urlscan.io logo urlscan.io
SecurityTrails logo

help.payplan.com Open in urlscan Pro
3.33.173.208  Public Scan

Go To Rescan Add Verdict Report
URL: http://help.payplan.com/_act/get_rcr.php?AT920191992585031417241859zzzzz64e9c97204300527723a095a09529466f3e2032f038ef35e...
Submission Tags: falconsandbox
Submission: On July 12 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 9 HTTP transactions. The main IP is 3.33.173.208, located in United States and belongs to AMAZON-02, US. The main domain is help.payplan.com.
This is the only time help.payplan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3.33.173.208 16509 (AMAZON-02)
3 2a02:26f0:310... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
2 99.80.10.61 16509 (AMAZON-02)
1 2a02:26f0:310... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
9 6
1    3.33.173.208 (United States)

ASN16509 (AMAZON-02, US)
PTR: a52806b40a88f6080.awsglobalaccelerator.com
help.payplan.com
3    2a02:26f0:3100::1735:28f0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    99.80.10.61 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-10-61.eu-west-1.compute.amazonaws.com
www.uploadlibrary.com
1    2a02:26f0:3100::1735:28c8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
1    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
4 typekit.net
use.typekit.net — Cisco Umbrella Rank: 614
p.typekit.net — Cisco Umbrella Rank: 795
60 KB
2 uploadlibrary.com
www.uploadlibrary.com — Cisco Umbrella Rank: 333637
259 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 63
17 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 88
821 B
1 payplan.com
help.payplan.com
8 KB
9 5
Domain Requested by
3 use.typekit.net help.payplan.com
use.typekit.net
2 www.uploadlibrary.com help.payplan.com
1 www.google-analytics.com help.payplan.com
1 p.typekit.net use.typekit.net
1 fonts.googleapis.com help.payplan.com
1 help.payplan.com
9 6

This site contains links to these domains. Also see Links.

Domain
www.payplan.com
Subject Issuer Validity Valid
use.typekit.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
uploadlibrary.com
Amazon RSA 2048 M02		 2023-07-11 -
2024-08-09		 a year crt.sh

This page contains 1 frames:

Primary Page: http://help.payplan.com/_act/get_rcr.php?AT920191992585031417241859zzzzz64e9c97204300527723a095a09529466f3e2032f038ef35e4c7ab703605c854d04
Frame ID: B96F871AA2DB997A59432E7231AD0D7B
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Your Control

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

9
Requests

78 %
HTTPS

67 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

345 kB
Transfer

383 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request get_rcr.php
help.payplan.com/_act/ 		8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://help.payplan.com/_act/get_rcr.php?AT920191992585031417241859zzzzz64e9c97204300527723a095a09529466f3e2032f038ef35e4c7ab703605c854d04
Protocol
HTTP/1.1
Server
3.33.173.208 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a52806b40a88f6080.awsglobalaccelerator.com
Software
Apache /
Resource Hash
ace8e7a1742a7d42e81090522587c955539898c011c66d2822a182980f2baf47
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
7794
Content-Security-Policy
frame-ancestors 'self';
Content-Type
text/html
Date
Wed, 12 Jul 2023 09:59:57 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
bar3bdb.css
use.typekit.net/ 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/bar3bdb.css
Requested by
Host: help.payplan.com
URL: http://help.payplan.com/_act/get_rcr.php?AT920191992585031417241859zzzzz64e9c97204300527723a095a09529466f3e2032f038ef35e4c7ab703605c854d04
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:28f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
e94391086ea2399276b89d06b4e142398f4588a0a4e351803d68cac3408fbaef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://help.payplan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Wed, 12 Jul 2023 09:59:57 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1306
css2
fonts.googleapis.com/ 		1 KB
821 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Oxygen:wght@400;700&display=swap
Requested by
Host: help.payplan.com
URL: http://help.payplan.com/_act/get_rcr.php?AT920191992585031417241859zzzzz64e9c97204300527723a095a09529466f3e2032f038ef35e4c7ab703605c854d04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e4882455843074fb8273c6b49bbbf75e7a6e1e8e87796e8271c93851c01245b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://help.payplan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 12 Jul 2023 09:59:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 12 Jul 2023 09:59:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 12 Jul 2023 09:59:57 GMT
Logo.svg
www.uploadlibrary.com/creativepure360/PayPlan/Unsub/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.uploadlibrary.com/creativepure360/PayPlan/Unsub/Logo.svg
Requested by
Host: help.payplan.com
URL: http://help.payplan.com/_act/get_rcr.php?AT920191992585031417241859zzzzz64e9c97204300527723a095a09529466f3e2032f038ef35e4c7ab703605c854d04
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.10.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-10-61.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.54 (Amazon) /
Resource Hash
22dc60f5a419e1ec9b5de223f215bf3adff1cc1411e2bc2427d8696ebd33d30f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://help.payplan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 09:59:57 GMT
last-modified
Mon, 26 Jul 2021 11:40:58 GMT
server
Apache/2.4.54 (Amazon)
accept-ranges
bytes
etag
"aa4-5c8053a1ad530"
content-length
2724
content-type
image/svg+xml
bike-banner.png
www.uploadlibrary.com/creativepure360/PayPlan/Unsub/ 		256 KB
257 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.uploadlibrary.com/creativepure360/PayPlan/Unsub/bike-banner.png
Requested by
Host: help.payplan.com
URL: http://help.payplan.com/_act/get_rcr.php?AT920191992585031417241859zzzzz64e9c97204300527723a095a09529466f3e2032f038ef35e4c7ab703605c854d04
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.10.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-10-61.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.54 (Amazon) /
Resource Hash
6a8234059b0139a096e803f9cd04446af40344632c2df4a925e910184c9bade3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://help.payplan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 09:59:57 GMT
last-modified
Mon, 26 Jul 2021 11:50:37 GMT
server
Apache/2.4.54 (Amazon)
etag
"40058-5c8055ca0c8d0"
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
262232
p.css
p.typekit.net/ 		5 B
172 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=bar3bdb&ht=tk&f=139.140.175.176.147.148.8488.8489.8490.8491.14736.9739.9740.9741.9742.9743.9745&a=85638131&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/bar3bdb.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:28c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 09:59:57 GMT
last-modified
Fri, 21 Apr 2023 14:15:25 GMT
server
nginx
etag
"64429a7d-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: help.payplan.com
URL: http://help.payplan.com/_act/get_rcr.php?AT920191992585031417241859zzzzz64e9c97204300527723a095a09529466f3e2032f038ef35e4c7ab703605c854d04
Protocol
H2
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://help.payplan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 12 Jul 2023 08:02:00 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
7078
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Wed, 12 Jul 2023 10:02:00 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
l
use.typekit.net/af/8882b8/00000000000000003b9ae115/27/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/8882b8/00000000000000003b9ae115/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/bar3bdb.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:28f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
8fe08c4deba44b388bcd623487488087e446dc02f46ba13709d0e4183b615f8b

Request headers

Referer
https://use.typekit.net/bar3bdb.css
Origin
http://help.payplan.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 09:59:58 GMT
server
nginx
etag
"b512be0c4d3012669eac96ca941f21549c520b8a"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
29632
l
use.typekit.net/af/2837a6/00000000000000003b9ae112/27/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/2837a6/00000000000000003b9ae112/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/bar3bdb.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:28f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
f435ef9fd89df2e522f34759fb4ebaa745f07a7d46b41610a04549023f7da373

Request headers

Referer
https://use.typekit.net/bar3bdb.css
Origin
http://help.payplan.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 09:59:58 GMT
server
nginx
etag
"64ce776fbf9322579e00504a8469958f7a6209f7"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
29748

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend function| submitOptOutGroup function| submitOptOut object| _gaq object| _gat

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options SAMEORIGIN