urlscan.io logo urlscan.io
SecurityTrails logo

secure.triumphpay.com Open in urlscan Pro
143.204.9.86  Public Scan

Go To Rescan Add Verdict Report
URL: https://secure.triumphpay.com/?return_url=/Login/Register
Submission: On August 29 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 7 domains to perform 16 HTTP transactions. The main IP is 143.204.9.86, located in United States and belongs to AMAZON-02, US. The main domain is secure.triumphpay.com. The Cisco Umbrella rank of the primary domain is 381637.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 8th 2023. Valid for: a year.
This is the only time secure.triumphpay.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 143.204.9.86 16509 (AMAZON-02)
1 18.66.147.4 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 52.222.214.24 16509 (AMAZON-02)
1 18.66.122.96 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 3.219.143.114 14618 (AMAZON-AES)
16 10
5    143.204.9.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-9-86.mxp64.r.cloudfront.net
secure.triumphpay.com
1    18.66.147.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-4.fra60.r.cloudfront.net
global.oktacdn.com
1    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    52.222.214.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-24.fra56.r.cloudfront.net
snippet.maze.co
1    18.66.122.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-96.fra60.r.cloudfront.net
gateway.triumphpay.com
1    2606:4700:20::681a:3ba (United States)

ASN13335 (CLOUDFLARENET, US)
app.getbeamer.com
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    3.219.143.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-143-114.compute-1.amazonaws.com
prompts.maze.co
Apex Domain
Subdomains		 Transfer
6 triumphpay.com
secure.triumphpay.com — Cisco Umbrella Rank: 381637
gateway.triumphpay.com — Cisco Umbrella Rank: 382954
760 KB
4 maze.co
snippet.maze.co — Cisco Umbrella Rank: 8993
prompts.maze.co — Cisco Umbrella Rank: 9574
75 KB
1 gstatic.com
fonts.gstatic.com
38 KB
1 getbeamer.com
app.getbeamer.com — Cisco Umbrella Rank: 13385
21 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
42 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 45
1 KB
1 oktacdn.com
global.oktacdn.com — Cisco Umbrella Rank: 10858
31 KB
16 7
Domain Requested by
5 secure.triumphpay.com secure.triumphpay.com
2 prompts.maze.co secure.triumphpay.com
2 snippet.maze.co secure.triumphpay.com
snippet.maze.co
1 fonts.gstatic.com fonts.googleapis.com
1 app.getbeamer.com secure.triumphpay.com
1 gateway.triumphpay.com secure.triumphpay.com
1 www.googletagmanager.com secure.triumphpay.com
1 fonts.googleapis.com secure.triumphpay.com
1 global.oktacdn.com secure.triumphpay.com
16 9

This site contains no links.

Subject Issuer Validity Valid
triumphpay.com
Amazon RSA 2048 M02		 2023-02-08 -
2024-03-08		 a year crt.sh
*.oktacdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-03 -
2024-01-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.maze.co
Amazon RSA 2048 M02		 2023-04-06 -
2024-05-05		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-18 -
2024-04-17		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://secure.triumphpay.com/?return_url=/Login/Register
Frame ID: 9ADF059C234BBBDD8DBB7607ACBB131A
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Error Page - TriumphPay

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js

Page Statistics

16
Requests

94 %
HTTPS

44 %
IPv6

7
Domains

9
Subdomains

10
IPs

2
Countries

968 kB
Transfer

4326 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
secure.triumphpay.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.triumphpay.com/?return_url=/Login/Register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.9.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-9-86.mxp64.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2e46947a31141df57d47457cf3532e0e1ea65cd87a8c1f960cae8d20d312fc97
Security Headers
Name Value
Content-Security-Policy frame-ancestors none
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
78100
content-encoding
br
content-security-policy
frame-ancestors none
content-type
text/html
date
Mon, 28 Aug 2023 20:44:55 GMT
etag
W/"4308fcac515c10b6477e1f2651afaf9b"
last-modified
Fri, 25 Aug 2023 19:51:02 GMT
server
AmazonS3
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding Origin
via
1.1 8e4c18e02a341c5dcc38c6627bf5cf50.cloudfront.net (CloudFront)
x-amz-cf-id
ruFoA6cVamxyPoVqUok78ZIqJEx-bybkcpIfLUZ6DilZsnGWBhr_Gw==
x-amz-cf-pop
MXP64-C1
x-amz-server-side-encryption
AES256
x-amz-version-id
PayB19FtHIi22l0pFCrTP0qCgtWLaujt
x-cache
Hit from cloudfront
okta-sign-in.min.css
global.oktacdn.com/okta-signin-widget/6.8.3/css/ 		220 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://global.oktacdn.com/okta-signin-widget/6.8.3/css/okta-sign-in.min.css
Requested by
Host: secure.triumphpay.com
URL: https://secure.triumphpay.com/?return_url=/Login/Register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-4.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f60db0f0eadecace069d5ebc569098740ec1f73a0561b3f4098bb58ef12b5a6a
Security Headers
Name Value
Strict-Transport-Security max-age=315360000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.triumphpay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id
7VazWe8AIF3o84tfdMiwWYE5DUed53cs
strict-transport-security
max-age=315360000
x-content-type-options
nosniff
date
Tue, 29 Aug 2023 13:38:12 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
age
17303
via
1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 20 Oct 2022 14:53:41 GMT
server
AmazonS3
etag
W/"6737d2c843b42c7a11d7c3e2282946c3"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
w7ZL42_J6ZFz2xmiczy7b9vgWEAgONNvIvDTyWF1ub8H5g6rf4vUTQ==
css2
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600&display=swap
Requested by
Host: secure.triumphpay.com
URL: https://secure.triumphpay.com/?return_url=/Login/Register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d3b1ac6002c6c94af05cd38aa25c8c2675aa689ce8149b170e975e105c5f938d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.triumphpay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 29 Aug 2023 18:26:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 29 Aug 2023 16:34:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 29 Aug 2023 18:26:34 GMT
8501.01dea8390a31f2ce1287.js
secure.triumphpay.com/js/ 		3 MB
634 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.triumphpay.com/js/8501.01dea8390a31f2ce1287.js
Requested by
Host: secure.triumphpay.com
URL: https://secure.triumphpay.com/?return_url=/Login/Register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.9.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-9-86.mxp64.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
10e7dc44a042d2b9f29413d97183728954499481c42548b23e4b4bcb5155f700
Security Headers
Name Value
Content-Security-Policy frame-ancestors none
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.triumphpay.com/?return_url=/Login/Register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id
Xesol1ROfXsYI2Rq4ZMK0LeS._ZN7PN7
content-encoding
br
via
1.1 8e4c18e02a341c5dcc38c6627bf5cf50.cloudfront.net (CloudFront)
date
Mon, 28 Aug 2023 20:43:10 GMT
content-security-policy
frame-ancestors none
x-amz-cf-pop
MXP64-C1
age
78205
x-amz-server-side-encryption
AES256
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-cache
Hit from cloudfront
last-modified
Fri, 25 Aug 2023 19:51:35 GMT
server
AmazonS3
etag
W/"9c6bc6296332371e382c4581373dd2e2"
vary
Accept-Encoding, Origin
content-type
application/javascript
x-amz-cf-id
YMsh86LczD_q5IYsIFB2j4ERFwFyoB7LinQwZId-aXSPrwf40qFBYg==
app.2e8f6f5a00eb4c2c3a8f.js
secure.triumphpay.com/js/ 		491 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.triumphpay.com/js/app.2e8f6f5a00eb4c2c3a8f.js
Requested by
Host: secure.triumphpay.com
URL: https://secure.triumphpay.com/?return_url=/Login/Register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.9.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-9-86.mxp64.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b6527e40209a03ff5824fc7fa725b74457a91cbc655b16667dc70013381fde95
Security Headers
Name Value
Content-Security-Policy frame-ancestors none
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.triumphpay.com/?return_url=/Login/Register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id
PPAvzIQQm7bDxwwSI16fTMEKgyCh9B7E
content-encoding
br
via
1.1 8e4c18e02a341c5dcc38c6627bf5cf50.cloudfront.net (CloudFront)
date
Mon, 28 Aug 2023 20:41:50 GMT
content-security-policy
frame-ancestors none
x-amz-cf-pop
MXP64-C1
age
78285
x-amz-server-side-encryption
AES256
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-cache
Hit from cloudfront
last-modified
Fri, 25 Aug 2023 19:51:39 GMT
server
AmazonS3
etag
W/"c22e90752eaf301f33d602fce382fdd0"
vary
Accept-Encoding, Origin
content-type
application/javascript
x-amz-cf-id
PD9w-fxHTNfblvkM7AkC7-5JJCyvn343lc7pSf_jQHYS75bny_yFhw==
gtm.js
www.googletagmanager.com/ 		108 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W8B29CH
Requested by
Host: secure.triumphpay.com
URL: https://secure.triumphpay.com/?return_url=/Login/Register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a0ff2082538b453f421cfedbc2ca488a1430a8c245d8358e2728386dc4440b4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.triumphpay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 18:26:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43011
x-xss-protection
0
last-modified
Tue, 29 Aug 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 29 Aug 2023 18:26:34 GMT
maze-universal-loader.js
snippet.maze.co/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snippet.maze.co/maze-universal-loader.js?t=1693333594049&apiKey=ee24bc80-430c-4a92-b5bf-4a2f8a85d49c
Requested by
Host: secure.triumphpay.com
URL: https://secure.triumphpay.com/?return_url=/Login/Register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-24.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
493cc265aefc2642de3c8496c1d8390b72284713b223dcf016d4604b836950f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.triumphpay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 18:26:35 GMT
content-encoding
gzip
via
1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
last-modified
Tue, 29 Aug 2023 16:28:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
etag
W/"2ddac0b96db39824b9d751c4ecabd2f2"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript
x-amz-cf-id
q6-to8PcUTa_iPPxv-vK0d93-qUjUh037xQDZjy_28_VFFLu1yTU8Q==
ping
gateway.triumphpay.com/prod/api/v1/core/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gateway.triumphpay.com/prod/api/v1/core/ping?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-96.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-api-key
Access-Control-Request-Method
GET
Origin
https://secure.triumphpay.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-length
23
content-type
application/json
date
Tue, 29 Aug 2023 18:26:34 GMT
via
1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront)
x-amz-apigw-id
Kb2-PHTyoAMFl9A=
x-amz-cf-id
vZX1KVloxWkTAtNayMO8oUv4qWzeTm0bIYtj0zyIvOBxsSSiadrRBg==
x-amz-cf-pop
FRA60-P2
x-amzn-errortype
ForbiddenException
x-amzn-requestid
1c739d50-090b-45f2-97f3-09dbb3ef620f
x-cache
Error from cloudfront
ping
gateway.triumphpay.com/prod/api/v1/core/ 		0
0
beamer-embed.js
app.getbeamer.com/js/ 		90 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.getbeamer.com/js/beamer-embed.js
Requested by
Host: secure.triumphpay.com
URL: https://secure.triumphpay.com/js/app.2e8f6f5a00eb4c2c3a8f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f643f5587e28c0da29897f09f9ddc72a0c8c3aa701261b0204e15c299dd2b53
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.triumphpay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 18:26:34 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
age
8335
cf-polished
origSize=91841
content-encoding
br
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 24 Aug 2023 16:17:20 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4sZlXJVbQs9gvQbHLAWGrqwlhi9kHW%2B3GfV7IhPlDZFQ5sjKhX1Vker3dYFSfSJzrIrCYJ1O0DyzG3CD5oxhP7Yt%2BQP%2FJgDXjlzZAHOF%2BidmpjBE4WmasAxzWyYLbEGBu8nADevW7LYFj1vR2apH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=14400
cf-ray
7fe6d7d6c9653a91-FRA
expires
Tue, 29 Aug 2023 22:26:34 GMT
contextualScaffold.js
snippet.maze.co/ 		221 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snippet.maze.co/contextualScaffold.js?t=1693333594049
Requested by
Host: snippet.maze.co
URL: https://snippet.maze.co/maze-universal-loader.js?t=1693333594049&apiKey=ee24bc80-430c-4a92-b5bf-4a2f8a85d49c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-24.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
451339084df43823da8bd6d637c77c169ddd9acf688f615d7ca473a7954449a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.triumphpay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 18:26:35 GMT
content-encoding
gzip
via
1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
last-modified
Tue, 29 Aug 2023 16:28:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
etag
W/"7e288336c308d4eadf20119510649352"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript
x-amz-cf-id
9sWAXz-1xshi_zbpBKM15MT3mCGz-kThLIQn76tul2ABytmJwFoUTA==
TriumphPay.svg
secure.triumphpay.com/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.triumphpay.com/TriumphPay.svg
Requested by
Host: secure.triumphpay.com
URL: https://secure.triumphpay.com/?return_url=/Login/Register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.9.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-9-86.mxp64.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6d3061603a1b5bce7501d669d2094cbf65255a1d2e03c913dd5d3244cb560758
Security Headers
Name Value
Content-Security-Policy frame-ancestors none
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.triumphpay.com/?return_url=/Login/Register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id
wZDOLgiW6sSpw1LFC0rmWf4tyfgH_K8f
content-encoding
br
via
1.1 8e4c18e02a341c5dcc38c6627bf5cf50.cloudfront.net (CloudFront)
date
Mon, 28 Aug 2023 21:07:50 GMT
content-security-policy
frame-ancestors none
x-amz-cf-pop
MXP64-C1
age
76724
x-amz-server-side-encryption
AES256
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-cache
Hit from cloudfront
last-modified
Fri, 25 Aug 2023 19:50:05 GMT
server
AmazonS3
etag
W/"cb530a7301c229ecd1370c228c5462a9"
vary
Accept-Encoding, Origin
content-type
image/svg+xml
x-amz-cf-id
QxqbiJwsBfc7CiWG7o5sRJPoW6nmCFjHreClCCK_OdedGo1YiFlP4Q==
yield-sign.svg
secure.triumphpay.com/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.triumphpay.com/yield-sign.svg
Requested by
Host: secure.triumphpay.com
URL: https://secure.triumphpay.com/?return_url=/Login/Register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.9.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-9-86.mxp64.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6d8b37460fc4c7ad9b82e56124b244cb343299fb7456aa6ef55c85f98d30f1f3
Security Headers
Name Value
Content-Security-Policy frame-ancestors none
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.triumphpay.com/?return_url=/Login/Register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 13:56:23 GMT
x-amz-version-id
YEDFw99TJWjixBlSFNd_6HgnpdHMt7rj
content-encoding
br
content-security-policy
frame-ancestors none
via
1.1 8e4c18e02a341c5dcc38c6627bf5cf50.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MXP64-C1
age
16212
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 25 Aug 2023 19:51:46 GMT
server
AmazonS3
etag
W/"0a1945d71212410e3fd8670b51b63d26"
vary
Accept-Encoding, Origin
content-type
image/svg+xml
x-amz-cf-id
S2_cO7sCH105U22wUacCR_FEulfRaZqwI7r3yNJwxqztO6IEeYn5Ww==
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://secure.triumphpay.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 11:50:45 GMT
x-content-type-options
nosniff
age
282949
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37924
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:54:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Aug 2024 11:50:45 GMT
widgets
prompts.maze.co/api/ 		2 B
160 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prompts.maze.co/api/widgets
Requested by
Host: secure.triumphpay.com
URL: https://secure.triumphpay.com/js/8501.01dea8390a31f2ce1287.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.143.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-143-114.compute-1.amazonaws.com
Software
/ Express
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept
application/json
Referer
https://secure.triumphpay.com/
x-maze-snippet-src
contextual-widget
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
x-api-key
ee24bc80-430c-4a92-b5bf-4a2f8a85d49c
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 29 Aug 2023 18:26:35 GMT
x-powered-by
Express
content-length
2
etag
W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
content-type
application/json; charset=utf-8
widgets
prompts.maze.co/api/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prompts.maze.co/api/widgets
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.143.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-143-114.compute-1.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key,x-maze-snippet-src
Access-Control-Request-Method
POST
Origin
https://secure.triumphpay.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-api-key,x-maze-snippet-src
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
access-control-max-age
600
date
Tue, 29 Aug 2023 18:26:35 GMT
vary
Access-Control-Request-Headers
x-powered-by
Express

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
gateway.triumphpay.com
URL
https://gateway.triumphpay.com/prod/api/v1/core/ping?

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| dataLayer string| mazeUniversalSnippetApiKey object| webpackChunktriumphpay object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| jQueryCourage object| u2f object| beamer_config object| google_tag_manager object| google_tag_data string| _BEAMER_DATE string| _BEAMER_BOOSTED_ANNOUNCEMENT_DATE string| _BEAMER_FIRST_VISIT string| _BEAMER_USER_ID string| _BEAMER_SELECTOR_COLOR string| _BEAMER_HEADER_COLOR string| _BEAMER_TEST string| _BEAMER_LAST_UPDATE string| _BEAMER_SOUND_PLAYED string| _BEAMER_LAST_POST_SHOWN string| _BEAMER_LAST_PUSH_PROMPT_INTERACTION string| _BEAMER_FILTER_BY_URL string| _BEAMER_URL string| _BEAMER_URL_BACK string| _BEAMER_PUSH_URL string| _BEAMER_STATIC_URL boolean| _BEAMER_MASSIVE boolean| _BEAMER_IS_OPEN undefined| _BEAMER_PUSH_PROMPT_TYPE undefined| _BEAMER_PUSH_PROMPT_LABEL undefined| _BEAMER_PUSH_PROMPT_ACCEPT undefined| _BEAMER_PUSH_PROMPT_REFUSE undefined| _BEAMER_LOGO_URL boolean| _BEAMER_SHOW_PUSH_PROMPT boolean| _BEAMER_CSS_LOADED object| Beamer object| mazePrompts

0 Cookies

2 Console Messages

Source Level URL
Text
javascript error URL: https://secure.triumphpay.com/?return_url=/Login/Register
Message:
Access to XMLHttpRequest at 'https://gateway.triumphpay.com/prod/api/v1/core/ping?' from origin 'https://secure.triumphpay.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://gateway.triumphpay.com/prod/api/v1/core/ping?
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors none
Strict-Transport-Security max-age=31536000; includeSubDomains; preload