www-staging.barclays-payments-demo.co.uk Open in urlscan Pro
2606:4700:3032::6818:7e05 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www-staging.barclays-payments-demo.co.uk/
Effective URL:
https://www-staging.barclays-payments-demo.co.uk/
Submission Tags: phishing spamreports malicious Search All
Submission: On February 20 via api (February 20th 2020, 6:17:12 pm UTC) from BG

Summary HTTP 37 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 37 HTTP transactions. The main IP is 2606:4700:3032::6818:7e05, located in United States and belongs to CLOUDFLARENET, US. The main domain is www-staging.barclays-payments-demo.co.uk.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on October 2nd 2019. Valid for: a year.

This is the only time www-staging.barclays-payments-demo.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 24	2606:4700:303... 2606:4700:3032::6818:7e05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE)
1 3	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	104.18.71.113 104.18.71.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.16.54.111 104.16.54.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
37	6

24 2606:4700:3032::6818:7e05 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www-staging.barclays-payments-demo.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.70.113 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

assets.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.71.113 (United States)

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.54.111 (United States)

ASN13335 (CLOUDFLARENET, US)

isracard-global.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	barclays-payments-demo.co.uk 1 redirects www-staging.barclays-payments-demo.co.uk	360 KB
10	zdassets.com static.zdassets.com ekr.zdassets.com	472 KB
4	zendesk.com 1 redirects assets.zendesk.com isracard-global.zendesk.com	2 KB
1	googleapis.com fonts.googleapis.com	562 B
37	4

	Domain	Requested by
24	www-staging.barclays-payments-demo.co.uk	1 redirects www-staging.barclays-payments-demo.co.uk
8	static.zdassets.com	www-staging.barclays-payments-demo.co.uk static.zdassets.com
3	isracard-global.zendesk.com	static.zdassets.com
2	ekr.zdassets.com	static.zdassets.com
1	assets.zendesk.com	1 redirects
1	fonts.googleapis.com	www-staging.barclays-payments-demo.co.uk
37	6

This site contains links to these domains. Also see Links.

Domain
ng.paymeservice.com
www1.isracard.co.il
digital.isracard.co.il

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-10-02` - `2020-10-01`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.zdassets.com Sectigo RSA Domain Validation Secure Server CA	`2019-06-25` - `2021-05-31`	2 years	crt.sh
isracard-global.zendesk.com CloudFlare Inc ECC CA-2	`2019-08-14` - `2020-08-13`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www-staging.barclays-payments-demo.co.uk/
Frame ID: 3B3599D1AE86B258226E1599C712EFEE
Requests: 30 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/runtime.88b5327cb572f4153c2d.js
Frame ID: A635CEE5027FD3DF425606A9CDA8CDA8
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www-staging.barclays-payments-demo.co.uk/ HTTP 301
https://www-staging.barclays-payments-demo.co.uk/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

37
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

6
Subdomains

6
IPs

2
Countries

833 kB
Transfer

3139 kB
Size

1
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://ng.paymeservice.com/misc/privacy/payme_terms_conditions_2016_07.pdf
Title: Terms and Conditions

Search URL Search Domain Scan URL

URL: https://www1.isracard.co.il/start/legal/TakanonTerms
Title: Barclays Website Terms

Search URL Search Domain Scan URL

URL: https://www1.isracard.co.il/Takanon55?_ga=2.197452909.314600168.1494753429-944026021.1484132681
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://digital.isracard.co.il/pages/legal/ApproachableService
Title: Accessibility Statement

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www-staging.barclays-payments-demo.co.uk/ HTTP 301
https://www-staging.barclays-payments-demo.co.uk/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://assets.zendesk.com/embeddable_framework/main.js HTTP 301
https://static.zdassets.com/ekr/asset_composer.js

37 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www-staging.barclays-payments-demo.co.uk/
Redirect Chain

http://www-staging.barclays-payments-demo.co.uk/
https://www-staging.barclays-payments-demo.co.uk/

48 KB
26 KB

263ms
242ms

Document
text/html

2606:4700:3032::6818:7e05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www-staging.barclays-payments-demo.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6818:7e05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f266911f7b5e5a2659907f40a00b6fda197ab89924edaea5a5f1c1456f9c04e6

Request headers

:method: GET
:authority: www-staging.barclays-payments-demo.co.uk
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Thu, 20 Feb 2020 18:16:56 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=dd59432a610570aa7391af9c5bbf0db231582222616; expires=Sat, 21-Mar-20 18:16:56 GMT; path=/; domain=.barclays-payments-demo.co.uk; HttpOnly; SameSite=Lax; Secure
x-powered-by: Express
vary: Origin
x-app-version: 2.43.1
via: 1.1 vegur
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 568279768b98d6dd-FRA
content-encoding: br

Redirect headers

Date: Thu, 20 Feb 2020 18:16:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 20 Feb 2020 19:16:56 GMT
Location: https://www-staging.barclays-payments-demo.co.uk/
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 568279762c5964c1-FRA

GET
H2 200 css
fonts.googleapis.com/ 2 KB
562 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700

Requested by

Host: www-staging.barclays-payments-demo.co.uk
URL: https://www-staging.barclays-payments-demo.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f7d6b1c8e88874fb2696fc3128ea91fc6f47915466ea9f566ab2c39fcebffbd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www-staging.barclays-payments-demo.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Feb 2020 18:16:56 GMT
server: ESF
date: Thu, 20 Feb 2020 18:16:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Feb 2020 18:16:56 GMT

GET
H2 200 normalize.css
www-staging.barclays-payments-demo.co.uk/css/ 8 KB
3 KB 69ms
68ms Stylesheet
text/css 2606:4700:3032::6818:7e05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-staging.barclays-payments-demo.co.uk/css/normalize.css?v=1.3

Requested by

Host: www-staging.barclays-payments-demo.co.uk
URL: https://www-staging.barclays-payments-demo.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6818:7e05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PayMe LTD

Resource Hash

2bd84c0ac81115d30eb9fd610591701d8ee66149fc795ca60fca19073d975deb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www-staging.barclays-payments-demo.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 20 Feb 2020 18:16:56 GMT
via: 1.1 vegur
vary: Origin, Accept-Encoding
cf-cache-status: MISS
x-powered-by: PayMe LTD
content-security-policy-report-only: report-uri /api/app-info/csp-report; default-src 'self'; img-src 'self' data: https://*.paymeservice.com https://fast.chmln-cdn.com; script-src 'self' 'unsafe-inline' https://*.paymeservice.com https://*.google.com https://www.gstatic.com static.apiary.io api.apiary.io assets.zendesk.com https://*.zopim.com wss://*.zopim.com https://static.zdassets.com https://*.user1st.info/ https://*.sessionstack.com https://fast.chmln-cdn.com https://*.trychameleon.com; connect-src 'self' https://*.paymeservice.com https://apis.google.com https://static.zdassets.com https://ekr.zdassets.com wss://*.zendesk.com https://isracard-global.zendesk.com ws://admin-staging.payme.co.il https://admin-staging.payme.co.il https://payme-store-staging-alpha.herokuapp.com https://*.sessionstack.com https://fecdn.user1st.info https://fast.chmln-cdn.com https://observe.trychameleon.com https://edit.trychameleon.com; frame-src 'self' jsapi.apiary.io https://*.paymeservice.com https://*.google.com https://dev.paymeservice.com https://preprod.paymeservice.com https://*.user1st.info/ https://app.wellybox.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com
status: 200
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block
x-app-version: 2.43.1
last-modified: Thu, 31 May 2018 05:50:48 GMT
server: cloudflare
etag: W/"1e98-163b4bfa2c0"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/css; charset=UTF-8
content-encoding: br
cache-control: public, max-age=14400
cf-ray: 568279783916d6dd-FRA
x-content-type-options: nosniff

GET
H2 200 main.css
www-staging.barclays-payments-demo.co.uk/css/ 243 KB
159 KB 115ms
114ms Stylesheet
text/css 2606:4700:3032::6818:7e05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-staging.barclays-payments-demo.co.uk/css/main.css?v=1.3

Requested by

Host: www-staging.barclays-payments-demo.co.uk
URL: https://www-staging.barclays-payments-demo.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6818:7e05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PayMe LTD

Resource Hash

2b2b26f43738ce3924d945f05e43f5f5cf58ac708e3a7c3f2aa6b77e3a3802d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www-staging.barclays-payments-demo.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 20 Feb 2020 18:16:56 GMT
via: 1.1 vegur
vary: Origin, Accept-Encoding
cf-cache-status: MISS
x-powered-by: PayMe LTD
content-security-policy-report-only: report-uri /api/app-info/csp-report; default-src 'self'; img-src 'self' data: https://*.paymeservice.com https://fast.chmln-cdn.com; script-src 'self' 'unsafe-inline' https://*.paymeservice.com https://*.google.com https://www.gstatic.com static.apiary.io api.apiary.io assets.zendesk.com https://*.zopim.com wss://*.zopim.com https://static.zdassets.com https://*.user1st.info/ https://*.sessionstack.com https://fast.chmln-cdn.com https://*.trychameleon.com; connect-src 'self' https://*.paymeservice.com https://apis.google.com https://static.zdassets.com https://ekr.zdassets.com wss://*.zendesk.com https://isracard-global.zendesk.com ws://admin-staging.payme.co.il https://admin-staging.payme.co.il https://payme-store-staging-alpha.herokuapp.com https://*.sessionstack.com https://fecdn.user1st.info https://fast.chmln-cdn.com https://observe.trychameleon.com https://edit.trychameleon.com; frame-src 'self' jsapi.apiary.io https://*.paymeservice.com https://*.google.com https://dev.paymeservice.com https://preprod.paymeservice.com https://*.user1st.info/ https://app.wellybox.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com
status: 200
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block
x-app-version: 2.43.1
last-modified: Thu, 31 May 2018 05:50:48 GMT
server: cloudflare
etag: W/"3cb2b-163b4bfa2c0"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/css; charset=UTF-8
content-encoding: br
cache-control: public, max-age=14400
cf-ray: 568279783918d6dd-FRA
x-content-type-options: nosniff

GET
H2 200 flags.css
www-staging.barclays-payments-demo.co.uk/css/vendor/flags/ 44 KB
2 KB 146ms
145ms Stylesheet
text/css 2606:4700:3032::6818:7e05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-staging.barclays-payments-demo.co.uk/css/vendor/flags/flags.css

Requested by

Host: www-staging.barclays-payments-demo.co.uk
URL: https://www-staging.barclays-payments-demo.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6818:7e05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PayMe LTD

Resource Hash

e091b272d76f204664621467366cc03c2b6a5f1683817f12a7d3995b9eaa47b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www-staging.barclays-payments-demo.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 20 Feb 2020 18:16:56 GMT
via: 1.1 vegur
vary: Origin, Accept-Encoding
cf-cache-status: EXPIRED
x-powered-by: PayMe LTD
content-security-policy-report-only: report-uri /api/app-info/csp-report; default-src 'self'; img-src 'self' data: https://*.paymeservice.com https://fast.chmln-cdn.com; script-src 'self' 'unsafe-inline' https://*.paymeservice.com https://*.google.com https://www.gstatic.com static.apiary.io api.apiary.io assets.zendesk.com https://*.zopim.com wss://*.zopim.com https://static.zdassets.com https://*.user1st.info/ https://*.sessionstack.com https://fast.chmln-cdn.com https://*.trychameleon.com; connect-src 'self' https://*.paymeservice.com https://apis.google.com https://static.zdassets.com https://ekr.zdassets.com wss://*.zendesk.com https://isracard-global.zendesk.com ws://admin-staging.payme.co.il https://admin-staging.payme.co.il https://payme-store-staging-alpha.herokuapp.com https://*.sessionstack.com https://fecdn.user1st.info https://fast.chmln-cdn.com https://observe.trychameleon.com https://edit.trychameleon.com; frame-src 'self' jsapi.apiary.io https://*.paymeservice.com https://*.google.com https://dev.paymeservice.com https://preprod.paymeservice.com https://*.user1st.info/ https://app.wellybox.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com
status: 200
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block
x-app-version: 2.43.1
last-modified: Thu, 31 May 2018 05:50:48 GMT
server: cloudflare
etag: W/"b112-163b4bfa2c0"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/css; charset=UTF-8
content-encoding: br
cache-control: public, max-age=14400
cf-ray: 568279783919d6dd-FRA
x-content-type-options: nosniff

GET
H2 200 elephant-landing.css
www-staging.barclays-payments-demo.co.uk/css/ 289 KB
37 KB 136ms
135ms Stylesheet
text/css 2606:4700:3032::6818:7e05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-staging.barclays-payments-demo.co.uk/css/elephant-landing.css

Requested by

Host: www-staging.barclays-payments-demo.co.uk
URL: https://www-staging.barclays-payments-demo.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6818:7e05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PayMe LTD

Resource Hash

92421fc5231ab6968e2f23d27c5a88b628094164ad7f48c7c11caae295b85185

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www-staging.barclays-payments-demo.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 20 Feb 2020 18:16:56 GMT
via: 1.1 vegur
vary: Origin, Accept-Encoding
cf-cache-status: EXPIRED
x-powered-by: PayMe LTD
content-security-policy-report-only: report-uri /api/app-info/csp-report; default-src 'self'; img-src 'self' data: https://*.paymeservice.com https://fast.chmln-cdn.com; script-src 'self' 'unsafe-inline' https://*.paymeservice.com https://*.google.com https://www.gstatic.com static.apiary.io api.apiary.io assets.zendesk.com https://*.zopim.com wss://*.zopim.com https://static.zdassets.com https://*.user1st.info/ https://*.sessionstack.com https://fast.chmln-cdn.com https://*.trychameleon.com; connect-src 'self' https://*.paymeservice.com https://apis.google.com https://static.zdassets.com https://ekr.zdassets.com wss://*.zendesk.com https://isracard-global.zendesk.com ws://admin-staging.payme.co.il https://admin-staging.payme.co.il https://payme-store-staging-alpha.herokuapp.com https://*.sessionstack.com https://fecdn.user1st.info https://fast.chmln-cdn.com https://observe.trychameleon.com https://edit.trychameleon.com; frame-src 'self' jsapi.apiary.io https://*.paymeservice.com https://*.google.com https://dev.paymeservice.com https://preprod.paymeservice.com https://*.user1st.info/ https://app.wellybox.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com
status: 200
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block
x-app-version: 2.43.1
last-modified: Thu, 31 May 2018 05:50:48 GMT
server: cloudflare
etag: W/"4853e-163b4bfa2c0"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/css; charset=UTF-8
content-encoding: br
cache-control: public, max-age=14400
cf-ray: 56827978391bd6dd-FRA
x-content-type-options: nosniff

GET
H2 200 email-decode.min.js Show response
www-staging.barclays-payments-demo.co.uk/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
845 B 10ms
8ms Script
application/javascript 2606:4700:3032::6818:7e05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-staging.barclays-payments-demo.co.uk/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www-staging.barclays-payments-demo.co.uk
URL: https://www-staging.barclays-payments-demo.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6818:7e05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www-staging.barclays-payments-demo.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 18:16:56 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 19 Feb 2020 10:15:58 GMT
server: cloudflare
etag: W/"5e4d0ade-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
cf-ray: 568279783927d6dd-FRA
expires: Sat, 22 Feb 2020 18:16:56 GMT

GET
H2 200 jquery.min.js Show response
www-staging.barclays-payments-demo.co.uk/js/ 85 KB
29 KB 153ms
151ms Script
application/javascript 2606:4700:3032::6818:7e05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-staging.barclays-payments-demo.co.uk/js/jquery.min.js

Requested by

Host: www-staging.barclays-payments-demo.co.uk
URL: https://www-staging.barclays-payments-demo.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6818:7e05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PayMe LTD

Resource Hash

1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www-staging.barclays-payments-demo.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 18:16:56 GMT
via: 1.1 vegur
vary: Origin, Accept-Encoding
cf-cache-status: EXPIRED
x-powered-by: PayMe LTD
content-security-policy-report-only: report-uri /api/app-info/csp-report; default-src 'self'; img-src 'self' data: https://*.paymeservice.com https://fast.chmln-cdn.com; script-src 'self' 'unsafe-inline' https://*.paymeservice.com https://*.google.com https://www.gstatic.com static.apiary.io api.apiary.io assets.zendesk.com https://*.zopim.com wss://*.zopim.com https://static.zdassets.com https://*.user1st.info/ https://*.sessionstack.com https://fast.chmln-cdn.com https://*.trychameleon.com; connect-src 'self' https://*.paymeservice.com https://apis.google.com https://static.zdassets.com https://ekr.zdassets.com wss://*.zendesk.com https://isracard-global.zendesk.com ws://admin-staging.payme.co.il https://admin-staging.payme.co.il https://payme-store-staging-alpha.herokuapp.com https://*.sessionstack.com https://fecdn.user1st.info https://fast.chmln-cdn.com https://observe.trychameleon.com https://edit.trychameleon.com; frame-src 'self' jsapi.apiary.io https://*.paymeservice.com https://*.google.com https://dev.paymeservice.com https://preprod.paymeservice.com https://*.user1st.info/ https://app.wellybox.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com
status: 200
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block
x-app-version: 2.43.1
last-modified: Thu, 31 May 2018 05:50:49 GMT
server: cloudflare
etag: W/"152b9-163b4bfa6a8"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
content-encoding: br
cache-control: public, max-age=14400
cf-ray: 568279783929d6dd-FRA
x-content-type-options: nosniff

GET
H2 200 plugins.min.js Show response
www-staging.barclays-payments-demo.co.uk/js/ 15 KB
4 KB 116ms
114ms Script
application/javascript 2606:4700:3032::6818:7e05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-staging.barclays-payments-demo.co.uk/js/plugins.min.js

Requested by

Host: www-staging.barclays-payments-demo.co.uk
URL: https://www-staging.barclays-payments-demo.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6818:7e05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PayMe LTD

Resource Hash

0605d1c8a108208cc7003062b4b668a43ef9e8f927f23b08713552219f91c0b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www-staging.barclays-payments-demo.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 18:16:56 GMT
via: 1.1 vegur
vary: Origin, Accept-Encoding
cf-cache-status: EXPIRED
x-powered-by: PayMe LTD
content-security-policy-report-only: report-uri /api/app-info/csp-report; default-src 'self'; img-src 'self' data: https://*.paymeservice.com https://fast.chmln-cdn.com; script-src 'self' 'unsafe-inline' https://*.paymeservice.com https://*.google.com https://www.gstatic.com static.apiary.io api.apiary.io assets.zendesk.com https://*.zopim.com wss://*.zopim.com https://static.zdassets.com https://*.user1st.info/ https://*.sessionstack.com https://fast.chmln-cdn.com https://*.trychameleon.com; connect-src 'self' https://*.paymeservice.com https://apis.google.com https://static.zdassets.com https://ekr.zdassets.com wss://*.zendesk.com https://isracard-global.zendesk.com ws://admin-staging.payme.co.il https://admin-staging.payme.co.il https://payme-store-staging-alpha.herokuapp.com https://*.sessionstack.com https://fecdn.user1st.info https://fast.chmln-cdn.com https://observe.trychameleon.com https://edit.trychameleon.com; frame-src 'self' jsapi.apiary.io https://*.paymeservice.com https://*.google.com https://dev.paymeservice.com https://preprod.paymeservice.com https://*.user1st.info/ https://app.wellybox.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com
status: 200
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block
x-app-version: 2.43.1
last-modified: Thu, 31 May 2018 05:50:49 GMT
server: cloudflare
etag: W/"3b29-163b4bfa6a8"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
content-encoding: br
cache-control: public, max-age=14400
cf-ray: 56827978392ad6dd-FRA
x-content-type-options: nosniff

GET
H2 200 main.js Show response
www-staging.barclays-payments-demo.co.uk/js/ 2 KB
1012 B 81ms
80ms Script
application/javascript 2606:4700:3032::6818:7e05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-staging.barclays-payments-demo.co.uk/js/main.js

Requested by

Host: www-staging.barclays-payments-demo.co.uk
URL: https://www-staging.barclays-payments-demo.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6818:7e05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PayMe LTD

Resource Hash

b82fe4b32752c09408e016d688058537bd04536137c37855da77c5df6e82265e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www-staging.barclays-payments-demo.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 18:16:56 GMT
via: 1.1 vegur
vary: Origin, Accept-Encoding
cf-cache-status: EXPIRED
x-powered-by: PayMe LTD
content-security-policy-report-only: report-uri /api/app-info/csp-report; default-src 'self'; img-src 'self' data: https://*.paymeservice.com https://fast.chmln-cdn.com; script-src 'self' 'unsafe-inline' https://*.paymeservice.com https://*.google.com https://www.gstatic.com static.apiary.io api.apiary.io assets.zendesk.com https://*.zopim.com wss://*.zopim.com https://static.zdassets.com https://*.user1st.info/ https://*.sessionstack.com https://fast.chmln-cdn.com https://*.trychameleon.com; connect-src 'self' https://*.paymeservice.com https://apis.google.com https://static.zdassets.com https://ekr.zdassets.com wss://*.zendesk.com https://isracard-global.zendesk.com ws://admin-staging.payme.co.il https://admin-staging.payme.co.il https://payme-store-staging-alpha.herokuapp.com https://*.sessionstack.com https://fecdn.user1st.info https://fast.chmln-cdn.com https://observe.trychameleon.com https://edit.trychameleon.com; frame-src 'self' jsapi.apiary.io https://*.paymeservice.com https://*.google.com https://dev.paymeservice.com https://preprod.paymeservice.com https://*.user1st.info/ https://app.wellybox.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com
status: 200
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block
x-app-version: 2.43.1
last-modified: Thu, 31 May 2018 05:50:49 GMT
server: cloudflare
etag: W/"9b4-163b4bfa6a8"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
content-encoding: br
cache-control: public, max-age=14400
cf-ray: 56827978392cd6dd-FRA
x-content-type-options: nosniff

GET
H2 200 localforage.nopromises.min.js Show response
www-staging.barclays-payments-demo.co.uk/js/ 25 KB
7 KB 110ms
109ms Script
application/javascript 2606:4700:3032::6818:7e05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-staging.barclays-payments-demo.co.uk/js/localforage.nopromises.min.js

Requested by

Host: www-staging.barclays-payments-demo.co.uk
URL: https://www-staging.barclays-payments-demo.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6818:7e05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PayMe LTD

Resource Hash

67fe31738cbfb72fffc7e1093d387e7b5317a75615bf6a0cde5c3f2b1985f3cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www-staging.barclays-payments-demo.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 18:16:56 GMT
via: 1.1 vegur
vary: Origin, Accept-Encoding
cf-cache-status: EXPIRED
x-powered-by: PayMe LTD
content-security-policy-report-only: report-uri /api/app-info/csp-report; default-src 'self'; img-src 'self' data: https://*.paymeservice.com https://fast.chmln-cdn.com; script-src 'self' 'unsafe-inline' https://*.paymeservice.com https://*.google.com https://www.gstatic.com static.apiary.io api.apiary.io assets.zendesk.com https://*.zopim.com wss://*.zopim.com https://static.zdassets.com https://*.user1st.info/ https://*.sessionstack.com https://fast.chmln-cdn.com https://*.trychameleon.com; connect-src 'self' https://*.paymeservice.com https://apis.google.com https://static.zdassets.com https://ekr.zdassets.com wss://*.zendesk.com https://isracard-global.zendesk.com ws://admin-staging.payme.co.il https://admin-staging.payme.co.il https://payme-store-staging-alpha.herokuapp.com https://*.sessionstack.com https://fecdn.user1st.info https://fast.chmln-cdn.com https://observe.trychameleon.com https://edit.trychameleon.com; frame-src 'self' jsapi.apiary.io https://*.paymeservice.com https://*.google.com https://dev.paymeservice.com https://preprod.paymeservice.com https://*.user1st.info/ https://app.wellybox.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com
status: 200
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block
x-app-version: 2.43.1
last-modified: Thu, 31 May 2018 05:50:49 GMT
server: cloudflare
etag: W/"63bc-163b4bfa6a8"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
content-encoding: br
cache-control: public, max-age=14400
cf-ray: 56827978392dd6dd-FRA
x-content-type-options: nosniff

GET
H2 200 languages.js Show response
www-staging.barclays-payments-demo.co.uk/js/ 7 KB
2 KB 88ms
87ms Script
application/javascript 2606:4700:3032::6818:7e05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-staging.barclays-payments-demo.co.uk/js/languages.js

Requested by

Host: www-staging.barclays-payments-demo.co.uk
URL: https://www-staging.barclays-payments-demo.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6818:7e05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PayMe LTD

Resource Hash

e1febf2b0d038e41b2df34fa7e1e548d47d908286427d8d2b76c1bb218677f41

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www-staging.barclays-payments-demo.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 18:16:56 GMT
via: 1.1 vegur
vary: Origin, Accept-Encoding
cf-cache-status: EXPIRED
x-powered-by: PayMe LTD
content-security-policy-report-only: report-uri /api/app-info/csp-report; default-src 'self'; img-src 'self' data: https://*.paymeservice.com https://fast.chmln-cdn.com; script-src 'self' 'unsafe-inline' https://*.paymeservice.com https://*.google.com https://www.gstatic.com static.apiary.io api.apiary.io assets.zendesk.com https://*.zopim.com wss://*.zopim.com https://static.zdassets.com https://*.user1st.info/ https://*.sessionstack.com https://fast.chmln-cdn.com https://*.trychameleon.com; connect-src 'self' https://*.paymeservice.com https://apis.google.com https://static.zdassets.com https://ekr.zdassets.com wss://*.zendesk.com https://isracard-global.zendesk.com ws://admin-staging.payme.co.il https://admin-staging.payme.co.il https://payme-store-staging-alpha.herokuapp.com https://*.sessionstack.com https://fecdn.user1st.info https://fast.chmln-cdn.com https://observe.trychameleon.com https://edit.trychameleon.com; frame-src 'self' jsapi.apiary.io https://*.paymeservice.com https://*.google.com https://dev.paymeservice.com https://preprod.paymeservice.com https://*.user1st.info/ https://app.wellybox.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com
status: 200
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block
x-app-version: 2.43.1
last-modified: Mon, 25 Nov 2019 09:55:24 GMT
server: cloudflare
etag: W/"1bcf-16ea1fcb6e0"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
content-encoding: br
cache-control: public, max-age=14400
cf-ray: 56827978392ed6dd-FRA
x-content-type-options: nosniff

GET
H2 200 zendesk.js Show response
www-staging.barclays-payments-demo.co.uk/ 1 KB
680 B 90ms
88ms Script
application/javascript 2606:4700:3032::6818:7e05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-staging.barclays-payments-demo.co.uk/zendesk.js

Requested by

Host: www-staging.barclays-payments-demo.co.uk
URL: https://www-staging.barclays-payments-demo.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6818:7e05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PayMe LTD

Resource Hash

7b9d3b816e1e02bb02c5749d4cdbaadd2669e3f912f15e4ff6286b4e826ffabd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www-staging.barclays-payments-demo.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 18:16:56 GMT
via: 1.1 vegur
vary: Origin, Accept-Encoding
cf-cache-status: EXPIRED
x-powered-by: PayMe LTD
content-security-policy-report-only: report-uri /api/app-info/csp-report; default-src 'self'; img-src 'self' data: https://*.paymeservice.com https://fast.chmln-cdn.com; script-src 'self' 'unsafe-inline' https://*.paymeservice.com https://*.google.com https://www.gstatic.com static.apiary.io api.apiary.io assets.zendesk.com https://*.zopim.com wss://*.zopim.com https://static.zdassets.com https://*.user1st.info/ https://*.sessionstack.com https://fast.chmln-cdn.com https://*.trychameleon.com; connect-src 'self' https://*.paymeservice.com https://apis.google.com https://static.zdassets.com https://ekr.zdassets.com wss://*.zendesk.com https://isracard-global.zendesk.com ws://admin-staging.payme.co.il https://admin-staging.payme.co.il https://payme-store-staging-alpha.herokuapp.com https://*.sessionstack.com https://fecdn.user1st.info https://fast.chmln-cdn.com https://observe.trychameleon.com https://edit.trychameleon.com; frame-src 'self' jsapi.apiary.io https://*.paymeservice.com https://*.google.com https://dev.paymeservice.com https://preprod.paymeservice.com https://*.user1st.info/ https://app.wellybox.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com
status: 200
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block
x-app-version: 2.43.1
last-modified: Thu, 31 May 2018 05:50:51 GMT
server: cloudflare
etag: W/"5b4-163b4bfae78"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
content-encoding: br
cache-control: public, max-age=14400
cf-ray: 56827978392fd6dd-FRA
x-content-type-options: nosniff

GET
H2

200

asset_composer.js Show response
static.zdassets.com/ekr/
Redirect Chain

https://assets.zendesk.com/embeddable_framework/main.js
https://static.zdassets.com/ekr/asset_composer.js

24 KB
7 KB

74ms
31ms

Script
application/javascript

104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/asset_composer.js

Requested by

Host: www-staging.barclays-payments-demo.co.uk
URL: https://www-staging.barclays-payments-demo.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c9a091912e1429ac42793ae50ba42bf025d4d2a6cd4261fbd0fe546e7fdc04d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www-staging.barclays-payments-demo.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 20 Feb 2020 18:16:56 GMT
content-encoding: br
cf-cache-status: HIT
age: 57
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
x-amz-request-id: A26C6FAD64800E8F
x-amz-id-2: pIG3ewRDYZ31gIKGW5A6cRgonb6NWT4BIJvm+R7wShJEhBlnVr0glefCvN5ZLHIsPtxEL+ovV9I=
last-modified: Fri, 14 Feb 2020 00:37:35 GMT
server: cloudflare
etag: W/"6084772ba40e90778e01c5e012eadcda"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: 1dThsIV8Gk17S8Ce6gK3X_kq0RhHNhBU
cf-ray: 568279790fb3dbef-LHR

Redirect headers

date: Thu, 20 Feb 2020 18:16:56 GMT
server: cloudflare
location: https://static.zdassets.com/ekr/asset_composer.js
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
status: 301
cache-control: max-age=3600
strict-transport-security: max-age=0
cf-ray: 568279789ab2dc43-LHR
expires: Thu, 20 Feb 2020 19:16:56 GMT

GET
DATA 200
OK truncated
/ 23 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4638e40e3d63dc3fed8b2ded9f4f7d0a90113fc4860ea7df832965445feaeec8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 166 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6ec0aa74753f8e674fe38a717bb79dad4ba315b66f7bf2a50ba80d71f00c74ea

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 tool-box-48.png
www-staging.barclays-payments-demo.co.uk/img/icons/ 1 KB
2 KB 87ms
86ms Image
image/png 2606:4700:3032::6818:7e05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-staging.barclays-payments-demo.co.uk/img/icons/tool-box-48.png

Requested by

Host: www-staging.barclays-payments-demo.co.uk
URL: https://www-staging.barclays-payments-demo.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6818:7e05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PayMe LTD

Resource Hash

92af1e0531c6f24aec445621a23a83e5c2262d6d227006fd0212e55eff49c9a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www-staging.barclays-payments-demo.co.uk/css/elephant-landing.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 20 Feb 2020 18:16:56 GMT
via: 1.1 vegur
vary: Origin, Accept-Encoding
cf-cache-status: EXPIRED
x-powered-by: PayMe LTD
content-security-policy-report-only: report-uri /api/app-info/csp-report; default-src 'self'; img-src 'self' data: https://*.paymeservice.com https://fast.chmln-cdn.com; script-src 'self' 'unsafe-inline' https://*.paymeservice.com https://*.google.com https://www.gstatic.com static.apiary.io api.apiary.io assets.zendesk.com https://*.zopim.com wss://*.zopim.com https://static.zdassets.com https://*.user1st.info/ https://*.sessionstack.com https://fast.chmln-cdn.com https://*.trychameleon.com; connect-src 'self' https://*.paymeservice.com https://apis.google.com https://static.zdassets.com https://ekr.zdassets.com wss://*.zendesk.com https://isracard-global.zendesk.com ws://admin-staging.payme.co.il https://admin-staging.payme.co.il https://payme-store-staging-alpha.herokuapp.com https://*.sessionstack.com https://fecdn.user1st.info https://fast.chmln-cdn.com https://observe.trychameleon.com https://edit.trychameleon.com; frame-src 'self' jsapi.apiary.io https://*.paymeservice.com https://*.google.com https://dev.paymeservice.com https://preprod.paymeservice.com https://*.user1st.info/ https://app.wellybox.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com
status: 200
x-dns-prefetch-control: off
content-length: 1062
x-xss-protection: 1; mode=block
x-app-version: 2.43.1
last-modified: Thu, 31 May 2018 05:50:49 GMT
server: cloudflare
etag: W/"426-163b4bfa6a8"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 568279798d21d6dd-FRA
x-content-type-options: nosniff

GET
H2 200 services-48.png
www-staging.barclays-payments-demo.co.uk/img/icons/ 2 KB
2 KB 90ms
89ms Image
image/png 2606:4700:3032::6818:7e05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-staging.barclays-payments-demo.co.uk/img/icons/services-48.png

Requested by

Host: www-staging.barclays-payments-demo.co.uk
URL: https://www-staging.barclays-payments-demo.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6818:7e05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PayMe LTD

Resource Hash

8ff872e540875944aa632ec412805f65dbe7799def39d45dafa109c591792442

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www-staging.barclays-payments-demo.co.uk/css/elephant-landing.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 20 Feb 2020 18:16:56 GMT
via: 1.1 vegur
vary: Origin, Accept-Encoding
cf-cache-status: EXPIRED
x-powered-by: PayMe LTD
content-security-policy-report-only: report-uri /api/app-info/csp-report; default-src 'self'; img-src 'self' data: https://*.paymeservice.com https://fast.chmln-cdn.com; script-src 'self' 'unsafe-inline' https://*.paymeservice.com https://*.google.com https://www.gstatic.com static.apiary.io api.apiary.io assets.zendesk.com https://*.zopim.com wss://*.zopim.com https://static.zdassets.com https://*.user1st.info/ https://*.sessionstack.com https://fast.chmln-cdn.com https://*.trychameleon.com; connect-src 'self' https://*.paymeservice.com https://apis.google.com https://static.zdassets.com https://ekr.zdassets.com wss://*.zendesk.com https://isracard-global.zendesk.com ws://admin-staging.payme.co.il https://admin-staging.payme.co.il https://payme-store-staging-alpha.herokuapp.com https://*.sessionstack.com https://fecdn.user1st.info https://fast.chmln-cdn.com https://observe.trychameleon.com https://edit.trychameleon.com; frame-src 'self' jsapi.apiary.io https://*.paymeservice.com https://*.google.com https://dev.paymeservice.com https://preprod.paymeservice.com https://*.user1st.info/ https://app.wellybox.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com
status: 200
x-dns-prefetch-control: off
content-length: 1782
x-xss-protection: 1; mode=block
x-app-version: 2.43.1
last-modified: Thu, 31 May 2018 05:50:49 GMT
server: cloudflare
etag: W/"6f6-163b4bfa6a8"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 568279799d27d6dd-FRA
x-content-type-options: nosniff

GET
H2 200 solutions-48.png
www-staging.barclays-payments-demo.co.uk/img/icons/ 2 KB
2 KB 93ms
92ms Image
image/png 2606:4700:3032::6818:7e05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-staging.barclays-payments-demo.co.uk/img/icons/solutions-48.png

Requested by

Host: www-staging.barclays-payments-demo.co.uk
URL: https://www-staging.barclays-payments-demo.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6818:7e05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PayMe LTD

Resource Hash

ac7596d77de947802ee59dc86301f4b00b26ff73e30a56328027b498077d7f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www-staging.barclays-payments-demo.co.uk/css/elephant-landing.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 20 Feb 2020 18:16:56 GMT
via: 1.1 vegur
vary: Origin, Accept-Encoding
cf-cache-status: EXPIRED
x-powered-by: PayMe LTD
content-security-policy-report-only: report-uri /api/app-info/csp-report; default-src 'self'; img-src 'self' data: https://*.paymeservice.com https://fast.chmln-cdn.com; script-src 'self' 'unsafe-inline' https://*.paymeservice.com https://*.google.com https://www.gstatic.com static.apiary.io api.apiary.io assets.zendesk.com https://*.zopim.com wss://*.zopim.com https://static.zdassets.com https://*.user1st.info/ https://*.sessionstack.com https://fast.chmln-cdn.com https://*.trychameleon.com; connect-src 'self' https://*.paymeservice.com https://apis.google.com https://static.zdassets.com https://ekr.zdassets.com wss://*.zendesk.com https://isracard-global.zendesk.com ws://admin-staging.payme.co.il https://admin-staging.payme.co.il https://payme-store-staging-alpha.herokuapp.com https://*.sessionstack.com https://fecdn.user1st.info https://fast.chmln-cdn.com https://observe.trychameleon.com https://edit.trychameleon.com; frame-src 'self' jsapi.apiary.io https://*.paymeservice.com https://*.google.com https://dev.paymeservice.com https://preprod.paymeservice.com https://*.user1st.info/ https://app.wellybox.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com
status: 200
x-dns-prefetch-control: off
content-length: 1772
x-xss-protection: 1; mode=block
x-app-version: 2.43.1
last-modified: Thu, 31 May 2018 05:50:49 GMT
server: cloudflare
etag: W/"6ec-163b4bfa6a8"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 568279799d29d6dd-FRA
x-content-type-options: nosniff

GET
H2 200 layers-48.png
www-staging.barclays-payments-demo.co.uk/img/icons/ 2 KB
2 KB 100ms
99ms Image
image/png 2606:4700:3032::6818:7e05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-staging.barclays-payments-demo.co.uk/img/icons/layers-48.png

Requested by

Host: www-staging.barclays-payments-demo.co.uk
URL: https://www-staging.barclays-payments-demo.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6818:7e05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PayMe LTD

Resource Hash

a2b3b0de200acbcf84eb807cd7feacf92f5dfac4b609f533cf0e7f0f1719da70

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www-staging.barclays-payments-demo.co.uk/css/elephant-landing.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 20 Feb 2020 18:16:56 GMT
via: 1.1 vegur
vary: Origin, Accept-Encoding
cf-cache-status: EXPIRED
x-powered-by: PayMe LTD
content-security-policy-report-only: report-uri /api/app-info/csp-report; default-src 'self'; img-src 'self' data: https://*.paymeservice.com https://fast.chmln-cdn.com; script-src 'self' 'unsafe-inline' https://*.paymeservice.com https://*.google.com https://www.gstatic.com static.apiary.io api.apiary.io assets.zendesk.com https://*.zopim.com wss://*.zopim.com https://static.zdassets.com https://*.user1st.info/ https://*.sessionstack.com https://fast.chmln-cdn.com https://*.trychameleon.com; connect-src 'self' https://*.paymeservice.com https://apis.google.com https://static.zdassets.com https://ekr.zdassets.com wss://*.zendesk.com https://isracard-global.zendesk.com ws://admin-staging.payme.co.il https://admin-staging.payme.co.il https://payme-store-staging-alpha.herokuapp.com https://*.sessionstack.com https://fecdn.user1st.info https://fast.chmln-cdn.com https://observe.trychameleon.com https://edit.trychameleon.com; frame-src 'self' jsapi.apiary.io https://*.paymeservice.com https://*.google.com https://dev.paymeservice.com https://preprod.paymeservice.com https://*.user1st.info/ https://app.wellybox.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com
status: 200
x-dns-prefetch-control: off
content-length: 1997
x-xss-protection: 1; mode=block
x-app-version: 2.43.1
last-modified: Thu, 31 May 2018 05:50:49 GMT
server: cloudflare
etag: W/"7cd-163b4bfa6a8"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 568279799d2cd6dd-FRA
x-content-type-options: nosniff

GET
H2 200 report-48.png
www-staging.barclays-payments-demo.co.uk/img/icons/ 1 KB
1 KB 99ms
98ms Image
image/png 2606:4700:3032::6818:7e05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-staging.barclays-payments-demo.co.uk/img/icons/report-48.png

Requested by

Host: www-staging.barclays-payments-demo.co.uk
URL: https://www-staging.barclays-payments-demo.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6818:7e05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PayMe LTD

Resource Hash

dc46fe893e39eca77a18f9184a247e1d8ed94afc090c01fe22c62f5a2a3d4215

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www-staging.barclays-payments-demo.co.uk/css/elephant-landing.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 20 Feb 2020 18:16:56 GMT
via: 1.1 vegur
vary: Origin, Accept-Encoding
cf-cache-status: EXPIRED
x-powered-by: PayMe LTD
content-security-policy-report-only: report-uri /api/app-info/csp-report; default-src 'self'; img-src 'self' data: https://*.paymeservice.com https://fast.chmln-cdn.com; script-src 'self' 'unsafe-inline' https://*.paymeservice.com https://*.google.com https://www.gstatic.com static.apiary.io api.apiary.io assets.zendesk.com https://*.zopim.com wss://*.zopim.com https://static.zdassets.com https://*.user1st.info/ https://*.sessionstack.com https://fast.chmln-cdn.com https://*.trychameleon.com; connect-src 'self' https://*.paymeservice.com https://apis.google.com https://static.zdassets.com https://ekr.zdassets.com wss://*.zendesk.com https://isracard-global.zendesk.com ws://admin-staging.payme.co.il https://admin-staging.payme.co.il https://payme-store-staging-alpha.herokuapp.com https://*.sessionstack.com https://fecdn.user1st.info https://fast.chmln-cdn.com https://observe.trychameleon.com https://edit.trychameleon.com; frame-src 'self' jsapi.apiary.io https://*.paymeservice.com https://*.google.com https://dev.paymeservice.com https://preprod.paymeservice.com https://*.user1st.info/ https://app.wellybox.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com
status: 200
x-dns-prefetch-control: off
content-length: 1171
x-xss-protection: 1; mode=block
x-app-version: 2.43.1
last-modified: Thu, 31 May 2018 05:50:49 GMT
server: cloudflare
etag: W/"493-163b4bfa6a8"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 568279799d31d6dd-FRA
x-content-type-options: nosniff

GET
H2 200 processor-48.png
www-staging.barclays-payments-demo.co.uk/img/icons/ 1 KB
2 KB 112ms
111ms Image
image/png 2606:4700:3032::6818:7e05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-staging.barclays-payments-demo.co.uk/img/icons/processor-48.png

Requested by

Host: www-staging.barclays-payments-demo.co.uk
URL: https://www-staging.barclays-payments-demo.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6818:7e05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PayMe LTD

Resource Hash

2a3dc345c2a1852435bfc6c3d631b98a163af499724b75a25577d6a0a32c3efe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www-staging.barclays-payments-demo.co.uk/css/main.css?v=1.3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 20 Feb 2020 18:16:56 GMT
via: 1.1 vegur
vary: Origin, Accept-Encoding
cf-cache-status: EXPIRED
x-powered-by: PayMe LTD
content-security-policy-report-only: report-uri /api/app-info/csp-report; default-src 'self'; img-src 'self' data: https://*.paymeservice.com https://fast.chmln-cdn.com; script-src 'self' 'unsafe-inline' https://*.paymeservice.com https://*.google.com https://www.gstatic.com static.apiary.io api.apiary.io assets.zendesk.com https://*.zopim.com wss://*.zopim.com https://static.zdassets.com https://*.user1st.info/ https://*.sessionstack.com https://fast.chmln-cdn.com https://*.trychameleon.com; connect-src 'self' https://*.paymeservice.com https://apis.google.com https://static.zdassets.com https://ekr.zdassets.com wss://*.zendesk.com https://isracard-global.zendesk.com ws://admin-staging.payme.co.il https://admin-staging.payme.co.il https://payme-store-staging-alpha.herokuapp.com https://*.sessionstack.com https://fecdn.user1st.info https://fast.chmln-cdn.com https://observe.trychameleon.com https://edit.trychameleon.com; frame-src 'self' jsapi.apiary.io https://*.paymeservice.com https://*.google.com https://dev.paymeservice.com https://preprod.paymeservice.com https://*.user1st.info/ https://app.wellybox.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com
status: 200
x-dns-prefetch-control: off
content-length: 1367
x-xss-protection: 1; mode=block
x-app-version: 2.43.1
last-modified: Thu, 31 May 2018 05:50:49 GMT
server: cloudflare
etag: W/"557-163b4bfa6a8"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 568279799d37d6dd-FRA
x-content-type-options: nosniff

GET
H2 200 us-dollar-48.png
www-staging.barclays-payments-demo.co.uk/img/icons/ 1 KB
1 KB 106ms
105ms Image
image/png 2606:4700:3032::6818:7e05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-staging.barclays-payments-demo.co.uk/img/icons/us-dollar-48.png

Requested by

Host: www-staging.barclays-payments-demo.co.uk
URL: https://www-staging.barclays-payments-demo.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6818:7e05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PayMe LTD

Resource Hash

4f86327219c724f58881255e7a005b1ee91a97ab0e845032d15965a62d6f4512

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www-staging.barclays-payments-demo.co.uk/css/main.css?v=1.3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 20 Feb 2020 18:16:56 GMT
via: 1.1 vegur
vary: Origin, Accept-Encoding
cf-cache-status: EXPIRED
x-powered-by: PayMe LTD
content-security-policy-report-only: report-uri /api/app-info/csp-report; default-src 'self'; img-src 'self' data: https://*.paymeservice.com https://fast.chmln-cdn.com; script-src 'self' 'unsafe-inline' https://*.paymeservice.com https://*.google.com https://www.gstatic.com static.apiary.io api.apiary.io assets.zendesk.com https://*.zopim.com wss://*.zopim.com https://static.zdassets.com https://*.user1st.info/ https://*.sessionstack.com https://fast.chmln-cdn.com https://*.trychameleon.com; connect-src 'self' https://*.paymeservice.com https://apis.google.com https://static.zdassets.com https://ekr.zdassets.com wss://*.zendesk.com https://isracard-global.zendesk.com ws://admin-staging.payme.co.il https://admin-staging.payme.co.il https://payme-store-staging-alpha.herokuapp.com https://*.sessionstack.com https://fecdn.user1st.info https://fast.chmln-cdn.com https://observe.trychameleon.com https://edit.trychameleon.com; frame-src 'self' jsapi.apiary.io https://*.paymeservice.com https://*.google.com https://dev.paymeservice.com https://preprod.paymeservice.com https://*.user1st.info/ https://app.wellybox.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com
status: 200
x-dns-prefetch-control: off
content-length: 1401
x-xss-protection: 1; mode=block
x-app-version: 2.43.1
last-modified: Thu, 31 May 2018 05:50:49 GMT
server: cloudflare
etag: W/"579-163b4bfa6a8"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 568279799d3dd6dd-FRA
x-content-type-options: nosniff

GET
H2 200 support-48.png
www-staging.barclays-payments-demo.co.uk/img/icons/ 1 KB
2 KB 91ms
90ms Image
image/png 2606:4700:3032::6818:7e05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-staging.barclays-payments-demo.co.uk/img/icons/support-48.png

Requested by

Host: www-staging.barclays-payments-demo.co.uk
URL: https://www-staging.barclays-payments-demo.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6818:7e05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PayMe LTD

Resource Hash

e9cf47cbcf0b2b0683f60b98054f19af196b189b43c775462abf985104f5f276

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www-staging.barclays-payments-demo.co.uk/css/main.css?v=1.3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 20 Feb 2020 18:16:56 GMT
via: 1.1 vegur
vary: Origin, Accept-Encoding
cf-cache-status: EXPIRED
x-powered-by: PayMe LTD
content-security-policy-report-only: report-uri /api/app-info/csp-report; default-src 'self'; img-src 'self' data: https://*.paymeservice.com https://fast.chmln-cdn.com; script-src 'self' 'unsafe-inline' https://*.paymeservice.com https://*.google.com https://www.gstatic.com static.apiary.io api.apiary.io assets.zendesk.com https://*.zopim.com wss://*.zopim.com https://static.zdassets.com https://*.user1st.info/ https://*.sessionstack.com https://fast.chmln-cdn.com https://*.trychameleon.com; connect-src 'self' https://*.paymeservice.com https://apis.google.com https://static.zdassets.com https://ekr.zdassets.com wss://*.zendesk.com https://isracard-global.zendesk.com ws://admin-staging.payme.co.il https://admin-staging.payme.co.il https://payme-store-staging-alpha.herokuapp.com https://*.sessionstack.com https://fecdn.user1st.info https://fast.chmln-cdn.com https://observe.trychameleon.com https://edit.trychameleon.com; frame-src 'self' jsapi.apiary.io https://*.paymeservice.com https://*.google.com https://dev.paymeservice.com https://preprod.paymeservice.com https://*.user1st.info/ https://app.wellybox.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com
status: 200
x-dns-prefetch-control: off
content-length: 1462
x-xss-protection: 1; mode=block
x-app-version: 2.43.1
last-modified: Thu, 31 May 2018 05:50:49 GMT
server: cloudflare
etag: W/"5b6-163b4bfa6a8"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 568279799d40d6dd-FRA
x-content-type-options: nosniff

GET
H2 200 screwdriver-48.png
www-staging.barclays-payments-demo.co.uk/img/icons/ 1 KB
1 KB 104ms
103ms Image
image/png 2606:4700:3032::6818:7e05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-staging.barclays-payments-demo.co.uk/img/icons/screwdriver-48.png

Requested by

Host: www-staging.barclays-payments-demo.co.uk
URL: https://www-staging.barclays-payments-demo.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6818:7e05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PayMe LTD

Resource Hash

a91a6fce08d0170638fcd4b9ee21f2803528579dc075ffc2bde3130860c14825

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www-staging.barclays-payments-demo.co.uk/css/elephant-landing.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 20 Feb 2020 18:16:56 GMT
via: 1.1 vegur
vary: Origin, Accept-Encoding
cf-cache-status: EXPIRED
x-powered-by: PayMe LTD
content-security-policy-report-only: report-uri /api/app-info/csp-report; default-src 'self'; img-src 'self' data: https://*.paymeservice.com https://fast.chmln-cdn.com; script-src 'self' 'unsafe-inline' https://*.paymeservice.com https://*.google.com https://www.gstatic.com static.apiary.io api.apiary.io assets.zendesk.com https://*.zopim.com wss://*.zopim.com https://static.zdassets.com https://*.user1st.info/ https://*.sessionstack.com https://fast.chmln-cdn.com https://*.trychameleon.com; connect-src 'self' https://*.paymeservice.com https://apis.google.com https://static.zdassets.com https://ekr.zdassets.com wss://*.zendesk.com https://isracard-global.zendesk.com ws://admin-staging.payme.co.il https://admin-staging.payme.co.il https://payme-store-staging-alpha.herokuapp.com https://*.sessionstack.com https://fecdn.user1st.info https://fast.chmln-cdn.com https://observe.trychameleon.com https://edit.trychameleon.com; frame-src 'self' jsapi.apiary.io https://*.paymeservice.com https://*.google.com https://dev.paymeservice.com https://preprod.paymeservice.com https://*.user1st.info/ https://app.wellybox.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com
status: 200
x-dns-prefetch-control: off
content-length: 1123
x-xss-protection: 1; mode=block
x-app-version: 2.43.1
last-modified: Thu, 31 May 2018 05:50:49 GMT
server: cloudflare
etag: W/"463-163b4bfa6a8"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 568279799d45d6dd-FRA
x-content-type-options: nosniff

GET
H2 200 web-shield-48.png
www-staging.barclays-payments-demo.co.uk/img/icons/ 2 KB
2 KB 84ms
84ms Image
image/png 2606:4700:3032::6818:7e05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-staging.barclays-payments-demo.co.uk/img/icons/web-shield-48.png

Requested by

Host: www-staging.barclays-payments-demo.co.uk
URL: https://www-staging.barclays-payments-demo.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6818:7e05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PayMe LTD

Resource Hash

ec73bc5505d65512658f1fa8582db1d6983b3e14f3024470c374e26952eadd1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www-staging.barclays-payments-demo.co.uk/css/elephant-landing.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 20 Feb 2020 18:16:56 GMT
via: 1.1 vegur
vary: Origin, Accept-Encoding
cf-cache-status: EXPIRED
x-powered-by: PayMe LTD
content-security-policy-report-only: report-uri /api/app-info/csp-report; default-src 'self'; img-src 'self' data: https://*.paymeservice.com https://fast.chmln-cdn.com; script-src 'self' 'unsafe-inline' https://*.paymeservice.com https://*.google.com https://www.gstatic.com static.apiary.io api.apiary.io assets.zendesk.com https://*.zopim.com wss://*.zopim.com https://static.zdassets.com https://*.user1st.info/ https://*.sessionstack.com https://fast.chmln-cdn.com https://*.trychameleon.com; connect-src 'self' https://*.paymeservice.com https://apis.google.com https://static.zdassets.com https://ekr.zdassets.com wss://*.zendesk.com https://isracard-global.zendesk.com ws://admin-staging.payme.co.il https://admin-staging.payme.co.il https://payme-store-staging-alpha.herokuapp.com https://*.sessionstack.com https://fecdn.user1st.info https://fast.chmln-cdn.com https://observe.trychameleon.com https://edit.trychameleon.com; frame-src 'self' jsapi.apiary.io https://*.paymeservice.com https://*.google.com https://dev.paymeservice.com https://preprod.paymeservice.com https://*.user1st.info/ https://app.wellybox.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com
status: 200
x-dns-prefetch-control: off
content-length: 1866
x-xss-protection: 1; mode=block
x-app-version: 2.43.1
last-modified: Thu, 31 May 2018 05:50:49 GMT
server: cloudflare
etag: W/"74a-163b4bfa6a8"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 568279799d49d6dd-FRA
x-content-type-options: nosniff

GET
H2 200 fontawesome-webfont.woff2
www-staging.barclays-payments-demo.co.uk/fonts/ 70 KB
70 KB 133ms
132ms Font
font/woff2 2606:4700:3032::6818:7e05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-staging.barclays-payments-demo.co.uk/fonts/fontawesome-webfont.woff2?v=4.6.3

Requested by

Host: www-staging.barclays-payments-demo.co.uk
URL: https://www-staging.barclays-payments-demo.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6818:7e05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PayMe LTD

Resource Hash

7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www-staging.barclays-payments-demo.co.uk/css/elephant-landing.css
Origin: https://www-staging.barclays-payments-demo.co.uk
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 20 Feb 2020 18:16:56 GMT
via: 1.1 vegur
vary: Origin, Accept-Encoding
cf-cache-status: MISS
x-powered-by: PayMe LTD
content-security-policy-report-only: report-uri /api/app-info/csp-report; default-src 'self'; img-src 'self' data: https://*.paymeservice.com https://fast.chmln-cdn.com; script-src 'self' 'unsafe-inline' https://*.paymeservice.com https://*.google.com https://www.gstatic.com static.apiary.io api.apiary.io assets.zendesk.com https://*.zopim.com wss://*.zopim.com https://static.zdassets.com https://*.user1st.info/ https://*.sessionstack.com https://fast.chmln-cdn.com https://*.trychameleon.com; connect-src 'self' https://*.paymeservice.com https://apis.google.com https://static.zdassets.com https://ekr.zdassets.com wss://*.zendesk.com https://isracard-global.zendesk.com ws://admin-staging.payme.co.il https://admin-staging.payme.co.il https://payme-store-staging-alpha.herokuapp.com https://*.sessionstack.com https://fecdn.user1st.info https://fast.chmln-cdn.com https://observe.trychameleon.com https://edit.trychameleon.com; frame-src 'self' jsapi.apiary.io https://*.paymeservice.com https://*.google.com https://dev.paymeservice.com https://preprod.paymeservice.com https://*.user1st.info/ https://app.wellybox.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com
status: 200
x-dns-prefetch-control: off
content-length: 71896
x-xss-protection: 1; mode=block
x-app-version: 2.43.1
last-modified: Thu, 31 May 2018 05:50:48 GMT
server: cloudflare
etag: W/"118d8-163b4bfa2c0"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: font/woff2
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 568279799d4bd6dd-FRA
x-content-type-options: nosniff

GET
H2 200 isracard-global.zendesk.com Show response
ekr.zdassets.com/compose/web_widget/ 284 B
735 B 728ms
678ms XHR
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/web_widget/isracard-global.zendesk.com

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27b50850227540de071a655106e4604cd1c5b11f063819d0ab3606fde240ff4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www-staging.barclays-payments-demo.co.uk/
Origin: https://www-staging.barclays-payments-demo.co.uk
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 20 Feb 2020 18:16:57 GMT
content-encoding: br
vary: Origin, Accept-Encoding
cf-cache-status: MISS
status: 200, 200 OK
strict-transport-security: max-age=0
x-request-id: 8e48c805-bb07-4c6a-a7dc-245997bef0bf
x-runtime: 0.009822
server: cloudflare
etag: W/"27b50850227540de071a655106e4604c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=600, s-maxage=60
cf-ray: 5682797a5912dc33-LHR

GET
H2 200 4c3b0a0459dcd2a61ed3c14fbba204aa7480d649 Show response
ekr.zdassets.com/compose_product/web_widget/ 552 B
452 B 196ms
196ms XHR
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose_product/web_widget/4c3b0a0459dcd2a61ed3c14fbba204aa7480d649?features[]=help_center&features[]=ticket_submission&use_json=true

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b87bb7580e9d068682ec3439f288c079468208998588425a0f5843e0a70bf0eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www-staging.barclays-payments-demo.co.uk/
Origin: https://www-staging.barclays-payments-demo.co.uk
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 20 Feb 2020 18:16:57 GMT
content-encoding: br
vary: Origin, Accept-Encoding
cf-cache-status: MISS
status: 200, 200 OK
strict-transport-security: max-age=0
x-request-id: 6e519e04-3fac-44ff-b250-f621b8101303
x-runtime: 0.004948
server: cloudflare
etag: W/"b87bb7580e9d068682ec3439f288c079"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=31536000
cf-ray: 5682797e9c82dc33-LHR

GET
H2 200 runtime.88b5327cb572f4153c2d.js Show response
static.zdassets.com/web_widget/latest/ Frame A635 3 KB
2 KB 31ms
30ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/runtime.88b5327cb572f4153c2d.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

839a1b55ca1bc40011453ba517ce8cf0a75699616844a0934cde1b740227d341

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 18:16:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 154799
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
x-amz-request-id: 5E10E80A421E3E92
x-amz-id-2: mhOnwIWo4qhx+VdBYGN7B1vH89a0ahv1mELO8zIgSKy7kzP2d2swb3tTc9kk/RQ4spLzkmOW9y8=
last-modified: Mon, 17 Feb 2020 02:56:45 GMT
server: cloudflare
etag: W/"b6bd499739cb7cf352ef533fe888ca7a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: r90NukOV2ppAuyChK.VSx.JH_dsiFiVK
cf-ray: 5682797fda8ddbef-LHR
expires: Tue, 16 Feb 2021 02:56:44 GMT

GET
H2 200 preload.5b282863230fef49f3b7.chunk.js Show response
static.zdassets.com/web_widget/latest/ Frame A635 464 B
528 B 30ms
30ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/preload.5b282863230fef49f3b7.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b181eee69b38b4fa6bea457693f0db4958f25bb4597d0389b7e0f34a41fdef75

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 18:16:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 582672
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
x-amz-request-id: 9829757FEDB400EF
x-amz-id-2: 3+0BbyJsQ9BFCkENfmzlW3ecvODrQh6Kbu9x54mhqCJCv9EXzgr0+OBe6b4oZJGC+iTg0KM8e1E=
last-modified: Thu, 13 Feb 2020 23:12:21 GMT
server: cloudflare
etag: W/"351ccf2044225b92a90f5c62ab48f327"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: v0FkH6No2xhU0jJ8qxTn8TvdNYgtr4qi
cf-ray: 5682797fda90dbef-LHR
expires: Fri, 12 Feb 2021 23:12:20 GMT

GET
H2 200 vendors~preload.893db148b7b962a2c6ca.chunk.js Show response
static.zdassets.com/web_widget/latest/ Frame A635 40 KB
12 KB 34ms
34ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/vendors~preload.893db148b7b962a2c6ca.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a57637fc93fd32a685096808f801fa0161dc3609682ef7b6e791a07ec4c78ab0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 18:16:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 582672
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
x-amz-request-id: BB54B3275349556C
x-amz-id-2: d0nCzhVm9V2cw/ngzl2PiLQnal0pj6tbK0S+jmnwKjrDEtnFjgnqH0VhJzhuMqu6pD2AGj0ZZBA=
last-modified: Thu, 13 Feb 2020 23:12:23 GMT
server: cloudflare
etag: W/"7040ca3fe6b8d89e280ef117ca1a42d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: Zuz3Rhg1QTGcxPIJR7GB3RQzqHS45YyD
cf-ray: 5682797fda92dbef-LHR
expires: Fri, 12 Feb 2021 23:12:21 GMT

GET
H2 200 vendors~web_widget.6ea2f52fc2e51de1e202.chunk.js Show response
static.zdassets.com/web_widget/latest/ Frame A635 1016 KB
257 KB 29ms
28ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/vendors~web_widget.6ea2f52fc2e51de1e202.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

540abf67136c912f645ff5d1503cdb2af1688f0849e0d535f9c5931b1bb380e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 18:16:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 426324
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
x-amz-request-id: 22104FF83BE54B87
x-amz-id-2: ewfPMy+04sHW3ffJiFV7nIPfllFbDYK5M5FJVF2ca49CQFbg5tCb9lP0kYZyOve44qZB9iToG4Y=
last-modified: Thu, 13 Feb 2020 23:12:23 GMT
server: cloudflare
etag: W/"67159d1adf38697a8c6aeb10797aa4fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: 8cDNKzaa36ipdPPp4pXeZJ6cG9ujcnwU
cf-ray: 5682797fda94dbef-LHR
expires: Fri, 12 Feb 2021 23:12:22 GMT

GET
H2 200 web_widget.9736b9883380995add10.chunk.js Show response
static.zdassets.com/web_widget/latest/ Frame A635 962 KB
182 KB 34ms
33ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web_widget.9736b9883380995add10.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

666a9c91a624c656be97cd85d3ead5b3b869d2d9c09915bc384267efd706b24e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 18:16:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 18
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
x-amz-request-id: 8B4F167C21E49896
x-amz-id-2: xFUrjPwHcsiOov1JoIRgd6UIoVKZgSdOAcyOW2zInVn3o7pe8AF8WZxoP5lLwSg19fiuPwhee1U=
last-modified: Mon, 17 Feb 2020 02:56:46 GMT
server: cloudflare
etag: W/"21433afdb01e4d1b177a7d9551e731e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: xzvAlv3b6beG2rwb6oFlx998LQFx9RwQ
cf-ray: 5682797fda95dbef-LHR
expires: Tue, 16 Feb 2021 02:56:45 GMT

GET
H2 200 config Show response
isracard-global.zendesk.com/embeddable/ 623 B
985 B 151ms
76ms XHR
application/json 104.16.54.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://isracard-global.zendesk.com/embeddable/config

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.54.111 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a88695475418368076e33519ad06cbbaddc8d7ce25fff9a8969bcb31ba3790b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www-staging.barclays-payments-demo.co.uk/
Origin: https://www-staging.barclays-payments-demo.co.uk
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 20 Feb 2020 18:16:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Origin, Accept-Encoding
x-request-id: 56827980a85fce57-FRA
x-runtime: 0.001701
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
x-zendesk-origin-server: embeddable-app-server-78c88784b6-xvvlm
cf-ray: 56827980a85fce57-LHR

GET
H2 200 en-us.e36b2e35ff41a255c566.js Show response
static.zdassets.com/web_widget/latest/locales/ Frame A635 23 KB
5 KB 41ms
41ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/locales/en-us.e36b2e35ff41a255c566.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.6ea2f52fc2e51de1e202.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b2be39ece20eac062d527e47974dda2c376996628dea396bb53606200011c95

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 18:16:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 582672
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
x-amz-request-id: 4BA6FD17EB39C303
x-amz-id-2: xg9sTsAkHGzFe2l1469826A2lv/8w7I5+AmFEJ7ZpMZexBYqTfs9T68ucKL4TGr4YRudib/mZ+w=
last-modified: Thu, 13 Feb 2020 23:12:39 GMT
server: cloudflare
etag: W/"e36b2e35ff41a255c566d5860a098920"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: SjL6eAbfH3DQ7fT5EgUOsbV0ANvXM9mU
cf-ray: 5682798218eddbef-LHR
expires: Fri, 12 Feb 2021 23:12:37 GMT

GET
H2 200 embeddable_blip Show response
isracard-global.zendesk.com/ Frame A635 0
229 B 58ms
57ms XHR
text/html 104.16.54.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://isracard-global.zendesk.com/embeddable_blip?type=userAction&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInVzZXJBY3Rpb24iOnsiY2F0ZWdvcnkiOiJhcGkiLCJhY3Rpb24iOiJ6RS5zZXRMb2NhbGUiLCJsYWJlbCI6bnVsbCwidmFsdWUiOnsiYXJncyI6ImVuLWlsIn19LCJidWlkIjoiNWI5YjQwZWY2OTI3Mzg3NWFmN2IyMTJjN2Y0MTdiYTgiLCJzdWlkIjoiZTFhYTZhODhjNDFjZDlhZGVkMGVjYjcwMGI0ZTFlNjYiLCJ2ZXJzaW9uIjoiNGMzYjBhMDQ1IiwidGltZXN0YW1wIjoiMjAyMC0wMi0yMFQxODoxNjo1Ny45MjRaIiwidXJsIjoiaHR0cHM6Ly93d3ctc3RhZ2luZy5iYXJjbGF5cy1wYXltZW50cy1kZW1vLmNvLnVrLyJ9
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.6ea2f52fc2e51de1e202.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.54.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Origin: https://www-staging.barclays-payments-demo.co.uk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

date: Thu, 20 Feb 2020 18:16:57 GMT
cf-cache-status: MISS
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www-staging.barclays-payments-demo.co.uk
accept-ranges: bytes
cf-ray: 568279821c44ce57-LHR
content-length: 0

GET
H2 200 en-il.ff4f1f4745e46087a55b.js Show response
static.zdassets.com/web_widget/latest/locales/ Frame A635 23 KB
5 KB 33ms
33ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/locales/en-il.ff4f1f4745e46087a55b.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.6ea2f52fc2e51de1e202.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2c8923fc971955872456a2f72ae7941df4dea48e58f3f6fe892e55ca899d672

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 18:16:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 581759
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
x-amz-request-id: FC0A39DD55DC7213
x-amz-id-2: JDzgxoR22cKS6FkIcRPkVb+3F1gLadvf8fE3TPkOWaeNvBVzkDcbXUAAy7Y65BsnahJdXgQYYlw=
last-modified: Fri, 14 Feb 2020 00:32:56 GMT
server: cloudflare
etag: W/"ff4f1f4745e46087a55bdb6e01f74756"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: ga1eWWkKAW_9.ro3zcZZy4dHscILAEBX
cf-ray: 56827982190ddbef-LHR
expires: Sat, 13 Feb 2021 00:32:55 GMT

GET
H2 200 embeddable_blip Show response
isracard-global.zendesk.com/ Frame A635 0
279 B 53ms
52ms XHR
text/html 104.16.54.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://isracard-global.zendesk.com/embeddable_blip?type=pageView&data=eyJwYWdlVmlldyI6eyJyZWZlcnJlciI6Imh0dHBzOi8vd3d3LXN0YWdpbmcuYmFyY2xheXMtcGF5bWVudHMtZGVtby5jby51ay8iLCJ0aW1lIjoxMzksImxvYWRUaW1lIjpudWxsLCJuYXZpZ2F0b3JMYW5ndWFnZSI6ImVuLVVTIiwicGFnZVRpdGxlIjoiQmFyY2xheXMgLSBQYXltZW50IFNlcnZpY2VzIiwidXNlckFnZW50IjoiTW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzc0LjAuMzcyOS4xNjkgU2FmYXJpLzUzNy4zNiIsImlzTW9iaWxlIjpmYWxzZSwiaXNSZXNwb25zaXZlIjp0cnVlLCJ2aWV3cG9ydE1ldGEiOiJ3aWR0aD1kZXZpY2Utd2lkdGgsaW5pdGlhbC1zY2FsZT0xLHVzZXItc2NhbGFibGU9bm8iLCJoZWxwQ2VudGVyRGVkdXAiOmZhbHNlfSwiYnVpZCI6ImEyMTYzNzZiNGQ5OTA2MzYyMzE1ZTA2NTE5NzcyOTFhIiwic3VpZCI6IjFjMDE3NWViM2YzNmJjMmY2YTZiYjU5MGRhNDY4M2RjIiwidmVyc2lvbiI6IjRjM2IwYTA0NSIsInRpbWVzdGFtcCI6IjIwMjAtMDItMjBUMTg6MTY6NTguMDU4WiIsInVybCI6Imh0dHBzOi8vd3d3LXN0YWdpbmcuYmFyY2xheXMtcGF5bWVudHMtZGVtby5jby51ay8ifQ%3D%3D
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.6ea2f52fc2e51de1e202.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.54.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Origin: https://www-staging.barclays-payments-demo.co.uk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

date: Thu, 20 Feb 2020 18:16:58 GMT
cf-cache-status: MISS
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www-staging.barclays-payments-demo.co.uk
accept-ranges: bytes
cf-ray: 56827982fe94ce57-LHR
content-length: 0

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.barclays-payments-demo.co.uk/	1970-01-19 08:13:34	Name: __cfduid Value: dd59432a610570aa7391af9c5bbf0db231582222616

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.6ea2f52fc2e51de1e202.chunk.js(Line 149) Message: Our embeddable contains third-party, open source software and/or libraries. To view them and their license terms, go to http://goto.zendesk.com/embeddable-legal-notices

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.zendesk.com
ekr.zdassets.com
fonts.googleapis.com
isracard-global.zendesk.com
static.zdassets.com
www-staging.barclays-payments-demo.co.uk
104.16.54.111
104.18.70.113
104.18.71.113
2606:4700:3032::6818:7e05
2a00:1450:4001:821::200a
0605d1c8a108208cc7003062b4b668a43ef9e8f927f23b08713552219f91c0b4
1a88695475418368076e33519ad06cbbaddc8d7ce25fff9a8969bcb31ba3790b
1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27b50850227540de071a655106e4604cd1c5b11f063819d0ab3606fde240ff4c
2a3dc345c2a1852435bfc6c3d631b98a163af499724b75a25577d6a0a32c3efe
2b2b26f43738ce3924d945f05e43f5f5cf58ac708e3a7c3f2aa6b77e3a3802d2
2bd84c0ac81115d30eb9fd610591701d8ee66149fc795ca60fca19073d975deb
2c9a091912e1429ac42793ae50ba42bf025d4d2a6cd4261fbd0fe546e7fdc04d
4638e40e3d63dc3fed8b2ded9f4f7d0a90113fc4860ea7df832965445feaeec8
4f86327219c724f58881255e7a005b1ee91a97ab0e845032d15965a62d6f4512
540abf67136c912f645ff5d1503cdb2af1688f0849e0d535f9c5931b1bb380e4
666a9c91a624c656be97cd85d3ead5b3b869d2d9c09915bc384267efd706b24e
67fe31738cbfb72fffc7e1093d387e7b5317a75615bf6a0cde5c3f2b1985f3cc
6ec0aa74753f8e674fe38a717bb79dad4ba315b66f7bf2a50ba80d71f00c74ea
7b9d3b816e1e02bb02c5749d4cdbaadd2669e3f912f15e4ff6286b4e826ffabd
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
839a1b55ca1bc40011453ba517ce8cf0a75699616844a0934cde1b740227d341
8ff872e540875944aa632ec412805f65dbe7799def39d45dafa109c591792442
92421fc5231ab6968e2f23d27c5a88b628094164ad7f48c7c11caae295b85185
92af1e0531c6f24aec445621a23a83e5c2262d6d227006fd0212e55eff49c9a7
9b2be39ece20eac062d527e47974dda2c376996628dea396bb53606200011c95
a2b3b0de200acbcf84eb807cd7feacf92f5dfac4b609f533cf0e7f0f1719da70
a57637fc93fd32a685096808f801fa0161dc3609682ef7b6e791a07ec4c78ab0
a91a6fce08d0170638fcd4b9ee21f2803528579dc075ffc2bde3130860c14825
ac7596d77de947802ee59dc86301f4b00b26ff73e30a56328027b498077d7f50
b181eee69b38b4fa6bea457693f0db4958f25bb4597d0389b7e0f34a41fdef75
b82fe4b32752c09408e016d688058537bd04536137c37855da77c5df6e82265e
b87bb7580e9d068682ec3439f288c079468208998588425a0f5843e0a70bf0eb
dc46fe893e39eca77a18f9184a247e1d8ed94afc090c01fe22c62f5a2a3d4215
e091b272d76f204664621467366cc03c2b6a5f1683817f12a7d3995b9eaa47b9
e1febf2b0d038e41b2df34fa7e1e548d47d908286427d8d2b76c1bb218677f41
e2c8923fc971955872456a2f72ae7941df4dea48e58f3f6fe892e55ca899d672
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9cf47cbcf0b2b0683f60b98054f19af196b189b43c775462abf985104f5f276
ec73bc5505d65512658f1fa8582db1d6983b3e14f3024470c374e26952eadd1b
f266911f7b5e5a2659907f40a00b6fda197ab89924edaea5a5f1c1456f9c04e6
f7d6b1c8e88874fb2696fc3128ea91fc6f47915466ea9f566ab2c39fcebffbd6

www-staging.barclays-payments-demo.co.uk Open in urlscan Pro 2606:4700:3032::6818:7e05 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

37 Requests

100 %HTTPS

40 %IPv6

4 Domains

6 Subdomains

6 IPs

2 Countries

833 kBTransfer

3139 kBSize

1 Cookies

4 Outgoing links

Page URL History

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www-staging.barclays-payments-demo.co.uk Open in urlscan Pro
2606:4700:3032::6818:7e05 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

6
Subdomains

6
IPs

2
Countries

833 kB
Transfer

3139 kB
Size

1
Cookies

37 HTTP transactions
2 data transactions