urlscan.io logo urlscan.io
SecurityTrails logo

test-payment.arternal.com Open in urlscan Pro
54.225.202.105  Public Scan

Go To Rescan Add Verdict Report
URL: https://test-payment.arternal.com/
Submission: On March 14 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 11 HTTP transactions. The main IP is 54.225.202.105, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is test-payment.arternal.com.
TLS certificate: Issued by R3 on March 14th 2023. Valid for: 3 months.
This is the only time test-payment.arternal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 54.225.202.105 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2400:52e0:1e0... 200325 (BUNNYCDN)
1 2 2a04:4e42:600... 54113 (FASTLY)
1 18.66.122.38 16509 (AMAZON-02)
3 52.204.73.29 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
11 6
4    54.225.202.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-202-105.compute-1.amazonaws.com
test-payment.arternal.com
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2400:52e0:1e00::1078:1 (Slovenia)

ASN200325 (BUNNYCDN, SI)
cdn.materialdesignicons.com
2    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    18.66.122.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-38.fra60.r.cloudfront.net
cdn1-sandbox.affirm.com
3    52.204.73.29 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-73-29.compute-1.amazonaws.com
sandbox.affirm.com
1    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
4 affirm.com
cdn1-sandbox.affirm.com — Cisco Umbrella Rank: 113021
sandbox.affirm.com — Cisco Umbrella Rank: 127466
104 KB
4 arternal.com
test-payment.arternal.com
224 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 337
40 KB
1 gstatic.com
fonts.gstatic.com
38 KB
1 materialdesignicons.com
cdn.materialdesignicons.com — Cisco Umbrella Rank: 38943
710 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
1 KB
11 6
Domain Requested by
4 test-payment.arternal.com test-payment.arternal.com
3 sandbox.affirm.com cdn1-sandbox.affirm.com
2 cdn.jsdelivr.net 1 redirects test-payment.arternal.com
1 fonts.gstatic.com fonts.googleapis.com
1 cdn1-sandbox.affirm.com test-payment.arternal.com
1 cdn.materialdesignicons.com 1 redirects
1 fonts.googleapis.com test-payment.arternal.com
11 7

This site contains no links.

Subject Issuer Validity Valid
test-payment.arternal.com
R3		 2023-03-14 -
2023-06-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
affirm.com
Amazon RSA 2048 M01		 2023-02-28 -
2023-12-18		 10 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://test-payment.arternal.com/
Frame ID: 98F5E9667222A955E0FD1B422150B0E8
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

payments-invoice-payment

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

11
Requests

91 %
HTTPS

57 %
IPv6

6
Domains

7
Subdomains

6
IPs

3
Countries

407 kB
Transfer

2142 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://cdn.materialdesignicons.com/5.4.55/css/materialdesignicons.min.css HTTP 301
  • https://cdn.jsdelivr.net/mdi/5.4.55/css/materialdesignicons.min.css HTTP 301
  • https://cdn.jsdelivr.net/npm/@mdi/font@5.4.55/css/materialdesignicons.min.css

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
test-payment.arternal.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://test-payment.arternal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.225.202.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-225-202-105.compute-1.amazonaws.com
Software
Arternal AmazonS3 /
Resource Hash
0120b2cdc14d7cd5dce84ae5e399a89f16528975e86ed56aad1605f823a4ede4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
1020
content-type
text/html
date
Tue, 14 Mar 2023 22:36:08 GMT
etag
"0cfab1fdb5110fd9ce97159e379d47b7"
last-modified
Fri, 16 Sep 2022 00:55:07 GMT
referrer-policy
no-referrer-when-downgrade
server
Arternal AmazonS3
strict-transport-security
max-age=31536000;
vary
Accept-Encoding
x-amz-id-2
Go+4QPppXaqFgU3e9G7YITwcoPX1TrZCvw/5JDIEvOsN8hAJf19k9qInIxJ05JQb/r8C5xBDa5U=
x-amz-request-id
QBVSB2DFXCREHRQK
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block;
css2
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@100;300;500;700&display=swap
Requested by
Host: test-payment.arternal.com
URL: https://test-payment.arternal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2e81d0d51eda961e11122abd10f0116feb11208f813f481422e7bc5dc6c57f2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://test-payment.arternal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 Mar 2023 22:36:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 22:36:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Mar 2023 22:36:07 GMT
materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@5.4.55/css/
Redirect Chain
  • https://cdn.materialdesignicons.com/5.4.55/css/materialdesignicons.min.css
  • https://cdn.jsdelivr.net/mdi/5.4.55/css/materialdesignicons.min.css
  • https://cdn.jsdelivr.net/npm/@mdi/font@5.4.55/css/materialdesignicons.min.css
245 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@5.4.55/css/materialdesignicons.min.css
Requested by
Host: test-payment.arternal.com
URL: https://test-payment.arternal.com/
Protocol
H2
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aee3527737949377d842c8d715b99b98b0e31c2528aa49809cb9555dd8908cc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://test-payment.arternal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 14 Mar 2023 22:36:07 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
1779320
x-jsd-version
5.4.55
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
40741
x-served-by
cache-fra-eddf8230058-FRA, cache-hhn-etou8220077-HHN
x-jsd-version-type
version
etag
W/"3d236-+1GUFQQB1xbFJxuoLlvWA9Vm3l0"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 14 Mar 2023 22:36:07 GMT
x-content-type-options
nosniff
age
327335
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
111
x-served-by
cache-fra-eddf8230116-FRA, cache-hhn-etou8220077-HHN
vary
Accept-Encoding, Accept
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
https://cdn.jsdelivr.net/npm/@mdi/font@5.4.55/css/materialdesignicons.min.css
access-control-expose-headers
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
app.ac405f73.css
test-payment.arternal.com/css/ 		1 MB
147 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://test-payment.arternal.com/css/app.ac405f73.css
Requested by
Host: test-payment.arternal.com
URL: https://test-payment.arternal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.225.202.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-225-202-105.compute-1.amazonaws.com
Software
Arternal, AmazonS3 /
Resource Hash
39fca7f5ccd7e4623841ab2e0d638002b8536fb6959935a3b22b1e5c0cd50d8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://test-payment.arternal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 22:36:08 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=31536000;
last-modified
Fri, 16 Sep 2022 00:55:07 GMT
server
Arternal, AmazonS3
x-amz-request-id
QBVMKSEE28HA6GVB
x-content-type-options
nosniff
etag
"cac604b1a9c3a92901886288f9eff96e"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css
x-amz-id-2
mhttawEkYipF7FJ8Y1ZUSuurepWw0NnUGTNrhUpp1SrXElal9LNt42/e/xgZsf8avQCTRt3Qw+0=
x-xss-protection
1; mode=block;
app.870ef59e.js
test-payment.arternal.com/js/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://test-payment.arternal.com/js/app.870ef59e.js
Requested by
Host: test-payment.arternal.com
URL: https://test-payment.arternal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.225.202.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-225-202-105.compute-1.amazonaws.com
Software
Arternal, AmazonS3 /
Resource Hash
0c737e0c3c88a03685d2b190a70ea26de92efe15b12154d40c62da4cebd178ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://test-payment.arternal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 22:36:08 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=31536000;
last-modified
Fri, 16 Sep 2022 00:55:07 GMT
server
Arternal, AmazonS3
x-amz-request-id
QBVK0BDXYBWYND73
x-content-type-options
nosniff
etag
"4353a5724044a0d4dd0295c666db745b"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
x-amz-id-2
yPJ9rvh69NSHc11N0fd/WLcsyGb4EwWmEt7uhylRo5avxEfdFpfLt4vBGspnjLTrp8M++NNhDmg=
x-xss-protection
1; mode=block;
chunk-vendors.06ea7b60.js
test-payment.arternal.com/js/ 		172 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://test-payment.arternal.com/js/chunk-vendors.06ea7b60.js
Requested by
Host: test-payment.arternal.com
URL: https://test-payment.arternal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.225.202.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-225-202-105.compute-1.amazonaws.com
Software
Arternal, AmazonS3 /
Resource Hash
9ff40a311c074fda2443c3dda22e1afe1899bd83048dc466588abc49ae36c35b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://test-payment.arternal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 22:36:08 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=31536000;
last-modified
Fri, 16 Sep 2022 00:55:07 GMT
server
Arternal, AmazonS3
x-amz-request-id
QBVGP4T1WZ1G8WW1
x-content-type-options
nosniff
etag
"15fe03efeddcfbae71f29aff2fb8f503"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
x-amz-id-2
fQPelBBXW12+oMhLi1dfkUcJhmsurE6B7QQLUnhWVlXlnHkrzEc01NYwUB8aABSnA7iFWQOxwLI=
x-xss-protection
1; mode=block;
affirm.js
cdn1-sandbox.affirm.com/js/v2/ 		475 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1-sandbox.affirm.com/js/v2/affirm.js
Requested by
Host: test-payment.arternal.com
URL: https://test-payment.arternal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-38.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
40206e94038cdcab3c3f4ae1f94f1a183ddc497ebbd31e4d7382909bd9ae55c4
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://test-payment.arternal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 22:35:12 GMT
content-encoding
br
via
1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
strict-transport-security
max-age=86400
x-amz-cf-pop
FRA60-P2
age
54
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
462
x-affirm-cache-status
HIT
x-affirm-request-id
33c87e60-02c7-45b1-c5d5-b5084a6abd0a
last-modified
Thu, 09 Mar 2023 06:32:01 GMT
server
istio-envoy
etag
W/"21566e03b5aef7d7966565d99a982db0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800, stale-while-revalidate=259200, public
timing-allow-origin
*
link
<https://cdn1-sandbox.affirm.com>; rel=preconnect; crossorigin, <https://cdn1-sandbox.affirm.com>; rel=preconnect, <https://cdn-assets.affirm.com>; rel=preconnect; crossorigin, <https://cdn-assets.affirm.com>; rel=preconnect, <https://cdnjs.cloudflare.com>; rel=preconnect; crossorigin, <https://cdnjs.cloudflare.com>; rel=preconnect
x-amz-cf-id
YSkoASqSDu2T3qOPFAD-8E0-O8OWZvnDnr2g_qLw-2yyVz7tLctOfQ==
touch_track
sandbox.affirm.com/api/v2/session/ 		46 B
981 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sandbox.affirm.com/api/v2/session/touch_track
Requested by
Host: cdn1-sandbox.affirm.com
URL: https://cdn1-sandbox.affirm.com/js/v2/affirm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.73.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-73-29.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
7ecb6ac753b5a184febd9d11b9122e567ae4eb4a029491ec0493a9386b651fb5
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://test-payment.arternal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 22:36:08 GMT
x-affirm-request-id
c5645026-60ee-41f1-c125-1d72e915aaa3
content-encoding
gzip
strict-transport-security
max-age=86400
server
istio-envoy
vary
Accept-Encoding,Origin
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
https://test-payment.arternal.com
access-control-allow-methods
GET, OPTIONS
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
42
x-affirm-cache-status
MISS
access-control-allow-headers
Accept, Content-Type, X-Requested-With
cookie_sent
sandbox.affirm.com/api/v2/ 		22 B
565 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sandbox.affirm.com/api/v2/cookie_sent
Requested by
Host: cdn1-sandbox.affirm.com
URL: https://cdn1-sandbox.affirm.com/js/v2/affirm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.73.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-73-29.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
924aebf24af414b12986f4af470b2ac7b61d765897f9e222c0af15805de9ae40
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept
application/json
Referer
https://test-payment.arternal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 22:36:08 GMT
x-affirm-request-id
58c20eec-9eb8-4c81-cc42-5d2597e5b249
content-encoding
gzip
strict-transport-security
max-age=86400
server
istio-envoy
vary
Accept-Encoding,cookie, Origin,Origin
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
https://test-payment.arternal.com
access-control-allow-methods
GET, OPTIONS
cache-control
max-age=3600
access-control-allow-credentials
true
x-envoy-upstream-service-time
7
x-affirm-cache-status
MISS
access-control-allow-headers
Accept, Content-Type, X-Requested-With
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@100;300;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://test-payment.arternal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 09:17:36 GMT
x-content-type-options
nosniff
age
479912
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37924
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:54:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Mar 2024 09:17:36 GMT
cookie_sent
sandbox.affirm.com/api/v2/ 		21 B
564 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sandbox.affirm.com/api/v2/cookie_sent
Requested by
Host: cdn1-sandbox.affirm.com
URL: https://cdn1-sandbox.affirm.com/js/v2/affirm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.73.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-73-29.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
8d728ba62f3f7c795e471c6dce9d637ffce93580e4936c3f1b578320242df7b8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept
application/json
Referer
https://test-payment.arternal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 22:36:08 GMT
x-affirm-request-id
d5da742c-6542-44f2-c494-9fe0fa9de080
content-encoding
gzip
strict-transport-security
max-age=86400
server
istio-envoy
vary
Accept-Encoding,cookie, Origin,Origin
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
https://test-payment.arternal.com
access-control-allow-methods
GET, OPTIONS
cache-control
max-age=3600
access-control-allow-credentials
true
x-envoy-upstream-service-time
12
x-affirm-cache-status
MISS
access-control-allow-headers
Accept, Content-Type, X-Requested-With

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| _affirm_config object| affirm object| perfMetrics object| webpackJsonp boolean| __VUE__ object| __VUE_DEVTOOLS_PLUGINS__

5 Cookies

Domain/Path Name / Value
.affirm.com/ Name: DUMMY_COOKIE
Value: DUMMY_VALUE
.affirm.com/ Name: tracker_device
Value: 8ef925ac-bf6f-4617-82e0-0a89891cf84f
.affirm.com/ Name: t_v2_s
Value: eyIgYiI6Ik9HVm1PVEkxWVdNdFltWTJaaTAwTmpFM0xUZ3laVEF0TUdFNE9UZzVNV05tT0RSbSJ9.FvKIWA.a4JSjO2eAPCvMEJEOW1EaQDgO4M
.affirm.com/ Name: 3060738.3440491
Value: 8ef925ac-bf6f-4617-82e0-0a89891cf84f
test-payment.arternal.com/ Name: tracker_device
Value: 8ef925ac-bf6f-4617-82e0-0a89891cf84f

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block;