urlscan.io logo urlscan.io
SecurityTrails logo

payments.snapfinancial.com Open in urlscan Pro
64.40.114.158  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://payments.snapfinancial.com/
Effective URL: https://payments.snapfinancial.com/en/
Submission: On December 23 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 12 HTTP transactions. The main IP is 64.40.114.158, located in Vancouver, Canada and belongs to NETNATION, CA. The main domain is payments.snapfinancial.com.
TLS certificate: Issued by R3 on December 23rd 2020. Valid for: 3 months.
This is the only time payments.snapfinancial.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 64.40.114.158 14280 (NETNATION)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
12 5
Domain Requested by
8 payments.snapfinancial.com 1 redirects payments.snapfinancial.com
2 fonts.gstatic.com fonts.googleapis.com
1 ajax.googleapis.com payments.snapfinancial.com
1 fonts.googleapis.com payments.snapfinancial.com
0 www.google-analytics.com Failed payments.snapfinancial.com
12 5

This site contains links to these domains. Also see Links.

Domain
www.snapfinancial.com
Subject Issuer Validity Valid
payments.snapfinancial.com
R3		 2020-12-23 -
2021-03-23		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://payments.snapfinancial.com/en/
Frame ID: 5C185CD931E969194AD87BA6895B8246
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://payments.snapfinancial.com/ HTTP 302
    https://payments.snapfinancial.com/en/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
  • html /<input[^>]+name="__VIEWSTATE/i
Overall confidence: 100%
Detected patterns
  • html /<input[^>]+name="__VIEWSTATE/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
  • html /<input[^>]+name="__VIEWSTATE/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

12
Requests

92 %
HTTPS

75 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

195 kB
Transfer

286 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://payments.snapfinancial.com/ HTTP 302
    https://payments.snapfinancial.com/en/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
payments.snapfinancial.com/en/
Redirect Chain
  • https://payments.snapfinancial.com/
  • https://payments.snapfinancial.com/en/
13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://payments.snapfinancial.com/en/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.40.114.158 Vancouver, Canada, ASN14280 (NETNATION, CA),
Reverse DNS
64.40.114.158.van.ca.siteprotect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
e28db94cfb0199bab5fd0396966a1b0c9b46d55b8ba2f7dba24d3c4376fb4b51
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://ajax.googleapis.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src https://fonts.gstatic.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
payments.snapfinancial.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ASP.NET_SessionId=nto205tzwakl0dt00kmmtx3e
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
0
Vary
Accept-Encoding
Server
Microsoft-IIS/8.5
X-StackifyID
V1|5403c30f-a18c-4477-8727-45bdcbab3039|C58414|CD1|
X-AspNet-Version
4.0.30319
Referrer-Policy
no-referrer-when-downgrade
X-Frame-Options
SAMEORIGIN
X-Xss-Protection
1; mode=block
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self'; script-src 'self' https://ajax.googleapis.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src https://fonts.gstatic.com
Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Wed, 23 Dec 2020 07:25:21 GMT
Content-Length
4353

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Expires
0
Location
/en/
Server
Microsoft-IIS/8.5
X-StackifyID
V1|83cb080b-1603-4f3b-ab2e-e9abb4c1324f|C58414|CD1|
Set-Cookie
ASP.NET_SessionId=nto205tzwakl0dt00kmmtx3e; path=/; HttpOnly
X-AspNet-Version
4.0.30319
Referrer-Policy
no-referrer-when-downgrade
X-Frame-Options
SAMEORIGIN
X-Xss-Protection
1; mode=block
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self'; script-src 'self' https://ajax.googleapis.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src https://fonts.gstatic.com
Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Wed, 23 Dec 2020 07:25:21 GMT
Content-Length
121
css
fonts.googleapis.com/ 		2 KB
590 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Cabin+Condensed:400,700
Requested by
Host: payments.snapfinancial.com
URL: https://payments.snapfinancial.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
248d77ee0936d361f2bcce732d811ce496a9834ae185734e1b35e108a77b0fff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://payments.snapfinancial.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 23 Dec 2020 07:25:23 GMT
server
ESF
date
Wed, 23 Dec 2020 07:25:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 23 Dec 2020 07:25:23 GMT
snap.min.css
payments.snapfinancial.com/dist/ 		13 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payments.snapfinancial.com/dist/snap.min.css?v3
Requested by
Host: payments.snapfinancial.com
URL: https://payments.snapfinancial.com/en/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.40.114.158 Vancouver, Canada, ASN14280 (NETNATION, CA),
Reverse DNS
64.40.114.158.van.ca.siteprotect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
b2941c9ff2bab56c3134f29f5e979063416517d1c0ebe0abe73444bc69eae576
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://ajax.googleapis.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src https://fonts.gstatic.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://payments.snapfinancial.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' https://ajax.googleapis.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src https://fonts.gstatic.com
Content-Encoding
gzip
ETag
"4a4d31b5bb48d11:0"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Length
4180
X-Xss-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 06 Jan 2016 19:52:00 GMT
Server
Microsoft-IIS/8.5
X-Frame-Options
SAMEORIGIN
Date
Wed, 23 Dec 2020 07:25:21 GMT
Vary
Accept-Encoding
Content-Type
text/css
X-StackifyID
V1|e6020a44-886c-4665-a773-027dc52e7c18|C58414|CD1|
Cache-Control
public,max-age=2592000
Accept-Ranges
bytes
X-Content-Type-Options
nosniff
Expires
0
ScriptResource.axd
payments.snapfinancial.com/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments.snapfinancial.com/ScriptResource.axd?d=Rz9WDKdaXHeSD59UruD0D4q6tTVlqUkssZez2S9wphCNjtlbCXKoj642xv0zMMA0FkeUKDqutxOwitzb4gVrwCyrMzM4ckdF4ab6EGqNfQbE5wtoH2lNIyjn6v-uCkmbCqZENp576WXAInkKXFbK6FCXUqy9xo1DYqn_HYvjUyEp6MBf7Xj3Xyi2V1cognkI0
Requested by
Host: payments.snapfinancial.com
URL: https://payments.snapfinancial.com/en/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.40.114.158 Vancouver, Canada, ASN14280 (NETNATION, CA),
Reverse DNS
64.40.114.158.van.ca.siteprotect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
3747a78742d417ae1c8cc1399cf07ce8357bca2e425d55814a9bff4960db38d4
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://ajax.googleapis.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src https://fonts.gstatic.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://payments.snapfinancial.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' https://ajax.googleapis.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src https://fonts.gstatic.com
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-AspNet-Version
4.0.30319
Content-Length
7135
X-Xss-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 23 Dec 2020 07:25:22 GMT
Server
Microsoft-IIS/8.5
X-Frame-Options
SAMEORIGIN
Date
Wed, 23 Dec 2020 07:25:21 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/javascript
X-StackifyID
V1|9326c8b8-acd5-476b-9579-124138a1349b|C58414|CD1|
Cache-Control
public
Expires
Thu, 23 Dec 2021 07:25:22 GMT,0
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Requested by
Host: payments.snapfinancial.com
URL: https://payments.snapfinancial.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://payments.snapfinancial.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 22 Dec 2020 22:19:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32783
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33507
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Dec 2021 22:19:00 GMT
snap.min.js
payments.snapfinancial.com/dist/ 		513 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments.snapfinancial.com/dist/snap.min.js
Requested by
Host: payments.snapfinancial.com
URL: https://payments.snapfinancial.com/en/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.40.114.158 Vancouver, Canada, ASN14280 (NETNATION, CA),
Reverse DNS
64.40.114.158.van.ca.siteprotect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
86143db38072416fabeb01b47630dd709188d33b599ff6bf39350f45796c3086
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://ajax.googleapis.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src https://fonts.gstatic.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://payments.snapfinancial.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' https://ajax.googleapis.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src https://fonts.gstatic.com
Content-Encoding
gzip
ETag
"33e6a6e1fefd01:0"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Length
480
X-Xss-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Mon, 14 Sep 2015 17:07:48 GMT
Server
Microsoft-IIS/8.5
X-Frame-Options
SAMEORIGIN
Date
Wed, 23 Dec 2020 07:25:21 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
X-StackifyID
V1|84e5ef4e-9d72-41d6-9854-dc53223da598|C58414|CD1|
Cache-Control
public,max-age=2592000
Accept-Ranges
bytes
X-Content-Type-Options
nosniff
Expires
0
background.jpg
payments.snapfinancial.com/images/ 		113 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payments.snapfinancial.com/images/background.jpg
Requested by
Host: payments.snapfinancial.com
URL: https://payments.snapfinancial.com/dist/snap.min.css?v3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.40.114.158 Vancouver, Canada, ASN14280 (NETNATION, CA),
Reverse DNS
64.40.114.158.van.ca.siteprotect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
a5213469b483174e51d83cc8f9d848f1d2dc37df03829a309494fcef6093fe4d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://ajax.googleapis.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src https://fonts.gstatic.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://payments.snapfinancial.com/dist/snap.min.css?v3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' https://ajax.googleapis.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src https://fonts.gstatic.com
X-Content-Type-Options
nosniff
Content-Length
115986
X-Xss-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Mon, 14 Sep 2015 17:07:48 GMT
Server
Microsoft-IIS/8.5
X-Frame-Options
SAMEORIGIN
Date
Wed, 23 Dec 2020 07:25:21 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/jpeg
X-StackifyID
V1|060aacb5-97f9-4f08-8684-b69328b35ecc|C58414|CD1|
Cache-Control
public,max-age=2592000
ETag
"bacef0e1fefd01:0"
Accept-Ranges
bytes
Expires
0
bolt-corner.png
payments.snapfinancial.com/images/ 		806 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payments.snapfinancial.com/images/bolt-corner.png
Requested by
Host: payments.snapfinancial.com
URL: https://payments.snapfinancial.com/dist/snap.min.css?v3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.40.114.158 Vancouver, Canada, ASN14280 (NETNATION, CA),
Reverse DNS
64.40.114.158.van.ca.siteprotect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
29850919fe858d4b6bb0d46889a6cd0707fcde04c4c73dbd6061fb7f49230655
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://ajax.googleapis.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src https://fonts.gstatic.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://payments.snapfinancial.com/dist/snap.min.css?v3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' https://ajax.googleapis.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src https://fonts.gstatic.com
X-Content-Type-Options
nosniff
Content-Length
806
X-Xss-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Mon, 14 Sep 2015 17:07:48 GMT
Server
Microsoft-IIS/8.5
X-Frame-Options
SAMEORIGIN
Date
Wed, 23 Dec 2020 07:25:22 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
X-StackifyID
V1|b5dc8e11-c0ae-4db6-b592-8ecbf305aac0|C58414|CD1|
Cache-Control
public,max-age=2592000
ETag
"bacef0e1fefd01:0"
Accept-Ranges
bytes
Expires
0
nwpJtK6mNhBK2err_hqkYhHRqmwi3MfN61d42q54qA.woff2
fonts.gstatic.com/s/cabincondensed/v14/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cabincondensed/v14/nwpJtK6mNhBK2err_hqkYhHRqmwi3MfN61d42q54qA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin+Condensed:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb3714079e9a6c04861739f584b4ba4783205a14530840a2accfb685223665f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://payments.snapfinancial.com
Referer
https://fonts.googleapis.com/css?family=Cabin+Condensed:400,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Dec 2020 21:09:07 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Sep 2020 04:22:46 GMT
server
sffe
age
468976
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12468
x-xss-protection
0
expires
Fri, 17 Dec 2021 21:09:07 GMT
nwpMtK6mNhBK2err_hqkYhHRqmwqZ-LYxnV18A.woff2
fonts.gstatic.com/s/cabincondensed/v14/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cabincondensed/v14/nwpMtK6mNhBK2err_hqkYhHRqmwqZ-LYxnV18A.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin+Condensed:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d091d03f71c31e03f43d92f045fbc3e3d09a70da8c3739bac8aacd02321610bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://payments.snapfinancial.com
Referer
https://fonts.googleapis.com/css?family=Cabin+Condensed:400,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 18 Dec 2020 01:54:53 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Sep 2020 05:17:40 GMT
server
sffe
age
451830
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12740
x-xss-protection
0
expires
Sat, 18 Dec 2021 01:54:53 GMT
icon_screw-phillips-sprites.png
payments.snapfinancial.com/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payments.snapfinancial.com/images/icon_screw-phillips-sprites.png
Requested by
Host: payments.snapfinancial.com
URL: https://payments.snapfinancial.com/dist/snap.min.css?v3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.40.114.158 Vancouver, Canada, ASN14280 (NETNATION, CA),
Reverse DNS
64.40.114.158.van.ca.siteprotect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
cf7b288157573afcdc9ba3d6eaa24863a3349aa429ece406d81b5bcb680f8c43
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://ajax.googleapis.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src https://fonts.gstatic.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://payments.snapfinancial.com/dist/snap.min.css?v3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' https://ajax.googleapis.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src https://fonts.gstatic.com
X-Content-Type-Options
nosniff
Content-Length
1128
X-Xss-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Mon, 14 Sep 2015 17:07:48 GMT
Server
Microsoft-IIS/8.5
X-Frame-Options
SAMEORIGIN
Date
Wed, 23 Dec 2020 07:25:22 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
X-StackifyID
V1|c87e3fa8-3a08-47b7-b7d0-f8e40d249ca0|C58414|CD1|
Cache-Control
public,max-age=2592000
ETag
"bacef0e1fefd01:0"
Accept-Ranges
bytes
Expires
0
analytics.js
www.google-analytics.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google-analytics.com
URL
https://www.google-analytics.com/analytics.js

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| theForm function| __doPostBack function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY object| __pendingCallbacks number| __synchronousCallBackIndex boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes object| __disabledControlArray function| ValidatorUpdateDisplay function| ValidatorUpdateIsValid function| AllValidatorsValid function| ValidatorHookupControlID function| ValidatorHookupControl function| ValidatorHookupEvent function| ValidatorGetValue function| ValidatorGetValueRecursive function| Page_ClientValidate function| ValidatorCommonOnSubmit function| ValidatorEnable function| ValidatorOnChange function| ValidatedTextBoxOnKeyPress function| ValidatedControlOnBlur function| ValidatorValidate function| ValidatorSetFocus function| IsInVisibleContainer function| IsValidationGroupMatch function| ValidatorOnLoad function| ValidatorConvert function| ValidatorCompare function| CompareValidatorEvaluateIsValid function| CustomValidatorEvaluateIsValid function| RegularExpressionValidatorEvaluateIsValid function| ValidatorTrim function| RequiredFieldValidatorEvaluateIsValid function| RangeValidatorEvaluateIsValid function| ValidationSummaryOnSubmit string| Page_ValidationVer boolean| Page_IsValid boolean| Page_BlockSubmit object| Page_InvalidControlToBeFocused object| Page_TextTypes function| WebForm_OnSubmit object| Page_Validators object| cph_main_rfv_firstName object| cph_main_rfv_postalCode object| cph_main_rev_postalCode object| cph_main_rfv_referenceNumber object| cph_main_rfv_lastName object| cph_main_rfv_phone_number object| cph_main_rev_phone_number boolean| Page_ValidationActive function| ValidatorOnSubmit function| $ function| jQuery function| BackgroundSizing function| Resize string| GoogleAnalyticsObject function| ga object| jQuery111302890012619245472

1 Cookies

Domain/Path Name / Value
payments.snapfinancial.com/ Name: ASP.NET_SessionId
Value: nto205tzwakl0dt00kmmtx3e

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; script-src 'self' https://ajax.googleapis.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src https://fonts.gstatic.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block