URL: https://staging.paythen.co/
Submission: On December 28 via automatic, source certstream-suspicious

Summary

This website contacted 14 IPs in 5 countries across 12 domains to perform 34 HTTP transactions. The main IP is 2606:4700:20::ac43:4422, located in United States and belongs to CLOUDFLARENET, US. The main domain is staging.paythen.co.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 20th 2020. Valid for: a year.
This is the only time staging.paythen.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 2606:4700:20:... 13335 (CLOUDFLAR...)
2 99.86.3.30 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 152.199.19.160 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 99.86.3.18 16509 (AMAZON-02)
7 99.86.3.105 16509 (AMAZON-02)
1 75.2.88.188 16509 (AMAZON-02)
1 143.204.215.94 16509 (AMAZON-02)
34 14
Domain Requested by
9 staging.paythen.co staging.paythen.co
7 js.intercomcdn.com widget.intercom.io
js.intercomcdn.com
staging.paythen.co
4 use.typekit.net staging.paythen.co
use.typekit.net
2 www.google-analytics.com www.googletagmanager.com
staging.paythen.co
2 maxcdn.bootstrapcdn.com staging.paythen.co
maxcdn.bootstrapcdn.com
2 fonts.googleapis.com staging.paythen.co
2 js.stripe.com staging.paythen.co
js.stripe.com
1 static.intercomassets.com
1 api-iam.intercom.io js.intercomcdn.com
1 widget.intercom.io 1 redirects
1 stats.g.doubleclick.net www.google-analytics.com
1 p.typekit.net use.typekit.net
1 www.googletagmanager.com staging.paythen.co
1 ajax.aspnetcdn.com staging.paythen.co
34 14

This site contains links to these domains. Also see Links.

Domain
paythen.co
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-06-20 -
2021-06-20
a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA
2020-09-22 -
2021-02-03
4 months crt.sh
upload.video.google.com
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA
2020-09-22 -
2021-10-12
a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA
2020-11-16 -
2021-11-10
a year crt.sh
*.google-analytics.com
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
use.typekit.net
DigiCert SHA2 Secure Server CA
2020-01-28 -
2022-02-01
2 years crt.sh
*.typekit.net
DigiCert SHA2 Secure Server CA
2019-12-06 -
2021-12-10
2 years crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
*.intercomcdn.com
Amazon
2020-03-29 -
2021-04-29
a year crt.sh
*.intercom.com
Amazon
2020-05-13 -
2021-06-13
a year crt.sh
intercomassets.com
Amazon
2020-08-15 -
2021-09-14
a year crt.sh

This page contains 4 frames:

Primary Page: https://staging.paythen.co/
Frame ID: 94143556DC037FCAC89D7693B2845086
Requests: 25 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-59cdd15d8db95826a41100f00b589171.html
Frame ID: 671C1E846C16BD456EC50DA5506EDB19
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.3651b008.js
Frame ID: AD07BF2A25DE0631BFBC0794BA95D7B0
Requests: 6 HTTP requests in this frame

Frame: https://js.intercomcdn.com/fonts/proximanova-regular.a7942249.woff
Frame ID: AB1FA7D2141B9894DD2DE8367313D5E6
Requests: 2 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 50%
Detected patterns
  • meta csrf-param /^authenticity_token$/i

Overall confidence: 50%
Detected patterns
  • meta csrf-param /^authenticity_token$/i

Overall confidence: 100%
Detected patterns
  • script /js\.stripe\.com/i

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

34
Requests

100 %
HTTPS

60 %
IPv6

12
Domains

14
Subdomains

14
IPs

5
Countries

1075 kB
Transfer

4052 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://widget.intercom.io/widget/ymko5hi0 HTTP 302
  • https://js.intercomcdn.com/shim.latest.js

34 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
staging.paythen.co/
6 KB
4 KB
Document
General
Full URL
https://staging.paythen.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4422 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a44ec7ce52ecd6c274aa2dbd5ed8d82237903802c0d67776c7964de0c02afa0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
staging.paythen.co
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 05:57:55 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d07ab400232911498f813d389c4eadea91609135074; expires=Wed, 27-Jan-21 05:57:54 GMT; path=/; domain=.paythen.co; HttpOnly; SameSite=Lax; Secure _change_my_info_session=U4oB1WK414Yp0bAGxSfwGa2S3eYZhX629BwhNR%2Bbta8CTFpPIVXwj%2BEMPLjWQWl37G3ZTvs276idNpKxMzZpwDNe6DGqnocKGBzZk3k%2FOYdKxQA3CYroxVhcP0JdBK7GK5sT695iSa3HiPHEumI5mFWY5ZNYwZBOuA28mdjAil%2BQcjFybhMbGT1S%2BgVeKC8XTCvlbCvOjhd6s6rfJsYgwOlVyHThN%2BXtctScygn1fuuJyPfId%2B4sfBsOB6p6KYVSNDeleqg2TRz4yUFlsORaov3LTuYZmZ8gxBz8l1UMs2Sku8SqY1anDfyBW%2BscIfQ%2F3w2euMahq018ord9WRanGegH1p1DWUY7aKC3rFPBiUtxtbIRWxNi4S0p0kuN1%2BEtY9UXVDkpVufLtEM%3D--dyjtfx%2BLUoh5RuR8--8QtvN%2Bg28pkxO6dEkFHJrg%3D%3D; path=/; HttpOnly
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
referrer-policy
strict-origin-when-cross-origin
cache-control
max-age=0, private, must-revalidate
x-request-id
5ed76019-79e1-42be-adf9-220fb6958702
x-runtime
0.010988
via
1.1 vegur
cf-cache-status
DYNAMIC
cf-request-id
074985c5ed0000176e2339c000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RJNNLWE9VJPiYIwEm82r1Bl9NixbdWg0lU4m30hWb2jb1JvGgYldYgte1jbiGtA%2BwCd0IuHaLjSAqMGMaMBV4jW3f%2B%2F1FQ%2BzB2oemq%2BkkjYgV1y2gp%2BmtVHQGa%2F%2FIVg%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
60890be97e1e176e-FRA
content-encoding
br
application-0910eedfb5136de9c4704f4be568d04ab61e01ddc053abc33d425d3c912edd3d.css
staging.paythen.co/assets/
712 KB
85 KB
Stylesheet
General
Full URL
https://staging.paythen.co/assets/application-0910eedfb5136de9c4704f4be568d04ab61e01ddc053abc33d425d3c912edd3d.css
Requested by
Host: staging.paythen.co
URL: https://staging.paythen.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4422 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a153b84e094739e746a867a27d7264dd768dbbb2b8570875c4a1415deb18f8e9

Request headers

Referer
https://staging.paythen.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray
60890bec1841176e-FRA
date
Mon, 28 Dec 2020 05:57:55 GMT
via
1.1 vegur
cf-cache-status
MISS
last-modified
Thu, 24 Dec 2020 06:57:57 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sX3CMvFnqmUAescVMDkyplyKbXrRzXLkz%2FJOjuTJQllDfS9j2ebNPY1hXac1f4Xzys9Pwb1xYJN0fFzYW6J7c%2B%2Bl9QjUHJvXP5vUY5aJJJLMInmvU2hFZejwnCO%2Bvnc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=691200
nel
{"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-request-id
074985c7900000176e428a4000000001
application-0e106db91aaf3cbb9336.js
staging.paythen.co/packs/js/
1 MB
258 KB
Script
General
Full URL
https://staging.paythen.co/packs/js/application-0e106db91aaf3cbb9336.js
Requested by
Host: staging.paythen.co
URL: https://staging.paythen.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4422 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b21a56baa93d9cd8ad227a326be160504fa2f657ce6ebd5bd871fa075655655e

Request headers

Referer
https://staging.paythen.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray
60890bec1842176e-FRA
date
Mon, 28 Dec 2020 05:57:55 GMT
via
1.1 vegur
cf-cache-status
MISS
last-modified
Thu, 24 Dec 2020 06:59:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tJo%2F%2BQJVMKOs%2FaBn40wGMe4Gjzt35Rutuu3CTOdk4r4akotfpnNUFkxluDeY9KuqoCX1%2FqVQNkDi42%2BhDstw1V653S6dQJfAqZ%2B2TRp%2FZQAfuY48Rqar2qTAFmbB4K8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
nel
{"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-request-id
074985c7920000176e37aca000000001
/
js.stripe.com/v3/
191 KB
50 KB
Script
General
Full URL
https://js.stripe.com/v3/
Requested by
Host: staging.paythen.co
URL: https://staging.paythen.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.30 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-30.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
996697cbddd634f2323e3873fe989deb983e4a2ef8e3cafacca276e97dd792bd
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://staging.paythen.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 05:57:09 GMT
content-encoding
gzip
vary
Accept-Encoding
age
47
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-request-id
2A1B0421BD8B8EB0
x-amz-id-2
J6qHCfE7jzKllnCpkOVmHQypwjjVjRZcJaU7ZIDD7HeSE4kgq56fdLUlxh1OB3n2OeLqnwFK9nQ=
last-modified
Wed, 23 Dec 2020 00:19:16 GMT
server
AmazonS3
etag
W/"317a5734342d8d30751aa8f69247bad9"
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=300
content-security-policy
default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop
FRA6-C1
timing-allow-origin
*
x-amz-cf-id
_uSuCrjvlZWbuu47E8KJh75ruTJJgkRaIux6SuSYBU21I9JeMSknww==
css
fonts.googleapis.com/
387 B
407 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Merienda+One
Requested by
Host: staging.paythen.co
URL: https://staging.paythen.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b7379e4a443cae7a9e9c2456b45d5fa009c7490e807231509d7a6f8f9468b1b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://staging.paythen.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 28 Dec 2020 05:03:25 GMT
server
ESF
date
Mon, 28 Dec 2020 05:57:55 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 28 Dec 2020 05:57:55 GMT
icon
fonts.googleapis.com/
574 B
443 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: staging.paythen.co
URL: https://staging.paythen.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2f7d25275cf9ccb802154e572bc808e3c4533bc2004ccb65f4ccf35fc22b0a58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://staging.paythen.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 28 Dec 2020 05:57:55 GMT
server
ESF
date
Mon, 28 Dec 2020 05:57:55 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 28 Dec 2020 05:57:55 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: staging.paythen.co
URL: https://staging.paythen.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://staging.paythen.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 05:57:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:35:20 GMT
etag
"1544639720"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
7050
api.js
staging.paythen.co/cdn-cgi/bm/cv/669835187/
35 KB
9 KB
Script
General
Full URL
https://staging.paythen.co/cdn-cgi/bm/cv/669835187/api.js
Requested by
Host: staging.paythen.co
URL: https://staging.paythen.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4422 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://staging.paythen.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 05:57:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aeTQBHazvdxZLQEk5KCwclV4AMNgqbk2crUfjhSBng7QInugTf2aBMXLX0FqsZIMZIp6dc2khR%2FW4c0TP0NG8%2F%2BQopE2Ifrun16Nkz5KP%2FCc88Y7CHYGFGS%2FDxTLqrI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
cf-ray
60890bef5aee176e-FRA
cf-request-id
074985c9970000176ef60e4000000001
logo-8113fade8bd561c8ed2be3feb92496a904cd5f3609affad17158bc97a08e1e7a.svg
staging.paythen.co/assets/
5 KB
2 KB
Image
General
Full URL
https://staging.paythen.co/assets/logo-8113fade8bd561c8ed2be3feb92496a904cd5f3609affad17158bc97a08e1e7a.svg
Requested by
Host: staging.paythen.co
URL: https://staging.paythen.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4422 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8113fade8bd561c8ed2be3feb92496a904cd5f3609affad17158bc97a08e1e7a

Request headers

Referer
https://staging.paythen.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray
60890bef6b06176e-FRA
date
Mon, 28 Dec 2020 05:57:55 GMT
via
1.1 vegur
cf-cache-status
MISS
last-modified
Tue, 04 Aug 2020 13:41:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CMBClEAgCoSgkZ9hSCJ23JtBYperoWEeHyeBOgf44UqM38nVYZhrUbsRjZbpBZSHu1yhglN1n3glHvTsOVvH%2F21JTJxMbW96xpoIlpUCaXjEbPlJFDswB4R3RFqHYSw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=691200
nel
{"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-request-id
074985c9a30000176eec9da000000001
jquery.validate.js
ajax.aspnetcdn.com/ajax/jquery.validate/1.9/
37 KB
10 KB
Script
General
Full URL
https://ajax.aspnetcdn.com/ajax/jquery.validate/1.9/jquery.validate.js
Requested by
Host: staging.paythen.co
URL: https://staging.paythen.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FA2) /
Resource Hash
95434a8a2568a6481a1fbcf5808a75dd58e77348ed6d70b4f7aeda8842e8f0c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://staging.paythen.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 05:57:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17489700
x-cache
HIT
content-length
10132
x-xss-protection
1; mode=block
last-modified
Mon, 31 Oct 2016 23:42:34 GMT
server
ECAcc (frc/8FA2)
etag
"011774d033d21:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
gtm.js
www.googletagmanager.com/
74 KB
30 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N5RMVVM
Requested by
Host: staging.paythen.co
URL: https://staging.paythen.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4b2822ed9f5f3a9eb58caa258e836b3cf04f1040b03d194ffa1184ed23827d3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://staging.paythen.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 05:57:55 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30205
x-xss-protection
0
last-modified
Mon, 28 Dec 2020 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 28 Dec 2020 05:57:55 GMT
web2qru.css
use.typekit.net/
7 KB
1 KB
Stylesheet
General
Full URL
https://use.typekit.net/web2qru.css
Requested by
Host: staging.paythen.co
URL: https://staging.paythen.co/assets/application-0910eedfb5136de9c4704f4be568d04ab61e01ddc053abc33d425d3c912edd3d.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
8c946459dd72341bdc4bc3e178b495c6518f9ef7f8e18564adb5abe12b403295
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://staging.paythen.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Mon, 28 Dec 2020 05:57:55 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
timing-allow-origin
*
content-length
952
p.css
p.typekit.net/
5 B
149 B
Stylesheet
General
Full URL
https://p.typekit.net/p.css?s=1&k=web2qru&ht=tk&f=137.139.140.169.171.173.175.176.5474.25136&a=930554&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/web2qru.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:285::19fd , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 05:57:55 GMT
last-modified
Tue, 01 Sep 2020 23:51:26 GMT
server
nginx
etag
"5f4ede7e-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
5
analytics.js
www.google-analytics.com/
46 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N5RMVVM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://staging.paythen.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
4068
date
Mon, 28 Dec 2020 04:50:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Mon, 28 Dec 2020 06:50:07 GMT
collect
stats.g.doubleclick.net/j/
1 B
89 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-154626237-2&cid=1311497461.1609135076&jid=1325142054&gjid=1453057659&_gid=1972607671.1609135076&_u=YGBAgAABAAAAAE~&z=606996088
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://staging.paythen.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 28 Dec 2020 05:57:55 GMT
content-type
text/plain
access-control-allow-origin
https://staging.paythen.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
383 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j87&a=645084219&t=pageview&_s=1&dl=https%3A%2F%2Fstaging.paythen.co%2F&ul=en-us&de=UTF-8&dt=Paythen%E2%84%A2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=1325142054&gjid=1453057659&cid=1311497461.1609135076&tid=UA-154626237-2&_gid=1972607671.1609135076&gtm=2wgbu0N5RMVVM&z=1772346151
Requested by
Host: staging.paythen.co
URL: https://staging.paythen.co/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://staging.paythen.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Dec 2020 05:42:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
940
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
2-bb7b5b83.chunk.css
staging.paythen.co/packs/css/
138 KB
20 KB
Stylesheet
General
Full URL
https://staging.paythen.co/packs/css/2-bb7b5b83.chunk.css
Requested by
Host: staging.paythen.co
URL: https://staging.paythen.co/packs/js/application-0e106db91aaf3cbb9336.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4422 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35caee2589a6ef7ea026f18e6ae3cf3112e4000d207f5ea85fabfa8438df0b1b

Request headers

Referer
https://staging.paythen.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray
60890bf1bd67176e-FRA
date
Mon, 28 Dec 2020 05:57:56 GMT
via
1.1 vegur
cf-cache-status
MISS
last-modified
Thu, 24 Dec 2020 06:59:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GQV6vmlpMkovnOf5yBq9hjUUzG6H0zM7EFSbpvTam0Z1lM8dYHVmWQcyh3IBP5fo3vwMLVViyRU4FSLlbUApO2xI1t7morKOS8NiTHmTuhdbBV9dIYRxA6hLeb0y0J8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=691200
nel
{"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-request-id
074985cb130000176e1e271000000001
2-d3b1ddde7c72f589a6bd.chunk.js
staging.paythen.co/packs/js/
139 B
424 B
Script
General
Full URL
https://staging.paythen.co/packs/js/2-d3b1ddde7c72f589a6bd.chunk.js
Requested by
Host: staging.paythen.co
URL: https://staging.paythen.co/packs/js/application-0e106db91aaf3cbb9336.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4422 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9982a42bc2e6d92e568134f95f4c73453ed7f1a919582a8949b8075f8ee94e0

Request headers

Referer
https://staging.paythen.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray
60890bf1bd69176e-FRA
date
Mon, 28 Dec 2020 05:57:56 GMT
via
1.1 vegur
cf-cache-status
MISS
last-modified
Thu, 24 Dec 2020 06:59:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SZ4X8xP02ojFY6pdgnmbnB0mRBMO3jIQMkq5UK8YWENxhSE5DMkQmSyNbmfCvBMAXwfuJnpxg2SsDbw22CnzbTvZH%2B0K5Hxa%2BMHaHCQeD6r8gyOM2fR4Ducvp8kk6Sc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
nel
{"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-request-id
074985cb130000176e4bb57000000001
3-0721a4768a27a0160239.chunk.js
staging.paythen.co/packs/js/
2 KB
1 KB
Script
General
Full URL
https://staging.paythen.co/packs/js/3-0721a4768a27a0160239.chunk.js
Requested by
Host: staging.paythen.co
URL: https://staging.paythen.co/packs/js/application-0e106db91aaf3cbb9336.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4422 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69089e5389fa81c42b019c12a422d49520328326bfafd070154409f3733d57d0

Request headers

Referer
https://staging.paythen.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray
60890bf1dd86176e-FRA
date
Mon, 28 Dec 2020 05:57:56 GMT
via
1.1 vegur
cf-cache-status
MISS
last-modified
Thu, 24 Dec 2020 06:59:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=41qvbkybwntvwh%2BR82SBMbJapZSis4XKTZ79uOxxxlaQvl09l2NEFu9ILX1f3b8DQazpEXqZIKE92rKj5oRH1384sqfPAob6fA9WO%2BUikguzDyqD6oZ7QD1Ya9l8glo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
nel
{"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-request-id
074985cb240000176e5b1a9000000001
l
use.typekit.net/af/27776b/00000000000000003b9b0939/27/
32 KB
33 KB
Font
General
Full URL
https://use.typekit.net/af/27776b/00000000000000003b9b0939/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/web2qru.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
ae55c313220f063fdb3dc157a89a22e6a20a400cdd5b639a5aabfa4ae91e476a

Request headers

Origin
https://staging.paythen.co
Referer
https://use.typekit.net/web2qru.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 05:57:56 GMT
server
nginx
etag
"7f43a43bb76581ed1a2cdc24f0d9704bfa1a6732"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
33124
l
use.typekit.net/af/3331e6/00000000000000003b9b0936/27/
32 KB
33 KB
Font
General
Full URL
https://use.typekit.net/af/3331e6/00000000000000003b9b0936/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/web2qru.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
7e01c1f46d29e8a778c9b2ae372f63fe76a2dc5c3629c441dcf52ea7b51190c0

Request headers

Origin
https://staging.paythen.co
Referer
https://use.typekit.net/web2qru.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 05:57:56 GMT
server
nginx
etag
"b7f32cce44884c0c7d09c7eaf8ec10d20386685b"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
33180
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/
75 KB
76 KB
Font
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://staging.paythen.co
Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 05:58:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:36:18 GMT
etag
"1544639778"
vary
Accept-Encoding
x-cache
HIT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
77171
l
use.typekit.net/af/4838bd/00000000000000003b9b0934/27/
32 KB
32 KB
Font
General
Full URL
https://use.typekit.net/af/4838bd/00000000000000003b9b0934/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/web2qru.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
ceb4ce0bba67a12e21af094eb24293d7ea8bffaffc237a1cd90394c7588eaec9

Request headers

Origin
https://staging.paythen.co
Referer
https://use.typekit.net/web2qru.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 05:57:56 GMT
server
nginx
etag
"852dacc5cd2685c187708b882b28635465e17bd0"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
32688
m-outer-59cdd15d8db95826a41100f00b589171.html
js.stripe.com/v3/ Frame 671C
0
0
Document
General
Full URL
https://js.stripe.com/v3/m-outer-59cdd15d8db95826a41100f00b589171.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.30 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-30.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v3/m-outer-59cdd15d8db95826a41100f00b589171.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://staging.paythen.co/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://staging.paythen.co/

Response headers

content-type
text/html; charset=utf-8
content-length
215
x-amz-id-2
QOaYS6I7ce4OcWQqClOfu4GhHgqnOQyGOZ0VIwTDhdRK2SngM0rI6vhIydpx7KOBWumJOMkW7+s=
x-amz-request-id
0EB6BD9C02C8A891
last-modified
Thu, 10 Dec 2020 15:57:35 GMT
accept-ranges
bytes
server
AmazonS3
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
access-control-allow-origin
*
content-security-policy
default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
date
Mon, 28 Dec 2020 05:55:27 GMT
etag
"59cdd15d8db95826a41100f00b589171"
cache-control
public, max-age=300
x-cache
Hit from cloudfront
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
KTS9_XHQazpA-w9GYhPB6eTwgJTYKvsGB2uFh_I5g6I2veE4XDTMkg==
age
150
result
staging.paythen.co/cdn-cgi/bm/cv/
0
637 B
XHR
General
Full URL
https://staging.paythen.co/cdn-cgi/bm/cv/result?req_id=60890be97e1e176e
Requested by
Host: staging.paythen.co
URL: https://staging.paythen.co/cdn-cgi/bm/cv/669835187/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4422 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://staging.paythen.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 28 Dec 2020 05:57:56 GMT
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eMMuGKyVJbk1Bd6%2FMPkBtrS6dAfPz12%2FXAEZbmGWg2HaTFLdcwAdb8wREpuGYRSKTrJ9K5jgMa2k9XHNNtytmaVkixKgmsEMVceb562RgQTRxcwtehOwSN%2BzeNuwQDI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
60890bf29e67176e-FRA
cf-request-id
074985cba30000176e5b1b0000000001
shim.latest.js
js.intercomcdn.com/
Redirect Chain
  • https://widget.intercom.io/widget/ymko5hi0
  • https://js.intercomcdn.com/shim.latest.js
12 KB
5 KB
Script
General
Full URL
https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.105 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-105.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0acecc6a554176c11fe821dfa5ebbe234cc229c5e372c1d5d5d7365ab9f9a11d

Request headers

Referer
https://staging.paythen.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 28 Dec 2020 05:54:56 GMT
content-encoding
gzip
last-modified
Thu, 17 Dec 2020 16:21:26 GMT
server
AmazonS3
age
193
etag
"bad442725154dc11de51f32818aaf7c2"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
cache-control
max-age=300, s-maxage=300, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
4396
x-amz-cf-id
HCkFVQnOvhbuQvO195dRXCbqFE5pnVwBCYo1Amd6omIANw7vFbQesg==

Redirect headers

date
Mon, 28 Dec 2020 02:26:20 GMT
via
1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
server
AmazonS3
age
12710
x-cache
Hit from cloudfront
location
https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop
FRA6-C1
content-length
0
x-amz-cf-id
GYKWHjI1e-hJsbw8sTaFZqWakMqedR5WfWa_ul6jsoYsRqJTllajTA==
frame-modern.3651b008.js
js.intercomcdn.com/ Frame AD07
243 KB
66 KB
Script
General
Full URL
https://js.intercomcdn.com/frame-modern.3651b008.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/ymko5hi0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.105 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-105.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89aa4a1f3078b5ac8ca91b5cc2b7f1b95e30c2f2a7e2157bc5913bb19070d484

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 28 Dec 2020 04:11:53 GMT
content-encoding
gzip
last-modified
Thu, 17 Dec 2020 16:13:07 GMT
server
AmazonS3
age
6377
etag
"b4bd446918faa405c37c694252d1dc33"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
67105
x-amz-cf-id
6QSBIXmMHOViHejbN9pC-oJe40MXe2a8M6x2hdVZ54-r0onNB_JGZA==
vendor-modern.9d1078c3.js
js.intercomcdn.com/ Frame AD07
123 KB
38 KB
Script
General
Full URL
https://js.intercomcdn.com/vendor-modern.9d1078c3.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/ymko5hi0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.105 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-105.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
848c5de83cc5769619fb12455772acca45887021ab6fdc7b5c88f36a31ff0946

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 28 Dec 2020 04:09:10 GMT
content-encoding
gzip
last-modified
Fri, 18 Dec 2020 14:22:27 GMT
server
AmazonS3
age
6540
etag
"9b5b470a28e38dff426854ef00fb72e0"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
38314
x-amz-cf-id
mTa9z2nO1yREJlixRo5_7xcvhADn1ithVrCtGxdjErStw6Z97t1seA==
ping
api-iam.intercom.io/messenger/web/ Frame AD07
3 KB
2 KB
XHR
General
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.3651b008.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.88.188 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ad8b87a22ce463223.awsglobalaccelerator.com
Software
nginx /
Resource Hash
84bdc8a921c55381279c8fdfd91015af7a69fa9d44678621369dd0ff5f343323
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 28 Dec 2020 05:58:10 GMT
content-encoding
gzip
x-ami-version
ami-0ff4c5c01112bbd61
status
200 OK
strict-transport-security
max-age=31556952; includeSubDomains; preload
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
003mgs05boku4m13v1c0
x-runtime
0.254725
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"84bdc8a921c55381279c8fdfd91015af"
x-ratelimit-remaining
19998
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://staging.paythen.co
x-intercom-version
93e50d2790ba8dde12db3c35cc0b0c6499b13495
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-ratelimit-reset
1609135140
x-ratelimit-limit
20000
access-control-allow-headers
Content-Type
x-content-type-options
nosniff
vendors~app-modern.1427f8e6.js
js.intercomcdn.com/ Frame AD07
322 KB
97 KB
Script
General
Full URL
https://js.intercomcdn.com/vendors~app-modern.1427f8e6.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.3651b008.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.105 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-105.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7ac754a2a15f87fada0e8fe4e99c9b3883bd6da85316c7b4b9f1c14e382e217c

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 28 Dec 2020 05:44:22 GMT
content-encoding
gzip
last-modified
Fri, 18 Dec 2020 14:22:27 GMT
server
AmazonS3
age
835
etag
"6920fc08528cc235aedca196baf86f49"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
98502
x-amz-cf-id
DM_v1zXib5-dMAWCYT1yWQzKi5EHhIamTJX49h2c01qydVOzhfBMxA==
app-modern.33d58edf.js
js.intercomcdn.com/ Frame AD07
672 KB
158 KB
Script
General
Full URL
https://js.intercomcdn.com/app-modern.33d58edf.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.3651b008.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.105 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-105.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3c505ba3d42b1c4a52b63d329883bf8519210e15812d2f3f72215e72a65b3a4e

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 28 Dec 2020 05:35:49 GMT
content-encoding
gzip
last-modified
Fri, 18 Dec 2020 14:22:27 GMT
server
AmazonS3
age
1348
etag
"5d02d43df20ed1a10f27969c97ba88b2"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
161042
x-amz-cf-id
leqwAClvV9zHKx6NhtCyY7JW6X2LgHmzbYtEDPs486oMh-DSlVbPaQ==
launcher-discovery-modern.8215e400.js
js.intercomcdn.com/ Frame AD07
6 KB
2 KB
Script
General
Full URL
https://js.intercomcdn.com/launcher-discovery-modern.8215e400.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.3651b008.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.105 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-105.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c0415a7bf01c85dcbbc1ae1005f2f5569be0abfd8f89f11c17766a90d27fd994

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 28 Dec 2020 05:48:08 GMT
content-encoding
gzip
last-modified
Fri, 18 Dec 2020 14:22:27 GMT
server
AmazonS3
age
623
etag
"246891ae8cc4a7942454e8d377e3fe68"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
2115
x-amz-cf-id
s5OO3GO5Ow6x9nodPtwzY6RHzeJr44J3eYr0ShvtibnvaDwoyz0vmg==
proximanova-regular.a7942249.woff
js.intercomcdn.com/fonts/ Frame AB1F
28 KB
29 KB
Font
General
Full URL
https://js.intercomcdn.com/fonts/proximanova-regular.a7942249.woff
Requested by
Host: staging.paythen.co
URL: https://staging.paythen.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.105 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-105.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ad1e595d26035487333f48604244ddab94b13bec3e2f4545f13d8dd8a3ecba20

Request headers

Origin
https://staging.paythen.co
Referer
https://staging.paythen.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 05:58:18 GMT
via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
vary
Origin
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
28960
last-modified
Fri, 18 Dec 2020 14:22:28 GMT
server
AmazonS3
etag
"a7942249ca925ef356c0f2b1dab17ef3"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
dFvkDw_-VOte0JvFEtEY-OUdipaX9VS0nCrxPQpfyPmsqa2wJSputQ==
ls-toy-profile-red-1600956658.jpg
static.intercomassets.com/avatars/4340298/square_128/ Frame AB1F
6 KB
7 KB
Image
General
Full URL
https://static.intercomassets.com/avatars/4340298/square_128/ls-toy-profile-red-1600956658.jpg?1600956658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.94 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-94.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dbdf0b55031d4ea5c634b54a960bd9fdccb537208343efbec6d0a34f3e2dc405

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 28 Dec 2020 02:26:28 GMT
via
1.1 48391c4ed2c51e95dcabcb70cf613127.cloudfront.net (CloudFront)
last-modified
Thu, 24 Sep 2020 14:11:01 GMT
server
AmazonS3
age
12710
etag
"344d4f161037513b31ac504db658c75d"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=86400
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
6583
x-amz-cf-id
xoj6LbnmMIl4pkHERnuVg5sje-DCFGBXirWj8na5dlSS3F9hyhRYEg==

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| webpackJsonp function| Color function| Chart boolean| _rails_loaded object| Turbolinks function| jQuery function| $ function| setImmediate function| clearImmediate function| Stripe object| a0_0x433e function| a0_0x3d7e object| __CF$cv$params object| intercomSettings function| Intercom function| __intercomAssignLocation

8 Cookies

Domain/Path Name / Value
.staging.paythen.co/ Name: __stripe_sid
Value: 107c80b8-b425-445b-8337-23688777b6d0ecddae
.staging.paythen.co/ Name: __stripe_mid
Value: 68787950-840f-41b9-853f-7e49609fee6cc0be56
.paythen.co/ Name: __cf_bm
Value: df868fd28c5ab55da15bf5b8007686accb81eef9-1609135076-1800-ATo/Xt2kkJAx+0Krw61BDQPNhCHkRUL2CEOZg5yHhJkyHM1IRbxg17sGWa33BMee99tJNQMJ9Rc6vchRArVL5RQicY5mc0Sy9pPMVW20FLSFVFEKbLu7EpPsLUyNiISym9EVyemRzVw0RtMv6F91jj4=
.staging.paythen.co/ Name: _ga
Value: GA1.3.1311497461.1609135076
staging.paythen.co/ Name: _change_my_info_session
Value: U4oB1WK414Yp0bAGxSfwGa2S3eYZhX629BwhNR%2Bbta8CTFpPIVXwj%2BEMPLjWQWl37G3ZTvs276idNpKxMzZpwDNe6DGqnocKGBzZk3k%2FOYdKxQA3CYroxVhcP0JdBK7GK5sT695iSa3HiPHEumI5mFWY5ZNYwZBOuA28mdjAil%2BQcjFybhMbGT1S%2BgVeKC8XTCvlbCvOjhd6s6rfJsYgwOlVyHThN%2BXtctScygn1fuuJyPfId%2B4sfBsOB6p6KYVSNDeleqg2TRz4yUFlsORaov3LTuYZmZ8gxBz8l1UMs2Sku8SqY1anDfyBW%2BscIfQ%2F3w2euMahq018ord9WRanGegH1p1DWUY7aKC3rFPBiUtxtbIRWxNi4S0p0kuN1%2BEtY9UXVDkpVufLtEM%3D--dyjtfx%2BLUoh5RuR8--8QtvN%2Bg28pkxO6dEkFHJrg%3D%3D
.staging.paythen.co/ Name: _dc_gtm_UA-154626237-2
Value: 1
.staging.paythen.co/ Name: _gid
Value: GA1.3.1972607671.1609135076
.paythen.co/ Name: __cfduid
Value: d07ab400232911498f813d389c4eadea91609135074

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
api-iam.intercom.io
fonts.googleapis.com
js.intercomcdn.com
js.stripe.com
maxcdn.bootstrapcdn.com
p.typekit.net
staging.paythen.co
static.intercomassets.com
stats.g.doubleclick.net
use.typekit.net
widget.intercom.io
www.google-analytics.com
www.googletagmanager.com
143.204.215.94
152.199.19.160
2001:4de0:ac19::1:b:3b
2606:4700:20::ac43:4422
2a00:1450:4001:808::2008
2a00:1450:4001:809::200e
2a00:1450:4001:81d::200a
2a00:1450:4001:820::200e
2a00:1450:400c:c06::9c
2a02:26f0:6c00:285::19fd
2a02:26f0:6c00::210:ba2a
75.2.88.188
99.86.3.105
99.86.3.18
99.86.3.30
0acecc6a554176c11fe821dfa5ebbe234cc229c5e372c1d5d5d7365ab9f9a11d
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2f7d25275cf9ccb802154e572bc808e3c4533bc2004ccb65f4ccf35fc22b0a58
35caee2589a6ef7ea026f18e6ae3cf3112e4000d207f5ea85fabfa8438df0b1b
3c505ba3d42b1c4a52b63d329883bf8519210e15812d2f3f72215e72a65b3a4e
4b2822ed9f5f3a9eb58caa258e836b3cf04f1040b03d194ffa1184ed23827d3a
69089e5389fa81c42b019c12a422d49520328326bfafd070154409f3733d57d0
6a44ec7ce52ecd6c274aa2dbd5ed8d82237903802c0d67776c7964de0c02afa0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7ac754a2a15f87fada0e8fe4e99c9b3883bd6da85316c7b4b9f1c14e382e217c
7e01c1f46d29e8a778c9b2ae372f63fe76a2dc5c3629c441dcf52ea7b51190c0
8113fade8bd561c8ed2be3feb92496a904cd5f3609affad17158bc97a08e1e7a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
848c5de83cc5769619fb12455772acca45887021ab6fdc7b5c88f36a31ff0946
84bdc8a921c55381279c8fdfd91015af7a69fa9d44678621369dd0ff5f343323
89aa4a1f3078b5ac8ca91b5cc2b7f1b95e30c2f2a7e2157bc5913bb19070d484
8c946459dd72341bdc4bc3e178b495c6518f9ef7f8e18564adb5abe12b403295
95434a8a2568a6481a1fbcf5808a75dd58e77348ed6d70b4f7aeda8842e8f0c7
996697cbddd634f2323e3873fe989deb983e4a2ef8e3cafacca276e97dd792bd
a153b84e094739e746a867a27d7264dd768dbbb2b8570875c4a1415deb18f8e9
ad1e595d26035487333f48604244ddab94b13bec3e2f4545f13d8dd8a3ecba20
ae55c313220f063fdb3dc157a89a22e6a20a400cdd5b639a5aabfa4ae91e476a
b21a56baa93d9cd8ad227a326be160504fa2f657ce6ebd5bd871fa075655655e
b7379e4a443cae7a9e9c2456b45d5fa009c7490e807231509d7a6f8f9468b1b5
b9982a42bc2e6d92e568134f95f4c73453ed7f1a919582a8949b8075f8ee94e0
c0415a7bf01c85dcbbc1ae1005f2f5569be0abfd8f89f11c17766a90d27fd994
ceb4ce0bba67a12e21af094eb24293d7ea8bffaffc237a1cd90394c7588eaec9
dbdf0b55031d4ea5c634b54a960bd9fdccb537208343efbec6d0a34f3e2dc405
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b