urlscan.io logo urlscan.io
SecurityTrails logo

connectandpay.com Open in urlscan Pro
18.66.139.76  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://connectandpay.com/
Effective URL: https://connectandpay.com/
Submission: On April 22 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 1 countries across 6 domains to perform 22 HTTP transactions. The main IP is 18.66.139.76, located in United States and belongs to AMAZON-02, US. The main domain is connectandpay.com. The Cisco Umbrella rank of the primary domain is 700773.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 24th 2021. Valid for: a year.
This is the only time connectandpay.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 18.66.139.76 16509 (AMAZON-02)
3 108.138.7.13 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
6 54.69.215.167 16509 (AMAZON-02)
1 52.73.254.191 14618 (AMAZON-AES)
2 54.187.159.182 16509 (AMAZON-02)
2 151.101.0.176 54113 (FASTLY)
1 44.228.63.192 16509 (AMAZON-02)
22 8
5    18.66.139.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-76.fra60.r.cloudfront.net
connectandpay.com
3    108.138.7.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-13.fra56.r.cloudfront.net
js.stripe.com
3    2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
6    54.69.215.167 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-69-215-167.us-west-2.compute.amazonaws.com
tally.prod.readytouchpos.com
1    52.73.254.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-254-191.compute-1.amazonaws.com
img.365retailmarkets.com
2    54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com
q.stripe.com
2    151.101.0.176 (United States)

ASN54113 (FASTLY, US)
m.stripe.network
1    44.228.63.192 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-228-63-192.us-west-2.compute.amazonaws.com
m.stripe.com
Apex Domain
Subdomains		 Transfer
6 readytouchpos.com
tally.prod.readytouchpos.com — Cisco Umbrella Rank: 346735
2 KB
6 stripe.com
js.stripe.com — Cisco Umbrella Rank: 964
q.stripe.com — Cisco Umbrella Rank: 6249
m.stripe.com — Cisco Umbrella Rank: 910
81 KB
5 connectandpay.com
connectandpay.com — Cisco Umbrella Rank: 700773
2 MB
3 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3155
onesignal.com — Cisco Umbrella Rank: 1188
73 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1019
17 KB
1 365retailmarkets.com
img.365retailmarkets.com — Cisco Umbrella Rank: 989653
43 KB
22 6
Domain Requested by
6 tally.prod.readytouchpos.com connectandpay.com
5 connectandpay.com 1 redirects connectandpay.com
3 js.stripe.com connectandpay.com
js.stripe.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 q.stripe.com connectandpay.com
2 cdn.onesignal.com connectandpay.com
cdn.onesignal.com
1 m.stripe.com m.stripe.network
1 img.365retailmarkets.com connectandpay.com
1 onesignal.com cdn.onesignal.com
22 9

This site contains no links.

Subject Issuer Validity Valid
connectandpay.com
Go Daddy Secure Certificate Authority - G2		 2021-06-24 -
2022-07-17		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2022-04-19 -
2022-08-05		 4 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-04 -
2022-07-03		 a year crt.sh
tally.prod.readytouchpos.com
Go Daddy Secure Certificate Authority - G2		 2021-06-24 -
2022-06-05		 a year crt.sh
*.365retailmarkets.com
Go Daddy Secure Certificate Authority - G2		 2021-06-24 -
2022-07-25		 a year crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2022-06-09		 3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-11 -
2022-08-03		 4 months crt.sh

This page contains 3 frames:

Primary Page: https://connectandpay.com/
Frame ID: FF8C81FA5C57B7891BE0CFC528BF2E85
Requests: 12 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-23335cd0c833d03926d94e8fb5cb0381.html
Frame ID: 05C686C2AB69950B2FA8FEB2525EC4A4
Requests: 3 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 350F8086070BCA753DD956C1C82FF51E
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Connect & Pay

Page URL History Show full URLs

  1. http://connectandpay.com/ HTTP 301
    https://connectandpay.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com

Page Statistics

22
Requests

100 %
HTTPS

13 %
IPv6

6
Domains

9
Subdomains

8
IPs

1
Countries

2198 kB
Transfer

7962 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://connectandpay.com/ HTTP 301
    https://connectandpay.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
connectandpay.com/
Redirect Chain
  • http://connectandpay.com/
  • https://connectandpay.com/
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://connectandpay.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-76.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a4494635d60c14b422299d87c5765d9f1fd27f759f940944ce7ae22a37007a5
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; object-src 'none'
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
18441
content-encoding
gzip
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; object-src 'none'
content-type
text/html
date
Fri, 22 Apr 2022 07:39:43 GMT
etag
W/"70df33c8256bd570a1004a1af1c381dc"
last-modified
Mon, 28 Feb 2022 18:51:04 GMT
referrer-policy
same-origin
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
x-amz-cf-id
fz8Mj9jtMinGZr1ev0Q-Uzkz9VISQ87zRlJebMiIgpqJWiL5TrUb0A==
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-amz-version-id
6YJ8JMGEqn9OH7lrPPNgvQFudAqBQjaX
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
183
Content-Type
text/html
Date
Fri, 22 Apr 2022 12:47:04 GMT
Location
https://connectandpay.com/
Server
CloudFront
Via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
X-Amz-Cf-Id
lkjAhdieNodBzzgD3sEJDm2tcNvfwTnqL20k1qc377-at3jzfXQVFw==
X-Amz-Cf-Pop
FRA60-P4
X-Cache
Redirect from cloudfront
/
js.stripe.com/v3/ 		297 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: connectandpay.com
URL: https://connectandpay.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-13.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
9dee15ce910f7c38851c0f552327b2a1868ccde11bd5ca6286abf9d4c8b91684
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
25
x-cache
Hit from cloudfront
date
Fri, 22 Apr 2022 12:46:40 GMT
via
1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
last-modified
Thu, 21 Apr 2022 18:19:10 GMT
server
Cloudfront
etag
W/"a5439317a3d814d6d3017cce646feb2b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-pop
FRA56-P6
timing-allow-origin
*
x-amz-cf-id
GhLRN3RqV9CJXqi2x57dzHgiTLW97zew0iEoc3BZ_PHNdvU47enysA==
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: connectandpay.com
URL: https://connectandpay.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 12:47:04 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1662
etag
W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6ffe77430cbbcc4e-ZRH
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 25 Apr 2022 12:47:04 GMT
runtime~app.2e9f1821.js
connectandpay.com/static/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connectandpay.com/static/js/runtime~app.2e9f1821.js
Requested by
Host: connectandpay.com
URL: https://connectandpay.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-76.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cf5179307dc84ec5a14ccca0239492462451e615bcf862c4d6a16bde628f5553
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; object-src 'none'
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connectandpay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-amz-version-id
mtHRrlCIc3Zyr2h8nT9bEwQVXyNFwH88
content-encoding
gzip
x-content-type-options
nosniff
age
62328
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
date
Fri, 22 Apr 2022 12:47:04 GMT
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Mon, 28 Feb 2022 18:51:21 GMT
server
AmazonS3
x-frame-options
DENY
etag
W/"10e90ab684dc31670ad8db85ead20410"
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
application/javascript
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; object-src 'none'
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
1E6ghxlote40K0k9m88L0D1sM1yH1rRgmHFNNGZci5x4CsoJ5_rAUg==
2.b28fc883.chunk.js
connectandpay.com/static/js/ 		5 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://connectandpay.com/static/js/2.b28fc883.chunk.js
Requested by
Host: connectandpay.com
URL: https://connectandpay.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-76.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6a56b916e844070e7b1f44d074735ea8bb01fcbf0eced29c2187a5223d2397af
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; object-src 'none'
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connectandpay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-amz-version-id
.R4R9.usex0W1pyic0aO02SundiMJCV_
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
date
Fri, 22 Apr 2022 12:47:05 GMT
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Mon, 28 Feb 2022 18:51:13 GMT
server
AmazonS3
x-frame-options
DENY
etag
W/"29d583d3d29c8e6c217fbf081f3dbaad-2"
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
application/javascript
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; object-src 'none'
x-amz-cf-id
-_LWa2LOP9lQcgDqRyH_gt9hF43UPbHaVGpxbPBeHiJ_VyeYepVhEw==
app.68ba9d35.chunk.js
connectandpay.com/static/js/ 		2 MB
468 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connectandpay.com/static/js/app.68ba9d35.chunk.js
Requested by
Host: connectandpay.com
URL: https://connectandpay.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-76.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0e09f3075df1ccff5fff158733b5a70f27a5738b3ba581afdd21b9686795bd24
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; object-src 'none'
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connectandpay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:03:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81836
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Mon, 28 Feb 2022 18:51:18 GMT
server
AmazonS3
x-frame-options
DENY
etag
W/"68e8eccc7a46098d9126971e94618e1d"
vary
Accept-Encoding
x-amz-version-id
KumIVMi7XcTaROhhc7272kIruTKNIm4O
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; object-src 'none'
x-amz-cf-pop
FRA60-P4
content-type
application/javascript
x-amz-cf-id
FG8UnxpCpRz8SqN1zRfQbPwLYIYXGr8M__xrCaXHVMNqLbGggyuGhg==
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		283 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 12:47:04 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1655
etag
W/"0e269028feac530d16f00d8dad8ece74"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6ffe77437d36cc4e-ZRH
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 25 Apr 2022 12:47:04 GMT
register
tally.prod.readytouchpos.com/tallyapi/auth/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tally.prod.readytouchpos.com/tallyapi/auth/register
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.69.215.167 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-69-215-167.us-west-2.compute.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://connectandpay.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin, X-Requested-With, X-AUTHENTICATION, X-IP, Authorization
access-control-allow-methods
GET,PUT,POST,DELETE,PATCH
access-control-allow-origin
https://connectandpay.com
date
Fri, 22 Apr 2022 12:47:06 GMT
server-timing
intid;desc=82c451eddfea305b
x-powered-by
Express
x-request-id
0a5557ed-478b-45ef-b977-552874e55578
web
onesignal.com/api/v1/sync/979fc659-8f8a-42cc-b678-3ccf69ff9aa9/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/979fc659-8f8a-42cc-b678-3ccf69ff9aa9/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ca88394edc90f47042c1e5c249f3be7d375b840488aad662a9a1dc70784afb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 12:47:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
status
200 OK
x-envoy-upstream-service-time
231
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
d0f9789c-e3bd-4816-a378-5e0e65c48598
x-runtime
0.230301
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"8ca88394edc90f47042c1e5c249f3be7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-download-options
noopen
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
6ffe774bde1fcc4e-ZRH
access-control-allow-headers
SDK-Version
expires
Fri, 22 Apr 2022 13:47:05 GMT
register
tally.prod.readytouchpos.com/tallyapi/auth/ 		91 B
470 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tally.prod.readytouchpos.com/tallyapi/auth/register
Requested by
Host: connectandpay.com
URL: https://connectandpay.com/static/js/app.68ba9d35.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.69.215.167 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-69-215-167.us-west-2.compute.amazonaws.com
Software
Jetty(9.3.5.v20151012) / Express
Resource Hash
ca7b2a7f2e427b3c220bde1d111611a778c080bb349ff9b8dc36e9748ab30292

Request headers

Accept
application/json
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 22 Apr 2022 12:47:06 GMT
server
Jetty(9.3.5.v20151012)
x-powered-by
Express
access-control-allow-methods
GET,PUT,POST,DELETE,PATCH
content-type
application/json
access-control-allow-origin
https://connectandpay.com
access-control-allow-credentials
true
server-timing
intid;desc=0a82e54bc43371ff
access-control-allow-headers
Content-Type, Origin, X-Requested-With, X-AUTHENTICATION, X-IP, Authorization
content-length
91
x-request-id
a2c4f19e-3f89-4ced-9c9f-dec9cefb71cd
canteen-connect-and-pay-logo-dark.png
img.365retailmarkets.com/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.365retailmarkets.com/canteen-connect-and-pay-logo-dark.png
Requested by
Host: connectandpay.com
URL: https://connectandpay.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
52.73.254.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-254-191.compute-1.amazonaws.com
Software
Apache/2.4.52 (Debian) /
Resource Hash
14059a0401805b7b63da7265ed72d6f2840fc8b9e91a1cb9668e2019a7683aba

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Fri, 22 Apr 2022 12:47:05 GMT
Last-Modified
Fri, 03 May 2019 14:03:01 GMT
Server
Apache/2.4.52 (Debian)
ETag
"aa80-587fc35733507"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
43648
m-outer-23335cd0c833d03926d94e8fb5cb0381.html
js.stripe.com/v3/ Frame 05C6 		240 B
981 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-23335cd0c833d03926d94e8fb5cb0381.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-13.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
a112f8f0717d42ab09edf17e6583b29dc651b7cda4b474e413a3558d0f16ad67
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2423
cache-control
max-age=31536000
content-length
240
content-security-policy
default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Fri, 22 Apr 2022 12:06:42 GMT
etag
"23335cd0c833d03926d94e8fb5cb0381"
last-modified
Tue, 05 Apr 2022 17:50:14 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
x-amz-cf-id
bj3WCoEA54LdhjhE-RjQJ9etnf4AfoGbQxIKnm4UkG0PChkK5MVPgA==
x-amz-cf-pop
FRA56-P6
x-cache
Hit from cloudfront
x-content-type-options
nosniff
csp-report
q.stripe.com/ Frame 05C6 		0
346 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: connectandpay.com
URL: https://connectandpay.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 22 Apr 2022 12:47:06 GMT
server
nginx
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
x-envoy-upstream-service-time
1
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length
0
m-outer-8828f6fcad654313f23d9a7d1f1eb715.js
js.stripe.com/v3/fingerprinted/js/ Frame 05C6 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-8828f6fcad654313f23d9a7d1f1eb715.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-23335cd0c833d03926d94e8fb5cb0381.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-13.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
990a970d0b13f02acfecc901ef01c6d8fd87b05fbb7173e2a1ecb5ffbc3ef514
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-23335cd0c833d03926d94e8fb5cb0381.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
15
x-cache
Hit from cloudfront
date
Fri, 22 Apr 2022 12:46:51 GMT
via
1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
last-modified
Tue, 05 Apr 2022 17:50:29 GMT
server
Cloudfront
etag
W/"d0c7e21ec457b6a134a496f107c3ca93"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-pop
FRA56-P6
timing-allow-origin
*
x-amz-cf-id
1e-LGXqwOc5dCFYQT3NUwflDxy3kXOfI3Jptmjak5q9Rqxh0owXmLg==
inner.html
m.stripe.network/ Frame 350F 		930 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8828f6fcad654313f23d9a7d1f1eb715.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
100
cache-control
max-age=300, public
content-encoding
gzip
content-length
527
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Fri, 22 Apr 2022 12:47:05 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 varnish
x-cache
HIT
x-cache-hits
189
x-content-type-options
nosniff
x-request-id
7c39449e-65b6-4a8b-8268-2d548c845fbf
x-served-by
cache-hhn4036-HHN
x-timer
S1650631626.689567,VS0,VE0
csp-report
q.stripe.com/ Frame 350F 		0
121 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: connectandpay.com
URL: https://connectandpay.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 22 Apr 2022 12:47:06 GMT
x-envoy-upstream-service-time
1
server
nginx
content-length
0
strict-transport-security
max-age=31556926; includeSubDomains; preload
out-4.5.42.js
m.stripe.network/ Frame 350F 		86 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
183
x-cache
HIT
content-length
16031
x-request-id
b24b7cc7-ae63-4256-bd39-904237b43f31
x-served-by
cache-hhn4036-HHN
server
Fastly
x-timer
S1650631626.703206,VS0,VE0
date
Fri, 22 Apr 2022 12:47:05 GMT
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=300, public
accept-ranges
bytes
x-cache-hits
315
6
m.stripe.com/ Frame 350F 		156 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.228.63.192 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-228-63-192.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
f1c41c68dbde8b0f0cab61ce20fe77e37c47fc31e734896bbc67aab015ef3542
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 22 Apr 2022 12:47:06 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
login
tally.prod.readytouchpos.com/tallyapi/auth/ 		279 B
681 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tally.prod.readytouchpos.com/tallyapi/auth/login
Requested by
Host: connectandpay.com
URL: https://connectandpay.com/static/js/app.68ba9d35.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.69.215.167 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-69-215-167.us-west-2.compute.amazonaws.com
Software
/ Express
Resource Hash
d47e335da3078b04a58370dfbab3d8d6d7dfc98cd832f2471e1aba11e747015f

Request headers

Accept
application/json
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 22 Apr 2022 12:47:06 GMT
x-powered-by
Express
etag
W/"117-hhfZBQn+vBzpDqIdRkHsNmgwVwo"
access-control-allow-methods
GET,PUT,POST,DELETE,PATCH
content-type
application/json; charset=utf-8
access-control-allow-origin
https://connectandpay.com
access-control-allow-credentials
true
server-timing
intid;desc=594e5d2e91412d09
access-control-allow-headers
Content-Type, Origin, X-Requested-With, X-AUTHENTICATION, X-IP, Authorization
content-length
279
x-request-id
dc4f5cf9-7ea4-43c8-9707-25374d7bc04e
login
tally.prod.readytouchpos.com/tallyapi/auth/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tally.prod.readytouchpos.com/tallyapi/auth/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.69.215.167 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-69-215-167.us-west-2.compute.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://connectandpay.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin, X-Requested-With, X-AUTHENTICATION, X-IP, Authorization
access-control-allow-methods
GET,PUT,POST,DELETE,PATCH
access-control-allow-origin
https://connectandpay.com
date
Fri, 22 Apr 2022 12:47:06 GMT
server-timing
intid;desc=ce7d10cf9de1bee5
x-powered-by
Express
x-request-id
0a0a94bb-bbcc-495b-92ec-0e4eb747d790
privacyversion
tally.prod.readytouchpos.com/gmaapi/gma/ 		64 B
445 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tally.prod.readytouchpos.com/gmaapi/gma/privacyversion?id=
Requested by
Host: connectandpay.com
URL: https://connectandpay.com/static/js/app.68ba9d35.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.69.215.167 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-69-215-167.us-west-2.compute.amazonaws.com
Software
Jetty(9.2.30.v20200428) / Express
Resource Hash
f67ddaafea12de1f989121f23bbd4900361f4963dabb8bd1dde0699b76b861dc

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Referer
accept-language
de-DE,de;q=0.9
Authorization
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhcGlrZXkiOiJiYjU3MjYxYjIyZWY3NjU4N2VlYmQ0NjllN2RmZGRiYSIsInJvbGVzIjpbIjM2NXBheSJdLCJpYXQiOjE2NTA2MzE2MjYsImV4cCI6MTY1MDYzODgyNiwic3ViIjoiYmI1NzI2MWIyMmVmNzY1ODdlZWJkNDY5ZTdkZmRkYmEifQ.iYRStqrI-4XU3BEA-47q6Hi9KJqsMzEdpbvvU_PJv4c
Content-Type
application/json

Response headers

date
Fri, 22 Apr 2022 12:47:06 GMT
server
Jetty(9.2.30.v20200428)
x-powered-by
Express
access-control-allow-methods
GET,PUT,POST,DELETE,PATCH
content-type
application/json
access-control-allow-origin
https://connectandpay.com
access-control-allow-credentials
true
server-timing
intid;desc=8d2a2a45c454f98d
access-control-allow-headers
Content-Type, Origin, X-Requested-With, X-AUTHENTICATION, X-IP, Authorization
content-length
64
x-request-id
b5c18b67-82ac-4c30-9a61-4abe23dba5fd
privacyversion
tally.prod.readytouchpos.com/gmaapi/gma/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tally.prod.readytouchpos.com/gmaapi/gma/privacyversion?id=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.69.215.167 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-69-215-167.us-west-2.compute.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
GET
Origin
https://connectandpay.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin, X-Requested-With, X-AUTHENTICATION, X-IP, Authorization
access-control-allow-methods
GET,PUT,POST,DELETE,PATCH
access-control-allow-origin
https://connectandpay.com
date
Fri, 22 Apr 2022 12:47:06 GMT
server-timing
intid;desc=d912c1d421e6fc96
x-powered-by
Express
x-request-id
e4210d3a-f4af-49b3-b838-7f0af0ad3a9c

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| __webpackStripeJSv3Jsonp function| Stripe object| webpackJsonp function| OneSignal number| __oneSignalSdkLoadCount function| setImmediate function| clearImmediate object| regeneratorRuntime function| _ object| AWS function| Buffer function| Alert7 boolean| __reactResponderSystemActive function| __jp0

5 Cookies

Domain/Path Name / Value
connectandpay.com/ Name: ai_user
Value: IO1rlv/CYo+iNGBAiCQywi|2022-04-22T12:47:05.314Z
connectandpay.com/ Name: ai_session
Value: CwZZRw+/qUC5td9BJmBc7+|1650631625571|1650631625571
m.stripe.com/ Name: m
Value: 2ab4fe39-eb13-40a1-9843-961a05137767e1f899
.connectandpay.com/ Name: __stripe_mid
Value: 6b094969-2778-4a12-bd6d-42a404361793ba85f6
.connectandpay.com/ Name: __stripe_sid
Value: b0755bc9-02f1-4055-9b2f-4dee7f20c1eb59eead

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; object-src 'none'
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.onesignal.com
connectandpay.com
img.365retailmarkets.com
js.stripe.com
m.stripe.com
m.stripe.network
onesignal.com
q.stripe.com
tally.prod.readytouchpos.com
108.138.7.13
151.101.0.176
18.66.139.76
2606:4700::6812:e134
44.228.63.192
52.73.254.191
54.187.159.182
54.69.215.167
0e09f3075df1ccff5fff158733b5a70f27a5738b3ba581afdd21b9686795bd24
14059a0401805b7b63da7265ed72d6f2840fc8b9e91a1cb9668e2019a7683aba
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153
6a56b916e844070e7b1f44d074735ea8bb01fcbf0eced29c2187a5223d2397af
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403
8ca88394edc90f47042c1e5c249f3be7d375b840488aad662a9a1dc70784afb3
990a970d0b13f02acfecc901ef01c6d8fd87b05fbb7173e2a1ecb5ffbc3ef514
9a4494635d60c14b422299d87c5765d9f1fd27f759f940944ce7ae22a37007a5
9dee15ce910f7c38851c0f552327b2a1868ccde11bd5ca6286abf9d4c8b91684
a112f8f0717d42ab09edf17e6583b29dc651b7cda4b474e413a3558d0f16ad67
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
ca7b2a7f2e427b3c220bde1d111611a778c080bb349ff9b8dc36e9748ab30292
cf5179307dc84ec5a14ccca0239492462451e615bcf862c4d6a16bde628f5553
d47e335da3078b04a58370dfbab3d8d6d7dfc98cd832f2471e1aba11e747015f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1c41c68dbde8b0f0cab61ce20fe77e37c47fc31e734896bbc67aab015ef3542
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f67ddaafea12de1f989121f23bbd4900361f4963dabb8bd1dde0699b76b861dc