urlscan.io logo urlscan.io
SecurityTrails logo

go.payfwds.com Open in urlscan Pro
54.93.101.66  Public Scan

Go To Rescan Add Verdict Report
URL: https://go.payfwds.com/
Submission: On January 08 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 12 domains to perform 37 HTTP transactions. The main IP is 54.93.101.66, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is go.payfwds.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 30th 2020. Valid for: 2 years.
This is the only time go.payfwds.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 54.93.101.66 16509 (AMAZON-02)
2 13.224.94.52 16509 (AMAZON-02)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
2 2600:9000:219... 16509 (AMAZON-02)
14 13.224.89.26 16509 (AMAZON-02)
1 1 52.22.210.37 14618 (AMAZON-AES)
1 52.216.144.75 16509 (AMAZON-02)
1 2600:9000:219... 16509 (AMAZON-02)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 104.26.8.183 13335 (CLOUDFLAR...)
1 4 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 3.212.31.157 14618 (AMAZON-AES)
37 14
1    54.93.101.66 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-101-66.eu-central-1.compute.amazonaws.com
go.payfwds.com
2    13.224.94.52 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-94-52.zrh50.r.cloudfront.net
builder-assets.unbounce.com
1    2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)
stackpath.bootstrapcdn.com
2    2600:9000:2190:e600:1d:11cf:5800:93a1 (United States)

ASN16509 (AMAZON-02, US)
d34qb8suadcc4g.cloudfront.net
14    13.224.89.26 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-89-26.zrh50.r.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
1    52.22.210.37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-210-37.compute-1.amazonaws.com
app.unbouncepreview.com
1    52.216.144.75 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
user-assets-unbounce-com.s3.amazonaws.com
1    2600:9000:2190:c00:d:1c5c:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.calendly.com
4    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    104.26.8.183 (United States)

ASN13335 (CLOUDFLARENET, US)
code.tidio.co
4    2606:4700:20::ac43:4703 (United States)

ASN13335 (CLOUDFLARENET, US)
widget-v4.tidiochat.com
4    2a02:26f0:6c00::210:ba2a (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
1    2a02:26f0:6c00:28d::19fd (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
1    2606:4700:10::6814:f774 (United States)

ASN13335 (CLOUDFLARENET, US)
calendly.com
1    3.212.31.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-31-157.compute-1.amazonaws.com
events.ub-analytics.com
Domain Requested by
14 d9hhrg4mnvzow.cloudfront.net go.payfwds.com
4 use.typekit.net go.payfwds.com
use.typekit.net
4 widget-v4.tidiochat.com 1 redirects go.payfwds.com
code.tidio.co
4 cdnjs.cloudflare.com go.payfwds.com
2 d34qb8suadcc4g.cloudfront.net go.payfwds.com
d34qb8suadcc4g.cloudfront.net
2 builder-assets.unbounce.com go.payfwds.com
1 events.ub-analytics.com go.payfwds.com
1 calendly.com assets.calendly.com
1 p.typekit.net use.typekit.net
1 code.tidio.co 1 redirects
1 assets.calendly.com go.payfwds.com
1 user-assets-unbounce-com.s3.amazonaws.com go.payfwds.com
1 app.unbouncepreview.com 1 redirects
1 stackpath.bootstrapcdn.com go.payfwds.com
1 go.payfwds.com
37 15

This site contains no links.

Subject Issuer Validity Valid
try.unbounce.com
Sectigo RSA Domain Validation Secure Server CA		 2020-05-30 -
2022-05-30		 2 years crt.sh
*.unbounce.com
Amazon		 2020-04-08 -
2021-05-08		 a year crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2020-09-22 -
2021-10-12		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2020-05-26 -
2021-04-21		 a year crt.sh
*.s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2019-11-09 -
2021-03-12		 a year crt.sh
*.calendly.com
Go Daddy Secure Certificate Authority - G2		 2018-01-08 -
2021-04-07		 3 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-21 -
2021-10-20		 a year crt.sh
use.typekit.net
DigiCert SHA2 Secure Server CA		 2020-01-28 -
2022-02-01		 2 years crt.sh
*.typekit.net
DigiCert SHA2 Secure Server CA		 2019-12-06 -
2021-12-10		 2 years crt.sh
*.ub-analytics.com
Amazon		 2020-06-08 -
2021-07-08		 a year crt.sh

This page contains 3 frames:

Primary Page: https://go.payfwds.com/
Frame ID: FFE96A610EB2C59CEBF6AB0984908638
Requests: 34 HTTP requests in this frame

Frame: https://calendly.com/payfwds/meet?embed_domain=go.payfwds.com&embed_type=Inline&primary_color=29518e
Frame ID: 0973C3F71167845ABCF84D79E0A37CDD
Requests: 1 HTTP requests in this frame

Frame: https://widget-v4.tidiochat.com//1_47_0/static/js/widget.5256de5ea994e67b7927.js
Frame ID: 4888A29FD1D0019EC87C8784AB0F6789
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

37
Requests

95 %
HTTPS

53 %
IPv6

12
Domains

15
Subdomains

14
IPs

4
Countries

608 kB
Transfer

1642 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://app.unbouncepreview.com/publish/assets/1d944051-7a03-44ab-8058-98855b1dc04d/61a195b9-partner-4.pn HTTP 302
  • https://user-assets-unbounce-com.s3.amazonaws.com/699d72b0-5a0e-434b-a4b2-d0b90a38636f/1d944051-7a03-44ab-8058-98855b1dc04d/partner-4.original.png
Request Chain 19
  • https://code.tidio.co/nwjxwktlo9llfaom5oo7pokbzoc98g23.js HTTP 302
  • https://widget-v4.tidiochat.com/nwjxwktlo9llfaom5oo7pokbzoc98g23.js HTTP 302
  • https://widget-v4.tidiochat.com/1_47_0/static/js/render.5256de5ea994e67b7927.js

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
go.payfwds.com/ 		42 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.payfwds.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.93.101.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-101-66.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
81c1d2cceda6a1e2e6cdb621c2f43883129765179f9af54acd56f1b4ec815f70

Request headers

Host
go.payfwds.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 12:22:40 GMT
content-type
text/html; charset=UTF-8
transfer-encoding
chunked
p3p
CP="This is not a privacy policy."
x-unbounce-pageid
c4c8c487-8db5-4313-b11a-13d649ca7607
etag
4e8cf60ad05e2b50d991733762c0d250
content-location
https://go.payfwds.com/
x-unbounce-visitorid
89.238.186.2431613455339439353
last-modified
Fri, 08 Jan 2021 12:22:33 GMT
x-unbounce-variant
a
link
<https://go.payfwds.com/>; rel="canonical"
set-cookie
ubpv=a%2Cc4c8c487-8db5-4313-b11a-13d649ca7607; Max-Age=15897600; Expires=Sun, 11 Jul 2021 12:22:40 GMT; Path=/; SameSite=Lax ubrs=weighted; Path=/; SameSite=Lax ubvs=89.238.186.2431613455339439353; Max-Age=15552000; Expires=Wed, 07 Jul 2021 12:22:40 GMT; Path=/; SameSite=Lax ubvt=89.238.186.2431613455339439353; Max-Age=259200; Expires=Mon, 11 Jan 2021 12:22:40 GMT; Path=/; Domain=payfwds.com; SameSite=Lax
content-encoding
gzip
x-proxy-backend
page-server
connection
close
main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by
Host: go.payfwds.com
URL: https://go.payfwds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.94.52 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-94-52.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

Referer
https://go.payfwds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 24 Nov 2020 03:11:27 GMT
content-encoding
gzip
last-modified
Tue, 13 Oct 2020 18:07:31 GMT
server
AmazonS3
age
3921074
etag
"28fa98fe25303c5ad925ec69772dc187"
x-cache
Hit from cloudfront
x-amz-version-id
4VmJ1x7od43SnXCa..jwUNq42n6sY1UH
via
1.1 b103085320b440f2b61bad94c412ff70.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
text/css
content-length
2902
x-amz-cf-id
XxpjunzlTJBzg6U1PbUO3FTRCuAxKSpHkTGE7oO3assBPtJDJJ--ZQ==
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/ 		156 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css
Requested by
Host: go.payfwds.com
URL: https://go.payfwds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 12:22:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 28 Nov 2019 17:52:46 GMT
etag
"1574963566"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
23681
ub.js
d34qb8suadcc4g.cloudfront.net/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d34qb8suadcc4g.cloudfront.net/ub.js?1605293159
Requested by
Host: go.payfwds.com
URL: https://go.payfwds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:e600:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
146713f310842933dc62d2bed7f0eaaf8a9cf3cdf72fd37610ef51e58378c8dc

Request headers

Referer
https://go.payfwds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 01 Jan 2021 02:16:05 GMT
content-encoding
gzip
last-modified
Fri, 13 Nov 2020 18:45:36 GMT
server
AmazonS3
age
641196
etag
"91086183e2039359e4bf5622dfb57722"
x-cache
Hit from cloudfront
x-amz-version-id
D6xyQ1UlRnHjPycouA5Yb4DYOQiJWBkd
via
1.1 cd66c5a89ae3376f15c155e3b52a758d.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
content-length
1992
x-amz-cf-id
5uWofeRGfn0sOtu-caOHNwdCqZqrKBS2keRh9VdB2c7ik51_KDtOvQ==
1c0b755d-logo.png
d9hhrg4mnvzow.cloudfront.net/go.payfwds.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/go.payfwds.com/1c0b755d-logo.png
Requested by
Host: go.payfwds.com
URL: https://go.payfwds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.89.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-89-26.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
210c0e856d0086d34f736011980b72f92cd3c603aec91b929ba8ada83d30df6e

Request headers

Referer
https://go.payfwds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 12:22:42 GMT
via
1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
last-modified
Fri, 08 Jan 2021 12:22:33 GMT
server
AmazonS3
x-amz-cf-pop
ZRH50-C1
etag
"e49a76427af90176c9bd8da58e7890b1"
x-cache
Miss from cloudfront
x-amz-version-id
WPP2yVgqxg9A4OKbrspWZ3hCmEqxQkuX
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/png
content-length
3593
x-amz-cf-id
CmUXdSJTMC-m9jHx0dKtlUbHRpYx_LRSIiFB_pj4CT1-P37s5HBBdA==
10ccaa7a-partner-1.svg
d9hhrg4mnvzow.cloudfront.net/go.payfwds.com/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/go.payfwds.com/10ccaa7a-partner-1.svg
Requested by
Host: go.payfwds.com
URL: https://go.payfwds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.89.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-89-26.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
683fa8586905aab296a41dcc4579a4f58bd540c12d449b7224ca2a20320fb141

Request headers

Referer
https://go.payfwds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 12:22:42 GMT
content-encoding
gzip
last-modified
Fri, 08 Jan 2021 12:22:33 GMT
server
AmazonS3
x-amz-cf-pop
ZRH50-C1
etag
W/"2e14981e2eda49ad8c1d01b5240f0c39"
vary
Accept-Encoding
x-cache
Miss from cloudfront
x-amz-version-id
.3brVpG2n9aUlYAE0YOk5BAB74BvFlrp
via
1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
cache-control
max-age=31557600
content-type
image/svg+xml
x-amz-cf-id
237Y3HPN1qOdFFBuqEXGSw571wovXbUaY8vEm_dDiwBU5-qQagb06A==
403b507c-partner-2.png
d9hhrg4mnvzow.cloudfront.net/go.payfwds.com/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/go.payfwds.com/403b507c-partner-2.png
Requested by
Host: go.payfwds.com
URL: https://go.payfwds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.89.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-89-26.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
932aeb2c1c6d89dd7b918ab8664c6515ec604eba01f56fa90765d071c9a24d49

Request headers

Referer
https://go.payfwds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 12:22:42 GMT
via
1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
last-modified
Fri, 08 Jan 2021 12:22:33 GMT
server
AmazonS3
x-amz-cf-pop
ZRH50-C1
etag
"0d3a6b9b9f41f3e3e2f5f7839ffcb152"
x-cache
Miss from cloudfront
x-amz-version-id
qn8lPi_OhvYFgJYx82xk2q9cmym3wcEA
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/png
content-length
10096
x-amz-cf-id
a1zD7g8Cq7iu-65AZYFV76rq5MMsfwpwVjIjfKSasSeZdEwSZ0DdcQ==
74dd86a8-partner-3.png
d9hhrg4mnvzow.cloudfront.net/go.payfwds.com/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/go.payfwds.com/74dd86a8-partner-3.png
Requested by
Host: go.payfwds.com
URL: https://go.payfwds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.89.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-89-26.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
73421bc92b2052621e13b046307c4abbbe76c913e308a431402dac61521765d5

Request headers

Referer
https://go.payfwds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 12:22:42 GMT
via
1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
last-modified
Fri, 08 Jan 2021 12:22:33 GMT
server
AmazonS3
x-amz-cf-pop
ZRH50-C1
etag
"07bf0d8c830eb46ebe37295f298434eb"
x-cache
Miss from cloudfront
x-amz-version-id
hsR4zoH79mfsldc89DxNT6E13G4Y5IYf
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/png
content-length
4523
x-amz-cf-id
VXk_gpome2Dkn2KM5jbx3bFj4GAoJO4JBUsCj82fwT6yUyjALB3yKQ==
partner-4.original.png
user-assets-unbounce-com.s3.amazonaws.com/699d72b0-5a0e-434b-a4b2-d0b90a38636f/1d944051-7a03-44ab-8058-98855b1dc04d/
Redirect Chain
  • https://app.unbouncepreview.com/publish/assets/1d944051-7a03-44ab-8058-98855b1dc04d/61a195b9-partner-4.pn
  • https://user-assets-unbounce-com.s3.amazonaws.com/699d72b0-5a0e-434b-a4b2-d0b90a38636f/1d944051-7a03-44ab-8058-98855b1dc04d/partner-4.original.png
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-assets-unbounce-com.s3.amazonaws.com/699d72b0-5a0e-434b-a4b2-d0b90a38636f/1d944051-7a03-44ab-8058-98855b1dc04d/partner-4.original.png
Requested by
Host: go.payfwds.com
URL: https://go.payfwds.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.144.75 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
412fae0ce913e0d679beeabac2f3e7b6d18979fee0e39e0c6240fc0127987e11

Request headers

Referer
https://go.payfwds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 08 Jan 2021 12:22:43 GMT
Last-Modified
Tue, 29 Dec 2020 23:28:24 GMT
Server
AmazonS3
x-amz-request-id
C5DB70621198C383
ETag
"24eb91b9a5650b80c587f04d25180388"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
13835
x-amz-id-2
0SzzBvW/Ah1dnqDAGy6LivsJnGk0kz63eCwCgycIR8O+r+VGVvIZmxVSQhzbG1YvuYzKNmwvABk=

Redirect headers

date
Fri, 08 Jan 2021 12:22:41 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-powered-by
lp-webapp 4eac945fb6, Phusion Passenger 6.0.7
status
302 Found
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block
x-request-id
c681d7ce-f069-4147-b155-0298618c71d9
x-server-instance
lp-webapp-6976c4dc96-6p2rx
x-runtime
0.015014
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.14.2 + Phusion Passenger 6.0.7
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
location
//user-assets-unbounce-com.s3.amazonaws.com/699d72b0-5a0e-434b-a4b2-d0b90a38636f/1d944051-7a03-44ab-8058-98855b1dc04d/partner-4.original.png
cache-control
no-cache
b813cedf-partner-5.png
d9hhrg4mnvzow.cloudfront.net/go.payfwds.com/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/go.payfwds.com/b813cedf-partner-5.png
Requested by
Host: go.payfwds.com
URL: https://go.payfwds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.89.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-89-26.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
93fe67ec2f8a187770a95e78364b692de21aa092d55a4225abfd2513e8821245

Request headers

Referer
https://go.payfwds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 12:22:42 GMT
via
1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
last-modified
Fri, 08 Jan 2021 12:22:33 GMT
server
AmazonS3
x-amz-cf-pop
ZRH50-C1
etag
"a42b8d9fe837f86dad37d33a0a772e3d"
x-cache
Miss from cloudfront
x-amz-version-id
umISQ0FnXJtnm39MN.1nr1by.ncTbSqd
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/png
content-length
8423
x-amz-cf-id
hV3LY0PXACf7PpXMuEbTzqX2-0M1RezRwtWq8qhl6ZNToJBW02a4SA==
91f29e17-icon-1.png
d9hhrg4mnvzow.cloudfront.net/go.payfwds.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/go.payfwds.com/91f29e17-icon-1.png
Requested by
Host: go.payfwds.com
URL: https://go.payfwds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.89.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-89-26.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
59b8ffd42678528bfab786ac3af989b26b2f86920c0a42ece7accdf67b25f099

Request headers

Referer
https://go.payfwds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 12:22:42 GMT
via
1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
last-modified
Fri, 08 Jan 2021 12:22:33 GMT
server
AmazonS3
x-amz-cf-pop
ZRH50-C1
etag
"a0d6985c9f988f42b001cf2b28b1966e"
x-cache
Miss from cloudfront
x-amz-version-id
jqrCzvoZX8GnCve2SN5e55qlQApn9fss
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/png
content-length
2124
x-amz-cf-id
xoKmvlP6XDliEMyLL0q_XiIYs-MoVP4g1Z5J0p4dXClDxr_G9l24JA==
4e026e19-icon-2.png
d9hhrg4mnvzow.cloudfront.net/go.payfwds.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/go.payfwds.com/4e026e19-icon-2.png
Requested by
Host: go.payfwds.com
URL: https://go.payfwds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.89.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-89-26.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f77184889ba31a16a59b6bcdf366df1f0bd81629b90767bacdc1ed5dd2889326

Request headers

Referer
https://go.payfwds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 12:22:42 GMT
via
1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
last-modified
Fri, 08 Jan 2021 12:22:33 GMT
server
AmazonS3
x-amz-cf-pop
ZRH50-C1
etag
"847eb077b6dbf5a8e9dce6eb5fe6b377"
x-cache
Miss from cloudfront
x-amz-version-id
NSZWJ2dGOLc9pGv7vQNDqUFnCUhW4_F2
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/png
content-length
2113
x-amz-cf-id
-R_Szcx74qu4v5dYBN8hM58oNF8DBRV2-jwdS-UFrp06y8KAG27PYA==
43c39b02-icon-3.png
d9hhrg4mnvzow.cloudfront.net/go.payfwds.com/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/go.payfwds.com/43c39b02-icon-3.png
Requested by
Host: go.payfwds.com
URL: https://go.payfwds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.89.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-89-26.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7babfcf626ec542696be0068718e3e85c70029432b435c9c0aace9e212ecba65

Request headers

Referer
https://go.payfwds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 12:22:42 GMT
via
1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
last-modified
Fri, 08 Jan 2021 12:22:33 GMT
server
AmazonS3
x-amz-cf-pop
ZRH50-C1
etag
"dce17f2aabf4f148bc3dbd8bedf2ced4"
x-cache
Miss from cloudfront
x-amz-version-id
YJJifaN2d_4Ub0W0jQatg.rYCbWc5CQu
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/png
content-length
2380
x-amz-cf-id
lv2inyIKdJOHNoqxBV8GbV4wemsesL6nH82bioo5UGxVdt7S7gCE0Q==
f0020171-icon-4.png
d9hhrg4mnvzow.cloudfront.net/go.payfwds.com/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/go.payfwds.com/f0020171-icon-4.png
Requested by
Host: go.payfwds.com
URL: https://go.payfwds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.89.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-89-26.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c65958c2e1c2219f0ee8d54ede5710544a354e92d1de7a2d6c0673a45b486cc4

Request headers

Referer
https://go.payfwds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 12:22:42 GMT
via
1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
last-modified
Fri, 08 Jan 2021 12:22:33 GMT
server
AmazonS3
x-amz-cf-pop
ZRH50-C1
etag
"a10752d672c3ffe517000737d93395f6"
x-cache
Miss from cloudfront
x-amz-version-id
0cX2Vgg.5D.PxfkL_Knl5wAeuIDLCW33
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/png
content-length
2319
x-amz-cf-id
juxUXzslMjsidrNjtaWvC4f-_yb71pU3fwJaLelfeGijs9UW86SaOw==
e105efb2-icon-5.png
d9hhrg4mnvzow.cloudfront.net/go.payfwds.com/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/go.payfwds.com/e105efb2-icon-5.png
Requested by
Host: go.payfwds.com
URL: https://go.payfwds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.89.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-89-26.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ac253c4713034444354ed296dbd3026271635199c01396abca64a20b36bd6f23

Request headers

Referer
https://go.payfwds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 12:22:42 GMT
via
1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
last-modified
Fri, 08 Jan 2021 12:22:33 GMT
server
AmazonS3
x-amz-cf-pop
ZRH50-C1
etag
"75c3f9843b806ecd89073fd3dfc3e2d4"
x-cache
Miss from cloudfront
x-amz-version-id
qse6j7jOMuKOk_UFuoRguyU5X62IQD0R
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/png
content-length
2536
x-amz-cf-id
iFeyz73ub0IL4Lj9ni5eGhxGiTZkPSUmA0wgF8v9ot22rMP5CrEJLw==
347b25b5-icon-6.png
d9hhrg4mnvzow.cloudfront.net/go.payfwds.com/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/go.payfwds.com/347b25b5-icon-6.png
Requested by
Host: go.payfwds.com
URL: https://go.payfwds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.89.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-89-26.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
326188347e8d3970243e8f26bbc3005161bd30e6f3a16ace046469b35889ffa0

Request headers

Referer
https://go.payfwds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 12:22:42 GMT
via
1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
last-modified
Fri, 08 Jan 2021 12:22:33 GMT
server
AmazonS3
x-amz-cf-pop
ZRH50-C1
etag
"126e8a3db0a6a7098da0a5921a5eeba0"
x-cache
Miss from cloudfront
x-amz-version-id
Jq8qoy1UxNN2H8LBPhs70strEb49PW4W
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/png
content-length
2440
x-amz-cf-id
Xpsu58B3DD0G__AgqDOVfTZ1GQgMGopr5Fzw1ghZuHS2vr4WoJxqIA==
b2b45b89-icon-7.png
d9hhrg4mnvzow.cloudfront.net/go.payfwds.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/go.payfwds.com/b2b45b89-icon-7.png
Requested by
Host: go.payfwds.com
URL: https://go.payfwds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.89.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-89-26.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
23419ac9d2e02d311368ad8bed67d83f26e6b90a7bdf9bf898bd246313c5e7a9

Request headers

Referer
https://go.payfwds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 12:22:42 GMT
via
1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
last-modified
Fri, 08 Jan 2021 12:22:33 GMT
server
AmazonS3
x-amz-cf-pop
ZRH50-C1
etag
"f10471be30d4f300dc346429b6ad3d74"
x-cache
Miss from cloudfront
x-amz-version-id
TXgx0ucMEYrfmC..o5hnvMifJpazvzQQ
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/png
content-length
1953
x-amz-cf-id
xBqqct6fSktKPk0bNY_kMr4xVHxOZw_koB4OtLX7-QyfARlWjcPALg==
widget.js
assets.calendly.com/assets/external/ 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.calendly.com/assets/external/widget.js
Requested by
Host: go.payfwds.com
URL: https://go.payfwds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:c00:d:1c5c:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ef1f35dba8c73d124c0b01211f4da3277c39f1ad2f25d02f4beb62c876e215e
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload

Request headers

Referer
https://go.payfwds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
DYNAMIC
x-amz-cf-pop
ZRH50-C1
x-cache
RefreshHit from cloudfront
content-length
6026
cf-request-id
078022688a0000cd220a117000000001
access-control-allow-origin
*
last-modified
Thu, 07 Jan 2021 19:46:17 GMT
server
cloudflare
date
Fri, 08 Jan 2021 12:22:40 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
via
1.1 vegur, 1.1 a63182cf51dce7998774e112bf9ee7c6.cloudfront.net (CloudFront)
cf-ray
60e06cedaef0cd22-FCO
x-amz-cf-id
J8srjViwoJjVCv4BQDaWpOWM82Ji8TBZtDk38kV9HIKxhbEd_4DFGA==
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: go.payfwds.com
URL: https://go.payfwds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://go.payfwds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 12:22:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
137126
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
27433
cf-request-id
07838bfdfc000005bfde1af000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-1538f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PLbzFvwDNMU8K6882ixPB5lgMy5v3EDIjZxkTT%2BD4DLvtNgtHMSkiqoeUbjbdoFefMBK8mFeOQds0exEEVtKV6ctWQcPAWeThOqcQIaToVJ0Zd04XfW3grcWCFbUcGShbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
60e5e2a99d7805bf-FRA
expires
Wed, 29 Dec 2021 12:22:40 GMT
slick.min.js
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 		43 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.min.js
Requested by
Host: go.payfwds.com
URL: https://go.payfwds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://go.payfwds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 12:22:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1153509
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
9564
cf-request-id
07838bfe31000005bf04b11000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:21 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fd5-ab69"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lW6J7IT7Qfavu%2FzRtLltiO2yAfpo%2FtCq1q4QjTIaE2%2FsLewagPtgAO1r9v%2BU3gAgQCicZhl6dXbbBCNDjm29lM5HLKX27E9iouCqIAQANHZmRQ%2B8N7JJZCbylTAzE4TYcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
60e5e2a9ee2505bf-FRA
expires
Wed, 29 Dec 2021 12:22:40 GMT
render.5256de5ea994e67b7927.js
widget-v4.tidiochat.com/1_47_0/static/js/
Redirect Chain
  • https://code.tidio.co/nwjxwktlo9llfaom5oo7pokbzoc98g23.js
  • https://widget-v4.tidiochat.com/nwjxwktlo9llfaom5oo7pokbzoc98g23.js
  • https://widget-v4.tidiochat.com/1_47_0/static/js/render.5256de5ea994e67b7927.js
15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com/1_47_0/static/js/render.5256de5ea994e67b7927.js
Requested by
Host: go.payfwds.com
URL: https://go.payfwds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4703 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54022ac2abddfb22a409afd804c6dde6df23a9bd8d63b1dee68b2a7a189ba568

Request headers

Referer
https://go.payfwds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 12:22:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 17 Dec 2020 11:15:41 GMT
server
cloudflare
age
2980
etag
W/"5fdb3ddd-3cd5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=q2uWgvFipACrgIkyxAr96qroaUhtE%2Fr6m4%2BSSXaOxauf9iuXRJyEP5jK9p0qcYp7ObbC9OX%2FTSECceLwIUtJnlhJe5ze7W3kHAr5rMHoTZJAkLGEn4GG7BiE%2BdaLHe8JQ5UaYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
60e5e2ad4bc04a79-FRA
cf-request-id
07838c004d00004a799e312000000001

Redirect headers

date
Fri, 08 Jan 2021 12:22:41 GMT
cf-cache-status
BYPASS
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FO3ialioojDVrh7vHvtoIS%2FftlB3NyndTeCVWbnXLJzCY0k9ySESj%2F5tmdbkeHf6iP3uZYzwOhv6ONhu0dwM%2Fkf3m%2B9gg7MUPm%2Foz%2Fe%2B03TkN1OmOBh0P87%2B4XsG%2BIEYFcMwgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://widget-v4.tidiochat.com/1_47_0/static/js/render.5256de5ea994e67b7927.js
cache-control
private, no-cache, no-store, must-revalidate
cf-ray
60e5e2aceae14a79-FRA
cf-request-id
07838c000d00004a79991d5000000001
main.bundle-5c6e41c.z.js
builder-assets.unbounce.com/published-js/ 		104 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js
Requested by
Host: go.payfwds.com
URL: https://go.payfwds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.94.52 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-94-52.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5c6e41cab44d3fc8958df6b852e4e728360a81d7a5fc3079b36e677cc07f8edb

Request headers

Referer
https://go.payfwds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 03:28:57 GMT
content-encoding
gzip
last-modified
Tue, 13 Oct 2020 18:07:24 GMT
server
AmazonS3
age
3315225
etag
"8f54ee429acc92c4ec90173c4494c176"
x-cache
Hit from cloudfront
x-amz-version-id
3Tf5CLt4Hplptlwy2gR6SrQuS3YM4exc
via
1.1 b103085320b440f2b61bad94c412ff70.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
content-length
33645
x-amz-cf-id
EQnadSjxA8zfLneDZv2agM_nOeo4gfJbRbAt5Wuex8R8BHODHlsPMQ==
slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 		1 KB
723 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.min.css
Requested by
Host: go.payfwds.com
URL: https://go.payfwds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://go.payfwds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 12:22:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1153508
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
394
cf-request-id
07838bfe07000005bfff0e1000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:21 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fd5-559"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FNJNQOQfEjuOYU%2BzoCsgunklJRsaTnhmzqq8YQ0FRHF6MsCawDKtSym%2FzJrEKNLjpZYNUME5GkC%2BSSAqdW9EVoPVx9uSv75k3cdZbDHvgrDZwQ9x8UYH%2FCVlD5T5HglIZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
60e5e2a9ad9b05bf-FRA
expires
Wed, 29 Dec 2021 12:22:40 GMT
slick-theme.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 		2 KB
1001 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick-theme.min.css
Requested by
Host: go.payfwds.com
URL: https://go.payfwds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://go.payfwds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 12:22:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
134054
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
657
cf-request-id
07838bfe07000005bff525b000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:21 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fd5-956"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7KSupVpXIv0drzidcYO1BVkK7ULXoKMZAanDRDLoMy%2BPZwaXQ0LtKeL595nvdyB0%2BlgYjmdqnIAOXkgqOcHrSuqvnXyifl7Q92GT2nRuh97Y%2FWuWQlv%2FUHFdvtTNGEDUWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
60e5e2a9ada005bf-FRA
expires
Wed, 29 Dec 2021 12:22:40 GMT
prl0lmm.css
use.typekit.net/ 		3 KB
873 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/prl0lmm.css
Requested by
Host: go.payfwds.com
URL: https://go.payfwds.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
4fe5d99f01496d6b4ea15aa9f0e8cf97a2dadd281317dc2754ea2fa57a4384cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://go.payfwds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Fri, 08 Jan 2021 12:22:41 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
timing-allow-origin
*
content-length
673
p.css
p.typekit.net/ 		5 B
149 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=prl0lmm&ht=tk&f=139.173.175&a=41027844&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/prl0lmm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28d::19fd , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer
https://use.typekit.net/prl0lmm.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 12:22:41 GMT
last-modified
Tue, 01 Sep 2020 23:51:26 GMT
server
nginx
etag
"5f4ede7e-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
5
b2d7ac2e-header-bg.jpg
d9hhrg4mnvzow.cloudfront.net/go.payfwds.com/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/go.payfwds.com/b2d7ac2e-header-bg.jpg
Requested by
Host: go.payfwds.com
URL: https://go.payfwds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.89.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-89-26.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
12e5b766d52b0f57fa76432c8ee9b07ae2dd12e8c40ca26863bb5456abcc44e3

Request headers

Referer
https://go.payfwds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 12:22:42 GMT
via
1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
last-modified
Fri, 08 Jan 2021 12:22:33 GMT
server
AmazonS3
x-amz-cf-pop
ZRH50-C1
etag
"68816f0ad5c54388f84f2b2073665d81"
x-cache
Miss from cloudfront
x-amz-version-id
cVeHgoi.rmHoHfa7U5lvLbukgmzKNBHe
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/jpeg
content-length
33324
x-amz-cf-id
61qYPdR0eaBCEKBVJ2NiNqxsOr40jqzbN4pOY9cU6h5TnLFLz6k2kg==
bdb08584-benefits-bg.jpg
d9hhrg4mnvzow.cloudfront.net/go.payfwds.com/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/go.payfwds.com/bdb08584-benefits-bg.jpg
Requested by
Host: go.payfwds.com
URL: https://go.payfwds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.89.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-89-26.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
92029810b90f9f8fb18ac599211be7cb4370b1be47be24efd5c18004dc3a85fd

Request headers

Referer
https://go.payfwds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 12:22:42 GMT
via
1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
last-modified
Fri, 08 Jan 2021 12:22:33 GMT
server
AmazonS3
x-amz-cf-pop
ZRH50-C1
etag
"fc8c528cd125ef74ccb0058b242a39d7"
x-cache
Miss from cloudfront
x-amz-version-id
r2ri_iziSbbu0W8oa_iv2xqPyDSJOCXQ
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/jpeg
content-length
30482
x-amz-cf-id
yRI2n0-lL7n3ccRL2r1E_Hu4haE2jUc0tGI4I2tfsc1OtwuD2xhFEA==
l
use.typekit.net/af/98e3f6/000000000000000077359562/30/ 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/98e3f6/000000000000000077359562/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/prl0lmm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
2418ec657ce8bb25dee8ddb0ac29cb2379a43b4f115b653ef974d3c9fc52e649

Request headers

Origin
https://go.payfwds.com
Referer
https://use.typekit.net/prl0lmm.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 12:22:41 GMT
server
nginx
etag
"27cd5d037b3d5bcc152de6c7fe0aa3098a381c24"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
34152
l
use.typekit.net/af/e4b1a9/000000000000000077359571/30/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/e4b1a9/000000000000000077359571/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/prl0lmm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
0d1cbdc0817e9b7ed1dbc126b9f9f021023a38c06f23ee9cbb2ef16f2cda7000

Request headers

Origin
https://go.payfwds.com
Referer
https://use.typekit.net/prl0lmm.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 12:22:41 GMT
server
nginx
etag
"b10a19accac4d75934ead3e517526b740bdb5a2c"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
33180
l
use.typekit.net/af/d45b9a/000000000000000077359577/30/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/d45b9a/000000000000000077359577/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/prl0lmm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
e75d314fab0c1fb09c90b1ee7051ca57bd554017c874d96d113356b28ba57928

Request headers

Origin
https://go.payfwds.com
Referer
https://use.typekit.net/prl0lmm.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 12:22:41 GMT
server
nginx
etag
"f806d2fcac6bea1cced8320378bba8659e3a95e8"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
33364
sp-2.14.0.js
d34qb8suadcc4g.cloudfront.net/ 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
Requested by
Host: d34qb8suadcc4g.cloudfront.net
URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1605293159
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:e600:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

Referer
https://go.payfwds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 03:21:13 GMT
content-encoding
gzip
last-modified
Wed, 04 Nov 2020 01:35:32 GMT
server
AmazonS3
age
3315689
etag
"73de733c308b8b5e44d2a6242dc4bd99"
x-cache
Hit from cloudfront
x-amz-version-id
rVTqklA1qqyT_0VdOCY323BKPISR0uej
via
1.1 cd66c5a89ae3376f15c155e3b52a758d.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
content-length
30399
x-amz-cf-id
FgGtsK2_K8j83pxeFmvp18FMDf_F5B7L_BtlzgmZX_s9Z5mMmiq-Fw==
meet
calendly.com/payfwds/ Frame 0973 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://calendly.com/payfwds/meet?embed_domain=go.payfwds.com&embed_type=Inline&primary_color=29518e
Requested by
Host: assets.calendly.com
URL: https://assets.calendly.com/assets/external/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f774 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Frame-Options ALLOWALL

Request headers

:method
GET
:authority
calendly.com
:scheme
https
:path
/payfwds/meet?embed_domain=go.payfwds.com&embed_type=Inline&primary_color=29518e
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://go.payfwds.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://go.payfwds.com/

Response headers

date
Fri, 08 Jan 2021 12:22:41 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=da83f8595e79e511b374606f0d4638bbc1610108561; expires=Sun, 07-Feb-21 12:22:41 GMT; path=/; domain=.calendly.com; HttpOnly; SameSite=Lax _calendly_session=dDJPdWlpcTdkb0tCU08xSFBnYU1hU3RaUHN4c2U5aU8xRUlMaE44RWt5WWdiL2RYbkwwdU5HZlVvaU9mVkNpQVdkMW5MWS9UTDBkVTdxeWNjL0EyNEtpMCtXYXF1eHF2QkdYZHljb1MzbjFzcXBXVGhHbXF4ekgzMzI2T3ZGcjBjY0s2S0lOeTFQTGxkQ2Rqc1AzK1RONktvdHUvR0ZpampaT1ppU2d3NDc0TkxHanZQblJ6bHhWV2JnbE9IZGx6dy9LOWQvS0NVUW1Pa2YxRkJOTExNd0dyUWZ1ZDluc0NFRHBWWXZnckxGTHFweHF2NFFaRDRiVC9vZUp1cFkvRy9wOURMNmFkbXFWWUNhR3M4d21SOFNnaFJoRU5ud3lkb09BTTMvb2VxRkVmd1lPdEpHaG03VTkyaktjN3N0RWtnSXhtV2djS1JUS1doQjlWSkc0dVZPNXJqTnBYVjdpK1luVHlGRW5rSmlHMlV4ZG5OL0Qxam9ZQU1WU2E5cjdzU3JPWXkvRWlwRTBjSm9mbE96bEQ4dTVwc3M4bVBSMndja3ZiL0d1WjBZYXBzMUIvNDMrSmowN2pGSjlpS05NS3pVVUpWd2xEWlZtT1RMeGhaYWRRZTZ1WFhpVzJ3T2cvdVd0VEx3OFBZVk8ybFIyaXR2T2N3MWRER3h2Q3E1Q2daQWliOVRQUS9la1U2a1V0cUYvM0JqZTUyRWtwb2pjRzlnWEpZUkFGaVcvWllxa0ZvTHZKelJDMHpoaHF1WE5RcVZDUEtmZWFySnVwZGdHOGlJZGIxaHRqTVlxSTU1TkhwZ2gxc1dPNHpDeE9WSUtkK2szVVFHRzY3MnVxZFBMamp2WU90S2l3bkJMNS9GRzU2ZDNoS3MrNGRIU2VTZXRSWFVTRCtCa1JWZmc4ZjlmNDhYSHNYOEJ3RlVudm9LNjEtLUpSaStEQnVDdDRRUVhFOUJ4enNSVUE9PQ%3D%3D--23a725738d4bcf0b87a9b44116d000346abfa5b8; path=/; expires=Fri, 29 Jan 2021 12:22:41 GMT; secure; HttpOnly
x-frame-options
ALLOWALL
referrer-policy
strict-origin-when-cross-origin
cache-control
max-age=0, private, must-revalidate
x-request-id
4d1e157f-5fbe-4f52-8d53-2ef25f110a00
x-runtime
0.241821
strict-transport-security
max-age=31556952; includeSubDomains; preload
via
1.1 vegur
cf-cache-status
DYNAMIC
cf-request-id
07838bff90000016e61a323000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
60e5e2ac1d5416e6-FRA
content-encoding
br
2e3d20b4-ce8d-4dbb-8c69-4c70e0669cab
https://go.payfwds.com/ 		5 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
blob:https://go.payfwds.com/2e3d20b4-ce8d-4dbb-8c69-4c70e0669cab
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length
5603
Content-Type
text/css
i
events.ub-analytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.ub-analytics.com/i?stm=1610108561324&e=pv&url=https%3A%2F%2Fgo.payfwds.com%2F&page=PayFWDs%20%7C%20Human%20Capital%20Management&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&eid=542a588b-148c-4618-a50f-264cd31a73a0&dtm=1610108561318&vp=1600x1200&ds=1600x2449&vid=1&sid=670062f5-a37c-48a4-9ba2-a32f6697258b&duid=d0b91858-6216-4d1c-88bd-e83056d9b2b7&uid=89.238.186.2431613455339439353&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiYzRjOGM0ODctOGRiNS00MzEzLWIxMWEtMTNkNjQ5Y2E3NjA3IiwidmFyaWFudElkIjoiYSIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6IndlaWdodGVkIn19XX0
Requested by
Host: go.payfwds.com
URL: https://go.payfwds.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.31.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-31-157.compute-1.amazonaws.com
Software
akka-http/10.0.9 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer
https://go.payfwds.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 08 Jan 2021 12:22:41 GMT
access-control-allow-credentials
true
server
akka-http/10.0.9
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length
43
content-type
image/gif
widget.5256de5ea994e67b7927.js
widget-v4.tidiochat.com//1_47_0/static/js/ Frame 4888 		815 KB
222 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com//1_47_0/static/js/widget.5256de5ea994e67b7927.js
Requested by
Host: code.tidio.co
URL: https://code.tidio.co/nwjxwktlo9llfaom5oo7pokbzoc98g23.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4703 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4d5d27e8776d411272cbb98ec08867fd0466c8f0dd8e4520748a812dabaf187

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 12:22:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 17 Dec 2020 11:16:54 GMT
server
cloudflare
age
2979
etag
W/"5fdb3e26-cbbe0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XQJc3mAoD0DomLo5wzQ6jcSfgt2bEZVbvtq43%2BJ6pSLLgoL9%2Bnixjsa4JtpWemjC6tPiVHNoDKldA3sy68pGYJud6uV2Yip5jdqa0Bfgm4sVBWEVYv9ZpDDGpJk1XoDGo%2BZOAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
60e5e2ad7c6d4a79-FRA
cf-request-id
07838c006f00004a798087d000000001
tururu.mp3
widget-v4.tidiochat.com// Frame 4888 		7 KB
7 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com//tururu.mp3
Requested by
Host: go.payfwds.com
URL: https://go.payfwds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4703 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 08 Jan 2021 12:22:41 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
802357
Content-Range
bytes 0-7223/7224
Content-Length
7224
cf-request-id
07838c010400004a7949a9b000000001
pragma
public
last-modified
Thu, 17 Dec 2020 11:16:52 GMT
server
cloudflare
etag
"5fdb3e24-1c38"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZJeOPl5Vjx%2FH5%2BiHxpp7olRpRC%2BnCeF5RSntRc3SgRmyh5iZ8CAnevjOt%2FF9Bb6kjIp5XPzqHM3s5t1iNL4DBVYga6UqcH6JO8uND6ISI9bMe3wTogQkGxyebI%2F6h3kyaVn5LA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
cache-control
public, max-age=31536000
cf-ray
60e5e2ae6eed4a79-FRA
expires
Wed, 13 Jan 2021 05:30:04 GMT

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| ub object| UnbounceSnowplowNamespace function| ubSnowplow object| Calendly object| bodyScrollLock function| $ function| jQuery function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_ function| ownKeys function| _objectSpread function| _defineProperty function| _typeof object| Snowplow object| SENTRY_RELEASE object| tidioChatApi

6 Cookies

Domain/Path Name / Value
go.payfwds.com/ Name: _sp_id.6fea
Value: d0b91858-6216-4d1c-88bd-e83056d9b2b7.1610108561.1.1610108561.1610108561.670062f5-a37c-48a4-9ba2-a32f6697258b
.payfwds.com/ Name: ubvt
Value: 89.238.186.2431613455339439353
go.payfwds.com/ Name: ubvs
Value: 89.238.186.2431613455339439353
go.payfwds.com/ Name: _sp_ses.6fea
Value: *
go.payfwds.com/ Name: ubrs
Value: weighted
go.payfwds.com/ Name: ubpv
Value: a%2Cc4c8c487-8db5-4313-b11a-13d649ca7607

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.unbouncepreview.com
assets.calendly.com
builder-assets.unbounce.com
calendly.com
cdnjs.cloudflare.com
code.tidio.co
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
events.ub-analytics.com
go.payfwds.com
p.typekit.net
stackpath.bootstrapcdn.com
use.typekit.net
user-assets-unbounce-com.s3.amazonaws.com
widget-v4.tidiochat.com
104.26.8.183
13.224.89.26
13.224.94.52
2001:4de0:ac19::1:b:1a
2600:9000:2190:c00:d:1c5c:fb80:93a1
2600:9000:2190:e600:1d:11cf:5800:93a1
2606:4700:10::6814:f774
2606:4700:20::ac43:4703
2606:4700::6810:135e
2a02:26f0:6c00:28d::19fd
2a02:26f0:6c00::210:ba2a
3.212.31.157
52.216.144.75
52.22.210.37
54.93.101.66
0d1cbdc0817e9b7ed1dbc126b9f9f021023a38c06f23ee9cbb2ef16f2cda7000
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f
12e5b766d52b0f57fa76432c8ee9b07ae2dd12e8c40ca26863bb5456abcc44e3
146713f310842933dc62d2bed7f0eaaf8a9cf3cdf72fd37610ef51e58378c8dc
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
210c0e856d0086d34f736011980b72f92cd3c603aec91b929ba8ada83d30df6e
23419ac9d2e02d311368ad8bed67d83f26e6b90a7bdf9bf898bd246313c5e7a9
2418ec657ce8bb25dee8ddb0ac29cb2379a43b4f115b653ef974d3c9fc52e649
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
326188347e8d3970243e8f26bbc3005161bd30e6f3a16ace046469b35889ffa0
357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d
3ef1f35dba8c73d124c0b01211f4da3277c39f1ad2f25d02f4beb62c876e215e
412fae0ce913e0d679beeabac2f3e7b6d18979fee0e39e0c6240fc0127987e11
4fe5d99f01496d6b4ea15aa9f0e8cf97a2dadd281317dc2754ea2fa57a4384cb
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
54022ac2abddfb22a409afd804c6dde6df23a9bd8d63b1dee68b2a7a189ba568
59b8ffd42678528bfab786ac3af989b26b2f86920c0a42ece7accdf67b25f099
5c6e41cab44d3fc8958df6b852e4e728360a81d7a5fc3079b36e677cc07f8edb
683fa8586905aab296a41dcc4579a4f58bd540c12d449b7224ca2a20320fb141
73421bc92b2052621e13b046307c4abbbe76c913e308a431402dac61521765d5
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7babfcf626ec542696be0068718e3e85c70029432b435c9c0aace9e212ecba65
81c1d2cceda6a1e2e6cdb621c2f43883129765179f9af54acd56f1b4ec815f70
92029810b90f9f8fb18ac599211be7cb4370b1be47be24efd5c18004dc3a85fd
932aeb2c1c6d89dd7b918ab8664c6515ec604eba01f56fa90765d071c9a24d49
93fe67ec2f8a187770a95e78364b692de21aa092d55a4225abfd2513e8821245
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7
a4d5d27e8776d411272cbb98ec08867fd0466c8f0dd8e4520748a812dabaf187
ac253c4713034444354ed296dbd3026271635199c01396abca64a20b36bd6f23
c65958c2e1c2219f0ee8d54ede5710544a354e92d1de7a2d6c0673a45b486cc4
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6
e75d314fab0c1fb09c90b1ee7051ca57bd554017c874d96d113356b28ba57928
f77184889ba31a16a59b6bcdf366df1f0bd81629b90767bacdc1ed5dd2889326