bnpl-widget-sandbox.grailpay.com Open in urlscan Pro
2606:4700:20::681a:785 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bnpl-widget-sandbox.grailpay.com/
Submission: On December 20 via api (December 20th 2023, 8:47:53 pm UTC) from US — Scanned from US

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 16 HTTP transactions. The main IP is 2606:4700:20::681a:785, located in United States and belongs to CLOUDFLARENET, US. The main domain is bnpl-widget-sandbox.grailpay.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 7th 2023. Valid for: a year.

This is the only time bnpl-widget-sandbox.grailpay.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
16	2606:4700:20:... 2606:4700:20::681a:785		13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	1

16 2606:4700:20::681a:785 (United States)

ASN13335 (CLOUDFLARENET, US)

bnpl-widget-sandbox.grailpay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	grailpay.com bnpl-widget-sandbox.grailpay.com	268 KB
16	1

	Domain	Requested by
16	bnpl-widget-sandbox.grailpay.com	bnpl-widget-sandbox.grailpay.com
16	1

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-07` - `2024-03-06`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://bnpl-widget-sandbox.grailpay.com/
Frame ID: 52CA1D57B0A7427D36193CDC57264BE4
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BNPL

Page Statistics

16
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

268 kB
Transfer

645 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
bnpl-widget-sandbox.grailpay.com/ 4 KB
3 KB 297ms
132ms Document
text/html 2606:4700:20::681a:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bnpl-widget-sandbox.grailpay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d0bcc263a6c9a224847c87a4cdc3b12440c2107ba3434e45f7dbd84b2c5df96

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self';font-src 'self';frame-src 'self';img-src 'self' data:;script-src 'strict-dynamic' 'self' 'nonce-1d9f6b8c5b1e8f9922f4273a996225d2';script-src-attr 'nonce-1d9f6b8c5b1e8f9922f4273a996225d2';default-src 'self';base-uri 'self';form-action 'self';frame-ancestors 'self';object-src 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 838abe1a39f341ff-EWR
content-encoding: br
content-security-policy: connect-src 'self';font-src 'self';frame-src 'self';img-src 'self' data:;script-src 'strict-dynamic' 'self' 'nonce-1d9f6b8c5b1e8f9922f4273a996225d2';script-src-attr 'nonce-1d9f6b8c5b1e8f9922f4273a996225d2';default-src 'self';base-uri 'self';form-action 'self';frame-ancestors 'self';object-src 'none';style-src 'self' https: 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Wed, 20 Dec 2023 20:47:48 GMT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
origin-agent-cluster: ?1
ratelimit-limit: 10
ratelimit-policy: 10;w=60
ratelimit-remaining: 9
ratelimit-reset: 23
referrer-policy: same-origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1703105268&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=oG4LXEaCC4pcixZsIaJo9JXnzfDA07sfjy05hOVlyFw%3D"}]}
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1703105268&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=oG4LXEaCC4pcixZsIaJo9JXnzfDA07sfjy05hOVlyFw%3D
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
via: 1.1 vegur
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 200 sprite-6F5E4ZZ4.svg
bnpl-widget-sandbox.grailpay.com/build/_assets/ 10 KB
3 KB 73ms
72ms Image
image/svg+xml 2606:4700:20::681a:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bnpl-widget-sandbox.grailpay.com/build/_assets/sprite-6F5E4ZZ4.svg
Requested by: Host: bnpl-widget-sandbox.grailpay.com
URL: https://bnpl-widget-sandbox.grailpay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:785 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95e6cb960bd1e26a05fc5d9e03890d9e8b8516fa6c9acbd5a50f086dd8c9b862

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bnpl-widget-sandbox.grailpay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 20:47:49 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
last-modified: Mon, 11 Dec 2023 15:47:31 GMT
server: cloudflare
etag: W/"275e-18c598fe238"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1703105269&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=xP55IK2pCrh58V24SoZMFbqTA4OXw9Oss%2FLRaucH2I8%3D"}]}
content-type: image/svg+xml
cache-control: public, max-age=14400, immutable
cf-ray: 838abe1b3b4141ff-EWR
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1703105269&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=xP55IK2pCrh58V24SoZMFbqTA4OXw9Oss%2FLRaucH2I8%3D

GET
H2 200 font-CS65BDWU.css
bnpl-widget-sandbox.grailpay.com/build/_assets/ 7 KB
668 B 76ms
75ms Stylesheet
text/css 2606:4700:20::681a:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bnpl-widget-sandbox.grailpay.com/build/_assets/font-CS65BDWU.css
Requested by: Host: bnpl-widget-sandbox.grailpay.com
URL: https://bnpl-widget-sandbox.grailpay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:785 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fec931f99f770c490a430d76b4ae0e60a6466c508b9a4fd83ffe5c4a65de8436

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bnpl-widget-sandbox.grailpay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 20:47:49 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
last-modified: Mon, 11 Dec 2023 15:47:31 GMT
server: cloudflare
etag: W/"1c58-18c598fe238"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1703105269&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=xP55IK2pCrh58V24SoZMFbqTA4OXw9Oss%2FLRaucH2I8%3D"}]}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400, immutable
cf-ray: 838abe1b3b3b41ff-EWR
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1703105269&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=xP55IK2pCrh58V24SoZMFbqTA4OXw9Oss%2FLRaucH2I8%3D

GET
H2 200 tailwind-64S3K3BW.css
bnpl-widget-sandbox.grailpay.com/build/_assets/ 23 KB
5 KB 76ms
76ms Stylesheet
text/css 2606:4700:20::681a:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bnpl-widget-sandbox.grailpay.com/build/_assets/tailwind-64S3K3BW.css
Requested by: Host: bnpl-widget-sandbox.grailpay.com
URL: https://bnpl-widget-sandbox.grailpay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:785 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8dae9981713388c9c0052e7a5e885bf04fb764504cc649b300ded6b53e4a57b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bnpl-widget-sandbox.grailpay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 20:47:49 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
last-modified: Mon, 11 Dec 2023 15:47:31 GMT
server: cloudflare
etag: W/"5d85-18c598fe238"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1703105269&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=xP55IK2pCrh58V24SoZMFbqTA4OXw9Oss%2FLRaucH2I8%3D"}]}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400, immutable
cf-ray: 838abe1b3b4041ff-EWR
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1703105269&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=xP55IK2pCrh58V24SoZMFbqTA4OXw9Oss%2FLRaucH2I8%3D

GET
H2 200 logo-D6JHDG2D.png
bnpl-widget-sandbox.grailpay.com/build/_assets/ 15 KB
15 KB 77ms
76ms Image
image/png 2606:4700:20::681a:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bnpl-widget-sandbox.grailpay.com/build/_assets/logo-D6JHDG2D.png
Requested by: Host: bnpl-widget-sandbox.grailpay.com
URL: https://bnpl-widget-sandbox.grailpay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:785 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0f5489415e8776ddf12d4bcd53a3432604599cb5364663b894824a2df8e9815

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bnpl-widget-sandbox.grailpay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 20:47:49 GMT
via: 1.1 vegur
cf-cache-status: MISS
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
last-modified: Mon, 11 Dec 2023 15:47:31 GMT
server: cloudflare
etag: W/"3c64-18c598fe238"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1703105269&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=xP55IK2pCrh58V24SoZMFbqTA4OXw9Oss%2FLRaucH2I8%3D"}]}
content-type: image/png
cache-control: public, max-age=14400, immutable
accept-ranges: bytes
cf-ray: 838abe1b3b4441ff-EWR
content-length: 15460
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1703105269&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=xP55IK2pCrh58V24SoZMFbqTA4OXw9Oss%2FLRaucH2I8%3D

GET
H2 200 sprite-6F5E4ZZ4.svg
bnpl-widget-sandbox.grailpay.com/build/_assets/ 10 KB
3 KB 96ms
95ms Other
image/svg+xml 2606:4700:20::681a:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bnpl-widget-sandbox.grailpay.com/build/_assets/sprite-6F5E4ZZ4.svg
Requested by: Host: bnpl-widget-sandbox.grailpay.com
URL: https://bnpl-widget-sandbox.grailpay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:785 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95e6cb960bd1e26a05fc5d9e03890d9e8b8516fa6c9acbd5a50f086dd8c9b862

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bnpl-widget-sandbox.grailpay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 20:47:49 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
last-modified: Mon, 11 Dec 2023 15:47:31 GMT
server: cloudflare
age: 0
etag: W/"275e-18c598fe238"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1703105269&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=xP55IK2pCrh58V24SoZMFbqTA4OXw9Oss%2FLRaucH2I8%3D"}]}
content-type: image/svg+xml
cache-control: public, max-age=14400, immutable
cf-ray: 838abe1b3b4541ff-EWR
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1703105269&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=xP55IK2pCrh58V24SoZMFbqTA4OXw9Oss%2FLRaucH2I8%3D

GET
H2 200 manifest-B7700B0E.js Show response
bnpl-widget-sandbox.grailpay.com/build/ 1 KB
506 B 90ms
87ms Script
application/javascript 2606:4700:20::681a:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bnpl-widget-sandbox.grailpay.com/build/manifest-B7700B0E.js
Requested by: Host: bnpl-widget-sandbox.grailpay.com
URL: https://bnpl-widget-sandbox.grailpay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:785 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7adf2f7f0a83f8c36d33fb98086ea6c4f45364f787e39a3e041d26920eff9823

Request headers

Referer
Origin: https://bnpl-widget-sandbox.grailpay.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 20:47:49 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
last-modified: Mon, 11 Dec 2023 15:47:31 GMT
server: cloudflare
etag: W/"568-18c598fe238"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1703105269&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=xP55IK2pCrh58V24SoZMFbqTA4OXw9Oss%2FLRaucH2I8%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400, immutable
cf-ray: 838abe1babd841ff-EWR
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1703105269&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=xP55IK2pCrh58V24SoZMFbqTA4OXw9Oss%2FLRaucH2I8%3D

GET
H2 200 entry.client-RVXBPNKU.js Show response
bnpl-widget-sandbox.grailpay.com/build/ 306 B
321 B 88ms
85ms Script
application/javascript 2606:4700:20::681a:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bnpl-widget-sandbox.grailpay.com/build/entry.client-RVXBPNKU.js
Requested by: Host: bnpl-widget-sandbox.grailpay.com
URL: https://bnpl-widget-sandbox.grailpay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:785 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a5ab952f8992c68c8d3518929d2dc9631597bbd3c7810fc8bd13f7ae4bd6abb

Request headers

Referer
Origin: https://bnpl-widget-sandbox.grailpay.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 20:47:49 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
last-modified: Mon, 11 Dec 2023 15:47:31 GMT
server: cloudflare
etag: W/"132-18c598fe238"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1703105269&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=xP55IK2pCrh58V24SoZMFbqTA4OXw9Oss%2FLRaucH2I8%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400, immutable
cf-ray: 838abe1babdb41ff-EWR
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1703105269&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=xP55IK2pCrh58V24SoZMFbqTA4OXw9Oss%2FLRaucH2I8%3D

GET
H2 200 chunk-UAF7RTVN.js Show response
bnpl-widget-sandbox.grailpay.com/build/_shared/ 230 KB
74 KB 99ms
96ms Script
application/javascript 2606:4700:20::681a:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bnpl-widget-sandbox.grailpay.com/build/_shared/chunk-UAF7RTVN.js
Requested by: Host: bnpl-widget-sandbox.grailpay.com
URL: https://bnpl-widget-sandbox.grailpay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:785 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ffb792227691072906c7ded14ec01afe6931891393843df7902d0f1b71ab023

Request headers

Referer
Origin: https://bnpl-widget-sandbox.grailpay.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 20:47:49 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
last-modified: Mon, 11 Dec 2023 15:47:31 GMT
server: cloudflare
etag: W/"396b4-18c598fe238"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1703105269&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=xP55IK2pCrh58V24SoZMFbqTA4OXw9Oss%2FLRaucH2I8%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400, immutable
cf-ray: 838abe1babdc41ff-EWR
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1703105269&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=xP55IK2pCrh58V24SoZMFbqTA4OXw9Oss%2FLRaucH2I8%3D

GET
H2 200 chunk-C6G3D4BW.js Show response
bnpl-widget-sandbox.grailpay.com/build/_shared/ 100 B
174 B 89ms
86ms Script
application/javascript 2606:4700:20::681a:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bnpl-widget-sandbox.grailpay.com/build/_shared/chunk-C6G3D4BW.js
Requested by: Host: bnpl-widget-sandbox.grailpay.com
URL: https://bnpl-widget-sandbox.grailpay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:785 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ee37f862c09a77d02c2b6a0b8f5c45e15c056463e6fc4ae11e7b37c5dd91cf1

Request headers

Referer
Origin: https://bnpl-widget-sandbox.grailpay.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 20:47:49 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
last-modified: Mon, 11 Dec 2023 15:47:31 GMT
server: cloudflare
etag: W/"64-18c598fe238"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1703105269&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=xP55IK2pCrh58V24SoZMFbqTA4OXw9Oss%2FLRaucH2I8%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400, immutable
cf-ray: 838abe1babde41ff-EWR
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1703105269&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=xP55IK2pCrh58V24SoZMFbqTA4OXw9Oss%2FLRaucH2I8%3D

GET
H2 200 chunk-FCMOYEUP.js Show response
bnpl-widget-sandbox.grailpay.com/build/_shared/ 25 KB
8 KB 90ms
87ms Script
application/javascript 2606:4700:20::681a:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bnpl-widget-sandbox.grailpay.com/build/_shared/chunk-FCMOYEUP.js
Requested by: Host: bnpl-widget-sandbox.grailpay.com
URL: https://bnpl-widget-sandbox.grailpay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:785 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc3ff1d63fbe9336e87c7e807cebe4405c43e5fcd88a7d4e9d0fe99799375cf5

Request headers

Referer
Origin: https://bnpl-widget-sandbox.grailpay.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 20:47:49 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
last-modified: Mon, 11 Dec 2023 15:47:31 GMT
server: cloudflare
etag: W/"6483-18c598fe238"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1703105269&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=xP55IK2pCrh58V24SoZMFbqTA4OXw9Oss%2FLRaucH2I8%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400, immutable
cf-ray: 838abe1bbbe641ff-EWR
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1703105269&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=xP55IK2pCrh58V24SoZMFbqTA4OXw9Oss%2FLRaucH2I8%3D

GET
H2 200 root-CUAD2QQE.js Show response
bnpl-widget-sandbox.grailpay.com/build/ 3 KB
1 KB 90ms
88ms Script
application/javascript 2606:4700:20::681a:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bnpl-widget-sandbox.grailpay.com/build/root-CUAD2QQE.js
Requested by: Host: bnpl-widget-sandbox.grailpay.com
URL: https://bnpl-widget-sandbox.grailpay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:785 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 535419ac8dc200c8edc2d6b4cb2ffd8198a7b0539e0e1db072facc2a7a5223a9

Request headers

Referer
Origin: https://bnpl-widget-sandbox.grailpay.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 20:47:49 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
last-modified: Mon, 11 Dec 2023 15:47:31 GMT
server: cloudflare
etag: W/"cd3-18c598fe238"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1703105269&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=xP55IK2pCrh58V24SoZMFbqTA4OXw9Oss%2FLRaucH2I8%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400, immutable
cf-ray: 838abe1bbbe841ff-EWR
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1703105269&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=xP55IK2pCrh58V24SoZMFbqTA4OXw9Oss%2FLRaucH2I8%3D

GET
H2 200 chunk-K4IRUQUP.js Show response
bnpl-widget-sandbox.grailpay.com/build/_shared/ 5 KB
2 KB 93ms
90ms Script
application/javascript 2606:4700:20::681a:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bnpl-widget-sandbox.grailpay.com/build/_shared/chunk-K4IRUQUP.js
Requested by: Host: bnpl-widget-sandbox.grailpay.com
URL: https://bnpl-widget-sandbox.grailpay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:785 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b582ce57952371a8d877d3e71fd6fe8855eac3d0a975ed141f6bd5f84235e53f

Request headers

Referer
Origin: https://bnpl-widget-sandbox.grailpay.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 20:47:49 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
last-modified: Mon, 11 Dec 2023 15:47:31 GMT
server: cloudflare
etag: W/"1521-18c598fe238"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1703105269&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=xP55IK2pCrh58V24SoZMFbqTA4OXw9Oss%2FLRaucH2I8%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400, immutable
cf-ray: 838abe1bbbe941ff-EWR
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1703105269&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=xP55IK2pCrh58V24SoZMFbqTA4OXw9Oss%2FLRaucH2I8%3D

GET
H2 200 chunk-P3KR5WCR.js Show response
bnpl-widget-sandbox.grailpay.com/build/_shared/ 192 B
228 B 91ms
89ms Script
application/javascript 2606:4700:20::681a:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bnpl-widget-sandbox.grailpay.com/build/_shared/chunk-P3KR5WCR.js
Requested by: Host: bnpl-widget-sandbox.grailpay.com
URL: https://bnpl-widget-sandbox.grailpay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:785 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 342995f735df57fb0754d3ecb228b2166fd6983dc612126073642216760059bf

Request headers

Referer
Origin: https://bnpl-widget-sandbox.grailpay.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 20:47:49 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
last-modified: Mon, 11 Dec 2023 15:47:31 GMT
server: cloudflare
etag: W/"c0-18c598fe238"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1703105269&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=xP55IK2pCrh58V24SoZMFbqTA4OXw9Oss%2FLRaucH2I8%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400, immutable
cf-ray: 838abe1bbbea41ff-EWR
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1703105269&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=xP55IK2pCrh58V24SoZMFbqTA4OXw9Oss%2FLRaucH2I8%3D

GET
H2 200 _index-MLKF2PDP.js Show response
bnpl-widget-sandbox.grailpay.com/build/routes/ 3 KB
1 KB 90ms
88ms Script
application/javascript 2606:4700:20::681a:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bnpl-widget-sandbox.grailpay.com/build/routes/_index-MLKF2PDP.js
Requested by: Host: bnpl-widget-sandbox.grailpay.com
URL: https://bnpl-widget-sandbox.grailpay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:785 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b15b075e602b551fed30b0809d382baf8ad8d82566c09242277c8e106be9278

Request headers

Referer
Origin: https://bnpl-widget-sandbox.grailpay.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 20:47:49 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
last-modified: Mon, 11 Dec 2023 15:47:31 GMT
server: cloudflare
etag: W/"a82-18c598fe238"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1703105269&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=xP55IK2pCrh58V24SoZMFbqTA4OXw9Oss%2FLRaucH2I8%3D"}]}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400, immutable
cf-ray: 838abe1bbbec41ff-EWR
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1703105269&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=xP55IK2pCrh58V24SoZMFbqTA4OXw9Oss%2FLRaucH2I8%3D

GET
H2 200 inter-500.ttf
bnpl-widget-sandbox.grailpay.com/fonts/inter/ 308 KB
149 KB 116ms
116ms Font
font/ttf 2606:4700:20::681a:785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bnpl-widget-sandbox.grailpay.com/fonts/inter/inter-500.ttf
Requested by: Host: bnpl-widget-sandbox.grailpay.com
URL: https://bnpl-widget-sandbox.grailpay.com/build/_assets/font-CS65BDWU.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:785 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a645f55492d1c8cdace43c72be8cbec08e680b5a86d8b4c2d1c50d6e41e9cc96

Request headers

Referer: https://bnpl-widget-sandbox.grailpay.com/build/_assets/font-CS65BDWU.css
Origin: https://bnpl-widget-sandbox.grailpay.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 20:47:49 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
last-modified: Mon, 11 Dec 2023 15:46:39 GMT
server: cloudflare
etag: W/"4cefc-18c598f1718"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1703105269&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=xP55IK2pCrh58V24SoZMFbqTA4OXw9Oss%2FLRaucH2I8%3D"}]}
content-type: font/ttf
cache-control: public, max-age=31536000, immutable
cf-ray: 838abe1bbbed41ff-EWR
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1703105269&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=xP55IK2pCrh58V24SoZMFbqTA4OXw9Oss%2FLRaucH2I8%3D

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://bnpl-widget-sandbox.grailpay.com/ Message: The resource https://bnpl-widget-sandbox.grailpay.com/build/_assets/sprite-6F5E4ZZ4.svg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	connect-src 'self';font-src 'self';frame-src 'self';img-src 'self' data:;script-src 'strict-dynamic' 'self' 'nonce-1d9f6b8c5b1e8f9922f4273a996225d2';script-src-attr 'nonce-1d9f6b8c5b1e8f9922f4273a996225d2';default-src 'self';base-uri 'self';form-action 'self';frame-ancestors 'self';object-src 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bnpl-widget-sandbox.grailpay.com
2606:4700:20::681a:785
1ee37f862c09a77d02c2b6a0b8f5c45e15c056463e6fc4ae11e7b37c5dd91cf1
342995f735df57fb0754d3ecb228b2166fd6983dc612126073642216760059bf
535419ac8dc200c8edc2d6b4cb2ffd8198a7b0539e0e1db072facc2a7a5223a9
5b15b075e602b551fed30b0809d382baf8ad8d82566c09242277c8e106be9278
6a5ab952f8992c68c8d3518929d2dc9631597bbd3c7810fc8bd13f7ae4bd6abb
7adf2f7f0a83f8c36d33fb98086ea6c4f45364f787e39a3e041d26920eff9823
7d0bcc263a6c9a224847c87a4cdc3b12440c2107ba3434e45f7dbd84b2c5df96
8ffb792227691072906c7ded14ec01afe6931891393843df7902d0f1b71ab023
95e6cb960bd1e26a05fc5d9e03890d9e8b8516fa6c9acbd5a50f086dd8c9b862
a645f55492d1c8cdace43c72be8cbec08e680b5a86d8b4c2d1c50d6e41e9cc96
b582ce57952371a8d877d3e71fd6fe8855eac3d0a975ed141f6bd5f84235e53f
c0f5489415e8776ddf12d4bcd53a3432604599cb5364663b894824a2df8e9815
dc3ff1d63fbe9336e87c7e807cebe4405c43e5fcd88a7d4e9d0fe99799375cf5
e8dae9981713388c9c0052e7a5e885bf04fb764504cc649b300ded6b53e4a57b
fec931f99f770c490a430d76b4ae0e60a6466c508b9a4fd83ffe5c4a65de8436

bnpl-widget-sandbox.grailpay.com Open in urlscan Pro 2606:4700:20::681a:785 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

16 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

268 kBTransfer

645 kBSize

0 Cookies

0 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

bnpl-widget-sandbox.grailpay.com Open in urlscan Pro
2606:4700:20::681a:785 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

268 kB
Transfer

645 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions