payments-portal-v2.production-au.arborknot.io Open in urlscan Pro
35.189.15.236  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response payments-portal-v2.production-au.arborknot.io/	779 B 1 KB	324ms 106ms	Document text/html	35.189.15.236 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://payments-portal-v2.production-au.arborknot.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.189.15.236 Sydney, Australia, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 236.15.189.35.bc.googleusercontent.com Software / Express Resource Hash e875faacdf92d2e1330c6694c716cd9703f5416326a4748eb18d1f8b85689ba0 Security Headers Name Value Content-Security-Policy default-src ws: http: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers accept-ranges bytes access-control-allow-credentials true access-control-expose-headers set-cookie cache-control no-store content-length 779 content-security-policy default-src ws: http: data: blob: 'unsafe-inline' 'unsafe-eval' content-type text/html; charset=UTF-8 date Thu, 02 Mar 2023 09:38:09 GMT etag W/"30b-18698a854b0" last-modified Tue, 28 Feb 2023 15:33:34 GMT pragma no-cache strict-transport-security max-age=31536000; includeSubDomains vary Origin x-content-type-options nosniff x-frame-options SAMEORIGIN x-powered-by Express
GET H2	200	pay.js Show response pay.google.com/gp/p/js/	115 KB 35 KB	637ms 247ms	Script application/javascript	142.250.4.92 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pay.google.com/gp/p/js/pay.js Requested by Host: payments-portal-v2.production-au.arborknot.io URL: https://payments-portal-v2.production-au.arborknot.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.4.92 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f92.1e100.net Software ESF / Resource Hash e5fd83021897cc0b154c587eda7dc1593f9c18cbf10b48af5e804ee66e24597e Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-9dMLUOKHryVMzkMsLiMQwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://payments-portal-v2.production-au.arborknot.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 02 Mar 2023 09:38:10 GMT strict-transport-security max-age=31536000 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-9dMLUOKHryVMzkMsLiMQwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport x-content-type-options nosniff p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control private, max-age=600 permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=* expires Thu, 02 Mar 2023 09:38:10 GMT
GET H2	200	hostedfields.js Show response cdn.paymeservice.com/hf/v1/	390 KB 93 KB	1456ms 1237ms	Script application/javascript	104.26.8.25 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.paymeservice.com/hf/v1/hostedfields.js Requested by Host: payments-portal-v2.production-au.arborknot.io URL: https://payments-portal-v2.production-au.arborknot.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.8.25 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2b24e7d1dff55187918316e16bd2374e62226d0438ff7bb39996b5066c00ec02 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-AU,en;q=0.9 Referer https://payments-portal-v2.production-au.arborknot.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 02 Mar 2023 09:38:11 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC last-modified Sat, 25 Feb 2023 01:35:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-amz-request-id E4X7H9KFGBW3VV5R etag W/"9c8ef6048cd13206a54ef7ed740edbc5" x-amz-server-side-encryption AES256 content-encoding br report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FKakbedKjANmz3jYLhROsZOVNzaSyyRIX3X9HCvhytI2IObS0CYeUg8ewmkmxeqtoS%2BPwwkoC9QreVVzxnN%2FblLzlP9IV%2B%2BKxpb6KqzdSiTf%2BOfAsqZGLYhzocqBpi1fOTI%2Fy3wv"}],"group":"cf-nel","max_age":604800} content-type application/javascript cf-ray 7a18aa4ccb1ca826-SYD x-amz-id-2 Uq7zb9vy8mB+sF6oiKt2ol9svt1DfDC2zW/1NyAA6qe7ZBZme32FEi7AqrzORW4muBAVPa9JxbM=
GET H/1.1	200 OK	apple-pay-sdk.js Show response applepay.cdn-apple.com/jsapi/v1/	107 KB 38 KB	1102ms 305ms	Script application/javascript	17.253.61.195 APPLE-AUSTIN
General Check archive.org Show headers Download Go to Full URL https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js Requested by Host: payments-portal-v2.production-au.arborknot.io URL: https://payments-portal-v2.production-au.arborknot.io/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 17.253.61.195 , Singapore, ASN6185 (APPLE-AUSTIN, US), Reverse DNS sgsin3-vip-bx-001.a.aaplimg.com Software Apple / Resource Hash 7dc2ed883fb76ebd14dd1a960b9f9babcb204ea25020842069116fe50f583f1f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-AU,en;q=0.9 Referer https://payments-portal-v2.production-au.arborknot.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers x-apple-jingle-correlation-key H7BVBKIEAH6WWZ2GMBQPDDTV54 Date Wed, 01 Mar 2023 20:21:18 GMT Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff Content-Encoding gzip x-b3-traceid 3fc350a90401fd6b67466060f18e75ef Via http/1.1 sgsin3-edge-lx-001.ts.apple.com (acdn/63.14238), http/1.1 sgsin3-edge-bx-001.ts.apple.com (acdn/63.14238) Age 47812 X-Cache hit-fresh, hit-fresh CDNUUID 8f226caf-41f0-4cf9-b1ac-9b87dfdbe736-7835414587 b3 3fc350a90401fd6b67466060f18e75ef-1f4db9ee62585952 Connection keep-alive Content-Length 37704 X-XSS-Protection 1; mode=block apple-tk false Server Apple apple-seq 0 Last-Modified Mon, 30 Jan 2023 20:59:19 GMT apple-originating-system payment-client-service-PROD Vary Accept-Encoding X-Frame-Options SAMEORIGIN Content-Type application/javascript Access-Control-Allow-Origin * x-apple-request-uuid 3fc350a9-0401-fd6b-6746-6060f18e75ef x-b3-spanid 1f4db9ee62585952 Access-Control-Allow-Credentials false Cache-Control public, max-age=86400, stale-while-revalidate=86400
GET H2	200	main.4f7dc6d3.js Show response payments-portal-v2.production-au.arborknot.io/static/js/	6 MB 6 MB	293ms 293ms	Script application/javascript	35.189.15.236 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://payments-portal-v2.production-au.arborknot.io/static/js/main.4f7dc6d3.js Requested by Host: payments-portal-v2.production-au.arborknot.io URL: https://payments-portal-v2.production-au.arborknot.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.189.15.236 Sydney, Australia, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 236.15.189.35.bc.googleusercontent.com Software / Express Resource Hash ac2336814441420b20e6a03f91dd1313c76ab8358002fec060a7275bd610d28d Security Headers Name Value Content-Security-Policy default-src ws: http: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language en-AU,en;q=0.9 Referer https://payments-portal-v2.production-au.arborknot.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 02 Mar 2023 09:38:09 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-security-policy default-src ws: http: data: blob: 'unsafe-inline' 'unsafe-eval' x-powered-by Express content-length 6082548 pragma no-cache last-modified Tue, 28 Feb 2023 15:33:34 GMT etag W/"5ccff4-18698a854b0" vary Origin x-frame-options SAMEORIGIN content-type application/javascript; charset=UTF-8 access-control-expose-headers set-cookie cache-control no-store access-control-allow-credentials true accept-ranges bytes
GET H2	200	main.1ffeee7b.css payments-portal-v2.production-au.arborknot.io/static/css/	700 KB 702 KB	107ms 107ms	Stylesheet text/css	35.189.15.236 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://payments-portal-v2.production-au.arborknot.io/static/css/main.1ffeee7b.css Requested by Host: payments-portal-v2.production-au.arborknot.io URL: https://payments-portal-v2.production-au.arborknot.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.189.15.236 Sydney, Australia, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 236.15.189.35.bc.googleusercontent.com Software / Express Resource Hash 683033af7d05600818654d01f11a217deeb2f206311cabdc313d8ce96292fa7a Security Headers Name Value Content-Security-Policy default-src ws: http: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language en-AU,en;q=0.9 Referer https://payments-portal-v2.production-au.arborknot.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 02 Mar 2023 09:38:09 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-security-policy default-src ws: http: data: blob: 'unsafe-inline' 'unsafe-eval' x-powered-by Express content-length 716834 pragma no-cache last-modified Tue, 28 Feb 2023 15:33:34 GMT etag W/"af022-18698a854b0" vary Origin x-frame-options SAMEORIGIN content-type text/css; charset=UTF-8 access-control-expose-headers set-cookie cache-control no-store access-control-allow-credentials true accept-ranges bytes
GET H2	200	payframe Show response pay.google.com/gp/p/ui/ Frame 3B66	18 KB 8 KB	437ms 436ms	Document text/html	142.250.4.92 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fpayments-portal-v2.production-au.arborknot.io&mid= Requested by Host: pay.google.com URL: https://pay.google.com/gp/p/js/pay.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.4.92 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f92.1e100.net Software ESF / Resource Hash 1bd30156bde97de99b76d4366b2121b5ee128f75311987719b2d6fdbed2c8637 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-dqEnkk0IymrQhwPaXZKnbA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://payments-portal-v2.production-au.arborknot.io/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=3600 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-dqEnkk0IymrQhwPaXZKnbA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport content-type text/html; charset=utf-8 cross-origin-opener-policy same-origin cross-origin-resource-policy same-site date Thu, 02 Mar 2023 09:38:10 GMT expires Thu, 02 Mar 2023 09:38:10 GMT permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=* server ESF strict-transport-security max-age=31536000 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-content-type-options nosniff x-ua-compatible IE=edge x-xss-protection 0
POST H3	404	cspreport pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 3B66	2 KB 2 KB	293ms 293ms	Other text/html	142.250.4.92 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Requested by Host: payments-portal-v2.production-au.arborknot.io URL: https://payments-portal-v2.production-au.arborknot.io/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.92 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f92.1e100.net Software / Resource Hash d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101 Request headers Referer https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fpayments-portal-v2.production-au.arborknot.io&mid= accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type application/csp-report Response headers date Thu, 02 Mar 2023 09:38:11 GMT referrer-policy no-referrer alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1608 content-type text/html; charset=UTF-8
GET H2	200	m=_b,_tp,_r Show response www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.yhXxOA8F3nQ.es5.O/am=MAYEAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMit... Frame 3B66	155 KB 55 KB	582ms 193ms	Script text/javascript	142.251.10.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.yhXxOA8F3nQ.es5.O/am=MAYEAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjClZdVHPWtzTCT7R5hIgqK5YM-9Q/m=_b,_tp,_r Requested by Host: pay.google.com URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fpayments-portal-v2.production-au.arborknot.io&mid= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.10.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f94.1e100.net Software sffe / Resource Hash 27ee0e5d88c2005b9148d5c617129a18bf3a9437f6e30f99119c440548d32d52 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Wed, 01 Mar 2023 20:56:44 GMT content-encoding gzip x-content-type-options nosniff age 45687 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 55888 x-xss-protection 0 last-modified Wed, 01 Mar 2023 12:23:33 GMT server sffe cross-origin-opener-policy same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers" vary Accept-Encoding, Origin report-to {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Thu, 29 Feb 2024 20:56:44 GMT
GET H2	200	css fonts.googleapis.com/	10 KB 1 KB	583ms 196ms	Stylesheet text/css	142.251.10.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700 Requested by Host: payments-portal-v2.production-au.arborknot.io URL: https://payments-portal-v2.production-au.arborknot.io/static/js/main.4f7dc6d3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.10.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f95.1e100.net Software ESF / Resource Hash 6c4133ff5eff0f23ca2f6fdaceea1d4dd3a91e499a0b0aef688b0f31206b0328 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://payments-portal-v2.production-au.arborknot.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 02 Mar 2023 09:38:12 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 02 Mar 2023 09:23:27 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 02 Mar 2023 09:38:12 GMT
GET H2	200	runtime-env.js Show response payments-portal-v2.production-au.arborknot.io/	769 B 1 KB	1323ms 1322ms	Fetch application/json	35.189.15.236 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://payments-portal-v2.production-au.arborknot.io/runtime-env.js Requested by Host: payments-portal-v2.production-au.arborknot.io URL: https://payments-portal-v2.production-au.arborknot.io/static/js/main.4f7dc6d3.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.189.15.236 Sydney, Australia, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 236.15.189.35.bc.googleusercontent.com Software / Express Resource Hash 9c419aa6cb012154ff6186cc600813513373ff8f67e792bb50b6f3d9aeadd91c Security Headers Name Value Content-Security-Policy default-src ws: http: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language en-AU,en;q=0.9 Referer https://payments-portal-v2.production-au.arborknot.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers pragma no-cache date Thu, 02 Mar 2023 09:38:13 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-security-policy default-src ws: http: data: blob: 'unsafe-inline' 'unsafe-eval' x-powered-by Express etag W/"301-rU/r1G4iCCkA+bEvoBwbTcJlwmk" vary Origin x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 access-control-expose-headers set-cookie cache-control no-store access-control-allow-credentials true content-length 769
GET H2	200	m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le Show response www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.yhXxOA8F3nQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.aoE... Frame 3B66	70 KB 26 KB	194ms 193ms	Script text/javascript	142.251.10.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.yhXxOA8F3nQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.aoEJrzwlChw.L.B1.O/am=MAYEAg/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrjQVxopRIjv19MJ8UO-53nZwjdlyw/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.yhXxOA8F3nQ.es5.O/am=MAYEAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjClZdVHPWtzTCT7R5hIgqK5YM-9Q/m=_b,_tp,_r Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.10.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f94.1e100.net Software sffe / Resource Hash 99f944ac5c07ba4f9c347fab0a8aa27144df087cc30f8d36fd8425268bbb736a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Wed, 01 Mar 2023 20:56:44 GMT content-encoding gzip x-content-type-options nosniff age 45688 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 26164 x-xss-protection 0 last-modified Wed, 01 Mar 2023 02:24:36 GMT server sffe cross-origin-opener-policy same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers" vary Accept-Encoding, Origin report-to {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Thu, 29 Feb 2024 20:56:44 GMT
GET H3	200	pay Show response pay.google.com/gp/p/ui/ Frame 3B66	1 MB 383 KB	260ms 260ms	XHR text/html	142.250.4.92 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pay.google.com/gp/p/ui/pay Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.yhXxOA8F3nQ.es5.O/am=MAYEAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjClZdVHPWtzTCT7R5hIgqK5YM-9Q/m=_b,_tp,_r Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.92 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f92.1e100.net Software ESF / Resource Hash 94ab085554251fd9cf9e4a46fee237bc6c27f3fd2cf5b9c09343c54fb3dc4e55 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-0vEyWG_9RkUFieZcoInjYQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 02 Mar 2023 09:38:12 GMT strict-transport-security max-age=31536000 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-0vEyWG_9RkUFieZcoInjYQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport x-content-type-options nosniff cross-origin-resource-policy same-site alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 x-ua-compatible IE=edge accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy unsafe-none server ESF x-frame-options DENY vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site content-type text/html; charset=utf-8 cache-control private, max-age=3600 permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=* expires Thu, 02 Mar 2023 09:38:12 GMT
GET H2	200	m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.yhXxOA8F3nQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.aoE... Frame 3B66	23 KB 9 KB	194ms 194ms	Script text/javascript	142.251.10.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.yhXxOA8F3nQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.aoEJrzwlChw.L.B1.O/am=MAYEAg/d=1/exm=Das5Le,IZT63,PrPYRd,ZyYHPb,_b,_r,_tp,hc6Ubd,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrjQVxopRIjv19MJ8UO-53nZwjdlyw/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.yhXxOA8F3nQ.es5.O/am=MAYEAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjClZdVHPWtzTCT7R5hIgqK5YM-9Q/m=_b,_tp,_r Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.10.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f94.1e100.net Software sffe / Resource Hash d4843b90c10d349865672d94bdd709d2487ab80382bc0d8e9fbe1d5bcff3bd3d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Wed, 01 Mar 2023 20:56:45 GMT content-encoding gzip x-content-type-options nosniff age 45687 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9393 x-xss-protection 0 last-modified Wed, 01 Mar 2023 02:24:36 GMT server sffe cross-origin-opener-policy same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers" vary Accept-Encoding, Origin report-to {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Thu, 29 Feb 2024 20:56:45 GMT
GET H2	200	m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.yhXxOA8F3nQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.aoE... Frame 3B66	35 KB 13 KB	212ms 212ms	Script text/javascript	142.251.10.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.yhXxOA8F3nQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.aoEJrzwlChw.L.B1.O/am=MAYEAg/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrjQVxopRIjv19MJ8UO-53nZwjdlyw/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.yhXxOA8F3nQ.es5.O/am=MAYEAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjClZdVHPWtzTCT7R5hIgqK5YM-9Q/m=_b,_tp,_r Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.10.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f94.1e100.net Software sffe / Resource Hash d0e10378f1c25a51246a2673d482173a426900ca9d5466e4afadc3dd00073bf2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Wed, 01 Mar 2023 20:56:45 GMT content-encoding gzip x-content-type-options nosniff age 45687 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13392 x-xss-protection 0 last-modified Wed, 01 Mar 2023 02:24:36 GMT server sffe cross-origin-opener-policy same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers" vary Accept-Encoding, Origin report-to {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Thu, 29 Feb 2024 20:56:45 GMT
POST H2	200	log Show response play.google.com/ Frame 3B66	131 B 196 B	262ms 261ms	XHR text/plain	74.125.200.100 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.yhXxOA8F3nQ.es5.O/am=MAYEAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjClZdVHPWtzTCT7R5hIgqK5YM-9Q/m=_b,_tp,_r Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.200.100 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f100.1e100.net Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pay.google.com/ X-Goog-AuthUser 0 accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Thu, 02 Mar 2023 09:38:13 GMT content-encoding gzip server Playlog x-frame-options SAMEORIGIN content-type text/plain; charset=UTF-8 access-control-allow-origin https://pay.google.com cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers X-Playlog-Web content-length 131 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
OPTIONS H2	200	log play.google.com/ Frame	0 0	625ms 234ms	Preflight text/plain	74.125.200.100 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.200.100 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f100.1e100.net Software Playlog / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers x-goog-authuser Access-Control-Request-Method POST Origin https://pay.google.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers X-Playlog-Web,authorization,origin,x-goog-authuser access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://pay.google.com access-control-max-age 86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/plain; charset=UTF-8 date Thu, 02 Mar 2023 09:38:12 GMT server Playlog x-frame-options SAMEORIGIN x-xss-protection 0
POST H2	200	log Show response play.google.com/ Frame 3B66	131 B 196 B	410ms 410ms	XHR text/plain	74.125.200.100 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.yhXxOA8F3nQ.es5.O/am=MAYEAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjClZdVHPWtzTCT7R5hIgqK5YM-9Q/m=_b,_tp,_r Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.200.100 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f100.1e100.net Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pay.google.com/ X-Goog-AuthUser 0 accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Thu, 02 Mar 2023 09:38:13 GMT content-encoding gzip server Playlog x-frame-options SAMEORIGIN content-type text/plain; charset=UTF-8 access-control-allow-origin https://pay.google.com cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers X-Playlog-Web content-length 131 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
OPTIONS H2	200	log play.google.com/ Frame	0 0	627ms 238ms	Preflight text/plain	74.125.200.100 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.200.100 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f100.1e100.net Software Playlog / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers x-goog-authuser Access-Control-Request-Method POST Origin https://pay.google.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers X-Playlog-Web,authorization,origin,x-goog-authuser access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://pay.google.com access-control-max-age 86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/plain; charset=UTF-8 date Thu, 02 Mar 2023 09:38:12 GMT server Playlog x-frame-options SAMEORIGIN x-xss-protection 0
POST H2	200	log Show response play.google.com/ Frame 3B66	131 B 196 B	260ms 258ms	XHR text/plain	74.125.200.100 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.yhXxOA8F3nQ.es5.O/am=MAYEAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjClZdVHPWtzTCT7R5hIgqK5YM-9Q/m=_b,_tp,_r Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.200.100 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f100.1e100.net Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pay.google.com/ X-Goog-AuthUser 0 accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Thu, 02 Mar 2023 09:38:13 GMT content-encoding gzip server Playlog x-frame-options SAMEORIGIN content-type text/plain; charset=UTF-8 access-control-allow-origin https://pay.google.com cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers X-Playlog-Web content-length 131 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
OPTIONS H2	200	log play.google.com/ Frame	0 0	625ms 238ms	Preflight text/plain	74.125.200.100 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.200.100 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f100.1e100.net Software Playlog / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers x-goog-authuser Access-Control-Request-Method POST Origin https://pay.google.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers X-Playlog-Web,authorization,origin,x-goog-authuser access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://pay.google.com access-control-max-age 86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/plain; charset=UTF-8 date Thu, 02 Mar 2023 09:38:12 GMT server Playlog x-frame-options SAMEORIGIN x-xss-protection 0
POST H2	200	log Show response play.google.com/ Frame 3B66	131 B 426 B	649ms 263ms	XHR text/plain	74.125.200.100 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.yhXxOA8F3nQ.es5.O/am=MAYEAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjClZdVHPWtzTCT7R5hIgqK5YM-9Q/m=_b,_tp,_r Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.200.100 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f100.1e100.net Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pay.google.com/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Thu, 02 Mar 2023 09:38:13 GMT content-encoding gzip server Playlog x-frame-options SAMEORIGIN content-type text/plain; charset=UTF-8 access-control-allow-origin https://pay.google.com cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers X-Playlog-Web content-length 131 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H2	200	languages Show response payments-portal-v2.production-au.arborknot.io/login/dca/7b19370f-9cd3-44fd-9c28-ded8f7da2b88/	35 B 429 B	3005ms 3005ms	XHR application/json	35.189.15.236 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://payments-portal-v2.production-au.arborknot.io/login/dca/7b19370f-9cd3-44fd-9c28-ded8f7da2b88/languages Requested by Host: payments-portal-v2.production-au.arborknot.io URL: https://payments-portal-v2.production-au.arborknot.io/static/js/main.4f7dc6d3.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.189.15.236 Sydney, Australia, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 236.15.189.35.bc.googleusercontent.com Software / Express Resource Hash 906b6606f059593f66717ae498cc4057b68bd5e21e376ffc52b2e0a6a9346384 Security Headers Name Value Content-Security-Policy default-src ws: http: data: blob: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/plain, */* Referer https://payments-portal-v2.production-au.arborknot.io/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers pragma no-cache date Thu, 02 Mar 2023 09:38:16 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-security-policy default-src ws: http: data: blob: 'unsafe-inline' 'unsafe-eval' x-powered-by Express etag W/"23-41VnMbf9VvAgVMJXddTX16lJwM0" vary Origin x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 access-control-expose-headers set-cookie cache-control no-store access-control-allow-credentials true content-length 35
GET		ak-payment-portal texts-v2.production.arborknot.io/texts/en-us/	0 0
GET		content-ia-subheader texts-v2.production.arborknot.io/texts/en-us/	0 0
GET		content-ia-ctatext texts-v2.production.arborknot.io/texts/en-us/	0 0
GET		content-ia-header texts-v2.production.arborknot.io/texts/en-us/	0 0
GET		content-portalsettings-header texts-v2.production.arborknot.io/texts/en-us/	0 0
GET		content-portalsettings-cta texts-v2.production.arborknot.io/texts/en-us/	0 0
GET		content-portal texts-v2.production.arborknot.io/texts/en-us/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

texts-v2.production.arborknot.io

URL

https://texts-v2.production.arborknot.io/texts/en-us/ak-payment-portal?dcaId=7b19370f-9cd3-44fd-9c28-ded8f7da2b88

Domain

texts-v2.production.arborknot.io

URL

https://texts-v2.production.arborknot.io/texts/en-us/content-ia-subheader?dcaId=7b19370f-9cd3-44fd-9c28-ded8f7da2b88

Domain

texts-v2.production.arborknot.io

URL

https://texts-v2.production.arborknot.io/texts/en-us/content-ia-ctatext?dcaId=7b19370f-9cd3-44fd-9c28-ded8f7da2b88

Domain

texts-v2.production.arborknot.io

URL

https://texts-v2.production.arborknot.io/texts/en-us/content-ia-header?dcaId=7b19370f-9cd3-44fd-9c28-ded8f7da2b88

Domain

texts-v2.production.arborknot.io

URL

https://texts-v2.production.arborknot.io/texts/en-us/content-portalsettings-header?dcaId=7b19370f-9cd3-44fd-9c28-ded8f7da2b88

Domain

texts-v2.production.arborknot.io

URL

https://texts-v2.production.arborknot.io/texts/en-us/content-portalsettings-cta?dcaId=7b19370f-9cd3-44fd-9c28-ded8f7da2b88

Domain

texts-v2.production.arborknot.io

URL

https://texts-v2.production.arborknot.io/texts/en-us/content-portal?dcaId=7b19370f-9cd3-44fd-9c28-ded8f7da2b88

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| denylistedDomainsHashedValueListForGpayButtonWithCardInfo object| whitelistedDomainsHashedValueListForGpayButtonWithCardInfo object| denylistedMerchentIdsHashedValueListForGpayButtonWithCardInfo object| google object| webpackJsonp boolean| WEBVIEW function| ApplePayMerchandising object| webpackChunkak_payment_portal object| __core-js_shared__ object| core object| regeneratorRuntime object| __SECRET_EMOTION__ number| 2f1acc6c3a606b082e5eef5e54414ffb object| __MUI_STYLES__ object| platform object| Handlebars object| classValidatorMetadataStorage function| PayMe object| __RUNTIME_CONFIG__

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.google.com/	1970-01-20 14:26:01	Name: NID Value: 511=CuwWX3rIKBpYMk2z9diUK7OZg5Pz0d_FwbbAFOppYScLo5pdBJYdTejZgPivNPiYYtQSEO7pzPiour-kY5Ph9X7B0rSNwoIpbaeGtYU5iDLcAsw6-sgVK1MeMB_QqO7VilPWcULv09rzlCv3SVv7CAez6ZznR6VNg2Mx7UsxXPY

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src ws: http: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

applepay.cdn-apple.com
cdn.paymeservice.com
fonts.googleapis.com
pay.google.com
payments-portal-v2.production-au.arborknot.io
play.google.com
texts-v2.production.arborknot.io
www.gstatic.com
texts-v2.production.arborknot.io
104.26.8.25
142.250.4.92
142.251.10.94
142.251.10.95
17.253.61.195
35.189.15.236
74.125.200.100
1bd30156bde97de99b76d4366b2121b5ee128f75311987719b2d6fdbed2c8637
27ee0e5d88c2005b9148d5c617129a18bf3a9437f6e30f99119c440548d32d52
2b24e7d1dff55187918316e16bd2374e62226d0438ff7bb39996b5066c00ec02
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
683033af7d05600818654d01f11a217deeb2f206311cabdc313d8ce96292fa7a
6c4133ff5eff0f23ca2f6fdaceea1d4dd3a91e499a0b0aef688b0f31206b0328
7dc2ed883fb76ebd14dd1a960b9f9babcb204ea25020842069116fe50f583f1f
906b6606f059593f66717ae498cc4057b68bd5e21e376ffc52b2e0a6a9346384
94ab085554251fd9cf9e4a46fee237bc6c27f3fd2cf5b9c09343c54fb3dc4e55
99f944ac5c07ba4f9c347fab0a8aa27144df087cc30f8d36fd8425268bbb736a
9c419aa6cb012154ff6186cc600813513373ff8f67e792bb50b6f3d9aeadd91c
ac2336814441420b20e6a03f91dd1313c76ab8358002fec060a7275bd610d28d
d0e10378f1c25a51246a2673d482173a426900ca9d5466e4afadc3dd00073bf2
d4843b90c10d349865672d94bdd709d2487ab80382bc0d8e9fbe1d5bcff3bd3d
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
e5fd83021897cc0b154c587eda7dc1593f9c18cbf10b48af5e804ee66e24597e
e875faacdf92d2e1330c6694c716cd9703f5416326a4748eb18d1f8b85689ba0