:; frame-ancestors 'self' https://*.salesforce.com https://*.develop.my.salesforce.com https://*.lightning.force.com https://*.visualforce.com https://*.force.com; default-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; img-src * https: blob: data:; form-action 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; style-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; report-to csp-endpoint; worker-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io blob:; base-uri 'self'; report-uri https://browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubf5c26cc97be54fb1b2d0c3a83793a312&dd-evp-origin=content-security-policy&ddsource=csp-report
cross-origin-opener-policy
same-origin
referrer-policy
same-origin
allow
GET, HEAD, OPTIONS
via
1.1 67b919f32fa9ff0607f0c0df49f2c116.cloudfront.net (CloudFront)
content-length
29
x-amz-cf-pop
JFK50-P3
server
nginx
/
pay.tesorio.com/api/v1/invoices/overview/updated/ 		61 B
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.tesorio.com/api/v1/invoices/overview/updated/?subsidiary_id__in=
Requested by
Host: pay.tesorio.com
URL: https://pay.tesorio.com/static/assets/vendor-DXx3QJ7G.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-120.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
2551426af56e4b89a8e7c8477290538e1d8ad9d26dacf7757298c1bad6af932b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.salesforce.com https://*.develop.my.salesforce.com https://*.lightning.force.com https://*.visualforce.com https://*.force.com; img-src * https: blob: data:; default-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; base-uri 'self'; report-to csp-endpoint; manifest-src 'self'; font-src * https:; form-action 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; worker-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io blob:; style-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; report-uri https://browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubf5c26cc97be54fb1b2d0c3a83793a312&dd-evp-origin=content-security-policy&ddsource=csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://pay.tesorio.com/pay-now
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-Tesorio-Customer-Id
14371543

Response headers

x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
H7C_E_YNJ0XnRmx5rbo9OWOCYICkl-Ckv4LLts-w8Ly88IDvYzIkdw==
date
Mon, 23 Dec 2024 15:12:30 GMT
content-type
application/json
vary
Cookie
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains
reporting-endpoints
csp-endpoint="https://browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubf5c26cc97be54fb1b2d0c3a83793a312&dd-evp-origin=content-security-policy&ddsource=csp-report"
content-security-policy
frame-ancestors 'self' https://*.salesforce.com https://*.develop.my.salesforce.com https://*.lightning.force.com https://*.visualforce.com https://*.force.com; img-src * https: blob: data:; default-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; base-uri 'self'; report-to csp-endpoint; manifest-src 'self'; font-src * https:; form-action 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; worker-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io blob:; style-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; report-uri https://browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubf5c26cc97be54fb1b2d0c3a83793a312&dd-evp-origin=content-security-policy&ddsource=csp-report
cross-origin-opener-policy
same-origin
referrer-policy
same-origin
allow
GET, HEAD, OPTIONS
via
1.1 67b919f32fa9ff0607f0c0df49f2c116.cloudfront.net (CloudFront)
content-length
61
x-amz-cf-pop
JFK50-P3
server
nginx
/
pay.tesorio.com/api/v1/stripe_account/ 		41 B
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.tesorio.com/api/v1/stripe_account/?
Requested by
Host: pay.tesorio.com
URL: https://pay.tesorio.com/static/assets/vendor-DXx3QJ7G.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-120.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
2c09ae9c39bccd748b9dfad8202b0b87165cde2388a8fffaf35e6a6a8f5cef13
Security Headers
Name Value
Content-Security-Policy font-src * https:; frame-ancestors 'self' https://*.salesforce.com https://*.develop.my.salesforce.com https://*.lightning.force.com https://*.visualforce.com https://*.force.com; default-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; img-src * https: blob: data:; form-action 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; style-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; report-to csp-endpoint; worker-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io blob:; base-uri 'self'; report-uri https://browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubf5c26cc97be54fb1b2d0c3a83793a312&dd-evp-origin=content-security-policy&ddsource=csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://pay.tesorio.com/pay-now
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-Tesorio-Customer-Id
14371543

Response headers

x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
m8AOgkKVuMw8vRVbJeoxZZMaVgtKsjgIXPgZOdTr0En5nmwTBHcXUA==
date
Mon, 23 Dec 2024 15:12:31 GMT
content-type
application/json
vary
Cookie
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains
reporting-endpoints
csp-endpoint="https://browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubf5c26cc97be54fb1b2d0c3a83793a312&dd-evp-origin=content-security-policy&ddsource=csp-report"
content-security-policy
font-src * https:; frame-ancestors 'self' https://*.salesforce.com https://*.develop.my.salesforce.com https://*.lightning.force.com https://*.visualforce.com https://*.force.com; default-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; img-src * https: blob: data:; form-action 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; style-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; report-to csp-endpoint; worker-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io blob:; base-uri 'self'; report-uri https://browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubf5c26cc97be54fb1b2d0c3a83793a312&dd-evp-origin=content-security-policy&ddsource=csp-report
cross-origin-opener-policy
same-origin
referrer-policy
same-origin
allow
GET, HEAD, OPTIONS
via
1.1 67b919f32fa9ff0607f0c0df49f2c116.cloudfront.net (CloudFront)
content-length
41
x-amz-cf-pop
JFK50-P3
server
nginx
favicon.ico
pay.tesorio.com/static/ 		15 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://pay.tesorio.com/static/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-120.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b5864f8b008648bda926ee12ee2397a433d730c304e65a6f65c0d7aa87a75598

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pay.tesorio.com/pay-now

Response headers

x-amz-version-id
E2tIBIJR7Xd_.WycdeawZsZQflRLrD8w
etag
"fd15f5822d701414404d305656a7bb00"
age
6584
via
1.1 67b919f32fa9ff0607f0c0df49f2c116.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
15086
x-amz-cf-id
wL59iM3ijgINC51GB2F4vtFe3Tj3O3EiY13UsYX0rfJDj5f6OQoaMA==
date
Mon, 23 Dec 2024 13:22:47 GMT
content-type
image/vnd.microsoft.icon
last-modified
Thu, 19 Dec 2024 22:03:45 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
x-amz-server-side-encryption
AES256
favicon.ico
pay.tesorio.com/static/ 		15 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://pay.tesorio.com/static/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-120.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b5864f8b008648bda926ee12ee2397a433d730c304e65a6f65c0d7aa87a75598

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pay.tesorio.com/pay-now

Response headers

x-amz-version-id
E2tIBIJR7Xd_.WycdeawZsZQflRLrD8w
etag
"fd15f5822d701414404d305656a7bb00"
age
6584
via
1.1 67b919f32fa9ff0607f0c0df49f2c116.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
15086
x-amz-cf-id
wL59iM3ijgINC51GB2F4vtFe3Tj3O3EiY13UsYX0rfJDj5f6OQoaMA==
date
Mon, 23 Dec 2024 13:22:47 GMT
content-type
image/vnd.microsoft.icon
last-modified
Thu, 19 Dec 2024 22:03:45 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
x-amz-server-side-encryption
AES256
/
pay.tesorio.com/api/v1/payments/ 		52 B
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.tesorio.com/api/v1/payments/?status=ACTION_REQUIRED
Requested by
Host: pay.tesorio.com
URL: https://pay.tesorio.com/static/assets/vendor-DXx3QJ7G.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-120.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
0595424161ea863805d9b92c0e52d7aa1e3c46ec58cd8f0d6933759006a5fb74
Security Headers
Name Value
Content-Security-Policy font-src * https:; frame-ancestors 'self' https://*.salesforce.com https://*.develop.my.salesforce.com https://*.lightning.force.com https://*.visualforce.com https://*.force.com; default-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; img-src * https: blob: data:; form-action 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; style-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; report-to csp-endpoint; worker-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io blob:; base-uri 'self'; report-uri https://browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubf5c26cc97be54fb1b2d0c3a83793a312&dd-evp-origin=content-security-policy&ddsource=csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://pay.tesorio.com/pay-now
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-Tesorio-Customer-Id
14371543

Response headers

x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
XKFjLdxNnOg3XBnaEitb3YJY_r_UjiByU5Jk8ddsHZvIG1XgaLOdFg==
date
Mon, 23 Dec 2024 15:12:31 GMT
content-type
application/json
vary
Cookie
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains
reporting-endpoints
csp-endpoint="https://browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubf5c26cc97be54fb1b2d0c3a83793a312&dd-evp-origin=content-security-policy&ddsource=csp-report"
content-security-policy
font-src * https:; frame-ancestors 'self' https://*.salesforce.com https://*.develop.my.salesforce.com https://*.lightning.force.com https://*.visualforce.com https://*.force.com; default-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; img-src * https: blob: data:; form-action 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; style-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; report-to csp-endpoint; worker-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io blob:; base-uri 'self'; report-uri https://browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubf5c26cc97be54fb1b2d0c3a83793a312&dd-evp-origin=content-security-policy&ddsource=csp-report
cross-origin-opener-policy
same-origin
referrer-policy
same-origin
allow
GET, POST, HEAD, OPTIONS
via
1.1 67b919f32fa9ff0607f0c0df49f2c116.cloudfront.net (CloudFront)
content-length
52
x-amz-cf-pop
JFK50-P3
server
nginx
/
pay.tesorio.com/api/v1/autopay_settings/ 		23 B
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.tesorio.com/api/v1/autopay_settings/
Requested by
Host: pay.tesorio.com
URL: https://pay.tesorio.com/static/assets/vendor-DXx3QJ7G.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-120.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
cacf8a32e69eabea7d57711f4ccbeed4d284e1bbd0789137936d388da707b9de
Security Headers
Name Value
Content-Security-Policy font-src * https:; frame-ancestors 'self' https://*.salesforce.com https://*.develop.my.salesforce.com https://*.lightning.force.com https://*.visualforce.com https://*.force.com; default-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; img-src * https: blob: data:; form-action 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; style-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; report-to csp-endpoint; worker-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io blob:; base-uri 'self'; report-uri https://browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubf5c26cc97be54fb1b2d0c3a83793a312&dd-evp-origin=content-security-policy&ddsource=csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://pay.tesorio.com/pay-now
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-Tesorio-Customer-Id
14371543

Response headers

x-content-type-options
nosniff
x-cache
Error from cloudfront
x-amz-cf-id
Em3wV2AbNvT5kpzJgg9ugbc51pccafbn0ZE4rwtEDP4A6WqMO9xaSQ==
date
Mon, 23 Dec 2024 15:12:31 GMT
content-type
application/json
vary
Cookie
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains
reporting-endpoints
csp-endpoint="https://browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubf5c26cc97be54fb1b2d0c3a83793a312&dd-evp-origin=content-security-policy&ddsource=csp-report"
content-security-policy
font-src * https:; frame-ancestors 'self' https://*.salesforce.com https://*.develop.my.salesforce.com https://*.lightning.force.com https://*.visualforce.com https://*.force.com; default-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; img-src * https: blob: data:; form-action 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; style-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; report-to csp-endpoint; worker-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io blob:; base-uri 'self'; report-uri https://browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubf5c26cc97be54fb1b2d0c3a83793a312&dd-evp-origin=content-security-policy&ddsource=csp-report
cross-origin-opener-policy
same-origin
referrer-policy
same-origin
allow
GET, POST, PUT, PATCH, HEAD, OPTIONS
via
1.1 67b919f32fa9ff0607f0c0df49f2c116.cloudfront.net (CloudFront)
content-length
23
x-amz-cf-pop
JFK50-P3
server
nginx
/
pay.tesorio.com/api/v1/invoices/ 		473 B
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.tesorio.com/api/v1/invoices/?subsidiary_id__in=&status=OPEN
Requested by
Host: pay.tesorio.com
URL: https://pay.tesorio.com/static/assets/vendor-DXx3QJ7G.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-120.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
c119ffd64fa0de6c2560b256a3bd4bc3900f2dee46b7ff282cc3a6f796366ba2
Security Headers
Name Value
Content-Security-Policy font-src * https:; frame-ancestors 'self' https://*.salesforce.com https://*.develop.my.salesforce.com https://*.lightning.force.com https://*.visualforce.com https://*.force.com; default-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; img-src * https: blob: data:; form-action 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; style-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; report-to csp-endpoint; worker-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io blob:; base-uri 'self'; report-uri https://browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubf5c26cc97be54fb1b2d0c3a83793a312&dd-evp-origin=content-security-policy&ddsource=csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://pay.tesorio.com/pay-now
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-Tesorio-Customer-Id
14371543

Response headers

x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
pMgIvlxfYhuAZs8KNmBcbUPsPhLDe4cxESPkEp08yE4qfLf9k6XLiw==
date
Mon, 23 Dec 2024 15:12:31 GMT
content-type
application/json
vary
Cookie
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains
reporting-endpoints
csp-endpoint="https://browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubf5c26cc97be54fb1b2d0c3a83793a312&dd-evp-origin=content-security-policy&ddsource=csp-report"
content-security-policy
font-src * https:; frame-ancestors 'self' https://*.salesforce.com https://*.develop.my.salesforce.com https://*.lightning.force.com https://*.visualforce.com https://*.force.com; default-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; img-src * https: blob: data:; form-action 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; style-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; report-to csp-endpoint; worker-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io blob:; base-uri 'self'; report-uri https://browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubf5c26cc97be54fb1b2d0c3a83793a312&dd-evp-origin=content-security-policy&ddsource=csp-report
cross-origin-opener-policy
same-origin
referrer-policy
same-origin
allow
GET, HEAD, OPTIONS
via
1.1 67b919f32fa9ff0607f0c0df49f2c116.cloudfront.net (CloudFront)
content-length
473
x-amz-cf-pop
JFK50-P3
server
nginx
settings
cdn.segment.com/v1/projects/BhPXsaDRG5HCTnZZOWVYnQj3wMDfcbGT/ 		873 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/BhPXsaDRG5HCTnZZOWVYnQj3wMDfcbGT/settings
Requested by
Host: pay.tesorio.com
URL: https://pay.tesorio.com/static/assets/vendor-DXx3QJ7G.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.86.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-86-140.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f02ada791c6dcbf80d5858fe9659bd296d984ed5c56abeb026d32ff2a0a5bb85

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
3000
x-amz-version-id
IcTGDAE_9oVNDklFewRlO3rlwOWkK4Cb
etag
"aac295981a5ac613cd6a761ea014451b"
age
5841
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
H8ysuzdmEZufgqZgurFWLdsJeVNAxGzmZtrP7AvY0wWcrKOQXznphg==
date
Mon, 23 Dec 2024 13:40:22 GMT
content-type
application/json; charset=utf-8
vary
accept-encoding
last-modified
Wed, 13 Nov 2024 18:31:09 GMT
x-amz-replication-status
COMPLETED
cache-control
public, max-age=10800
via
1.1 32f22a5526f095115736b345c80e1c26.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
873
x-amz-cf-pop
JFK52-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
truncated
/ 		183 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c224c0ccbd0e5cd574a11e6e52f28e7b95888d4aed2294ef84a94d83c745ac81

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
/
o249981.ingest.sentry.io/api/154139/envelope/ 		2 B
55 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o249981.ingest.sentry.io/api/154139/envelope/?sentry_key=9df03d7299214c22b702900c27801c5c&sentry_version=7&sentry_client=sentry.javascript.react%2F8.8.0
Requested by
Host: pay.tesorio.com
URL: https://pay.tesorio.com/static/assets/vendor-DXx3QJ7G.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://pay.tesorio.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 23 Dec 2024 15:12:31 GMT
content-type
application/json
vary
origin, access-control-request-method, access-control-request-headers
server
nginx
/
o249981.ingest.sentry.io/api/154139/envelope/ 		41 B
94 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o249981.ingest.sentry.io/api/154139/envelope/?sentry_key=9df03d7299214c22b702900c27801c5c&sentry_version=7&sentry_client=sentry.javascript.react%2F8.8.0
Requested by
Host: pay.tesorio.com
URL: https://pay.tesorio.com/static/assets/vendor-DXx3QJ7G.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
f9846ee32274e622d38b9d78d5d45fbf028ed297629ff4bcc2fc7759f8ef0f03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://pay.tesorio.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 23 Dec 2024 15:12:31 GMT
content-type
application/json
vary
origin, access-control-request-method, access-control-request-headers
server
nginx
ajs-destination.bundle.ed53a26b6edc80c65d73.js
cdn.segment.com/analytics-next/bundles/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.ed53a26b6edc80c65d73.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BhPXsaDRG5HCTnZZOWVYnQj3wMDfcbGT/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.86.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-86-140.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
3000
content-encoding
br
etag
W/"00e9c65cbba11c07c4bf4a6e2727b8ea"
x-amz-version-id
GiR62Ux0OW4CfaeO_9tu7jJVzc8iU6.K
age
8302580
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
wnriPq5_39PMybUh5pDTLmxhy04EvIULa1eY1qTaP61KQhlJ3dX7cA==
date
Wed, 18 Sep 2024 12:56:12 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Tue, 17 Sep 2024 21:59:48 GMT
x-amz-replication-status
COMPLETED
cache-control
public,max-age=31536000,immutable
via
1.1 701ab3b5f13105928d49d7d81df91c8a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
JFK52-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
controller-with-preconnect-db14bd2d48cb82741ee875d715343273.html
js.stripe.com/v3/ Frame 0910 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-with-preconnect-db14bd2d48cb82741ee875d715343273.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-121.ewr53.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
25
alt-svc
h3=":443"; ma=86400
cache-control
max-age=60, stale-while-revalidate=900
content-length
651
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 23 Dec 2024 15:12:17 GMT
etag
"db14bd2d48cb82741ee875d715343273"
last-modified
Fri, 20 Dec 2024 21:10:34 GMT
origin-agent-cluster
?1
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 c22d4946ef5faea12b8d3942ceb9259a.cloudfront.net (CloudFront)
x-amz-cf-id
8_GrkTpo2MnBBhQKsqsLVUty_vZWooQUwpquhaOdJ3-zg_LxOORtfQ==
x-amz-cf-pop
EWR53-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
cdn.segment.com/analytics-next/bundles/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BhPXsaDRG5HCTnZZOWVYnQj3wMDfcbGT/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.86.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-86-140.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
3000
content-encoding
br
etag
W/"3867b2388b619ff7fddc29ef359fc9aa"
x-amz-version-id
IKXrUoItkKbxZQ20ut9b8FhMghJH_Xd7
age
13744034
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
PTR6hflieck7z6p_JpNKfqwulOliCPtm6Uy9cHmHwbZ89-TOiMVEug==
date
Wed, 17 Jul 2024 13:25:18 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Tue, 16 Jul 2024 17:27:04 GMT
x-amz-replication-status
COMPLETED
cache-control
public,max-age=31536000,immutable
via
1.1 701ab3b5f13105928d49d7d81df91c8a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
JFK52-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
pendo.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/pendo/1.1.4/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/pendo/1.1.4/pendo.dynamic.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BhPXsaDRG5HCTnZZOWVYnQj3wMDfcbGT/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.86.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-86-140.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6d8f4951c235a8db26d489db25b954875da8987f138f590972eddf60e610dd0c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
3000
content-encoding
gzip
etag
"293e149ac91d82123400a0ec45281fc9"
x-amz-version-id
4XYMKrS3ZajKayO3sReJdU1cMGt83NlV
age
3019215
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
j02Cn1ZX4P7ZVvAiapH2IPLMnzjQGmnE0Kqw-uc1Pat4JQghfiJmRA==
date
Mon, 18 Nov 2024 16:32:17 GMT
content-type
application/javascript
last-modified
Tue, 01 Oct 2024 11:20:17 GMT
cache-control
public,max-age=31536000,immutable
via
1.1 701ab3b5f13105928d49d7d81df91c8a.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
1383
x-amz-cf-pop
JFK52-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
p
api.segment.io/v1/ 		21 B
172 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: pay.tesorio.com
URL: https://pay.tesorio.com/static/assets/vendor-DXx3QJ7G.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.160.151.220 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-160-151-220.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer

Response headers

strict-transport-security
max-age=31536000
access-control-allow-origin
https://pay.tesorio.com
content-length
21
date
Mon, 23 Dec 2024 15:12:32 GMT
content-type
application/json
vary
Origin
p
api.segment.io/v1/ 		21 B
173 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: pay.tesorio.com
URL: https://pay.tesorio.com/static/assets/vendor-DXx3QJ7G.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.160.151.220 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-160-151-220.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer

Response headers

strict-transport-security
max-age=31536000
access-control-allow-origin
https://pay.tesorio.com
content-length
21
date
Mon, 23 Dec 2024 15:12:32 GMT
content-type
application/json
vary
Origin
i
api.segment.io/v1/ 		21 B
172 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/i
Requested by
Host: pay.tesorio.com
URL: https://pay.tesorio.com/static/assets/vendor-DXx3QJ7G.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.160.151.220 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-160-151-220.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer

Response headers

strict-transport-security
max-age=31536000
access-control-allow-origin
https://pay.tesorio.com
content-length
21
date
Mon, 23 Dec 2024 15:12:32 GMT
content-type
application/json
vary
Origin
g
api.segment.io/v1/ 		21 B
172 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/g
Requested by
Host: pay.tesorio.com
URL: https://pay.tesorio.com/static/assets/vendor-DXx3QJ7G.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.160.151.220 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-160-151-220.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer

Response headers

strict-transport-security
max-age=31536000
access-control-allow-origin
https://pay.tesorio.com
content-length
21
date
Mon, 23 Dec 2024 15:12:32 GMT
content-type
application/json
vary
Origin
commons.a61d7bea37d2de5d4b69.js.gz
cdn.segment.com/next-integrations/integrations/vendor/ 		70 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BhPXsaDRG5HCTnZZOWVYnQj3wMDfcbGT/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.86.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-86-140.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
265ac7549793e4b9d51f8ab19acc8518770ace94078790776b3ac34eb47e1bbd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
3000
content-encoding
gzip
etag
"c467a63b2e7c3a99be423ace649014d8"
x-amz-version-id
JPDEPREw8gYM0wgzX9n.pVdsRblNlmAD
age
1562525
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
w3xGsk_cX0p5zjGeYkIe2bf3hb_Q0tXAGoYWfEpeLV8VAETSYBEunA==
date
Thu, 05 Dec 2024 13:10:27 GMT
content-type
application/javascript
last-modified
Tue, 01 Oct 2024 11:20:15 GMT
cache-control
public,max-age=31536000,immutable
via
1.1 701ab3b5f13105928d49d7d81df91c8a.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
21911
x-amz-cf-pop
JFK52-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
pendo.js
cdn.pendo.io/agent/static/9cf4f834-c596-4f1d-4ebf-6f62ee4e8a9c/ 		490 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pendo.io/agent/static/9cf4f834-c596-4f1d-4ebf-6f62ee4e8a9c/pendo.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.213.229 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
229.213.36.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
20e822e5a96749f3c672e69e0f3b05a3b9e3f52d7c53c85aca32a3906c5abf21
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration
1
access-control-expose-headers
*
content-encoding
gzip
x-goog-hash
crc32c=eUv6BQ==, md5=NALWJl+PHPktXpuR45Vrgg==
etag
"3402d6265f8f1cf92d5e9b91e3956b82"
age
433
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
163386
date
Mon, 23 Dec 2024 15:05:19 GMT
last-modified
Fri, 20 Dec 2024 17:17:46 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
x-guploader-uploadid
AFiumC4uYiN0bQT9vSpH3IIP0v8527aATUFh_BYzj-2em5XMdb9muXtPUmPsZ2dnRU7r0DWhw796SiU
strict-transport-security
max-age=63072000; includeSubDomains
cache-control
public,max-age=450
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1734715066480188
content-length
163386
server
UploadServer
9cf4f834-c596-4f1d-4ebf-6f62ee4e8a9c
data.pendo.io/data/ptm.gif/ 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.pendo.io/data/ptm.gif/9cf4f834-c596-4f1d-4ebf-6f62ee4e8a9c?v=2.259.2_prod&ct=1734966752593&jzb=eJzNU11v2jwU_i--JuCvOB93aK20alNBA16NTVPkxqazmtip44BYxX_vMSDa3fTiVaX1zj4n5zwffvLzCYV9p1GJjNI2mM0ejdCdd7te-yqYFjokY7wQIktpmokR2preBOcro2Coml_fXs2qZVUUqqhzyROhBU94rUSSY8wTyYjmOOebWjPYLOvaDTachrM8h9LgGzj_DqHry8mkk_tx0L3zxo1r18Z7Yt0Ovuu863pUPiHXqOr1Hjs0zXvTOgCe9GDIUt7dXDDC6YI8SR8Whirx-JWsNu4zbNh42epjc0r0-osprqcCy127NtDs9eOgbQ1eYjB3D_pQyUR-GF3Mb3WQbxqffwDjzwTi8X9x0HZrvLMt2ArT82-zq9Wn5c3sFlr10AfXgvK4mHCWkZSz6KprK2CCyuAHDSq6buEGH51E8-kaBhtp7wd5HwvaVqtFfLmz1gvPk1wl4flkr48QUBohC08WvXdWgXgQHYl4LYOGgEWKFFOW4DRhZElEyXCZ4nHOBRbZj5eETC9oUAKQuJKyCaETGOewcqt9b5yN5TFNizGtwFH17hHrI8ixvar_GOvm_r_vpBkettu_EkguCRS0eJXAxkn1ZgKLD5DASPJMjdIi_UcW0pefmODDr2eGZqCu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.204.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
85.204.107.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=63072000
access-control-max-age
600
cache-control
no-store
x-envoy-upstream-service-time
52
access-control-allow-credentials
false
x-content-type-options
nosniff
access-control-allow-methods
GET,POST
via
1.1 google
access-control-allow-origin
*
alt-svc
clear
content-length
42
date
Mon, 23 Dec 2024 15:12:32 GMT
content-type
image/gif
server
istio-envoy
access-control-allow-headers
*
9cf4f834-c596-4f1d-4ebf-6f62ee4e8a9c
data.pendo.io/data/guide.js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://data.pendo.io/data/guide.js/9cf4f834-c596-4f1d-4ebf-6f62ee4e8a9c?id=18&jzb=eJydkE9vozAQxb-Lz_wx2BDgFjU95JJETVKpe7Fce5IiYRsZk1VV5btnnJXofW_DM795b94PufVTH5zfatIRcXjdbfbiJNpWt6qRPK2h5ilXuk4bSnkqWQGcNvyigJGESKXcbMOTXTUNKrMfcP4KYZy6PB_ldxZgcr53mXImfqfW_cX_3KDff43tPAwJMRCklkGSbkkVx_5_koG99d5ZAzYgfXjbb84vp-1-h09qnoIz4EVcXHC2KirOEnLxzggMSLrgZ8DbxvHoZq8g8usPBAdpr7O8RgGsOB_JfWlgyfmvhXjFp5zgaYFSQqw0kTPOauwEu4hBPMgAWsgYsaQlS2mVsuJU1B2jXUWzhte0Xv2JPqP0eMp6cUMJTeLKkuVFmSPOceUN_NQ7G-WsrNqsFKN3mtzvDwH9lKE&v=2.259.2_prod&ct=1734966752595
Requested by
Host: cdn.pendo.io
URL: https://cdn.pendo.io/agent/static/9cf4f834-c596-4f1d-4ebf-6f62ee4e8a9c/pendo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.204.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
85.204.107.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
3b5ebbd0163572797710570f676fad2349ab6293f67b2c73ce9fd928fd228220
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=63072000
access-control-max-age
600
cache-control
no-store
content-encoding
gzip
x-envoy-upstream-service-time
41
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
x-content-type-options
nosniff
via
1.1 google
access-control-allow-origin
*
alt-svc
clear
date
Mon, 23 Dec 2024 15:12:32 GMT
content-type
application/javascript
server
istio-envoy
access-control-allow-headers
*
9cf4f834-c596-4f1d-4ebf-6f62ee4e8a9c
data.pendo.io/data/guide.gif/ 		42 B
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.pendo.io/data/guide.gif/9cf4f834-c596-4f1d-4ebf-6f62ee4e8a9c?jzb=eJwFwIEIAAAAwDDQd3-N1QABFQC5&ct=1734966752596&v=2.259.2_prod
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.204.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
85.204.107.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=63072000
access-control-max-age
600
cache-control
no-store
x-envoy-upstream-service-time
2
access-control-allow-credentials
false
x-content-type-options
nosniff
access-control-allow-methods
GET,POST
via
1.1 google
access-control-allow-origin
*
alt-svc
clear
content-length
42
date
Mon, 23 Dec 2024 15:12:32 GMT
content-type
image/gif
server
istio-envoy
access-control-allow-headers
*
_CDsnqdIlg0gPueP5JAySHE-Mtw.dom.jsonp
pendo-static-6266681333514240.storage.googleapis.com/guide-content/dHrHQLN53tjaN1zVXvB_m6GZZqg/gpp2qE4TaF2dCLtHuHTqEaSstWA/ 		12 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pendo-static-6266681333514240.storage.googleapis.com/guide-content/dHrHQLN53tjaN1zVXvB_m6GZZqg/gpp2qE4TaF2dCLtHuHTqEaSstWA/_CDsnqdIlg0gPueP5JAySHE-Mtw.dom.jsonp?sha256=DPzDwQK0HWZQDp1u7mgRMn9hFTdt1_a2-TtJFl75-uQ
Requested by
Host: cdn.pendo.io
URL: https://cdn.pendo.io/agent/static/9cf4f834-c596-4f1d-4ebf-6f62ee4e8a9c/pendo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::201b , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
0cfcc3c102b41d66500e9d6eee6811327f6115376dd7f6b6f93b49165ef9fae4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration
1
access-control-expose-headers
*
content-encoding
gzip
x-goog-hash
crc32c=TowIuA==, md5=2X/Tu7xIjNntksQQzE+pfQ==
etag
"d97fd3bbbc488cd9ed92c410cc4fa97d"
age
1166
x-goog-stored-content-encoding
gzip
expires
Mon, 23 Dec 2024 15:53:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
1899
date
Mon, 23 Dec 2024 14:53:07 GMT
last-modified
Fri, 27 Sep 2024 18:56:53 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
x-guploader-uploadid
AFiumC7EAHSjCcHrJsZ4_ggx2jeKdGKx9YMOoumJw6v_U71k5EUQQ8HoBL95FKy1S3oNTon9G3e4auU
cache-control
public, max-age=3600
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1727463413417875
content-length
1899
server
UploadServer
9cf4f834-c596-4f1d-4ebf-6f62ee4e8a9c
data.pendo.io/data/ptm.gif/ 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.pendo.io/data/ptm.gif/9cf4f834-c596-4f1d-4ebf-6f62ee4e8a9c?v=2.259.2_prod&ct=1734966753207&jzb=eJztUl1v2jAU_S9-TiCOHefjDY1qq7YWNGAanabIJDetVWIHxwGxiv_ea6qx7mHSNGl72ptzLvd8XM6XJ-KOHZCCtOAkCcjGmkMPtnSqRZSmjOdCpAmLIxqQveqVM7ZUNS6U86vb6axclnle51UmeShA8JBXtQizKOKhZBR4lPGmAobMsqrMoN3LcpplCA12i-8H57q-GI87eRw56I1VZlSZ1n-H2hzwd501XU-Kp-8G_POPPIDeK2t0C9rh9vzjbLp6s7ye3eKoGnpnWkzuiSlnKU04C0hjTVuiE1I4OwCm6LqFGWzlTzafrHFxK_X9IO89ALpcLcjpkvXi8yVuLZ3cyB7OEggFREt_ZdIaXWN4DO2NWJAO6lJ6i3EUszBKQkaXVBQsKpJolHFx50U6aTHH5CKFECp4vpiNaTzGXY58e7C9MtrDozjJR3GJ56x_ECzl5hr96GG7DQga9B_E0uRxoeJa7D7QVWPeIU9j0ex5OKGwfq_yq4mI5KFdKxz20HuR83hVfVPazO2nz3Q7PO735_FuAO2PhifdHPFfJoWIxSn4_folv6rfoGtolIb6b3fstdD_Iv2DIjVTevc2ZQ-7m-XuhuvVT0XilyIlaXz6-gzRMXtP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.204.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
85.204.107.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=63072000
access-control-max-age
600
cache-control
no-store
x-envoy-upstream-service-time
99
access-control-allow-credentials
false
x-content-type-options
nosniff
access-control-allow-methods
GET,POST
via
1.1 google
access-control-allow-origin
*
alt-svc
clear
content-length
42
date
Mon, 23 Dec 2024 15:12:33 GMT
content-type
image/gif
server
istio-envoy
access-control-allow-headers
*
9cf4f834-c596-4f1d-4ebf-6f62ee4e8a9c
data.pendo.io/data/guide.js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://data.pendo.io/data/guide.js/9cf4f834-c596-4f1d-4ebf-6f62ee4e8a9c?id=20&jzb=eJx1kE9v4jAQxb-Lz-SvnZDkhkoPXAAVqLR7sab2QC0RO3IcqqriuzNmpZy6N-dl3rzfvB92M6MJzm8065jcv27XO3mUk9V4NhY1WzBQyk02PAeWTUPK5K_0_gxhGLssG-A7DTg6b1yqXB-_E-u-aM5d9ftv29tWt6oBkdRYi0QoXSdNnosEeIEib8RZISd7jwE0BGDdTBmf5r-kaG_GO9ujDTSyf9utTy_HzW5Lv9Q0Btejl9FdCL4sKsEX7OxdLwmYdcFPSLcOw8FNXmH0r_6Q8Qr2MsElCmjl6cDucyMzzL9WIuoHjPiMIGnBLPTR1zurqSPqJoJ4hIBaQkQs85IneZXw4ljUHc-7Kk8bUf-NIQN4umM1R5FECXFfybOizMgraN8N_WicjXJaVm1aysE7ze73B2H0k4g&v=2.259.2_prod&ct=1734966753209
Requested by
Host: cdn.pendo.io
URL: https://cdn.pendo.io/agent/static/9cf4f834-c596-4f1d-4ebf-6f62ee4e8a9c/pendo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.204.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
85.204.107.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
1a03210c116e9c33fb5a9ee8dd89cc270ea6837530cc760d99a81637507000de
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=63072000
access-control-max-age
600
cache-control
no-store
content-encoding
gzip
x-envoy-upstream-service-time
24
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
x-content-type-options
nosniff
via
1.1 google
access-control-allow-origin
*
alt-svc
clear
date
Mon, 23 Dec 2024 15:12:33 GMT
content-type
application/javascript
server
istio-envoy
access-control-allow-headers
*
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.35 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f3.1e100.net
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://pay.tesorio.com
Referer
https://fonts.googleapis.com/

Response headers

age
266647
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 20 Dec 2025 13:08:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 13:08:26 GMT
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18596
x-xss-protection
0
server
sffe
9cf4f834-c596-4f1d-4ebf-6f62ee4e8a9c
data.pendo.io/data/guide.gif/ 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.pendo.io/data/guide.gif/9cf4f834-c596-4f1d-4ebf-6f62ee4e8a9c?v=2.259.2_prod&ct=1734966753964&jzb=eJwlkF1z2jAQRf-LnmmCP5ADb7ShcaaEtoPTNnQ6mg1aHLVYkqVVmDST_57Ffrw6Z69W-v0q6MWjWIg2GY1bRCsm4tlEQy4ooxmob6vN9VfVqGQ1HoxFzQbs9y5ZGo3q6oqPHoM7RQyKTMd9WVWUcymrWVHKYiJSOLL4ROTj4vLSw8sFYXTBuIu96875g3UnLvHB-SgWr-M6Y72uQ_19vZkV9Bc22f8fv54_qk7e7HZ9yxOjGAn9aLfe5_2qbOBzrj-tqU51069gG-nnku2AEJ1lDRI5zkewbYL2_AFDiqSS10CoFdD5FXlVyjKfFmVVTYROAcic56dvvCsEtNTA4y3fa9PxOBE0BhGy2b-tybXs19n9wdXcfQjQ4QCXGT58MfPVUk7h1D0YhhFj5N4BH66z3U1VPPV3TX9X2vsB9wntnreUb3_eAT22jIc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.204.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
85.204.107.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=63072000
access-control-max-age
600
cache-control
no-store
x-envoy-upstream-service-time
190
access-control-allow-credentials
false
x-content-type-options
nosniff
access-control-allow-methods
GET,POST
via
1.1 google
access-control-allow-origin
*
alt-svc
clear
content-length
42
date
Mon, 23 Dec 2024 15:12:34 GMT
content-type
image/gif
server
istio-envoy
access-control-allow-headers
*
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 59F6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
52.85.61.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-121.ewr53.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1233
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 23 Dec 2024 14:52:03 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Tue, 17 Dec 2024 22:17:51 GMT
origin-agent-cluster
?1
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 6f9ef5ae165c9835aa6935d9fb7e2072.cloudfront.net (CloudFront)
x-amz-cf-id
lHScacm5U9bpBggvsbZGX4-VocHF6Dirv3eY2Vpuek6sr4P4TKpJ9Q==
x-amz-cf-pop
EWR53-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame D27A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
52.85.61.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-121.ewr53.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1233
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 23 Dec 2024 14:52:03 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Tue, 17 Dec 2024 22:17:51 GMT
origin-agent-cluster
?1
server
Cloudfront
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 6f9ef5ae165c9835aa6935d9fb7e2072.cloudfront.net (CloudFront)
x-amz-cf-id
lHScacm5U9bpBggvsbZGX4-VocHF6Dirv3eY2Vpuek6sr4P4TKpJ9Q==
x-amz-cf-pop
EWR53-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| Sentry object| __SENTRY__ object| analytics object| __core-js_shared__ object| regeneratorRuntime object| FontAwesomeConfig object| ___FONT_AWESOME___ object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext object| webpackChunkStripeJSouter function| noop function| Stripe object| pendoDeps function| pendoLoader object| webpackJsonp_name_Integration function| setImmediate function| clearImmediate function| pendoIntegration object| pendo object| pendo_options object| _pendo_kqgygqQk function| normalize

3 Cookies

Domain/Path Name / Value
pay.tesorio.com/ Name: sessionid
Value: ywo9hzjlv63u6juxx5ukylw68o51ucmn
.tesorio.com/ Name: ajs_anonymous_id
Value: 99d9c8a4-6e64-4cd6-8004-a31e4084fce3
.tesorio.com/ Name: ajs_group_id
Value: 788

1 Console Messages

Source Level URL
Text
network error URL: https://pay.tesorio.com/api/v1/autopay_settings/
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy img-src * https: blob: data:; form-action 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; report-to csp-endpoint; base-uri 'self'; style-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; worker-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io blob:; default-src 'self' 'unsafe-eval' 'unsafe-inline' *.activepieces.com *.bootstrapcdn.com *.netsuite.com *.nyl.as *.nylas.com *.pendo.io *.plaid.com *.s3.amazonaws.com *.segment.com *.segment.io *.sentry-cdn.com *.sentry.io *.storage.googleapis.com *.stripe.com *.tesorio.com blob: https://*.au.intercom-attachments.com https://*.develop.my.salesforce.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments.eu https://*.intercom.io https://*.intercomassets.com https://*.intercomassets.eu https://*.intercomcdn.com https://*.intercomcdn.eu https://*.lightning.force.com https://*.salesforce.com https://*.visualforce.com https://browser-intake-datadoghq.com https://fast.wistia.net https://fonts.googleapis.com https://intercom-sheets.com https://intercom.help https://player.vimeo.com https://uploads.intercomusercontent.com https://www.intercom-reporting.com https://www.youtube.com wss://*.intercom.io 'unsafe-eval' tesorio-integrations-flat-files.s3.amazonaws.com tesorio-dashboard-media-files-production.s3.amazonaws.com; font-src * https:; frame-ancestors 'self' https://*.salesforce.com https://*.develop.my.salesforce.com https://*.lightning.force.com https://*.visualforce.com https://*.force.com; manifest-src 'self'; report-uri https://browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubf5c26cc97be54fb1b2d0c3a83793a312&dd-evp-origin=content-security-policy&ddsource=csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.segment.io
browser.sentry-cdn.com
cdn.pendo.io
cdn.segment.com
data.pendo.io
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
o249981.ingest.sentry.io
pay.tesorio.com
pendo-static-6266681333514240.storage.googleapis.com
tesorio-dashboard-media-files-production.s3.amazonaws.com
tracking.us.nylas.com
108.138.106.120
13.249.86.140
142.250.80.35
151.101.131.52
2607:f8b0:4006:80d::201b
2607:f8b0:4006:81f::200a
2a04:4e42:400::729
3.5.11.228
34.107.204.85
34.120.195.249
34.36.213.229
35.160.151.220
52.85.61.121
52.85.61.48
0595424161ea863805d9b92c0e52d7aa1e3c46ec58cd8f0d6933759006a5fb74
0cfcc3c102b41d66500e9d6eee6811327f6115376dd7f6b6f93b49165ef9fae4
0eaf2dde124a8fe23ab413c3600ce97912c2b4097c1c78b15c775faccdc09e0f
0fc92d4d78d236cfc51309f1eb5e6b133757edc17ea2403d95710def0c3d620e
116e6e44c5b426ff95812839d167a9a52c3510bb2759d02e235850580f103f39
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1a03210c116e9c33fb5a9ee8dd89cc270ea6837530cc760d99a81637507000de
1fe85783242cd1366298afb1464a713be0c038e9726f1164ccde027408f75e4d
20e822e5a96749f3c672e69e0f3b05a3b9e3f52d7c53c85aca32a3906c5abf21
2551426af56e4b89a8e7c8477290538e1d8ad9d26dacf7757298c1bad6af932b
265ac7549793e4b9d51f8ab19acc8518770ace94078790776b3ac34eb47e1bbd
2761484b56ee8f6634c5388c5866a55276efd1596aa26987f55e2309cbea9d95
2c09ae9c39bccd748b9dfad8202b0b87165cde2388a8fffaf35e6a6a8f5cef13
2f59b6043ba211f401728c5ccb942cea1dc5fb9400421886600d0b78e0d0fd6a
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a
38415f0456a06978032018256b3df5abc92460045d423150016b042440a8a9d3
38fbceaa1829df33ca086a15f00d1b2161efb4f6c500120ee34259e720b51022
3b5ebbd0163572797710570f676fad2349ab6293f67b2c73ce9fd928fd228220
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
4dee561ca92a0347d3e816ed4f61f1c2be9d098453aa9087f17f7bdbb65a8303
5e6bd82f8d339ad99e3ef57f1efa4f9a2e8dab1b8c2908e7dd5b220c81d3cf94
5e932fca8dd3751365257e09a36bcb6a581fa9c7f76b9f68071dbf328fa59a8c
6d8f4951c235a8db26d489db25b954875da8987f138f590972eddf60e610dd0c
8482bff60f7c8161dc9d1980760146ed0900ddf2ff7579aae35245ae5df03e11
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8e878b38c0c357b63eb23d45c6182fd4f1ac0e92a5601a7e27f04edcfad5b4af
98eafd72d3a10e93278e22da6b3253c8ee9f60ad06c53b83a0a1a51bfd74a0de
a192889f3b11609352b83e8f905b4a2425b960e1ff957fee3da2660e704c1e81
a7943580121cf9d12764b3501e6e9efcfc6ec1a8b3a940ce361f0dcc12a32eee
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
b183b65def146be3218aa4864770be5a11a64587e8d0ecc014911a38599e65d6
b5132c1012528fcf2b345cc647c7907001262043840f83e52b244f86b746350d
b5864f8b008648bda926ee12ee2397a433d730c304e65a6f65c0d7aa87a75598
babe3e8b998f6ef05c3eeb4ad565dff77d8e9cba3bcf7d53559f0a2492001643
c119ffd64fa0de6c2560b256a3bd4bc3900f2dee46b7ff282cc3a6f796366ba2
c224c0ccbd0e5cd574a11e6e52f28e7b95888d4aed2294ef84a94d83c745ac81
cacf8a32e69eabea7d57711f4ccbeed4d284e1bbd0789137936d388da707b9de
cc74a0faaca6977bf9fff163f226310cac4d2694684862b542faed8e174ee126
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
e74a6a0b16f16ab84e3e2173f8307cdb0c26fba47e457c40d4e3f1184880c4c3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f02ada791c6dcbf80d5858fe9659bd296d984ed5c56abeb026d32ff2a0a5bb85
f1b4468189524801068bb5c4942e34431122837f508a4164c708cec4b10126c6
f9846ee32274e622d38b9d78d5d45fbf028ed297629ff4bcc2fc7759f8ef0f03
fccd33b84ede0720c25e2b54d35cbf4066d2e6ff7981d043e860193faa78a55b
fd576f0b9f3a7da553a1f10dc955374e6e6ea76f762b006a01f94b5daf9a6571