app.bnbpay.io Open in urlscan Pro
18.65.168.85  Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response app.bnbpay.io/	3 KB 2 KB	34ms 5ms	Document text/html	18.65.168.85 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.bnbpay.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.168.85 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-168-85.nrt57.r.cloudfront.net Software AmazonS3 / Resource Hash 2cc8712a81081d25fd9705f6ae2430bbcd2bf07147204fea16819332de78f62d Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers age 27 content-encoding gzip content-type text/html date Wed, 13 Nov 2024 09:20:13 GMT etag W/"c1121efa5d78dbafd6d364976512dd79" last-modified Wed, 01 Sep 2021 07:03:19 GMT server AmazonS3 vary accept-encoding via 1.1 4e4e6580839c116fc05c7f025b001a08.cloudfront.net (CloudFront) x-amz-cf-id w2UXMey6UnMNEQUrnII5y-rV4cHgB1zq3TziOV8noml7JwYsxKNPlA== x-amz-cf-pop NRT57-P1 x-cache Hit from cloudfront
GET H2	200	style.css app.bnbpay.io/css/	3 KB 2 KB	366ms 365ms	Stylesheet text/html	18.65.168.85 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.bnbpay.io/css/style.css Requested by Host: app.bnbpay.io URL: https://app.bnbpay.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.168.85 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-168-85.nrt57.r.cloudfront.net Software AmazonS3 / Resource Hash 2cc8712a81081d25fd9705f6ae2430bbcd2bf07147204fea16819332de78f62d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://app.bnbpay.io/ Response headers content-encoding gzip etag W/"c1121efa5d78dbafd6d364976512dd79" age 27 via 1.1 4e4e6580839c116fc05c7f025b001a08.cloudfront.net (CloudFront) x-cache Error from cloudfront x-amz-cf-id 01X1tpDcHxAXsPE3nol5Kj2xDJCB9f9_pT-Ft9dwfrD95bq3HxphTQ== date Wed, 13 Nov 2024 09:20:13 GMT content-type text/html last-modified Wed, 01 Sep 2021 07:03:19 GMT server AmazonS3 x-amz-cf-pop NRT57-P1 vary accept-encoding
GET H2	200	2.56bb3380.chunk.css app.bnbpay.io/static/css/	2 KB 1 KB	7ms 6ms	Stylesheet text/css	18.65.168.85 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.bnbpay.io/static/css/2.56bb3380.chunk.css Requested by Host: app.bnbpay.io URL: https://app.bnbpay.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.168.85 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-168-85.nrt57.r.cloudfront.net Software AmazonS3 / Resource Hash 73b4f74e2c318a4d80ba5292637abf56ed7816f3cdbeb54a9042c2205b8842b5 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://app.bnbpay.io/ Response headers content-encoding gzip etag W/"e5dca181ee77cbe107ee77b9d9f94d19" age 14510 via 1.1 4e4e6580839c116fc05c7f025b001a08.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id y41YaE86H31e9Yro08M_SLdSfxUPrReRMkQrXxcyiw7bBkRUJ8drnA== date Wed, 13 Nov 2024 05:18:50 GMT content-type text/css last-modified Wed, 01 Sep 2021 07:03:20 GMT server AmazonS3 x-amz-cf-pop NRT57-P1 vary accept-encoding
GET H2	200	main.b72478cb.chunk.css app.bnbpay.io/static/css/	423 KB 74 KB	8ms 7ms	Stylesheet text/css	18.65.168.85 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.bnbpay.io/static/css/main.b72478cb.chunk.css Requested by Host: app.bnbpay.io URL: https://app.bnbpay.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.168.85 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-168-85.nrt57.r.cloudfront.net Software AmazonS3 / Resource Hash fadffea7bbba4ea82b6424bede4637e2fa3352ed21a68fbc283018d529a25f2c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://app.bnbpay.io/ Response headers content-encoding gzip etag W/"4cc10a0dae1e4ec2e008ea27ae29b4bc" age 14510 via 1.1 4e4e6580839c116fc05c7f025b001a08.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id X_kVo86ZAP72O9RryK24lT7wgEraTV58dxE4h33LlUwt7keiso44PQ== date Wed, 13 Nov 2024 05:18:50 GMT content-type text/css last-modified Wed, 01 Sep 2021 07:03:20 GMT server AmazonS3 x-amz-cf-pop NRT57-P1 vary accept-encoding
GET H2	200	2.1a00ebff.chunk.js Show response app.bnbpay.io/static/js/	3 MB 1010 KB	12ms 11ms	Script application/javascript	18.65.168.85 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.bnbpay.io/static/js/2.1a00ebff.chunk.js Requested by Host: app.bnbpay.io URL: https://app.bnbpay.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.168.85 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-168-85.nrt57.r.cloudfront.net Software AmazonS3 / Resource Hash 06e01bb911aa446fbf1b6009cbf8f9a57da56daaf22028c1f5db3d30689e6469 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://app.bnbpay.io/ Response headers content-encoding gzip etag W/"b9a91bcc8149b4e2ffc28fd47fb49aa2" age 14510 via 1.1 4e4e6580839c116fc05c7f025b001a08.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id 1RDAmtonkykGcupQwTo9Kaga1y_lCWTVvWByR-WDnBnaHBQtJOHzdQ== date Wed, 13 Nov 2024 05:18:50 GMT content-type application/javascript last-modified Wed, 01 Sep 2021 07:03:24 GMT server AmazonS3 x-amz-cf-pop NRT57-P1 vary accept-encoding
GET H2	200	main.013b7449.chunk.js Show response app.bnbpay.io/static/js/	40 KB 18 KB	34ms 33ms	Script application/javascript	18.65.168.85 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.bnbpay.io/static/js/main.013b7449.chunk.js Requested by Host: app.bnbpay.io URL: https://app.bnbpay.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.168.85 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-168-85.nrt57.r.cloudfront.net Software AmazonS3 / Resource Hash 1ef2ab64ce8817e4f5c57afb8896f3fae16bcce98d0d4a4f9b3b1dec98b92546 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://app.bnbpay.io/ Response headers content-encoding gzip etag W/"00abc17b9efb797e2f324a86b4242f7d" age 14510 via 1.1 4e4e6580839c116fc05c7f025b001a08.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id RmfvEorJN7jkkeUit5OTVGJ-zOe-IKNVMzEkdPgNjhpYWtLPP0UVfg== date Wed, 13 Nov 2024 05:18:50 GMT content-type application/javascript last-modified Wed, 01 Sep 2021 07:03:21 GMT server AmazonS3 x-amz-cf-pop NRT57-P1 vary accept-encoding
GET H2	200	css2 fonts.googleapis.com/	2 KB 907 B	94ms 40ms	Stylesheet text/css	2404:6800:4004:81d::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;700&display=swap Requested by Host: app.bnbpay.io URL: https://app.bnbpay.io/static/css/main.b72478cb.chunk.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:81d::200a , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 052e4409d1a0a7e68bd618738c995d7c0b08592e12ea157d0503bdc2293ad0ca Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://app.bnbpay.io/ Response headers content-encoding gzip x-content-type-options nosniff expires Wed, 13 Nov 2024 09:20:39 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 13 Nov 2024 09:20:39 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Wed, 13 Nov 2024 09:18:24 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	iframe_api Show response www.youtube.com/	993 B 2 KB	99ms 50ms	Script text/javascript	2404:6800:4004:81d::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/iframe_api Requested by Host: app.bnbpay.io URL: https://app.bnbpay.io/static/js/2.1a00ebff.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:81d::200e , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash fa3e89be8ce6a52f0117252d0851f0050979afb7d227cff950c3c1101e2927dd Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script' Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://app.bnbpay.io/ Response headers content-encoding br report-to {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} x-content-type-options nosniff origin-trial AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9 expires Wed, 13 Nov 2024 09:20:39 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=ja for more info." date Wed, 13 Nov 2024 09:20:39 GMT content-type text/javascript; charset=utf-8 vary Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 content-security-policy require-trusted-types-for 'script' cache-control private, max-age=0 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-resource-policy cross-origin permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* cross-origin-opener-policy-report-only same-origin; report-to="youtube_main" x-xss-protection 0 server ESF
GET DATA	200 OK	truncated /	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4d17514e4c6ec3082d1321979a48ca6975a2fa1682a8e633a320fcff5e1a67c2 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET H2	200	PjoJoG27miSglVBXoXrxBSLveV6e3EeBPpNY55aiUUBM9Q1RCETKCOqdOkX2ZydqVf0 play-lh.googleusercontent.com/	42 KB 43 KB	59ms 2ms	Image image/jpeg	2404:6800:4004:811::2016 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://play-lh.googleusercontent.com/PjoJoG27miSglVBXoXrxBSLveV6e3EeBPpNY55aiUUBM9Q1RCETKCOqdOkX2ZydqVf0 Requested by Host: app.bnbpay.io URL: https://app.bnbpay.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:811::2016 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 39d78fc2e8f26aca8d00da924af93d30133d1f871bfa03a1b8a1dd9fc6a94ccd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://app.bnbpay.io/ Response headers access-control-expose-headers Content-Length etag "v1" age 919 x-content-type-options nosniff expires Thu, 14 Nov 2024 09:05:20 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 13 Nov 2024 09:05:20 GMT content-disposition inline;filename="unnamed.jpg" content-type image/jpeg vary Origin cache-control public, max-age=86400, no-transform timing-allow-origin * access-control-allow-origin * content-length 43441 x-xss-protection 0 server fife
GET H2	200	logo_bl.e90eae44.png app.bnbpay.io/static/media/	19 KB 19 KB	5ms 4ms	Image image/png	18.65.168.85 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://app.bnbpay.io/static/media/logo_bl.e90eae44.png Requested by Host: app.bnbpay.io URL: https://app.bnbpay.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.168.85 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-168-85.nrt57.r.cloudfront.net Software AmazonS3 / Resource Hash 9f870f7cd2d3bacf547396f619a8d459d67adf308e98972834bc320e252f49c9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://app.bnbpay.io/ Response headers etag "e9c06c52603102132cef74d44ab65f7d" age 14508 via 1.1 4e4e6580839c116fc05c7f025b001a08.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 19318 x-amz-cf-id 3EAU-Ui33754T_5_cSc4o9XplC7KI50Vc3dyvF2z-CBoq-vRn5EnbQ== date Wed, 13 Nov 2024 05:18:52 GMT content-type image/png last-modified Wed, 01 Sep 2021 07:03:09 GMT server AmazonS3 x-amz-cf-pop NRT57-P1
GET H3	200	pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v21/	8 KB 8 KB	51ms 5ms	Font font/woff2	142.250.196.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;700&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.196.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt12s35-in-f3.1e100.net Software sffe / Resource Hash 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://app.bnbpay.io Referer https://fonts.googleapis.com/ Response headers age 397041 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Sat, 08 Nov 2025 19:03:18 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 08 Nov 2024 19:03:18 GMT last-modified Fri, 22 Mar 2024 00:00:32 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 7816 x-xss-protection 0 server sffe
GET H3	200	pxiEyp8kv8JHgFVrJJfecg.woff2 fonts.gstatic.com/s/poppins/v21/	8 KB 8 KB	50ms 5ms	Font font/woff2	142.250.196.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;700&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.196.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt12s35-in-f3.1e100.net Software sffe / Resource Hash 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://app.bnbpay.io Referer https://fonts.googleapis.com/ Response headers age 397743 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Sat, 08 Nov 2025 18:51:36 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 08 Nov 2024 18:51:36 GMT last-modified Fri, 22 Mar 2024 00:00:38 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 7884 x-xss-protection 0 server sffe
GET H3	200	pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v21/	8 KB 8 KB	51ms 6ms	Font font/woff2	142.250.196.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;700&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.196.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt12s35-in-f3.1e100.net Software sffe / Resource Hash cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://app.bnbpay.io Referer https://fonts.googleapis.com/ Response headers age 363751 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Sun, 09 Nov 2025 04:18:08 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 09 Nov 2024 04:18:08 GMT last-modified Fri, 22 Mar 2024 00:01:14 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 7748 x-xss-protection 0 server sffe
GET H2	200	materialdesignicons-webfont.cf402089.woff2 app.bnbpay.io/static/media/	129 KB 130 KB	6ms 5ms	Font binary/octet-stream	18.65.168.85 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.bnbpay.io/static/media/materialdesignicons-webfont.cf402089.woff2 Requested by Host: app.bnbpay.io URL: https://app.bnbpay.io/static/css/main.b72478cb.chunk.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.168.85 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-168-85.nrt57.r.cloudfront.net Software AmazonS3 / Resource Hash c0d9828ac48697f70166653f72d05e4e29eb8b256cc541add443e080a8b37beb Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://app.bnbpay.io Referer https://app.bnbpay.io/static/css/main.b72478cb.chunk.css Response headers etag "098aafda4b974d4a6432c25c0e7b59a3" age 14508 via 1.1 4e4e6580839c116fc05c7f025b001a08.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 132144 x-amz-cf-id YUUDthRnZF6rbYFRZqcRp2mor7wKDSUT8Pe1XEHJFAU7NNKTSuECLw== date Wed, 13 Nov 2024 05:18:52 GMT content-type binary/octet-stream last-modified Wed, 01 Sep 2021 07:03:07 GMT server AmazonS3 x-amz-cf-pop NRT57-P1
GET H2	200	fontawesome-webfont3e6e.20fd1704.woff2 app.bnbpay.io/static/media/	75 KB 76 KB	6ms 5ms	Font binary/octet-stream	18.65.168.85 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.bnbpay.io/static/media/fontawesome-webfont3e6e.20fd1704.woff2 Requested by Host: app.bnbpay.io URL: https://app.bnbpay.io/static/css/main.b72478cb.chunk.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.168.85 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-168-85.nrt57.r.cloudfront.net Software AmazonS3 / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://app.bnbpay.io Referer https://app.bnbpay.io/static/css/main.b72478cb.chunk.css Response headers etag "af7ae505a9eed503f8b8e6982036873e" age 14508 via 1.1 4e4e6580839c116fc05c7f025b001a08.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 77160 x-amz-cf-id 8CD7OJ-76wLHOjXlWiLbQiqlwAukYgothfHZlqa4d65-JKh7m82wlA== date Wed, 13 Nov 2024 05:18:52 GMT content-type binary/octet-stream last-modified Wed, 01 Sep 2021 07:03:13 GMT server AmazonS3 x-amz-cf-pop NRT57-P1
OPTIONS H2	200	stats2 api.bnbpay.io/ Frame	0 0	226ms 77ms	Preflight application/json	65.9.42.102 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.bnbpay.io/stats2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.42.102 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-42-102.nrt12.r.cloudfront.net Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://app.bnbpay.io Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers access-control-allow-headers Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token access-control-allow-methods GET,OPTIONS access-control-allow-origin * content-length 0 content-type application/json date Wed, 13 Nov 2024 09:20:39 GMT via 1.1 89a79abdcd1ed6464a36bc9e0c9decdc.cloudfront.net (CloudFront) x-amz-apigw-id BLZYSEUPyQ0ETtw= x-amz-cf-id NNvD5cfmUyo8mqU0HWRDHmqjtEhwOrVCT6k3SLPYajwBk_pkqiw1TA== x-amz-cf-pop NRT12-C5 x-amzn-requestid 4e9f8f46-6db5-4ffb-a3a5-e039006f5dd5 x-cache Miss from cloudfront
GET H2	200	stats2 Show response api.bnbpay.io/	4 B 403 B	1474ms 1474ms	Fetch application/json	65.9.42.102 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.bnbpay.io/stats2 Requested by Host: app.bnbpay.io URL: https://app.bnbpay.io/static/js/main.013b7449.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.42.102 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-42-102.nrt12.r.cloudfront.net Software / Resource Hash 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type application/json Referer https://app.bnbpay.io/ Response headers x-amz-apigw-id BLZYUHq5yQ0ERsA= x-amzn-trace-id Root=1-67346f68-47876932299910c4135b6479;Parent=0224c672d4e188f0;Sampled=0;Lineage=1:bde4cfed:0 x-amzn-requestid db85a837-2f24-4d6e-b2dc-472e5dec7797 via 1.1 89a79abdcd1ed6464a36bc9e0c9decdc.cloudfront.net (CloudFront) access-control-allow-origin * x-cache Miss from cloudfront content-length 4 x-amz-cf-id uFc-0ewgGKPM9stVg1gYYRGMdvB8Xb8MjolzxBDiS2XkzlmB6DHh_Q== date Wed, 13 Nov 2024 09:20:41 GMT content-type application/json x-amz-cf-pop NRT12-C5
GET		embed.js widget.nomics.com/	0 0
GET H2	200	www-widgetapi.js Show response www.youtube.com/s/player/28f14d97/www-widgetapi.vflset/	30 KB 10 KB	3ms 3ms	Script text/javascript	2404:6800:4004:81d::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/28f14d97/www-widgetapi.vflset/www-widgetapi.js Requested by Host: www.youtube.com URL: https://www.youtube.com/iframe_api Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:81d::200e , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ab729c30cf1f421e9f8d2f9d8a6f5981fc906e90da32d5a46c7cbbf251fe8af3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://app.bnbpay.io/ Response headers content-encoding br age 175752 report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} x-content-type-options nosniff expires Tue, 11 Nov 2025 08:31:27 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 11 Nov 2024 08:31:27 GMT last-modified Mon, 11 Nov 2024 05:13:04 GMT content-type text/javascript vary Accept-Encoding, Origin cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" content-length 10157 x-xss-protection 0 server sffe
GET H2	200	cxmQfzPNEjY www.youtube.com/embed/ Frame ABD1	0 0	148ms 112ms	Document text/html	2404:6800:4004:822::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/embed/cxmQfzPNEjY?autoplay=1&loop=1&playlist=cxmQfzPNEjY&enablejsapi=1&origin=https%3A%2F%2Fapp.bnbpay.io&widgetid=1 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/28f14d97/www-widgetapi.vflset/www-widgetapi.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script' Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://app.bnbpay.io/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding br content-security-policy require-trusted-types-for 'script' content-type text/html; charset=utf-8 cross-origin-opener-policy-report-only same-origin; report-to="youtube_main" cross-origin-resource-policy cross-origin date Wed, 13 Nov 2024 09:20:39 GMT expires Mon, 01 Jan 1990 00:00:00 GMT origin-trial AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9 permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* pragma no-cache report-to {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} server ESF strict-transport-security max-age=31536000 vary Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-content-type-options nosniff x-xss-protection 0
GET H2	200	mq2.jpg i.ytimg.com/vi/cxmQfzPNEjY/	4 KB 5 KB	114ms 70ms	Other image/jpeg	2404:6800:4004:826::2016 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://i.ytimg.com/vi/cxmQfzPNEjY/mq2.jpg?sqp=-oaymwEoCMACELQB8quKqQMcGADwAQH4AcoCgALQBYoCDAgAEAEYMCA4KH8wDw==&rs=AOn4CLDFOk57I1s0kxmhj4eZgoad6LFAog Requested by Host: app.bnbpay.io URL: https://app.bnbpay.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:826::2016 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8e4ba06ac81e8175a2fdf3698cd8a37f6a400cc6d8b8c483f759ad2e197f9071 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://app.bnbpay.io/ Response headers etag "1688308685" report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} x-content-type-options nosniff expires Wed, 13 Nov 2024 11:20:40 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 13 Nov 2024 09:20:40 GMT content-type image/jpeg vary Origin cache-control public, max-age=7200 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" content-length 4281 x-xss-protection 0 server sffe
GET H2	200	favicon.ico app.bnbpay.io/	17 KB 17 KB	6ms 6ms	Other image/x-icon	18.65.168.85 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.bnbpay.io/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.168.85 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-168-85.nrt57.r.cloudfront.net Software AmazonS3 / Resource Hash 477e5d579b9578e8fa2454e2ee3854e9d3988c29ceb51358bb8e35ad98e53266 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://app.bnbpay.io/ Response headers etag "d5f75fe1c8e4dbbbff33b7752fe571de" age 14507 via 1.1 4e4e6580839c116fc05c7f025b001a08.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 16958 x-amz-cf-id Rc9PWa5ZcdySGZDFSwLJrolzMmYMV9cLrGX_nZk9hxaG8P8s8a3tTg== date Wed, 13 Nov 2024 05:18:54 GMT content-type image/x-icon last-modified Wed, 01 Sep 2021 07:03:18 GMT server AmazonS3 x-amz-cf-pop NRT57-P1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

widget.nomics.com

URL

https://widget.nomics.com/embed.js

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| webpackJsonpfrontend object| regeneratorRuntime function| setImmediate function| clearImmediate function| WalletLink function| WalletLinkProvider function| updateWeb3Modal object| TreemapSquared function| SVG function| addResizeListener function| removeResizeListener object| Apex function| ApexCharts function| onYouTubeIframeAPIReady object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| web3

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: K7rrcoKgW8I
			.youtube.com/	1970-01-21 05:17:21	Name: VISITOR_INFO1_LIVE Value: b5Fuq5NbxH4
			.youtube.com/	1970-01-21 05:17:21	Name: VISITOR_PRIVACY_METADATA Value: CgJKUBIEGgAgbQ%3D%3D

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.youtube.com/s/player/28f14d97/www-widgetapi.vflset/www-widgetapi.js(Line 192) Message: Unrecognized feature: 'web-share'.
network	error	URL: https://widget.nomics.com/embed.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.bnbpay.io
app.bnbpay.io
fonts.googleapis.com
fonts.gstatic.com
i.ytimg.com
play-lh.googleusercontent.com
widget.nomics.com
www.youtube.com
widget.nomics.com
142.250.196.99
18.65.168.85
2404:6800:4004:811::2016
2404:6800:4004:81d::200a
2404:6800:4004:81d::200e
2404:6800:4004:822::200e
2404:6800:4004:826::2016
65.9.42.102
052e4409d1a0a7e68bd618738c995d7c0b08592e12ea157d0503bdc2293ad0ca
06e01bb911aa446fbf1b6009cbf8f9a57da56daaf22028c1f5db3d30689e6469
1ef2ab64ce8817e4f5c57afb8896f3fae16bcce98d0d4a4f9b3b1dec98b92546
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2cc8712a81081d25fd9705f6ae2430bbcd2bf07147204fea16819332de78f62d
39d78fc2e8f26aca8d00da924af93d30133d1f871bfa03a1b8a1dd9fc6a94ccd
477e5d579b9578e8fa2454e2ee3854e9d3988c29ceb51358bb8e35ad98e53266
4d17514e4c6ec3082d1321979a48ca6975a2fa1682a8e633a320fcff5e1a67c2
73b4f74e2c318a4d80ba5292637abf56ed7816f3cdbeb54a9042c2205b8842b5
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8e4ba06ac81e8175a2fdf3698cd8a37f6a400cc6d8b8c483f759ad2e197f9071
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9f870f7cd2d3bacf547396f619a8d459d67adf308e98972834bc320e252f49c9
ab729c30cf1f421e9f8d2f9d8a6f5981fc906e90da32d5a46c7cbbf251fe8af3
c0d9828ac48697f70166653f72d05e4e29eb8b256cc541add443e080a8b37beb
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
fa3e89be8ce6a52f0117252d0851f0050979afb7d227cff950c3c1101e2927dd
fadffea7bbba4ea82b6424bede4637e2fa3352ed21a68fbc283018d529a25f2c