pay.podium.com Open in urlscan Pro
2606:4700:4400::ac40:98c2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://pay.podium.co/gy9EL0b
Effective URL:
https://pay.podium.com/invoices/185ec688-2217-410b-ae0c-a2fa1c207de6
Submission: On October 19 via manual (October 19th 2022, 7:46:11 pm UTC) from US — Scanned from DE

Summary HTTP 62 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 1 countries across 10 domains to perform 62 HTTP transactions. The main IP is 2606:4700:4400::ac40:98c2, located in United States and belongs to CLOUDFLARENET, US. The main domain is pay.podium.com. The Cisco Umbrella rank of the primary domain is 792748.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 13th 2022. Valid for: a year.

This is the only time pay.podium.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.148.118.72 54.148.118.72	16509 (AMAZON-02) (AMAZON-02)
14	2606:4700:440... 2606:4700:4400::ac40:98c2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700::68... 2606:4700::6812:556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	151.101.0.176 151.101.0.176	54113 (FASTLY) (FASTLY)
1	35.201.112.186 35.201.112.186	15169 (GOOGLE) (GOOGLE)
1	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
6	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
2	44.239.140.29 44.239.140.29	16509 (AMAZON-02) (AMAZON-02)
62	9

1 54.148.118.72 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-148-118-72.us-west-2.compute.amazonaws.com

pay.podium.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:4400::ac40:98c2 (United States)

ASN13335 (CLOUDFLARENET, US)

payments.podium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pay.podium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o1081911.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:556 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cohere.so	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 151.101.0.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.112.186 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.239.140.29 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-140-29.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	stripe.com js.stripe.com — Cisco Umbrella Rank: 1212 q.stripe.com — Cisco Umbrella Rank: 7555 m.stripe.com — Cisco Umbrella Rank: 1150	409 KB
14	podium.com payments.podium.com — Cisco Umbrella Rank: 770988 pay.podium.com — Cisco Umbrella Rank: 792748 assets.podium.com Failed	1 MB
4	stripe.network m.stripe.network — Cisco Umbrella Rank: 1274	33 KB
2	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 2218 rs.fullstory.com — Cisco Umbrella Rank: 2056	65 KB
2	sentry.io o1081911.ingest.sentry.io — Cisco Umbrella Rank: 54870	421 B
1	cohere.so static.cohere.so — Cisco Umbrella Rank: 40259	152 KB
1	podium.co 1 redirects pay.podium.co	674 B
0	google.com Failed pay.google.com Failed
0	riskified.com Failed beacon.riskified.com Failed
0	browser-intake-datadoghq.com Failed rum.browser-intake-datadoghq.com Failed
62	10

	Domain	Requested by
14	js.stripe.com	pay.podium.com js.stripe.com
11	pay.podium.com	payments.podium.com pay.podium.com
6	q.stripe.com	payments.podium.com
4	m.stripe.network	js.stripe.com m.stripe.network
3	payments.podium.com	pay.podium.com
2	m.stripe.com	m.stripe.network
2	o1081911.ingest.sentry.io	pay.podium.com
1	rs.fullstory.com	pay.podium.com
1	edge.fullstory.com	pay.podium.com
1	static.cohere.so	pay.podium.com
1	pay.podium.co	1 redirects
0	pay.google.com Failed	js.stripe.com
0	assets.podium.com Failed
0	beacon.riskified.com Failed	pay.podium.com
0	rum.browser-intake-datadoghq.com Failed	pay.podium.com
62	15

This site contains no links.

Subject Issuer	Validity	Valid
podium.com Cloudflare Inc ECC CA-3	`2022-04-13` - `2023-04-12`	a year	crt.sh
*.ingest.sentry.io R3	`2022-08-20` - `2022-11-18`	3 months	crt.sh
static.cohere.so Cloudflare Inc ECC CA-3	`2021-12-16` - `2022-12-15`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2022-10-19` - `2023-01-11`	3 months	crt.sh
edge.fullstory.com GTS CA 1D4	`2022-10-06` - `2023-01-04`	3 months	crt.sh
*.fullstory.com R3	`2022-10-12` - `2023-01-10`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-06` - `2022-12-07`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-15` - `2023-01-26`	4 months	crt.sh

This page contains 8 frames:

Primary Page: https://pay.podium.com/invoices/185ec688-2217-410b-ae0c-a2fa1c207de6
Frame ID: 8DE4416B7BD7B1A160631C5F8598E84D
Requests: 28 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: DFA47B6E5B15F6099E39FDC840E2A2D0
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: F8DE8C06B5D4CA8C98E806FDDBA720FF
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 18AAFAFAD215704FAAB0B9C829D37E28
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: B7D088970365A0A4F378EAA4A468CDFE
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-c488596353efdeaa8e516aefba5f919e.html
Frame ID: BF1B364AE67AFA0DFA5281FB1D1D46C9
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-51f72a4a7fcb8c35809e9b715b95c972.html
Frame ID: F9CB61298FE551E9EB4599545001BC55
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-02f2b8610b2e1ae19d1d73f3694c2d9a.html
Frame ID: A8047824E9EC79E4D8F2E1AEDDCAE728
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Payments - Podium

Page URL History Show full URLs

https://pay.podium.co/gy9EL0b HTTP 302
https://payments.podium.com/invoices/185ec688-2217-410b-ae0c-a2fa1c207de6/ Page URL
https://pay.podium.com/invoices/185ec688-2217-410b-ae0c-a2fa1c207de6 Page URL

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Page Statistics

62
Requests

73 %
HTTPS

22 %
IPv6

10
Domains

15
Subdomains

9
IPs

1
Countries

1840 kB
Transfer

7443 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://pay.podium.co/gy9EL0b HTTP 302
https://payments.podium.com/invoices/185ec688-2217-410b-ae0c-a2fa1c207de6/ Page URL
https://pay.podium.com/invoices/185ec688-2217-410b-ae0c-a2fa1c207de6 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://pay.podium.co/gy9EL0b HTTP 302
https://payments.podium.com/invoices/185ec688-2217-410b-ae0c-a2fa1c207de6/

62 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/
payments.podium.com/invoices/185ec688-2217-410b-ae0c-a2fa1c207de6/
Redirect Chain

https://pay.podium.co/gy9EL0b
https://payments.podium.com/invoices/185ec688-2217-410b-ae0c-a2fa1c207de6/

798 B
779 B

842ms
734ms

Document
text/html

2606:4700:4400::ac40:98c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.podium.com/invoices/185ec688-2217-410b-ae0c-a2fa1c207de6/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:98c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 75cc0474cbe89012-FRA
content-encoding: br
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:;
content-type: text/html; charset=utf-8
cross-origin-window-policy: deny
date: Wed, 19 Oct 2022 19:46:01 GMT
server: cloudflare
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: Fx-QCnHQi93u7QEAAvvB
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 140
cache-control: max-age=0, private, must-revalidate
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' 'unsafe-eval'
content-type: text/html; charset=utf-8
cross-origin-window-policy: deny
date: Wed, 19 Oct 2022 19:46:00 GMT
location: https://payments.podium.com/invoices/185ec688-2217-410b-ae0c-a2fa1c207de6/
server: Cowboy
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: Fx-QCkBd1NjHl2UFXuhB
x-xss-protection: 1; mode=block

GET
H2 200 Primary Request 185ec688-2217-410b-ae0c-a2fa1c207de6 Show response
pay.podium.com/invoices/ 7 KB
3 KB 1403ms
1344ms Document
text/html 2606:4700:4400::ac40:98c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.podium.com/invoices/185ec688-2217-410b-ae0c-a2fa1c207de6
Requested by: Host: payments.podium.com
URL: https://payments.podium.com/invoices/185ec688-2217-410b-ae0c-a2fa1c207de6/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:98c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e863aeacd21e9afa14d3ddb164dab709363c93ef2bb096e2b9e877ba3c8e7c6e

Request headers

Referer: https://payments.podium.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 75cc0479ce4f9012-FRA
content-encoding: br
content-type: text/html
date: Wed, 19 Oct 2022 19:46:03 GMT
last-modified: Tue, 18 Oct 2022 19:59:25 GMT
server: cloudflare
vary: Accept-Encoding
via: 1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
x-amz-cf-id: 41e3N0Ls6uKuxk4qd53H7Z18iH2cVA42NlXB747EekuMCcMXR-aVWw==
x-amz-cf-pop: FRA56-C1
x-cache: Error from cloudfront

GET
H2 200 9.c425c9c7.chunk.css
pay.podium.com/static/css/ 3 KB
1 KB 736ms
736ms Stylesheet
text/css 2606:4700:4400::ac40:98c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.podium.com/static/css/9.c425c9c7.chunk.css
Requested by: Host: pay.podium.com
URL: https://pay.podium.com/invoices/185ec688-2217-410b-ae0c-a2fa1c207de6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:98c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 655db2bf71279dda516c4582226bb8574fb8d78bd53ae28da1e2dfbc03743275

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.podium.com/invoices/185ec688-2217-410b-ae0c-a2fa1c207de6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 19:46:03 GMT
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 18 Oct 2022 19:59:25 GMT
server: cloudflare
x-amz-cf-pop: DUS51-P1
etag: W/"ab092331ac38502cd6f8a69bce2e4633"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
cache-control: max-age=14400
cf-ray: 75cc0482696d9012-FRA
x-amz-cf-id: e9xY-cDUwOZZQ3cWJ-5_LsBwmFUZmjztAILYXDRvF-5yVAdOraOaHQ==

GET
H2 200 main.999b39ba.chunk.css
pay.podium.com/static/css/ 180 B
366 B 720ms
720ms Stylesheet
text/css 2606:4700:4400::ac40:98c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.podium.com/static/css/main.999b39ba.chunk.css
Requested by: Host: pay.podium.com
URL: https://pay.podium.com/invoices/185ec688-2217-410b-ae0c-a2fa1c207de6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:98c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a4bae26c8000232ad7ca763a866002c58fbe7179db0fb110095174dc12f81c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.podium.com/invoices/185ec688-2217-410b-ae0c-a2fa1c207de6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 19:46:03 GMT
via: 1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 18 Oct 2022 19:59:25 GMT
server: cloudflare
x-amz-cf-pop: DUS51-P1
etag: W/"acc70839fe526402ecc2925f431abdeb"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
cache-control: max-age=14400
cf-ray: 75cc048269719012-FRA
x-amz-cf-id: A5krsNSAesHD26NjqOYttQewfBlqUcYMtMqRfHoVNjnwEWR-Dd1TXw==

GET
H2 200 9.e10ac761.chunk.js Show response
pay.podium.com/static/js/ 3 MB
698 KB 727ms
727ms Script
application/javascript 2606:4700:4400::ac40:98c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.podium.com/static/js/9.e10ac761.chunk.js
Requested by: Host: pay.podium.com
URL: https://pay.podium.com/invoices/185ec688-2217-410b-ae0c-a2fa1c207de6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:98c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4dc3eaf086718af718a39240c2471d53e8700751983b6d5168747068f2520862

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.podium.com/invoices/185ec688-2217-410b-ae0c-a2fa1c207de6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 19:46:04 GMT
via: 1.1 5bbaa27b453dc834289b91c14bbb4934.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 18 Oct 2022 19:59:25 GMT
server: cloudflare
x-amz-cf-pop: DUS51-P1
etag: W/"4edd47f444d657f8a4069aad64523487"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 75cc04870b169012-FRA
x-amz-cf-id: ViLDiIq8r4E3p41oIwIRcajaNBRGQ7IJQX-DIGzL1jaeTkZJ5cbrGQ==

GET
H2 200 main.5aefc366.chunk.js Show response
pay.podium.com/static/js/ 69 KB
20 KB 718ms
717ms Script
application/javascript 2606:4700:4400::ac40:98c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.podium.com/static/js/main.5aefc366.chunk.js
Requested by: Host: pay.podium.com
URL: https://pay.podium.com/invoices/185ec688-2217-410b-ae0c-a2fa1c207de6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:98c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20bb55cd4676049bf95aa347cc67e88b216cb8e18dca355671a1a4f2fea2110a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.podium.com/invoices/185ec688-2217-410b-ae0c-a2fa1c207de6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 19:46:05 GMT
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 18 Oct 2022 19:59:25 GMT
server: cloudflare
x-amz-cf-pop: DUS51-P1
etag: W/"a4b2154497f5ae7ffecdaf77badb814d"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 75cc048c8f499012-FRA
x-amz-cf-id: 7wYWlwJ6hvJEOSnlr7balgkBD54ZSQd9AEHfVxTxlBWjGJFBHNVmlA==

POST
H2 200 / Show response
o1081911.ingest.sentry.io/api/6462366/envelope/ 2 B
276 B 293ms
39ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o1081911.ingest.sentry.io/api/6462366/envelope/?sentry_key=2b0dbc9d306f4fcc9274ffb7855c097d&sentry_version=7

Requested by

Host: pay.podium.com
URL: https://pay.podium.com/static/js/9.e10ac761.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://pay.podium.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 19 Oct 2022 19:46:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://pay.podium.com
access-control-expose-headers: x-sentry-error, retry-after, x-sentry-rate-limits
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 0.0ae06667.chunk.js Show response
pay.podium.com/static/js/ 542 KB
132 KB 806ms
805ms Script
application/javascript 2606:4700:4400::ac40:98c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.podium.com/static/js/0.0ae06667.chunk.js
Requested by: Host: pay.podium.com
URL: https://pay.podium.com/invoices/185ec688-2217-410b-ae0c-a2fa1c207de6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:98c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d522a02ade42ae7526be3b249e30d493f4a8649e961ab943a8f29ebfab877ded

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.podium.com/invoices/185ec688-2217-410b-ae0c-a2fa1c207de6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 19:46:06 GMT
via: 1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 14 Oct 2022 23:58:17 GMT
server: cloudflare
x-amz-cf-pop: FRA56-C1
etag: W/"f2b891e5462fce71e508cf228b14a749"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 75cc04933d109012-FRA
x-amz-cf-id: 93rYB5EGtOV-e_n2QJUv06Imc6kLqvNLnAJYLKrzCizP10WlJpipBQ==

GET
H2 200 1.2ffb69d5.chunk.js Show response
pay.podium.com/static/js/ 22 KB
7 KB 704ms
703ms Script
application/javascript 2606:4700:4400::ac40:98c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.podium.com/static/js/1.2ffb69d5.chunk.js
Requested by: Host: pay.podium.com
URL: https://pay.podium.com/invoices/185ec688-2217-410b-ae0c-a2fa1c207de6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:98c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5620b24b5f93bb23d8791291fb893e70fac3378e19b09aacfe5a9eb7ff6e7d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.podium.com/invoices/185ec688-2217-410b-ae0c-a2fa1c207de6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 19:46:06 GMT
via: 1.1 ed18d8ae19db26837eda53bbf8f03c08.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 18 Oct 2022 19:59:25 GMT
server: cloudflare
x-amz-cf-pop: DUS51-P1
etag: W/"d03f9ae5b54e96dd2635a8d426c154ff"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 75cc04933d129012-FRA
x-amz-cf-id: MyjJsW19BQwcN4fr7lqRvY14V6Cs_gfKMcWO9y33zSPOYgZgAp9XdQ==

GET
H2 200 2.06c36583.chunk.js Show response
pay.podium.com/static/js/ 34 KB
11 KB 731ms
731ms Script
application/javascript 2606:4700:4400::ac40:98c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.podium.com/static/js/2.06c36583.chunk.js
Requested by: Host: pay.podium.com
URL: https://pay.podium.com/invoices/185ec688-2217-410b-ae0c-a2fa1c207de6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:98c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a72b1c508acdca523c5d8c00d8d6b71eb22ea4e4c7d6b06f8df8ea1b7b11ec8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.podium.com/invoices/185ec688-2217-410b-ae0c-a2fa1c207de6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 19:46:06 GMT
via: 1.1 b85afd3a476827aadec8c79e8673c564.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 14 Oct 2022 23:58:17 GMT
server: cloudflare
x-amz-cf-pop: DUS51-P1
etag: W/"c98a14a406519c7161a9fcd0f7642810"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 75cc04933d159012-FRA
x-amz-cf-id: G1JVENF3QwwJ0wqjz7Q_5c8nrCi-UIcwbGT6Zhf_qBjVfNzXiUaOog==

GET
H2 200 3.63843e7d.chunk.js Show response
pay.podium.com/static/js/ 79 KB
26 KB 714ms
714ms Script
application/javascript 2606:4700:4400::ac40:98c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.podium.com/static/js/3.63843e7d.chunk.js
Requested by: Host: pay.podium.com
URL: https://pay.podium.com/invoices/185ec688-2217-410b-ae0c-a2fa1c207de6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:98c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7269090f02bcdc68eb7d5cf1c356d3f47c4a87fcd663bf57a3bf56a26c1ba65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.podium.com/invoices/185ec688-2217-410b-ae0c-a2fa1c207de6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 19:46:06 GMT
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 14 Oct 2022 23:58:17 GMT
server: cloudflare
x-amz-cf-pop: DUS51-P1
etag: W/"c872242aef24037836a9b42416675049"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 75cc04933d199012-FRA
x-amz-cf-id: peUIVkO3Xpjw4hGewgvS28ZAEHHttCXazyvuVkmk8b7ulwTAEPFw1g==

GET
H2 200 10.940c0944.chunk.css
pay.podium.com/static/css/ 156 B
327 B 741ms
741ms Stylesheet
text/css 2606:4700:4400::ac40:98c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.podium.com/static/css/10.940c0944.chunk.css
Requested by: Host: pay.podium.com
URL: https://pay.podium.com/invoices/185ec688-2217-410b-ae0c-a2fa1c207de6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:98c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a52b27a6fbddec7e142a577e8e58e497d283fb2f1c0144bbb50c909fdf843e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.podium.com/invoices/185ec688-2217-410b-ae0c-a2fa1c207de6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 19:46:06 GMT
via: 1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 18 Oct 2022 00:11:18 GMT
server: cloudflare
x-amz-cf-pop: FRA56-C1
etag: W/"9dfeb9813f83dd8a70c17469c9418eb0"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
cache-control: max-age=14400
cf-ray: 75cc04933d1a9012-FRA
x-amz-cf-id: tsOLSE1W9q8tNWdvnILgPBrwZ8hSEflW6bkkr4RN8aUGxl8a1X5uSg==

GET
H2 200 10.56a5f7e0.chunk.js Show response
pay.podium.com/static/js/ 1014 KB
279 KB 2030ms
2030ms Script
application/javascript 2606:4700:4400::ac40:98c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.podium.com/static/js/10.56a5f7e0.chunk.js
Requested by: Host: pay.podium.com
URL: https://pay.podium.com/invoices/185ec688-2217-410b-ae0c-a2fa1c207de6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:98c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 624d244c0a166729ad466e7f23698ca0ff8f9629625e3780f79f19f0d03c9ab1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.podium.com/invoices/185ec688-2217-410b-ae0c-a2fa1c207de6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 19:46:07 GMT
via: 1.1 809c299e67c4ffca3db95351c7287bd8.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 18 Oct 2022 19:59:25 GMT
server: cloudflare
x-amz-cf-pop: DUS51-P1
etag: W/"9cb4dc2ae7d7219cb344a72e8e6e7ee2"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 75cc04933d1c9012-FRA
x-amz-cf-id: xbDuZu9t5myojWWa5DTZrRooNhOVWQO1bBlycQ36QoQIdDAHKUSWQQ==

POST
H2 200 / Show response
o1081911.ingest.sentry.io/api/6462366/envelope/ 41 B
145 B 40ms
40ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o1081911.ingest.sentry.io/api/6462366/envelope/?sentry_key=2b0dbc9d306f4fcc9274ffb7855c097d&sentry_version=7

Requested by

Host: pay.podium.com
URL: https://pay.podium.com/static/js/9.e10ac761.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

149d4117887e73f3331e2638275a7120a874094a90eb724ae561f4a201fb68ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://pay.podium.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 19 Oct 2022 19:46:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://pay.podium.com
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41

GET
H2 200 main.js Show response
static.cohere.so/ 603 KB
152 KB 269ms
178ms Script
application/javascript 2606:4700::6812:556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cohere.so/main.js

Requested by

Host: pay.podium.com
URL: https://pay.podium.com/static/js/10.56a5f7e0.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a36a5f3b1b59d4797c00d576ef183eaee35c945ed07f03657b09fee63ab704c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.podium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 19:46:09 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
etag: W/"c89a9cf6a1e395a6fb1a01cb79ffb302"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O3XgAALuuR9B47vhwX0bP91sRdMkmn%2FxcFeWjEK8z871CJHRfRCZeGM8%2F1FMDpzeWsggChkmSxp5DVYEegnTtNO0BzMxGWa5hWmNB%2BlTbKM7l5LlugukatFdIpsO5ky4Y0eVlw0JILU7LwbrNcef"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 75cc04a7fba35cb0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 v3 Show response
js.stripe.com/ 374 KB
90 KB 137ms
39ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: pay.podium.com
URL: https://pay.podium.com/static/js/10.56a5f7e0.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

bda46f62a7ba5c217e56bc4408a0d2d7e0589aff17bbca47593aef8e72eaca05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.podium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 19 Oct 2022 19:46:09 GMT
via: 1.1 varnish
age: 60
x-cache: HIT
content-length: 92256
x-request-id: 3f9fd61a-aa44-4b41-880b-dd82887a1ea8
x-served-by: cache-hhn4083-HHN
last-modified: Wed, 19 Oct 2022 18:16:14 GMT
server: Fastly
etag: "78f50ce78f3b2b77021b0a5af7ff3ad3"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3137

OPTIONS
H2 200 graphql_public
payments.podium.com/ Frame 0
0 805ms
724ms Preflight 2606:4700:4400::ac40:98c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://payments.podium.com/graphql_public
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:98c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pay.podium.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: accept, authorization, content-type, origin, text-code-authentication
access-control-allow-methods: GET, POST
access-control-allow-origin: https://pay.podium.com
cache-control: max-age=0, private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 75cc04a81b469a17-FRA
content-length: 0
date: Wed, 19 Oct 2022 19:46:09 GMT
server: cloudflare
vary: origin
x-request-id: Fx-QDFuYQBSeBiEAB2Eh

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 258 KB
65 KB 155ms
38ms Script
application/javascript 35.201.112.186
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: pay.podium.com
URL: https://pay.podium.com/static/js/10.56a5f7e0.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9776f8a1df62cb6b0f6f299bd29c72423ee00e4a66608b043ed372d5bfb12511

Request headers

Referer: https://pay.podium.com/
Origin: https://pay.podium.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 19:22:44 GMT
content-encoding: br
age: 1405
x-guploader-uploadid: ADPycdsvCq9Z-wD61V82a4QLn_scpvflHFYnK5c3jUBbobNg9_TiCVbusXJDJv28E5hePemFyOF-0YPZQtVMOAkruQdNeQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65504
last-modified: Wed, 19 Oct 2022 15:27:46 GMT
server: UploadServer
etag: "f4c72f54d5315fe911d422ab7bddc6e5"
vary: Accept-Encoding
x-goog-generation: 1666193266784515
x-goog-hash: crc32c=pWL+uw==, md5=9McvVNUxX+kR1CKre93G5Q==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 65504
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 19 Oct 2022 20:22:44 GMT

POST
H2 200 graphql_public Show response
payments.podium.com/ 2 KB
1 KB 1171ms
1170ms Fetch
application/json 2606:4700:4400::ac40:98c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://payments.podium.com/graphql_public
Requested by: Host: pay.podium.com
URL: https://pay.podium.com/static/js/9.e10ac761.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:98c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d63d9892deb86de2808bcd95168012b51c629c78410bd890567e14e0e59125a9

Request headers

accept: */*
Referer: https://pay.podium.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
content-type: application/json

Response headers

date: Wed, 19 Oct 2022 19:46:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pay.podium.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 75cc04acae549a17-FRA
x-request-id: Fx-QDGpVFa6Nf-UAB2Fh

GET
H2 200 / Show response
js.stripe.com/v3/ 374 KB
90 KB 107ms
39ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: pay.podium.com
URL: https://pay.podium.com/static/js/10.56a5f7e0.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

bda46f62a7ba5c217e56bc4408a0d2d7e0589aff17bbca47593aef8e72eaca05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.podium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 19 Oct 2022 19:46:09 GMT
via: 1.1 varnish
age: 17
x-cache: HIT
content-length: 92256
x-request-id: 5e5302d7-7db4-481e-9f68-d739f72cf908
x-served-by: cache-hhn4083-HHN
last-modified: Wed, 19 Oct 2022 18:16:15 GMT
server: Fastly
etag: "78f50ce78f3b2b77021b0a5af7ff3ad3"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 19

POST
H2 202 page Show response
rs.fullstory.com/rec/ 82 B
288 B 270ms
151ms XHR
text/plain 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rs.fullstory.com/rec/page

Requested by

Host: pay.podium.com
URL: https://pay.podium.com/static/js/9.e10ac761.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

58.194.186.35.bc.googleusercontent.com

Software

Resource Hash

b6fb639812beaa7c5280963a0752b11130301de60fd2f56f91434c7d6bed8e18

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pay.podium.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 19 Oct 2022 19:46:09 GMT
via: 1.1 google
x-content-type-options: nosniff
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://pay.podium.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html Show response
js.stripe.com/v3/ Frame DFA4 200 B
784 B 71ms
70ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pay.podium.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 603048
cache-control: max-age=31536000
content-encoding: br
content-length: 122
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 19 Oct 2022 19:46:09 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Wed, 12 Oct 2022 20:13:44 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 106108
x-content-type-options: nosniff
x-request-id: e6f61b9d-b458-481e-84d4-6a1a9d94e445
x-served-by: cache-hhn4083-HHN

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html Show response
js.stripe.com/v3/ Frame F8DE 200 B
196 B 70ms
69ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pay.podium.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 603048
cache-control: max-age=31536000
content-encoding: br
content-length: 122
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 19 Oct 2022 19:46:09 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Wed, 12 Oct 2022 20:13:44 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 106108
x-content-type-options: nosniff
x-request-id: b3ee514c-9d32-43b9-8c24-91cdf2792337
x-served-by: cache-hhn4083-HHN

POST
H2 200 csp-report
q.stripe.com/ Frame DFA4 0
571 B 596ms
194ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: payments.podium.com
URL: https://payments.podium.com/invoices/185ec688-2217-410b-ae0c-a2fa1c207de6/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 19 Oct 2022 19:46:10 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 0
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame DFA4 0
570 B 596ms
194ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: payments.podium.com
URL: https://payments.podium.com/invoices/185ec688-2217-410b-ae0c-a2fa1c207de6/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 19 Oct 2022 19:46:10 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame DFA4 526 B
390 B 37ms
37ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 19 Oct 2022 19:46:09 GMT
via: 1.1 varnish
age: 162459
x-cache: HIT
content-length: 256
x-request-id: 7af2f51b-505e-4865-8509-a3f076a7ac9f
x-served-by: cache-hhn4083-HHN
last-modified: Mon, 17 Oct 2022 22:10:02 GMT
server: Fastly
etag: "d96c709017743c0759cf3853d1806ba5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 95186

POST
H2 200 csp-report
q.stripe.com/ Frame F8DE 0
571 B 792ms
394ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: payments.podium.com
URL: https://payments.podium.com/invoices/185ec688-2217-410b-ae0c-a2fa1c207de6/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 19 Oct 2022 19:46:10 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 10
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame F8DE 0
571 B 792ms
394ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: payments.podium.com
URL: https://payments.podium.com/invoices/185ec688-2217-410b-ae0c-a2fa1c207de6/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 19 Oct 2022 19:46:10 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 10
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F8DE 526 B
524 B 37ms
37ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 19 Oct 2022 19:46:09 GMT
via: 1.1 varnish
age: 162459
x-cache: HIT
content-length: 256
x-request-id: 065f00c1-7f12-4747-a478-06392d354d09
x-served-by: cache-hhn4083-HHN
last-modified: Mon, 17 Oct 2022 22:10:02 GMT
server: Fastly
etag: "d96c709017743c0759cf3853d1806ba5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 95187

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 18AA 930 B
639 B 67ms
51ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 279
cache-control: max-age=300, public
content-encoding: gzip
content-length: 527
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 19 Oct 2022 19:46:09 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 428
x-content-type-options: nosniff
x-request-id: 5ba54404-4f85-45b3-b353-f7f4de2a5c7f
x-served-by: cache-hhn4083-HHN
x-timer: S1666208770.750277,VS0,VE0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame B7D0 930 B
1 KB 60ms
51ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 279
cache-control: max-age=300, public
content-encoding: gzip
content-length: 527
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 19 Oct 2022 19:46:09 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 428
x-content-type-options: nosniff
x-request-id: b02cf506-4bb3-48f3-972c-5d6a9e56079a
x-served-by: cache-hhn4083-HHN
x-timer: S1666208770.750285,VS0,VE0

POST
H2 200 csp-report
q.stripe.com/ Frame B7D0 0
344 B 676ms
386ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: payments.podium.com
URL: https://payments.podium.com/invoices/185ec688-2217-410b-ae0c-a2fa1c207de6/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 19:46:10 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: nginx
cross-origin-opener-policy: same-origin
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
x-robots-tag: none
content-length: 0
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame B7D0 86 KB
16 KB 37ms
37ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Wed, 19 Oct 2022 19:46:09 GMT
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 varnish
age: 100
x-cache: HIT
content-length: 16031
x-request-id: 98ad04b7-7e4e-4758-87b0-4deb00e4e746
x-served-by: cache-hhn4083-HHN
server: Fastly
x-timer: S1666208770.802804,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 154

POST
H2 200 csp-report
q.stripe.com/ Frame 18AA 0
344 B 668ms
385ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: payments.podium.com
URL: https://payments.podium.com/invoices/185ec688-2217-410b-ae0c-a2fa1c207de6/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 19:46:10 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: nginx
cross-origin-opener-policy: same-origin
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
x-robots-tag: none
content-length: 0
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 18AA 86 KB
16 KB 37ms
37ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Wed, 19 Oct 2022 19:46:09 GMT
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 varnish
age: 100
x-cache: HIT
content-length: 16031
x-request-id: 06fe9b9e-7020-42b7-abcc-c236d9ace361
x-served-by: cache-hhn4083-HHN
server: Fastly
x-timer: S1666208770.809753,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 155

POST
H2 200 6 Show response
m.stripe.com/ Frame B7D0 156 B
523 B 598ms
198ms XHR
application/json 44.239.140.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.239.140.29 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-239-140-29.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

fae588ea7d3b350c6e4ab71fe90e4446066f649bd772cf6d0f0a6447c820a633

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 19 Oct 2022 19:46:10 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 6 Show response
m.stripe.com/ Frame 18AA 156 B
522 B 640ms
250ms XHR
application/json 44.239.140.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.239.140.29 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-239-140-29.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e18d93ee5c2d86423215b7bbcd2389b8e46fd84bd811ec55f2eb75d4a325191b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 19 Oct 2022 19:46:10 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

OPTIONS graphql_public
payments.podium.com/ Frame 0
0

POST rum
rum.browser-intake-datadoghq.com/api/v2/ 0
0

GET /
beacon.riskified.com/ 0
0

POST graphql_public
payments.podium.com/ 0
0

GET
H2 200 controller-c488596353efdeaa8e516aefba5f919e.html Show response
js.stripe.com/v3/ Frame BF1B 325 B
833 B 37ms
37ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-c488596353efdeaa8e516aefba5f919e.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

98935cf6a1bc72677a388ece68c5714d31f344e090a8ccc5159d947d76b756aa

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pay.podium.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 35
cache-control: max-age=60
content-encoding: br
content-length: 153
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 19 Oct 2022 19:46:11 GMT
etag: "c488596353efdeaa8e516aefba5f919e"
last-modified: Wed, 19 Oct 2022 17:50:02 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 18
x-content-type-options: nosniff
x-request-id: 8deae3d5-8677-43d2-91b8-d33b93e0131a
x-served-by: cache-hhn4083-HHN

GET 48470f79-2f04-58e9-822c-9d94ae062060.gif
assets.podium.com/organization-logos/ 0
0

GET Graphik-Semibold.woff
assets.podium.com/fonts/ 0
0

GET Graphik-Regular.woff
assets.podium.com/fonts/ 0
0

GET Graphik-Medium.woff
assets.podium.com/fonts/ 0
0

GET
H2 200 payment-request-inner-google-pay-51f72a4a7fcb8c35809e9b715b95c972.html Show response
js.stripe.com/v3/ Frame F9CB 408 B
866 B 37ms
37ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-51f72a4a7fcb8c35809e9b715b95c972.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

d3719837afcad9d50ff95415e855f812b031978d915ff96e6b6cff6f64d7fce0

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pay.podium.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 6839
cache-control: max-age=31536000
content-encoding: br
content-length: 182
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 19 Oct 2022 19:46:11 GMT
etag: "51f72a4a7fcb8c35809e9b715b95c972"
last-modified: Wed, 19 Oct 2022 17:50:15 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 162
x-content-type-options: nosniff
x-request-id: b79d6f16-27fd-4f79-b086-bea5148e7b03
x-served-by: cache-hhn4083-HHN

GET
H2 200 payment-request-inner-browser-02f2b8610b2e1ae19d1d73f3694c2d9a.html Show response
js.stripe.com/v3/ Frame A804 344 B
914 B 37ms
37ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-02f2b8610b2e1ae19d1d73f3694c2d9a.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

8df253349a5b995787b7d41ce8c4a2f895f594053f3e606b398ab85501b96ec2

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pay.podium.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 33
cache-control: max-age=60
content-encoding: br
content-length: 161
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 19 Oct 2022 19:46:11 GMT
etag: "02f2b8610b2e1ae19d1d73f3694c2d9a"
last-modified: Wed, 19 Oct 2022 17:50:15 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 2
x-content-type-options: nosniff
x-request-id: f8c77a30-c1a8-4168-bc73-bc2fb5ae5dbb
x-served-by: cache-hhn4083-HHN

POST csp-report
q.stripe.com/ Frame BF1B 0
0

GET
H2 200 shared-62293fc2d2d41cdeee783a35e425eb1b.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame BF1B 265 KB
59 KB 37ms
37ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-62293fc2d2d41cdeee783a35e425eb1b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-c488596353efdeaa8e516aefba5f919e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

5419abe3959d19c6a91dc318dbcd67590f3abbec2e94e5d8d1cce05802d66958

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-c488596353efdeaa8e516aefba5f919e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 19 Oct 2022 19:46:11 GMT
via: 1.1 varnish
age: 6842
x-cache: HIT
content-length: 60376
x-request-id: 802914f9-2d01-4f30-b25c-be907f5912af
x-served-by: cache-hhn4083-HHN
last-modified: Wed, 19 Oct 2022 17:50:14 GMT
server: Fastly
etag: "fe1a5b4eb53a63f25217f847841075d9"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1637

GET
H2 200 controller-27e6c27fda7627cb404131dc9d307d1f.js
js.stripe.com/v3/fingerprinted/js/ Frame BF1B 417 KB
102 KB 42ms
42ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-27e6c27fda7627cb404131dc9d307d1f.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-c488596353efdeaa8e516aefba5f919e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-c488596353efdeaa8e516aefba5f919e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 19 Oct 2022 19:46:11 GMT
via: 1.1 varnish
age: 6842
x-cache: HIT
content-length: 104136
x-request-id: e836579d-9518-4b60-9444-be5848cfb645
x-served-by: cache-hhn4083-HHN
last-modified: Wed, 19 Oct 2022 17:50:12 GMT
server: Fastly
etag: "aae58e20a2a8c32cf1d5f3aed63c6eb8"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1542

POST rum
rum.browser-intake-datadoghq.com/api/v2/ 0
0

POST csp-report
q.stripe.com/ Frame F9CB 0
0

GET pay.js
pay.google.com/gp/p/js/ Frame F9CB 0
0

GET
H2 200 shared-62293fc2d2d41cdeee783a35e425eb1b.js
js.stripe.com/v3/fingerprinted/js/ Frame F9CB 265 KB
59 KB 37ms
37ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-62293fc2d2d41cdeee783a35e425eb1b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-51f72a4a7fcb8c35809e9b715b95c972.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-51f72a4a7fcb8c35809e9b715b95c972.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 19 Oct 2022 19:46:11 GMT
via: 1.1 varnish
age: 6842
x-cache: HIT
content-length: 60376
x-request-id: 9bf057ec-466f-41c3-8a7f-67090257aafa
x-served-by: cache-hhn4083-HHN
last-modified: Wed, 19 Oct 2022 17:50:14 GMT
server: Fastly
etag: "fe1a5b4eb53a63f25217f847841075d9"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1638

GET payment-request-inner-google-pay-60811770d6d6510eab3407b6b258e984.js
js.stripe.com/v3/fingerprinted/js/ Frame F9CB 0
0

POST csp-report
q.stripe.com/ Frame A804 0
0

GET
H2 200 shared-62293fc2d2d41cdeee783a35e425eb1b.js
js.stripe.com/v3/fingerprinted/js/ Frame A804 265 KB
0 57ms
56ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-62293fc2d2d41cdeee783a35e425eb1b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-02f2b8610b2e1ae19d1d73f3694c2d9a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-02f2b8610b2e1ae19d1d73f3694c2d9a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 19 Oct 2022 19:46:11 GMT
via: 1.1 varnish
age: 6842
x-cache: HIT
content-length: 60376
x-request-id: 9519ad51-fcdc-49bb-94eb-326452261733
x-served-by: cache-hhn4083-HHN
last-modified: Wed, 19 Oct 2022 17:50:14 GMT
server: Fastly
etag: "fe1a5b4eb53a63f25217f847841075d9"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1639

GET
H2 200 payment-request-inner-browser-2c8cec6926074c0dfa281900621070c3.js
js.stripe.com/v3/fingerprinted/js/ Frame A804 12 KB
0 56ms
56ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-2c8cec6926074c0dfa281900621070c3.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-02f2b8610b2e1ae19d1d73f3694c2d9a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-02f2b8610b2e1ae19d1d73f3694c2d9a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 19 Oct 2022 19:46:11 GMT
via: 1.1 varnish
age: 162324
x-cache: HIT
content-length: 4544
x-request-id: 4b38d0aa-217c-4d72-88b4-3c6ebdb7b262
x-served-by: cache-hhn4083-HHN
last-modified: Mon, 17 Oct 2022 22:10:02 GMT
server: Fastly
etag: "ace69d3a664ffa9b246cdeef69ce8ee3"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4042

GET .deploy_status_henson.json
js.stripe.com/v3/ Frame BF1B 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: payments.podium.com
URL: https://payments.podium.com/graphql_public

Domain: rum.browser-intake-datadoghq.com
URL: https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.17.2%2Cservice%3Aniffler%2Cversion%3A1.0.0&dd-api-key=pub367aded19f9be0ff211b5e2d6d07f636&dd-evp-origin-version=4.17.2&dd-evp-origin=browser&dd-request-id=3ed5ac4e-641a-4d7f-8681-fe6c906eb617&batch_time=1666208771195

Domain: beacon.riskified.com
URL: https://beacon.riskified.com/?shop=podium.com_services&sid=185ec688-2217-410b-ae0c-a2fa1c207de6

Domain: payments.podium.com
URL: https://payments.podium.com/graphql_public

Domain: assets.podium.com
URL: https://assets.podium.com/organization-logos/48470f79-2f04-58e9-822c-9d94ae062060.gif

Domain: assets.podium.com
URL: https://assets.podium.com/fonts/Graphik-Semibold.woff

Domain: assets.podium.com
URL: https://assets.podium.com/fonts/Graphik-Regular.woff

Domain: assets.podium.com
URL: https://assets.podium.com/fonts/Graphik-Medium.woff

Domain: q.stripe.com
URL: https://q.stripe.com/csp-report

Domain: rum.browser-intake-datadoghq.com
URL: https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.17.2%2Cservice%3Aniffler%2Cversion%3A1.0.0&dd-api-key=pub367aded19f9be0ff211b5e2d6d07f636&dd-evp-origin-version=4.17.2&dd-evp-origin=browser&dd-request-id=d7bb1ff6-2e9d-4970-ac84-db72f79da8b5&batch_time=1666208771286

Domain: q.stripe.com
URL: https://q.stripe.com/csp-report

Domain: q.stripe.com
URL: https://q.stripe.com/csp-report

Domain: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Domain: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-60811770d6d6510eab3407b6b258e984.js

Domain: q.stripe.com
URL: https://q.stripe.com/csp-report

Domain: q.stripe.com
URL: https://q.stripe.com/csp-report

Domain: js.stripe.com
URL: https://js.stripe.com/v3/.deploy_status_henson.json

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.podium.com/	1970-01-20 15:35:44	Name: amp_16a5c8 Value: SbTajM36fTxfXZASPlacvW...1gfosg968.1gfosg96a.0.1.1
service.cohere.so/	1970-01-20 06:50:51	Name: __cflb Value: 0H28vL1ByKivNLh88KpxsSo7kJ6XJw8PCFH8dHuzyoF
.pay.podium.com/	1970-01-20 15:35:44	Name: __stripe_mid Value: 9f971e97-9800-4986-b6c5-3e48a21d467a7e3ff0
.pay.podium.com/	1970-01-20 06:50:10	Name: __stripe_sid Value: 46468899-9928-49c0-ae18-def727544781db7ad1
m.stripe.com/	1970-01-20 16:26:08	Name: m Value: 6639e05a-77a4-48d4-9398-7601241f8b8d576376
pay.podium.com/	1970-01-20 06:50:09	Name: _dd_s Value: rum=2&id=fecb9535-758c-4dfc-8a51-accf849df529&created=1666208765890&expire=1666209665890

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://static.cohere.so/ Message: Refused to frame 'https://voice.cohere.so/' because it violates the following Content Security Policy directive: "frame-src 'self' https://checkout.stripe.com https://js.stripe.com https://cdn.plaid.com https://app.pendo.io https://podium.my.salesforce.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.podium.com
beacon.riskified.com
edge.fullstory.com
js.stripe.com
m.stripe.com
m.stripe.network
o1081911.ingest.sentry.io
pay.google.com
pay.podium.co
pay.podium.com
payments.podium.com
q.stripe.com
rs.fullstory.com
rum.browser-intake-datadoghq.com
static.cohere.so
assets.podium.com
beacon.riskified.com
js.stripe.com
pay.google.com
payments.podium.com
q.stripe.com
rum.browser-intake-datadoghq.com
151.101.0.176
2606:4700:4400::ac40:98c2
2606:4700::6812:556
34.120.195.249
35.186.194.58
35.201.112.186
44.239.140.29
54.148.118.72
54.187.119.242
149d4117887e73f3331e2638275a7120a874094a90eb724ae561f4a201fb68ca
20bb55cd4676049bf95aa347cc67e88b216cb8e18dca355671a1a4f2fea2110a
2a4bae26c8000232ad7ca763a866002c58fbe7179db0fb110095174dc12f81c5
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4dc3eaf086718af718a39240c2471d53e8700751983b6d5168747068f2520862
5419abe3959d19c6a91dc318dbcd67590f3abbec2e94e5d8d1cce05802d66958
624d244c0a166729ad466e7f23698ca0ff8f9629625e3780f79f19f0d03c9ab1
655db2bf71279dda516c4582226bb8574fb8d78bd53ae28da1e2dfbc03743275
8df253349a5b995787b7d41ce8c4a2f895f594053f3e606b398ab85501b96ec2
9776f8a1df62cb6b0f6f299bd29c72423ee00e4a66608b043ed372d5bfb12511
98935cf6a1bc72677a388ece68c5714d31f344e090a8ccc5159d947d76b756aa
9a52b27a6fbddec7e142a577e8e58e497d283fb2f1c0144bbb50c909fdf843e6
a36a5f3b1b59d4797c00d576ef183eaee35c945ed07f03657b09fee63ab704c7
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a72b1c508acdca523c5d8c00d8d6b71eb22ea4e4c7d6b06f8df8ea1b7b11ec8b
b5620b24b5f93bb23d8791291fb893e70fac3378e19b09aacfe5a9eb7ff6e7d3
b6fb639812beaa7c5280963a0752b11130301de60fd2f56f91434c7d6bed8e18
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bda46f62a7ba5c217e56bc4408a0d2d7e0589aff17bbca47593aef8e72eaca05
d3719837afcad9d50ff95415e855f812b031978d915ff96e6b6cff6f64d7fce0
d522a02ade42ae7526be3b249e30d493f4a8649e961ab943a8f29ebfab877ded
d63d9892deb86de2808bcd95168012b51c629c78410bd890567e14e0e59125a9
e18d93ee5c2d86423215b7bbcd2389b8e46fd84bd811ec55f2eb75d4a325191b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7269090f02bcdc68eb7d5cf1c356d3f47c4a87fcd663bf57a3bf56a26c1ba65
e863aeacd21e9afa14d3ddb164dab709363c93ef2bb096e2b9e877ba3c8e7c6e
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
fae588ea7d3b350c6e4ab71fe90e4446066f649bd772cf6d0f0a6447c820a633

pay.podium.com Open in urlscan Pro 2606:4700:4400::ac40:98c2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

62 Requests

73 %HTTPS

22 %IPv6

10 Domains

15 Subdomains

9 IPs

1 Countries

1840 kBTransfer

7443 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pay.podium.com Open in urlscan Pro
2606:4700:4400::ac40:98c2 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

73 %
HTTPS

22 %
IPv6

10
Domains

15
Subdomains

9
IPs

1
Countries

1840 kB
Transfer

7443 kB
Size

6
Cookies

62 HTTP transactions
0 data transactions