app.staxpayments.com Open in urlscan Pro
2606:4700::6812:11c7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://paymnt.io/A6nN1O
Effective URL:
https://app.staxpayments.com/
Submission: On April 28 via manual (April 28th 2022, 6:58:01 pm UTC) from US — Scanned from DE

Summary HTTP 45 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 17 IPs in 2 countries across 17 domains to perform 45 HTTP transactions. The main IP is 2606:4700::6812:11c7, located in United States and belongs to CLOUDFLARENET, US. The main domain is app.staxpayments.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 21st 2022. Valid for: a year.

This is the only time app.staxpayments.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.2.56.64 52.2.56.64	14618 (AMAZON-AES) (AMAZON-AES)
12	2606:4700::68... 2606:4700::6812:11c7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2606:4700::68... 2606:4700::6812:1c44	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
1 1	143.204.98.110 143.204.98.110	16509 (AMAZON-02) (AMAZON-02)
3	143.204.98.9 143.204.98.9	16509 (AMAZON-02) (AMAZON-02)
1	162.247.242.19 162.247.242.19	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1	18.64.103.87 18.64.103.87	16509 (AMAZON-02) (AMAZON-02)
1	52.218.241.49 52.218.241.49	16509 (AMAZON-02) (AMAZON-02)
2	34.209.158.1 34.209.158.1	16509 (AMAZON-02) (AMAZON-02)
4	151.101.130.182 151.101.130.182	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	107.154.251.104 107.154.251.104	19551 (INCAPSULA) (INCAPSULA)
45	17

1 52.2.56.64 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: us-ip-2.short.io

paymnt.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700::6812:11c7 (United States)

ASN13335 (CLOUDFLARENET, US)

app.staxpayments.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staxjs.staxpayments.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:1c44 (United States)

ASN13335 (CLOUDFLARENET, US)

permissionprod.fattlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
apiprod.fattlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.110 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-110.fra50.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.98.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-9.fra50.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.242.19 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-7.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.64.103.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-103-87.txl50.r.cloudfront.net

dl.airtable.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.241.49 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com

fattpaydocuments.s3.us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.209.158.1 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-209-158-1.us-west-2.compute.amazonaws.com

fattquery.prod.fattpay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.130.182 (United States)

ASN54113 (FASTLY, US)

core.spreedly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.154.251.104 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.251.104.ip.incapdns.net

globalsiteanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	staxpayments.com app.staxpayments.com staxjs.staxpayments.com	2 MB
6	gstatic.com www.gstatic.com fonts.gstatic.com	344 KB
4	spreedly.com core.spreedly.com — Cisco Umbrella Rank: 28586	79 KB
4	fattlabs.com permissionprod.fattlabs.com — Cisco Umbrella Rank: 997728 apiprod.fattlabs.com — Cisco Umbrella Rank: 651154	8 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2	22 KB
3	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 2121	131 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	489 B
2	fattpay.com fattquery.prod.fattpay.com — Cisco Umbrella Rank: 995190	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 131	114 KB
1	globalsiteanalytics.com globalsiteanalytics.com — Cisco Umbrella Rank: 22971	2 KB
1	amazonaws.com fattpaydocuments.s3.us-west-2.amazonaws.com	33 KB
1	airtable.com dl.airtable.com — Cisco Umbrella Rank: 38982	52 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 590
1	intercom.io 1 redirects widget.intercom.io — Cisco Umbrella Rank: 2096	252 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 334	9 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	56 KB
1	paymnt.io 1 redirects paymnt.io	439 B
45	17

	Domain	Requested by
11	app.staxpayments.com	app.staxpayments.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	core.spreedly.com	staxjs.staxpayments.com core.spreedly.com
3	www.google.com	staxjs.staxpayments.com www.gstatic.com www.google.com
3	js.intercomcdn.com	widget.intercom.io
3	www.facebook.com	app.staxpayments.com
2	fonts.gstatic.com	www.google.com
2	fattquery.prod.fattpay.com	app.staxpayments.com
2	apiprod.fattlabs.com	app.staxpayments.com
2	permissionprod.fattlabs.com	app.staxpayments.com
2	connect.facebook.net	app.staxpayments.com connect.facebook.net
1	globalsiteanalytics.com	app.staxpayments.com
1	fattpaydocuments.s3.us-west-2.amazonaws.com
1	staxjs.staxpayments.com	app.staxpayments.com
1	dl.airtable.com
1	bam.nr-data.net	js-agent.newrelic.com
1	widget.intercom.io	1 redirects
1	js-agent.newrelic.com	app.staxpayments.com
1	www.googletagmanager.com	app.staxpayments.com
1	paymnt.io	1 redirects
45	20

This site contains links to these domains. Also see Links.

Domain
policies.google.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-02-21` - `2023-02-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-02-05` - `2022-05-06`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh
*.intercomcdn.com Amazon	`2022-01-30` - `2023-02-28`	a year	crt.sh
dl.airtable.com Amazon	`2022-04-20` - `2023-05-18`	a year	crt.sh
*.s3-us-west-2.amazonaws.com Amazon	`2021-12-17` - `2022-11-29`	a year	crt.sh
*.fattlabs.com Amazon	`2021-12-12` - `2023-01-10`	a year	crt.sh
*.spreedly.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-16` - `2023-01-16`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
imperva.com GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-04-01` - `2022-09-30`	6 months	crt.sh

This page contains 5 frames:

Primary Page: https://app.staxpayments.com/
Frame ID: BCC796A513D09924F1C5DC74D3DB8BC4
Requests: 32 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.bba87e32.js
Frame ID: CAB542032C73841542F85C5FC48268A7
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdIltYZAAAAAKAT4evOXcHVvrQ-DQXQVqxvLVlI&co=aHR0cHM6Ly9hcHAuc3RheHBheW1lbnRzLmNvbTo0NDM.&hl=de&v=2W_gRz39xX8G13fM-OdyQPlc&size=invisible&cb=xjk2f59fp46h
Frame ID: D98EC7ECD9891F593FA28F12D814EA59
Requests: 7 HTTP requests in this frame

Frame: https://core.spreedly.com/v1/embedded/number-frame-1.75.html
Frame ID: 8356924DFD29DE46F6AEE4568228D079
Requests: 2 HTTP requests in this frame

Frame: https://core.spreedly.com/v1/embedded/cvv-frame-1.75.html
Frame ID: D469CE462AB7EA0BD1B531B81A8D003E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://paymnt.io/A6nN1O HTTP 302
https://app.staxpayments.com/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

45
Requests

98 %
HTTPS

44 %
IPv6

17
Domains

20
Subdomains

17
IPs

2
Countries

3106 kB
Transfer

10343 kB
Size

2
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://paymnt.io/A6nN1O HTTP 302
https://app.staxpayments.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://widget.intercom.io/widget/force-load HTTP 302
https://js.intercomcdn.com/shim.latest.js

45 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
app.staxpayments.com/
Redirect Chain

https://paymnt.io/A6nN1O
https://app.staxpayments.com/

42 KB
9 KB

350ms
276ms

Document
text/html

2606:4700::6812:11c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.staxpayments.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:11c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 311423c54aa3f08e9241085fdcc7e062b931b1302832a7d4878913b9163f8ffc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-apo-via: origin,host
cf-cache-status: DYNAMIC
cf-ray: 703206b9b9409122-FRA
content-encoding: gzip
content-type: text/html
date: Thu, 28 Apr 2022 18:57:54 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Thu, 28 Apr 2022 14:34:39 GMT
server: cloudflare
vary: Accept-Encoding
via: 1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
x-amz-cf-id: psngV9UDXaDg8Xa8VTBS-r54ourUsU1fH-wneNYGx7v3p5CsuJd-uw==
x-amz-cf-pop: FRA56-P3
x-amz-version-id: MZqKJUkRkDIisageSYfvwgPwyvlLHUQ0
x-cache: Miss from cloudfront

Redirect headers

Date: Thu, 28 Apr 2022 18:57:54 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
connection: close
content-length: 0
content-type: text/html; charset=utf-8
location: https://app.staxpayments.com/#/pay/Poparad-Advisors-30432325aab4
pragma: no-cache
x-content-type-options: nosniff
x-powered-by: Short.io link shortener
x-ratelimit-limit: 50
x-ratelimit-remaining: 49
x-ratelimit-reset: 60

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 151 KB
56 KB 84ms
39ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-964798921

Requested by

Host: app.staxpayments.com
URL: https://app.staxpayments.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1f28d9d469fb086189673669d2edaab66762451460a0ec654625fb2c147e6b48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.staxpayments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:57:54 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57340
x-xss-protection: 0
last-modified: Thu, 28 Apr 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 28 Apr 2022 18:57:54 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 58ms
19ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: app.staxpayments.com
URL: https://app.staxpayments.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.staxpayments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26311
x-xss-protection: 0
pragma: public
x-fb-debug: 8RjET3CCcAIRHuMEmxdzUfjLpqLD0gfPti/r3LX/lw3vsWfQj7HOpkCXn2L938oxe5KpoSrXSRK97usEtcGvTA==
x-fb-trip-id: 2050670934
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 28 Apr 2022 18:57:54 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 675386505937741 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 200ms
199ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/675386505937741?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

abf5103f6eebcd76bf61a39a57d91f22b0275f36596bcdcf90ffcf296a7a48e4

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.staxpayments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: SsZczKX1fx944fbidyiHydZ543zPhuDk3vnec0KyMiw4SNQOmlLTmYCmutQ6xBI+Z+7l+m3xfzAkv6ETxlCE6g==
x-fb-trip-id: 2050670934
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 28 Apr 2022 18:57:54 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1651172274792
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 main.105fe14847849677f6a6.css
app.staxpayments.com/ 968 KB
229 KB 258ms
256ms Stylesheet
text/css 2606:4700::6812:11c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.staxpayments.com/main.105fe14847849677f6a6.css
Requested by: Host: app.staxpayments.com
URL: https://app.staxpayments.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:11c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60a68a9234bd4f86a15e2838d7983368a43756b48f8b6044389b7a8594a9fbe8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.staxpayments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:57:54 GMT
via: 1.1 1f16598f51b4c33e5f56e49ea72a6154.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-cf-pop: DUS51-P1
cf-ray: 703206bd393a9122-FRA
x-cache: Hit from cloudfront
content-encoding: gzip
last-modified: Thu, 28 Apr 2022 14:34:39 GMT
server: cloudflare
etag: W/"aa0d6733ee50ef15f63dfd92fe9c3fc4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: jojnGF1fqqCq71iSA17mDz6KWp36S_Rp
cache-control: public, max-age=7200
content-type: text/css
x-amz-cf-id: S6U-38e-TbQWmRngikwAfQ611BhUjf0nQQ89aJRLBwTIeQyYZjsMFA==
expires: Thu, 28 Apr 2022 20:57:54 GMT

GET
H2 200 main.105fe14847849677f6a6.js Show response
app.staxpayments.com/ 7 MB
2 MB 236ms
235ms Script
application/javascript 2606:4700::6812:11c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.staxpayments.com/main.105fe14847849677f6a6.js
Requested by: Host: app.staxpayments.com
URL: https://app.staxpayments.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:11c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 792bb08bf8d6b7389fff16167c376484ab2bee89db3cf17d239194f6ebf8fedd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.staxpayments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:57:54 GMT
via: 1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-cf-pop: DUS51-P1
cf-ray: 703206bd393b9122-FRA
x-cache: Hit from cloudfront
content-encoding: gzip
last-modified: Thu, 28 Apr 2022 14:34:39 GMT
server: cloudflare
etag: W/"9ad4f3f2df2d21e6eba61d1d4f4c7c4e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: gb9_EG45Lqx2SmC3bDgKjtshhSiSDzua
cache-control: public, max-age=7200
content-type: application/javascript
x-amz-cf-id: 9Isj__W7hgPZBi3y4U8GCFxUDrhlo1TkarfY7qhJ9hNSE_Ibnui5kw==
expires: Thu, 28 Apr 2022 20:57:54 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 61ms
20ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=675386505937741&ev=PageView&dl=https%3A%2F%2Fapp.staxpayments.com%2F%23%2Fpay%2FPoparad-Advisors-30432325aab4&rl=&if=false&ts=1651172274898&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1651172274897.318733166&it=1651172274598&coo=false&rqm=GET

Requested by

Host: app.staxpayments.com
URL: https://app.staxpayments.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.staxpayments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:57:54 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 28 Apr 2022 18:57:54 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 61ms
20ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=675386505937741&ev=OmniView&dl=https%3A%2F%2Fapp.staxpayments.com%2F%23%2Fpay%2FPoparad-Advisors-30432325aab4&rl=&if=false&ts=1651172274900&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1651172274897.318733166&it=1651172274598&coo=false&rqm=GET

Requested by

Host: app.staxpayments.com
URL: https://app.staxpayments.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.staxpayments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:57:54 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 28 Apr 2022 18:57:54 GMT

GET
H2 200 e07df86cef2e721115583d61d1fb68a6.ttf
app.staxpayments.com/ 166 KB
90 KB 102ms
102ms Font
application/font-sfnt 2606:4700::6812:11c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.staxpayments.com/e07df86cef2e721115583d61d1fb68a6.ttf
Requested by: Host: app.staxpayments.com
URL: https://app.staxpayments.com/main.105fe14847849677f6a6.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:11c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9cc991deb5d27f267830a19f2301eb164d9e61ec08669c1a1a291c5620ff40a

Request headers

Referer: https://app.staxpayments.com/main.105fe14847849677f6a6.css
Origin: https://app.staxpayments.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:57:55 GMT
via: 1.1 4786bcd6a5ee692459814ef0ab252684.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: TXL50-P4
cf-ray: 703206c25d129122-FRA
x-cache: RefreshHit from cloudfront
content-encoding: gzip
last-modified: Mon, 25 Apr 2022 20:42:33 GMT
server: cloudflare
etag: W/"e07df86cef2e721115583d61d1fb68a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 0XGx1WLRCM.Cyo_dgGk9h5t0.K1DGBeN
cache-control: public, max-age=7200
content-type: application/font-sfnt
x-amz-cf-id: 0nwg-h9CzxiZ1nHGPSKoA2PfHxlcO3yWftOAVSJhoGkTdi3rYoQZWQ==
expires: Thu, 28 Apr 2022 20:57:55 GMT

GET
DATA 200
OK truncated
/ 16 KB
16 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7bdf2d6d46e641a0c03746f42712decb7547af00786702e5dd41efaf19f31af0

Request headers

Referer
Origin: https://app.staxpayments.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: font/woff2

GET
H2 404 / Show response
permissionprod.fattlabs.com/identity/ 148 B
452 B 611ms
409ms XHR
text/html 2606:4700::6812:1c44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://permissionprod.fattlabs.com/identity/

Requested by

Host: app.staxpayments.com
URL: https://app.staxpayments.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

957608f6263a236a3e6242dc4b29e2d8a4b9a858a01c14c799cc83714ca7ddc3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.staxpayments.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:57:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
content-security-policy: default-src 'self'
cf-ray: 703206c44d2d9b6e-FRA

GET
H2 200 Poparad-Advisors-30432325aab4 Show response
apiprod.fattlabs.com/webpayment/ 2 KB
1 KB 401ms
401ms XHR
application/json 2606:4700::6812:1c44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://apiprod.fattlabs.com/webpayment/Poparad-Advisors-30432325aab4
Requested by: Host: app.staxpayments.com
URL: https://app.staxpayments.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3df1cde706388f487d7a0e0150f2bad430f9d7fc98ef8865fde6c33ca5500f4c

Request headers

Accept: application/json
Referer: https://app.staxpayments.com/
Authorization: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 28 Apr 2022 18:57:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Authorization,Origin
content-type: application/json
access-control-allow-origin: https://app.staxpayments.com
cache-control: no-cache, private
cf-ray: 703206c6dbef9b6e-FRA

OPTIONS
H2 204 Poparad-Advisors-30432325aab4
apiprod.fattlabs.com/webpayment/ Frame 0
0 592ms
403ms Preflight 2606:4700::6812:1c44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://apiprod.fattlabs.com/webpayment/Poparad-Advisors-30432325aab4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: GET
Origin: https://app.staxpayments.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-headers: AUTHORIZATION,CONTENT-TYPE
access-control-allow-methods: GET
access-control-allow-origin: https://app.staxpayments.com
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 703206c44d469b6e-FRA
date: Thu, 28 Apr 2022 18:57:56 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare

GET
H2 200 nr-1118.min.js Show response
js-agent.newrelic.com/ 24 KB
9 KB 67ms
20ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1118.min.js
Requested by: Host: app.staxpayments.com
URL: https://app.staxpayments.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3622d2041fd2390dd10eb9832096e4b89d1b925565650f004aea76adbd54f5f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.staxpayments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: "bc81ced41f6342ffafc5ff34bc0fc8f7"
x-amz-request-id: APRE18070AJVV55C
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 9288
x-amz-id-2: pmP5Vm57bKrLvDht1+ItRjGBEw8xzCxd7hwL7mtUksPt2F1IqWP4rPJruF3VV4XF7S+4g/mtQ3g=
x-served-by: cache-hhn4033-HHN
last-modified: Wed, 02 Jan 2019 18:42:29 GMT
server: AmazonS3
x-timer: S1651172276.750948,VS0,VE1
date: Thu, 28 Apr 2022 18:57:55 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1

GET
H2

200

shim.latest.js Show response
js.intercomcdn.com/
Redirect Chain

https://widget.intercom.io/widget/force-load
https://js.intercomcdn.com/shim.latest.js

18 KB
6 KB

70ms
19ms

Script
application/javascript

143.204.98.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/shim.latest.js
Protocol: H2
Server: 143.204.98.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-9.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60dfd384e254c70c4245026111efdbbc0548c4f2458ca8b2e71c718b6e26f3d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.staxpayments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 28 Apr 2022 18:54:58 GMT
content-encoding: gzip
last-modified: Thu, 28 Apr 2022 13:24:53 GMT
server: AmazonS3
age: 178
etag: "5d29513b5fcdca2aab9b9ac1f18c33ab"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
cache-control: max-age=300, s-maxage=300, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 6092
x-amz-cf-id: wdZJcrp5lfP7p_uw9wEEfOSd-CLl3SYlv5aBCKzl59GCaV30TkVTXA==

Redirect headers

date: Sun, 16 Jan 2022 18:56:54 GMT
via: 1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
server: AmazonS3
age: 8812862
x-cache: Hit from cloudfront
location: https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop: FRA50-C1
content-length: 0
x-amz-cf-id: LX0krxCO4s83J_MJPHnepsDxRGnu2jpvRih5RVfy-w5MAUMR4RQZ3w==

GET
H/1.1 403
Forbidden 618426693748
bam.nr-data.net/1/ 0
0 490ms
120ms Script
text/plain 162.247.242.19
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/618426693748?a=680550961&sa=1&v=1118.0c07c19&t=Unnamed%20Transaction&rst=2112&ref=https://app.staxpayments.com/&be=1078&fe=2041&dc=2041&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1651172273653,%22n%22:0,%22f%22:460,%22dn%22:461,%22dne%22:489,%22c%22:489,%22s%22:508,%22ce%22:534,%22rq%22:534,%22rp%22:810,%22rpe%22:1073,%22dl%22:813,%22di%22:2040,%22ds%22:2041,%22de%22:2041,%22dc%22:2041,%22l%22:2041,%22le%22:2041%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1118.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.19 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-7.nr-data.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.staxpayments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length: 0

GET
H2 200 frame-modern.bba87e32.js Show response
js.intercomcdn.com/ Frame CAB5 308 KB
82 KB 23ms
22ms Script
application/javascript 143.204.98.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/frame-modern.bba87e32.js
Requested by: Host: widget.intercom.io
URL: https://widget.intercom.io/widget/force-load
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-9.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9aa59ccbe94aee34f650196b0c772a86bb3992793bbb89fd17077f1dc23ef2af

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 28 Apr 2022 17:24:58 GMT
content-encoding: gzip
last-modified: Thu, 28 Apr 2022 13:23:47 GMT
server: AmazonS3
age: 5578
etag: "5e6bbe6dfbc62af668a39c0bc17d29f6"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 83961
x-amz-cf-id: D-rcZhynZrhXB7bCWTHMthE76ry1OgW0SArsmVOwlFZNv6a1hUzy0Q==

GET
H2 200 vendor-modern.9d0447fa.js Show response
js.intercomcdn.com/ Frame CAB5 136 KB
42 KB 49ms
49ms Script
application/javascript 143.204.98.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/vendor-modern.9d0447fa.js
Requested by: Host: widget.intercom.io
URL: https://widget.intercom.io/widget/force-load
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-9.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a0faf58332e35852395151e9dd30b88e1412b56d1f22559714368b65dd455212

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 28 Apr 2022 18:16:25 GMT
content-encoding: gzip
last-modified: Wed, 27 Apr 2022 14:15:08 GMT
server: AmazonS3
age: 2490
etag: "ecaceb482a23eab9805d9d6493cb198b"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 42626
x-amz-cf-id: yhc1-dX1LBKbG_3_oBtJjsYuJPFboCI39-_8ezt0XdyM-eKL-Qeq4w==

GET
H2 200 Stax-withXBrandmark-White.png
dl.airtable.com/.attachments/4aa6e685d645fe2b569c221918d82822/0a905354/ 52 KB
52 KB 120ms
39ms Image
image/png 18.64.103.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dl.airtable.com/.attachments/4aa6e685d645fe2b569c221918d82822/0a905354/Stax-withXBrandmark-White.png?ts=1651153989&userId=usrgdR2ekQxnLgA73&cs=e5702033ec900611

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.64.103.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-64-103-87.txl50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

48e91e4e94305ab125506638437a47c3b693b1b3093348aa451a70d95df65d30

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; img-src https://*/favicon.ico; sandbox
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.staxpayments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: OEdHs9edTRvpOv.zefUw2QUnvs8gCEX3
via: 1.1 59f8f1060194dd517bfadeea0eee2a32.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 12113
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
date: Thu, 28 Apr 2022 18:57:56 GMT
x-amz-replication-status: FAILED
content-length: 52756
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 27 Oct 2021 19:12:02 GMT
server: AmazonS3
etag: "029048fcfb5cd7f1ec71a723f20849a8"
content-type: image/png
access-control-allow-origin: *
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; img-src https://*/favicon.ico; sandbox
x-amz-cf-pop: TXL50-P3
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: IqH3ftnpDRXMmJnwlu9lga7XpUCYlfDZiBKYrQLrO3GUWPj6rjgiXg==

GET
H2 200 Poparad-Advisors-30432325aab4 Show response
permissionprod.fattlabs.com/identity/ 19 KB
7 KB 308ms
308ms XHR
application/json 2606:4700::6812:1c44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://permissionprod.fattlabs.com/identity/Poparad-Advisors-30432325aab4
Requested by: Host: app.staxpayments.com
URL: https://app.staxpayments.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 6dc9bfb7ddb6195eae2e7195e14c60d6ee0436a4b07e4de0b2052d44ac5edd6e

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.staxpayments.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:57:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
etag: W/"4ca8-/Oov0uIJ+RdB8kaQd2G0jpy4CWI"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 703206c96af79b6e-FRA

GET
H2 200 58aef543c97bbaf6a9896e8484456d98.ttf
app.staxpayments.com/ 168 KB
90 KB 59ms
59ms Font
application/font-sfnt 2606:4700::6812:11c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.staxpayments.com/58aef543c97bbaf6a9896e8484456d98.ttf
Requested by: Host: app.staxpayments.com
URL: https://app.staxpayments.com/main.105fe14847849677f6a6.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:11c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e35252aa3dc2e84e9d7211586fee9aede2a426d3230c8b131881d985f16ff836

Request headers

Referer: https://app.staxpayments.com/main.105fe14847849677f6a6.css
Origin: https://app.staxpayments.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:57:56 GMT
via: 1.1 0616b48dd6be4cda83365410ecccbda4.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: DUS51-P1
cf-ray: 703206c9ade59122-FRA
x-cache: RefreshHit from cloudfront
content-encoding: gzip
last-modified: Mon, 25 Apr 2022 20:42:33 GMT
server: cloudflare
etag: W/"58aef543c97bbaf6a9896e8484456d98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: kcv6xsEBM2rtVLXHwScsX.uZ75ict3Yi
cache-control: public, max-age=7200
content-type: application/font-sfnt
x-amz-cf-id: B1ELOVNMmtuksk6AS8duy0Ud9mLIexSYTZwC_F9dOUHPVSDD2xqgVQ==
expires: Thu, 28 Apr 2022 20:57:56 GMT

GET
H2 200 staxjs-captcha.js Show response
staxjs.staxpayments.com/ 75 KB
26 KB 280ms
270ms Script
application/javascript 2606:4700::6812:11c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://staxjs.staxpayments.com/staxjs-captcha.js
Requested by: Host: app.staxpayments.com
URL: https://app.staxpayments.com/main.105fe14847849677f6a6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:11c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e0b33899c4d12be993b750f98ef8b89b50154d0ea86b3d35f2ca01d84a2be1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.staxpayments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:57:57 GMT
via: 1.1 e016ea20838aeed1d878a5244c9e2552.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA56-P6
cf-ray: 703206c9ce269122-FRA
x-cache: RefreshHit from cloudfront
content-encoding: gzip
last-modified: Tue, 05 Apr 2022 18:50:01 GMT
server: cloudflare
etag: W/"edb38321333726745c02977770a15ba7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: kXZE4Hm76b0k_8zUHUIUFFnte8JUmLCZ
cache-control: public, max-age=7200
content-type: application/javascript
x-amz-cf-id: m_jzdwFhJhuR0WxC1QrWWgPxGa28v3Lh9y3O3eXYe8J_MXVMjelzIQ==
expires: Thu, 28 Apr 2022 20:57:57 GMT

GET
H/1.1 200
OK c6b056c8-1899-4acb-b837-96d45c6ef133.png
fattpaydocuments.s3.us-west-2.amazonaws.com/branding/ 33 KB
33 KB 783ms
231ms Image
image/png 52.218.241.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fattpaydocuments.s3.us-west-2.amazonaws.com/branding/c6b056c8-1899-4acb-b837-96d45c6ef133.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.241.49 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 17423a3e73f5d0b4ba94e12b6313c01db7735db9ae7c73a6eb6926fa162e8c0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.staxpayments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 28 Apr 2022 18:57:58 GMT
Last-Modified: Thu, 10 Mar 2022 22:01:48 GMT
Server: AmazonS3
x-amz-request-id: 1WS1EK39D672TE3D
ETag: "01df5ff70cb40dae927fd9fa71d2ae01"
Content-Type: image/png
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 33844
x-amz-id-2: NNwLk71bPF9mZQslfZhReARnCSZzwCCCozGsrYjrl1dHz6J8lyvjE3lLJP/yh6K4NYCR9HFvx60=

GET
H2 200 visa.svg
app.staxpayments.com/src/svg/ 1 KB
949 B 50ms
49ms Image
image/svg+xml 2606:4700::6812:11c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.staxpayments.com/src/svg/visa.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:11c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12cef16e3af56a1477c85b8c896f56456bff2f944de0621d9fd5d709adc852b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.staxpayments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:57:56 GMT
via: 1.1 bc66fd12bea603144bf0b6c1578cb3e0.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: TXL50-P4
cf-ray: 703206c9ce1a9122-FRA
x-cache: RefreshHit from cloudfront
content-encoding: gzip
last-modified: Wed, 27 Apr 2022 15:52:25 GMT
server: cloudflare
etag: W/"50ffb3b85b57aba1aba096466f40f344"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: BnMuRRQq6mwK4BUDuQy8SITi6NbY1GM7
cache-control: public, max-age=7200
content-type: image/svg+xml
x-amz-cf-id: nuyQnNNl_JDeJSUkxmE8U0CGpxQntsNjtooWefhF0sJL6-1Sq9cMow==
expires: Thu, 28 Apr 2022 20:57:56 GMT

GET
H2 200 dinersclub.svg
app.staxpayments.com/src/svg/ 923 B
739 B 232ms
231ms Image
image/svg+xml 2606:4700::6812:11c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.staxpayments.com/src/svg/dinersclub.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:11c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91556aefe1bbbadb939c6f4bea1cb657a2b41505df99907b76bce8d2011f6d1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.staxpayments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:57:56 GMT
via: 1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: FRA56-P3
cf-ray: 703206c9ce1d9122-FRA
x-cache: RefreshHit from cloudfront
content-encoding: gzip
last-modified: Wed, 27 Apr 2022 15:52:24 GMT
server: cloudflare
etag: W/"7f68defeb426d82162ba4a82c6b687d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: CQyNcAm8.n1KjHwWd5lXGUJtbVjlZiVz
cache-control: public, max-age=7200
content-type: image/svg+xml
x-amz-cf-id: G5t2F7RJu_qpHxI0VAgZm7TiVk1uxkYw4Rc7dPduPg-oYsyOM0g5nQ==
expires: Thu, 28 Apr 2022 20:57:56 GMT

GET
H2 200 amex.svg
app.staxpayments.com/src/svg/ 1 KB
900 B 51ms
50ms Image
image/svg+xml 2606:4700::6812:11c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.staxpayments.com/src/svg/amex.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:11c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87d0d12263867f685889da9ac42f51866c2444d1b65f9f8be72b43051b43930e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.staxpayments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:57:56 GMT
via: 1.1 6c62711a616d17e4e2fe0b898df3c02a.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: TXL50-P4
cf-ray: 703206c9ce1f9122-FRA
x-cache: RefreshHit from cloudfront
content-encoding: gzip
last-modified: Wed, 27 Apr 2022 15:52:24 GMT
server: cloudflare
etag: W/"59fca2adbc66517a88555bc792989a64"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: MzbjuwZdG9RMGimaqRZ2hORtogz9keuM
cache-control: public, max-age=7200
content-type: image/svg+xml
x-amz-cf-id: BO1upCmesqSaOKbW76a6VszrgzNmGwpl_BAMowzBtGUtBhlQGu8W7w==
expires: Thu, 28 Apr 2022 20:57:56 GMT

GET
H2 200 discover.svg
app.staxpayments.com/src/svg/ 3 KB
1 KB 416ms
415ms Image
image/svg+xml 2606:4700::6812:11c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.staxpayments.com/src/svg/discover.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:11c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2ffe02790aec531d3313976bb889c9e06b5de6d15a4849adc767286825670f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.staxpayments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:57:57 GMT
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: FRA56-P3
cf-ray: 703206c9ce219122-FRA
x-cache: RefreshHit from cloudfront
content-encoding: gzip
last-modified: Wed, 27 Apr 2022 15:52:24 GMT
server: cloudflare
etag: W/"ccb0b2d2bdd6d47d0c7eaf54bafa9e4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: gtCrbE3qJqEOmkaUgWVJ17p.l3UQNbyz
cache-control: public, max-age=7200
content-type: image/svg+xml
x-amz-cf-id: ITdJPHvZmNt_sF8rJ_MMyMKTKRoIiXJqXFTZSElvlJ0cs9lo5dVi7w==
expires: Thu, 28 Apr 2022 20:57:57 GMT

GET
H2 200 mastercard.svg
app.staxpayments.com/src/svg/ 1 KB
730 B 52ms
51ms Image
image/svg+xml 2606:4700::6812:11c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.staxpayments.com/src/svg/mastercard.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:11c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27a25823004b291fd8f3fc02b1ec42bee2f8519fd3c360d6a1298e3e0334d7d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.staxpayments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:57:56 GMT
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: DUS51-P1
cf-ray: 703206c9ce229122-FRA
x-cache: Miss from cloudfront
content-encoding: gzip
last-modified: Mon, 25 Apr 2022 20:42:35 GMT
server: cloudflare
etag: W/"67576f35c66d491bbc98dd808d918ae0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: MBkzrgNX2xhNn4973XhzT9daz6a1cBgV
cache-control: public, max-age=7200
content-type: image/svg+xml
x-amz-cf-id: X-RkILrNYHjeEJbFr_Jbe51HdMCNEhJqf0R-FKLXCtTYxmbfM4XcQw==
expires: Thu, 28 Apr 2022 20:57:56 GMT

GET
H2 200 jcb.svg
app.staxpayments.com/src/svg/ 3 KB
2 KB 233ms
233ms Image
image/svg+xml 2606:4700::6812:11c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.staxpayments.com/src/svg/jcb.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:11c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21d4657d928a339f89b4d596ee5fcd54a29052dbe2b2d908c7ed025206edf02d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.staxpayments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:57:56 GMT
via: 1.1 d79861a030d3421826a919f9c2b00146.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: FRA56-P3
cf-ray: 703206c9ce259122-FRA
x-cache: RefreshHit from cloudfront
content-encoding: gzip
last-modified: Wed, 27 Apr 2022 15:52:24 GMT
server: cloudflare
etag: W/"3bf72174157c6b015b31e227e114a513"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 7GHpdZMt9brNatE1sR8fgBIvG3s3JbFe
cache-control: public, max-age=7200
content-type: image/svg+xml
x-amz-cf-id: Xvi-9seyjSd40wgWUI_8C8_Kq3UjECyQ2uFCGYt7rKI8Gn3t6RFaHw==
expires: Thu, 28 Apr 2022 20:57:56 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 39ms
18ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=675386505937741&ev=Microdata&dl=https%3A%2F%2Fapp.staxpayments.com%2F%23%2Fpay%2FPoparad-Advisors-30432325aab4&rl=&if=false&ts=1651172276764&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=2&o=30&fbp=fb.1.1651172274897.318733166&it=1651172274598&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.staxpayments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:57:56 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 28 Apr 2022 18:57:56 GMT

OPTIONS
H2 204 Poparad-Advisors-30432325aab4
fattquery.prod.fattpay.com/store/ Frame 0
0 569ms
183ms Preflight 34.209.158.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fattquery.prod.fattpay.com/store/Poparad-Advisors-30432325aab4?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.209.158.1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-209-158-1.us-west-2.compute.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://app.staxpayments.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Thu, 28 Apr 2022 18:57:57 GMT
x-powered-by: Express

GET
H2 200 Poparad-Advisors-30432325aab4 Show response
fattquery.prod.fattpay.com/store/ 985 B
1 KB 196ms
196ms XHR
application/json 34.209.158.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fattquery.prod.fattpay.com/store/Poparad-Advisors-30432325aab4?
Requested by: Host: app.staxpayments.com
URL: https://app.staxpayments.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.209.158.1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-209-158-1.us-west-2.compute.amazonaws.com
Software: / Express
Resource Hash: cd433f3c85cbf4475e17ad5a26ddcd327b5f3f8805abba241819ec9746c9d540

Request headers

Referer: https://app.staxpayments.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
CONTENT-TYPE: application/json

Response headers

access-control-allow-origin: *
date: Thu, 28 Apr 2022 18:57:57 GMT
x-powered-by: Express
etag: W/"3d9-cS3O5kVezwABWnQ5rrcbIsVx6YA"
content-length: 985
content-type: application/json; charset=utf-8

GET
H2 200 iframe-v1.min.js Show response
core.spreedly.com/iframe/ 43 KB
43 KB 92ms
21ms Script
application/javascript 151.101.130.182
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://core.spreedly.com/iframe/iframe-v1.min.js

Requested by

Host: staxjs.staxpayments.com
URL: https://staxjs.staxpayments.com/staxjs-captcha.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.182 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9626d3ef0fcec1288245b76593a50673afee3783d00cbc58d34a439b4909f964

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.staxpayments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 varnish
etag: "778b79f1b7047b795cf41756b1639d7e"
age: 3002
x-cache: HIT
content-length: 44008
x-amz-id-2: c5nZbWsaP32JwtYyhCvOCVcPbqF+iXx4A5Zt6nGrZDjVlT3otG6BE6JkZxfbkiEg1B5vs8okKvk=
x-served-by: cache-hhn4028-HHN
last-modified: Fri, 08 Apr 2022 14:02:21 GMT
server: AmazonS3
x-timer: S1651172277.130287,VS0,VE0
date: Thu, 28 Apr 2022 18:57:57 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: TM8F7QNN4THEYH07
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 79

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
1000 B 216ms
168ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LdIltYZAAAAAKAT4evOXcHVvrQ-DQXQVqxvLVlI

Requested by

Host: staxjs.staxpayments.com
URL: https://staxjs.staxpayments.com/staxjs-captcha.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5d194d7c79d5ddfbfd978a070f5287991d3b71df595068cc8a6fa37f4a6aa9c4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.staxpayments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:57:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 587
x-xss-protection: 1; mode=block
expires: Thu, 28 Apr 2022 18:57:57 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/ 363 KB
144 KB 66ms
20ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdIltYZAAAAAKAT4evOXcHVvrQ-DQXQVqxvLVlI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d516e4641028e8ff59509eb5609cdcb2b296b9aa23020468930226e37f3f4561

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.staxpayments.com/
Origin: https://app.staxpayments.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 17:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 263504
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 146779
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 04:02:19 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Apr 2023 17:46:13 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame D98E 41 KB
21 KB 89ms
46ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdIltYZAAAAAKAT4evOXcHVvrQ-DQXQVqxvLVlI&co=aHR0cHM6Ly9hcHAuc3RheHBheW1lbnRzLmNvbTo0NDM.&hl=de&v=2W_gRz39xX8G13fM-OdyQPlc&size=invisible&cb=xjk2f59fp46h

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

db2abb1e6c8dcda4810ab0f2e230707395149612565950860a45d473b517d1b4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mf/4ooivRngZbO+reieMMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.staxpayments.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 21809
content-security-policy: script-src 'report-sample' 'nonce-mf/4ooivRngZbO+reieMMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 28 Apr 2022 18:57:57 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 number-frame-1.75.html Show response
core.spreedly.com/v1/embedded/ Frame 8356 2 KB
2 KB 19ms
18ms Document
text/html 151.101.130.182
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://core.spreedly.com/v1/embedded/number-frame-1.75.html

Requested by

Host: core.spreedly.com
URL: https://core.spreedly.com/iframe/iframe-v1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.182 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

044a32349b90cd1e612926a1dbb24ed095252c9b27807f756e660d522f3eb670

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://app.staxpayments.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2984
content-length: 1944
content-type: text/html
date: Thu, 28 Apr 2022 18:57:57 GMT
etag: "1ad70c9a5b15499b95b9ac508cb06874"
last-modified: Fri, 08 Apr 2022 14:02:25 GMT
server: AmazonS3
strict-transport-security: max-age=31557600
via: 1.1 varnish
x-amz-id-2: e1q+hPw+UBybp8jk7rt/O5B72HTDLa33PTSF/vsvaKQ4ILzwukn/MHcclKMjQDtI/r5C0OB4A9M=
x-amz-request-id: CJCCEDMSTB7AWDPJ
x-amz-version-id: null
x-cache: HIT
x-cache-hits: 15
x-served-by: cache-hhn4028-HHN
x-timer: S1651172277.444705,VS0,VE0

GET
H2 200 cvv-frame-1.75.html Show response
core.spreedly.com/v1/embedded/ Frame D469 5 KB
5 KB 18ms
18ms Document
text/html 151.101.130.182
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://core.spreedly.com/v1/embedded/cvv-frame-1.75.html

Requested by

Host: core.spreedly.com
URL: https://core.spreedly.com/iframe/iframe-v1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.182 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2b0251ff07b0e92aa49b537f15300f0679c833a12dd9f8f7c8611a18346b76cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://app.staxpayments.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2984
content-length: 4613
content-type: text/html
date: Thu, 28 Apr 2022 18:57:57 GMT
etag: "7164b590a8630d05cf9c3efc9e46ea0c"
last-modified: Fri, 08 Apr 2022 14:02:24 GMT
server: AmazonS3
strict-transport-security: max-age=31557600
via: 1.1 varnish
x-amz-id-2: BuR+6H+guJJAKS29bH13KDTk/y0EsNyZ412JWUyHwit4d+oEZ7cPvXZsmBfaHLRZRya4eboCNDQ=
x-amz-request-id: CJCA59DQGR9T57Z8
x-amz-version-id: null
x-cache: HIT
x-cache-hits: 15
x-served-by: cache-hhn4028-HHN
x-timer: S1651172277.444937,VS0,VE0

GET
H2 200 number-frame-1.75.min.js Show response
core.spreedly.com/iframe/ Frame 8356 28 KB
29 KB 18ms
18ms Script
application/javascript 151.101.130.182
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://core.spreedly.com/iframe/number-frame-1.75.min.js?restricted=true

Requested by

Host: core.spreedly.com
URL: https://core.spreedly.com/v1/embedded/number-frame-1.75.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.182 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3e512bf8975d44b26f1aea86b0f1314eeca6f60b5111e24ca1ba309927623d5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://core.spreedly.com/v1/embedded/number-frame-1.75.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 varnish
etag: "cb9e8e77fc5d55017a57ed6a20c3011e"
age: 2984
x-cache: HIT
content-length: 29177
x-amz-id-2: wyRZcLvUCODxz9tfr7si4tGBxCgMKajQwUB5nwUBpRzwcoGkpTXDai1H0TcAdAAsDyo5e8Dqf4I=
x-served-by: cache-hhn4028-HHN
last-modified: Fri, 08 Apr 2022 14:02:22 GMT
server: AmazonS3
x-timer: S1651172277.476719,VS0,VE0
date: Thu, 28 Apr 2022 18:57:57 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: TQCF6Q85J40W5MQ2
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 15

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/ Frame D98E 51 KB
24 KB 58ms
19ms Stylesheet
text/css 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdIltYZAAAAAKAT4evOXcHVvrQ-DQXQVqxvLVlI&co=aHR0cHM6Ly9hcHAuc3RheHBheW1lbnRzLmNvbTo0NDM.&hl=de&v=2W_gRz39xX8G13fM-OdyQPlc&size=invisible&cb=xjk2f59fp46h

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 17:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 264545
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 04:02:19 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Apr 2023 17:28:52 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/ Frame D98E 363 KB
143 KB 66ms
27ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d516e4641028e8ff59509eb5609cdcb2b296b9aa23020468930226e37f3f4561

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 17:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 263504
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 146779
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 04:02:19 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Apr 2023 17:46:13 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame D98E 2 KB
2 KB 19ms
19ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 172689
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 03 May 2022 18:59:48 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D98E 15 KB
16 KB 68ms
20ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 179476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 26 Apr 2023 17:06:41 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D98E 15 KB
15 KB 73ms
25ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 14:17:54 GMT
x-content-type-options: nosniff
age: 189603
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 26 Apr 2023 14:17:54 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame D98E 102 B
134 B 30ms
29ms Other
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=2W_gRz39xX8G13fM-OdyQPlc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6a73b51a8588a606f360f33a9829565e622627877c1d127d5663a411026afd62

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdIltYZAAAAAKAT4evOXcHVvrQ-DQXQVqxvLVlI&co=aHR0cHM6Ly9hcHAuc3RheHBheW1lbnRzLmNvbTo0NDM.&hl=de&v=2W_gRz39xX8G13fM-OdyQPlc&size=invisible&cb=xjk2f59fp46h
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:57:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 28 Apr 2022 18:57:57 GMT

POST
H2 200 hdim Show response
globalsiteanalytics.com/service/ 2 KB
2 KB 238ms
187ms XHR
text/plain 107.154.251.104
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://globalsiteanalytics.com/service/hdim
Requested by: Host: app.staxpayments.com
URL: https://app.staxpayments.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.251.104 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.251.104.ip.incapdns.net
Software: /
Resource Hash: c15cc0a63f9635fec964997720805f7cfdafa86c7858b3ebd4c2a0de7df863be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.staxpayments.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: *
x-iinfo: 8-23466251-23408843 pNYN RT(1651172277614 20) q(0 0 0 0) r(2 2) U5
date: Thu, 28 Apr 2022 18:57:57 GMT
cache-control: no-cache, no-transform
x-cdn: Imperva
content-encoding: gzip
content-type: text/plain

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.staxpayments.com/	1970-01-20 02:39:34	Name: __cf_bm Value: JVkV2_ZThVB40v3cYp.7Un3XXOfsP.qoYxzPhaJ58SU-1651172274-0-AdhadrWe8euR+HtDr4xzr5uTkNQb/BTRrY5h+EXWHx/o1znzGB2oEmdOkkgVNKOA9PFS1nKnlAYXA08OYS02Geg=
			.staxpayments.com/	1970-01-20 04:49:08	Name: _fbp Value: fb.1.1651172274897.318733166

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://bam.nr-data.net/1/618426693748?a=680550961&sa=1&v=1118.0c07c19&t=Unnamed%20Transaction&rst=2112&ref=https://app.staxpayments.com/&be=1078&fe=2041&dc=2041&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1651172273653,%22n%22:0,%22f%22:460,%22dn%22:461,%22dne%22:489,%22c%22:489,%22s%22:508,%22ce%22:534,%22rq%22:534,%22rp%22:810,%22rpe%22:1073,%22dl%22:813,%22di%22:2040,%22ds%22:2041,%22de%22:2041,%22dc%22:2041,%22l%22:2041,%22le%22:2041%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://permissionprod.fattlabs.com/identity/ Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apiprod.fattlabs.com
app.staxpayments.com
bam.nr-data.net
connect.facebook.net
core.spreedly.com
dl.airtable.com
fattpaydocuments.s3.us-west-2.amazonaws.com
fattquery.prod.fattpay.com
fonts.gstatic.com
globalsiteanalytics.com
js-agent.newrelic.com
js.intercomcdn.com
paymnt.io
permissionprod.fattlabs.com
staxjs.staxpayments.com
widget.intercom.io
www.facebook.com
www.google.com
www.googletagmanager.com
www.gstatic.com
107.154.251.104
143.204.98.110
143.204.98.9
151.101.130.137
151.101.130.182
162.247.242.19
18.64.103.87
2606:4700::6812:11c7
2606:4700::6812:1c44
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:830::2003
2a00:1450:4001:831::2004
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
34.209.158.1
52.2.56.64
52.218.241.49
044a32349b90cd1e612926a1dbb24ed095252c9b27807f756e660d522f3eb670
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12cef16e3af56a1477c85b8c896f56456bff2f944de0621d9fd5d709adc852b1
17423a3e73f5d0b4ba94e12b6313c01db7735db9ae7c73a6eb6926fa162e8c0e
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1f28d9d469fb086189673669d2edaab66762451460a0ec654625fb2c147e6b48
21d4657d928a339f89b4d596ee5fcd54a29052dbe2b2d908c7ed025206edf02d
27a25823004b291fd8f3fc02b1ec42bee2f8519fd3c360d6a1298e3e0334d7d0
2b0251ff07b0e92aa49b537f15300f0679c833a12dd9f8f7c8611a18346b76cd
311423c54aa3f08e9241085fdcc7e062b931b1302832a7d4878913b9163f8ffc
3622d2041fd2390dd10eb9832096e4b89d1b925565650f004aea76adbd54f5f0
3df1cde706388f487d7a0e0150f2bad430f9d7fc98ef8865fde6c33ca5500f4c
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e512bf8975d44b26f1aea86b0f1314eeca6f60b5111e24ca1ba309927623d5f
48e91e4e94305ab125506638437a47c3b693b1b3093348aa451a70d95df65d30
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5d194d7c79d5ddfbfd978a070f5287991d3b71df595068cc8a6fa37f4a6aa9c4
60a68a9234bd4f86a15e2838d7983368a43756b48f8b6044389b7a8594a9fbe8
60dfd384e254c70c4245026111efdbbc0548c4f2458ca8b2e71c718b6e26f3d4
6a73b51a8588a606f360f33a9829565e622627877c1d127d5663a411026afd62
6dc9bfb7ddb6195eae2e7195e14c60d6ee0436a4b07e4de0b2052d44ac5edd6e
6e0b33899c4d12be993b750f98ef8b89b50154d0ea86b3d35f2ca01d84a2be1d
792bb08bf8d6b7389fff16167c376484ab2bee89db3cf17d239194f6ebf8fedd
7bdf2d6d46e641a0c03746f42712decb7547af00786702e5dd41efaf19f31af0
87d0d12263867f685889da9ac42f51866c2444d1b65f9f8be72b43051b43930e
91556aefe1bbbadb939c6f4bea1cb657a2b41505df99907b76bce8d2011f6d1e
957608f6263a236a3e6242dc4b29e2d8a4b9a858a01c14c799cc83714ca7ddc3
9626d3ef0fcec1288245b76593a50673afee3783d00cbc58d34a439b4909f964
9aa59ccbe94aee34f650196b0c772a86bb3992793bbb89fd17077f1dc23ef2af
a0faf58332e35852395151e9dd30b88e1412b56d1f22559714368b65dd455212
abf5103f6eebcd76bf61a39a57d91f22b0275f36596bcdcf90ffcf296a7a48e4
c15cc0a63f9635fec964997720805f7cfdafa86c7858b3ebd4c2a0de7df863be
c9cc991deb5d27f267830a19f2301eb164d9e61ec08669c1a1a291c5620ff40a
cd433f3c85cbf4475e17ad5a26ddcd327b5f3f8805abba241819ec9746c9d540
d516e4641028e8ff59509eb5609cdcb2b296b9aa23020468930226e37f3f4561
db2abb1e6c8dcda4810ab0f2e230707395149612565950860a45d473b517d1b4
e35252aa3dc2e84e9d7211586fee9aede2a426d3230c8b131881d985f16ff836
f2ffe02790aec531d3313976bb889c9e06b5de6d15a4849adc767286825670f7
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

app.staxpayments.com Open in urlscan Pro 2606:4700::6812:11c7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

45 Requests

98 %HTTPS

44 %IPv6

17 Domains

20 Subdomains

17 IPs

2 Countries

3106 kBTransfer

10343 kBSize

2 Cookies

2 Outgoing links

Page URL History

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

app.staxpayments.com Open in urlscan Pro
2606:4700::6812:11c7 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

98 %
HTTPS

44 %
IPv6

17
Domains

20
Subdomains

17
IPs

2
Countries

3106 kB
Transfer

10343 kB
Size

2
Cookies

45 HTTP transactions
1 data transactions