urlscan.io logo urlscan.io
SecurityTrails logo

web.na.bambora.com Open in urlscan Pro
74.200.28.151  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://links.notification.intuit.com/ls/click?upn=LEV65WI9EZ1l5TkUt4hKq-2BkpC4Ism9uyWp4fVtvcVvEHR8lPSQDJjySIxCinqy6rqOk3lurca1zy2VPXF...
Effective URL: https://web.na.bambora.com/scripts/payment/payment.asp?merchant_id=376296301&hashValue=c110bdb5068a546a1df2d52c344756df&trn...
Submission: On February 06 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 16 HTTP transactions. The main IP is 74.200.28.151, located in Calgary, Canada and belongs to EQUINIX, NL. The main domain is web.na.bambora.com. The Cisco Umbrella rank of the primary domain is 152641.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on August 17th 2023. Valid for: a year.
This is the only time web.na.bambora.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.115.56 11377 (SENDGRID)
16 74.200.28.151 15830 (EQUINIX)
16 1
Apex Domain
Subdomains		 Transfer
16 bambora.com
web.na.bambora.com — Cisco Umbrella Rank: 152641
69 KB
1 intuit.com
links.notification.intuit.com — Cisco Umbrella Rank: 21901
346 B
16 2
Domain Requested by
16 web.na.bambora.com web.na.bambora.com
1 links.notification.intuit.com 1 redirects
16 2

This site contains no links.

Subject Issuer Validity Valid
*.na.bambora.com
Sectigo RSA Organization Validation Secure Server CA		 2023-08-17 -
2024-08-16		 a year crt.sh

This page contains 1 frames:

Primary Page: https://web.na.bambora.com/scripts/payment/payment.asp?merchant_id=376296301&hashValue=c110bdb5068a546a1df2d52c344756df&trnOrderNumber=Inv3269
Frame ID: 2099E30B42F1E1DA9FEBEA013896BD04
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Government of British Columbia

Page URL History Show full URLs

  1. http://links.notification.intuit.com/ls/click?upn=LEV65WI9EZ1l5TkUt4hKq-2BkpC4Ism9uyWp4fVtvcVvEHR8lPSQDJjySIxCinq... HTTP 302
    https://web.na.bambora.com/scripts/payment/payment.asp?merchant_id=376296301&hashValue=c110bdb5068a546a... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

69 kB
Transfer

168 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://links.notification.intuit.com/ls/click?upn=LEV65WI9EZ1l5TkUt4hKq-2BkpC4Ism9uyWp4fVtvcVvEHR8lPSQDJjySIxCinqy6rqOk3lurca1zy2VPXFJh8PCnS4M2JDFTBdaQ6u8sV9r9B0qFusyulblxm4pMGnwUgvYWK9yp-2BbdGiGqiw5KY6HSPZ4XBVf5aEfL6msTd-2FF1XnCgx2yJHUDTg0zhaL1vIaY8OoXbViw8siGHb-2FDvuCzg-3D-3DRPNV_DORqpbIilcy2kQbFmCD5RLhZzCpOCLNw7bZjKuXoEr1VdzqIxZT9t1h-2FwxUKbpOynZxRzjccKRmmo1PxxnZpmzjNKVEaVl9ws6RieNtnVtiPJahmndy-2FgFUoUstM3KhQvkAssA-2FA7EOpepVn4G5LPyfy-2BstucRSMOZukafU9u59wuul039iojW66tFmavHS8d-2FvN7-2B0uauXzVozaqZuHLOKJOKvTQKvMUSonoOGDL4wdjR2Ih1qUkSpe7gw8-2Bj4Jxn-2F6-2FmEGb7jEpze2hDd-2BmYgiIi4CFkU9lJ4utphbrLPxmC2eo3RPkyOtkTQ2fVYjvQE23NQ7-2B46Oq8FxLVr-2FLIYOSG-2Brwa-2FjF2fhy25-2FBILk0B35Rju3Ym0PBhoXGV-2BseHnL26p3V4yq6lFYcxbta8hox47OllfatuzP0Agypvph4NHe1pOIzScgGhBjHoiNpwyX8B4SogFA1E6BZRI1o1SJsa0Ngo7LkeuJf5ltQRXn1t4DORC-2FxQtR-2BSEBzVM-2BHcx0HZNs06stCZZusYLPI8mUGnwLv0GgKjOlz03jEk6Hy4iN78urgYdu2Eeh6BNkwEAiz8Hex6d54dRKpES0e3iJbmGHO-2BI8PEt897LGynfIwYGcuJyvKdmvP82DKvPRlkUvihF3mcelwY93eJ9CJCnN9Ckend-2Fv30z0m3PEwJPS34O64T95BWa7jcbJ2Ojc HTTP 302
    https://web.na.bambora.com/scripts/payment/payment.asp?merchant_id=376296301&hashValue=c110bdb5068a546a1df2d52c344756df&trnOrderNumber=Inv3269 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request payment.asp
web.na.bambora.com/scripts/payment/
Redirect Chain
  • http://links.notification.intuit.com/ls/click?upn=LEV65WI9EZ1l5TkUt4hKq-2BkpC4Ism9uyWp4fVtvcVvEHR8lPSQDJjySIxCinqy6rqOk3lurca1zy2VPXFJh8PCnS4M2JDFTBdaQ6u8sV9r9B0qFusyulblxm4pMGnwUgvYWK9yp-2BbdGiGqi...
  • https://web.na.bambora.com/scripts/payment/payment.asp?merchant_id=376296301&hashValue=c110bdb5068a546a1df2d52c344756df&trnOrderNumber=Inv3269
79 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://web.na.bambora.com/scripts/payment/payment.asp?merchant_id=376296301&hashValue=c110bdb5068a546a1df2d52c344756df&trnOrderNumber=Inv3269
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.200.28.151 Calgary, Canada, ASN15830 (EQUINIX, NL),
Reverse DNS
151.28.200-74.q9.net
Software
/
Resource Hash
ae2e140d456e35b6b2e7fb8d0cfaa2a9660fc5e4af4f3d4511e36286e14629d9
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Headers
accept, origin, content-type, authorization, Merchant-Id
Access-Control-Allow-Origin
*
Cache-Control
private
Connection
close
Content-Encoding
gzip
Content-Length
20799
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Content-Type
text/html
Date
Tue, 06 Feb 2024 16:40:14 GMT
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-FRAME-OPTIONS
DENY
X-UA-Compatible
IE=edge,chrome=1
X-Xss-Protection
1

Redirect headers

Connection
keep-alive
Content-Length
173
Content-Type
text/html; charset=utf-8
Date
Tue, 06 Feb 2024 16:40:13 GMT
Location
https://web.na.bambora.com/scripts/payment/payment.asp?merchant_id=376296301&hashValue=c110bdb5068a546a1df2d52c344756df&trnOrderNumber=Inv3269
Server
nginx
X-Robots-Tag
noindex, nofollow
spacer.gif
web.na.bambora.com/images/SystemImages/BCEP/ 		42 B
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.na.bambora.com/images/SystemImages/BCEP/spacer.gif
Requested by
Host: web.na.bambora.com
URL: https://web.na.bambora.com/scripts/payment/payment.asp?merchant_id=376296301&hashValue=c110bdb5068a546a1df2d52c344756df&trnOrderNumber=Inv3269
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.200.28.151 Calgary, Canada, ASN15830 (EQUINIX, NL),
Reverse DNS
151.28.200-74.q9.net
Software
/
Resource Hash
925f2a3dee806fc982f16826e2426921bf43333453facb1ff0f6c89d74e9db5d
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.na.bambora.com/scripts/payment/payment.asp?merchant_id=376296301&hashValue=c110bdb5068a546a1df2d52c344756df&trnOrderNumber=Inv3269
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Date
Tue, 06 Feb 2024 16:40:14 GMT
Last-Modified
Fri, 13 Jun 2008 15:24:04 GMT
ETag
"0c2688369cdc81:0"
Content-Type
image/gif
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
accept, origin, content-type, authorization, Merchant-Id
Content-Length
42
X-Xss-Protection
1
X-UA-Compatible
IE=edge,chrome=1
logo_bcgov.gif
web.na.bambora.com/images/SystemImages/BCEP/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.na.bambora.com/images/SystemImages/BCEP/logo_bcgov.gif
Requested by
Host: web.na.bambora.com
URL: https://web.na.bambora.com/scripts/payment/payment.asp?merchant_id=376296301&hashValue=c110bdb5068a546a1df2d52c344756df&trnOrderNumber=Inv3269
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.200.28.151 Calgary, Canada, ASN15830 (EQUINIX, NL),
Reverse DNS
151.28.200-74.q9.net
Software
/
Resource Hash
92e6b5986faefc25245dfbf823d1c63150278abe9a8bacc7c8fcc018237f8dd0
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.na.bambora.com/scripts/payment/payment.asp?merchant_id=376296301&hashValue=c110bdb5068a546a1df2d52c344756df&trnOrderNumber=Inv3269
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Date
Tue, 06 Feb 2024 16:40:14 GMT
Last-Modified
Mon, 13 Jul 2015 20:28:42 GMT
ETag
"257c382aabdd01:0"
Content-Type
image/gif
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
accept, origin, content-type, authorization, Merchant-Id
Content-Length
3274
X-Xss-Protection
1
X-UA-Compatible
IE=edge,chrome=1
icon_help.gif
web.na.bambora.com/images/SystemImages/BCEP/ 		750 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.na.bambora.com/images/SystemImages/BCEP/icon_help.gif
Requested by
Host: web.na.bambora.com
URL: https://web.na.bambora.com/scripts/payment/payment.asp?merchant_id=376296301&hashValue=c110bdb5068a546a1df2d52c344756df&trnOrderNumber=Inv3269
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.200.28.151 Calgary, Canada, ASN15830 (EQUINIX, NL),
Reverse DNS
151.28.200-74.q9.net
Software
/
Resource Hash
ee21fbc0b34f5062306374f1688ec3ab986c9f005ee2b943c43d068866623321
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.na.bambora.com/scripts/payment/payment.asp?merchant_id=376296301&hashValue=c110bdb5068a546a1df2d52c344756df&trnOrderNumber=Inv3269
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Date
Tue, 06 Feb 2024 16:40:14 GMT
Last-Modified
Fri, 13 Jun 2008 15:24:04 GMT
ETag
"0c2688369cdc81:0"
Content-Type
image/gif
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
accept, origin, content-type, authorization, Merchant-Id
Content-Length
750
X-Xss-Protection
1
X-UA-Compatible
IE=edge,chrome=1
ln_dot_full_dbl.gif
web.na.bambora.com/images/SystemImages/BCEP/ 		145 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.na.bambora.com/images/SystemImages/BCEP/ln_dot_full_dbl.gif
Requested by
Host: web.na.bambora.com
URL: https://web.na.bambora.com/scripts/payment/payment.asp?merchant_id=376296301&hashValue=c110bdb5068a546a1df2d52c344756df&trnOrderNumber=Inv3269
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.200.28.151 Calgary, Canada, ASN15830 (EQUINIX, NL),
Reverse DNS
151.28.200-74.q9.net
Software
/
Resource Hash
dbb30ab512af9e484b1b45748a20d19303f8bfa64260b5f2504d318d2d3d03c3
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.na.bambora.com/scripts/payment/payment.asp?merchant_id=376296301&hashValue=c110bdb5068a546a1df2d52c344756df&trnOrderNumber=Inv3269
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Date
Tue, 06 Feb 2024 16:40:14 GMT
Last-Modified
Fri, 13 Jun 2008 15:24:04 GMT
ETag
"0c2688369cdc81:0"
Content-Type
image/gif
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
accept, origin, content-type, authorization, Merchant-Id
Content-Length
145
X-Xss-Protection
1
X-UA-Compatible
IE=edge,chrome=1
JavaScript_jQuery.js
web.na.bambora.com/Admin/include/ 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web.na.bambora.com/Admin/include/JavaScript_jQuery.js
Requested by
Host: web.na.bambora.com
URL: https://web.na.bambora.com/scripts/payment/payment.asp?merchant_id=376296301&hashValue=c110bdb5068a546a1df2d52c344756df&trnOrderNumber=Inv3269
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.200.28.151 Calgary, Canada, ASN15830 (EQUINIX, NL),
Reverse DNS
151.28.200-74.q9.net
Software
/
Resource Hash
856fbd50802c6baa4741cb0c23eab9e5282b9a77af36f77287b1096f8a5145cf
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.na.bambora.com/scripts/payment/payment.asp?merchant_id=376296301&hashValue=c110bdb5068a546a1df2d52c344756df&trnOrderNumber=Inv3269
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Date
Tue, 06 Feb 2024 16:40:14 GMT
Connection
close
Content-Length
26901
X-Xss-Protection
1
X-UA-Compatible
IE=edge,chrome=1
Last-Modified
Tue, 19 Jul 2016 19:34:10 GMT
ETag
"0259785f4e1d11:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Access-Control-Allow-Headers
accept, origin, content-type, authorization, Merchant-Id
20_PV_cardLogo.png
web.na.bambora.com/shared_resources/cardLogos/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.na.bambora.com/shared_resources/cardLogos/20_PV_cardLogo.png
Requested by
Host: web.na.bambora.com
URL: https://web.na.bambora.com/scripts/payment/payment.asp?merchant_id=376296301&hashValue=c110bdb5068a546a1df2d52c344756df&trnOrderNumber=Inv3269
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.200.28.151 Calgary, Canada, ASN15830 (EQUINIX, NL),
Reverse DNS
151.28.200-74.q9.net
Software
/
Resource Hash
4bb2932aad736f2da3c13e54e8ecad788721ca7f74f38158b2613af92b12423b
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.na.bambora.com/scripts/payment/payment.asp?merchant_id=376296301&hashValue=c110bdb5068a546a1df2d52c344756df&trnOrderNumber=Inv3269
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Date
Tue, 06 Feb 2024 16:40:13 GMT
Last-Modified
Tue, 03 Feb 2015 00:06:10 GMT
ETag
"0c5e436453fd01:0"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
accept, origin, content-type, authorization, Merchant-Id
Content-Length
1576
X-Xss-Protection
1
X-UA-Compatible
IE=edge,chrome=1
35_MD_cardLogo.png
web.na.bambora.com/shared_resources/cardLogos/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.na.bambora.com/shared_resources/cardLogos/35_MD_cardLogo.png
Requested by
Host: web.na.bambora.com
URL: https://web.na.bambora.com/scripts/payment/payment.asp?merchant_id=376296301&hashValue=c110bdb5068a546a1df2d52c344756df&trnOrderNumber=Inv3269
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.200.28.151 Calgary, Canada, ASN15830 (EQUINIX, NL),
Reverse DNS
151.28.200-74.q9.net
Software
/
Resource Hash
d274968cb6c140802d9fbe1e3fdabb712109e61e53328f842ec2575cdb8c4555
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.na.bambora.com/scripts/payment/payment.asp?merchant_id=376296301&hashValue=c110bdb5068a546a1df2d52c344756df&trnOrderNumber=Inv3269
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Date
Tue, 06 Feb 2024 16:40:14 GMT
Last-Modified
Sat, 21 Jan 2017 01:20:14 GMT
ETag
"0db51848473d21:0"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
accept, origin, content-type, authorization, Merchant-Id
Content-Length
2182
X-Xss-Protection
1
X-UA-Compatible
IE=edge,chrome=1
50_AM_cardLogo.png
web.na.bambora.com/shared_resources/cardLogos/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.na.bambora.com/shared_resources/cardLogos/50_AM_cardLogo.png
Requested by
Host: web.na.bambora.com
URL: https://web.na.bambora.com/scripts/payment/payment.asp?merchant_id=376296301&hashValue=c110bdb5068a546a1df2d52c344756df&trnOrderNumber=Inv3269
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.200.28.151 Calgary, Canada, ASN15830 (EQUINIX, NL),
Reverse DNS
151.28.200-74.q9.net
Software
/
Resource Hash
0a72559062325bd6481d13edafeb94d1f5cb48ef29474c480163f2aa0eba2764
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.na.bambora.com/scripts/payment/payment.asp?merchant_id=376296301&hashValue=c110bdb5068a546a1df2d52c344756df&trnOrderNumber=Inv3269
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Date
Tue, 06 Feb 2024 16:40:13 GMT
Last-Modified
Tue, 03 Feb 2015 00:06:10 GMT
ETag
"0c5e436453fd01:0"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
accept, origin, content-type, authorization, Merchant-Id
Content-Length
2770
X-Xss-Protection
1
X-UA-Compatible
IE=edge,chrome=1
ln_dot_full.gif
web.na.bambora.com/images/SystemImages/BCEP/ 		87 B
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.na.bambora.com/images/SystemImages/BCEP/ln_dot_full.gif
Requested by
Host: web.na.bambora.com
URL: https://web.na.bambora.com/scripts/payment/payment.asp?merchant_id=376296301&hashValue=c110bdb5068a546a1df2d52c344756df&trnOrderNumber=Inv3269
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.200.28.151 Calgary, Canada, ASN15830 (EQUINIX, NL),
Reverse DNS
151.28.200-74.q9.net
Software
/
Resource Hash
6d455b6b00a8077657106fb781e0ef33bed04dd13fad335b4bb9e0e430a8dc9a
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.na.bambora.com/scripts/payment/payment.asp?merchant_id=376296301&hashValue=c110bdb5068a546a1df2d52c344756df&trnOrderNumber=Inv3269
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Date
Tue, 06 Feb 2024 16:40:14 GMT
Last-Modified
Fri, 13 Jun 2008 15:24:04 GMT
ETag
"0c2688369cdc81:0"
Content-Type
image/gif
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
accept, origin, content-type, authorization, Merchant-Id
Content-Length
87
X-Xss-Protection
1
X-UA-Compatible
IE=edge,chrome=1
ftrCopyright.gif
web.na.bambora.com/images/SystemImages/BCEP/ 		344 B
922 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.na.bambora.com/images/SystemImages/BCEP/ftrCopyright.gif
Requested by
Host: web.na.bambora.com
URL: https://web.na.bambora.com/scripts/payment/payment.asp?merchant_id=376296301&hashValue=c110bdb5068a546a1df2d52c344756df&trnOrderNumber=Inv3269
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.200.28.151 Calgary, Canada, ASN15830 (EQUINIX, NL),
Reverse DNS
151.28.200-74.q9.net
Software
/
Resource Hash
03829afa41f31c2eb0d10e36fc97f57b76b7b2932963c037581d84291cbb2ac8
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.na.bambora.com/scripts/payment/payment.asp?merchant_id=376296301&hashValue=c110bdb5068a546a1df2d52c344756df&trnOrderNumber=Inv3269
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Date
Tue, 06 Feb 2024 16:40:14 GMT
Last-Modified
Fri, 13 Jun 2008 15:24:04 GMT
ETag
"0c2688369cdc81:0"
Content-Type
image/gif
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
accept, origin, content-type, authorization, Merchant-Id
Content-Length
344
X-Xss-Protection
1
X-UA-Compatible
IE=edge,chrome=1
ftrDisclaimer.gif
web.na.bambora.com/images/SystemImages/BCEP/ 		392 B
970 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.na.bambora.com/images/SystemImages/BCEP/ftrDisclaimer.gif
Requested by
Host: web.na.bambora.com
URL: https://web.na.bambora.com/scripts/payment/payment.asp?merchant_id=376296301&hashValue=c110bdb5068a546a1df2d52c344756df&trnOrderNumber=Inv3269
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.200.28.151 Calgary, Canada, ASN15830 (EQUINIX, NL),
Reverse DNS
151.28.200-74.q9.net
Software
/
Resource Hash
8bd8532f3cbcf61886096b440b1975b816ff85f9f29a5f2d2a75fa55911aab45
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.na.bambora.com/scripts/payment/payment.asp?merchant_id=376296301&hashValue=c110bdb5068a546a1df2d52c344756df&trnOrderNumber=Inv3269
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Date
Tue, 06 Feb 2024 16:40:14 GMT
Last-Modified
Fri, 13 Jun 2008 15:24:04 GMT
ETag
"0c2688369cdc81:0"
Content-Type
image/gif
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
accept, origin, content-type, authorization, Merchant-Id
Content-Length
392
X-Xss-Protection
1
X-UA-Compatible
IE=edge,chrome=1
ftrPrivacy.gif
web.na.bambora.com/images/SystemImages/BCEP/ 		317 B
895 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.na.bambora.com/images/SystemImages/BCEP/ftrPrivacy.gif
Requested by
Host: web.na.bambora.com
URL: https://web.na.bambora.com/scripts/payment/payment.asp?merchant_id=376296301&hashValue=c110bdb5068a546a1df2d52c344756df&trnOrderNumber=Inv3269
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.200.28.151 Calgary, Canada, ASN15830 (EQUINIX, NL),
Reverse DNS
151.28.200-74.q9.net
Software
/
Resource Hash
42d784b3263c8dd8a0d238d1f359188bd67d75500afc1c9d0bbfdc2852e0e1bb
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.na.bambora.com/scripts/payment/payment.asp?merchant_id=376296301&hashValue=c110bdb5068a546a1df2d52c344756df&trnOrderNumber=Inv3269
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Date
Tue, 06 Feb 2024 16:40:14 GMT
Last-Modified
Fri, 13 Jun 2008 15:24:04 GMT
ETag
"0c2688369cdc81:0"
Content-Type
image/gif
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
accept, origin, content-type, authorization, Merchant-Id
Content-Length
317
X-Xss-Protection
1
X-UA-Compatible
IE=edge,chrome=1
ftrAccessibility.gif
web.na.bambora.com/images/SystemImages/BCEP/ 		427 B
1005 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.na.bambora.com/images/SystemImages/BCEP/ftrAccessibility.gif
Requested by
Host: web.na.bambora.com
URL: https://web.na.bambora.com/scripts/payment/payment.asp?merchant_id=376296301&hashValue=c110bdb5068a546a1df2d52c344756df&trnOrderNumber=Inv3269
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.200.28.151 Calgary, Canada, ASN15830 (EQUINIX, NL),
Reverse DNS
151.28.200-74.q9.net
Software
/
Resource Hash
fb12b1b883fe5cd21035f50c1657823c330460c1b4fc5fc31c5f8b3508642779
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.na.bambora.com/scripts/payment/payment.asp?merchant_id=376296301&hashValue=c110bdb5068a546a1df2d52c344756df&trnOrderNumber=Inv3269
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Date
Tue, 06 Feb 2024 16:40:14 GMT
Last-Modified
Fri, 13 Jun 2008 15:24:04 GMT
ETag
"0c2688369cdc81:0"
Content-Type
image/gif
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
accept, origin, content-type, authorization, Merchant-Id
Content-Length
427
X-Xss-Protection
1
X-UA-Compatible
IE=edge,chrome=1
bCancel.gif
web.na.bambora.com/images/SystemImages/BCEP/ 		616 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.na.bambora.com/images/SystemImages/BCEP/bCancel.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.200.28.151 Calgary, Canada, ASN15830 (EQUINIX, NL),
Reverse DNS
151.28.200-74.q9.net
Software
/
Resource Hash
3698769f004fd34f030c46cb3382819ea6fd725ee33307e9d79c8c3b0e436709
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.na.bambora.com/scripts/payment/payment.asp?merchant_id=376296301&hashValue=c110bdb5068a546a1df2d52c344756df&trnOrderNumber=Inv3269
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Date
Tue, 06 Feb 2024 16:40:15 GMT
Last-Modified
Tue, 24 Jun 2008 19:28:17 GMT
ETag
"86b1397430d6c81:0"
Content-Type
image/gif
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
accept, origin, content-type, authorization, Merchant-Id
Content-Length
616
X-Xss-Protection
1
X-UA-Compatible
IE=edge,chrome=1
bPayNow.gif
web.na.bambora.com/images/SystemImages/BCEP/ 		565 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.na.bambora.com/images/SystemImages/BCEP/bPayNow.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.200.28.151 Calgary, Canada, ASN15830 (EQUINIX, NL),
Reverse DNS
151.28.200-74.q9.net
Software
/
Resource Hash
176a0c72a57684da1cecaf73f3a33caf7773f7f45ad86867b9dd8d54bae84e40
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.na.bambora.com/scripts/payment/payment.asp?merchant_id=376296301&hashValue=c110bdb5068a546a1df2d52c344756df&trnOrderNumber=Inv3269
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Date
Tue, 06 Feb 2024 16:40:15 GMT
Last-Modified
Tue, 24 Jun 2008 19:28:18 GMT
ETag
"e7bce77430d6c81:0"
Content-Type
image/gif
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
accept, origin, content-type, authorization, Merchant-Id
Content-Length
565
X-Xss-Protection
1
X-UA-Compatible
IE=edge,chrome=1

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| blockAutoComplete function| setStyle function| open_tabwin function| $ function| jQuery function| stopError function| DisableButtons function| CheckPaymentType function| PositiveInteger function| openCvdHelp function| OnChangeShipSameAsOrd function| CheckAgree function| CancelTrans function| SubmitTrans function| ValidateCardNumber function| ValidateOwner function| ValidateData function| ValidateEmailField function| SetCardFieldState function| CountryUpdatePayment function| CheckoutVisaCheckout function| addLoadEvent function| FormatDate function| ValidateEmailAddress function| ValidCardNumber function| FormatAmount function| FormatAmountDec function| FormatAmountDecV2 function| FormatAmountValue function| MoneyChop function| MoneyChopValue function| IsNumeric function| IsPosNumeric function| RequireNumericOnly function| IsInteger function| DisableControl function| DisableControl2 function| ValidateCvdField function| CountryUpdate function| CountryUpdateWithRegion function| DisplayCountryData function| DisplayProvinceText boolean| isNav4 boolean| isIE4 object| reMoney string| ulang object| htmlElems string| ua boolean| isSupported string| unsupportedBrowserMessage undefined| msiePosition undefined| message

2 Cookies

Domain/Path Name / Value
web.na.bambora.com/ Name: TS013f0544
Value: 01c54dc23561ab1bc7a4761fe3905e49fb24fdeab7ed6eded7dd539fcaed706616bf98282cae2d95276ba25cf0a07cdcb7041fa08e
web.na.bambora.com/ Name: TS013f0544028
Value: 018238f46cd2d35267efb227f2e1719f201d538437a49723abb7403f1daeb2621815d286321f30384de3776fed1f97936454762478

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1