urlscan.io logo urlscan.io
SecurityTrails logo

john.gurucan.com Open in urlscan Pro
3.222.146.93  Public Scan

Go To Rescan Add Verdict Report
URL: https://john.gurucan.com/6332e8413558c9001253c82a
Submission: On September 30 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 7 domains to perform 37 HTTP transactions. The main IP is 3.222.146.93, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is john.gurucan.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on August 16th 2022. Valid for: a year.
This is the only time john.gurucan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 3.222.146.93 14618 (AMAZON-AES)
5 151.101.0.176 54113 (FASTLY)
1 2 178.248.237.144 197068 (QRATOR)
15 34.111.151.68 396982 (GOOGLE-CL...)
7 2a03:90c0:999... 199524 (GCORE)
3 54.186.23.98 16509 (AMAZON-02)
1 52.43.178.180 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
37 9
2    3.222.146.93 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-146-93.compute-1.amazonaws.com
john.gurucan.com
5    151.101.0.176 (United States)

ASN54113 (FASTLY, US)
js.stripe.com
m.stripe.network
2    178.248.237.144 (Russian Federation)

ASN197068 (QRATOR, RU)
widget.cloudpayments.ru
15    34.111.151.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.151.111.34.bc.googleusercontent.com
payments.open.money
7    2a03:90c0:9996::9996 (United States)

ASN199524 (GCORE, LU)
assets.gurucan.com
cdn.gurucan.com
3    54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com
q.stripe.com
1    52.43.178.180 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-43-178-180.us-west-2.compute.amazonaws.com
m.stripe.com
2    2607:f8b0:4006:816::200a (Rockville, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2607:f8b0:4006:823::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
15 open.money
payments.open.money
522 KB
9 gurucan.com
john.gurucan.com
assets.gurucan.com
cdn.gurucan.com
1 MB
7 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1097
q.stripe.com — Cisco Umbrella Rank: 6952
m.stripe.com — Cisco Umbrella Rank: 1019
88 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 41
2 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1183
17 KB
2 cloudpayments.ru
widget.cloudpayments.ru — Cisco Umbrella Rank: 230172
37 KB
1 gstatic.com
fonts.gstatic.com
13 KB
37 7
Domain Requested by
15 payments.open.money john.gurucan.com
payments.open.money
5 assets.gurucan.com john.gurucan.com
assets.gurucan.com
3 q.stripe.com john.gurucan.com
3 js.stripe.com john.gurucan.com
js.stripe.com
2 fonts.googleapis.com payments.open.money
2 cdn.gurucan.com john.gurucan.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 widget.cloudpayments.ru 1 redirects john.gurucan.com
2 john.gurucan.com assets.gurucan.com
1 fonts.gstatic.com fonts.googleapis.com
1 m.stripe.com m.stripe.network
37 11

This site contains links to these domains. Also see Links.

Domain
storageapi.fleek.co
Subject Issuer Validity Valid
*.gurucan.com
AlphaSSL CA - SHA256 - G2		 2022-08-16 -
2023-09-17		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2022-08-31 -
2023-01-10		 4 months crt.sh
*.open.money
Starfield Secure Certificate Authority - G2		 2021-11-10 -
2022-12-12		 a year crt.sh
assets.gurucan.com
R3		 2022-09-03 -
2022-12-02		 3 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-06 -
2022-12-07		 3 months crt.sh
cdn-temp.gurucan.com
R3		 2022-09-02 -
2022-12-01		 3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-15 -
2023-01-26		 4 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://john.gurucan.com/6332e8413558c9001253c82a
Frame ID: BEBA17E45206E2C70BBC489C31FC3C23
Requests: 12 HTTP requests in this frame

Frame: https://payments.open.money/open/prefetcher
Frame ID: A9AD722C479F9B2C45641907ED113F95
Requests: 17 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-1156c9fc45a36380bf5f3448b809db30.html
Frame ID: CAF3282214DA8892FC305B2110F958D9
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: E84BEFA662D4818548E2343984822138
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Torode Realty Advisors

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

37
Requests

97 %
HTTPS

33 %
IPv6

7
Domains

11
Subdomains

9
IPs

2
Countries

1916 kB
Transfer

4056 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://widget.cloudpayments.ru/bundles/cloudpayments HTTP 301
  • https://widget.cloudpayments.ru/bundles/cloudpayments/

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 6332e8413558c9001253c82a
john.gurucan.com/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://john.gurucan.com/6332e8413558c9001253c82a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.146.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-146-93.compute-1.amazonaws.com
Software
nginx/1.21.6 / Express
Resource Hash
b460cbe590b203d52514ddc1e0e29efd735b4cd19bc861334264627b2d4d3c27

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Origin
undefined *
Connection
keep-alive
Content-Language
en-CA
Content-Length
1291
Content-Type
text/html; charset=utf-8
Date
Fri, 30 Sep 2022 13:03:19 GMT
ETag
W/"50b-jcJ27b8pXrnCLsswFUMYiyKAshw"
Server
nginx/1.21.6
X-Powered-By
Express
/
js.stripe.com/v3/ 		352 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: john.gurucan.com
URL: https://john.gurucan.com/6332e8413558c9001253c82a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
44c5cc39d0b5ceed26e16377ea0e733e80b223a57e1e1cc33ab5f6f152f301ff
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://john.gurucan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 30 Sep 2022 13:03:19 GMT
via
1.1 varnish
age
55
x-cache
HIT
content-length
86597
x-request-id
da729446-3d13-4771-ba55-1424db1f4d23
x-served-by
cache-yul12832-YUL
last-modified
Fri, 30 Sep 2022 00:33:43 GMT
server
Fastly
etag
"23697211b654e329b8d80bf6cf9fda4b"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
21
/
widget.cloudpayments.ru/bundles/cloudpayments/
Redirect Chain
  • https://widget.cloudpayments.ru/bundles/cloudpayments
  • https://widget.cloudpayments.ru/bundles/cloudpayments/
112 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.cloudpayments.ru/bundles/cloudpayments/
Requested by
Host: john.gurucan.com
URL: https://john.gurucan.com/6332e8413558c9001253c82a
Protocol
HTTP/1.1
Server
178.248.237.144 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
nginx /
Resource Hash
28a7499a5dc3f5d700697a4f615df33a9174bf8cb6146c2184bb7f338474da25

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://john.gurucan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Fri, 30 Sep 2022 13:03:19 GMT
Content-Encoding
br
Last-Modified
Thu, 29 Sep 2022 14:49:30 GMT
Server
nginx
ETag
"6335b07a-8ef0"
Vary
Accept-Encoding
Content-Security-Policy-Report-Only
default-src https://widget.cloudpayments.ru; connect-src https://widget.cloudpayments.ru https://api.cloudpayments.ru https://static.cloudpayments.ru https://pay.google.com https://pay.yandex.ru; font-src https://widget.cloudpayments.ru data:; frame-src https://widget.cloudpayments.ru https://pay.google.com https://sandbox.pay.yandex.ru https://pay.yandex.ru; frame-ancestors https:; img-src https://widget.cloudpayments.ru https://pay.yandex.ru data:; media-src https://widget.cloudpayments.ru https://static.cloudpayments.ru; object-src https://widget.cloudpayments.ru; script-src https://widget.cloudpayments.ru https://forma.tinkoff.ru https://pay.google.com https://pay.yandex.ru 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline' https:; report-to csp-endpoint; report-uri https://widget.cloudpayments.ru/csp-collector
Content-Type
application/javascript
Report-To
{"group": "csp-endpoint", "max_age": 10886400, "endpoints": [{ "url": "https://widget.cloudpayments.ru/csp-collector" }] }
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
36592

Redirect headers

Location
https://widget.cloudpayments.ru/bundles/cloudpayments/
Date
Fri, 30 Sep 2022 13:03:19 GMT
Server
nginx
Connection
keep-alive
Content-Length
162
Content-Type
text/html
layer
payments.open.money/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments.open.money/layer
Requested by
Host: john.gurucan.com
URL: https://john.gurucan.com/6332e8413558c9001253c82a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.151.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.151.111.34.bc.googleusercontent.com
Software
istio-envoy / Express
Resource Hash
a8b31265d6d8fba855d3a4887699470206912a3bfe08dcc01bee54058e2a3abd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://john.gurucan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 13:03:19 GMT
via
1.1 google
x-powered-by
Express
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8126
last-modified
Thu, 01 Sep 2022 16:54:07 GMT
server
istio-envoy
etag
W/"1fbe-182f9f96438"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
AuthToken
cache-control
public, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
d824df7eb2e268626a2dd9a6a741ac4e.woff2
assets.gurucan.com/landings/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.gurucan.com/landings/d824df7eb2e268626a2dd9a6a741ac4e.woff2
Requested by
Host: john.gurucan.com
URL: https://john.gurucan.com/6332e8413558c9001253c82a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx / Express
Resource Hash
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

Referer
https://john.gurucan.com/
Origin
https://john.gurucan.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-id
td2-up-gc11
date
Fri, 30 Sep 2022 13:03:19 GMT
last-modified
Mon, 16 May 2022 12:36:58 GMT
server
nginx
x-powered-by
Express
etag
W/"131bc-180ccdf2610"
x-cached-since
2022-06-07T15:55:38+00:00
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cache
HIT
accept-ranges
bytes
timing-allow-origin
*
content-length
78268
main.5a035fcd3155657282c4.js
assets.gurucan.com/landings/ 		3 MB
837 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.gurucan.com/landings/main.5a035fcd3155657282c4.js
Requested by
Host: john.gurucan.com
URL: https://john.gurucan.com/6332e8413558c9001253c82a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx / Express
Resource Hash
97c20f8b27d13df9c3f33b2f4d91f2b2767606e5bc4488f2973811401f97e4a9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://john.gurucan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-id
td2-up-gc10
date
Fri, 30 Sep 2022 13:03:19 GMT
content-encoding
gzip
last-modified
Mon, 18 Jul 2022 10:49:16 GMT
server
nginx
x-powered-by
Express
etag
W/"2800a4-18210ed2fe0"
x-cached-since
2022-09-28T16:07:48+00:00
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache
HIT
sourcemap
https://source.gurucan.com/landings/main.5a035fcd3155657282c4.js.map
prefetcher
payments.open.money/open/ Frame A9AD 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://payments.open.money/open/prefetcher
Requested by
Host: payments.open.money
URL: https://payments.open.money/layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.151.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.151.111.34.bc.googleusercontent.com
Software
istio-envoy / Express
Resource Hash
37c80d69600c115649c256e8a499f132d5e856c23c92ea8fbaae371293ccd3e0

Request headers

Referer
https://john.gurucan.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
AuthToken
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1491
content-type
text/html; charset=utf-8
date
Fri, 30 Sep 2022 13:03:20 GMT
etag
W/"5d3-tTg/+xNImoXBZGFP88MHfSa5jvQ"
server
istio-envoy
via
1.1 google
x-envoy-upstream-service-time
14
x-powered-by
Express
6332e8413558c9001253c82a
john.gurucan.com/api/landings/ 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://john.gurucan.com/api/landings/6332e8413558c9001253c82a
Requested by
Host: assets.gurucan.com
URL: https://assets.gurucan.com/landings/main.5a035fcd3155657282c4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.146.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-146-93.compute-1.amazonaws.com
Software
nginx/1.21.6 /
Resource Hash
0f26f3cf60be0ac4a238c4364cafe40d89287394000f04bd4bf6be7688ca6729
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://john.gurucan.com/6332e8413558c9001253c82a
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Fri, 30 Sep 2022 13:03:20 GMT
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
off
Connection
keep-alive
Content-Length
4906
X-XSS-Protection
1; mode=block
Server
nginx/1.21.6
ETag
W/"132a-yOL8DkmKqYZrWJxc+rsfMe6NaWE"
X-Download-Options
noopen
X-RateLimit-Remaining
1799
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
undefined
Content-Language
en-CA
X-RateLimit-Reset
1664543454
X-RateLimit-Limit
1800
Access-Control-Allow-Headers
X-Requested-With, Content-Type
m-outer-1156c9fc45a36380bf5f3448b809db30.html
js.stripe.com/v3/ Frame CAF3 		186 B
798 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-1156c9fc45a36380bf5f3448b809db30.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
e5039c1d8f6d965215bd2204fabc23f5703ee6d41fec3c734436cff046409956
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://john.gurucan.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
46366
cache-control
max-age=31536000
content-encoding
br
content-length
114
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Fri, 30 Sep 2022 13:03:20 GMT
etag
"1156c9fc45a36380bf5f3448b809db30"
last-modified
Fri, 30 Sep 2022 00:09:01 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
23301
x-content-type-options
nosniff
x-request-id
0f413e1a-ab9d-42a0-8b08-4be1501e1e0a
x-served-by
cache-yul12832-YUL
csp-report
q.stripe.com/ Frame CAF3 		0
570 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: john.gurucan.com
URL: https://john.gurucan.com/6332e8413558c9001253c82a
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 30 Sep 2022 13:03:20 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame CAF3 		0
571 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: john.gurucan.com
URL: https://john.gurucan.com/6332e8413558c9001253c82a
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 30 Sep 2022 13:03:20 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
0
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
m-outer-ae15f9409b6011aa9910b1831ff9c874.js
js.stripe.com/v3/fingerprinted/js/ Frame CAF3 		526 B
389 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-ae15f9409b6011aa9910b1831ff9c874.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-1156c9fc45a36380bf5f3448b809db30.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://js.stripe.com/v3/m-outer-1156c9fc45a36380bf5f3448b809db30.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 30 Sep 2022 13:03:20 GMT
via
1.1 varnish
age
46365
x-cache
HIT
content-length
256
x-request-id
ad6a39bd-9341-482f-98a0-f09ba86b0b35
x-served-by
cache-yul12832-YUL
last-modified
Fri, 30 Sep 2022 00:09:00 GMT
server
Fastly
etag
"d96c709017743c0759cf3853d1806ba5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
21357
inner.html
m.stripe.network/ Frame E84B 		930 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-ae15f9409b6011aa9910b1831ff9c874.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
33
cache-control
max-age=300, public
content-encoding
gzip
content-length
527
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Fri, 30 Sep 2022 13:03:20 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 varnish
x-cache
HIT
x-cache-hits
61
x-content-type-options
nosniff
x-request-id
86a0be2a-6316-4f13-b281-a6a111b17e0f
x-served-by
cache-yul12832-YUL
x-timer
S1664543000.439845,VS0,VE0
resources.json
assets.gurucan.com/translations/ 		11 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.gurucan.com/translations/resources.json?lng=en&ns=website_landing+basic+pricing&v=136
Requested by
Host: assets.gurucan.com
URL: https://assets.gurucan.com/landings/main.5a035fcd3155657282c4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx / Express
Resource Hash
172d5622fa11e7d3f6c945236ce609333c70925c6b56c1296c679d0a1b11e4e3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://john.gurucan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-id
td2-up-gc11
date
Fri, 30 Sep 2022 13:03:20 GMT
content-encoding
gzip
server
nginx
x-powered-by
Express
etag
W/"2dd6-/nVupYk6U2HflgnM+2jb8cQ7A+s"
x-cached-since
2022-09-29T14:47:28+00:00
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cache
HIT
csp-report
q.stripe.com/ Frame E84B 		0
344 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: john.gurucan.com
URL: https://john.gurucan.com/6332e8413558c9001253c82a
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Fri, 30 Sep 2022 13:03:20 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
nginx
cross-origin-opener-policy
same-origin
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
x-robots-tag
none
content-length
0
expires
0
a4276f43-359b-42d3-8c5f-669e39ab205d42042ede-daa8-478e-a5a7-33ea861e7a157e4603ca-a048-40b1-b8fa-3b9440465058a8c53430-bcc8-4147-90d7-4557f29d4b4f.png
cdn.gurucan.com/images/a4276f43-359b-42d3-8c5f-669e39ab205d42042ede-daa8-478e-a5a7-33ea861e7a157e4603ca-a048-40b1-b8fa-3b9440465058a8c53430-bcc8-4147-90d7-4557f29d4b4f/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.gurucan.com/images/a4276f43-359b-42d3-8c5f-669e39ab205d42042ede-daa8-478e-a5a7-33ea861e7a157e4603ca-a048-40b1-b8fa-3b9440465058a8c53430-bcc8-4147-90d7-4557f29d4b4f/a4276f43-359b-42d3-8c5f-669e39ab205d42042ede-daa8-478e-a5a7-33ea861e7a157e4603ca-a048-40b1-b8fa-3b9440465058a8c53430-bcc8-4147-90d7-4557f29d4b4f.png
Requested by
Host: john.gurucan.com
URL: https://john.gurucan.com/6332e8413558c9001253c82a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
524be57f481e468cb8d65e7cac89ae52c357581c65779762617c8db7acd6b393

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://john.gurucan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-id
td2-up-gc10
date
Fri, 30 Sep 2022 13:03:20 GMT
last-modified
Tue, 27 Sep 2022 12:09:50 GMT
server
nginx
x-amz-request-id
61c05f49-d56d-480a-a666-945b779c4f98
etag
"4392a0f02deaf7cb294fc6fc491bbc32"
content-type
application/octet-stream
access-control-allow-origin
*
x-clv-request-id
61c05f49-d56d-480a-a666-945b779c4f98
cache
MISS
accept-ranges
bytes
content-length
4404
x-clv-s3-version
2.5
d65113b6da7ba4bd0a59dbda5a7e24d4.woff2
assets.gurucan.com/landings/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.gurucan.com/landings/d65113b6da7ba4bd0a59dbda5a7e24d4.woff2
Requested by
Host: john.gurucan.com
URL: https://john.gurucan.com/6332e8413558c9001253c82a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx / Express
Resource Hash
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0

Request headers

Referer
https://john.gurucan.com/
Origin
https://john.gurucan.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-id
td2-up-gc11
date
Fri, 30 Sep 2022 13:03:20 GMT
last-modified
Mon, 16 May 2022 12:36:58 GMT
server
nginx
x-powered-by
Express
etag
W/"4134-180ccdf2610"
x-cached-since
2022-06-27T19:11:42+00:00
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cache
HIT
accept-ranges
bytes
timing-allow-origin
*
content-length
16692
out-4.5.42.js
m.stripe.network/ Frame E84B 		86 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Fri, 30 Sep 2022 13:03:20 GMT
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 varnish
age
222
x-cache
HIT
content-length
16031
x-request-id
53875cf1-e7ce-4fc8-9441-70c1ed555485
x-served-by
cache-yul12832-YUL
server
Fastly
x-timer
S1664543000.474172,VS0,VE0
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
accept-ranges
bytes
x-cache-hits
340
e5f1782c-6fed-40dc-b134-ea13cd1864e0c10e7c11-a89a-43ed-9375-88cf09cb17b0cfcd68cd-96d3-47bd-b7ba-193ebde762802ea21596-5448-4d16-98e8-5ad7acb48092.png
cdn.gurucan.com/images/e5f1782c-6fed-40dc-b134-ea13cd1864e0c10e7c11-a89a-43ed-9375-88cf09cb17b0cfcd68cd-96d3-47bd-b7ba-193ebde762802ea21596-5448-4d16-98e8-5ad7acb48092/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.gurucan.com/images/e5f1782c-6fed-40dc-b134-ea13cd1864e0c10e7c11-a89a-43ed-9375-88cf09cb17b0cfcd68cd-96d3-47bd-b7ba-193ebde762802ea21596-5448-4d16-98e8-5ad7acb48092/e5f1782c-6fed-40dc-b134-ea13cd1864e0c10e7c11-a89a-43ed-9375-88cf09cb17b0cfcd68cd-96d3-47bd-b7ba-193ebde762802ea21596-5448-4d16-98e8-5ad7acb48092.png
Requested by
Host: john.gurucan.com
URL: https://john.gurucan.com/6332e8413558c9001253c82a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
3e956247975fae43d40f2cab1c902441d696b0f16e02b13c5a8a13802a389331

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://john.gurucan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-id
td2-up-gc10
date
Fri, 30 Sep 2022 13:03:20 GMT
last-modified
Tue, 27 Sep 2022 10:53:45 GMT
server
nginx
x-amz-request-id
36616ea1-ff4a-48ec-9d3f-0818d24637e5
etag
"9cf105957438cb1971cea7aa45405e1b"
content-type
application/octet-stream
access-control-allow-origin
*
x-clv-request-id
36616ea1-ff4a-48ec-9d3f-0818d24637e5
cache
MISS
accept-ranges
bytes
content-length
3602
x-clv-s3-version
2.5
5182da425f811908bed9f5b8c72fa44f.ttf
assets.gurucan.com/landings/ 		287 KB
287 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.gurucan.com/landings/5182da425f811908bed9f5b8c72fa44f.ttf
Requested by
Host: john.gurucan.com
URL: https://john.gurucan.com/6332e8413558c9001253c82a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx / Express
Resource Hash
71d10a86b4c54a5a9c0c8b467e53ac67d79edb96c956e4e9f65a7074dfb9992a

Request headers

Referer
https://john.gurucan.com/
Origin
https://john.gurucan.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-id
td2-up-gc11
date
Fri, 30 Sep 2022 13:03:20 GMT
last-modified
Mon, 16 May 2022 12:36:58 GMT
server
nginx
x-powered-by
Express
etag
W/"47a8c-180ccdf2610"
x-cached-since
2022-06-27T19:11:42+00:00
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
cache
HIT
accept-ranges
bytes
timing-allow-origin
*
content-length
293516
6
m.stripe.com/ Frame E84B 		156 B
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.43.178.180 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-178-180.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
1da60376e4997f4810f2c73335d581f1c122864b96a99888db7eb7f7f12f542c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 30 Sep 2022 13:03:20 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
server
nginx
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
css
fonts.googleapis.com/ Frame A9AD 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat|Open+Sans&display=swap
Requested by
Host: payments.open.money
URL: https://payments.open.money/open/prefetcher
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ad4408e85eea768b7fe44e8716da68d651b6cfa05bda6ef53335d93d73f34d9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://payments.open.money/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 30 Sep 2022 13:03:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 30 Sep 2022 12:50:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 30 Sep 2022 13:03:20 GMT
css
fonts.googleapis.com/ Frame A9AD 		2 KB
613 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:300&display=swap
Requested by
Host: payments.open.money
URL: https://payments.open.money/open/prefetcher
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b56a96c8ac30c44981eff6d7f8a7b75bdcb55d8427f7fb078ae210c9cc136a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://payments.open.money/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 30 Sep 2022 13:03:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 30 Sep 2022 12:53:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 30 Sep 2022 13:03:20 GMT
layer.7f177c62dec903bb9889.css
payments.open.money/static/layer/css/ Frame A9AD 		52 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payments.open.money/static/layer/css/layer.7f177c62dec903bb9889.css
Requested by
Host: payments.open.money
URL: https://payments.open.money/open/prefetcher
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.151.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.151.111.34.bc.googleusercontent.com
Software
istio-envoy / Express
Resource Hash
f5b58de34b704bed7ab5bcb713f24afe191ee0d72f9ef6df02839e64ea637af5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://payments.open.money/open/prefetcher
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 13:03:20 GMT
via
1.1 google
x-powered-by
Express
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53183
last-modified
Thu, 01 Sep 2022 16:54:37 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
AuthToken
cache-control
public, max-age=3600
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
jquery.min.js
payments.open.money/jquery/ Frame A9AD 		88 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments.open.money/jquery/jquery.min.js
Requested by
Host: payments.open.money
URL: https://payments.open.money/open/prefetcher
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.151.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.151.111.34.bc.googleusercontent.com
Software
istio-envoy / Express
Resource Hash
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://payments.open.money/open/prefetcher
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 13:03:20 GMT
via
1.1 google
x-powered-by
Express
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
89664
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
AuthToken
cache-control
public, max-age=3600
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
visa.svg
payments.open.money/static/layer/images/ Frame A9AD 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payments.open.money/static/layer/images/visa.svg
Requested by
Host: payments.open.money
URL: https://payments.open.money/open/prefetcher
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.151.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.151.111.34.bc.googleusercontent.com
Software
istio-envoy / Express
Resource Hash
6429ed374e386caeeeeddf44b9bfe4548b983510db3ef5bec527e565f614c271

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://payments.open.money/open/prefetcher
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 13:03:21 GMT
via
1.1 google
x-powered-by
Express
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2792
last-modified
Thu, 01 Sep 2022 16:54:07 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
AuthToken
cache-control
public, max-age=3600
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
rupay.svg
payments.open.money/static/layer/images/ Frame A9AD 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payments.open.money/static/layer/images/rupay.svg
Requested by
Host: payments.open.money
URL: https://payments.open.money/open/prefetcher
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.151.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.151.111.34.bc.googleusercontent.com
Software
istio-envoy / Express
Resource Hash
159301d872e2683da91bb79fce52331adf25b70dd2d69915655d956490a3a8b1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://payments.open.money/open/prefetcher
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 13:03:21 GMT
via
1.1 google
x-powered-by
Express
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4698
last-modified
Thu, 01 Sep 2022 16:54:07 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
AuthToken
cache-control
public, max-age=3600
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
maestro.svg
payments.open.money/static/layer/images/ Frame A9AD 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payments.open.money/static/layer/images/maestro.svg
Requested by
Host: payments.open.money
URL: https://payments.open.money/open/prefetcher
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.151.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.151.111.34.bc.googleusercontent.com
Software
istio-envoy / Express
Resource Hash
f978a47ac8a0b2796b9fd64383b325ac25da1253f5c36869bc3c0047948672e6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://payments.open.money/open/prefetcher
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 13:03:21 GMT
via
1.1 google
x-powered-by
Express
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6795
last-modified
Thu, 01 Sep 2022 16:43:30 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
AuthToken
cache-control
public, max-age=3600
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
master.svg
payments.open.money/static/layer/images/ Frame A9AD 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payments.open.money/static/layer/images/master.svg
Requested by
Host: payments.open.money
URL: https://payments.open.money/open/prefetcher
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.151.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.151.111.34.bc.googleusercontent.com
Software
istio-envoy / Express
Resource Hash
78c1ed0d135fa650e9886a6e79067d9fea30c502f3f675b03be8db8f5b210fcd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://payments.open.money/open/prefetcher
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 13:03:22 GMT
via
1.1 google
x-powered-by
Express
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1235
last-modified
Thu, 01 Sep 2022 16:43:30 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
AuthToken
cache-control
public, max-age=3600
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
undefined.svg
payments.open.money/static/layer/images/ Frame A9AD 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payments.open.money/static/layer/images/undefined.svg
Requested by
Host: payments.open.money
URL: https://payments.open.money/open/prefetcher
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.151.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.151.111.34.bc.googleusercontent.com
Software
istio-envoy / Express
Resource Hash
4640138a21a40c07e6ce66152ff2430a10cf77a9b55c9a0671f230e224daa8e7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://payments.open.money/open/prefetcher
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 13:03:21 GMT
via
1.1 google
x-powered-by
Express
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3357
last-modified
Thu, 01 Sep 2022 17:02:43 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
AuthToken
cache-control
public, max-age=3600
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
checked.svg
payments.open.money/static/layer/images/ Frame A9AD 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payments.open.money/static/layer/images/checked.svg
Requested by
Host: payments.open.money
URL: https://payments.open.money/open/prefetcher
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.151.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.151.111.34.bc.googleusercontent.com
Software
istio-envoy / Express
Resource Hash
247bff5f05f8374caf6f6ee9631b8c1a66d0c6a2ac7c08c4eb4dc98bfe10a6e0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://payments.open.money/open/prefetcher
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 13:03:22 GMT
via
1.1 google
x-powered-by
Express
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1259
last-modified
Thu, 01 Sep 2022 16:53:26 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
AuthToken
cache-control
public, max-age=3600
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
check_default.svg
payments.open.money/static/layer/images/ Frame A9AD 		740 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payments.open.money/static/layer/images/check_default.svg
Requested by
Host: payments.open.money
URL: https://payments.open.money/open/prefetcher
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.151.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.151.111.34.bc.googleusercontent.com
Software
istio-envoy / Express
Resource Hash
32a2e9d1a9281a44b4d9cef3924a8420664a031cd7c062527b985fd5584f58e2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://payments.open.money/open/prefetcher
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 13:03:22 GMT
via
1.1 google
x-powered-by
Express
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
740
last-modified
Thu, 01 Sep 2022 17:02:42 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
AuthToken
cache-control
public, max-age=3600
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
layer.7026dc9fbf1d193030c2.js
payments.open.money/static/layer/js/ Frame A9AD 		228 KB
228 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments.open.money/static/layer/js/layer.7026dc9fbf1d193030c2.js
Requested by
Host: payments.open.money
URL: https://payments.open.money/open/prefetcher
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.151.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.151.111.34.bc.googleusercontent.com
Software
istio-envoy / Express
Resource Hash
5084516a4bd81aa90fac257bb3f9ac5d835459d6508d40f906e882baa94233ac

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://payments.open.money/open/prefetcher
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 13:03:21 GMT
via
1.1 google
x-powered-by
Express
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
233760
last-modified
Thu, 01 Sep 2022 16:54:03 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
AuthToken
cache-control
public, max-age=3600
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
a8b41e1c7ea1af0ae905b44d0cdd9a45.svg
payments.open.money/static/layer/css/ Frame A9AD 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payments.open.money/static/layer/css/a8b41e1c7ea1af0ae905b44d0cdd9a45.svg
Requested by
Host: payments.open.money
URL: https://payments.open.money/static/layer/css/layer.7f177c62dec903bb9889.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.151.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.151.111.34.bc.googleusercontent.com
Software
istio-envoy / Express
Resource Hash
247bff5f05f8374caf6f6ee9631b8c1a66d0c6a2ac7c08c4eb4dc98bfe10a6e0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://payments.open.money/static/layer/css/layer.7f177c62dec903bb9889.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 13:03:22 GMT
via
1.1 google
x-powered-by
Express
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1259
last-modified
Thu, 01 Sep 2022 17:01:22 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
AuthToken
cache-control
public, max-age=3600
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
f28c77ccb3ef33c77ec8dc986e6a3d20.svg
payments.open.money/static/layer/css/ Frame A9AD 		740 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payments.open.money/static/layer/css/f28c77ccb3ef33c77ec8dc986e6a3d20.svg
Requested by
Host: payments.open.money
URL: https://payments.open.money/static/layer/css/layer.7f177c62dec903bb9889.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.151.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.151.111.34.bc.googleusercontent.com
Software
istio-envoy / Express
Resource Hash
32a2e9d1a9281a44b4d9cef3924a8420664a031cd7c062527b985fd5584f58e2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://payments.open.money/static/layer/css/layer.7f177c62dec903bb9889.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 13:03:22 GMT
via
1.1 google
x-powered-by
Express
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
740
last-modified
Thu, 01 Sep 2022 16:43:57 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
AuthToken
cache-control
public, max-age=3600
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
b18dd0bd175248a1fb98a18a2aa83b73.png
payments.open.money/static/layer/css/ Frame A9AD 		121 KB
121 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payments.open.money/static/layer/css/b18dd0bd175248a1fb98a18a2aa83b73.png
Requested by
Host: payments.open.money
URL: https://payments.open.money/static/layer/css/layer.7f177c62dec903bb9889.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.151.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.151.111.34.bc.googleusercontent.com
Software
istio-envoy / Express
Resource Hash
12add8ed78eb2a82cf09215a438981cfcad652365acb991e75142d546b55d014

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://payments.open.money/static/layer/css/layer.7f177c62dec903bb9889.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 13:03:22 GMT
via
1.1 google
x-powered-by
Express
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
124012
last-modified
Thu, 01 Sep 2022 16:54:37 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
AuthToken
cache-control
public, max-age=3600
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v25/ Frame A9AD 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat|Open+Sans&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://payments.open.money
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 10:57:08 GMT
x-content-type-options
nosniff
age
525973
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12708
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:55:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Sep 2023 10:57:08 GMT

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| webpackChunkstripe_js_v3 function| Stripe object| cp object| regeneratorRuntime object| Layer object| CONFIG object| vttjs function| WebVTT function| setImmediate function| clearImmediate object| core

3 Cookies

Domain/Path Name / Value
m.stripe.com/ Name: m
Value: 2ea46a0f-740c-48bf-b70c-4daa1009c1409d18a0
.john.gurucan.com/ Name: __stripe_mid
Value: 15112be6-a447-454d-965d-f24dc1d834384b9547
.john.gurucan.com/ Name: __stripe_sid
Value: 5b5f9d82-5161-4dc9-9085-965e87978e2b0b9254

1 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.gurucan.com
cdn.gurucan.com
fonts.googleapis.com
fonts.gstatic.com
john.gurucan.com
js.stripe.com
m.stripe.com
m.stripe.network
payments.open.money
q.stripe.com
widget.cloudpayments.ru
151.101.0.176
178.248.237.144
2607:f8b0:4006:816::200a
2607:f8b0:4006:823::2003
2a03:90c0:9996::9996
3.222.146.93
34.111.151.68
52.43.178.180
54.186.23.98
0f26f3cf60be0ac4a238c4364cafe40d89287394000f04bd4bf6be7688ca6729
12add8ed78eb2a82cf09215a438981cfcad652365acb991e75142d546b55d014
159301d872e2683da91bb79fce52331adf25b70dd2d69915655d956490a3a8b1
172d5622fa11e7d3f6c945236ce609333c70925c6b56c1296c679d0a1b11e4e3
1da60376e4997f4810f2c73335d581f1c122864b96a99888db7eb7f7f12f542c
247bff5f05f8374caf6f6ee9631b8c1a66d0c6a2ac7c08c4eb4dc98bfe10a6e0
28a7499a5dc3f5d700697a4f615df33a9174bf8cb6146c2184bb7f338474da25
32a2e9d1a9281a44b4d9cef3924a8420664a031cd7c062527b985fd5584f58e2
37c80d69600c115649c256e8a499f132d5e856c23c92ea8fbaae371293ccd3e0
3e956247975fae43d40f2cab1c902441d696b0f16e02b13c5a8a13802a389331
44c5cc39d0b5ceed26e16377ea0e733e80b223a57e1e1cc33ab5f6f152f301ff
4640138a21a40c07e6ce66152ff2430a10cf77a9b55c9a0671f230e224daa8e7
5084516a4bd81aa90fac257bb3f9ac5d835459d6508d40f906e882baa94233ac
524be57f481e468cb8d65e7cac89ae52c357581c65779762617c8db7acd6b393
6429ed374e386caeeeeddf44b9bfe4548b983510db3ef5bec527e565f614c271
71d10a86b4c54a5a9c0c8b467e53ac67d79edb96c956e4e9f65a7074dfb9992a
78c1ed0d135fa650e9886a6e79067d9fea30c502f3f675b03be8db8f5b210fcd
97c20f8b27d13df9c3f33b2f4d91f2b2767606e5bc4488f2973811401f97e4a9
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a8b31265d6d8fba855d3a4887699470206912a3bfe08dcc01bee54058e2a3abd
ad4408e85eea768b7fe44e8716da68d651b6cfa05bda6ef53335d93d73f34d9b
b460cbe590b203d52514ddc1e0e29efd735b4cd19bc861334264627b2d4d3c27
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b56a96c8ac30c44981eff6d7f8a7b75bdcb55d8427f7fb078ae210c9cc136a
e5039c1d8f6d965215bd2204fabc23f5703ee6d41fec3c734436cff046409956
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f5b58de34b704bed7ab5bcb713f24afe191ee0d72f9ef6df02839e64ea637af5
f978a47ac8a0b2796b9fd64383b325ac25da1253f5c36869bc3c0047948672e6