go.payreq.com Open in urlscan Pro
54.66.239.15 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://go.payreq.com/
Effective URL:
https://go.payreq.com/portal/customer/login
Submission: On February 04 via manual (February 4th 2023, 3:36:28 pm UTC) from US — Scanned from AU

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 14 HTTP transactions. The main IP is 54.66.239.15, located in Sydney, Australia and belongs to AMAZON-02, US. The main domain is go.payreq.com.
TLS certificate: Issued by Amazon on October 11th 2022. Valid for: a year.

This is the only time go.payreq.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 13	54.66.239.15 54.66.239.15	16509 (AMAZON-02) (AMAZON-02)
1	142.250.4.95 142.250.4.95	15169 (GOOGLE) (GOOGLE)
1	142.251.10.94 142.251.10.94	15169 (GOOGLE) (GOOGLE)
14	4

13 54.66.239.15 (Sydney, Australia) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-66-239-15.ap-southeast-2.compute.amazonaws.com

go.payreq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.4.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.10.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	payreq.com 1 redirects go.payreq.com	1 MB
1	gstatic.com fonts.gstatic.com	31 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	922 B
14	3

	Domain	Requested by
13	go.payreq.com	1 redirects go.payreq.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	go.payreq.com
14	3

This site contains no links.

Subject Issuer	Validity	Valid
go.payreq.com Amazon	`2022-10-11` - `2023-11-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://go.payreq.com/portal/customer/login
Frame ID: 0DC42525D780264F2A29BD35580B059B
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Payreq

Page URL History Show full URLs

https://go.payreq.com/ HTTP 302
https://go.payreq.com/portal/customer/login Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

14
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

1273 kB
Transfer

3773 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://go.payreq.com/ HTTP 302
https://go.payreq.com/portal/customer/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
go.payreq.com/portal/customer/
Redirect Chain

https://go.payreq.com/
https://go.payreq.com/portal/customer/login

762 B
1 KB

99ms
99ms

Document
text/html

54.66.239.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://go.payreq.com/portal/customer/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.66.239.15 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-66-239-15.ap-southeast-2.compute.amazonaws.com

Software

Apache /

Resource Hash

d2813d3baf2e73f03d989aa30de583ffedd3faf359ca446d96c545486ef65bc1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' .cloudflare.com .paydock.com cdn.datatables.net cdn.zingchart.com fonts.gstatic.com blob:; img-src * data: https:; style-src 'unsafe-inline' 'self' fonts.googleapis.com; frame-ancestors 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: no-cache,no-store
content-length: 762
content-security-policy: default-src 'self' 'unsafe-eval' *.cloudflare.com *.paydock.com cdn.datatables.net cdn.zingchart.com fonts.gstatic.com blob:; img-src * data: https:; style-src 'unsafe-inline' 'self' fonts.googleapis.com; frame-ancestors 'none'
content-type: text/html; charset=UTF-8
date: Sat, 04 Feb 2023 15:36:23 GMT
permissions-policy: sync-xhr=(), sync-script=(), encrypted-media=(), document-domain=(), display-capture=(), midi=(), microphone=(), autoplay=(), camera=(), usb=(), geolocation=(), ambient-light-sensor=(), accelerometer=(), vibrate=(), payment=(), magnetometer=(), gyroscope=(), fullscreen=()
referrer-policy: same-origin
server: Apache
strict-transport-security: max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubDomains
x-content-type-options: nosniff nosniff
x-frame-options: sameorigin
x-xss-protection: 1; mode=block

Redirect headers

content-length: 0
content-type: application/octet-stream
date: Sat, 04 Feb 2023 15:36:23 GMT
location: /portal/customer/login
server: Apache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff

GET
H2 200 css
fonts.googleapis.com/ 4 KB
922 B 664ms
222ms Stylesheet
text/css 142.250.4.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli:400,400i,700,700i&display=swap

Requested by

Host: go.payreq.com
URL: https://go.payreq.com/portal/customer/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f95.1e100.net

Software

ESF /

Resource Hash

4322a8c86cf8677857deb12a63f5a7a53acc1900ceb33d20cf81dc4ef3b58331

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 04 Feb 2023 15:36:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 04 Feb 2023 15:36:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 04 Feb 2023 15:36:24 GMT

GET
H2 200 3.d218d83a.chunk.css
go.payreq.com/payreq-ui/static/css/ 329 KB
73 KB 293ms
293ms Stylesheet
text/css 54.66.239.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://go.payreq.com/payreq-ui/static/css/3.d218d83a.chunk.css

Requested by

Host: go.payreq.com
URL: https://go.payreq.com/portal/customer/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.66.239.15 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-66-239-15.ap-southeast-2.compute.amazonaws.com

Software

Apache /

Resource Hash

ea9963bf2bfde97ea663e804d6e87d1d86336b45b687ac8a78cbc55d0d072e79

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://go.payreq.com/portal/customer/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 15:36:23 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Tue, 31 Jan 2023 23:43:36 GMT
server: Apache
content-encoding: gzip
vary: Accept-Encoding
content-type: text/css

GET
H2 200 main.dabd759c.chunk.css
go.payreq.com/payreq-ui/static/css/ 54 KB
11 KB 200ms
199ms Stylesheet
text/css 54.66.239.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://go.payreq.com/payreq-ui/static/css/main.dabd759c.chunk.css

Requested by

Host: go.payreq.com
URL: https://go.payreq.com/portal/customer/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.66.239.15 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-66-239-15.ap-southeast-2.compute.amazonaws.com

Software

Apache /

Resource Hash

51d58e6d50d580e6cb9d2560415b89c054483595442606333345934819ef6178

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://go.payreq.com/portal/customer/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 15:36:23 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Tue, 31 Jan 2023 23:43:36 GMT
server: Apache
content-encoding: gzip
vary: Accept-Encoding
content-type: text/css

GET
H2 200 runtime-main.e727a449.js Show response
go.payreq.com/payreq-ui/static/js/ 2 KB
1 KB 100ms
99ms Script
text/javascript 54.66.239.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://go.payreq.com/payreq-ui/static/js/runtime-main.e727a449.js

Requested by

Host: go.payreq.com
URL: https://go.payreq.com/portal/customer/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.66.239.15 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-66-239-15.ap-southeast-2.compute.amazonaws.com

Software

Apache /

Resource Hash

3f167e823e0a9bc30917d4c2861c24e16be0253ecdccccd45ebbb1abab1c37b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://go.payreq.com/portal/customer/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 15:36:23 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Tue, 31 Jan 2023 23:43:36 GMT
server: Apache
content-encoding: gzip
vary: Accept-Encoding
content-type: text/javascript
content-length: 1254

GET
H2 200 3.8483bd79.chunk.js Show response
go.payreq.com/payreq-ui/static/js/ 2 MB
706 KB 296ms
295ms Script
text/javascript 54.66.239.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://go.payreq.com/payreq-ui/static/js/3.8483bd79.chunk.js

Requested by

Host: go.payreq.com
URL: https://go.payreq.com/portal/customer/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.66.239.15 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-66-239-15.ap-southeast-2.compute.amazonaws.com

Software

Apache /

Resource Hash

583ba6f32f329355102afdbd92b2a0f9e094b635d43f75f93dc34ea2747317b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://go.payreq.com/portal/customer/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 15:36:23 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Tue, 31 Jan 2023 23:43:36 GMT
server: Apache
content-encoding: gzip
vary: Accept-Encoding
content-type: text/javascript

GET
H2 200 main.405d6621.chunk.js Show response
go.payreq.com/payreq-ui/static/js/ 664 KB
149 KB 103ms
103ms Script
text/javascript 54.66.239.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://go.payreq.com/payreq-ui/static/js/main.405d6621.chunk.js

Requested by

Host: go.payreq.com
URL: https://go.payreq.com/portal/customer/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.66.239.15 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-66-239-15.ap-southeast-2.compute.amazonaws.com

Software

Apache /

Resource Hash

369008f20f2b79d2f5c2c66e3c99c1154af7e0368c61e33fa4eaddd92b6a5253

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://go.payreq.com/portal/customer/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 15:36:23 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Tue, 31 Jan 2023 23:43:36 GMT
server: Apache
content-encoding: gzip
vary: Accept-Encoding
content-type: text/javascript

GET
H2 200 pdf.worker.entry.3a6c78dc.worker.js
go.payreq.com/payreq-ui/static/js/ 668 KB
193 KB 103ms
102ms Other
text/javascript 54.66.239.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://go.payreq.com/payreq-ui/static/js/pdf.worker.entry.3a6c78dc.worker.js

Requested by

Host: go.payreq.com
URL: https://go.payreq.com/portal/customer/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.66.239.15 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-66-239-15.ap-southeast-2.compute.amazonaws.com

Software

Apache /

Resource Hash

aaf0c69a23353a8a5ecc9693860940f1c39a847d74fbb6961d4309deba8c2887

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://go.payreq.com/portal/customer/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 15:36:24 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Tue, 31 Jan 2023 23:43:36 GMT
server: Apache
content-encoding: gzip
vary: Accept-Encoding
content-type: text/javascript

GET
H2 200 login-session Show response
go.payreq.com/auth/ 17 B
825 B 102ms
102ms XHR
application/json 54.66.239.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://go.payreq.com/auth/login-session

Requested by

Host: go.payreq.com
URL: https://go.payreq.com/payreq-ui/static/js/3.8483bd79.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.66.239.15 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-66-239-15.ap-southeast-2.compute.amazonaws.com

Software

Apache /

Resource Hash

06e5f7e2d702e0110271dd33c198e1f312a785bcf41ca4fbed2fa6d67722dc03

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' .cloudflare.com .paydock.com cdn.datatables.net cdn.zingchart.com fonts.gstatic.com blob:; img-src * data: https:; style-src 'unsafe-inline' 'self' fonts.googleapis.com; frame-ancestors 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Cache-Control: no-store
Referer: https://go.payreq.com/portal/customer/login
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 15:36:24 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload, max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff
referrer-policy: same-origin
server: Apache
content-security-policy: default-src 'self' 'unsafe-eval' *.cloudflare.com *.paydock.com cdn.datatables.net cdn.zingchart.com fonts.gstatic.com blob:; img-src * data: https:; style-src 'unsafe-inline' 'self' fonts.googleapis.com; frame-ancestors 'none'
x-frame-options: sameorigin
content-type: application/json;charset=utf-8
cache-control: no-cache,no-store
permissions-policy: sync-xhr=(), sync-script=(), encrypted-media=(), document-domain=(), display-capture=(), midi=(), microphone=(), autoplay=(), camera=(), usb=(), geolocation=(), ambient-light-sensor=(), accelerometer=(), vibrate=(), payment=(), magnetometer=(), gyroscope=(), fullscreen=()
content-length: 17
x-xss-protection: 1; mode=block

GET
H2 200 csrf Show response
go.payreq.com/sys/ 92 B
842 B 100ms
99ms XHR
application/json 54.66.239.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://go.payreq.com/sys/csrf

Requested by

Host: go.payreq.com
URL: https://go.payreq.com/payreq-ui/static/js/3.8483bd79.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.66.239.15 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-66-239-15.ap-southeast-2.compute.amazonaws.com

Software

Apache /

Resource Hash

8aeec3acf17ef34971cace453bbfce354ac1fdeb0219163d2bc7a1dec156db10

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' .cloudflare.com .paydock.com cdn.datatables.net cdn.zingchart.com fonts.gstatic.com blob:; img-src * data: https:; style-src 'unsafe-inline' 'self' fonts.googleapis.com; frame-ancestors 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Cache-Control: no-store
Referer: https://go.payreq.com/portal/customer/login
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 15:36:24 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload, max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff
referrer-policy: same-origin
server: Apache
content-security-policy: default-src 'self' 'unsafe-eval' *.cloudflare.com *.paydock.com cdn.datatables.net cdn.zingchart.com fonts.gstatic.com blob:; img-src * data: https:; style-src 'unsafe-inline' 'self' fonts.googleapis.com; frame-ancestors 'none'
x-frame-options: sameorigin
content-type: application/json;charset=utf-8
cache-control: no-cache,no-store
permissions-policy: sync-xhr=(), sync-script=(), encrypted-media=(), document-domain=(), display-capture=(), midi=(), microphone=(), autoplay=(), camera=(), usb=(), geolocation=(), ambient-light-sensor=(), accelerometer=(), vibrate=(), payment=(), magnetometer=(), gyroscope=(), fullscreen=()
content-length: 92
x-xss-protection: 1; mode=block

GET
H2 200 config Show response
go.payreq.com/sys/ 827 B
2 KB 101ms
101ms XHR
application/json 54.66.239.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://go.payreq.com/sys/config

Requested by

Host: go.payreq.com
URL: https://go.payreq.com/payreq-ui/static/js/3.8483bd79.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.66.239.15 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-66-239-15.ap-southeast-2.compute.amazonaws.com

Software

Apache /

Resource Hash

63f66e1a42fbc3469bff51267f6357d32f83e70d8dbb2a3731aaa74be1635790

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' .cloudflare.com .paydock.com cdn.datatables.net cdn.zingchart.com fonts.gstatic.com blob:; img-src * data: https:; style-src 'unsafe-inline' 'self' fonts.googleapis.com; frame-ancestors 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Cache-Control: no-store
Referer: https://go.payreq.com/portal/customer/login
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 15:36:24 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload, max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff
referrer-policy: same-origin
server: Apache
content-security-policy: default-src 'self' 'unsafe-eval' *.cloudflare.com *.paydock.com cdn.datatables.net cdn.zingchart.com fonts.gstatic.com blob:; img-src * data: https:; style-src 'unsafe-inline' 'self' fonts.googleapis.com; frame-ancestors 'none'
x-frame-options: sameorigin
content-type: application/json;charset=utf-8
cache-control: no-cache,no-store
permissions-policy: sync-xhr=(), sync-script=(), encrypted-media=(), document-domain=(), display-capture=(), midi=(), microphone=(), autoplay=(), camera=(), usb=(), geolocation=(), ambient-light-sensor=(), accelerometer=(), vibrate=(), payment=(), magnetometer=(), gyroscope=(), fullscreen=()
content-length: 827
x-xss-protection: 1; mode=block

GET
H2 200 payreq-logo-no-tagline.f869ec8c.png
go.payreq.com/payreq-ui/static/media/ 97 KB
95 KB 100ms
100ms Image
image/png 54.66.239.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.payreq.com/payreq-ui/static/media/payreq-logo-no-tagline.f869ec8c.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.66.239.15 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-66-239-15.ap-southeast-2.compute.amazonaws.com

Software

Apache /

Resource Hash

6779fe466b8da36b3d06dd56e5e9e08be6f3b1f2bbc96fbce00824b8bc9ba34b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://go.payreq.com/portal/customer/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 15:36:24 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Tue, 31 Jan 2023 23:43:36 GMT
server: Apache
content-encoding: gzip
vary: Accept-Encoding
content-type: image/png

GET
H2 200 xero-sso.js Show response
go.payreq.com/payreq-ui/ 22 KB
9 KB 100ms
100ms Script
text/javascript 54.66.239.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://go.payreq.com/payreq-ui/xero-sso.js

Requested by

Host: go.payreq.com
URL: https://go.payreq.com/payreq-ui/static/js/3.8483bd79.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.66.239.15 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-66-239-15.ap-southeast-2.compute.amazonaws.com

Software

Apache /

Resource Hash

8e7b5f03f0b2548f48c65bcda2449255e5f8a54945f9f7d67e37f872ffa45f6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://go.payreq.com/portal/customer/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 15:36:24 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Tue, 31 Jan 2023 23:43:36 GMT
server: Apache
content-encoding: gzip
vary: Accept-Encoding
content-type: text/javascript

GET
H2 200 7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v28/ 30 KB
31 KB 665ms
221ms Font
font/woff2 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,400i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://go.payreq.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 07:04:08 GMT
x-content-type-options: nosniff
age: 376337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31196
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:43:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Jan 2024 07:04:08 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c7317e80346f76c60b9a00704fad2a9b8003a2910d8117a08dec39cb91ca1e4f

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			go.payreq.com/	1969-12-31 23:59:59	Name: id Value: %3A2a93276c-afb2-4e75-bf01-c0f85ec732c7

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'sync-script'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'vibrate'.
security	error	URL: https://go.payreq.com/payreq-ui/xero-sso.js Message: Refused to connect to 'https://telemetry.ext.platformdevelopment.xero.com/' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-eval' .cloudflare.com .paydock.com cdn.datatables.net cdn.zingchart.com fonts.gstatic.com blob:". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' .cloudflare.com .paydock.com cdn.datatables.net cdn.zingchart.com fonts.gstatic.com blob:; img-src * data: https:; style-src 'unsafe-inline' 'self' fonts.googleapis.com; frame-ancestors 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
go.payreq.com
142.250.4.95
142.251.10.94
54.66.239.15
06e5f7e2d702e0110271dd33c198e1f312a785bcf41ca4fbed2fa6d67722dc03
2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc
369008f20f2b79d2f5c2c66e3c99c1154af7e0368c61e33fa4eaddd92b6a5253
3f167e823e0a9bc30917d4c2861c24e16be0253ecdccccd45ebbb1abab1c37b1
4322a8c86cf8677857deb12a63f5a7a53acc1900ceb33d20cf81dc4ef3b58331
51d58e6d50d580e6cb9d2560415b89c054483595442606333345934819ef6178
583ba6f32f329355102afdbd92b2a0f9e094b635d43f75f93dc34ea2747317b5
63f66e1a42fbc3469bff51267f6357d32f83e70d8dbb2a3731aaa74be1635790
6779fe466b8da36b3d06dd56e5e9e08be6f3b1f2bbc96fbce00824b8bc9ba34b
8aeec3acf17ef34971cace453bbfce354ac1fdeb0219163d2bc7a1dec156db10
8e7b5f03f0b2548f48c65bcda2449255e5f8a54945f9f7d67e37f872ffa45f6f
aaf0c69a23353a8a5ecc9693860940f1c39a847d74fbb6961d4309deba8c2887
c7317e80346f76c60b9a00704fad2a9b8003a2910d8117a08dec39cb91ca1e4f
d2813d3baf2e73f03d989aa30de583ffedd3faf359ca446d96c545486ef65bc1
ea9963bf2bfde97ea663e804d6e87d1d86336b45b687ac8a78cbc55d0d072e79

go.payreq.com Open in urlscan Pro 54.66.239.15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

4 IPs

2 Countries

1273 kBTransfer

3773 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

1 Cookies

4 Console Messages

Security Headers

Indicators

go.payreq.com Open in urlscan Pro
54.66.239.15 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

1273 kB
Transfer

3773 kB
Size

1
Cookies

14 HTTP transactions
1 data transactions