urlscan.io logo urlscan.io
SecurityTrails logo

nbl-pay.web.app Open in urlscan Pro
199.36.158.100  Public Scan

Go To Rescan Add Verdict Report
URL: https://nbl-pay.web.app/
Submission: On December 24 via api from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 8 domains to perform 17 HTTP transactions. The main IP is 199.36.158.100, located in United States and belongs to FASTLY, US. The main domain is nbl-pay.web.app.
TLS certificate: Issued by GTS CA 1D4 on November 13th 2023. Valid for: 3 months.
This is the only time nbl-pay.web.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 199.36.158.100 54113 (FASTLY)
4 151.101.129.229 54113 (FASTLY)
1 142.250.204.10 15169 (GOOGLE)
2 104.17.25.14 13335 (CLOUDFLAR...)
1 172.67.179.215 13335 (CLOUDFLAR...)
1 172.67.137.205 13335 (CLOUDFLAR...)
2 172.217.24.35 15169 (GOOGLE)
17 8
5    199.36.158.100 (United States)

ASN54113 (FASTLY, US)
nbl-pay.web.app
4    151.101.129.229 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    142.250.204.10 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f10.1e100.net
fonts.googleapis.com
2    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    172.67.179.215 (United States)

ASN13335 (CLOUDFLARENET, US)
jsonip.com
1    172.67.137.205 (United States)

ASN13335 (CLOUDFLARENET, US)
ip-api.org
2    172.217.24.35 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s20-in-f3.1e100.net
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
5 web.app
nbl-pay.web.app
460 KB
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
79 KB
2 gstatic.com
fonts.gstatic.com
42 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204
88 KB
1 ip-api.org
ip-api.org
789 B
1 jsonip.com
jsonip.com — Cisco Umbrella Rank: 23780
717 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
30 KB
0 nlb.com Failed
www.nlb.com Failed
17 8
Domain Requested by
5 nbl-pay.web.app nbl-pay.web.app
4 cdn.jsdelivr.net nbl-pay.web.app
2 fonts.gstatic.com fonts.googleapis.com
2 cdnjs.cloudflare.com nbl-pay.web.app
cdnjs.cloudflare.com
1 ip-api.org nbl-pay.web.app
1 jsonip.com nbl-pay.web.app
1 fonts.googleapis.com client
0 www.nlb.com Failed nbl-pay.web.app
17 8

This site contains no links.

Subject Issuer Validity Valid
web.app
GTS CA 1D4		 2023-11-13 -
2024-02-11		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
jsonip.com
GTS CA 1P5		 2023-11-06 -
2024-02-04		 3 months crt.sh
ip-api.org
GTS CA 1P5		 2023-10-30 -
2024-01-28		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-27 -
2024-02-19		 3 months crt.sh

This page contains 1 frames:

Frame: https://www.nlb.com/
Frame ID: 62A752602BF7767C6D402085106BF676
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

17
Requests

94 %
HTTPS

0 %
IPv6

8
Domains

8
Subdomains

8
IPs

2
Countries

700 kB
Transfer

4769 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nbl-pay.web.app/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nbl-pay.web.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a68a3a75a140b202b340fefa7fd522a1663a501ff1513e8f09a0b5289b3083ae
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=3600
content-encoding
br
content-length
712
content-type
text/html; charset=utf-8
date
Sun, 24 Dec 2023 07:15:26 GMT
etag
"3b1d995b3516c565b67625f3c41ea6a14a790377cd42e2167fa56c4f4759e138-br"
last-modified
Tue, 03 Jan 2023 08:56:41 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
x-cache-hits
1
x-served-by
cache-bne12527-BNE
x-timer
S1703402126.112977,VS0,VE1
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/ 		190 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/bootstrap.min.css
Requested by
Host: nbl-pay.web.app
URL: https://nbl-pay.web.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nbl-pay.web.app/
Origin
https://nbl-pay.web.app
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 24 Dec 2023 07:15:26 GMT
x-content-type-options
nosniff
content-encoding
br
age
5153801
x-jsd-version
5.2.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
30336
x-served-by
cache-fra-eddf8230122-FRA, cache-bne12529-BNE
x-jsd-version-type
version
etag
W/"2f955-d5HdHzFzoNYsw5wh0q1x/I2tDnI"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/js/ 		79 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/js/bootstrap.bundle.min.js
Requested by
Host: nbl-pay.web.app
URL: https://nbl-pay.web.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9520018fa5d81f4e4dc9d06afb576f90cbbaba209cfcc6cb60e1464647f7890b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nbl-pay.web.app/
Origin
https://nbl-pay.web.app
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 24 Dec 2023 07:15:26 GMT
x-content-type-options
nosniff
content-encoding
br
age
15081420
x-jsd-version
5.2.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
24659
x-served-by
cache-fra-eddf8230056-FRA, cache-bne12529-BNE
x-jsd-version-type
version
etag
W/"13a24-kNFQNu9I/LM2oTW66BK0VmnxkEQ"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
styles.6ae7b54a03761458ac8c.css
nbl-pay.web.app/ 		72 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nbl-pay.web.app/styles.6ae7b54a03761458ac8c.css
Requested by
Host: nbl-pay.web.app
URL: https://nbl-pay.web.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c2440453bd7ec1c6113c6fbf387d381ebd3b8ca863eb2b507f6d2bcfec129532
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://nbl-pay.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by
cache-bne12527-BNE
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Sun, 24 Dec 2023 07:15:26 GMT
last-modified
Tue, 03 Jan 2023 08:56:41 GMT
x-timer
S1703402126.135868,VS0,VE0
etag
"e3a88fb45d1a14426fe548b58547fa7a9792f1772007af3d44e92d955607728f-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/css; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
7534
x-cache-hits
1
popper.min.js
cdn.jsdelivr.net/npm/@popperjs/core@2.11.6/dist/umd/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@popperjs/core@2.11.6/dist/umd/popper.min.js
Requested by
Host: nbl-pay.web.app
URL: https://nbl-pay.web.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
051a8137b75880006ab58f47778ca713ed6c967130faba043c5cd0ed34517dc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nbl-pay.web.app/
Origin
https://nbl-pay.web.app
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 24 Dec 2023 07:15:26 GMT
x-content-type-options
nosniff
content-encoding
br
age
23834670
x-jsd-version
2.11.6
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
7656
x-served-by
cache-fra-eddf8230136-FRA, cache-bne12529-BNE
x-jsd-version-type
version
etag
W/"4e7f-YDO5/9GsCmSrp3VxzVXmgduuK5k"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/js/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/js/bootstrap.min.js
Requested by
Host: nbl-pay.web.app
URL: https://nbl-pay.web.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9bcd4d0f29dc6556ebeeff44eaa0965f0c7f7308ee58394708cce2f698cca1b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nbl-pay.web.app/
Origin
https://nbl-pay.web.app
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 24 Dec 2023 07:15:26 GMT
x-content-type-options
nosniff
content-encoding
br
age
15119937
x-jsd-version
5.2.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
17319
x-served-by
cache-fra-eddf8230041-FRA, cache-bne12529-BNE
x-jsd-version-type
version
etag
W/"ebf4-hH3/iZtbz47kNOOJ4qkQuh26128"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
runtime.328092a95668e859e42b.js
nbl-pay.web.app/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nbl-pay.web.app/runtime.328092a95668e859e42b.js
Requested by
Host: nbl-pay.web.app
URL: https://nbl-pay.web.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9c73e7bbc5abf169b6b84b954787dbbb1fcfdc7efda7921d7ae90bcd9c11506c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://nbl-pay.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by
cache-bne12527-BNE
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Sun, 24 Dec 2023 07:15:26 GMT
last-modified
Tue, 03 Jan 2023 08:56:41 GMT
x-timer
S1703402126.498863,VS0,VE0
etag
"87259b3f43b4932de8f98d7ec3eba07ba52f211598cab32bec91799f6ad4cdf4-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
987
x-cache-hits
1
polyfills.8c151b8375e767ff858f.js
nbl-pay.web.app/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nbl-pay.web.app/polyfills.8c151b8375e767ff858f.js
Requested by
Host: nbl-pay.web.app
URL: https://nbl-pay.web.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4daa2bb1677808e27e398cdd6a6c42f04972c0dbc121b2a646a001d0e58b3687
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://nbl-pay.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by
cache-bne12527-BNE
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Sun, 24 Dec 2023 07:15:26 GMT
last-modified
Tue, 03 Jan 2023 08:56:41 GMT
x-timer
S1703402127.500452,VS0,VE0
etag
"5d4b84cf432d175252c2f5c70e33882a41bcf62b8db4570f723b576790b7b613-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
11257
x-cache-hits
1
main.b983b6772df6dc34496e.js
nbl-pay.web.app/ 		4 MB
439 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nbl-pay.web.app/main.b983b6772df6dc34496e.js
Requested by
Host: nbl-pay.web.app
URL: https://nbl-pay.web.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f8768cefd7f8e08b73766606e0e6b0a81f7f5e4f922ae8ab8a812ad5f4e2066b
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://nbl-pay.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by
cache-bne12527-BNE
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Sun, 24 Dec 2023 07:15:26 GMT
last-modified
Tue, 03 Jan 2023 08:56:41 GMT
x-timer
S1703402127.500519,VS0,VE3
etag
"97460eadb521ed0973981ac0371c5ae76f36b4b409025c32320f65fae8f6fd74-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
449315
x-cache-hits
1
css2
fonts.googleapis.com/ 		111 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=M+PLUS+1p:wght@300&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f10.1e100.net
Software
ESF /
Resource Hash
68bad6dbc2a2a51d66e5e2c77364e6f6af6fe0b044c2f84a11615ac4947cb191
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://nbl-pay.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 24 Dec 2023 07:15:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 24 Dec 2023 07:15:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 24 Dec 2023 07:15:27 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/ 		58 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Requested by
Host: nbl-pay.web.app
URL: https://nbl-pay.web.app/main.b983b6772df6dc34496e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://nbl-pay.web.app/
Origin
https://nbl-pay.web.app
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:15:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
234202
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10482
last-modified
Tue, 01 Aug 2023 16:35:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"64c93458-28f2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6aYXFAY2na%2BmLaHp1fqgzSz8vO8zurV0gEGwfob1l2jpdudtmfFn0iAzq%2FcR2RlzP45c%2Fbz5mcqN1eUsysAwFGDAZE0%2FUlxtSXwDUCtt9Oeryr67qNfnsqZAk%2FAWbVYasi4BC4yz"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83a70d9ddbffa953-SYD
expires
Fri, 13 Dec 2024 07:15:27 GMT
/
jsonip.com/ 		128 B
717 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jsonip.com/
Requested by
Host: nbl-pay.web.app
URL: https://nbl-pay.web.app/polyfills.8c151b8375e767ff858f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.179.215 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da22abb7dba148a528f0e2768c25ad6a0f186046c9a137399497515b79b2314c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://nbl-pay.web.app/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:15:27 GMT
strict-transport-security
max-age=31536000;
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
server
cloudflare
expect-ct
max-age=86400, enforce
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2SypfHnTm1pLgLU2%2FhzbrKcV1sN2EiqOOPrp0rltrfA8bm2gte%2FgArIFFdGKF6OzMBPbNxo4qvG5Hk7cGUqnMCvRdCM8FFqSxPo2%2Fp%2BvY4Fa1ktINQppjv5n1vfc"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/json; charset=utf-8
cf-ray
83a70d9de921aac9-SYD
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2699316cb83af2502422d101e81564b0492785cab2fdfbdc256f90e1c4ad5606
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Origin
https://nbl-pay.web.app
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:15:27 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
306597
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
78196
last-modified
Tue, 01 Aug 2023 16:35:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"64c93458-13174"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fLzn4lWw56tQ5oLAAl0JlYdVsAww%2F7j69dEbMuAcRf%2BMCYxKJUDvZ0Pyu0Mq8lOtc7Ff9uS3Fi75pPrLrJHsJc8n5VVGKTypJC9%2FLT8O4PaYO0BR5ww%2FDLT1lJHICWFMlAs8zNWm"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83a70d9dec0ca953-SYD
expires
Fri, 13 Dec 2024 07:15:27 GMT
s3ipv2.php
ip-api.org/ 		284 B
789 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ip-api.org/s3ipv2.php?jip=66.203.112.163
Requested by
Host: nbl-pay.web.app
URL: https://nbl-pay.web.app/polyfills.8c151b8375e767ff858f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.137.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash

Request headers

Accept
application/json, text/plain, */*
Referer
https://nbl-pay.web.app/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:15:28 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/5.6.40
alt-svc
h3=":443"; ma=86400
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XzLVMG1w6CP6%2BjkWvd1wH%2Baxbkq6lmhTf6R%2FjVtqrSC8dibQP%2BLh%2F6dL7jAhq73Q4Qpntio35GD4wTiPV7RqWafmgtxTdPtdadHDgqsA1lPHoOUrZ0PoaXVwvRK4"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-turbo-charged-by
LiteSpeed
cf-ray
83a70da10ee5a937-SYD
expires
Thu, 19 Nov 1981 08:52:00 GMT
e3tmeuShHdiFyPFzBRrQVBYQfEnX.woff2
fonts.gstatic.com/s/mplus1p/v28/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mplus1p/v28/e3tmeuShHdiFyPFzBRrQVBYQfEnX.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=M+PLUS+1p:wght@300&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f3.1e100.net
Software
sffe /
Resource Hash
65e5b212f3c37dab8afc4af6d7e2932e34685169626b321fd59b0c01f29c42e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nbl-pay.web.app
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 16:46:17 GMT
x-content-type-options
nosniff
age
138550
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18256
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:13:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Dec 2024 16:46:17 GMT
e3tmeuShHdiFyPFzBRrQVBYQcknXkvc.woff2
fonts.gstatic.com/s/mplus1p/v28/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mplus1p/v28/e3tmeuShHdiFyPFzBRrQVBYQcknXkvc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=M+PLUS+1p:wght@300&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f3.1e100.net
Software
sffe /
Resource Hash
e0388ded94f020e34ba128a2a9a4de732b0f6fe8745cec5430e313f041c652ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nbl-pay.web.app
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 07:15:27 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23908
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:01:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Dec 2024 07:15:27 GMT
/
www.nlb.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.nlb.com
URL
https://www.nlb.com/

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload