dagroupservices.repay.io Open in urlscan Pro
15.197.147.38 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://dagroupservices.repay.io/ebpp/#/
Effective URL:
https://dagroupservices.repay.io/ebpp/
Submission: On October 23 via manual (October 23rd 2023, 1:59:04 pm UTC) from US — Scanned from DE

Summary HTTP 19 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 19 HTTP transactions. The main IP is 15.197.147.38, located in United States and belongs to AMAZON-02, US. The main domain is dagroupservices.repay.io.
TLS certificate: Issued by R3 on September 2nd 2023. Valid for: 3 months.

This is the only time dagroupservices.repay.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	15.197.147.38 15.197.147.38	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
2	35.201.112.186 35.201.112.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
1	52.218.132.19 52.218.132.19	16509 (AMAZON-02) (AMAZON-02)
19	6

13 15.197.147.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0147f2d1d37fd3dc.awsglobalaccelerator.com

dagroupservices.repay.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.132.19 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-w.amazonaws.com

cde-prod-channels-merchant-resources-usw2-9799.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	repay.io dagroupservices.repay.io	1 MB
4	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 2459 rs.fullstory.com — Cisco Umbrella Rank: 2417	71 KB
1	amazonaws.com cde-prod-channels-merchant-resources-usw2-9799.s3.amazonaws.com — Cisco Umbrella Rank: 505272	9 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	792 B
19	4

	Domain	Requested by
13	dagroupservices.repay.io	dagroupservices.repay.io
2	rs.fullstory.com	dagroupservices.repay.io
2	edge.fullstory.com	dagroupservices.repay.io
1	cde-prod-channels-merchant-resources-usw2-9799.s3.amazonaws.com
1	fonts.googleapis.com	dagroupservices.repay.io
19	5

This site contains links to these domains. Also see Links.

Domain
dagroupservice-my.sharepoint.com
g.page
www.repay.com

Subject Issuer	Validity	Valid
*.repay.io R3	`2023-09-02` - `2023-12-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
edge.fullstory.com GTS CA 1D4	`2023-09-18` - `2023-12-17`	3 months	crt.sh
rs.fullstory.com GTS CA 1D4	`2023-09-13` - `2023-12-12`	3 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-03-21` - `2023-12-19`	9 months	crt.sh

This page contains 1 frames:

Primary Page: https://dagroupservices.repay.io/ebpp/
Frame ID: 0CD9E75C883A54DB8BEB661FD0A3C002
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

REPAY - EBPP

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

19
Requests

100 %
HTTPS

20 %
IPv6

4
Domains

5
Subdomains

6
IPs

2
Countries

1610 kB
Transfer

5312 kB
Size

2
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://dagroupservice-my.sharepoint.com/:b:/g/personal/connormorrison_dacollections_com/EarEcEkwVz1IrlttTYsLnHUBCLw0TfrZL5LHAqKc7xmNYw?e=4FoIQg
Title: How to Create an Account.pdf

Search URL Search Domain Scan URL

URL: https://dagroupservice-my.sharepoint.com/:b:/g/personal/connormorrison_dacollections_com/EXQXRrS168JBs_FQQMLaOlsBTShpK0AJyVXVfJ17VEoVJA?e=N31FvA
Title: How to Make a Payment Using Guest Account Lookup (REPAY).pdf

Search URL Search Domain Scan URL

URL: https://dagroupservice-my.sharepoint.com/:b:/g/personal/connormorrison_dacollections_com/EXsVk8ZD_YhEozbrN32wEKIBFNiR6N5a8NUqtA0V5_fB8g?e=H5ONh7
Title: Using Customer Login.pdf

Search URL Search Domain Scan URL

URL: https://g.page/r/CTzlD-t2f4WeEBE/review
Title: Leave a Google Review

Search URL Search Domain Scan URL

URL: https://www.repay.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
dagroupservices.repay.io/ebpp/ 13 KB
6 KB 2720ms
151ms Document
text/html 15.197.147.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dagroupservices.repay.io/ebpp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.197.147.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a0147f2d1d37fd3dc.awsglobalaccelerator.com

Software

envoy /

Resource Hash

61339725e26f4c80f88565f8456f31aefefc66dde138b24f13a2e6fa54255b0c

Security Headers

Name	Value
Content-Security-Policy	default-src https:; connect-src .repay.io https://.hotjar.com wss://.hotjar.com https:; script-src .repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js .fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https:// 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:
Strict-Transport-Security	max-age=31536000; includeSubdomains max-age=31536000; includeSubDomains
X-Content-Security-Policy	default-src https:; connect-src .repay.io https://.hotjar.com wss://.hotjar.com https:; script-src .repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js .fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https:// 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-security-policy: default-src https:; connect-src *.repay.io https://*.hotjar.com wss://*.hotjar.com https:; script-src *.repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js *.fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https://* 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:
content-type: text/html
date: Mon, 23 Oct 2023 13:58:57 GMT
etag: W/"652edb43-3400"
last-modified: Tue, 17 Oct 2023 19:06:43 GMT
referrer-policy: same-origin
server: envoy
strict-transport-security: max-age=31536000; includeSubdomains max-age=31536000; includeSubDomains
x-content-security-policy: default-src https:; connect-src *.repay.io https://*.hotjar.com wss://*.hotjar.com https:; script-src *.repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js *.fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https://* 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 757 B
792 B 66ms
28ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Sacramento

Requested by

Host: dagroupservices.repay.io
URL: https://dagroupservices.repay.io/ebpp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cb52d582706c52e33e7753ea9b65cd27eddae7d703a8bfee1cd75f91edec0540

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 23 Oct 2023 13:58:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 13:30:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 23 Oct 2023 13:58:58 GMT

GET
H2 200 keycloak.js Show response
dagroupservices.repay.io/static_files/ 56 KB
12 KB 155ms
154ms Script
application/javascript 15.197.147.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dagroupservices.repay.io/static_files/keycloak.js

Requested by

Host: dagroupservices.repay.io
URL: https://dagroupservices.repay.io/ebpp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.197.147.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a0147f2d1d37fd3dc.awsglobalaccelerator.com

Software

envoy /

Resource Hash

4247ab00b14e42b19ff2dcb577fe86f5ca356b393741c4bb8b9961e42f7425af

Security Headers

Name	Value
Content-Security-Policy	default-src https:; connect-src .repay.io https://.hotjar.com wss://.hotjar.com https:; script-src .repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js .fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https:// 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:
Strict-Transport-Security	max-age=31536000; includeSubdomains, max-age=31536000; includeSubDomains
X-Content-Security-Policy	default-src https:; connect-src .repay.io https://.hotjar.com wss://.hotjar.com https:; script-src .repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js .fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https:// 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dagroupservices.repay.io/ebpp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 13:58:58 GMT
strict-transport-security: max-age=31536000; includeSubdomains, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src https:; connect-src *.repay.io https://*.hotjar.com wss://*.hotjar.com https:; script-src *.repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js *.fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https://* 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:
last-modified: Tue, 17 Oct 2023 19:05:28 GMT
server: envoy
content-encoding: gzip
referrer-policy: same-origin
etag: W/"652edaf8-ded6"
content-type: application/javascript
x-envoy-upstream-service-time: 4
x-xss-protection: 1; mode=block
x-content-security-policy: default-src https:; connect-src *.repay.io https://*.hotjar.com wss://*.hotjar.com https:; script-src *.repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js *.fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https://* 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:

GET
H2 200 index_bundle.d01f15e48d6feb35e67d.js Show response
dagroupservices.repay.io/ebpp/ 4 MB
1 MB 152ms
151ms Script
application/javascript 15.197.147.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dagroupservices.repay.io/ebpp/index_bundle.d01f15e48d6feb35e67d.js

Requested by

Host: dagroupservices.repay.io
URL: https://dagroupservices.repay.io/ebpp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.197.147.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a0147f2d1d37fd3dc.awsglobalaccelerator.com

Software

envoy /

Resource Hash

e788d084c40301ebfa106d111229048ed1a8daf318a7d57a143bdd86cd907cdd

Security Headers

Name	Value
Content-Security-Policy	default-src https:; connect-src .repay.io https://.hotjar.com wss://.hotjar.com https:; script-src .repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js .fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https:// 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:
Strict-Transport-Security	max-age=31536000; includeSubdomains, max-age=31536000; includeSubDomains
X-Content-Security-Policy	default-src https:; connect-src .repay.io https://.hotjar.com wss://.hotjar.com https:; script-src .repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js .fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https:// 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dagroupservices.repay.io/ebpp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 13:58:58 GMT
strict-transport-security: max-age=31536000; includeSubdomains, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src https:; connect-src *.repay.io https://*.hotjar.com wss://*.hotjar.com https:; script-src *.repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js *.fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https://* 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:
last-modified: Tue, 17 Oct 2023 19:06:43 GMT
server: envoy
content-encoding: gzip
referrer-policy: same-origin
etag: W/"652edb43-3918b0"
content-type: application/javascript
x-envoy-upstream-service-time: 2
x-xss-protection: 1; mode=block
x-content-security-policy: default-src https:; connect-src *.repay.io https://*.hotjar.com wss://*.hotjar.com https:; script-src *.repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js *.fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https://* 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:

GET
H2 200 vendor_bundle.9b9189b1739f0b7cba6f.js Show response
dagroupservices.repay.io/ebpp/ 1 MB
418 KB 444ms
443ms Script
application/javascript 15.197.147.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dagroupservices.repay.io/ebpp/vendor_bundle.9b9189b1739f0b7cba6f.js

Requested by

Host: dagroupservices.repay.io
URL: https://dagroupservices.repay.io/ebpp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.197.147.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a0147f2d1d37fd3dc.awsglobalaccelerator.com

Software

envoy /

Resource Hash

591300c469b407e61dfb966324596ca81ef2ec6516c2b4c3341ee4ff77ce7edb

Security Headers

Name	Value
Content-Security-Policy	default-src https:; connect-src .repay.io https://.hotjar.com wss://.hotjar.com https:; script-src .repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js .fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https:// 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:
Strict-Transport-Security	max-age=31536000; includeSubdomains, max-age=31536000; includeSubDomains
X-Content-Security-Policy	default-src https:; connect-src .repay.io https://.hotjar.com wss://.hotjar.com https:; script-src .repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js .fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https:// 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dagroupservices.repay.io/ebpp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 13:58:58 GMT
strict-transport-security: max-age=31536000; includeSubdomains, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src https:; connect-src *.repay.io https://*.hotjar.com wss://*.hotjar.com https:; script-src *.repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js *.fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https://* 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:
last-modified: Tue, 17 Oct 2023 19:06:43 GMT
server: envoy
content-encoding: gzip
referrer-policy: same-origin
etag: W/"652edb43-13fdcb"
content-type: application/javascript
x-envoy-upstream-service-time: 3
x-xss-protection: 1; mode=block
x-content-security-policy: default-src https:; connect-src *.repay.io https://*.hotjar.com wss://*.hotjar.com https:; script-src *.repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js *.fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https://* 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 245 KB
68 KB 57ms
15ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: dagroupservices.repay.io
URL: https://dagroupservices.repay.io/ebpp/index_bundle.d01f15e48d6feb35e67d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 978216366bd92e15bc9af69032ed2a659bf2e481f8b63a1f88d860e73b084b3a

Request headers

Referer
Origin: https://dagroupservices.repay.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 13:43:15 GMT
content-encoding: br
age: 944
x-guploader-uploadid: ABPtcPoFktjf3Ijrcg07nevzMEp5pyw6oP7HHWpkh182gEFqv-bOvZnJ1yDEyvNNpN4Ppwb3p9UXZFzbQeIOyd4CPjbi9Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68636
last-modified: Wed, 11 Oct 2023 15:27:31 GMT
server: UploadServer
etag: "98c13ba5b0f4483979aa81f3bbec729f"
vary: Accept-Encoding
x-goog-generation: 1697038051258311
x-goog-hash: crc32c=IqJd/A==, md5=mME7pbD0SDl5qoHzu+xynw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 68636
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 23 Oct 2023 14:43:15 GMT

GET
H2 200 app-config Show response
dagroupservices.repay.io/ebpp/customer/api/v1/ 30 KB
6 KB 235ms
234ms XHR
application/json 15.197.147.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dagroupservices.repay.io/ebpp/customer/api/v1/app-config

Requested by

Host: dagroupservices.repay.io
URL: https://dagroupservices.repay.io/ebpp/index_bundle.d01f15e48d6feb35e67d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.197.147.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a0147f2d1d37fd3dc.awsglobalaccelerator.com

Software

envoy /

Resource Hash

1ff4cd1d3e3ee43419d2daf167d3a8da58ea0aca75e02aaf4e83a0a31d4ba4d3

Security Headers

Name	Value
Content-Security-Policy	default-src https:; connect-src .repay.io https://.hotjar.com wss://.hotjar.com https:; script-src .repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js .fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https:// 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:
Strict-Transport-Security	max-age=31536000; includeSubdomains, max-age=31536000; includeSubDomains
X-Content-Security-Policy	default-src https:; connect-src .repay.io https://.hotjar.com wss://.hotjar.com https:; script-src .repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js .fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https:// 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://dagroupservices.repay.io/ebpp/
Accept-Language: de-DE,de;q=0.9
repay-channels-source: ebpp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 13:58:59 GMT
strict-transport-security: max-age=31536000; includeSubdomains, max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff
content-security-policy: default-src https:; connect-src *.repay.io https://*.hotjar.com wss://*.hotjar.com https:; script-src *.repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js *.fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https://* 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:
content-encoding: gzip
x-envoy-upstream-service-time: 85
server-timing: traceparent;desc="00-000000000000000012b04782925c3c4f-4456bba3da3117cc-01"
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: POST,GET,DELETE,PUT,OPTIONS
content-type: application/json
access-control-allow-origin: dagroupservices.repay.io
access-control-expose-headers: Server-Timing
access-control-allow-credentials: false
access-control-allow-headers: Origin, Content-Type, Accept, Authorization, x-requested-with
x-content-security-policy: default-src https:; connect-src *.repay.io https://*.hotjar.com wss://*.hotjar.com https:; script-src *.repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js *.fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https://* 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:

GET
H2 200 web Show response
edge.fullstory.com/s/settings/o-1G56C7-na1/v1/ 4 KB
2 KB 120ms
119ms XHR
application/json 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/settings/o-1G56C7-na1/v1/web
Requested by: Host: dagroupservices.repay.io
URL: https://dagroupservices.repay.io/ebpp/index_bundle.d01f15e48d6feb35e67d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 276de14e5179b9b4902ff93a270c98ad7e7556e7c2a6a4ed2564762f2d1d01e6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 13:58:59 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ABPtcPrFFcb6XsiWtBh5NMM5P0BkOKKIFe9BFhmtVXxUusPhPRrScxTmsIzqeHYVcr0M_3n2MMNIAAZBoh14VqT8l9EVzg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1243
last-modified: Mon, 23 Oct 2023 13:53:24 GMT
server: UploadServer
etag: "2b441e39793b6e538622072a300ce098"
x-goog-generation: 1697944404761214
x-goog-hash: crc32c=rsc+4w==, md5=K0QeOXk7blOGIgcqMAzgmA==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=900,no-transform
x-goog-stored-content-length: 1243
accept-ranges: bytes
content-type: application/json
expires: Mon, 23 Oct 2023 14:13:59 GMT

POST
H2 200 page Show response
rs.fullstory.com/rec/ 5 KB
2 KB 220ms
176ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/page
Requested by: Host: dagroupservices.repay.io
URL: https://dagroupservices.repay.io/ebpp/index_bundle.d01f15e48d6feb35e67d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: b1e534fb5f548a1569e2178ee015c30f16ee98df6a29bb1e24b8b698a43d8d35

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 23 Oct 2023 13:58:59 GMT
content-encoding: gzip
via: 1.1 google
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dagroupservices.repay.io
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1467

GET
H/1.1 200
OK dagroupservices.png
cde-prod-channels-merchant-resources-usw2-9799.s3.amazonaws.com/production/dd9646a9-3f6c-453e-9360-92947c381ddd/ 9 KB
9 KB 579ms
207ms Image
image/png 52.218.132.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cde-prod-channels-merchant-resources-usw2-9799.s3.amazonaws.com/production/dd9646a9-3f6c-453e-9360-92947c381ddd/dagroupservices.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.132.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: dec4d2a3cc70e40f3f238906e37db6ab22b4702a93434915dcc94ba4ab5dc028

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Mon, 23 Oct 2023 13:59:01 GMT
x-amz-version-id: Tz4qkKhbLC7Cjc9Cr_VuDMn3.6FZiUOT
Last-Modified: Tue, 21 Sep 2021 16:21:55 GMT
Server: AmazonS3
x-amz-request-id: 1GN2RATAYJF9NB8F
ETag: "675d82f742871791b282e1dc3fe2a25d"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 8839
x-amz-id-2: 42Vl58WnBoC7UXMPEtUDSgp9iPtYzFTO9kzr4RTZyNM7Of+Z1TXo5p+SNSg71j66l62iC7XF/eU=

GET
H2 200 channels Show response
dagroupservices.repay.io/checkout/merchant/api/v1/fluent/en-US/ 30 B
397 B 166ms
166ms XHR
application/json 15.197.147.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dagroupservices.repay.io/checkout/merchant/api/v1/fluent/en-US/channels

Requested by

Host: dagroupservices.repay.io
URL: https://dagroupservices.repay.io/ebpp/index_bundle.d01f15e48d6feb35e67d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.197.147.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a0147f2d1d37fd3dc.awsglobalaccelerator.com

Software

envoy /

Resource Hash

e2187e383a2d4768c7aee97a6d958283a193db0df4a6fbfd040ffa69e695a791

Security Headers

Name	Value
Content-Security-Policy	default-src https:; connect-src .repay.io https://.hotjar.com wss://.hotjar.com https:; script-src .repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js .fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https:// 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:
Strict-Transport-Security	max-age=31536000; includeSubdomains, max-age=31536000; includeSubDomains
X-Content-Security-Policy	default-src https:; connect-src .repay.io https://.hotjar.com wss://.hotjar.com https:; script-src .repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js .fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https:// 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://dagroupservices.repay.io/ebpp/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 13:58:59 GMT
strict-transport-security: max-age=31536000; includeSubdomains, max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff
content-security-policy: default-src https:; connect-src *.repay.io https://*.hotjar.com wss://*.hotjar.com https:; script-src *.repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js *.fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https://* 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:
content-encoding: gzip
x-envoy-upstream-service-time: 11
server-timing: traceparent;desc="00-00000000000000000446014dd0ebe191-d7951bf96e1dfc75-01"
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: POST,GET,DELETE,PUT,OPTIONS
content-type: application/json
access-control-allow-origin: dagroupservices.repay.io
access-control-expose-headers: Server-Timing
access-control-allow-credentials: false
access-control-allow-headers: Origin, Content-Type, Accept, Authorization, x-requested-with
x-content-security-policy: default-src https:; connect-src *.repay.io https://*.hotjar.com wss://*.hotjar.com https:; script-src *.repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js *.fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https://* 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:

GET
H2 200 channels Show response
dagroupservices.repay.io/checkout/merchant/api/v1/fluent/fr-CA/ 30 B
2 KB 162ms
162ms XHR
application/json 15.197.147.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dagroupservices.repay.io/checkout/merchant/api/v1/fluent/fr-CA/channels

Requested by

Host: dagroupservices.repay.io
URL: https://dagroupservices.repay.io/ebpp/index_bundle.d01f15e48d6feb35e67d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.197.147.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a0147f2d1d37fd3dc.awsglobalaccelerator.com

Software

envoy /

Resource Hash

e2187e383a2d4768c7aee97a6d958283a193db0df4a6fbfd040ffa69e695a791

Security Headers

Name	Value
Content-Security-Policy	default-src https:; connect-src .repay.io https://.hotjar.com wss://.hotjar.com https:; script-src .repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js .fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https:// 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:
Strict-Transport-Security	max-age=31536000; includeSubdomains, max-age=31536000; includeSubDomains
X-Content-Security-Policy	default-src https:; connect-src .repay.io https://.hotjar.com wss://.hotjar.com https:; script-src .repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js .fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https:// 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://dagroupservices.repay.io/ebpp/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 13:58:59 GMT
strict-transport-security: max-age=31536000; includeSubdomains, max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff
content-security-policy: default-src https:; connect-src *.repay.io https://*.hotjar.com wss://*.hotjar.com https:; script-src *.repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js *.fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https://* 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:
content-encoding: gzip
x-envoy-upstream-service-time: 10
server-timing: traceparent;desc="00-0000000000000000a91a111ead049a1b-d80afe0138130eb9-01"
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: POST,GET,DELETE,PUT,OPTIONS
content-type: application/json
access-control-allow-origin: dagroupservices.repay.io
access-control-expose-headers: Server-Timing
access-control-allow-credentials: false
access-control-allow-headers: Origin, Content-Type, Accept, Authorization, x-requested-with
x-content-security-policy: default-src https:; connect-src *.repay.io https://*.hotjar.com wss://*.hotjar.com https:; script-src *.repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js *.fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https://* 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:

GET
H2 200 web Show response
dagroupservices.repay.io/checkout/merchant/api/v1/fluent/fr-CA/channels/ 8 KB
5 KB 166ms
166ms XHR
application/json 15.197.147.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dagroupservices.repay.io/checkout/merchant/api/v1/fluent/fr-CA/channels/web

Requested by

Host: dagroupservices.repay.io
URL: https://dagroupservices.repay.io/ebpp/index_bundle.d01f15e48d6feb35e67d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.197.147.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a0147f2d1d37fd3dc.awsglobalaccelerator.com

Software

envoy /

Resource Hash

613145fe9fe5b9d9a5736a3dadd5e7a76866ff173b43384870a5fada3a7f1845

Security Headers

Name	Value
Content-Security-Policy	default-src https:; connect-src .repay.io https://.hotjar.com wss://.hotjar.com https:; script-src .repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js .fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https:// 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:
Strict-Transport-Security	max-age=31536000; includeSubdomains, max-age=31536000; includeSubDomains
X-Content-Security-Policy	default-src https:; connect-src .repay.io https://.hotjar.com wss://.hotjar.com https:; script-src .repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js .fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https:// 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://dagroupservices.repay.io/ebpp/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 13:58:59 GMT
strict-transport-security: max-age=31536000; includeSubdomains, max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff
content-security-policy: default-src https:; connect-src *.repay.io https://*.hotjar.com wss://*.hotjar.com https:; script-src *.repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js *.fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https://* 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:
content-encoding: gzip
x-envoy-upstream-service-time: 12
server-timing: traceparent;desc="00-000000000000000033b94609895fb34b-0b743c80decd4f86-01"
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: POST,GET,DELETE,PUT,OPTIONS
content-type: application/json
access-control-allow-origin: dagroupservices.repay.io
access-control-expose-headers: Server-Timing
access-control-allow-credentials: false
access-control-allow-headers: Origin, Content-Type, Accept, Authorization, x-requested-with
x-content-security-policy: default-src https:; connect-src *.repay.io https://*.hotjar.com wss://*.hotjar.com https:; script-src *.repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js *.fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https://* 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:

GET
H2 200 web Show response
dagroupservices.repay.io/checkout/merchant/api/v1/fluent/en-US/channels/ 8 KB
3 KB 163ms
162ms XHR
application/json 15.197.147.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dagroupservices.repay.io/checkout/merchant/api/v1/fluent/en-US/channels/web

Requested by

Host: dagroupservices.repay.io
URL: https://dagroupservices.repay.io/ebpp/index_bundle.d01f15e48d6feb35e67d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.197.147.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a0147f2d1d37fd3dc.awsglobalaccelerator.com

Software

envoy /

Resource Hash

1c35449cc3d30db88049df6d5c17e828978f16036a12a0d4e5ccc649b0a0d048

Security Headers

Name	Value
Content-Security-Policy	default-src https:; connect-src .repay.io https://.hotjar.com wss://.hotjar.com https:; script-src .repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js .fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https:// 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:
Strict-Transport-Security	max-age=31536000; includeSubdomains, max-age=31536000; includeSubDomains
X-Content-Security-Policy	default-src https:; connect-src .repay.io https://.hotjar.com wss://.hotjar.com https:; script-src .repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js .fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https:// 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://dagroupservices.repay.io/ebpp/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 13:58:59 GMT
strict-transport-security: max-age=31536000; includeSubdomains, max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff
content-security-policy: default-src https:; connect-src *.repay.io https://*.hotjar.com wss://*.hotjar.com https:; script-src *.repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js *.fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https://* 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:
content-encoding: gzip
x-envoy-upstream-service-time: 9
server-timing: traceparent;desc="00-0000000000000000769c164fa8663656-9aa2c6305514fb55-01"
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: POST,GET,DELETE,PUT,OPTIONS
content-type: application/json
access-control-allow-origin: dagroupservices.repay.io
access-control-expose-headers: Server-Timing
access-control-allow-credentials: false
access-control-allow-headers: Origin, Content-Type, Accept, Authorization, x-requested-with
x-content-security-policy: default-src https:; connect-src *.repay.io https://*.hotjar.com wss://*.hotjar.com https:; script-src *.repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js *.fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https://* 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:

GET
H2 200 home Show response
dagroupservices.repay.io/checkout/merchant/api/v1/fluent/en-US/channels/web/ 39 B
192 B 166ms
166ms XHR
application/json 15.197.147.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dagroupservices.repay.io/checkout/merchant/api/v1/fluent/en-US/channels/web/home

Requested by

Host: dagroupservices.repay.io
URL: https://dagroupservices.repay.io/ebpp/index_bundle.d01f15e48d6feb35e67d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.197.147.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a0147f2d1d37fd3dc.awsglobalaccelerator.com

Software

envoy /

Resource Hash

a1188799fb89b8b8732343ae505a6d656410848505caba9ad0e5a23ca9d5a8fd

Security Headers

Name	Value
Content-Security-Policy	default-src https:; connect-src .repay.io https://.hotjar.com wss://.hotjar.com https:; script-src .repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js .fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https:// 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:
Strict-Transport-Security	max-age=31536000; includeSubdomains, max-age=31536000; includeSubDomains
X-Content-Security-Policy	default-src https:; connect-src .repay.io https://.hotjar.com wss://.hotjar.com https:; script-src .repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js .fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https:// 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://dagroupservices.repay.io/ebpp/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 13:58:59 GMT
strict-transport-security: max-age=31536000; includeSubdomains, max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff
content-security-policy: default-src https:; connect-src *.repay.io https://*.hotjar.com wss://*.hotjar.com https:; script-src *.repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js *.fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https://* 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:
content-encoding: gzip
x-envoy-upstream-service-time: 14
server-timing: traceparent;desc="00-0000000000000000dfd0836117289de1-ef1f5ec24dd95cee-01"
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: POST,GET,DELETE,PUT,OPTIONS
content-type: application/json
access-control-allow-origin: dagroupservices.repay.io
access-control-expose-headers: Server-Timing
access-control-allow-credentials: false
access-control-allow-headers: Origin, Content-Type, Accept, Authorization, x-requested-with
x-content-security-policy: default-src https:; connect-src *.repay.io https://*.hotjar.com wss://*.hotjar.com https:; script-src *.repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js *.fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https://* 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:

GET
H2 200 home Show response
dagroupservices.repay.io/checkout/merchant/api/v1/fluent/fr-CA/channels/web/ 39 B
161 B 163ms
163ms XHR
application/json 15.197.147.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dagroupservices.repay.io/checkout/merchant/api/v1/fluent/fr-CA/channels/web/home

Requested by

Host: dagroupservices.repay.io
URL: https://dagroupservices.repay.io/ebpp/index_bundle.d01f15e48d6feb35e67d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.197.147.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a0147f2d1d37fd3dc.awsglobalaccelerator.com

Software

envoy /

Resource Hash

a1188799fb89b8b8732343ae505a6d656410848505caba9ad0e5a23ca9d5a8fd

Security Headers

Name	Value
Content-Security-Policy	default-src https:; connect-src .repay.io https://.hotjar.com wss://.hotjar.com https:; script-src .repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js .fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https:// 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:
Strict-Transport-Security	max-age=31536000; includeSubdomains, max-age=31536000; includeSubDomains
X-Content-Security-Policy	default-src https:; connect-src .repay.io https://.hotjar.com wss://.hotjar.com https:; script-src .repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js .fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https:// 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://dagroupservices.repay.io/ebpp/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 13:58:59 GMT
strict-transport-security: max-age=31536000; includeSubdomains, max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff
content-security-policy: default-src https:; connect-src *.repay.io https://*.hotjar.com wss://*.hotjar.com https:; script-src *.repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js *.fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https://* 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:
content-encoding: gzip
x-envoy-upstream-service-time: 11
server-timing: traceparent;desc="00-000000000000000050935bc247435c0e-3ef03eaeab51be79-01"
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: POST,GET,DELETE,PUT,OPTIONS
content-type: application/json
access-control-allow-origin: dagroupservices.repay.io
access-control-expose-headers: Server-Timing
access-control-allow-credentials: false
access-control-allow-headers: Origin, Content-Type, Accept, Authorization, x-requested-with
x-content-security-policy: default-src https:; connect-src *.repay.io https://*.hotjar.com wss://*.hotjar.com https:; script-src *.repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js *.fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https://* 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:

GET
H2 200 customer Show response
dagroupservices.repay.io/checkout/merchant/api/v1/fluent/fr-CA/channels/web/home/ 48 B
168 B 162ms
162ms XHR
application/json 15.197.147.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dagroupservices.repay.io/checkout/merchant/api/v1/fluent/fr-CA/channels/web/home/customer

Requested by

Host: dagroupservices.repay.io
URL: https://dagroupservices.repay.io/ebpp/index_bundle.d01f15e48d6feb35e67d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.197.147.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a0147f2d1d37fd3dc.awsglobalaccelerator.com

Software

envoy /

Resource Hash

376c9f8b652f6ba2b016031e603d26a0cbf23ac9493357ac702a1326846e1eb5

Security Headers

Name	Value
Content-Security-Policy	default-src https:; connect-src .repay.io https://.hotjar.com wss://.hotjar.com https:; script-src .repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js .fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https:// 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:
Strict-Transport-Security	max-age=31536000; includeSubdomains, max-age=31536000; includeSubDomains
X-Content-Security-Policy	default-src https:; connect-src .repay.io https://.hotjar.com wss://.hotjar.com https:; script-src .repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js .fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https:// 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://dagroupservices.repay.io/ebpp/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 13:58:59 GMT
strict-transport-security: max-age=31536000; includeSubdomains, max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff
content-security-policy: default-src https:; connect-src *.repay.io https://*.hotjar.com wss://*.hotjar.com https:; script-src *.repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js *.fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https://* 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:
content-encoding: gzip
x-envoy-upstream-service-time: 8
server-timing: traceparent;desc="00-000000000000000018115b44faa88d3f-1932d0687eed9f22-01"
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: POST,GET,DELETE,PUT,OPTIONS
content-type: application/json
access-control-allow-origin: dagroupservices.repay.io
access-control-expose-headers: Server-Timing
access-control-allow-credentials: false
access-control-allow-headers: Origin, Content-Type, Accept, Authorization, x-requested-with
x-content-security-policy: default-src https:; connect-src *.repay.io https://*.hotjar.com wss://*.hotjar.com https:; script-src *.repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js *.fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https://* 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:

GET
H2 200 customer Show response
dagroupservices.repay.io/checkout/merchant/api/v1/fluent/en-US/channels/web/home/ 48 B
169 B 166ms
166ms XHR
application/json 15.197.147.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dagroupservices.repay.io/checkout/merchant/api/v1/fluent/en-US/channels/web/home/customer

Requested by

Host: dagroupservices.repay.io
URL: https://dagroupservices.repay.io/ebpp/index_bundle.d01f15e48d6feb35e67d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.197.147.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a0147f2d1d37fd3dc.awsglobalaccelerator.com

Software

envoy /

Resource Hash

376c9f8b652f6ba2b016031e603d26a0cbf23ac9493357ac702a1326846e1eb5

Security Headers

Name	Value
Content-Security-Policy	default-src https:; connect-src .repay.io https://.hotjar.com wss://.hotjar.com https:; script-src .repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js .fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https:// 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:
Strict-Transport-Security	max-age=31536000; includeSubdomains, max-age=31536000; includeSubDomains
X-Content-Security-Policy	default-src https:; connect-src .repay.io https://.hotjar.com wss://.hotjar.com https:; script-src .repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js .fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https:// 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://dagroupservices.repay.io/ebpp/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 13:58:59 GMT
strict-transport-security: max-age=31536000; includeSubdomains, max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff
content-security-policy: default-src https:; connect-src *.repay.io https://*.hotjar.com wss://*.hotjar.com https:; script-src *.repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js *.fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https://* 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:
content-encoding: gzip
x-envoy-upstream-service-time: 15
server-timing: traceparent;desc="00-0000000000000000aad9e47ac2d18be9-47bcfd370f211e6d-01"
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: POST,GET,DELETE,PUT,OPTIONS
content-type: application/json
access-control-allow-origin: dagroupservices.repay.io
access-control-expose-headers: Server-Timing
access-control-allow-credentials: false
access-control-allow-headers: Origin, Content-Type, Accept, Authorization, x-requested-with
x-content-security-policy: default-src https:; connect-src *.repay.io https://*.hotjar.com wss://*.hotjar.com https:; script-src *.repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js *.fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https://* 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:

GET
DATA 200
OK truncated
/ 271 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1855dd093b61252e1354d5d3448a382369df78f13b50a3c9cd0bbfdd1c224ca

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 v2 Show response
rs.fullstory.com/rec/bundle/ 29 B
91 B 334ms
261ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle/v2?OrgId=o-1G56C7-na1&UserId=753e64eb-6146-403c-b976-5b1115e1cc6b&SessionId=dbd8fdda-d549-42fe-8403-fb799c58c57a&PageId=af2f683e-16dc-4cbb-8c3f-1e3802940548&Seq=1&PageStart=1698069539848&PrevBundleTime=0&LastActivity=859&IsNewSession=true
Requested by: Host: dagroupservices.repay.io
URL: https://dagroupservices.repay.io/ebpp/index_bundle.d01f15e48d6feb35e67d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: a30a23aec824619a5da373d4404538dfd70bd5ba9347d96278a31a73772338eb

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://dagroupservices.repay.io
date: Mon, 23 Oct 2023 13:59:01 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
content-type: application/json; charset=utf-8

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.repay.io/	1970-01-20 15:41:11	Name: fs_lua Value: 1.1698069539847
			.repay.io/	1970-01-21 00:26:45	Name: fs_uid Value: #o-1G56C7-na1#753e64eb-6146-403c-b976-5b1115e1cc6b:dbd8fdda-d549-42fe-8403-fb799c58c57a:1698069539847::1#/1729605539

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https:; connect-src .repay.io https://.hotjar.com wss://.hotjar.com https:; script-src .repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js .fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https:// 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:
Strict-Transport-Security	max-age=31536000; includeSubdomains max-age=31536000; includeSubDomains
X-Content-Security-Policy	default-src https:; connect-src .repay.io https://.hotjar.com wss://.hotjar.com https:; script-src .repay.io sso.repay.com https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js https://pay.google.com/gp/p/js/pay.js https://translate.googleapis.com https://translate.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://cdn.segment.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://www.paypal.com/sdk/js https://js.braintreegateway.com/web/3.84.0/js/paypal-checkout.min.js https://js.braintreegateway.com/web/3.84.0/js/client.min.js .fullstory.com 'unsafe-inline' 'unsafe-eval'; style-src blob: https: 'unsafe-inline'; font-src self https://gstatic.com/ https://fonts.gstatic.com/ https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/ https://static.hotjar.com/static/ data:; frame-src https:// 'unsafe-inline' blob: mailto: https://vars.hotjar.com; child-src https://vars.hotjar.com; worker-src https://vars.hotjar.com self blob:; img-src https: data:
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cde-prod-channels-merchant-resources-usw2-9799.s3.amazonaws.com
dagroupservices.repay.io
edge.fullstory.com
fonts.googleapis.com
rs.fullstory.com
15.197.147.38
2a00:1450:4001:80b::200a
35.186.194.58
35.201.112.186
52.218.132.19
1c35449cc3d30db88049df6d5c17e828978f16036a12a0d4e5ccc649b0a0d048
1ff4cd1d3e3ee43419d2daf167d3a8da58ea0aca75e02aaf4e83a0a31d4ba4d3
276de14e5179b9b4902ff93a270c98ad7e7556e7c2a6a4ed2564762f2d1d01e6
376c9f8b652f6ba2b016031e603d26a0cbf23ac9493357ac702a1326846e1eb5
4247ab00b14e42b19ff2dcb577fe86f5ca356b393741c4bb8b9961e42f7425af
591300c469b407e61dfb966324596ca81ef2ec6516c2b4c3341ee4ff77ce7edb
613145fe9fe5b9d9a5736a3dadd5e7a76866ff173b43384870a5fada3a7f1845
61339725e26f4c80f88565f8456f31aefefc66dde138b24f13a2e6fa54255b0c
978216366bd92e15bc9af69032ed2a659bf2e481f8b63a1f88d860e73b084b3a
a1188799fb89b8b8732343ae505a6d656410848505caba9ad0e5a23ca9d5a8fd
a30a23aec824619a5da373d4404538dfd70bd5ba9347d96278a31a73772338eb
b1e534fb5f548a1569e2178ee015c30f16ee98df6a29bb1e24b8b698a43d8d35
cb52d582706c52e33e7753ea9b65cd27eddae7d703a8bfee1cd75f91edec0540
dec4d2a3cc70e40f3f238906e37db6ab22b4702a93434915dcc94ba4ab5dc028
e1855dd093b61252e1354d5d3448a382369df78f13b50a3c9cd0bbfdd1c224ca
e2187e383a2d4768c7aee97a6d958283a193db0df4a6fbfd040ffa69e695a791
e788d084c40301ebfa106d111229048ed1a8daf318a7d57a143bdd86cd907cdd

dagroupservices.repay.io Open in urlscan Pro 15.197.147.38 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

19 Requests

100 %HTTPS

20 %IPv6

4 Domains

5 Subdomains

6 IPs

2 Countries

1610 kBTransfer

5312 kBSize

2 Cookies

5 Outgoing links

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

dagroupservices.repay.io Open in urlscan Pro
15.197.147.38 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

100 %
HTTPS

20 %
IPv6

4
Domains

5
Subdomains

6
IPs

2
Countries

1610 kB
Transfer

5312 kB
Size

2
Cookies

19 HTTP transactions
1 data transactions