auth.dev.payla.io Open in urlscan Pro
104.18.12.126 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://eve.dev.payla.io/
Effective URL:
https://auth.dev.payla.io/ui/login?flow=0cc4d1f4-f5ff-4353-ae45-9d02ac8ac25a
Submission: On April 21 via api (April 21st 2024, 10:54:23 pm UTC) from US — Scanned from DE

Summary HTTP 25 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 2 domains to perform 25 HTTP transactions. The main IP is 104.18.12.126, located in and belongs to CLOUDFLARENET, US. The main domain is auth.dev.payla.io.
TLS certificate: Issued by GTS CA 1P5 on April 6th 2024. Valid for: 3 months.

This is the only time auth.dev.payla.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	18.245.86.44 18.245.86.44	16509 (AMAZON-02) (AMAZON-02)
1	35.158.25.83 35.158.25.83	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700::68... 2606:4700::6812:d7e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 17	104.18.12.126 104.18.12.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::201b	15169 (GOOGLE) (GOOGLE)
25	5

6 18.245.86.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-44.fra60.r.cloudfront.net

eve.dev.payla.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.158.25.83 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-25-83.eu-central-1.compute.amazonaws.com

sentry.payla.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:d7e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

auth.dev.payla.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 104.18.12.126 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

auth.dev.payla.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	payla.io 2 redirects eve.dev.payla.io sentry.payla.io auth.dev.payla.io	617 KB
1	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 361	3 KB
25	2

	Domain	Requested by
19	auth.dev.payla.io	2 redirects eve.dev.payla.io auth.dev.payla.io
6	eve.dev.payla.io	eve.dev.payla.io
1	storage.googleapis.com	auth.dev.payla.io
1	sentry.payla.io	eve.dev.payla.io
25	4

This site contains no links.

Subject Issuer	Validity	Valid
eve.dev.payla.io Amazon RSA 2048 M02	`2024-03-21` - `2025-04-19`	a year	crt.sh
*.payla.io Amazon RSA 2048 M03	`2024-01-03` - `2025-02-01`	a year	crt.sh
auth.dev.payla.io GTS CA 1P5	`2024-04-06` - `2024-07-05`	3 months	crt.sh
storage.googleapis.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://auth.dev.payla.io/ui/login?flow=0cc4d1f4-f5ff-4353-ae45-9d02ac8ac25a
Frame ID: 8108C8FABDB7E88BFFD6E956711AA444
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in

Page URL History Show full URLs

https://eve.dev.payla.io/ Page URL
https://auth.dev.payla.io/ui/login?return_to=https://eve.dev.payla.io/ HTTP 303
https://auth.dev.payla.io/self-service/login/browser?aal=&refresh=&return_to=https%3A%2F%2Feve.dev.pay... HTTP 303
https://auth.dev.payla.io/ui/login?flow=0cc4d1f4-f5ff-4353-ae45-9d02ac8ac25a Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

25
Requests

100 %
HTTPS

40 %
IPv6

2
Domains

4
Subdomains

5
IPs

3
Countries

617 kB
Transfer

1592 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://eve.dev.payla.io/ Page URL
https://auth.dev.payla.io/ui/login?return_to=https://eve.dev.payla.io/ HTTP 303
https://auth.dev.payla.io/self-service/login/browser?aal=&refresh=&return_to=https%3A%2F%2Feve.dev.payla.io%2F&organization=&via= HTTP 303
https://auth.dev.payla.io/ui/login?flow=0cc4d1f4-f5ff-4353-ae45-9d02ac8ac25a Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
eve.dev.payla.io/ 1 KB
923 B 189ms
80ms Document
text/html 18.245.86.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eve.dev.payla.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-44.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 53c38039dd1a3cf46390541235b6f3ebd3091134e3768c3c978aea1fbd874df9

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
content-encoding: br
content-type: text/html
date: Sun, 21 Apr 2024 22:54:20 GMT
etag: W/"e2e3a0508c2e4cefe7d8ff98156c645f"
last-modified: Fri, 12 Apr 2024 12:51:58 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 75102a66d781b0fa0df5617ce2738546.cloudfront.net (CloudFront)
x-amz-cf-id: YM8ilCUQFK49G8YjaziV5x4QcDlk4hsw8iJnK4BC9hkT3rWM44N4mw==
x-amz-cf-pop: FRA60-P6
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront

GET
H2 200 index-CX1eqxdE.js Show response
eve.dev.payla.io/assets/ 970 KB
248 KB 102ms
101ms Script
text/javascript 18.245.86.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eve.dev.payla.io/assets/index-CX1eqxdE.js
Requested by: Host: eve.dev.payla.io
URL: https://eve.dev.payla.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-44.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8332c8109dcda19f24c5d3e55260a0f51756963a02fdc1d93813c88fb5f43f76

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://eve.dev.payla.io/
Origin: https://eve.dev.payla.io
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 22:54:20 GMT
content-encoding: br
via: 1.1 75102a66d781b0fa0df5617ce2738546.cloudfront.net (CloudFront)
last-modified: Fri, 12 Apr 2024 12:51:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
etag: W/"83a8d0d4e4af557634c8eb5617ba847a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: YG47_U6dzxoQGyNI1IpCohDnKqYP6ShjcNdsZwQIkTJ2STe_MYaYNQ==

GET
H2 200 index-CwqrO4lz.css
eve.dev.payla.io/assets/ 188 KB
28 KB 157ms
156ms Stylesheet
text/css 18.245.86.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eve.dev.payla.io/assets/index-CwqrO4lz.css
Requested by: Host: eve.dev.payla.io
URL: https://eve.dev.payla.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-44.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be0e0ae01f70ff35e013ee4865e3a94228019869a8f906b096e88a862b8871dd

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://eve.dev.payla.io/
Origin: https://eve.dev.payla.io
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 22:54:20 GMT
content-encoding: br
via: 1.1 75102a66d781b0fa0df5617ce2738546.cloudfront.net (CloudFront)
last-modified: Fri, 12 Apr 2024 12:51:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
etag: W/"68a51d3a057c9273233eb2731ede8df0"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: T6DksAGqXJvQdlVq5hSxg4Tzr2or_EJbBiQV1cr6yyX2tSzrC3-AtA==

POST
H2 200 / Show response
sentry.payla.io/api/14/envelope/ 2 B
204 B 180ms
43ms Fetch
application/json 35.158.25.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sentry.payla.io/api/14/envelope/?sentry_key=e53b20db2c034ae6909e30315c429817&sentry_version=7&sentry_client=sentry.javascript.react%2F7.37.2
Requested by: Host: eve.dev.payla.io
URL: https://eve.dev.payla.io/assets/index-CX1eqxdE.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.25.83 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-25-83.eu-central-1.compute.amazonaws.com
Software: sentry-relay/22.11.0 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://eve.dev.payla.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://eve.dev.payla.io
date: Sun, 21 Apr 2024 22:54:19 GMT
access-control-expose-headers: retry-after, x-sentry-rate-limits, x-sentry-error
server: sentry-relay/22.11.0
content-length: 2
vary: Origin
content-type: application/json

GET
H3 200 common.json Show response
eve.dev.payla.io/locales/en-US/ 1 KB
854 B 112ms
111ms Fetch
text/html 18.245.86.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eve.dev.payla.io/locales/en-US/common.json
Requested by: Host: eve.dev.payla.io
URL: https://eve.dev.payla.io/assets/index-CX1eqxdE.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.245.86.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-44.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 53c38039dd1a3cf46390541235b6f3ebd3091134e3768c3c978aea1fbd874df9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://eve.dev.payla.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 22:54:20 GMT
content-encoding: br
via: 1.1 e0bdfd4f00aaa5b927cf38c4eda059ca.cloudfront.net (CloudFront)
last-modified: Fri, 12 Apr 2024 12:51:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
etag: W/"e2e3a0508c2e4cefe7d8ff98156c645f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Error from cloudfront
content-type: text/html
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: P0d2YL-sla8J48y-Ocnubna41t8tPOSQNr7rzYu-N5xHNJqNPLR23A==

GET
H3 200 common.json Show response
eve.dev.payla.io/locales/en/ 9 KB
2 KB 83ms
83ms Fetch
application/json 18.245.86.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eve.dev.payla.io/locales/en/common.json
Requested by: Host: eve.dev.payla.io
URL: https://eve.dev.payla.io/assets/index-CX1eqxdE.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.245.86.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-44.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c3e9b2de5865bdb1c476b179b9a5b8629e590ab9bf09f47515a966f768927656

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://eve.dev.payla.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 22:54:20 GMT
content-encoding: br
via: 1.1 e0bdfd4f00aaa5b927cf38c4eda059ca.cloudfront.net (CloudFront)
last-modified: Fri, 12 Apr 2024 12:51:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
etag: W/"d9db9aa33ca1b681e25a06d8442da286"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: VXgNH8zQ-gmIIF1TJcc7eNpM0ae7iJH-3EOLyp68ozlHHYuMpK34BQ==

GET
H2 401 whoami
auth.dev.payla.io/sessions/ 206 B
1008 B 748ms
126ms XHR
application/json 2606:4700::6812:d7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.dev.payla.io/sessions/whoami
Requested by: Host: eve.dev.payla.io
URL: https://eve.dev.payla.io/assets/index-CX1eqxdE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://eve.dev.payla.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 22:54:20 GMT
cf-cache-status: DYNAMIC
server: cloudflare
ory-network-region: euw
vary: Origin,Origin,Cookie, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://eve.dev.payla.io
access-control-expose-headers: Cache-Control, Expires, Last-Modified, Pragma, Content-Length, Content-Language, Content-Type
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
ory-session-edge-status: MISS
cf-ray: 8780f490ee351c2e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 206

GET
H3 200 favicon.ico
eve.dev.payla.io/ 4 KB
4 KB 92ms
92ms Other
image/vnd.microsoft.icon 18.245.86.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eve.dev.payla.io/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.245.86.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-44.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 88dfd16e9ee4bb9af242fe63f4de8cfe0ed63d423e5a61bcf2d5aa535f4e0048

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://eve.dev.payla.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 22:54:20 GMT
via: 1.1 e0bdfd4f00aaa5b927cf38c4eda059ca.cloudfront.net (CloudFront)
last-modified: Fri, 12 Apr 2024 12:51:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
x-amz-server-side-encryption: AES256
etag: "85b6dc364725c9a7ebc327c2efcce064"
x-cache: Miss from cloudfront
content-type: image/vnd.microsoft.icon
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 4286
x-amz-cf-id: XCLNip1j6vLY-_QQ6IJ0IldPWY8DYgTDx08YVCFXV208ORFkhHNUjg==

GET
H3

200

Primary Request login Show response
auth.dev.payla.io/ui/
Redirect Chain

https://auth.dev.payla.io/ui/login?return_to=https://eve.dev.payla.io/
https://auth.dev.payla.io/self-service/login/browser?aal=&refresh=&return_to=https%3A%2F%2Feve.dev.payla.io%2F&organization=&via=
https://auth.dev.payla.io/ui/login?flow=0cc4d1f4-f5ff-4353-ae45-9d02ac8ac25a

9 KB
4 KB

198ms
198ms

Document
text/html

104.18.12.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.dev.payla.io/ui/login?flow=0cc4d1f4-f5ff-4353-ae45-9d02ac8ac25a

Requested by

Host: eve.dev.payla.io
URL: https://eve.dev.payla.io/assets/index-CX1eqxdE.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.126 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59570d97984dec1d3f34fc5ff9fb1520bf4fe21ea11638d0c3ecb377eac20ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://eve.dev.payla.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8780f4950882451c-TXL
content-encoding: gzip
content-security-policy-report-only: default-src 'self';worker-src 'self' blob:;script-src 'self' 'unsafe-inline' https://app.usercentrics.eu https://www.googletagmanager.com https://sst.ory.sh https://ory.sh https://www.ory.sh https://js.stripe.com https://sqa-web.ory.sh https://cdn.jsdelivr.net https://static.cloudflareinsights.com https://eu.posthog.com https://api.console.ory.sh;connect-src 'self' https://project.console.ory.sh https://*.projects.oryapis.com https://console.ory.sh https://*.projects.console.ory.sh https://api.console.ory.sh wss://project.console.ory.sh wss://*.projects.oryapis.com wss://console.ory.sh wss://*.projects.console.ory.sh wss://api.console.ory.sh https://*.ingest.sentry.io https://sqa-web.ory.sh https://eu.posthog.com https://storage.googleapis.com/bac-gcs-production;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net;base-uri 'self';form-action 'self' https://project.console.ory.sh https://*.projects.oryapis.com https://console.ory.sh https://*.projects.console.ory.sh https://api.console.ory.sh https://github.com;frame-src 'self' https://js.stripe.com;font-src 'self' https://fonts.gstatic.com https://cdn.jsdelivr.net;object-src 'none';manifest-src 'self';frame-ancestors 'none';img-src 'self' https://q.stripe.com https://js.stripe.com data:;
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
date: Sun, 21 Apr 2024 22:54:21 GMT
etag: W/"2570-eGr3HIffkL2QuKudWn8Uh/Eo6pU"
ory-network-region: euw
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), usb=()
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Origin,Origin
x-content-type-options: nosniff
x-frame-options: DENY

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8780f492cc5e451c-TXL
content-length: 103
content-type: text/html; charset=utf-8
date: Sun, 21 Apr 2024 22:54:20 GMT
location: https://auth.dev.payla.io/ui/login?flow=0cc4d1f4-f5ff-4353-ae45-9d02ac8ac25a
ory-network-region: euw
server: cloudflare
vary: Origin,Origin,Cookie

GET
H3 200 normalize.css
auth.dev.payla.io/ui/assets/ 6 KB
3 KB 135ms
134ms Stylesheet
text/css 104.18.12.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.dev.payla.io/ui/assets/normalize.css

Requested by

Host: auth.dev.payla.io
URL: https://auth.dev.payla.io/ui/login?flow=0cc4d1f4-f5ff-4353-ae45-9d02ac8ac25a

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.126 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a75510b28883629cb92761ce242c2e93ec56be428936dd7ebbc2de572b32e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://auth.dev.payla.io/ui/login?flow=0cc4d1f4-f5ff-4353-ae45-9d02ac8ac25a
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 22:54:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy-report-only: default-src 'self';worker-src 'self' blob:;script-src 'self' 'unsafe-inline' https://app.usercentrics.eu https://www.googletagmanager.com https://sst.ory.sh https://ory.sh https://www.ory.sh https://js.stripe.com https://sqa-web.ory.sh https://cdn.jsdelivr.net https://static.cloudflareinsights.com https://eu.posthog.com https://api.console.ory.sh;connect-src 'self' https://project.console.ory.sh https://*.projects.oryapis.com https://console.ory.sh https://*.projects.console.ory.sh https://api.console.ory.sh wss://project.console.ory.sh wss://*.projects.oryapis.com wss://console.ory.sh wss://*.projects.console.ory.sh wss://api.console.ory.sh https://*.ingest.sentry.io https://sqa-web.ory.sh https://eu.posthog.com https://storage.googleapis.com/bac-gcs-production;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net;base-uri 'self';form-action 'self' https://project.console.ory.sh https://*.projects.oryapis.com https://console.ory.sh https://*.projects.console.ory.sh https://api.console.ory.sh https://github.com;frame-src 'self' https://js.stripe.com;font-src 'self' https://fonts.gstatic.com https://cdn.jsdelivr.net;object-src 'none';manifest-src 'self';frame-ancestors 'none';img-src 'self' https://q.stripe.com https://js.stripe.com data:;
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Apr 2024 06:24:37 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
ory-network-region: euw
etag: W/"17fe-18ef5074088"
vary: Origin,Origin, Accept-Encoding
x-frame-options: DENY
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), usb=()
cf-ray: 8780f4965bc6451c-TXL
expires: Mon, 22 Apr 2024 02:54:21 GMT

GET
H3 200 inter-font.css
auth.dev.payla.io/ui/assets/ 688 B
2 KB 126ms
125ms Stylesheet
text/css 104.18.12.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.dev.payla.io/ui/assets/inter-font.css

Requested by

Host: auth.dev.payla.io
URL: https://auth.dev.payla.io/ui/login?flow=0cc4d1f4-f5ff-4353-ae45-9d02ac8ac25a

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.126 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3be2fa4bbb80b01ddf6a34bdd24a642cd8378c8f1b85af025a6d9c3b35b5b66b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://auth.dev.payla.io/ui/login?flow=0cc4d1f4-f5ff-4353-ae45-9d02ac8ac25a
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 22:54:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy-report-only: default-src 'self';worker-src 'self' blob:;script-src 'self' 'unsafe-inline' https://app.usercentrics.eu https://www.googletagmanager.com https://sst.ory.sh https://ory.sh https://www.ory.sh https://js.stripe.com https://sqa-web.ory.sh https://cdn.jsdelivr.net https://static.cloudflareinsights.com https://eu.posthog.com https://api.console.ory.sh;connect-src 'self' https://project.console.ory.sh https://*.projects.oryapis.com https://console.ory.sh https://*.projects.console.ory.sh https://api.console.ory.sh wss://project.console.ory.sh wss://*.projects.oryapis.com wss://console.ory.sh wss://*.projects.console.ory.sh wss://api.console.ory.sh https://*.ingest.sentry.io https://sqa-web.ory.sh https://eu.posthog.com https://storage.googleapis.com/bac-gcs-production;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net;base-uri 'self';form-action 'self' https://project.console.ory.sh https://*.projects.oryapis.com https://console.ory.sh https://*.projects.console.ory.sh https://api.console.ory.sh https://github.com;frame-src 'self' https://js.stripe.com;font-src 'self' https://fonts.gstatic.com https://cdn.jsdelivr.net;object-src 'none';manifest-src 'self';frame-ancestors 'none';img-src 'self' https://q.stripe.com https://js.stripe.com data:;
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Apr 2024 06:24:37 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
ory-network-region: euw
etag: W/"2b0-18ef5074088"
vary: Origin,Origin, Accept-Encoding
x-frame-options: DENY
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), usb=()
cf-ray: 8780f4965bcb451c-TXL
expires: Mon, 22 Apr 2024 02:54:21 GMT

GET
H3 200 jetbrains-mono-font.css
auth.dev.payla.io/ui/assets/ 324 B
2 KB 164ms
162ms Stylesheet
text/css 104.18.12.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.dev.payla.io/ui/assets/jetbrains-mono-font.css

Requested by

Host: auth.dev.payla.io
URL: https://auth.dev.payla.io/ui/login?flow=0cc4d1f4-f5ff-4353-ae45-9d02ac8ac25a

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.126 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

549af8fb793b1b1def1668f988fb585504fbe16a496c85462fab610aa51c5958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://auth.dev.payla.io/ui/login?flow=0cc4d1f4-f5ff-4353-ae45-9d02ac8ac25a
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 22:54:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy-report-only: default-src 'self';worker-src 'self' blob:;script-src 'self' 'unsafe-inline' https://app.usercentrics.eu https://www.googletagmanager.com https://sst.ory.sh https://ory.sh https://www.ory.sh https://js.stripe.com https://sqa-web.ory.sh https://cdn.jsdelivr.net https://static.cloudflareinsights.com https://eu.posthog.com https://api.console.ory.sh;connect-src 'self' https://project.console.ory.sh https://*.projects.oryapis.com https://console.ory.sh https://*.projects.console.ory.sh https://api.console.ory.sh wss://project.console.ory.sh wss://*.projects.oryapis.com wss://console.ory.sh wss://*.projects.console.ory.sh wss://api.console.ory.sh https://*.ingest.sentry.io https://sqa-web.ory.sh https://eu.posthog.com https://storage.googleapis.com/bac-gcs-production;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net;base-uri 'self';form-action 'self' https://project.console.ory.sh https://*.projects.oryapis.com https://console.ory.sh https://*.projects.console.ory.sh https://api.console.ory.sh https://github.com;frame-src 'self' https://js.stripe.com;font-src 'self' https://fonts.gstatic.com https://cdn.jsdelivr.net;object-src 'none';manifest-src 'self';frame-ancestors 'none';img-src 'self' https://q.stripe.com https://js.stripe.com data:;
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Apr 2024 06:24:37 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
ory-network-region: euw
etag: W/"144-18ef5074088"
vary: Origin,Origin, Accept-Encoding
x-frame-options: DENY
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), usb=()
cf-ray: 8780f4965bd1451c-TXL
expires: Mon, 22 Apr 2024 02:54:21 GMT

GET
H3 200 fa-brands.min.css
auth.dev.payla.io/ui/assets/ 18 KB
6 KB 133ms
132ms Stylesheet
text/css 104.18.12.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.dev.payla.io/ui/assets/fa-brands.min.css

Requested by

Host: auth.dev.payla.io
URL: https://auth.dev.payla.io/ui/login?flow=0cc4d1f4-f5ff-4353-ae45-9d02ac8ac25a

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.126 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6753e3a077ea4cfe6351964fd9d5565767221a902013e9a98d95cf75896be7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://auth.dev.payla.io/ui/login?flow=0cc4d1f4-f5ff-4353-ae45-9d02ac8ac25a
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 22:54:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy-report-only: default-src 'self';worker-src 'self' blob:;script-src 'self' 'unsafe-inline' https://app.usercentrics.eu https://www.googletagmanager.com https://sst.ory.sh https://ory.sh https://www.ory.sh https://js.stripe.com https://sqa-web.ory.sh https://cdn.jsdelivr.net https://static.cloudflareinsights.com https://eu.posthog.com https://api.console.ory.sh;connect-src 'self' https://project.console.ory.sh https://*.projects.oryapis.com https://console.ory.sh https://*.projects.console.ory.sh https://api.console.ory.sh wss://project.console.ory.sh wss://*.projects.oryapis.com wss://console.ory.sh wss://*.projects.console.ory.sh wss://api.console.ory.sh https://*.ingest.sentry.io https://sqa-web.ory.sh https://eu.posthog.com https://storage.googleapis.com/bac-gcs-production;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net;base-uri 'self';form-action 'self' https://project.console.ory.sh https://*.projects.oryapis.com https://console.ory.sh https://*.projects.console.ory.sh https://api.console.ory.sh https://github.com;frame-src 'self' https://js.stripe.com;font-src 'self' https://fonts.gstatic.com https://cdn.jsdelivr.net;object-src 'none';manifest-src 'self';frame-ancestors 'none';img-src 'self' https://q.stripe.com https://js.stripe.com data:;
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Apr 2024 06:24:36 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
ory-network-region: euw
etag: W/"488f-18ef5073ca0"
vary: Origin,Origin, Accept-Encoding
x-frame-options: DENY
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), usb=()
cf-ray: 8780f4965bd5451c-TXL
expires: Mon, 22 Apr 2024 02:54:21 GMT

GET
H3 200 fa-solid.min.css
auth.dev.payla.io/ui/assets/ 552 B
2 KB 174ms
173ms Stylesheet
text/css 104.18.12.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.dev.payla.io/ui/assets/fa-solid.min.css

Requested by

Host: auth.dev.payla.io
URL: https://auth.dev.payla.io/ui/login?flow=0cc4d1f4-f5ff-4353-ae45-9d02ac8ac25a

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.126 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e9700f9a5acea4b294b2a914847f20526ac914116eddb1af75ebe6a2c671818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://auth.dev.payla.io/ui/login?flow=0cc4d1f4-f5ff-4353-ae45-9d02ac8ac25a
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 22:54:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy-report-only: default-src 'self';worker-src 'self' blob:;script-src 'self' 'unsafe-inline' https://app.usercentrics.eu https://www.googletagmanager.com https://sst.ory.sh https://ory.sh https://www.ory.sh https://js.stripe.com https://sqa-web.ory.sh https://cdn.jsdelivr.net https://static.cloudflareinsights.com https://eu.posthog.com https://api.console.ory.sh;connect-src 'self' https://project.console.ory.sh https://*.projects.oryapis.com https://console.ory.sh https://*.projects.console.ory.sh https://api.console.ory.sh wss://project.console.ory.sh wss://*.projects.oryapis.com wss://console.ory.sh wss://*.projects.console.ory.sh wss://api.console.ory.sh https://*.ingest.sentry.io https://sqa-web.ory.sh https://eu.posthog.com https://storage.googleapis.com/bac-gcs-production;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net;base-uri 'self';form-action 'self' https://project.console.ory.sh https://*.projects.oryapis.com https://console.ory.sh https://*.projects.console.ory.sh https://api.console.ory.sh https://github.com;frame-src 'self' https://js.stripe.com;font-src 'self' https://fonts.gstatic.com https://cdn.jsdelivr.net;object-src 'none';manifest-src 'self';frame-ancestors 'none';img-src 'self' https://q.stripe.com https://js.stripe.com data:;
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Apr 2024 06:24:36 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
ory-network-region: euw
etag: W/"228-18ef5073ca0"
vary: Origin,Origin, Accept-Encoding
x-frame-options: DENY
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), usb=()
cf-ray: 8780f4965bd8451c-TXL
expires: Mon, 22 Apr 2024 02:54:21 GMT

GET
H3 200 fontawesome.min.css
auth.dev.payla.io/ui/assets/ 79 KB
17 KB 202ms
201ms Stylesheet
text/css 104.18.12.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.dev.payla.io/ui/assets/fontawesome.min.css

Requested by

Host: auth.dev.payla.io
URL: https://auth.dev.payla.io/ui/login?flow=0cc4d1f4-f5ff-4353-ae45-9d02ac8ac25a

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.126 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6edf0ce72cd550405ffe98775156748c8ff50af0bf0b77c81f5ec67feb672883

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://auth.dev.payla.io/ui/login?flow=0cc4d1f4-f5ff-4353-ae45-9d02ac8ac25a
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 22:54:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy-report-only: default-src 'self';worker-src 'self' blob:;script-src 'self' 'unsafe-inline' https://app.usercentrics.eu https://www.googletagmanager.com https://sst.ory.sh https://ory.sh https://www.ory.sh https://js.stripe.com https://sqa-web.ory.sh https://cdn.jsdelivr.net https://static.cloudflareinsights.com https://eu.posthog.com https://api.console.ory.sh;connect-src 'self' https://project.console.ory.sh https://*.projects.oryapis.com https://console.ory.sh https://*.projects.console.ory.sh https://api.console.ory.sh wss://project.console.ory.sh wss://*.projects.oryapis.com wss://console.ory.sh wss://*.projects.console.ory.sh wss://api.console.ory.sh https://*.ingest.sentry.io https://sqa-web.ory.sh https://eu.posthog.com https://storage.googleapis.com/bac-gcs-production;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net;base-uri 'self';form-action 'self' https://project.console.ory.sh https://*.projects.oryapis.com https://console.ory.sh https://*.projects.console.ory.sh https://api.console.ory.sh https://github.com;frame-src 'self' https://js.stripe.com;font-src 'self' https://fonts.gstatic.com https://cdn.jsdelivr.net;object-src 'none';manifest-src 'self';frame-ancestors 'none';img-src 'self' https://q.stripe.com https://js.stripe.com data:;
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Apr 2024 06:24:37 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
ory-network-region: euw
etag: W/"13ab9-18ef5074088"
vary: Origin,Origin, Accept-Encoding
x-frame-options: DENY
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), usb=()
cf-ray: 8780f4965bdc451c-TXL
expires: Mon, 22 Apr 2024 02:54:21 GMT

GET
H3 200 style.css
auth.dev.payla.io/ui/ 20 KB
5 KB 176ms
175ms Stylesheet
text/css 104.18.12.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.dev.payla.io/ui/style.css

Requested by

Host: auth.dev.payla.io
URL: https://auth.dev.payla.io/ui/login?flow=0cc4d1f4-f5ff-4353-ae45-9d02ac8ac25a

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.126 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

970d0c29138825e828a6386b9cc4db8721409ae8a90454547ec04ca1189428ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://auth.dev.payla.io/ui/login?flow=0cc4d1f4-f5ff-4353-ae45-9d02ac8ac25a
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 22:54:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy-report-only: default-src 'self';worker-src 'self' blob:;script-src 'self' 'unsafe-inline' https://app.usercentrics.eu https://www.googletagmanager.com https://sst.ory.sh https://ory.sh https://www.ory.sh https://js.stripe.com https://sqa-web.ory.sh https://cdn.jsdelivr.net https://static.cloudflareinsights.com https://eu.posthog.com https://api.console.ory.sh;connect-src 'self' https://project.console.ory.sh https://*.projects.oryapis.com https://console.ory.sh https://*.projects.console.ory.sh https://api.console.ory.sh wss://project.console.ory.sh wss://*.projects.oryapis.com wss://console.ory.sh wss://*.projects.console.ory.sh wss://api.console.ory.sh https://*.ingest.sentry.io https://sqa-web.ory.sh https://eu.posthog.com https://storage.googleapis.com/bac-gcs-production;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net;base-uri 'self';form-action 'self' https://project.console.ory.sh https://*.projects.oryapis.com https://console.ory.sh https://*.projects.console.ory.sh https://api.console.ory.sh https://github.com;frame-src 'self' https://js.stripe.com;font-src 'self' https://fonts.gstatic.com https://cdn.jsdelivr.net;object-src 'none';manifest-src 'self';frame-ancestors 'none';img-src 'self' https://q.stripe.com https://js.stripe.com data:;
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Apr 2024 06:24:37 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
ory-network-region: euw
etag: W/"4eff-18ef5074088"
vary: Origin,Origin, Accept-Encoding
x-frame-options: DENY
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), usb=()
cf-ray: 8780f4965be4451c-TXL
expires: Mon, 22 Apr 2024 02:54:21 GMT

GET
H3 200 theme.css
auth.dev.payla.io/ui/ 1 KB
2 KB 164ms
163ms Stylesheet
text/css 104.18.12.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.dev.payla.io/ui/theme.css

Requested by

Host: auth.dev.payla.io
URL: https://auth.dev.payla.io/ui/login?flow=0cc4d1f4-f5ff-4353-ae45-9d02ac8ac25a

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.126 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bda20445f692f5ea85da68b769359f3b4256a6553dcb06a032425df6be2ce348

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://auth.dev.payla.io/ui/login?flow=0cc4d1f4-f5ff-4353-ae45-9d02ac8ac25a
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 22:54:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-security-policy-report-only: default-src 'self';worker-src 'self' blob:;script-src 'self' 'unsafe-inline' https://app.usercentrics.eu https://www.googletagmanager.com https://sst.ory.sh https://ory.sh https://www.ory.sh https://js.stripe.com https://sqa-web.ory.sh https://cdn.jsdelivr.net https://static.cloudflareinsights.com https://eu.posthog.com https://api.console.ory.sh;connect-src 'self' https://project.console.ory.sh https://*.projects.oryapis.com https://console.ory.sh https://*.projects.console.ory.sh https://api.console.ory.sh wss://project.console.ory.sh wss://*.projects.oryapis.com wss://console.ory.sh wss://*.projects.console.ory.sh wss://api.console.ory.sh https://*.ingest.sentry.io https://sqa-web.ory.sh https://eu.posthog.com https://storage.googleapis.com/bac-gcs-production;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net;base-uri 'self';form-action 'self' https://project.console.ory.sh https://*.projects.oryapis.com https://console.ory.sh https://*.projects.console.ory.sh https://api.console.ory.sh https://github.com;frame-src 'self' https://js.stripe.com;font-src 'self' https://fonts.gstatic.com https://cdn.jsdelivr.net;object-src 'none';manifest-src 'self';frame-ancestors 'none';img-src 'self' https://q.stripe.com https://js.stripe.com data:;
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
cross-origin-opener-policy: same-origin
ory-network-region: euw
etag: W/"42d-CVUxOJJQf84oj0M1zti/I2/s6e8"
vary: Origin,Origin, Accept-Encoding
x-frame-options: DENY
content-type: text/css; charset=utf-8
cache-control: public, max-age=14400
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), usb=()
cf-ray: 8780f4965bea451c-TXL
expires: Mon, 22 Apr 2024 02:54:21 GMT

GET
H3 200 main.css
auth.dev.payla.io/ui/ 2 KB
2 KB 176ms
175ms Stylesheet
text/css 104.18.12.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.dev.payla.io/ui/main.css

Requested by

Host: auth.dev.payla.io
URL: https://auth.dev.payla.io/ui/login?flow=0cc4d1f4-f5ff-4353-ae45-9d02ac8ac25a

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.126 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

723c09da698a660b59e0bad69279c786f9b42812d85e6954467b0e34cc705452

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://auth.dev.payla.io/ui/login?flow=0cc4d1f4-f5ff-4353-ae45-9d02ac8ac25a
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 22:54:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy-report-only: default-src 'self';worker-src 'self' blob:;script-src 'self' 'unsafe-inline' https://app.usercentrics.eu https://www.googletagmanager.com https://sst.ory.sh https://ory.sh https://www.ory.sh https://js.stripe.com https://sqa-web.ory.sh https://cdn.jsdelivr.net https://static.cloudflareinsights.com https://eu.posthog.com https://api.console.ory.sh;connect-src 'self' https://project.console.ory.sh https://*.projects.oryapis.com https://console.ory.sh https://*.projects.console.ory.sh https://api.console.ory.sh wss://project.console.ory.sh wss://*.projects.oryapis.com wss://console.ory.sh wss://*.projects.console.ory.sh wss://api.console.ory.sh https://*.ingest.sentry.io https://sqa-web.ory.sh https://eu.posthog.com https://storage.googleapis.com/bac-gcs-production;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net;base-uri 'self';form-action 'self' https://project.console.ory.sh https://*.projects.oryapis.com https://console.ory.sh https://*.projects.console.ory.sh https://api.console.ory.sh https://github.com;frame-src 'self' https://js.stripe.com;font-src 'self' https://fonts.gstatic.com https://cdn.jsdelivr.net;object-src 'none';manifest-src 'self';frame-ancestors 'none';img-src 'self' https://q.stripe.com https://js.stripe.com data:;
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Apr 2024 06:23:07 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
ory-network-region: euw
etag: W/"72c-18ef505e0f8"
vary: Origin,Origin, Accept-Encoding
x-frame-options: DENY
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), usb=()
cf-ray: 8780f4965bee451c-TXL
expires: Mon, 22 Apr 2024 02:54:21 GMT

GET
H3 200 auth-layout.css
auth.dev.payla.io/ui/ 228 B
2 KB 178ms
178ms Stylesheet
text/css 104.18.12.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.dev.payla.io/ui/auth-layout.css

Requested by

Host: auth.dev.payla.io
URL: https://auth.dev.payla.io/ui/login?flow=0cc4d1f4-f5ff-4353-ae45-9d02ac8ac25a

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.126 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

262310904a12492b9ce6a11bb8387ba7d2f1c76491d48fe5573eff5d6f6b2533

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://auth.dev.payla.io/ui/login?flow=0cc4d1f4-f5ff-4353-ae45-9d02ac8ac25a
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 22:54:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy-report-only: default-src 'self';worker-src 'self' blob:;script-src 'self' 'unsafe-inline' https://app.usercentrics.eu https://www.googletagmanager.com https://sst.ory.sh https://ory.sh https://www.ory.sh https://js.stripe.com https://sqa-web.ory.sh https://cdn.jsdelivr.net https://static.cloudflareinsights.com https://eu.posthog.com https://api.console.ory.sh;connect-src 'self' https://project.console.ory.sh https://*.projects.oryapis.com https://console.ory.sh https://*.projects.console.ory.sh https://api.console.ory.sh wss://project.console.ory.sh wss://*.projects.oryapis.com wss://console.ory.sh wss://*.projects.console.ory.sh wss://api.console.ory.sh https://*.ingest.sentry.io https://sqa-web.ory.sh https://eu.posthog.com https://storage.googleapis.com/bac-gcs-production;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net;base-uri 'self';form-action 'self' https://project.console.ory.sh https://*.projects.oryapis.com https://console.ory.sh https://*.projects.console.ory.sh https://api.console.ory.sh https://github.com;frame-src 'self' https://js.stripe.com;font-src 'self' https://fonts.gstatic.com https://cdn.jsdelivr.net;object-src 'none';manifest-src 'self';frame-ancestors 'none';img-src 'self' https://q.stripe.com https://js.stripe.com data:;
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Apr 2024 06:23:07 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
ory-network-region: euw
etag: W/"e4-18ef505e0f8"
vary: Origin,Origin, Accept-Encoding
x-frame-options: DENY
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), usb=()
cf-ray: 8780f4965bf4451c-TXL
expires: Mon, 22 Apr 2024 02:54:21 GMT

GET
H2 200 71b22ab4898361f6450ec36b787161fc9e75c7f1dd28cf44c80cfbf28d6176e81da645512180fa428eb9ef1e9d228931362db8a92ff70a94d3d865c391940db5.svg
storage.googleapis.com/bac-gcs-production/ 2 KB
3 KB 200ms
97ms Image
image/svg+xml 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/bac-gcs-production/71b22ab4898361f6450ec36b787161fc9e75c7f1dd28cf44c80cfbf28d6176e81da645512180fa428eb9ef1e9d228931362db8a92ff70a94d3d865c391940db5.svg
Requested by: Host: auth.dev.payla.io
URL: https://auth.dev.payla.io/ui/login?flow=0cc4d1f4-f5ff-4353-ae45-9d02ac8ac25a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d7b1586fb0a55e678fd711e95c0eae7d491e67697ae7628f416774d631f22b8e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://auth.dev.payla.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 22:54:21 GMT
x-guploader-uploadid: ABPtcPrLHyXnU9cvx3zi4uJJ7tjBQ-SYgHM99T6kAV6rsrNhxpWwowqrT4_2VpaGjHfAdFSH-aGuM_j2_Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2490
last-modified: Wed, 17 May 2023 13:39:47 GMT
server: UploadServer
etag: "6c6effb9e96e42f01fba2f0ebd29c9c2"
vary: Origin
x-goog-generation: 1684330787449937
content-type: image/svg+xml
x-goog-hash: crc32c=II0Abg==, md5=bG7/ueluQvAfui8OvSnJwg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 2490
accept-ranges: bytes
expires: Sun, 21 Apr 2024 23:54:21 GMT

GET
H3 200 ory-small.svg
auth.dev.payla.io/ui/ 2 KB
2 KB 207ms
207ms Image
image/svg+xml 104.18.12.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auth.dev.payla.io/ui/ory-small.svg

Requested by

Host: auth.dev.payla.io
URL: https://auth.dev.payla.io/ui/login?flow=0cc4d1f4-f5ff-4353-ae45-9d02ac8ac25a

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.126 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2103aef3438853e767a1554259d93772b5c5c0e04e54afe80249bd64111a672

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://auth.dev.payla.io/ui/login?flow=0cc4d1f4-f5ff-4353-ae45-9d02ac8ac25a
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 22:54:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy-report-only: default-src 'self';worker-src 'self' blob:;script-src 'self' 'unsafe-inline' https://app.usercentrics.eu https://www.googletagmanager.com https://sst.ory.sh https://ory.sh https://www.ory.sh https://js.stripe.com https://sqa-web.ory.sh https://cdn.jsdelivr.net https://static.cloudflareinsights.com https://eu.posthog.com https://api.console.ory.sh;connect-src 'self' https://project.console.ory.sh https://*.projects.oryapis.com https://console.ory.sh https://*.projects.console.ory.sh https://api.console.ory.sh wss://project.console.ory.sh wss://*.projects.oryapis.com wss://console.ory.sh wss://*.projects.console.ory.sh wss://api.console.ory.sh https://*.ingest.sentry.io https://sqa-web.ory.sh https://eu.posthog.com https://storage.googleapis.com/bac-gcs-production;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net;base-uri 'self';form-action 'self' https://project.console.ory.sh https://*.projects.oryapis.com https://console.ory.sh https://*.projects.console.ory.sh https://api.console.ory.sh https://github.com;frame-src 'self' https://js.stripe.com;font-src 'self' https://fonts.gstatic.com https://cdn.jsdelivr.net;object-src 'none';manifest-src 'self';frame-ancestors 'none';img-src 'self' https://q.stripe.com https://js.stripe.com data:;
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Apr 2024 06:23:07 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
ory-network-region: euw
etag: W/"650-18ef505e0f8"
vary: Origin,Origin, Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=14400
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), usb=()
cf-ray: 8780f4965c07451c-TXL
expires: Mon, 22 Apr 2024 02:54:21 GMT

GET
H3 200 passwordInput.js Show response
auth.dev.payla.io/ui/assets/ 804 B
2 KB 179ms
178ms Script
application/javascript 104.18.12.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.dev.payla.io/ui/assets/passwordInput.js

Requested by

Host: auth.dev.payla.io
URL: https://auth.dev.payla.io/ui/login?flow=0cc4d1f4-f5ff-4353-ae45-9d02ac8ac25a

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.126 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b45a023209ad4cfa8732435d40116fd1ab622d1ce271775bc003babd411dd7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://auth.dev.payla.io/ui/login?flow=0cc4d1f4-f5ff-4353-ae45-9d02ac8ac25a
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 22:54:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy-report-only: default-src 'self';worker-src 'self' blob:;script-src 'self' 'unsafe-inline' https://app.usercentrics.eu https://www.googletagmanager.com https://sst.ory.sh https://ory.sh https://www.ory.sh https://js.stripe.com https://sqa-web.ory.sh https://cdn.jsdelivr.net https://static.cloudflareinsights.com https://eu.posthog.com https://api.console.ory.sh;connect-src 'self' https://project.console.ory.sh https://*.projects.oryapis.com https://console.ory.sh https://*.projects.console.ory.sh https://api.console.ory.sh wss://project.console.ory.sh wss://*.projects.oryapis.com wss://console.ory.sh wss://*.projects.console.ory.sh wss://api.console.ory.sh https://*.ingest.sentry.io https://sqa-web.ory.sh https://eu.posthog.com https://storage.googleapis.com/bac-gcs-production;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net;base-uri 'self';form-action 'self' https://project.console.ory.sh https://*.projects.oryapis.com https://console.ory.sh https://*.projects.console.ory.sh https://api.console.ory.sh https://github.com;frame-src 'self' https://js.stripe.com;font-src 'self' https://fonts.gstatic.com https://cdn.jsdelivr.net;object-src 'none';manifest-src 'self';frame-ancestors 'none';img-src 'self' https://q.stripe.com https://js.stripe.com data:;
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Apr 2024 06:24:37 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
ory-network-region: euw
etag: W/"324-18ef5074088"
vary: Origin,Origin, Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), usb=()
cf-ray: 8780f4965bfb451c-TXL
expires: Mon, 22 Apr 2024 02:54:21 GMT

GET
H3 200 Inter-Regular.woff2
auth.dev.payla.io/ui/assets/inter/ 97 KB
98 KB 122ms
121ms Font
font/woff2 104.18.12.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.dev.payla.io/ui/assets/inter/Inter-Regular.woff2?v=3.19

Requested by

Host: auth.dev.payla.io
URL: https://auth.dev.payla.io/ui/assets/inter-font.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.126 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://auth.dev.payla.io/ui/assets/inter-font.css
Origin: https://auth.dev.payla.io
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 22:54:21 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy-report-only: default-src 'self';worker-src 'self' blob:;script-src 'self' 'unsafe-inline' https://app.usercentrics.eu https://www.googletagmanager.com https://sst.ory.sh https://ory.sh https://www.ory.sh https://js.stripe.com https://sqa-web.ory.sh https://cdn.jsdelivr.net https://static.cloudflareinsights.com https://eu.posthog.com https://api.console.ory.sh;connect-src 'self' https://project.console.ory.sh https://*.projects.oryapis.com https://console.ory.sh https://*.projects.console.ory.sh https://api.console.ory.sh wss://project.console.ory.sh wss://*.projects.oryapis.com wss://console.ory.sh wss://*.projects.console.ory.sh wss://api.console.ory.sh https://*.ingest.sentry.io https://sqa-web.ory.sh https://eu.posthog.com https://storage.googleapis.com/bac-gcs-production;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net;base-uri 'self';form-action 'self' https://project.console.ory.sh https://*.projects.oryapis.com https://console.ory.sh https://*.projects.console.ory.sh https://api.console.ory.sh https://github.com;frame-src 'self' https://js.stripe.com;font-src 'self' https://fonts.gstatic.com https://cdn.jsdelivr.net;object-src 'none';manifest-src 'self';frame-ancestors 'none';img-src 'self' https://q.stripe.com https://js.stripe.com data:;
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Apr 2024 06:24:38 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
ory-network-region: euw
etag: W/"18234-18ef5074470"
vary: Origin,Origin, Accept-Encoding
x-frame-options: DENY
content-type: font/woff2
access-control-allow-origin: https://auth.dev.payla.io
access-control-expose-headers: Cache-Control, Expires, Last-Modified, Pragma, Content-Length, Content-Language, Content-Type
cache-control: public, max-age=14400
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), usb=()
cf-ray: 8780f497cf00451c-TXL
expires: Mon, 22 Apr 2024 02:54:21 GMT

GET
H3 200 Inter-SemiBold.woff2
auth.dev.payla.io/ui/assets/inter/ 103 KB
105 KB 206ms
206ms Font
font/woff2 104.18.12.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.dev.payla.io/ui/assets/inter/Inter-SemiBold.woff2?v=3.19

Requested by

Host: auth.dev.payla.io
URL: https://auth.dev.payla.io/ui/assets/inter-font.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.126 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://auth.dev.payla.io/ui/assets/inter-font.css
Origin: https://auth.dev.payla.io
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 22:54:21 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy-report-only: default-src 'self';worker-src 'self' blob:;script-src 'self' 'unsafe-inline' https://app.usercentrics.eu https://www.googletagmanager.com https://sst.ory.sh https://ory.sh https://www.ory.sh https://js.stripe.com https://sqa-web.ory.sh https://cdn.jsdelivr.net https://static.cloudflareinsights.com https://eu.posthog.com https://api.console.ory.sh;connect-src 'self' https://project.console.ory.sh https://*.projects.oryapis.com https://console.ory.sh https://*.projects.console.ory.sh https://api.console.ory.sh wss://project.console.ory.sh wss://*.projects.oryapis.com wss://console.ory.sh wss://*.projects.console.ory.sh wss://api.console.ory.sh https://*.ingest.sentry.io https://sqa-web.ory.sh https://eu.posthog.com https://storage.googleapis.com/bac-gcs-production;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net;base-uri 'self';form-action 'self' https://project.console.ory.sh https://*.projects.oryapis.com https://console.ory.sh https://*.projects.console.ory.sh https://api.console.ory.sh https://github.com;frame-src 'self' https://js.stripe.com;font-src 'self' https://fonts.gstatic.com https://cdn.jsdelivr.net;object-src 'none';manifest-src 'self';frame-ancestors 'none';img-src 'self' https://q.stripe.com https://js.stripe.com data:;
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Apr 2024 06:24:38 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
ory-network-region: euw
etag: W/"19d4c-18ef5074470"
vary: Origin,Origin, Accept-Encoding
x-frame-options: DENY
content-type: font/woff2
access-control-allow-origin: https://auth.dev.payla.io
access-control-expose-headers: Cache-Control, Expires, Last-Modified, Pragma, Content-Length, Content-Language, Content-Type
cache-control: public, max-age=14400
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), usb=()
cf-ray: 8780f497cf05451c-TXL
expires: Mon, 22 Apr 2024 02:54:21 GMT

GET
H3 200 favico.png
auth.dev.payla.io/ui/ 77 KB
78 KB 326ms
325ms Other
image/png 104.18.12.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.dev.payla.io/ui/favico.png

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.126 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc4ba89a6431f3f578293df1c7e29602a7710ffd68b2d42b780f1b8547353b1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://auth.dev.payla.io/ui/login?flow=0cc4d1f4-f5ff-4353-ae45-9d02ac8ac25a
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 21 Apr 2024 22:54:21 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy-report-only: default-src 'self';worker-src 'self' blob:;script-src 'self' 'unsafe-inline' https://app.usercentrics.eu https://www.googletagmanager.com https://sst.ory.sh https://ory.sh https://www.ory.sh https://js.stripe.com https://sqa-web.ory.sh https://cdn.jsdelivr.net https://static.cloudflareinsights.com https://eu.posthog.com https://api.console.ory.sh;connect-src 'self' https://project.console.ory.sh https://*.projects.oryapis.com https://console.ory.sh https://*.projects.console.ory.sh https://api.console.ory.sh wss://project.console.ory.sh wss://*.projects.oryapis.com wss://console.ory.sh wss://*.projects.console.ory.sh wss://api.console.ory.sh https://*.ingest.sentry.io https://sqa-web.ory.sh https://eu.posthog.com https://storage.googleapis.com/bac-gcs-production;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net;base-uri 'self';form-action 'self' https://project.console.ory.sh https://*.projects.oryapis.com https://console.ory.sh https://*.projects.console.ory.sh https://api.console.ory.sh https://github.com;frame-src 'self' https://js.stripe.com;font-src 'self' https://fonts.gstatic.com https://cdn.jsdelivr.net;object-src 'none';manifest-src 'self';frame-ancestors 'none';img-src 'self' https://q.stripe.com https://js.stripe.com data:;
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Apr 2024 06:23:07 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
ory-network-region: euw
etag: W/"13298-18ef505e0f8"
vary: Origin,Origin, Accept-Encoding
x-frame-options: DENY
content-type: image/png
cache-control: public, max-age=14400
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), usb=()
cf-ray: 8780f4999a7f451c-TXL
expires: Mon, 22 Apr 2024 02:54:21 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
auth.dev.payla.io/	1970-01-20 20:02:23	Name: __cflb Value: 0H28w3AoWiFHFXtJ5ukdCLwTAYKAFEUtnwrxPP7rzFd
.payla.io/	1970-01-21 04:47:56	Name: csrf_token_e174dfa09203e698fbdbc33eaa45390a37298111658e24d1edc2cc216dc12f47 Value: JVq1jGzN9klgLerSj4MkzHij8dousEvmS0E3nluG8cE=
.auth.dev.payla.io/	1970-01-20 20:02:21	Name: __cf_bm Value: QKk1mh2NlM3Q7mCvoRiMVfP0tVcNF8ZE6k3JT6wYNPw-1713740060-1.0.1.1-nFPr7ASjSBQtEODYpHgcsAJZ3zUL3EeRysLf51m8SKtmojT3CadhTErleUDivGU8xdrWtBpLvpHnPjjA2y4v4A
.auth.dev.payla.io/	1969-12-31 23:59:59	Name: _cfuvid Value: av7VplDe75SoHF0D.nIWMwhKzZVFri9F7AJABAT_G28-1713740060924-0.0.1.1-604800000

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://auth.dev.payla.io/sessions/whoami Message: Failed to load resource: the server responded with a status of 401 ()
security	error	URL: https://auth.dev.payla.io/ui/login?flow=0cc4d1f4-f5ff-4353-ae45-9d02ac8ac25a(Line 21) Message: [Report Only] Refused to load the image 'https://storage.googleapis.com/bac-gcs-production/71b22ab4898361f6450ec36b787161fc9e75c7f1dd28cf44c80cfbf28d6176e81da645512180fa428eb9ef1e9d228931362db8a92ff70a94d3d865c391940db5.svg' because it violates the following Content Security Policy directive: "img-src 'self' https://q.stripe.com https://js.stripe.com data:".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.dev.payla.io
eve.dev.payla.io
sentry.payla.io
storage.googleapis.com
104.18.12.126
18.245.86.44
2606:4700::6812:d7e
2a00:1450:4001:80b::201b
35.158.25.83
152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5
262310904a12492b9ce6a11bb8387ba7d2f1c76491d48fe5573eff5d6f6b2533
3be2fa4bbb80b01ddf6a34bdd24a642cd8378c8f1b85af025a6d9c3b35b5b66b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
53c38039dd1a3cf46390541235b6f3ebd3091134e3768c3c978aea1fbd874df9
549af8fb793b1b1def1668f988fb585504fbe16a496c85462fab610aa51c5958
59570d97984dec1d3f34fc5ff9fb1520bf4fe21ea11638d0c3ecb377eac20ec4
5b45a023209ad4cfa8732435d40116fd1ab622d1ce271775bc003babd411dd7a
6a75510b28883629cb92761ce242c2e93ec56be428936dd7ebbc2de572b32e95
6edf0ce72cd550405ffe98775156748c8ff50af0bf0b77c81f5ec67feb672883
723c09da698a660b59e0bad69279c786f9b42812d85e6954467b0e34cc705452
8332c8109dcda19f24c5d3e55260a0f51756963a02fdc1d93813c88fb5f43f76
88dfd16e9ee4bb9af242fe63f4de8cfe0ed63d423e5a61bcf2d5aa535f4e0048
8e9700f9a5acea4b294b2a914847f20526ac914116eddb1af75ebe6a2c671818
970d0c29138825e828a6386b9cc4db8721409ae8a90454547ec04ca1189428ca
a2103aef3438853e767a1554259d93772b5c5c0e04e54afe80249bd64111a672
bda20445f692f5ea85da68b769359f3b4256a6553dcb06a032425df6be2ce348
be0e0ae01f70ff35e013ee4865e3a94228019869a8f906b096e88a862b8871dd
c3e9b2de5865bdb1c476b179b9a5b8629e590ab9bf09f47515a966f768927656
d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6
d7b1586fb0a55e678fd711e95c0eae7d491e67697ae7628f416774d631f22b8e
e6753e3a077ea4cfe6351964fd9d5565767221a902013e9a98d95cf75896be7c
fc4ba89a6431f3f578293df1c7e29602a7710ffd68b2d42b780f1b8547353b1b

auth.dev.payla.io Open in urlscan Pro 104.18.12.126 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

25 Requests

100 %HTTPS

40 %IPv6

2 Domains

4 Subdomains

5 IPs

3 Countries

617 kBTransfer

1592 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

4 Cookies

2 Console Messages

Indicators

auth.dev.payla.io Open in urlscan Pro
104.18.12.126 Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

100 %
HTTPS

40 %
IPv6

2
Domains

4
Subdomains

5
IPs

3
Countries

617 kB
Transfer

1592 kB
Size

4
Cookies

25 HTTP transactions
0 data transactions