urlscan.io logo urlscan.io
SecurityTrails logo

uat-verify.sandbox.beforepay.com.au Open in urlscan Pro
199.36.158.100  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://uat-verify.sandbox.beforepay.com.au/
Effective URL: https://uat-verify.sandbox.beforepay.com.au/
Submission Tags: discord.fish
Submission: On May 27 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 6 HTTP transactions. The main IP is 199.36.158.100, located in United States and belongs to FASTLY, US. The main domain is uat-verify.sandbox.beforepay.com.au.
TLS certificate: Issued by GTS CA 1D4 on March 29th 2022. Valid for: 3 months.
This is the only time uat-verify.sandbox.beforepay.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 199.36.158.100 54113 (FASTLY)
6 2
Apex Domain
Subdomains		 Transfer
7 beforepay.com.au
uat-verify.sandbox.beforepay.com.au
178 KB
6 1
Domain Requested by
7 uat-verify.sandbox.beforepay.com.au 1 redirects uat-verify.sandbox.beforepay.com.au
6 1

This site contains no links.

Subject Issuer Validity Valid
joinmaslow.com
GTS CA 1D4		 2022-03-29 -
2022-06-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://uat-verify.sandbox.beforepay.com.au/
Frame ID: 2BE9ED5B9EB4F831D2A27BB1C60F5DFD
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Beforepay

Page URL History Show full URLs

  1. http://uat-verify.sandbox.beforepay.com.au/ HTTP 301
    https://uat-verify.sandbox.beforepay.com.au/ Page URL

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

177 kB
Transfer

358 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://uat-verify.sandbox.beforepay.com.au/ HTTP 301
    https://uat-verify.sandbox.beforepay.com.au/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
uat-verify.sandbox.beforepay.com.au/
Redirect Chain
  • http://uat-verify.sandbox.beforepay.com.au/
  • https://uat-verify.sandbox.beforepay.com.au/
12 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://uat-verify.sandbox.beforepay.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1cbd36872d239eb4555bba89667a4e520a7e431bccc6cc7f020c3f36881d0d78
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
content-length
3177
content-type
text/html; charset=utf-8
date
Fri, 27 May 2022 08:46:12 GMT
etag
"7a8c7377bac479db5a011ff274aeb07a6a9ea33833c75341426db5b8b2c82199-br"
last-modified
Mon, 12 Jul 2021 00:07:52 GMT
strict-transport-security
max-age=31556926
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4055-HHN
x-timer
S1653641173.560365,VS0,VE96

Redirect headers

Accept-Ranges
bytes
Connection
close
Content-Length
0
Date
Fri, 27 May 2022 08:46:12 GMT
Location
https://uat-verify.sandbox.beforepay.com.au/
Retry-After
0
Server
Varnish
X-Cache
HIT
X-Cache-Hits
0
X-Served-By
cache-hhn4042-HHN
X-Timer
S1653641172.392847,VS0,VE0
init.js
uat-verify.sandbox.beforepay.com.au/__/firebase/ 		542 B
486 B 		Script
General
Check archive.org
Download Go to
Full URL
https://uat-verify.sandbox.beforepay.com.au/__/firebase/init.js?useEmulator=true
Requested by
Host: uat-verify.sandbox.beforepay.com.au
URL: https://uat-verify.sandbox.beforepay.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3f5ab3ad645c4744ad331c83019b1f4c4809db5cf88987a14644c93e24142cb1
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uat-verify.sandbox.beforepay.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
gzip
last-modified
Mon, 12 Jul 2021 00:07:52 GMT
x-timer
S1653641173.672287,VS0,VE213
etag
"c2424fe7bd6f93e8e65f54f13c1502946840552410d7562e4823c3ee6d4673cf"
x-served-by
cache-hhn4055-HHN
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
date
Fri, 27 May 2022 08:46:12 GMT
accept-ranges
bytes
content-length
375
x-cache-hits
0
firebase-app.js
uat-verify.sandbox.beforepay.com.au/__/firebase/8.4.2/ 		21 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uat-verify.sandbox.beforepay.com.au/__/firebase/8.4.2/firebase-app.js
Requested by
Host: uat-verify.sandbox.beforepay.com.au
URL: https://uat-verify.sandbox.beforepay.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
sffe /
Resource Hash
692fab6756ac1cdb625795b5fb15d0e6581617cbccbc8a9419890725eb4e0fd0
Security Headers
Name Value
Strict-Transport-Security max-age=31556926
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uat-verify.sandbox.beforepay.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
x-cache
MISS
cross-origin-resource-policy
cross-origin
content-length
21200
x-xss-protection
0
x-served-by
cache-hhn4055-HHN
last-modified
Thu, 29 Apr 2021 20:42:52 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
x-timer
S1653641173.672463,VS0,VE24
date
Fri, 27 May 2022 08:46:12 GMT
vary
Accept-Encoding, x-fh-requested-host, accept-encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
expires
Fri, 26 May 2023 14:56:22 GMT
cache-control
max-age=31556926
accept-ranges
bytes
x-cache-hits
0
firebase-auth.js
uat-verify.sandbox.beforepay.com.au/__/firebase/8.4.1/ 		173 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uat-verify.sandbox.beforepay.com.au/__/firebase/8.4.1/firebase-auth.js
Requested by
Host: uat-verify.sandbox.beforepay.com.au
URL: https://uat-verify.sandbox.beforepay.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
sffe /
Resource Hash
d0460dfa53507eb6b050b3035d367ab5ddd0d2c7ccb31fe7a68fc6ac1cfbb2c2
Security Headers
Name Value
Strict-Transport-Security max-age=31556926
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uat-verify.sandbox.beforepay.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
x-cache
MISS
cross-origin-resource-policy
cross-origin
content-length
56866
x-xss-protection
0
x-served-by
cache-hhn4055-HHN
last-modified
Tue, 13 Apr 2021 06:56:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
x-timer
S1653641173.686740,VS0,VE29
date
Fri, 27 May 2022 08:46:12 GMT
vary
Accept-Encoding, x-fh-requested-host, accept-encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sat, 27 May 2023 08:46:12 GMT
cache-control
max-age=31556926
accept-ranges
bytes
x-cache-hits
0
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0884bfff3dd99626241b524520bbf374087753e868f5e4ab6da5f76470dca377

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
Radial-Heavy.woff2
uat-verify.sandbox.beforepay.com.au/static/ 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://uat-verify.sandbox.beforepay.com.au/static/Radial-Heavy.woff2
Requested by
Host: uat-verify.sandbox.beforepay.com.au
URL: https://uat-verify.sandbox.beforepay.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
51fb216183f83a88b4aa46fcdec308d08639d910c20ee2b3c7bcd5e26a347d67
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://uat-verify.sandbox.beforepay.com.au/
Origin
https://uat-verify.sandbox.beforepay.com.au
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
last-modified
Mon, 12 Jul 2021 00:07:52 GMT
x-timer
S1653641173.900932,VS0,VE272
etag
"65b037c90e86b7c768c29b4e0af486c1bd9a2f5c315c2bce21a41bf3d4138e83"
x-served-by
cache-hhn4055-HHN
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
font/woff2
cache-control
max-age=3600
date
Fri, 27 May 2022 08:46:13 GMT
accept-ranges
bytes
content-length
45948
x-cache-hits
0
ABCDiatype-Regular.otf
uat-verify.sandbox.beforepay.com.au/static/ 		103 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://uat-verify.sandbox.beforepay.com.au/static/ABCDiatype-Regular.otf
Requested by
Host: uat-verify.sandbox.beforepay.com.au
URL: https://uat-verify.sandbox.beforepay.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7487e4ece7ac89d96e01900130327374d7cc0bf8bb1d6baa73ca6460066cb0e3
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://uat-verify.sandbox.beforepay.com.au/
Origin
https://uat-verify.sandbox.beforepay.com.au
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Mon, 12 Jul 2021 00:07:52 GMT
x-timer
S1653641173.901729,VS0,VE101
etag
"dbb3d88ff632a3e6d5335818ea4d7c2d97f4564fb405a364fe1fa93518c53d6c-br"
x-served-by
cache-hhn4055-HHN
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
font/otf
cache-control
max-age=3600
date
Fri, 27 May 2022 08:46:13 GMT
accept-ranges
bytes
content-length
52621
x-cache-hits
0

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| firebase function| getParameterByName function| handleVerifyEmail function| handleError

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556926