urlscan.io logo urlscan.io
SecurityTrails logo

pay.myfrontdesk.com Open in urlscan Pro
157.245.173.152  Public Scan

Go To Rescan Add Verdict Report
URL: https://pay.myfrontdesk.com/
Submission: On April 22 via manual from BR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 9 HTTP transactions. The main IP is 157.245.173.152, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is pay.myfrontdesk.com.
TLS certificate: Issued by R3 on April 16th 2024. Valid for: 3 months.
This is the only time pay.myfrontdesk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 157.245.173.152 14061 (DIGITALOC...)
1 2a00:1450:400... 15169 (GOOGLE)
2 209.239.233.100 5033 (AS5033)
1 2a00:1450:400... 15169 (GOOGLE)
9 4
Apex Domain
Subdomains		 Transfer
5 myfrontdesk.com
pay.myfrontdesk.com
55 KB
2 usaepay.com
usaepay.com — Cisco Umbrella Rank: 88094
13 KB
1 gstatic.com
fonts.gstatic.com
26 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
911 B
9 4
Domain Requested by
5 pay.myfrontdesk.com pay.myfrontdesk.com
2 usaepay.com pay.myfrontdesk.com
usaepay.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com pay.myfrontdesk.com
9 4

This site contains no links.

Subject Issuer Validity Valid
pay.myfrontdesk.com
R3		 2024-04-16 -
2024-07-15		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
www.usaepay.com
DigiCert SHA2 Extended Validation Server CA		 2024-01-09 -
2024-12-13		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://pay.myfrontdesk.com/
Frame ID: F55FFE35B0B696A4652C44D96A93022D
Requests: 8 HTTP requests in this frame

Frame: https://usaepay.com/js/v1/card.html
Frame ID: 2FB37E264B6948ACD3DBBC0EC7066163
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Front Desk - Make a Payment

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

9
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

95 kB
Transfer

181 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
pay.myfrontdesk.com/ 		952 B
726 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.myfrontdesk.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.245.173.152 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
bd9a55658326155b843f2648f079871f96bb124fe051d75c33e73548a4ca9179
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 22 Apr 2024 01:11:12 GMT
etag
W/"5fd3e609-3b8"
last-modified
Fri, 11 Dec 2020 21:35:05 GMT
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
css2
fonts.googleapis.com/ 		2 KB
911 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Public+Sans:wght@400;700&display=swap
Requested by
Host: pay.myfrontdesk.com
URL: https://pay.myfrontdesk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2df1bfafa76017bb70bbcc86ccfed9e65bab35336ada0e8cf58b27c492f1240f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pay.myfrontdesk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 22 Apr 2024 01:11:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 22 Apr 2024 00:44:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Apr 2024 01:11:12 GMT
pay.js
usaepay.com/js/v1/ 		12 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://usaepay.com/js/v1/pay.js
Requested by
Host: pay.myfrontdesk.com
URL: https://pay.myfrontdesk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.239.233.100 , United States, ASN5033 (AS5033, US),
Reverse DNS
usaepay.com
Software
nginx /
Resource Hash
3a78ee9c7bf137a009b60775fa1c25e366eb690ef8bc738273484f760337c252
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self'; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pay.myfrontdesk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 22 Apr 2024 01:11:13 GMT
Content-Security-Policy
default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self'; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security
max-age=15768000
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Keep-Alive
timeout=15
app.a3c14d91.css
pay.myfrontdesk.com/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pay.myfrontdesk.com/css/app.a3c14d91.css
Requested by
Host: pay.myfrontdesk.com
URL: https://pay.myfrontdesk.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.245.173.152 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
6be9fd9a3c5379f42fb67f64d3ed1f19df567ab983b07c30c2d004681e7d2dd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pay.myfrontdesk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 01:11:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 11 Dec 2020 21:35:05 GMT
server
nginx
etag
W/"5fd3e609-1725"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
app.c1efb5cb.js
pay.myfrontdesk.com/js/ 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.myfrontdesk.com/js/app.c1efb5cb.js
Requested by
Host: pay.myfrontdesk.com
URL: https://pay.myfrontdesk.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.245.173.152 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
bb714074edd9df615849eb69375596f5072a916594010d1e068c2abbacdec4c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pay.myfrontdesk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 01:11:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 11 Dec 2020 21:35:05 GMT
server
nginx
etag
W/"5fd3e609-82cc"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
chunk-vendors.32f36466.js
pay.myfrontdesk.com/js/ 		101 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.myfrontdesk.com/js/chunk-vendors.32f36466.js
Requested by
Host: pay.myfrontdesk.com
URL: https://pay.myfrontdesk.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.245.173.152 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
06b6dd3eb964245f4015541633d3ab469b8194ebf08248254ba0717c12356cab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pay.myfrontdesk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 01:11:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 11 Dec 2020 21:35:05 GMT
server
nginx
etag
W/"5fd3e609-19283"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
card.html
usaepay.com/js/v1/ Frame 2FB3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usaepay.com/js/v1/card.html
Requested by
Host: usaepay.com
URL: https://usaepay.com/js/v1/pay.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.239.233.100 , United States, ASN5033 (AS5033, US),
Reverse DNS
usaepay.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self'; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://pay.myfrontdesk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
keep-alive
Content-Security-Policy
default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self'; font-src data: https:; media-src 'none'; object-src 'self';
Content-Type
text/html; charset=utf-8
Date
Mon, 22 Apr 2024 01:11:13 GMT
Keep-Alive
timeout=15
Server
nginx
Strict-Transport-Security
max-age=15768000
Transfer-Encoding
chunked
ijwRs572Xtc6ZYQws9YVwnNGfJ4.woff2
fonts.gstatic.com/s/publicsans/v15/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/publicsans/v15/ijwRs572Xtc6ZYQws9YVwnNGfJ4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Public+Sans:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
432501d7bf47b128295c61f72eeee2e5c2d33755f85db43ba89188408ab9389d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://pay.myfrontdesk.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 07:31:03 GMT
x-content-type-options
nosniff
age
495610
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26244
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:34:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Apr 2025 07:31:03 GMT
favicon.ico
pay.myfrontdesk.com/ 		991 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pay.myfrontdesk.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.245.173.152 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
900a988c98b4901c2597659e780ed67b1da38efdec47dea773000e70777651df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pay.myfrontdesk.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 01:11:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 11 Dec 2020 21:35:05 GMT
server
nginx
etag
W/"5fd3e609-3df"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/x-icon
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| usaepay function| __assign string| host object| scripts number| x string| src object| webpackJsonp object| regeneratorRuntime

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block