urlscan.io logo urlscan.io
SecurityTrails logo

payments.recostseg.com Open in urlscan Pro
2606:4700:20::681a:cdb  Public Scan

Go To Rescan Add Verdict Report
URL: https://payments.recostseg.com/
Submission: On October 26 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 7 HTTP transactions. The main IP is 2606:4700:20::681a:cdb, located in United States and belongs to CLOUDFLARENET, US. The main domain is payments.recostseg.com.
TLS certificate: Issued by WE1 on October 25th 2024. Valid for: 3 months.
This is the only time payments.recostseg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 151.101.128.176 54113 (FASTLY)
4 2a04:4e42:400... 54113 (FASTLY)
7 3
Apex Domain
Subdomains		 Transfer
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 311
200 KB
2 recostseg.com
payments.recostseg.com
9 KB
1 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1102
164 KB
7 3
Domain Requested by
4 cdn.jsdelivr.net payments.recostseg.com
cdn.jsdelivr.net
2 payments.recostseg.com
1 js.stripe.com payments.recostseg.com
7 3

This site contains no links.

Subject Issuer Validity Valid
payments.recostseg.com
WE1		 2024-10-25 -
2025-01-23		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-08-29 -
2024-12-05		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh

This page contains 1 frames:

Primary Page: https://payments.recostseg.com/
Frame ID: BE8CF981E9BA1C1D3BA6BAF964265A6E
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Pay Your Consultant

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

7
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

373 kB
Transfer

1239 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
payments.recostseg.com/ 		18 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://payments.recostseg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cdb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a96f5178ae04d84de904c197025a32e30b7c3fb372b9be380f005931fe14f307
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8d8a71f77f45a5fa-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 26 Oct 2024 12:28:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YepyCjxNBKudIak6S3Scv7ok%2BiTLdaHIzMYhtaanD%2F7Vb3%2B5PjGr9HTceqiPu2cxox9LHNF2E8WDzYTql%2B0XPq1lFuk08p0Wu6cUddyiRjHOYmR4khR%2BHqzNNjhFFTGqkljL0YAxx3nEUwWIK%2BP%2BxRoERb4c"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
/
js.stripe.com/v3/ 		674 KB
164 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: payments.recostseg.com
URL: https://payments.recostseg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
a01d64cba546d0228de556a783b75f0ea24c163b2ea1eed16c6b2a240171596d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://payments.recostseg.com/

Response headers

x-request-id
60d33bd0-5c8f-4935-9657-cfa6e7a6a27e
content-encoding
br
etag
"e09447163fe544079942a63abe237a24"
age
26
x-content-type-options
nosniff
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Sat, 26 Oct 2024 12:28:16 GMT
last-modified
Fri, 25 Oct 2024 20:38:54 GMT
content-type
text/javascript; charset=utf-8
x-served-by
cache-fra-etou8220061-FRA
x-cache-hits
6
vary
Accept-Encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
cache-control
max-age=60
timing-allow-origin
*
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
167023
server
Fastly
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha3/dist/css/ 		227 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha3/dist/css/bootstrap.min.css
Requested by
Host: payments.recostseg.com
URL: https://payments.recostseg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
16ee7f3d53462650bbd32e263c48c0ea759574fcf620c681ad719008912c461a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://payments.recostseg.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"38cf3-SvPX4VpqOAxsurukLprfMwtJ1Y8"
age
3156489
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Sat, 26 Oct 2024 12:28:16 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-etou8220022-FRA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
34794
x-jsd-version
5.3.0-alpha3
bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons/font/ 		96 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap-icons/font/bootstrap-icons.css
Requested by
Host: payments.recostseg.com
URL: https://payments.recostseg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4ffa6bea4304d2eda418683f56261685ed47bf00995039f27e5ad62d53938d2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://payments.recostseg.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"17fcf-nuSWzJuqrli5jn/B60bjV42vgUM"
age
26277
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Sat, 26 Oct 2024 12:28:16 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-etou8220022-FRA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
13601
x-jsd-version
1.11.3
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha3/dist/js/ 		79 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha3/dist/js/bootstrap.bundle.min.js
Requested by
Host: payments.recostseg.com
URL: https://payments.recostseg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ea8fe021a4ace4f6786fecc418f70b658fc2dc02d136e8fe5c6ab6b62a46d5d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://payments.recostseg.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"13ac2-jNeXExg3GrPRY3nfbPslSlxkn8o"
age
3210209
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Sat, 26 Oct 2024 12:28:16 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220022-FRA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
24750
x-jsd-version
5.3.0-alpha3
bootstrap-icons.woff2
cdn.jsdelivr.net/npm/bootstrap-icons/font/fonts/ 		127 KB
128 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap-icons/font/fonts/bootstrap-icons.woff2?dd67030699838ea613ee6dbda90effa6
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap-icons/font/bootstrap-icons.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
476adf42b40325098fcfa8b36ab3e769186bb4f6ce6a249753e2e1a9c22bf99e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://payments.recostseg.com
Referer
https://cdn.jsdelivr.net/npm/bootstrap-icons/font/bootstrap-icons.css

Response headers

access-control-expose-headers
*
etag
W/"1fd5c-Agw8b5KAoxXoQl1/kuFbzQzdobI"
age
39874
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Sat, 26 Oct 2024 12:28:16 GMT
content-type
font/woff2
x-served-by
cache-fra-eddf8230091-FRA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
130396
x-jsd-version
1.11.3
favicon.ico
payments.recostseg.com/ 		18 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://payments.recostseg.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cdb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a96f5178ae04d84de904c197025a32e30b7c3fb372b9be380f005931fe14f307
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://payments.recostseg.com/

Response headers

cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=phr9k58o%2FtDBVDYSLwH1qysxgN158hplnGeXJ4OFWZGJMR6E3uX1trXKcIhMqRDBiYLk2mAESY6nSDqXDglCc3s1iJQCETx%2BQ97tBxlo673%2BlF%2Fzao3M5S4THMORKlb89An2b4jkcha0rsLXr%2FTNLV9ir6W5"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d8a71fe8cbca5fa-FRA
access-control-allow-origin
*
date
Sat, 26 Oct 2024 12:28:17 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
cloudflare
last-modified
Sat, 26 Oct 2024 12:28:17 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| uidEvent object| bootstrap function| disableFormFields function| showSpinnerOnApplyButton function| getTokendata function| validateCoupon function| togglePaymentSelection function| loadStripesession object| webpackChunkStripeJSouter function| noop function| Stripe

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff