secure.deftpaymentsystems.com Open in urlscan Pro
52.200.3.74  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response secure.deftpaymentsystems.com/	50 KB 14 KB	443ms 183ms	Document text/html	52.200.3.74 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://secure.deftpaymentsystems.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.200.3.74 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-200-3-74.compute-1.amazonaws.com Software openresty/1.15.8.2 / Resource Hash d7d8c4987dea51905fec8ba62f772b25a89722729e9ae9a67bb5166d2d13a383 Request headers Host secure.deftpaymentsystems.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Server openresty/1.15.8.2 Date Thu, 02 Sep 2021 19:14:31 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding P3P CP="NON" X-Wishpond-Host wishpondv1-server-6c79684dd5-zqk6v X-Wishpond-Prefix PagesV2r/50d39f/1 X-Wishpond-Version 20200910000001 X-Wishpond-Queries 0 X-Wishpond-Guard 1630088676.8569229 X-Wishpond-Generated 2021-08-27 18:24:38 +0000 Content-Language en-US X-Request-Id 703d89ea-eb22-4607-8e9f-355defa6ddd7 X-Runtime 0.041316 Content-Encoding gzip
GET H2	200	connect.js Show response cdn.wishpond.net/	157 KB 40 KB	54ms 12ms	Script application/javascript	143.204.98.25 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.wishpond.net/connect.js?merchantId=1390859&socialCampaignId=2591675&writeKey=ae4b18ea7554 Requested by Host: secure.deftpaymentsystems.com URL: https://secure.deftpaymentsystems.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.25 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-25.fra50.r.cloudfront.net Software nginx/1.17.5 / Resource Hash 1cf8f82ea1fee9bb2e05066d1287ac05b0d657f72eff947ba9272fa1c3322749 Request headers Referer https://secure.deftpaymentsystems.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 27 Aug 2021 22:00:03 GMT content-encoding gzip last-modified Fri, 27 Aug 2021 16:42:24 GMT server nginx/1.17.5 age 508468 etag W/"612915f0-272e9" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront) cache-control public, stale-if-error, max-age=3600, s-max-age=172800 x-amz-cf-pop FRA50-C1 x-amz-cf-id hXQjgijbrfVVi71EJyVbmoH0SldSN5zsRxzW1djs9b1VmWLDITstCg==
GET H/1.1	200 OK	pages_v2r-fecc1e6a2156b7e0c3f1599c2799e4e904967c8592cbb3e5dc6ad773fdb4737e.js Show response d30itml3t0pwpf.cloudfront.net/assets/	204 KB 49 KB	61ms 11ms	Script application/javascript	143.204.101.157 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d30itml3t0pwpf.cloudfront.net/assets/pages_v2r-fecc1e6a2156b7e0c3f1599c2799e4e904967c8592cbb3e5dc6ad773fdb4737e.js Requested by Host: secure.deftpaymentsystems.com URL: https://secure.deftpaymentsystems.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.204.101.157 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-101-157.fra50.r.cloudfront.net Software nginx/1.17.5 / Resource Hash fecc1e6a2156b7e0c3f1599c2799e4e904967c8592cbb3e5dc6ad773fdb4737e Request headers Referer https://secure.deftpaymentsystems.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Fri, 27 Aug 2021 17:21:52 GMT Content-Encoding gzip Age 525159 X-Cache Hit from cloudfront Connection keep-alive Content-Length 49261 Access-Control-Allow-Origin * Last-Modified Fri, 27 Aug 2021 16:42:24 GMT Server nginx/1.17.5 ETag "612915f0-c06d" Vary Accept-Encoding Content-Type application/javascript Via 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront) Cache-Control public, max-age=315360000 X-Amz-Cf-Pop FRA50-C1 X-Amz-Cf-Id QGhpVH6LVDEMcR8vAbr9Uky3WVbfVYs1nPfZ0auL9vpTVbC3K55XeA==
GET H/1.1	200 OK	pages_v2_default-8a3a4eb4903ade9e9f58c2afec56937ec52023f6636d9381f0f362d7df1d4636.css d30itml3t0pwpf.cloudfront.net/assets/	54 KB 9 KB	46ms 11ms	Stylesheet text/css	143.204.101.157 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d30itml3t0pwpf.cloudfront.net/assets/pages_v2_default-8a3a4eb4903ade9e9f58c2afec56937ec52023f6636d9381f0f362d7df1d4636.css Requested by Host: secure.deftpaymentsystems.com URL: https://secure.deftpaymentsystems.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.204.101.157 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-101-157.fra50.r.cloudfront.net Software nginx/1.17.5 / Resource Hash 8a3a4eb4903ade9e9f58c2afec56937ec52023f6636d9381f0f362d7df1d4636 Request headers Referer https://secure.deftpaymentsystems.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sun, 25 Jul 2021 00:14:00 GMT Content-Encoding gzip Age 3438031 X-Cache Hit from cloudfront Connection keep-alive Content-Length 9053 Access-Control-Allow-Origin * Last-Modified Thu, 22 Jul 2021 20:53:08 GMT Server nginx/1.17.5 ETag "60f9dab4-235d" Vary Accept-Encoding Content-Type text/css Via 1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront) Cache-Control public, max-age=315360000 X-Amz-Cf-Pop FRA50-C1 X-Amz-Cf-Id AJokxgPSow372nMjNSqiCLF6sf6NOpwLseExRqT6gPvDywx6rw8Yqg==
GET H2	200	css fonts.googleapis.com/	10 KB 963 B	16ms 15ms	Stylesheet text/css	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans%7CLato%7CRoboto%3A300%2C400%2C500%2C700 Requested by Host: secure.deftpaymentsystems.com URL: https://secure.deftpaymentsystems.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 574f0a11d8151aad523e3df9128bb42ac7aa9a894cf137727de9d6526d6e2f50 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://secure.deftpaymentsystems.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 02 Sep 2021 19:14:31 GMT server ESF date Thu, 02 Sep 2021 19:14:31 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 02 Sep 2021 19:14:31 GMT
GET H/1.1	200 OK	1604432094-477a55f4 d30itml3t0pwpf.cloudfront.net/api/v3/medias/15123712/image/opt/original/	17 KB 17 KB	414ms 379ms	Image image/png	143.204.101.157 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d30itml3t0pwpf.cloudfront.net/api/v3/medias/15123712/image/opt/original/1604432094-477a55f4 Requested by Host: secure.deftpaymentsystems.com URL: https://secure.deftpaymentsystems.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.204.101.157 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-101-157.fra50.r.cloudfront.net Software nginx/1.17.5 / Resource Hash 7919fa52d27fa0111fd7b8bef51462a96d9857b6b3f3a19da409a04996ec0024 Security Headers Name Value Content-Security-Policy default-src 'none' Strict-Transport-Security max-age=300 Request headers Referer https://secure.deftpaymentsystems.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Thu, 02 Sep 2021 19:14:31 GMT Via 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA50-C1 Transfer-Encoding chunked X-Cache Miss from cloudfront Content-Transfer-Encoding binary Content-Disposition inline; filename="deft-logo.png" Connection keep-alive X-Request-Id 23826f7b-b522-4d8c-ae7d-a943cd0af886 X-Runtime 0.083076 Last-Modified Tue, 03 Nov 2020 19:34:54 GMT Server nginx/1.17.5 ETag "de8da4bbdd0f1b55d11a6266caa7df94" X-Download-Options noopen Strict-Transport-Security max-age=300 Content-Language en Cache-Control max-age=2592000, public Content-Security-Policy default-src 'none' Content-Type image/png X-Amz-Cf-Id APlsR34kYDkbwGKYE8jc_8M90xcHFbVSPztXTVMgQHQdrGMbEnOkMw== Expires Sat, 02 Oct 2021 19:14:31 GMT
GET H/1.1	200 OK	1548814461-aef9be92 d30itml3t0pwpf.cloudfront.net/api/v3/medias/13856408/image/opt/original/	41 KB 42 KB	548ms 501ms	Image image/png	143.204.101.157 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d30itml3t0pwpf.cloudfront.net/api/v3/medias/13856408/image/opt/original/1548814461-aef9be92 Requested by Host: secure.deftpaymentsystems.com URL: https://secure.deftpaymentsystems.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.204.101.157 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-101-157.fra50.r.cloudfront.net Software nginx/1.17.5 / Resource Hash e20de418dc0c69b8ca9ee3d7db046d163c9faec186ca485b77e8aa1cb6c3672c Security Headers Name Value Content-Security-Policy default-src 'none' Strict-Transport-Security max-age=300 Request headers Referer https://secure.deftpaymentsystems.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Thu, 02 Sep 2021 19:14:31 GMT Via 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA50-C1 Transfer-Encoding chunked X-Cache Miss from cloudfront Content-Transfer-Encoding binary Content-Disposition inline; filename="cc-logos.png" Connection keep-alive X-Request-Id feae58ee-2b3b-49fc-925e-84cb2fb60bde X-Runtime 0.099123 Last-Modified Wed, 30 Jan 2019 02:14:21 GMT Server nginx/1.17.5 ETag "3eac509b128c5b225790f809ded42ffc" X-Download-Options noopen Strict-Transport-Security max-age=300 Content-Language en Cache-Control max-age=2592000, public Content-Security-Policy default-src 'none' Content-Type image/png X-Amz-Cf-Id AWaep1J9kP6B2-vxqwkmA2_-MHGXnfFtHpjeefs0vlyZIC9y0Ab8ig== Expires Sat, 02 Oct 2021 19:14:31 GMT
GET H2	200	popups.json Show response www.wishpond.com/	13 B 1 KB	118ms 117ms	XHR application/json	54.146.192.246 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.wishpond.com/popups.json?merchant_id=1390859&url=https%3A%2F%2Fsecure.deftpaymentsystems.com%2F&social_campaign_id=2591675 Requested by Host: cdn.wishpond.net URL: https://cdn.wishpond.net/connect.js?merchantId=1390859&socialCampaignId=2591675&writeKey=ae4b18ea7554 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.146.192.246 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-146-192-246.compute-1.amazonaws.com Software nginx/1.17.5 / Resource Hash 96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a Security Headers Name Value Content-Security-Policy default-src 'self'; base-uri 'self'; child-src 'self'; connect-src wss: *.wishpond.com; font-src 'self' data: https:; frame-ancestors 'self'; frame-src 'self' cdn.wishpond.net evergenius-webframes.wishpond.com; img-src 'self' blob: data: https:; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: d30itml3t0pwpf.cloudfront.net cdn.wishpond.net ajax.googleapis.com; style-src 'self' 'unsafe-inline' https:; worker-src 'self' Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://secure.deftpaymentsystems.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 X-Requested-With XMLHttpRequest Response headers date Thu, 02 Sep 2021 19:14:32 GMT content-encoding gzip x-content-type-options nosniff p3p CP="NON" strict-transport-security max-age=300 vary Accept-Encoding, Origin x-xss-protection 1; mode=block x-request-id f7c34ae8-eb6d-4c80-83d3-60258f39a809 x-runtime 0.018554 server nginx/1.17.5 x-frame-options DENY x-download-options noopen access-control-max-age 600 access-control-allow-methods GET, POST, PATCH, PUT, DELETE, OPTIONS content-language en-US access-control-allow-origin https://secure.deftpaymentsystems.com access-control-expose-headers access-control-allow-credentials true content-security-policy default-src 'self'; base-uri 'self'; child-src 'self'; connect-src wss: *.wishpond.com; font-src 'self' data: https:; frame-ancestors 'self'; frame-src 'self' cdn.wishpond.net evergenius-webframes.wishpond.com; img-src 'self' blob: data: https:; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: d30itml3t0pwpf.cloudfront.net cdn.wishpond.net ajax.googleapis.com; style-src 'self' 'unsafe-inline' https:; worker-src 'self' content-type application/json; charset=utf-8
OPTIONS H2	200	popups.json www.wishpond.com/	0 0	297ms 97ms	Preflight text/plain	54.146.192.246 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.wishpond.com/popups.json?merchant_id=1390859&url=https%3A%2F%2Fsecure.deftpaymentsystems.com%2F&social_campaign_id=2591675 Protocol H2 Server 54.146.192.246 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-146-192-246.compute-1.amazonaws.com Software nginx/1.17.5 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=300 Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers x-requested-with Origin https://secure.deftpaymentsystems.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode cors Response headers date Thu, 02 Sep 2021 19:14:31 GMT content-type text/plain server nginx/1.17.5 vary Accept-Encoding strict-transport-security max-age=300 access-control-allow-origin https://secure.deftpaymentsystems.com access-control-allow-methods GET, POST, PATCH, PUT, DELETE, OPTIONS access-control-expose-headers access-control-max-age 600 access-control-allow-credentials true access-control-allow-headers x-requested-with x-request-id bbc8bacd-b2b2-4c4c-9d22-57357b551c67 x-runtime 0.000785 x-download-options noopen content-encoding gzip
GET H/1.1	200 OK	1604432902-6091d6f9 d30itml3t0pwpf.cloudfront.net/api/v3/medias/15123745/image/opt/original/	20 KB 21 KB	464ms 463ms	Image image/jpeg	143.204.101.157 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d30itml3t0pwpf.cloudfront.net/api/v3/medias/15123745/image/opt/original/1604432902-6091d6f9 Requested by Host: secure.deftpaymentsystems.com URL: https://secure.deftpaymentsystems.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.204.101.157 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-101-157.fra50.r.cloudfront.net Software nginx/1.17.5 / Resource Hash 856bd89b6e065069a45a09743e5e3e33631eff687cc3caf21f048751685a0453 Security Headers Name Value Content-Security-Policy default-src 'none' Strict-Transport-Security max-age=300 Request headers Referer https://secure.deftpaymentsystems.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Thu, 02 Sep 2021 19:14:32 GMT Via 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA50-C1 Transfer-Encoding chunked X-Cache Miss from cloudfront Content-Transfer-Encoding binary Content-Disposition inline; filename="slide22.jpg" Connection keep-alive X-Request-Id 0a3ffa1a-e876-4367-8d06-49c14c918480 X-Runtime 0.081537 Last-Modified Tue, 03 Nov 2020 19:48:22 GMT Server nginx/1.17.5 ETag "9d0e95dd7b36da739bf234ba228bd146" X-Download-Options noopen Strict-Transport-Security max-age=300 Content-Language en Cache-Control max-age=2592000, public Content-Security-Policy default-src 'none' Content-Type image/jpeg X-Amz-Cf-Id uq-bPSJ6TRgg-OVVzDaT4xHXm17qUeIecJcE0vZWrFCAUVZizxlLEg== Expires Sat, 02 Oct 2021 19:14:32 GMT
GET H2	200	mem8YaGs126MiZpBA-UFVZ0b.woff2 fonts.gstatic.com/s/opensans/v23/	14 KB 14 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans%7CLato%7CRoboto%3A300%2C400%2C500%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://secure.deftpaymentsystems.com Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 28 Aug 2021 08:52:43 GMT x-content-type-options nosniff age 469308 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14440 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:23:25 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 28 Aug 2022 08:52:43 GMT
GET H2	200	S6uyw4BMUTPHjx4wXg.woff2 fonts.gstatic.com/s/lato/v20/	23 KB 23 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans%7CLato%7CRoboto%3A300%2C400%2C500%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://secure.deftpaymentsystems.com Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 28 Aug 2021 17:38:06 GMT x-content-type-options nosniff age 437785 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23484 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:19:01 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 28 Aug 2022 17:38:06 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v27/	15 KB 15 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans%7CLato%7CRoboto%3A300%2C400%2C500%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://secure.deftpaymentsystems.com Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 28 Aug 2021 11:31:42 GMT x-content-type-options nosniff age 459769 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15688 x-xss-protection 0 last-modified Mon, 05 Apr 2021 21:10:35 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 28 Aug 2022 11:31:42 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v27/	16 KB 16 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans%7CLato%7CRoboto%3A300%2C400%2C500%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://secure.deftpaymentsystems.com Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 12:23:16 GMT x-content-type-options nosniff age 197475 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15920 x-xss-protection 0 last-modified Mon, 05 Apr 2021 21:10:39 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 31 Aug 2022 12:23:16 GMT
OPTIONS H2	200	pages.json www.wishpond.com/pages/v2r/2591675/	0 0	224ms 100ms	Preflight text/plain	54.146.192.246 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.wishpond.com/pages/v2r/2591675/pages.json?variation_id=2838582 Protocol H2 Server 54.146.192.246 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-146-192-246.compute-1.amazonaws.com Software nginx/1.17.5 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=300 Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers x-requested-with Origin https://secure.deftpaymentsystems.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode cors Response headers date Thu, 02 Sep 2021 19:14:31 GMT content-type text/plain server nginx/1.17.5 vary Accept-Encoding strict-transport-security max-age=300 access-control-allow-origin https://secure.deftpaymentsystems.com access-control-allow-methods GET, POST, PATCH, PUT, DELETE, OPTIONS access-control-expose-headers access-control-max-age 600 access-control-allow-credentials true access-control-allow-headers x-requested-with x-request-id 3b4ede5e-4a5b-4937-8485-38f87475dc2e x-runtime 0.001125 x-download-options noopen content-encoding gzip
GET H2	200	pages.json Show response www.wishpond.com/pages/v2r/2591675/	47 KB 10 KB	114ms 113ms	XHR application/json	54.146.192.246 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.wishpond.com/pages/v2r/2591675/pages.json?variation_id=2838582 Requested by Host: d30itml3t0pwpf.cloudfront.net URL: https://d30itml3t0pwpf.cloudfront.net/assets/pages_v2r-fecc1e6a2156b7e0c3f1599c2799e4e904967c8592cbb3e5dc6ad773fdb4737e.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.146.192.246 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-146-192-246.compute-1.amazonaws.com Software nginx/1.17.5 / Resource Hash 7917dc282ffc2d2b90a84f3141b842c1199c9ee6c05df9c7093ed6ed151195df Security Headers Name Value Strict-Transport-Security max-age=300 Request headers Accept application/json Referer https://secure.deftpaymentsystems.com/ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-wishpond-prefix PagesV2r/50d39f/1 date Thu, 02 Sep 2021 19:14:32 GMT content-encoding gzip x-wishpond-queries 0 x-wishpond-version 20200910000001 x-wishpond-generated 2021-08-27 18:24:38 +0000 p3p CP="NON" strict-transport-security max-age=300 vary Accept-Encoding, Origin x-request-id 18692d4f-58dd-4d24-853e-2a8a3fd32b92 x-runtime 0.013573 server nginx/1.17.5 x-wishpond-host wishpondv1-server-6c79684dd5-ll9r9 access-control-max-age 600 access-control-allow-methods GET, POST, PATCH, PUT, DELETE, OPTIONS content-language en-US access-control-allow-origin https://secure.deftpaymentsystems.com access-control-expose-headers access-control-allow-credentials true x-wishpond-guard 1630088676.8569229 content-type application/json; charset=utf-8
POST H2	201	view Show response bookie.wishpond.com/v1/social_campaigns/2591675/variations/2838582/	0 289 B	196ms 196ms	XHR text/plain	34.206.56.181 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bookie.wishpond.com/v1/social_campaigns/2591675/variations/2838582/view Requested by Host: d30itml3t0pwpf.cloudfront.net URL: https://d30itml3t0pwpf.cloudfront.net/assets/pages_v2r-fecc1e6a2156b7e0c3f1599c2799e4e904967c8592cbb3e5dc6ad773fdb4737e.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.206.56.181 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-206-56-181.compute-1.amazonaws.com Software nginx/1.14.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://secure.deftpaymentsystems.com/ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers x-runtime 0.091913 date Thu, 02 Sep 2021 19:14:32 GMT server nginx/1.14.2 vary Origin access-control-allow-methods GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD content-type text/plain access-control-allow-origin * access-control-max-age 600 cache-control no-cache x-request-id 3721ff3e-8747-4029-80ed-0ef55e9f7cf4 access-control-expose-headers Link
OPTIONS H2	200	view bookie.wishpond.com/v1/social_campaigns/2591675/variations/2838582/	0 0	324ms 104ms	Preflight text/plain	34.206.56.181 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bookie.wishpond.com/v1/social_campaigns/2591675/variations/2838582/view Protocol H2 Server 34.206.56.181 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-206-56-181.compute-1.amazonaws.com Software nginx/1.14.2 / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers x-requested-with Origin https://secure.deftpaymentsystems.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode cors Response headers date Thu, 02 Sep 2021 19:14:32 GMT content-type text/plain server nginx/1.14.2 access-control-allow-origin * access-control-allow-methods GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD access-control-expose-headers Link access-control-max-age 600 access-control-allow-headers x-requested-with

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| ES6Promise function| _s object| Base64 object| XD object| fastdom object| Wishpond function| CrossStorageClient number| len object| prototype string| k object| Honeybadger function| jqlite function| strftime function| strftimeTZ function| strftimeUTC function| localizedStrftime function| Tooltip function| SelectDropdown function| Calendar function| _wp object| wishpondApp object| $$jqListeners

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			secure.deftpaymentsystems.com/	1970-01-20 05:42:26	Name: userTracker Value: "6rq3tghp33uzrbna"

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://cdn.wishpond.net/connect.js?merchantId=1390859&socialCampaignId=2591675&writeKey=ae4b18ea7554(Line 5) Message: get userTracker SyntaxError: Unexpected end of JSON input
console-api	warning	URL: https://cdn.wishpond.net/connect.js?merchantId=1390859&socialCampaignId=2591675&writeKey=ae4b18ea7554(Line 5) Message: get participation:2838582 SyntaxError: Unexpected end of JSON input

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bookie.wishpond.com
cdn.wishpond.net
d30itml3t0pwpf.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
secure.deftpaymentsystems.com
www.wishpond.com
143.204.101.157
143.204.98.25
2a00:1450:4001:808::2003
2a00:1450:4001:82f::200a
34.206.56.181
52.200.3.74
54.146.192.246
1cf8f82ea1fee9bb2e05066d1287ac05b0d657f72eff947ba9272fa1c3322749
574f0a11d8151aad523e3df9128bb42ac7aa9a894cf137727de9d6526d6e2f50
7917dc282ffc2d2b90a84f3141b842c1199c9ee6c05df9c7093ed6ed151195df
7919fa52d27fa0111fd7b8bef51462a96d9857b6b3f3a19da409a04996ec0024
856bd89b6e065069a45a09743e5e3e33631eff687cc3caf21f048751685a0453
8a3a4eb4903ade9e9f58c2afec56937ec52023f6636d9381f0f362d7df1d4636
96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d7d8c4987dea51905fec8ba62f772b25a89722729e9ae9a67bb5166d2d13a383
e20de418dc0c69b8ca9ee3d7db046d163c9faec186ca485b77e8aa1cb6c3672c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fecc1e6a2156b7e0c3f1599c2799e4e904967c8592cbb3e5dc6ad773fdb4737e