urlscan.io logo urlscan.io
SecurityTrails logo

app.pdcflow.com Open in urlscan Pro
52.12.36.69  Public Scan

Go To Rescan Add Verdict Report
URL: https://app.pdcflow.com/8348982/barr1?id=853376
Submission: On December 09 via api from RU — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 1 countries across 7 domains to perform 24 HTTP transactions. The main IP is 52.12.36.69, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is app.pdcflow.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on October 4th 2024. Valid for: a year.
This is the only time app.pdcflow.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 52.12.36.69 16509 (AMAZON-02)
1 142.251.111.97 15169 (GOOGLE)
1 142.251.163.95 15169 (GOOGLE)
7 18.67.76.51 16509 (AMAZON-02)
1 142.251.163.104 15169 (GOOGLE)
1 142.251.163.138 15169 (GOOGLE)
1 44.239.239.254 16509 (AMAZON-02)
1 142.251.179.94 15169 (GOOGLE)
3 142.251.167.94 15169 (GOOGLE)
2 142.251.163.103 15169 (GOOGLE)
24 10
6    52.12.36.69 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-12-36-69.us-west-2.compute.amazonaws.com
app.pdcflow.com
1    142.251.111.97 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f97.1e100.net
www.googletagmanager.com
1    142.251.163.95 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f95.1e100.net
fonts.googleapis.com
7    18.67.76.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-76-51.iad89.r.cloudfront.net
cdnapp2.pdcflow.com
1    142.251.163.104 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f104.1e100.net
www.google.com
1    142.251.163.138 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f138.1e100.net
www.google-analytics.com
1    44.239.239.254 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-239-254.us-west-2.compute.amazonaws.com
ws.pdc4u.com
1    142.251.179.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f94.1e100.net
www.gstatic.com
3    142.251.167.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f94.1e100.net
fonts.gstatic.com
2    142.251.163.103 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f103.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
13 pdcflow.com
app.pdcflow.com
cdnapp2.pdcflow.com
2 MB
4 gstatic.com
www.gstatic.com
fonts.gstatic.com
286 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 3
968 B
1 pdc4u.com
ws.pdc4u.com
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
944 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
102 KB
24 7
Domain Requested by
7 cdnapp2.pdcflow.com app.pdcflow.com
cdnapp2.pdcflow.com
6 app.pdcflow.com app.pdcflow.com
3 fonts.gstatic.com fonts.googleapis.com
3 www.google.com app.pdcflow.com
www.gstatic.com
1 www.gstatic.com www.google.com
1 ws.pdc4u.com app.pdcflow.com
1 www.google-analytics.com www.googletagmanager.com
1 fonts.googleapis.com app.pdcflow.com
1 www.googletagmanager.com app.pdcflow.com
24 9

This site contains links to these domains. Also see Links.

Domain
www.pdcflow.com
Subject Issuer Validity Valid
*.pdcflow.com
Amazon RSA 2048 M02		 2024-10-04 -
2025-11-02		 a year crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.pdc4u.com
Amazon RSA 2048 M02		 2024-08-15 -
2025-09-13		 a year crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://app.pdcflow.com/8348982/barr1?id=853376
Frame ID: C8AA01034980D2A336549CC36C4E8924
Requests: 21 HTTP requests in this frame

Frame: https://ws.pdc4u.com/SecureOverlay/v2_0?styleName=FFE&iframeId=cardNumberEmbedded
Frame ID: 8E3A2E25C8582B974F261D7DF08BC288
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le4Mt4hAAAAAO46gW5IkBAaJUNoGiyMqvexH28Y&co=aHR0cHM6Ly9hcHAucGRjZmxvdy5jb206NDQz&hl=en&v=pPK749sccDmVW_9DSeTMVvh2&size=normal&cb=esfzzvxvgp2k
Frame ID: 196A49B945965D99F84B9C18A68F3F62
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=pPK749sccDmVW_9DSeTMVvh2&k=6Le4Mt4hAAAAAO46gW5IkBAaJUNoGiyMqvexH28Y
Frame ID: 2D54DCA2426E8D82C943068462C60897
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Make a Payment

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]+foundation[^>"]+css
  • <div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns
Overall confidence: 100%
Detected patterns
  • dataTables.*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

24
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

9
Subdomains

10
IPs

1
Countries

1965 kB
Transfer

2758 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request barr1
app.pdcflow.com/8348982/ 		96 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.pdcflow.com/8348982/barr1?id=853376
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.12.36.69 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-12-36-69.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
5b043ac43ef9bf010ec2b6e6a71ad7db12fc7bf4a8826d3e8d5055b811bd9acf
Security Headers
Name Value
Content-Security-Policy base-uri 'self';connect-src 'self' https://*.google-analytics.com https://fuse.flatirons.com/api/ https://forms.hsforms.com/ https://forms-na1.hubspot.com/;default-src 'none';font-src https://fonts.googleapis.com https://fonts.gstatic.com https://*.pdcflow.com;frame-src https://*.pdc4u.com https://www.google.com https://forms.hsforms.com/submissions/;frame-ancestors https://*.pdcflow.com;img-src data: https://*.pdcflow.com https://*.pdc4u.com https://*.google-analytics.com https://*.googletagmanager.com https://forms.hsforms.com https://forms-na1.hsforms.com;object-src 'none';script-src 'strict-dynamic' 'nonce-Z1Ocekdgio1Ib6njjqgg6C1NV6di9ga0';style-src 'unsafe-inline' https://fonts.googleapis.com https://*.pdcflow.com https://*.pdc4u.com
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, private
content-encoding
gzip
content-security-policy
base-uri 'self';connect-src 'self' https://*.google-analytics.com https://fuse.flatirons.com/api/ https://forms.hsforms.com/ https://forms-na1.hubspot.com/;default-src 'none';font-src https://fonts.googleapis.com https://fonts.gstatic.com https://*.pdcflow.com;frame-src https://*.pdc4u.com https://www.google.com https://forms.hsforms.com/submissions/;frame-ancestors https://*.pdcflow.com;img-src data: https://*.pdcflow.com https://*.pdc4u.com https://*.google-analytics.com https://*.googletagmanager.com https://forms.hsforms.com https://forms-na1.hsforms.com;object-src 'none';script-src 'strict-dynamic' 'nonce-Z1Ocekdgio1Ib6njjqgg6C1NV6di9ga0';style-src 'unsafe-inline' https://fonts.googleapis.com https://*.pdcflow.com https://*.pdc4u.com
content-type
text/html; charset=UTF-8
date
Mon, 09 Dec 2024 21:38:14 GMT
server
Apache
strict-transport-security
max-age=31536000; includeSubdomains;
vary
Accept-Encoding
x-content-type-options
nosniff
js
www.googletagmanager.com/gtag/ 		295 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-V609V7LG1B
Requested by
Host: app.pdcflow.com
URL: https://app.pdcflow.com/8348982/barr1?id=853376
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
9ad59ca524575b46273afc95d3d09d7dffa8605676773faabc5094281c4adf6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app.pdcflow.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 09 Dec 2024 21:38:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 09 Dec 2024 21:38:14 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
103391
x-xss-protection
0
server
Google Tag Manager
css
fonts.googleapis.com/ 		3 KB
944 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic
Requested by
Host: app.pdcflow.com
URL: https://app.pdcflow.com/8348982/barr1?id=853376
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.95 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f95.1e100.net
Software
ESF /
Resource Hash
d52a5150edb54fde546e89151c657cbc4f83edb87452f5cd4662feaa006d5540
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app.pdcflow.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 09 Dec 2024 21:38:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 09 Dec 2024 21:38:14 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Mon, 09 Dec 2024 20:06:57 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
jquery_select2.css
app.pdcflow.com/css/ 		15 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.pdcflow.com/css/jquery_select2.css
Requested by
Host: app.pdcflow.com
URL: https://app.pdcflow.com/8348982/barr1?id=853376
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.12.36.69 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-12-36-69.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
3a7849f818877b23aad4ef6b700914e82ef253f55bbdb584774cf1e564660a01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app.pdcflow.com/8348982/barr1?id=853376

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip
etag
"3b9b-6289be1d08af9-gzip"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
2003
date
Mon, 09 Dec 2024 21:38:14 GMT
content-type
text/css
last-modified
Fri, 06 Dec 2024 15:43:53 GMT
server
Apache
vary
Accept-Encoding
jquery_datatables.css
app.pdcflow.com/css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.pdcflow.com/css/jquery_datatables.css
Requested by
Host: app.pdcflow.com
URL: https://app.pdcflow.com/8348982/barr1?id=853376
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.12.36.69 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-12-36-69.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
31b9f9aaa4049166f2a4f32787fe4f2745f9365098dcd03e5d85b0ee6ac5c03b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app.pdcflow.com/8348982/barr1?id=853376

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip
etag
"4634-6289be1d08af9-gzip"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
3488
date
Mon, 09 Dec 2024 21:38:14 GMT
content-type
text/css
last-modified
Fri, 06 Dec 2024 15:43:53 GMT
server
Apache
vary
Accept-Encoding
app.3044dbdc2df0ff4e298dc4aad870ae05.css
cdnapp2.pdcflow.com/foundation64/dist/assets/css/ 		639 KB
640 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnapp2.pdcflow.com/foundation64/dist/assets/css/app.3044dbdc2df0ff4e298dc4aad870ae05.css
Requested by
Host: app.pdcflow.com
URL: https://app.pdcflow.com/8348982/barr1?id=853376
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-51.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9adfa2aea58f46599e0d3b8041f498f2f684555aa5dfe3103b63a0d010981d51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app.pdcflow.com/

Response headers

x-amz-version-id
uGQGK5ypjhVe464.debsiR.Ob2cd85aX
etag
"3044dbdc2df0ff4e298dc4aad870ae05"
age
1711023
x-cache
Hit from cloudfront
x-amz-cf-id
Rs106A3Aq_LYsgZkAUAVT1hcA6P0b6OPeT_h-V9d7ZDJqVDnB--80w==
date
Wed, 20 Nov 2024 02:21:11 GMT
content-type
text/css
last-modified
Tue, 19 Nov 2024 20:29:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000
via
1.1 5035c434ac92f0eed9f2b400824fa6e8.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
654351
x-amz-cf-pop
IAD89-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
jquery.js
app.pdcflow.com/js/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.pdcflow.com/js/jquery.js
Requested by
Host: app.pdcflow.com
URL: https://app.pdcflow.com/8348982/barr1?id=853376
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.12.36.69 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-12-36-69.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
171a8d524d4360f34532628aa7e2be02010d9ea85a7490fe18d2cef04de852e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app.pdcflow.com/8348982/barr1?id=853376

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip
etag
"155ff-6289be1d0aa39-gzip"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
30377
date
Mon, 09 Dec 2024 21:38:14 GMT
content-type
application/javascript
last-modified
Fri, 06 Dec 2024 15:43:53 GMT
server
Apache
vary
Accept-Encoding
api.js
www.google.com/recaptcha/ 		1 KB
968 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: app.pdcflow.com
URL: https://app.pdcflow.com/8348982/barr1?id=853376
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.104 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f104.1e100.net
Software
ESF /
Resource Hash
b2522c89afa883bef0af1e6041edc46545c40c83ecbf6315ffb46f1c4d6e54bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app.pdcflow.com/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Mon, 09 Dec 2024 21:38:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Mon, 09 Dec 2024 21:38:14 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
portal.737348c133040cc434ca4ae479a5e6ba.js
cdnapp2.pdcflow.com/js/ 		25 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnapp2.pdcflow.com/js/portal.737348c133040cc434ca4ae479a5e6ba.js
Requested by
Host: app.pdcflow.com
URL: https://app.pdcflow.com/8348982/barr1?id=853376
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-51.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d126be675205ea1f36d3826fd5d8d7e7dfc07d8d41377b86e29ebe495bd08d2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app.pdcflow.com/

Response headers

x-amz-version-id
pbQrVi_i4Yd9XDYAAidsrg6fFV71vE0R
etag
"737348c133040cc434ca4ae479a5e6ba"
age
1663673
x-cache
Hit from cloudfront
x-amz-cf-id
Pk62C0PBmaaVFXLTiJAKSTLv804LnYK4sU7aoijAMtinVjTWMpc6jw==
date
Wed, 20 Nov 2024 15:30:22 GMT
content-type
application/javascript
last-modified
Wed, 20 Nov 2024 14:38:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000
via
1.1 5035c434ac92f0eed9f2b400824fa6e8.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
25605
x-amz-cf-pop
IAD89-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
app.e1193e10f73a3b0e594144a62d94aa95.js
cdnapp2.pdcflow.com/foundation64/dist/assets/js/ 		144 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnapp2.pdcflow.com/foundation64/dist/assets/js/app.e1193e10f73a3b0e594144a62d94aa95.js
Requested by
Host: app.pdcflow.com
URL: https://app.pdcflow.com/8348982/barr1?id=853376
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-51.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be21c95445605ce1f0625a4e926d91a64dd9a01093e2026744b0882159d4168a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app.pdcflow.com/

Response headers

x-amz-version-id
wtDzda2NLk2RdGNmSzRoroqMuGYhaYDz
etag
"e1193e10f73a3b0e594144a62d94aa95"
age
1663672
x-cache
Hit from cloudfront
x-amz-cf-id
G1ptEd0BDwOg9BxRQjRMNxCFaQbO-SM5lNzHR27gpW3NOZJprgvuJQ==
date
Wed, 20 Nov 2024 15:30:22 GMT
content-type
application/javascript
last-modified
Wed, 20 Nov 2024 14:38:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000
via
1.1 5035c434ac92f0eed9f2b400824fa6e8.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
147792
x-amz-cf-pop
IAD89-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
jquery_datatables.js
app.pdcflow.com/js/ 		162 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.pdcflow.com/js/jquery_datatables.js
Requested by
Host: app.pdcflow.com
URL: https://app.pdcflow.com/8348982/barr1?id=853376
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.12.36.69 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-12-36-69.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
717621fc2751a8554144e65b286c641ddd7f272d39b32682cddba048d591ff1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app.pdcflow.com/8348982/barr1?id=853376

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip
etag
"28829-6289be1d0aa39-gzip"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
51352
date
Mon, 09 Dec 2024 21:38:14 GMT
content-type
application/javascript
last-modified
Fri, 06 Dec 2024 15:43:53 GMT
server
Apache
vary
Accept-Encoding
global.776d49eca6d4c5be23003e81879f59c7.js
cdnapp2.pdcflow.com/js/ 		458 KB
459 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnapp2.pdcflow.com/js/global.776d49eca6d4c5be23003e81879f59c7.js
Requested by
Host: app.pdcflow.com
URL: https://app.pdcflow.com/8348982/barr1?id=853376
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-51.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
323fdc41d650e71bb41f6db3bc9b0393ea853d7f9b1b1d3f3d7d3049391c2430
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app.pdcflow.com/

Response headers

x-amz-version-id
It5hYhghmSCSdbuS2ksqnEyqmSgeg8fA
etag
"776d49eca6d4c5be23003e81879f59c7"
age
1711023
x-cache
Hit from cloudfront
x-amz-cf-id
vns-CeeeyGgv_Ks-IIMbF2ABp5R2y71CdpVa-WDID4RccpsyQ9RGVw==
date
Wed, 20 Nov 2024 02:21:12 GMT
content-type
application/javascript
last-modified
Tue, 19 Nov 2024 20:29:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000
via
1.1 5035c434ac92f0eed9f2b400824fa6e8.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
469295
x-amz-cf-pop
IAD89-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
language.en.c8e7a3d2dba063e77257df920ba3a74f.js
cdnapp2.pdcflow.com/js/ 		21 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnapp2.pdcflow.com/js/language.en.c8e7a3d2dba063e77257df920ba3a74f.js
Requested by
Host: app.pdcflow.com
URL: https://app.pdcflow.com/8348982/barr1?id=853376
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-51.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
20c32dde5e58eff827c529cacfb4a27eb1a590d03a70646bffd8ea0fab33e735
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app.pdcflow.com/

Response headers

x-amz-version-id
DXMDD_rvwwo8hUP0mxt4lCOunQQTIUPg
etag
"c8e7a3d2dba063e77257df920ba3a74f"
age
1711024
x-cache
Hit from cloudfront
x-amz-cf-id
8kinz7mH7-ND54o6H2_jy5eZ1ZUcigjq_pzkgGwtR18m6NwpWxb95w==
date
Wed, 20 Nov 2024 02:21:11 GMT
content-type
application/javascript
last-modified
Tue, 19 Nov 2024 20:29:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000
via
1.1 5035c434ac92f0eed9f2b400824fa6e8.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
21246
x-amz-cf-pop
IAD89-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-V609V7LG1B&gtm=45je4c90h2v871700776za200&_p=1733780294323&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485&cid=1659593378.1733780295&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1733780294&sct=1&seg=0&dl=https%3A%2F%2Fapp.pdcflow.com%2F8348982%2Fbarr1%3Fid%3D853376&dt=Make%20a%20Payment&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.debug_mode=true&tfd=1490
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V609V7LG1B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.138 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f138.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app.pdcflow.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://app.pdcflow.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 09 Dec 2024 21:38:15 GMT
content-type
text/plain
server
Golfe2
v2_0
ws.pdc4u.com/SecureOverlay/ Frame 8E3A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ws.pdc4u.com/SecureOverlay/v2_0?styleName=FFE&iframeId=cardNumberEmbedded
Requested by
Host: app.pdcflow.com
URL: https://app.pdcflow.com/8348982/barr1?id=853376
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.239.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-239-254.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-src https://wsalpha.pdc4u.com https://signupalpha.pdc4u.com; connect-src 'self'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src https://fonts.gstatic.com; script-src 'nonce-0Vx8mxDbNF3a3KDfZ1vZZ77qfmZKTn7CQTZAJonYj4o='; frame-ancestors https://*.pdcflow.com https://*.pdc4u.com;
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.pdcflow.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-language
en-US
content-length
1049
content-security-policy
default-src 'none'; frame-src https://wsalpha.pdc4u.com https://signupalpha.pdc4u.com; connect-src 'self'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src https://fonts.gstatic.com; script-src 'nonce-0Vx8mxDbNF3a3KDfZ1vZZ77qfmZKTn7CQTZAJonYj4o='; frame-ancestors https://*.pdcflow.com https://*.pdc4u.com;
content-type
text/html;charset=UTF-8
date
Mon, 09 Dec 2024 21:38:15 GMT
expires
0
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000; includeSubdomains;
vary
Accept-Encoding
via
1.1 ws_pdc4u
x-content-type-options
nosniff nosniff
x-frame-ancestors
frame-ancestors https://*.pdcflow.com https://*.pdc4u.com;
x-xss-protection
0
recaptcha__en.js
www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/ 		547 KB
216 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f94.1e100.net
Software
sffe /
Resource Hash
73dd640564004ec8730e7f3433b9dfaa6876ac3a27e6964a17834f07f6d56116
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.pdcflow.com
Referer
https://app.pdcflow.com/

Response headers

content-encoding
gzip
age
5172
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Tue, 09 Dec 2025 20:12:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 09 Dec 2024 20:12:03 GMT
last-modified
Mon, 11 Nov 2024 05:00:22 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
220753
x-xss-protection
0
server
sffe
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f94.1e100.net
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.pdcflow.com
Referer
https://fonts.googleapis.com/

Response headers

age
356553
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 05 Dec 2025 18:35:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 05 Dec 2024 18:35:42 GMT
last-modified
Tue, 02 May 2023 15:17:22 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
23580
x-xss-protection
0
server
sffe
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f94.1e100.net
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.pdcflow.com
Referer
https://fonts.googleapis.com/

Response headers

age
233806
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 07 Dec 2025 04:41:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 07 Dec 2024 04:41:29 GMT
last-modified
Tue, 02 May 2023 15:07:25 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
23040
x-xss-protection
0
server
sffe
fa-solid-900.woff2
cdnapp2.pdcflow.com/fontawesome/webfonts/ 		153 KB
154 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnapp2.pdcflow.com/fontawesome/webfonts/fa-solid-900.woff2
Requested by
Host: cdnapp2.pdcflow.com
URL: https://cdnapp2.pdcflow.com/foundation64/dist/assets/css/app.3044dbdc2df0ff4e298dc4aad870ae05.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-51.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.pdcflow.com
Referer
https://cdnapp2.pdcflow.com/foundation64/dist/assets/css/app.3044dbdc2df0ff4e298dc4aad870ae05.css

Response headers

access-control-max-age
86400
etag
"6c4eee562650e53cee32496bdfbe534b"
x-amz-version-id
6s5tK2g6hhu0BWoaOF5Dd_FguCGJtEZj
age
1663671
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
VwNMI3DRzTovbERyaq7DIb_DO8qT-xxhFd70YKD_JBwUogt1mMsSfQ==
date
Wed, 20 Nov 2024 15:30:25 GMT
content-type
font/woff2
vary
Origin
last-modified
Wed, 20 Nov 2024 14:38:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000
access-control-allow-credentials
true
via
1.1 5035c434ac92f0eed9f2b400824fa6e8.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
https://app.pdcflow.com
content-length
156496
x-amz-cf-pop
IAD89-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v24/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHjxsAXC-q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f94.1e100.net
Software
sffe /
Resource Hash
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.pdcflow.com
Referer
https://fonts.googleapis.com/

Response headers

age
236510
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 07 Dec 2025 03:56:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 07 Dec 2024 03:56:25 GMT
last-modified
Tue, 02 May 2023 15:14:26 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
24408
x-xss-protection
0
server
sffe
fa-regular-400.woff2
cdnapp2.pdcflow.com/fontawesome/webfonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnapp2.pdcflow.com/fontawesome/webfonts/fa-regular-400.woff2
Requested by
Host: cdnapp2.pdcflow.com
URL: https://cdnapp2.pdcflow.com/foundation64/dist/assets/css/app.3044dbdc2df0ff4e298dc4aad870ae05.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-51.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2bccecf0bc7e96cd5ce4003abeb3ae9ee4a3d19158c4e6edfd2df32d2f0d5721
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.pdcflow.com
Referer
https://cdnapp2.pdcflow.com/foundation64/dist/assets/css/app.3044dbdc2df0ff4e298dc4aad870ae05.css

Response headers

access-control-max-age
86400
etag
"023a4a925fa3fce0f66b769ef6bbb264"
x-amz-version-id
JHfU2OlgS6XnoA6WLQTfmd1X7It8r55N
age
1663672
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
dcoWQynq0-xwdIQrJBmHtmlr8D0WWUKO2w6gYEpkeKQrUKpgg8r-pw==
date
Wed, 20 Nov 2024 15:30:24 GMT
content-type
font/woff2
vary
Origin
last-modified
Wed, 20 Nov 2024 14:38:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000
access-control-allow-credentials
true
via
1.1 5035c434ac92f0eed9f2b400824fa6e8.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
https://app.pdcflow.com
content-length
25452
x-amz-cf-pop
IAD89-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
anchor
www.google.com/recaptcha/api2/ Frame 196A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le4Mt4hAAAAAO46gW5IkBAaJUNoGiyMqvexH28Y&co=aHR0cHM6Ly9hcHAucGRjZmxvdy5jb206NDQz&hl=en&v=pPK749sccDmVW_9DSeTMVvh2&size=normal&cb=esfzzvxvgp2k
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.103 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f103.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--5C2F1SuLYAGd9uIIEmnvw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.pdcflow.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce--5C2F1SuLYAGd9uIIEmnvw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Mon, 09 Dec 2024 21:38:15 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
favicon.ico
app.pdcflow.com/img/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://app.pdcflow.com/img/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.12.36.69 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-12-36-69.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
065c1259663f8756a67dd7705d5de256918cf1e456d18f22cfa31bc1f72b68f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app.pdcflow.com/8348982/barr1?transactionForm=CARD

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
etag
"47e-6289be1d0aa39"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
1150
date
Mon, 09 Dec 2024 21:38:16 GMT
content-type
image/vnd.microsoft.icon
last-modified
Fri, 06 Dec 2024 15:43:53 GMT
server
Apache
bframe
www.google.com/recaptcha/api2/ Frame 2D54 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=pPK749sccDmVW_9DSeTMVvh2&k=6Le4Mt4hAAAAAO46gW5IkBAaJUNoGiyMqvexH28Y
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.103 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f103.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yN3K2jCrJqp1Rs3Id8etjQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.pdcflow.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-yN3K2jCrJqp1Rs3Id8etjQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Mon, 09 Dec 2024 21:38:16 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

268 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| $ function| jQuery object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| formResetNew function| formResetCopy function| formResetBilling function| dashboardLoadForm function| applyStructure function| setButtonText function| setPaymentMethodRadio function| formObserver function| portalFormSubmitCallbackBefore function| portalFormSubmitCallbackAfter function| emailSendCallbackAfter function| emailScheduleSendCallbackAfter function| externalMessagePost function| enableDuplicateWarning function| applyCustomCss function| determineScheduleEligibility function| determineScheduleOption function| toggleScheduleField function| createScheduleDelay function| previewSchedule function| dtCallback_schedulePreview function| iframeChangeNotify object| stylesheet function| customStylesCopy function| stylesLoad function| stylesEditSave function| stylesEdit function| setStyles object| Foundation function| DataTable function| are_cookies_enabled function| natural_language_join function| createCookie function| getCookie function| deleteCookie function| commonColorboxParameters function| popup function| popupClose function| popupOnLoad function| popupOnComplete function| popupOnClosed function| moveDrawerToggle function| resizeDrawer function| resizeOverlayColorbox function| checkForHash function| preAjax function| clearErrors function| messengerOpen function| messengerUpdate function| messengerClose function| timeout function| resizeColorbox function| resizeDatatable function| getParameterByName function| enableButton function| disableButton function| formatCurrencyField function| number_format function| setTotalAmount function| setTotalAmountFromCalculatedFee function| initializeCombobox function| destroyDropdown function| comboboxConfig function| initializeDraggable function| draggableSort function| draggableMoveAll function| initializeAutocomplete function| autocompleteEvent function| emulateAutocomplete function| bankRoutingNumberAutocomplete function| storageAvailable function| storageKey function| storageRead function| storageWrite function| setFocus function| setFocusError function| infoToggler function| characterCounter function| getLanguageLine function| checkboxShowSelectedOnly function| executeAjax function| executeAjaxHandleErrorDisplay function| notificationDisplay function| dynamicTimezone function| getUrlParameter function| removeUrlParameters function| dateToString function| pad function| copyToClipboard function| detectIE function| escapeHtml function| makeExpandingArea function| setReceiptUrl function| getReceiptUrl function| loadInlineSet function| loadInlineGet function| updatePinListHelp function| populateReminderOptions function| getPinTemplateDetail function| setPinList function| updateList function| updateListData function| hideShow function| hideShowDropdownInitialize function| hideShowDropdown function| hideShowClosest function| setElementParse function| changeElementValue function| resetFormGlobal function| showEmailBubble function| screenInitialize function| toggleFieldType function| getRadioValue function| initializeCheckbox function| transactionModifyCallback function| ensureFunctionExists function| loaderPdc function| launchHubspot function| waitForHubspot function| popupOnCompleteTrigger function| cleanPaste function| toggleAccordions function| replaceBracketForSelector function| loadSlider function| loadSliderCallback function| refreshSlider function| sliderClose function| sliderCloseComplete function| sliderCloseCallbackSet function| sliderCloseCallbackRemove function| sliderCloseCallback function| getDirectiveSelector function| isCardTypeAllowed function| validateCardType function| cardAcceptedType function| resetCommonFields function| resetRepopulateReplace function| initializeSecureOverlay function| preloadReady function| preloadReadyBlock function| preloadReadyGo function| initiatePort function| sendMessage function| secureEntry function| secureEntryCallback function| apiKeyParse function| tokenizeSecureOverlay function| tokenizeData function| tokenizeBank function| tokenizeCard function| handleToken function| handleCardToken function| handleCardBulkToken function| handleAchToken function| handleAchBulkToken function| secureEntryPrep function| secureOverlayErrorParse function| secureOverlayErrorDisplay function| clearSecureEntry function| focusSecureOverlayInput function| zeroCostLookup function| zeroCostLookupCallback function| dialogReplace function| pnsDialog function| htmlDecode function| currentDate function| loadData function| fireCallbackFunction function| loadSimple function| openSearch function| validateForm function| changeDateRange function| bulkListCallback function| checkBatchIdCallback function| checkSettlementIdCallback function| eventListCallback function| departmentCallback function| directiveCallback function| employeeCallback function| groupCallback function| layoutReportCallback function| locationCallback function| originCallback function| populateDropdown function| updateSelectPlaceholder function| enableLocationInformationCallback function| toggleDirectiveBasedOnService function| emailMessageTypeToggle function| downloadReport function| applyStorageSetting function| applyStorageSettingPage function| downloadReportCallback function| validateSubmittedForm function| validateModel function| validateEmail function| validateNumeric function| validateRequired function| dt_initialize function| dt_configure function| dt_buildButtons function| dt_ajax_beforeSend function| dt_ajax_error function| slowQueryRetryReport function| slowQueryRetryCount function| slowQueryRetryCancelCallbackBefore function| slowQueryRetryRestartCallbackBefore function| slowQueryUpdateUrl function| dt_drawCallback function| dt_footerCallback function| enableTable function| addRow function| addRows function| updateRow function| updateCell function| deleteRow function| ajaxRefresh function| refreshWithNewUrl function| downloadResults function| activeRowGet function| activeRowSet function| doesTableExist function| setProcessingMessage function| dynamicColumnList function| columnResize function| initializeTables function| prepareAjax function| prepareConfirm function| callAjax function| ajaxDone function| ajaxFail function| ajaxComplete function| ajaxCallback function| hackReadonly function| showErrors function| reducePayloadVariable function| trackerAjaxAdd function| trackerAjaxRemove function| checkForTimeout function| checkForTimeoutCallback function| confirmSignOutCallback function| signOutContinue function| signOut function| setTimeoutHandle function| emailOptInCallback function| validateLiveCallback function| JQClass function| Messenger function| FormatNumber function| MathCalculate function| _anyNumberSort object| recaptcha object| closure_lm_943348

4 Cookies

Domain/Path Name / Value
app.pdcflow.com/ Name: FLOW-S
Value: WpYqjvCoNpTjVfP4XqD6pofXVr41WZ0SfQMFudCi
.pdcflow.com/ Name: _ga
Value: GA1.1.1659593378.1733780295
ws.pdc4u.com/ Name: JSESSIONID
Value: 5FF534AD015C9C1F022470009448ED55
.pdcflow.com/ Name: _ga_V609V7LG1B
Value: GS1.1.1733780294.1.1.1733780296.0.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy base-uri 'self';connect-src 'self' https://*.google-analytics.com https://fuse.flatirons.com/api/ https://forms.hsforms.com/ https://forms-na1.hubspot.com/;default-src 'none';font-src https://fonts.googleapis.com https://fonts.gstatic.com https://*.pdcflow.com;frame-src https://*.pdc4u.com https://www.google.com https://forms.hsforms.com/submissions/;frame-ancestors https://*.pdcflow.com;img-src data: https://*.pdcflow.com https://*.pdc4u.com https://*.google-analytics.com https://*.googletagmanager.com https://forms.hsforms.com https://forms-na1.hsforms.com;object-src 'none';script-src 'strict-dynamic' 'nonce-Z1Ocekdgio1Ib6njjqgg6C1NV6di9ga0';style-src 'unsafe-inline' https://fonts.googleapis.com https://*.pdcflow.com https://*.pdc4u.com
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.pdcflow.com
cdnapp2.pdcflow.com
fonts.googleapis.com
fonts.gstatic.com
ws.pdc4u.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
142.251.111.97
142.251.163.103
142.251.163.104
142.251.163.138
142.251.163.95
142.251.167.94
142.251.179.94
18.67.76.51
44.239.239.254
52.12.36.69
065c1259663f8756a67dd7705d5de256918cf1e456d18f22cfa31bc1f72b68f8
171a8d524d4360f34532628aa7e2be02010d9ea85a7490fe18d2cef04de852e3
20c32dde5e58eff827c529cacfb4a27eb1a590d03a70646bffd8ea0fab33e735
2bccecf0bc7e96cd5ce4003abeb3ae9ee4a3d19158c4e6edfd2df32d2f0d5721
31b9f9aaa4049166f2a4f32787fe4f2745f9365098dcd03e5d85b0ee6ac5c03b
323fdc41d650e71bb41f6db3bc9b0393ea853d7f9b1b1d3f3d7d3049391c2430
3a7849f818877b23aad4ef6b700914e82ef253f55bbdb584774cf1e564660a01
5b043ac43ef9bf010ec2b6e6a71ad7db12fc7bf4a8826d3e8d5055b811bd9acf
717621fc2751a8554144e65b286c641ddd7f272d39b32682cddba048d591ff1b
73dd640564004ec8730e7f3433b9dfaa6876ac3a27e6964a17834f07f6d56116
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9ad59ca524575b46273afc95d3d09d7dffa8605676773faabc5094281c4adf6b
9adfa2aea58f46599e0d3b8041f498f2f684555aa5dfe3103b63a0d010981d51
9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2
b2522c89afa883bef0af1e6041edc46545c40c83ecbf6315ffb46f1c4d6e54bd
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
be21c95445605ce1f0625a4e926d91a64dd9a01093e2026744b0882159d4168a
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
d126be675205ea1f36d3826fd5d8d7e7dfc07d8d41377b86e29ebe495bd08d2e
d52a5150edb54fde546e89151c657cbc4f83edb87452f5cd4662feaa006d5540