v2.payment.helloclever.co Open in urlscan Pro
20.92.95.235  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response v2.payment.helloclever.co/	4 KB 2 KB	85ms 25ms	Document text/html	20.92.95.235 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://v2.payment.helloclever.co/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 20.92.95.235 Sydney Olympic Park, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash d9b163789e2b7212db81c0c8cb91f4dc9d11ac8abba7f7d54d1fe3c7e5a6cca6 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html Date Mon, 16 Dec 2024 10:04:49 GMT ETag W/"675a5703-f13" Last-Modified Thu, 12 Dec 2024 03:22:43 GMT Server nginx Transfer-Encoding chunked
GET H2	200	css2 fonts.googleapis.com/	6 KB 932 B	267ms 122ms	Stylesheet text/css	2404:6800:4006:80f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Sora:wght@200;300;400;500;600;700;800&display=swap Requested by Host: v2.payment.helloclever.co URL: https://v2.payment.helloclever.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4006:80f::200a Sydney, Australia, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e85c9f3810212bb208334bfbb7c84af3279fe36ac28bce3a05faa9294ac285f9 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://v2.payment.helloclever.co/ Response headers content-encoding gzip x-content-type-options nosniff expires Mon, 16 Dec 2024 10:04:49 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 16 Dec 2024 10:04:49 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Mon, 16 Dec 2024 10:04:49 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H/1.1	200 OK	main.c6ac54fd.js Show response v2.payment.helloclever.co/static/js/	4 MB 4 MB	49ms 48ms	Script application/javascript	20.92.95.235 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://v2.payment.helloclever.co/static/js/main.c6ac54fd.js Requested by Host: v2.payment.helloclever.co URL: https://v2.payment.helloclever.co/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 20.92.95.235 Sydney Olympic Park, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash 4d2e3bd49f9b05bd22dc5931304dc37dcd9081ba830e58802a7564d6e24fbda9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://v2.payment.helloclever.co/ Response headers ETag "675a5703-449ab5" Connection keep-alive Accept-Ranges bytes Content-Length 4496053 Date Mon, 16 Dec 2024 10:04:49 GMT Content-Type application/javascript Last-Modified Thu, 12 Dec 2024 03:22:43 GMT Server nginx
GET H/1.1	200 OK	main.796b5a4f.css v2.payment.helloclever.co/static/css/	61 KB 61 KB	97ms 48ms	Stylesheet text/css	20.92.95.235 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://v2.payment.helloclever.co/static/css/main.796b5a4f.css Requested by Host: v2.payment.helloclever.co URL: https://v2.payment.helloclever.co/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 20.92.95.235 Sydney Olympic Park, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash 7a232f4a485980c524b83e58144db4d336d676092ad19060ca06ee283494826e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://v2.payment.helloclever.co/ Response headers ETag "675a5703-f362" Connection keep-alive Accept-Ranges bytes Content-Length 62306 Date Mon, 16 Dec 2024 10:04:49 GMT Content-Type text/css Last-Modified Thu, 12 Dec 2024 03:22:43 GMT Server nginx
GET H2	200	gtm.js Show response www.googletagmanager.com/	198 KB 72 KB	293ms 141ms	Script application/javascript	2404:6800:4006:812::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-5BRHQ4H9 Requested by Host: v2.payment.helloclever.co URL: https://v2.payment.helloclever.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4006:812::2008 Sydney, Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash cbb11dd77221d5ae491f072ac2d38820d29589f9fd2d6958a6c998746e4456f9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://v2.payment.helloclever.co/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],} expires Mon, 16 Dec 2024 10:04:49 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 16 Dec 2024 10:04:49 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Mon, 16 Dec 2024 09:00:00 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 72726 x-xss-protection 0 server Google Tag Manager
GET H2	200	css2 fonts.googleapis.com/	2 KB 638 B	125ms 124ms	Stylesheet text/css	2404:6800:4006:80f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Mulish:wght@500&display=swap Requested by Host: v2.payment.helloclever.co URL: https://v2.payment.helloclever.co/static/css/main.796b5a4f.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4006:80f::200a Sydney, Australia, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 5fcd0a22bb10bfbd3cba9df9fc3f2e4737e501bb160588a6c0ab27ce0140dbe4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://v2.payment.helloclever.co/ Response headers content-encoding gzip x-content-type-options nosniff expires Mon, 16 Dec 2024 10:04:49 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 16 Dec 2024 10:04:49 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Mon, 16 Dec 2024 10:04:49 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	v3 Show response js.stripe.com/	692 KB 181 KB	100ms 33ms	Script text/javascript	18.67.110.56 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3 Requested by Host: v2.payment.helloclever.co URL: https://v2.payment.helloclever.co/static/js/main.c6ac54fd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.110.56 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-110-56.syd62.r.cloudfront.net Software Cloudfront / Resource Hash bde6d5fb61a996e7934ade68f22c8f9b1d8576f6fef15cc93f625f6b762241b1 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://v2.payment.helloclever.co/ Response headers content-encoding br etag W/"3e9e610d0a0384c7524e78304f48af93" age 44 x-content-type-options nosniff alt-svc h3=":443"; ma=86400 x-cache Hit from cloudfront x-amz-cf-id tqnhQjz32sC7yNitEyB4-lwEGkNVrCyfyjVFfE1xJdmhYOtsZnlsFw== date Mon, 16 Dec 2024 10:04:13 GMT content-type text/javascript; charset=utf-8 last-modified Fri, 13 Dec 2024 21:45:35 GMT vary Accept-Encoding strict-transport-security max-age=31556926; includeSubDomains; preload cache-control max-age=60 timing-allow-origin * via 1.1 7fe70ef74e6a71dc6fcd4b1b62861ffc.cloudfront.net (CloudFront) access-control-allow-origin * x-amz-cf-pop SYD62-P2 server Cloudfront
GET H/1.1	200 OK	firebase Show response ecom.helloclever.co/api/v1/service_keys/	715 B 2 KB	65ms 26ms	XHR application/json	20.213.211.192 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://ecom.helloclever.co/api/v1/service_keys/firebase Requested by Host: v2.payment.helloclever.co URL: https://v2.payment.helloclever.co/static/js/main.c6ac54fd.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 20.213.211.192 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash d0e91d5e701957548ad9b0a57e329924a7c96ea931e955da3409d40f9cdb85f3 Security Headers Name Value Content-Security-Policy default-src 'none'; script-src https://www.google-analytics.com; style-src https://fonts.googleapis.com; img-src https://www.example.com; font-src 'self' data:; connect-src 'self'; object-src 'none'; media-src 'self'; frame-src 'none' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Accept application/json, text/plain, */* Referer https://v2.payment.helloclever.co/ Response headers access-control-max-age 7200 X-Request-Id 3d82265c-308c-4cec-8a58-5b2e49820320 access-control-expose-headers ETag W/"d0e91d5e701957548ad9b0a57e329924" access-control-allow-methods GET, POST, PATCH, PUT, DELETE X-Content-Type-Options nosniff Date Mon, 16 Dec 2024 10:04:50 GMT Content-Type application/json; charset=utf-8 vary Origin X-Runtime 0.003955 X-Frame-Options SAMEORIGIN Transfer-Encoding chunked Content-Security-Policy default-src 'none'; script-src https://www.google-analytics.com; style-src https://fonts.googleapis.com; img-src https://www.example.com; font-src 'self' data:; connect-src 'self'; object-src 'none'; media-src 'self'; frame-src 'none' Cache-Control max-age=0, private, must-revalidate Connection keep-alive Referrer-Policy strict-origin-when-cross-origin Permissions-Policy your-permissions-policy-directives access-control-allow-origin * Server nginx/1.18.0 (Ubuntu)
GET H/1.1	200 OK	google Show response ecom.helloclever.co/api/v1/service_keys/	114 B 1 KB	53ms 17ms	XHR application/json	20.213.211.192 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://ecom.helloclever.co/api/v1/service_keys/google Requested by Host: v2.payment.helloclever.co URL: https://v2.payment.helloclever.co/static/js/main.c6ac54fd.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 20.213.211.192 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 34a210836e72e80dd49e3091c434d9a9a66486ad56a22d4db73b97b6e299226a Security Headers Name Value Content-Security-Policy default-src 'none'; script-src https://www.google-analytics.com; style-src https://fonts.googleapis.com; img-src https://www.example.com; font-src 'self' data:; connect-src 'self'; object-src 'none'; media-src 'self'; frame-src 'none' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Accept application/json, text/plain, */* Referer https://v2.payment.helloclever.co/ Response headers access-control-max-age 7200 X-Request-Id 94fb09d0-3703-4899-b3c7-4ac8a97e1b36 access-control-expose-headers ETag W/"34a210836e72e80dd49e3091c434d9a9" access-control-allow-methods GET, POST, PATCH, PUT, DELETE X-Content-Type-Options nosniff Date Mon, 16 Dec 2024 10:04:50 GMT Content-Type application/json; charset=utf-8 vary Origin X-Runtime 0.003077 X-Frame-Options SAMEORIGIN Transfer-Encoding chunked Content-Security-Policy default-src 'none'; script-src https://www.google-analytics.com; style-src https://fonts.googleapis.com; img-src https://www.example.com; font-src 'self' data:; connect-src 'self'; object-src 'none'; media-src 'self'; frame-src 'none' Cache-Control max-age=0, private, must-revalidate Connection keep-alive Referrer-Policy strict-origin-when-cross-origin Permissions-Policy your-permissions-policy-directives access-control-allow-origin * Server nginx/1.18.0 (Ubuntu)
GET H2	200	events.js Show response analytics.tiktok.com/i18n/pixel/	6 KB 3 KB	308ms 243ms	Script application/javascript	23.32.5.149 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CRU5QK3C77U41Q43UOVG&lib=ttq Requested by Host: v2.payment.helloclever.co URL: https://v2.payment.helloclever.co/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.32.5.149 Sydney, Australia, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a23-32-5-149.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 178836d537cdee869924e1a62b0bc52e75e8c40d0cad6bec6f08b1521015be1c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://v2.payment.helloclever.co/ Response headers content-encoding gzip x-cache-remote TCP_MISS from a104-78-78-4.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-) expires Mon, 16 Dec 2024 10:04:50 GMT server-timing cdn-cache; desc=MISS, edge; dur=192, origin; dur=8, inner; dur=4 x-cache TCP_MISS from a23-32-5-145.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-) date Mon, 16 Dec 2024 10:04:50 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding x-akamai-request-id 484bd17d.2148d792 x-tt-trace-host 01a3a39ef0932d6d0142688a5f37cffdf3e6b4a9c7099d2e840a6174f1b664bc8eb8b47d047f2967463ab2186acb58a812c6926bcf116b64ddd135b92a1a9891bb39803149daaadadc3bbc0c8fbcaabbda1fca8d97f50782332e421617354b209a5477cbb048b535db7e12ed2a4b5c9b62 x-origin-response-time 8,104.78.78.4 cache-control max-age=0, no-cache, no-store pragma no-cache x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-2412161004504E562D9D880B118C04A6-553A3E9950740DDC-00 x-parent-response-time 200,23.32.5.145 x-tt-logid 202412161004504E562D9D880B118C04A6 server nginx
GET H2	200	js Show response www.googletagmanager.com/gtag/	397 KB 129 KB	153ms 152ms	Script application/javascript	2404:6800:4006:812::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-Z9QC53LQEY Requested by Host: v2.payment.helloclever.co URL: https://v2.payment.helloclever.co/static/js/main.c6ac54fd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4006:812::2008 Sydney, Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 19f3136daf12d38bdb746db572adff17c2ac438275bbe763e35a0780916165e5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://v2.payment.helloclever.co/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Mon, 16 Dec 2024 10:04:50 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 16 Dec 2024 10:04:50 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 131811 x-xss-protection 0 server Google Tag Manager
GET H2	200	js Show response www.googletagmanager.com/gtag/	397 KB 129 KB	236ms 235ms	Script application/javascript	2404:6800:4006:812::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-Z9QC53LQEY&l=dataLayer&cx=c&gtm=45He4cc1v9182399891za200 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5BRHQ4H9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4006:812::2008 Sydney, Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 7c166283c508455ea71b622e6fb509ce0e5ac879341219d397796fe053610f09 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://v2.payment.helloclever.co/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Mon, 16 Dec 2024 10:04:50 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 16 Dec 2024 10:04:50 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 131772 x-xss-protection 0 server Google Tag Manager
POST H/1.1	422 Unprocessable Entity	payment_info Show response ecom.helloclever.co/v2/ecom/	120 B 1 KB	113ms 111ms	XHR application/json	20.213.211.192 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://ecom.helloclever.co/v2/ecom/payment_info Requested by Host: v2.payment.helloclever.co URL: https://v2.payment.helloclever.co/static/js/main.c6ac54fd.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 20.213.211.192 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 33e642d8fd3f4a8280a5fe3965c7854cef21860cbeceb520bc021ded9224030b Security Headers Name Value Content-Security-Policy default-src 'none'; script-src https://www.google-analytics.com; style-src https://fonts.googleapis.com; img-src https://www.example.com; font-src 'self' data:; connect-src 'self'; object-src 'none'; media-src 'self'; frame-src 'none' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://v2.payment.helloclever.co/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Accept application/json, text/plain, */* Content-Type application/json Response headers access-control-max-age 7200 X-Request-Id ccd1c73a-7f5e-4f23-9c1e-d0f9a600e4ea access-control-expose-headers access-control-allow-methods GET, POST, PATCH, PUT, DELETE X-Content-Type-Options nosniff Date Mon, 16 Dec 2024 10:04:50 GMT Content-Type application/json; charset=utf-8 vary Origin X-Runtime 0.097092 X-Frame-Options SAMEORIGIN Transfer-Encoding chunked Content-Security-Policy default-src 'none'; script-src https://www.google-analytics.com; style-src https://fonts.googleapis.com; img-src https://www.example.com; font-src 'self' data:; connect-src 'self'; object-src 'none'; media-src 'self'; frame-src 'none' Cache-Control no-cache Connection keep-alive Referrer-Policy strict-origin-when-cross-origin Permissions-Policy your-permissions-policy-directives access-control-allow-origin * Server nginx/1.18.0 (Ubuntu)
OPTIONS H/1.1	200 OK	payment_info ecom.helloclever.co/v2/ecom/ Frame	0 0	14ms 14ms	Preflight	20.213.211.192 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://ecom.helloclever.co/v2/ecom/payment_info Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 20.213.211.192 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://v2.payment.helloclever.co Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers Connection keep-alive Date Mon, 16 Dec 2024 10:04:50 GMT Server nginx/1.18.0 (Ubuntu) Transfer-Encoding chunked access-control-allow-headers content-type access-control-allow-methods GET, POST, PATCH, PUT, DELETE access-control-allow-origin * access-control-expose-headers access-control-max-age 7200
GET H2	200	main.MWZiM2ZlMGNjMQ.js Show response analytics.tiktok.com/i18n/pixel/static/	351 KB 97 KB	66ms 65ms	Script application/javascript	23.32.5.149 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CRU5QK3C77U41Q43UOVG&lib=ttq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.32.5.149 Sydney, Australia, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a23-32-5-149.deploy.static.akamaitechnologies.com Software nginx / Resource Hash da2d5cc7a936d3108413875e85969ff2e0a1bc79e4c9df4fabadb1ec9198e215 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://v2.payment.helloclever.co/ Response headers x-cache TCP_HIT from a23-32-5-145.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-) vary Accept-Encoding cache-control public, max-age=31536000, immutable content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server-timing cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=5 x-tt-trace-id 00-24121013344739ED9E54148A7FA55867-0E6C63CDA04DE0C8-00 content-length 98569 date Mon, 16 Dec 2024 10:04:50 GMT content-type application/javascript; charset=UTF-8 x-tt-logid 2024121013344739ED9E54148A7FA55867 server nginx x-akamai-request-id 2148d8de x-tt-trace-host 01ce8eb8174883bced23af9f4c557602adad3031fd00ad23b261a93d502de5dd6106bf413630b7f879f195881e54307ba26f501f9ff38108d805b9c583e425dd6913971ee606f2d91e016abc4038b8d8ceca6cef2170171155a4a183836c96004c
GET H/1.1	200 OK	hologram-background.e09194d25bfbb6ad7729.png v2.payment.helloclever.co/static/media/	265 KB 265 KB	25ms 25ms	Image image/png	20.92.95.235 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://v2.payment.helloclever.co/static/media/hologram-background.e09194d25bfbb6ad7729.png Requested by Host: v2.payment.helloclever.co URL: https://v2.payment.helloclever.co/not-found Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 20.92.95.235 Sydney Olympic Park, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash eefbfe01410f7dd5ccb5b4c9363451b8bd0f83b1c7d2619af29d5a2ebe9d0aab Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://v2.payment.helloclever.co/not-found Response headers ETag "675a5703-42338" Connection keep-alive Accept-Ranges bytes Content-Length 271160 Date Mon, 16 Dec 2024 10:04:50 GMT Content-Type image/png Last-Modified Thu, 12 Dec 2024 03:22:43 GMT Server nginx
GET H3	200	xMQbuFFYT72XzQUpDg.woff2 fonts.gstatic.com/s/sora/v12/	33 KB 33 KB	149ms 26ms	Font font/woff2	142.251.221.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sora/v12/xMQbuFFYT72XzQUpDg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Sora:wght@200;300;400;500;600;700;800&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s31-in-f3.1e100.net Software sffe / Resource Hash 714cfbc8e4b3f224102a517dd5f39c85e114b27163602159deee4d8c4a8602f0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://v2.payment.helloclever.co Referer https://fonts.googleapis.com/ Response headers age 244489 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Sat, 13 Dec 2025 14:10:01 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 13 Dec 2024 14:10:01 GMT last-modified Wed, 13 Sep 2023 22:16:38 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 33616 x-xss-protection 0 server sffe
GET H3	200	css2 fonts.googleapis.com/	6 KB 488 B	219ms 218ms	Font text/css	142.250.66.202 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Sora:wght@200;300;400;500;600;700;800&display=swap Requested by Host: v2.payment.helloclever.co URL: https://v2.payment.helloclever.co/static/css/main.796b5a4f.css Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.66.202 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s23-in-f10.1e100.net Software ESF / Resource Hash e85c9f3810212bb208334bfbb7c84af3279fe36ac28bce3a05faa9294ac285f9 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://v2.payment.helloclever.co Referer https://v2.payment.helloclever.co/ Response headers content-encoding gzip x-content-type-options nosniff expires Mon, 16 Dec 2024 10:04:50 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 16 Dec 2024 10:04:50 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Mon, 16 Dec 2024 10:04:50 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	identify_45dd5971.js Show response analytics.tiktok.com/i18n/pixel/static/	146 KB 39 KB	28ms 27ms	Script application/javascript	23.32.5.149 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/identify_45dd5971.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.32.5.149 Sydney, Australia, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a23-32-5-149.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://v2.payment.helloclever.co/ Response headers x-cache TCP_MEM_HIT from a23-32-5-145.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-) vary Accept-Encoding cache-control public, max-age=31536000, immutable content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server-timing cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4 x-tt-trace-id 00-2411150512448CDC50C1F5B324141561-586345A444F865DE-00 content-length 39319 date Mon, 16 Dec 2024 10:04:50 GMT content-type application/javascript; charset=UTF-8 x-tt-logid 202411150512448CDC50C1F5B324141561 server nginx x-akamai-request-id 2148d96c x-tt-trace-host 0176f2451636b8787fcc3b16434fc7d0e1249ca5ca7702da4927a6475ab2b7bde91dfb2ba136b15591a4f0ce30cfb0c46933247323e2bd085e0afe7b08c39d61edd1c56d07931b7019a889d5df1f614184eea79b1cc0e76647032c4e2e5b6a821b
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 875 B	266ms 265ms	Ping text/plain	23.32.5.149 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.32.5.149 Sydney, Australia, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a23-32-5-149.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://v2.payment.helloclever.co/ Response headers x-cache-remote TCP_MISS from a104-78-78-4.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-) access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE expires Mon, 16 Dec 2024 10:04:51 GMT server-timing cdn-cache; desc=MISS, edge; dur=199, origin; dur=24, inner; dur=21 x-cache TCP_MISS from a23-32-5-145.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-) date Mon, 16 Dec 2024 10:04:51 GMT x-akamai-request-id 484bf619.2148d973 access-control-allow-headers Authorization,* x-tt-trace-host 01a3a39ef0932d6d0142688a5f37cffdf3e6b4a9c7099d2e840a6174f1b664bc8eb8b47d047f2967463ab2186acb58a81247c983745448a52a2853b787e3ef29efb9753de3089e261915169ea644028441841b40590cc4d63a3930ea688bc6d57b4a3e090c3a0875668a3c45719b1682c8 x-origin-response-time 24,104.78.78.4 cache-control max-age=0, no-cache, no-store pragma no-cache x-tt-trace-tag id=16;cdn-cache=miss;type=dyn access-control-allow-origin * x-tt-trace-id 00-2412161004500127708215A790BA6D5A-2A3AC60898255DB7-00 content-length 0 x-parent-response-time 217,23.32.5.145 x-tt-logid 202412161004500127708215A790BA6D5A server nginx
POST H2	204	collect analytics.google.com/g/	0 0	242ms 99ms	Fetch text/plain	2001:4860:4802:36::181 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-Z9QC53LQEY&gtm=45je4cc1v885235428za200zb9182399891&_p=1734343489250&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=281456107.1734343491&ul=en-au&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1734343490&sct=1&seg=0&dl=https%3A%2F%2Fv2.payment.helloclever.co%2Fnot-found&dt=Hello%20Clever%20%7C%20Real-Time%20Payments%20%26%20Instant%20Cashback%20Rewards&en=page_view&_fv=1&_nsi=1&_ss=2&_ee=1&tfd=1685 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-Z9QC53LQEY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://v2.payment.helloclever.co/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://v2.payment.helloclever.co cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 16 Dec 2024 10:04:51 GMT content-type text/plain server Golfe2
POST H2	204	collect stats.g.doubleclick.net/g/	0 552 B	299ms 98ms	Ping text/plain	2404:6800:4003:c1c::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Z9QC53LQEY&cid=281456107.1734343491&gtm=45je4cc1v885235428za200zb9182399891&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-Z9QC53LQEY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c1c::9c Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://v2.payment.helloclever.co/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://v2.payment.helloclever.co cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 16 Dec 2024 10:04:51 GMT content-type text/plain server Golfe2
GET H2	200	rul td.doubleclick.net/td/ga/ Frame 10E4	0 0	273ms 127ms	Document text/html	2404:6800:4006:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://td.doubleclick.net/td/ga/rul?tid=G-Z9QC53LQEY&gacid=281456107.1734343491&gtm=45je4cc1v885235428za200zb9182399891&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=106061877 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-Z9QC53LQEY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4006:811::2002 Sydney, Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://v2.payment.helloclever.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-encoding br content-length 16 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 16 Dec 2024 10:04:51 GMT expires Fri, 01 Jan 1990 00:00:00 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	ga-audiences www.google.com.au/ads/	42 B 63 B	257ms 127ms	Image image/gif	172.217.24.35 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com.au/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Z9QC53LQEY&cid=281456107.1734343491&gtm=45je4cc1v885235428za200zb9182399891&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tag_exp=101925629~102067555~102067808~102081485~102198178&z=207628248 Requested by Host: v2.payment.helloclever.co URL: https://v2.payment.helloclever.co/not-found Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.24.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS hkg07s23-in-f35.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://v2.payment.helloclever.co/ Response headers cache-control no-cache, no-store, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Mon, 16 Dec 2024 10:04:51 GMT x-xss-protection 0 content-type image/gif server cafe
POST H2	204	collect analytics.google.com/g/	0 0	220ms 103ms	Fetch text/plain	2001:4860:4802:36::181 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-Z9QC53LQEY&gtm=45je4cc1v885235428za200zb9182399891&_p=1734343489250&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=281456107.1734343491&ul=en-au&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&dp=%2Foneclick-checkout&sid=1734343490&sct=1&seg=1&dl=https%3A%2F%2Fv2.payment.helloclever.co%2Fnot-found&dt=Hello%20Clever%20%7C%20Real-Time%20Payments%20%26%20Instant%20Cashback%20Rewards&_s=2&tfd=1714 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-Z9QC53LQEY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://v2.payment.helloclever.co/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://v2.payment.helloclever.co cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 16 Dec 2024 10:04:51 GMT content-type text/plain server Golfe2
POST H2	200	act analytics.tiktok.com/api/v2/pixel/	0 876 B	427ms 426ms	Ping text/plain	23.32.5.149 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel/act Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.32.5.149 Sydney, Australia, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a23-32-5-149.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://v2.payment.helloclever.co/ Response headers x-cache-remote TCP_MISS from a104-78-78-46.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-) access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE expires Mon, 16 Dec 2024 10:04:51 GMT server-timing cdn-cache; desc=MISS, edge; dur=199, origin; dur=35, inner; dur=30 x-cache TCP_MISS from a23-32-5-145.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-) date Mon, 16 Dec 2024 10:04:51 GMT x-akamai-request-id aaab995b.2148db41 access-control-allow-headers Authorization,* x-tt-trace-host 01a3a39ef0932d6d0142688a5f37cffdf3e6b4a9c7099d2e840a6174f1b664bc8e1d78e11d7509dc935ed0851b9e4aa8954ff9fa236ae2e14b5c9abb9fdec9a48614bd5fe5ea2a1561a6ba130e1ec0e20d5919e15d8b7467fa90218f205ae6874689b15865f6374a49c2f9e31ff84bbe11 x-origin-response-time 35,104.78.78.46 cache-control max-age=0, no-cache, no-store pragma no-cache x-tt-trace-tag id=16;cdn-cache=miss;type=dyn access-control-allow-origin * x-tt-trace-id 00-241216100451E6008128DADC527B23EE-04DD66F554834D2C-00 content-length 0 x-parent-response-time 227,23.32.5.145 x-tt-logid 20241216100451E6008128DADC527B23EE server nginx
GET H/1.1	200 OK	favicon.ico v2.payment.helloclever.co/	1 KB 1 KB	25ms 25ms	Other image/x-icon	20.92.95.235 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://v2.payment.helloclever.co/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 20.92.95.235 Sydney Olympic Park, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash 5b42b49342647b070bc9bf48a730ada28e6b2692eedf6f8a6eb2832d373f5fcb Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://v2.payment.helloclever.co/not-found Response headers ETag "675a5703-47e" Connection keep-alive Accept-Ranges bytes Content-Length 1150 Date Mon, 16 Dec 2024 10:04:51 GMT Content-Type image/x-icon Last-Modified Thu, 12 Dec 2024 03:22:43 GMT Server nginx
GET H/1.1	200 OK	favicon-32x32.png v2.payment.helloclever.co/icons/	2 KB 2 KB	25ms 25ms	Other image/png	20.92.95.235 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://v2.payment.helloclever.co/icons/favicon-32x32.png Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 20.92.95.235 Sydney Olympic Park, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash c46b632737bf0be39eefb8a13ec72b125e7ef19a3c0ddfc8a19e59478cd75b98 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://v2.payment.helloclever.co/not-found Response headers ETag "675a5703-6c5" Connection keep-alive Accept-Ranges bytes Content-Length 1733 Date Mon, 16 Dec 2024 10:04:51 GMT Content-Type image/png Last-Modified Thu, 12 Dec 2024 03:22:43 GMT Server nginx

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dataLayer object| webpackChunkcleverpay_payment_gateway string| __reactRouterVersion object| __core-js_shared__ number| 2f1acc6c3a606b082e5eef5e54414ffb function| _ object| __SENTRY__ object| google_tag_manager object| google_tag_data string| TiktokAnalyticsObject object| ttq function| Intercom object| intercomSettings function| gtag object| webpackChunkStripeJSouter function| noop function| Stripe object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks function| onYouTubeIframeAPIReady object| gaGlobal

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			v2.payment.helloclever.co/	1970-01-21 01:45:47	Name: hc_session_id Value: sess-ecw38n3lg7p
			.tiktok.com/	1970-01-21 11:07:19	Name: _ttp Value: 2qII6wJyqW5DD3aAyt1Um6borW3
			.helloclever.co/	1970-01-21 11:07:19	Name: _tt_enable_cookie Value: 1
			.helloclever.co/	1970-01-21 11:07:19	Name: _ttp Value: 2YmLVo3jb01fghNlHNkyjI3nFC6.tt.1
			.helloclever.co/	1970-01-21 11:21:43	Name: _ga Value: GA1.1.281456107.1734343491
			.helloclever.co/	1970-01-21 11:21:43	Name: _ga_Z9QC53LQEY Value: GS1.1.1734343490.1.1.1734343490.60.0.0
			.doubleclick.net/	1970-01-21 01:45:44	Name: test_cookie Value: CheckForPermission

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ecom.helloclever.co/v2/ecom/payment_info Message: Failed to load resource: the server responded with a status of 422 (Unprocessable Entity)
other	warning	URL: https://v2.payment.helloclever.co/not-found Message: Failed to decode downloaded font: https://fonts.googleapis.com/css2?family=Sora:wght@200;300;400;500;600;700;800&display=swap
other	warning	URL: https://v2.payment.helloclever.co/not-found Message: OTS parsing error: invalid sfntVersion: 791289964
other	warning	URL: https://v2.payment.helloclever.co/not-found Message: Failed to decode downloaded font: https://fonts.googleapis.com/css2?family=Sora:wght@200;300;400;500;600;700;800&display=swap
other	warning	URL: https://v2.payment.helloclever.co/not-found Message: OTS parsing error: invalid sfntVersion: 791289964

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
analytics.tiktok.com
ecom.helloclever.co
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
stats.g.doubleclick.net
td.doubleclick.net
v2.payment.helloclever.co
www.google.com.au
www.googletagmanager.com
142.250.66.202
142.251.221.67
172.217.24.35
18.67.110.56
20.213.211.192
20.92.95.235
2001:4860:4802:36::181
23.32.5.149
2404:6800:4003:c1c::9c
2404:6800:4006:80f::200a
2404:6800:4006:811::2002
2404:6800:4006:812::2008
178836d537cdee869924e1a62b0bc52e75e8c40d0cad6bec6f08b1521015be1c
19f3136daf12d38bdb746db572adff17c2ac438275bbe763e35a0780916165e5
2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4
33e642d8fd3f4a8280a5fe3965c7854cef21860cbeceb520bc021ded9224030b
34a210836e72e80dd49e3091c434d9a9a66486ad56a22d4db73b97b6e299226a
4d2e3bd49f9b05bd22dc5931304dc37dcd9081ba830e58802a7564d6e24fbda9
5b42b49342647b070bc9bf48a730ada28e6b2692eedf6f8a6eb2832d373f5fcb
5fcd0a22bb10bfbd3cba9df9fc3f2e4737e501bb160588a6c0ab27ce0140dbe4
714cfbc8e4b3f224102a517dd5f39c85e114b27163602159deee4d8c4a8602f0
7a232f4a485980c524b83e58144db4d336d676092ad19060ca06ee283494826e
7c166283c508455ea71b622e6fb509ce0e5ac879341219d397796fe053610f09
bde6d5fb61a996e7934ade68f22c8f9b1d8576f6fef15cc93f625f6b762241b1
c46b632737bf0be39eefb8a13ec72b125e7ef19a3c0ddfc8a19e59478cd75b98
cbb11dd77221d5ae491f072ac2d38820d29589f9fd2d6958a6c998746e4456f9
d0e91d5e701957548ad9b0a57e329924a7c96ea931e955da3409d40f9cdb85f3
d9b163789e2b7212db81c0c8cb91f4dc9d11ac8abba7f7d54d1fe3c7e5a6cca6
da2d5cc7a936d3108413875e85969ff2e0a1bc79e4c9df4fabadb1ec9198e215
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e85c9f3810212bb208334bfbb7c84af3279fe36ac28bce3a05faa9294ac285f9
eefbfe01410f7dd5ccb5b4c9363451b8bd0f83b1c7d2619af29d5a2ebe9d0aab
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629