secure.paymentportal.cc Open in urlscan Pro
54.159.72.216 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://pay.x4.com/
Effective URL:
https://secure.paymentportal.cc/Merchant/Hosted/FullPage/8fb22bb6-22d2-4f80-b129-a7820b76126d
Submission: On August 13 via api (August 13th 2023, 1:40:01 am UTC) from US — Scanned from US

Summary HTTP 58 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 58 HTTP transactions. The main IP is 54.159.72.216, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is secure.paymentportal.cc.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on January 31st 2023. Valid for: a year.

This is the only time secure.paymentportal.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	208.109.26.237 208.109.26.237	398101 (GO-DADDY-...) (GO-DADDY-COM-LLC)
20	54.159.72.216 54.159.72.216	14618 (AMAZON-AES) (AMAZON-AES)
9	2607:f8b0:400... 2607:f8b0:4004:c17::5c	15169 (GOOGLE) (GOOGLE)
1	52.217.232.240 52.217.232.240	16509 (AMAZON-02) (AMAZON-02)
4	2607:f8b0:402... 2607:f8b0:4020:805::2004	15169 (GOOGLE) (GOOGLE)
17	2607:f8b0:402... 2607:f8b0:4020:805::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:402... 2607:f8b0:4020:807::200a	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:402... 2607:f8b0:4020:804::200e	15169 (GOOGLE) (GOOGLE)
58	7

1 208.109.26.237 (United States) 1 redirects

ASN398101 (GO-DADDY-COM-LLC, US)
PTR: 237.26.109.208.host.secureserver.net

pay.x4.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 54.159.72.216 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-159-72-216.compute-1.amazonaws.com

secure.paymentportal.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4004:c17::5c (Washington, United States)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.232.240 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4020:805::2004 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2607:f8b0:4020:805::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:807::200a (Montreal, Canada)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4020:804::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	paymentportal.cc secure.paymentportal.cc	1 MB
19	google.com pay.google.com — Cisco Umbrella Rank: 3220 www.google.com — Cisco Umbrella Rank: 3 play.google.com — Cisco Umbrella Rank: 59	843 KB
17	gstatic.com www.gstatic.com	852 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	1 KB
1	amazonaws.com s3.amazonaws.com	9 KB
1	x4.com 1 redirects pay.x4.com	144 B
58	6

	Domain	Requested by
20	secure.paymentportal.cc	secure.paymentportal.cc
17	www.gstatic.com	www.google.com secure.paymentportal.cc pay.google.com www.gstatic.com
9	pay.google.com	secure.paymentportal.cc pay.google.com www.gstatic.com
6	play.google.com	www.gstatic.com
4	www.google.com	secure.paymentportal.cc www.gstatic.com www.google.com
1	fonts.googleapis.com	client
1	s3.amazonaws.com	secure.paymentportal.cc
1	pay.x4.com	1 redirects
58	8

This site contains no links.

Subject Issuer	Validity	Valid
*.paymentportal.cc Go Daddy Secure Certificate Authority - G2	`2023-01-31` - `2024-03-03`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2023-07-10` - `2024-06-21`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://secure.paymentportal.cc/Merchant/Hosted/FullPage/8fb22bb6-22d2-4f80-b129-a7820b76126d
Frame ID: 10630C5F30BAF27D805A1CA9E0D10531
Requests: 26 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.paymentportal.cc&mid=
Frame ID: 34D3BBC8A6C603722B1384078E3883C0
Requests: 10 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.paymentportal.cc&mid=
Frame ID: A36EEA77D6601F8ECB4C95B8D19306DB
Requests: 7 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/generate_gpay_btn_img?buttonColor=black&browserLocale=en&buttonSizeMode=static&enableGpayNewButtonAsset=false
Frame ID: 1BE1E96EF1CE03A2B9C1669BD113A458
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdwcnQUAAAAAB6t1dmWPmomBwv1WsQzNj0mmUvq&co=aHR0cHM6Ly9zZWN1cmUucGF5bWVudHBvcnRhbC5jYzo0NDM.&hl=en&v=3kTz7WGoZLQTivI-amNftGZO&theme=light&size=normal&cb=2n2ohg4qwc2y
Frame ID: 6B6470EDB1285A351FAC75304AB8CF13
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=3kTz7WGoZLQTivI-amNftGZO&k=6LdwcnQUAAAAAB6t1dmWPmomBwv1WsQzNj0mmUvq
Frame ID: 1D7D4AA499F9087A5981093861754626
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Payment Portal

Page URL History Show full URLs

https://pay.x4.com/ HTTP 301
https://secure.paymentportal.cc/Merchant/Hosted/FullPage/8fb22bb6-22d2-4f80-b129-a7820b76126d Page URL

Detected technologies

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

58
Requests

100 %
HTTPS

63 %
IPv6

6
Domains

8
Subdomains

7
IPs

2
Countries

2977 kB
Transfer

6179 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://pay.x4.com/ HTTP 301
https://secure.paymentportal.cc/Merchant/Hosted/FullPage/8fb22bb6-22d2-4f80-b129-a7820b76126d Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

58 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 8fb22bb6-22d2-4f80-b129-a7820b76126d Show response
secure.paymentportal.cc/Merchant/Hosted/FullPage/
Redirect Chain

https://pay.x4.com/
https://secure.paymentportal.cc/Merchant/Hosted/FullPage/8fb22bb6-22d2-4f80-b129-a7820b76126d

52 KB
53 KB

588ms
388ms

Document
text/html

54.159.72.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.paymentportal.cc/Merchant/Hosted/FullPage/8fb22bb6-22d2-4f80-b129-a7820b76126d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.159.72.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-159-72-216.compute-1.amazonaws.com
Software: /
Resource Hash: cb6acb83a873f3779fde9ace888ba3b628b0be9ca6a4d0794a91892a3e04e972

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private
content-length: 53620
content-type: text/html; charset=utf-8
date: Sun, 13 Aug 2023 01:39:55 GMT

Redirect headers

content-length: 301
content-type: text/html; charset=iso-8859-1
date: Sun, 13 Aug 2023 01:39:54 GMT
location: https://secure.paymentportal.cc/Merchant/Hosted/FullPage/8fb22bb6-22d2-4f80-b129-a7820b76126d
server: Apache

GET
H2 200 hosted
secure.paymentportal.cc/Merchant/content/ 407 KB
407 KB 113ms
112ms Stylesheet
text/css 54.159.72.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.paymentportal.cc/Merchant/content/hosted?v=FXalINbRnm7Ri_ieK4w3zF-OgFuGNL-M33FhHu2VBpw1
Requested by: Host: secure.paymentportal.cc
URL: https://secure.paymentportal.cc/Merchant/Hosted/FullPage/8fb22bb6-22d2-4f80-b129-a7820b76126d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.159.72.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-159-72-216.compute-1.amazonaws.com
Software: /
Resource Hash: 5ceb0e0c3449db349fa2a8a141591291f82fe401208e523a1674a6aa366340b2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.paymentportal.cc/Merchant/Hosted/FullPage/8fb22bb6-22d2-4f80-b129-a7820b76126d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: text/css; charset=utf-8
date: Sun, 13 Aug 2023 01:39:55 GMT
cache-control: public
last-modified: Sun, 13 Aug 2023 01:39:55 GMT
content-length: 416520
vary: User-Agent
expires: Mon, 12 Aug 2024 01:39:55 GMT

GET
H2 200 pikaday
secure.paymentportal.cc/Merchant/content/pikaday/ 3 KB
3 KB 54ms
53ms Stylesheet
text/css 54.159.72.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.paymentportal.cc/Merchant/content/pikaday/pikaday?v=Bdb029nstIg_bJI5aDhv7-aR3EQem19nKOSa3ebxDO01
Requested by: Host: secure.paymentportal.cc
URL: https://secure.paymentportal.cc/Merchant/Hosted/FullPage/8fb22bb6-22d2-4f80-b129-a7820b76126d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.159.72.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-159-72-216.compute-1.amazonaws.com
Software: /
Resource Hash: 7e3ac31336e182449073b4f32bb6498c66125db7a45a4db6b597197d6a1bb3e0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.paymentportal.cc/Merchant/Hosted/FullPage/8fb22bb6-22d2-4f80-b129-a7820b76126d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: text/css; charset=utf-8
date: Sun, 13 Aug 2023 01:39:55 GMT
cache-control: public
last-modified: Sun, 13 Aug 2023 01:39:55 GMT
content-length: 2947
vary: User-Agent
expires: Mon, 12 Aug 2024 01:39:55 GMT

GET
H2 200 pikaday Show response
secure.paymentportal.cc/Merchant/bundles/ 62 KB
63 KB 112ms
111ms Script
text/javascript 54.159.72.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.paymentportal.cc/Merchant/bundles/pikaday?v=LWM892lfko73AJKaus5nzdJQF_f_CRDmnhjC5uSshOQ1
Requested by: Host: secure.paymentportal.cc
URL: https://secure.paymentportal.cc/Merchant/Hosted/FullPage/8fb22bb6-22d2-4f80-b129-a7820b76126d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.159.72.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-159-72-216.compute-1.amazonaws.com
Software: /
Resource Hash: edd6d5d9cb8a11c16ba69b9d10db1ce1c9ad572f6651e0225e6934660ec13357

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.paymentportal.cc/Merchant/Hosted/FullPage/8fb22bb6-22d2-4f80-b129-a7820b76126d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: text/javascript; charset=utf-8
date: Sun, 13 Aug 2023 01:39:55 GMT
cache-control: public
last-modified: Sun, 13 Aug 2023 01:39:55 GMT
content-length: 63779
vary: User-Agent
expires: Mon, 12 Aug 2024 01:39:55 GMT

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ 117 KB
36 KB 134ms
63ms Script
application/javascript 2607:f8b0:4004:c17::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: secure.paymentportal.cc
URL: https://secure.paymentportal.cc/Merchant/Hosted/FullPage/8fb22bb6-22d2-4f80-b129-a7820b76126d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

befe3b0e19e77a1734113d7c925766ae97ac1aa7ab47c4021c4a3cd70f388a76

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-rFYV3t8xKW2965WLq3rsvA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.paymentportal.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 01:39:55 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-rFYV3t8xKW2965WLq3rsvA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Sun, 13 Aug 2023 01:39:55 GMT

GET
H2 200 googlepaysupport Show response
secure.paymentportal.cc/Merchant/bundles/ 2 KB
2 KB 113ms
112ms Script
text/javascript 54.159.72.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.paymentportal.cc/Merchant/bundles/googlepaysupport?v=GmbkRjepFEKuzEy4tX7_XcDw3q2t8fmj7s32hqD3VsM1
Requested by: Host: secure.paymentportal.cc
URL: https://secure.paymentportal.cc/Merchant/Hosted/FullPage/8fb22bb6-22d2-4f80-b129-a7820b76126d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.159.72.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-159-72-216.compute-1.amazonaws.com
Software: /
Resource Hash: bf02c7944e7c68ef1a600e12ccc07272619357e0e7b99e869c5a63442d0b59bf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.paymentportal.cc/Merchant/Hosted/FullPage/8fb22bb6-22d2-4f80-b129-a7820b76126d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: text/javascript; charset=utf-8
date: Sun, 13 Aug 2023 01:39:55 GMT
cache-control: public
last-modified: Sun, 13 Aug 2023 01:39:55 GMT
content-length: 2005
vary: User-Agent
expires: Mon, 12 Aug 2024 01:39:55 GMT

GET
H2 200 applepayframe Show response
secure.paymentportal.cc/Merchant/bundles/ 5 KB
5 KB 113ms
112ms Script
text/javascript 54.159.72.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.paymentportal.cc/Merchant/bundles/applepayframe?v=nhemc81cNL55yC-dCHnRmFnrk8-PM7xP-op-r9VqEoU1
Requested by: Host: secure.paymentportal.cc
URL: https://secure.paymentportal.cc/Merchant/Hosted/FullPage/8fb22bb6-22d2-4f80-b129-a7820b76126d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.159.72.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-159-72-216.compute-1.amazonaws.com
Software: /
Resource Hash: 7820e02323112cbb0d469193260b641e4a5ef0f4d510f35e8021a2d00d886c1a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.paymentportal.cc/Merchant/Hosted/FullPage/8fb22bb6-22d2-4f80-b129-a7820b76126d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: text/javascript; charset=utf-8
date: Sun, 13 Aug 2023 01:39:55 GMT
cache-control: public
last-modified: Sun, 13 Aug 2023 01:39:55 GMT
content-length: 5425
vary: User-Agent
expires: Mon, 12 Aug 2024 01:39:55 GMT

GET
H2 200 applepay
secure.paymentportal.cc/Merchant/content/epic/ 967 B
1 KB 112ms
112ms Stylesheet
text/css 54.159.72.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.paymentportal.cc/Merchant/content/epic/applepay?v=gOKbiv9NECGL5DV9Ciq39pSU8Yt-kNn8K7BprUXTqKU1
Requested by: Host: secure.paymentportal.cc
URL: https://secure.paymentportal.cc/Merchant/Hosted/FullPage/8fb22bb6-22d2-4f80-b129-a7820b76126d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.159.72.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-159-72-216.compute-1.amazonaws.com
Software: /
Resource Hash: 804bd01f3dbff5b5e1e99dca0c6a9d1a45efbb9270f0084a93ed7c508c652bba

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.paymentportal.cc/Merchant/Hosted/FullPage/8fb22bb6-22d2-4f80-b129-a7820b76126d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: text/css; charset=utf-8
date: Sun, 13 Aug 2023 01:39:55 GMT
cache-control: public
last-modified: Sun, 13 Aug 2023 01:39:55 GMT
content-length: 967
vary: User-Agent
expires: Mon, 12 Aug 2024 01:39:55 GMT

GET
H/1.1 200
OK ca5cebeb-4238-49e0-899d-4843cbfe7694.jpg
s3.amazonaws.com/paymentportal-hostedpayment-assets/merchants/ 8 KB
9 KB 163ms
85ms Image
image/jpeg 52.217.232.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/paymentportal-hostedpayment-assets/merchants/ca5cebeb-4238-49e0-899d-4843cbfe7694.jpg
Requested by: Host: secure.paymentportal.cc
URL: https://secure.paymentportal.cc/Merchant/Hosted/FullPage/8fb22bb6-22d2-4f80-b129-a7820b76126d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.232.240 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1d092aa8b7a7e037ecc95b39db6c39559ba0f3bf6f56d6d0fc39ea5b25f5d811

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.paymentportal.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 01:39:56 GMT
Last-Modified: Mon, 19 Apr 2021 22:27:10 GMT
Server: AmazonS3
x-amz-request-id: 2GF8YZR84ZRD1CRW
ETag: "26f59fd16888497d06498ad907842b48"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 8410
x-amz-id-2: 0sJVm2JJC/Rmhl6icWx+XZgxE4pXrH14j3/TMmyH6+qPp2bmz6eXdLNJ2Vl5Lh/kjSYwVeL15sI=

GET
H2 200 micr.jpg
secure.paymentportal.cc/Merchant/Content/images/ 9 KB
9 KB 195ms
193ms Image
image/jpeg 54.159.72.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.paymentportal.cc/Merchant/Content/images/micr.jpg
Requested by: Host: secure.paymentportal.cc
URL: https://secure.paymentportal.cc/Merchant/Hosted/FullPage/8fb22bb6-22d2-4f80-b129-a7820b76126d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.159.72.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-159-72-216.compute-1.amazonaws.com
Software: /
Resource Hash: 8d82bca06e76f5d79e15e1a80c3810292e3275a9839fe2d8648588e0d7a2e351

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.paymentportal.cc/Merchant/Hosted/FullPage/8fb22bb6-22d2-4f80-b129-a7820b76126d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 01:39:55 GMT
last-modified: Thu, 14 Jul 2022 14:32:32 GMT
accept-ranges: bytes
etag: "00598d8e97d81:0"
content-length: 9571
content-type: image/jpeg

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 168ms
69ms Script
text/javascript 2607:f8b0:4020:805::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: secure.paymentportal.cc
URL: https://secure.paymentportal.cc/Merchant/Hosted/FullPage/8fb22bb6-22d2-4f80-b129-a7820b76126d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

31cd7bd5f71dfcb7caebc43b16ea2ef880d2ac8da1212dacc0213e7eb0ecbb3e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.paymentportal.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 01:39:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 834
x-xss-protection: 1; mode=block
expires: Sun, 13 Aug 2023 01:39:55 GMT

GET
H2 200 GPay_Acceptance_Mark_800.png
secure.paymentportal.cc/Merchant/Content/images/ 33 KB
34 KB 194ms
193ms Image
image/png 54.159.72.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.paymentportal.cc/Merchant/Content/images/GPay_Acceptance_Mark_800.png
Requested by: Host: secure.paymentportal.cc
URL: https://secure.paymentportal.cc/Merchant/Hosted/FullPage/8fb22bb6-22d2-4f80-b129-a7820b76126d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.159.72.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-159-72-216.compute-1.amazonaws.com
Software: /
Resource Hash: 510b0d3f2370083584fbfdc0d2978f0858beec21b1311e5d01c80780f207f3cb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.paymentportal.cc/Merchant/Hosted/FullPage/8fb22bb6-22d2-4f80-b129-a7820b76126d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 01:39:55 GMT
last-modified: Thu, 14 Jul 2022 14:32:32 GMT
accept-ranges: bytes
etag: "00598d8e97d81:0"
content-length: 34146
content-type: image/png

GET
H2 200 ApplePayMark.png
secure.paymentportal.cc/Merchant/Content/images/ 58 KB
58 KB 193ms
192ms Image
image/png 54.159.72.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.paymentportal.cc/Merchant/Content/images/ApplePayMark.png
Requested by: Host: secure.paymentportal.cc
URL: https://secure.paymentportal.cc/Merchant/Hosted/FullPage/8fb22bb6-22d2-4f80-b129-a7820b76126d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.159.72.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-159-72-216.compute-1.amazonaws.com
Software: /
Resource Hash: 93adea47e9f023bac9e48ad2c7f22c9b9b75630175b190c2d3b41a1586db33e3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.paymentportal.cc/Merchant/Hosted/FullPage/8fb22bb6-22d2-4f80-b129-a7820b76126d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 01:39:55 GMT
last-modified: Thu, 14 Jul 2022 14:32:32 GMT
accept-ranges: bytes
etag: "00598d8e97d81:0"
content-length: 59321
content-type: image/png

GET
H2 200 jquery Show response
secure.paymentportal.cc/Merchant/bundles/ 90 KB
90 KB 112ms
110ms Script
text/javascript 54.159.72.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.paymentportal.cc/Merchant/bundles/jquery?v=LB_elIAcFnpDRQ_bxnDrHUUEPTu8kp2ukwY4xCCteZs1
Requested by: Host: secure.paymentportal.cc
URL: https://secure.paymentportal.cc/Merchant/Hosted/FullPage/8fb22bb6-22d2-4f80-b129-a7820b76126d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.159.72.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-159-72-216.compute-1.amazonaws.com
Software: /
Resource Hash: b9ab4fbcea65e7295a6dab6402314a59b60d890ba2e67d4dbf79e3fc44850148

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.paymentportal.cc/Merchant/Hosted/FullPage/8fb22bb6-22d2-4f80-b129-a7820b76126d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: text/javascript; charset=utf-8
date: Sun, 13 Aug 2023 01:39:55 GMT
cache-control: public
last-modified: Sun, 13 Aug 2023 01:39:55 GMT
content-length: 92377
vary: User-Agent
expires: Mon, 12 Aug 2024 01:39:55 GMT

GET
H2 200 hosted-libs Show response
secure.paymentportal.cc/Merchant/bundles/ 138 KB
139 KB 108ms
106ms Script
text/javascript 54.159.72.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.paymentportal.cc/Merchant/bundles/hosted-libs?v=XT8X1qc0E7YI18sz8IYtO6lsVM-oMrEbqz5VKnTS_lg1
Requested by: Host: secure.paymentportal.cc
URL: https://secure.paymentportal.cc/Merchant/Hosted/FullPage/8fb22bb6-22d2-4f80-b129-a7820b76126d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.159.72.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-159-72-216.compute-1.amazonaws.com
Software: /
Resource Hash: 6af389fb316282c317a0944d821c5a98d56016a1dce1a93b8cf69ced5b2175bf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.paymentportal.cc/Merchant/Hosted/FullPage/8fb22bb6-22d2-4f80-b129-a7820b76126d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: text/javascript; charset=utf-8
date: Sun, 13 Aug 2023 01:39:55 GMT
cache-control: public
last-modified: Sun, 13 Aug 2023 01:39:55 GMT
content-length: 141666
vary: User-Agent
expires: Mon, 12 Aug 2024 01:39:55 GMT

GET
H2 200 jqueryval Show response
secure.paymentportal.cc/Merchant/bundles/ 45 KB
45 KB 73ms
71ms Script
text/javascript 54.159.72.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.paymentportal.cc/Merchant/bundles/jqueryval?v=GFVKdL_eNFonXCfrHQA-iReQr8P_j_XRs6gOdZdjvQI1
Requested by: Host: secure.paymentportal.cc
URL: https://secure.paymentportal.cc/Merchant/Hosted/FullPage/8fb22bb6-22d2-4f80-b129-a7820b76126d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.159.72.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-159-72-216.compute-1.amazonaws.com
Software: /
Resource Hash: be0e4bfca06b6a7d8b717aebed3e633859b690dc555b25a7c920fc33701a00de

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.paymentportal.cc/Merchant/Hosted/FullPage/8fb22bb6-22d2-4f80-b129-a7820b76126d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: text/javascript; charset=utf-8
date: Sun, 13 Aug 2023 01:39:55 GMT
cache-control: public
last-modified: Sun, 13 Aug 2023 01:39:55 GMT
content-length: 45686
vary: User-Agent
expires: Mon, 12 Aug 2024 01:39:55 GMT

GET
H2 200 tooltips Show response
secure.paymentportal.cc/Merchant/bundles/tools/ 778 B
955 B 112ms
110ms Script
text/javascript 54.159.72.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.paymentportal.cc/Merchant/bundles/tools/tooltips?v=ehlemajPkWbfiP7RStzr8xHHbXzMrNEkjqig3rvfRM81
Requested by: Host: secure.paymentportal.cc
URL: https://secure.paymentportal.cc/Merchant/Hosted/FullPage/8fb22bb6-22d2-4f80-b129-a7820b76126d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.159.72.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-159-72-216.compute-1.amazonaws.com
Software: /
Resource Hash: 035219b6bf7f56f49f3078f9071656ce9a1bb7b1b52deffddc8d8b4d0344dd71

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.paymentportal.cc/Merchant/Hosted/FullPage/8fb22bb6-22d2-4f80-b129-a7820b76126d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: text/javascript; charset=utf-8
date: Sun, 13 Aug 2023 01:39:55 GMT
cache-control: public
last-modified: Sun, 13 Aug 2023 01:39:55 GMT
content-length: 778
vary: User-Agent
expires: Mon, 12 Aug 2024 01:39:55 GMT

GET
H2 200 getcreditcardtype Show response
secure.paymentportal.cc/Merchant/bundles/tools/ 2 KB
2 KB 111ms
109ms Script
text/javascript 54.159.72.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.paymentportal.cc/Merchant/bundles/tools/getcreditcardtype?v=smXmpXGZ5VDcE7PCxOXkapHj5_r9Z5VZunOm_vGoBg01
Requested by: Host: secure.paymentportal.cc
URL: https://secure.paymentportal.cc/Merchant/Hosted/FullPage/8fb22bb6-22d2-4f80-b129-a7820b76126d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.159.72.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-159-72-216.compute-1.amazonaws.com
Software: /
Resource Hash: 0ca05966b4d7f60f6d6fe25073b87b246c1d1b31e3ceedc08ad4841e30de680d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.paymentportal.cc/Merchant/Hosted/FullPage/8fb22bb6-22d2-4f80-b129-a7820b76126d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: text/javascript; charset=utf-8
date: Sun, 13 Aug 2023 01:39:55 GMT
cache-control: public
last-modified: Sun, 13 Aug 2023 01:39:55 GMT
content-length: 1812
vary: User-Agent
expires: Mon, 12 Aug 2024 01:39:55 GMT

GET
H2 200 inputcharfilters Show response
secure.paymentportal.cc/Merchant/bundles/tools/ 389 B
566 B 195ms
193ms Script
text/javascript 54.159.72.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.paymentportal.cc/Merchant/bundles/tools/inputcharfilters?v=Uzk4Z2S7I8Y2otpRALK0W64LW-xADt2GBCWMnres2Bc1
Requested by: Host: secure.paymentportal.cc
URL: https://secure.paymentportal.cc/Merchant/Hosted/FullPage/8fb22bb6-22d2-4f80-b129-a7820b76126d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.159.72.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-159-72-216.compute-1.amazonaws.com
Software: /
Resource Hash: df9fee751d012c66fc8eb5d880ca1760424d58236f235e68e6fd89259e63d1a1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.paymentportal.cc/Merchant/Hosted/FullPage/8fb22bb6-22d2-4f80-b129-a7820b76126d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: text/javascript; charset=utf-8
date: Sun, 13 Aug 2023 01:39:55 GMT
cache-control: public
last-modified: Sun, 13 Aug 2023 01:39:55 GMT
content-length: 389
vary: User-Agent
expires: Mon, 12 Aug 2024 01:39:55 GMT

GET
H2 200 routingnumber Show response
secure.paymentportal.cc/Merchant/bundles/validation/ 1 KB
1 KB 195ms
194ms Script
text/javascript 54.159.72.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.paymentportal.cc/Merchant/bundles/validation/routingnumber?v=9KtNKS5SKg6t1GpG2GYyLJp7fIjBtHrEUThnVzlvonI1
Requested by: Host: secure.paymentportal.cc
URL: https://secure.paymentportal.cc/Merchant/Hosted/FullPage/8fb22bb6-22d2-4f80-b129-a7820b76126d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.159.72.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-159-72-216.compute-1.amazonaws.com
Software: /
Resource Hash: 3d452a4714e91dadeedfb695edf5f8a255a6533cbb1e60c9a0d4a435a0622acf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.paymentportal.cc/Merchant/Hosted/FullPage/8fb22bb6-22d2-4f80-b129-a7820b76126d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: text/javascript; charset=utf-8
date: Sun, 13 Aug 2023 01:39:55 GMT
cache-control: public
last-modified: Sun, 13 Aug 2023 01:39:55 GMT
content-length: 1033
vary: User-Agent
expires: Mon, 12 Aug 2024 01:39:55 GMT

GET
H2 200 hostedpayment Show response
secure.paymentportal.cc/Merchant/bundles/ 49 KB
49 KB 195ms
194ms Script
text/javascript 54.159.72.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.paymentportal.cc/Merchant/bundles/hostedpayment?v=CLK-m9xsPFlieD1uGE3Syu6KF7mB7TXgjoP6BJ1qXts1
Requested by: Host: secure.paymentportal.cc
URL: https://secure.paymentportal.cc/Merchant/Hosted/FullPage/8fb22bb6-22d2-4f80-b129-a7820b76126d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.159.72.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-159-72-216.compute-1.amazonaws.com
Software: /
Resource Hash: a8685028cebba4bc6fc6c9975024772fb69d0397e2ac270c4b045a56a595edbd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.paymentportal.cc/Merchant/Hosted/FullPage/8fb22bb6-22d2-4f80-b129-a7820b76126d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: text/javascript; charset=utf-8
date: Sun, 13 Aug 2023 01:39:55 GMT
cache-control: public
last-modified: Sun, 13 Aug 2023 01:39:55 GMT
content-length: 49909
vary: User-Agent
expires: Mon, 12 Aug 2024 01:39:55 GMT

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 34D3 18 KB
8 KB 80ms
79ms Document
text/html 2607:f8b0:4004:c17::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.paymentportal.cc&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

38a6bb6aaa338adae0078a4088c4f19def7438b01dcf201834784f9f29ac6b5e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wGmbMzWhSAqZjrFEELQi8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.paymentportal.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-wGmbMzWhSAqZjrFEELQi8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Sun, 13 Aug 2023 01:39:55 GMT
expires: Sun, 13 Aug 2023 01:39:55 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame A36E 18 KB
8 KB 87ms
87ms Document
text/html 2607:f8b0:4004:c17::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.paymentportal.cc&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0d17870143ea3a78707be5020e89ac14dbdc1be0e442e808585376c2b8ba1205

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-y_h9sKzci7m9Y129CUybzw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.paymentportal.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-y_h9sKzci7m9Y129CUybzw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Sun, 13 Aug 2023 01:39:55 GMT
expires: Sun, 13 Aug 2023 01:39:55 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/ 438 KB
177 KB 120ms
35ms Script
text/javascript 2607:f8b0:4020:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973351a8332ef14670e481d690b0e7d242a6b3c949fdcac75cb767068ee5241c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.paymentportal.cc/
Origin: https://secure.paymentportal.cc
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 16:07:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 466369
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 180114
x-xss-protection: 0
last-modified: Sun, 06 Aug 2023 12:02:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Aug 2024 16:07:06 GMT

GET
H2 200 fa-regular-400.woff2
secure.paymentportal.cc/Merchant/fonts/ 170 KB
171 KB 45ms
45ms Font
application/x-font-woff2 54.159.72.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.paymentportal.cc/Merchant/fonts/fa-regular-400.woff2
Requested by: Host: secure.paymentportal.cc
URL: https://secure.paymentportal.cc/Merchant/content/hosted?v=FXalINbRnm7Ri_ieK4w3zF-OgFuGNL-M33FhHu2VBpw1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.159.72.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-159-72-216.compute-1.amazonaws.com
Software: /
Resource Hash: a771731f8ddb3a2c0426884135e1136b22d3a40bb48c69bf77b58f3e5c854ed7

Request headers

Referer: https://secure.paymentportal.cc/Merchant/content/hosted?v=FXalINbRnm7Ri_ieK4w3zF-OgFuGNL-M33FhHu2VBpw1
Origin: https://secure.paymentportal.cc
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 01:39:55 GMT
last-modified: Thu, 14 Jul 2022 14:32:36 GMT
accept-ranges: bytes
etag: "05abb8f8e97d81:0"
content-length: 174360
content-type: application/x-font-woff2

GET
H2 200 fa-solid-900.woff2
secure.paymentportal.cc/Merchant/fonts/ 138 KB
139 KB 41ms
40ms Font
application/x-font-woff2 54.159.72.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.paymentportal.cc/Merchant/fonts/fa-solid-900.woff2
Requested by: Host: secure.paymentportal.cc
URL: https://secure.paymentportal.cc/Merchant/content/hosted?v=FXalINbRnm7Ri_ieK4w3zF-OgFuGNL-M33FhHu2VBpw1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.159.72.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-159-72-216.compute-1.amazonaws.com
Software: /
Resource Hash: e77c7e1c8f859611d1200ee9a75eadbce02664f28a53b05807233e88deb82f65

Request headers

Referer: https://secure.paymentportal.cc/Merchant/content/hosted?v=FXalINbRnm7Ri_ieK4w3zF-OgFuGNL-M33FhHu2VBpw1
Origin: https://secure.paymentportal.cc
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 01:39:55 GMT
last-modified: Thu, 14 Jul 2022 14:32:36 GMT
accept-ranges: bytes
etag: "05abb8f8e97d81:0"
content-length: 141600
content-type: application/x-font-woff2

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 138ms
57ms Stylesheet
text/css 2607:f8b0:4020:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google+Sans:500

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bd73795a36105df3f2ae20f25b799ee4e9c4d73c3671d5110d551cd2236b9847

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.paymentportal.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 13 Aug 2023 01:39:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 13 Aug 2023 00:41:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 13 Aug 2023 01:39:55 GMT

GET
H2 200 generate_gpay_btn_img Show response
pay.google.com/gp/p/ Frame 1BE1 23 KB
10 KB 72ms
71ms Document
text/html 2607:f8b0:4004:c17::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/generate_gpay_btn_img?buttonColor=black&browserLocale=en&buttonSizeMode=static&enableGpayNewButtonAsset=false

Requested by

Host: secure.paymentportal.cc
URL: https://secure.paymentportal.cc/Merchant/bundles/googlepaysupport?v=GmbkRjepFEKuzEy4tX7_XcDw3q2t8fmj7s32hqD3VsM1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fda8a7e4376867e3bbb7e73a49d04b2592998bf56b7804477876fd0c9999b28d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-eRQ4J3c-QnNqgcUzuNIPhw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayButtonUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayButtonUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayButtonUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.paymentportal.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-eRQ4J3c-QnNqgcUzuNIPhw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayButtonUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayButtonUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayButtonUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Sun, 13 Aug 2023 01:39:55 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 payment_white_36dp.png
www.gstatic.com/images/icons/material/system/1x/ 149 B
464 B 153ms
73ms Image
image/png 2607:f8b0:4020:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/1x/payment_white_36dp.png

Requested by

Host: secure.paymentportal.cc
URL: https://secure.paymentportal.cc/Merchant/Hosted/FullPage/8fb22bb6-22d2-4f80-b129-a7820b76126d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

004d7aa90e2889f6291a71c84ac3d3e394e0cade32bd41dc214736418f769181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.paymentportal.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:18:13 GMT
x-content-type-options: nosniff
age: 174102
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 149
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 10 Aug 2024 01:18:13 GMT

GET
H2 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.NHJ_dRw3ETQ.es5.O/am=AMB4/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=... Frame 34D3 156 KB
55 KB 95ms
74ms Script
text/javascript 2607:f8b0:4020:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.NHJ_dRw3ETQ.es5.O/am=AMB4/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhMuoclJbAfeWdLRy-FSBd_P7lJ8A/m=_b,_tp,_r

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.paymentportal.cc&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63abe98596070e1d4e3e87757a1a6e098fb3c9c8c432a7f5d4840a637d9eb0df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 16:29:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 119407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56597
x-xss-protection: 0
last-modified: Fri, 11 Aug 2023 04:38:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Aug 2024 16:29:48 GMT

GET
H2 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.NHJ_dRw3ETQ.es5.O/am=AMB4/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=... Frame A36E 156 KB
56 KB 55ms
38ms Script
text/javascript 2607:f8b0:4020:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.paymentportal.cc&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63abe98596070e1d4e3e87757a1a6e098fb3c9c8c432a7f5d4840a637d9eb0df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 16:29:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 119407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56597
x-xss-protection: 0
last-modified: Fri, 11 Aug 2023 04:38:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Aug 2024 16:29:48 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 34D3 2 KB
2 KB 140ms
140ms Other
text/html 2607:f8b0:4004:c17::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: secure.paymentportal.cc
URL: https://secure.paymentportal.cc/Merchant/Hosted/FullPage/8fb22bb6-22d2-4f80-b129-a7820b76126d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c17::5c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 13 Aug 2023 01:39:55 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame A36E 2 KB
2 KB 141ms
141ms Other
text/html 2607:f8b0:4004:c17::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: secure.paymentportal.cc
URL: https://secure.paymentportal.cc/Merchant/Hosted/FullPage/8fb22bb6-22d2-4f80-b129-a7820b76126d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c17::5c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 13 Aug 2023 01:39:55 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H2 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.-z-0sx7S2bI.es5.O/am=AMDY/d=1/excm=_b,_r,_tp,generategooglepaybuttonimage/ed=1/dg... Frame 1BE1 159 KB
56 KB 100ms
99ms Script
text/javascript 2607:f8b0:4020:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.-z-0sx7S2bI.es5.O/am=AMDY/d=1/excm=_b,_r,_tp,generategooglepaybuttonimage/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrja6Z8b5jDv5ke2mcdiHBSsVVoa6Q/m=_b,_tp,_r

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/generate_gpay_btn_img?buttonColor=black&browserLocale=en&buttonSizeMode=static&enableGpayNewButtonAsset=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0f21c2ea71d5cdf5d5a21bbc6552910554369f1053b4c6b8f539e0c0eb72d32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 19:48:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107490
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57598
x-xss-protection: 0
last-modified: Fri, 11 Aug 2023 04:38:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Aug 2024 19:48:25 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayButtonUi/ Frame 1BE1 2 KB
2 KB 142ms
142ms Other
text/html 2607:f8b0:4004:c17::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayButtonUi/cspreport
Requested by: Host: secure.paymentportal.cc
URL: https://secure.paymentportal.cc/Merchant/Hosted/FullPage/8fb22bb6-22d2-4f80-b129-a7820b76126d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c17::5c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 65ff9ae6d7be23f1b0164644acc1c8af7d7daccc143c976fd133b5b19f0505ff

Request headers

Referer: https://pay.google.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 13 Aug 2023 01:39:55 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1609
content-type: text/html; charset=UTF-8

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 6B64 55 KB
31 KB 112ms
111ms Document
text/html 2607:f8b0:4020:805::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdwcnQUAAAAAB6t1dmWPmomBwv1WsQzNj0mmUvq&co=aHR0cHM6Ly9zZWN1cmUucGF5bWVudHBvcnRhbC5jYzo0NDM.&hl=en&v=3kTz7WGoZLQTivI-amNftGZO&theme=light&size=normal&cb=2n2ohg4qwc2y

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

35b3888e0b893b06ac86b4a85d249e65df8fc8c6a0c8cb9c5f964164692be49a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FcBe2FIEAc5m-QWs0Z7cfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.paymentportal.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 31550
content-security-policy: script-src 'report-sample' 'nonce-FcBe2FIEAc5m-QWs0Z7cfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 13 Aug 2023 01:39:56 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.NHJ_dRw3ETQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.x7t... Frame A36E 72 KB
26 KB 34ms
33ms Script
text/javascript 2607:f8b0:4020:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.NHJ_dRw3ETQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.x7tkdOc3ijo.L.B1.O/am=AMB4/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriAMEEfkl-WV1J1kxulMvaBRo6zKg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.NHJ_dRw3ETQ.es5.O/am=AMB4/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhMuoclJbAfeWdLRy-FSBd_P7lJ8A/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4925f31a037caf21a18cd1b69d07134dba8a693b85ba2be3fdb6372a122657f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 18:33:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111967
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26821
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 20:36:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Aug 2024 18:33:48 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.NHJ_dRw3ETQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.x7t... Frame A36E 9 KB
4 KB 34ms
33ms Script
text/javascript 2607:f8b0:4020:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.NHJ_dRw3ETQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.x7tkdOc3ijo.L.B1.O/am=AMB4/d=1/exm=Das5Le,IZT63,PrPYRd,ZyYHPb,_b,_r,_tp,hc6Ubd,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriAMEEfkl-WV1J1kxulMvaBRo6zKg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b50c4745db73346779b558ca2fea2384d9a2a459e5cdaf00462da783f47f7c0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 18:33:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111967
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3916
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 20:36:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Aug 2024 18:33:49 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.NHJ_dRw3ETQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.x7t... Frame A36E 36 KB
14 KB 36ms
36ms Script
text/javascript 2607:f8b0:4020:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.NHJ_dRw3ETQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.x7tkdOc3ijo.L.B1.O/am=AMB4/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriAMEEfkl-WV1J1kxulMvaBRo6zKg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b761fe3aef8072d6fe04fd7ecb6ec9ea14fca9886850ab28ec0876b59649ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 18:33:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111967
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13836
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 20:36:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Aug 2024 18:33:49 GMT

GET
H3 200 m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.NHJ_dRw3ETQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.x7t... Frame 34D3 72 KB
26 KB 32ms
32ms Script
text/javascript 2607:f8b0:4020:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4925f31a037caf21a18cd1b69d07134dba8a693b85ba2be3fdb6372a122657f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 18:33:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111968
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26821
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 20:36:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Aug 2024 18:33:48 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.-z-0sx7S2bI.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.Q... Frame 1BE1 17 KB
7 KB 44ms
43ms Script
text/javascript 2607:f8b0:4020:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.-z-0sx7S2bI.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.QPp-BBdd_7g.L.B1.O/am=AMDY/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,generategooglepaybuttonimage/ed=1/wt=2/ujg=1/rs=AMitfrhyq2iecMXZwIx78IAeYrgFCeMypA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.-z-0sx7S2bI.es5.O/am=AMDY/d=1/excm=_b,_r,_tp,generategooglepaybuttonimage/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrja6Z8b5jDv5ke2mcdiHBSsVVoa6Q/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78673761ff40de8ebfce4e19be760ab83ba2af9f6c52f7f29e2f7092f84785c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 19:51:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107330
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6649
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 20:36:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Aug 2024 19:51:06 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.-z-0sx7S2bI.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.Q... Frame 1BE1 35 KB
13 KB 46ms
46ms Script
text/javascript 2607:f8b0:4020:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.-z-0sx7S2bI.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.QPp-BBdd_7g.L.B1.O/am=AMDY/d=1/exm=FCpbqb,WhJNk,Wt6vjf,_b,_r,_tp,hhhU8,ws9Tlc/excm=_b,_r,_tp,generategooglepaybuttonimage/ed=1/wt=2/ujg=1/rs=AMitfrhyq2iecMXZwIx78IAeYrgFCeMypA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

311fa1e9c7165ddea02014e24ca1f992897dc74dee0b4cc740b5f7d940a7d984

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 19:51:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107330
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13574
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 20:36:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Aug 2024 19:51:06 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame A36E 1 MB
371 KB 78ms
78ms XHR
text/html 2607:f8b0:4004:c17::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::5c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3084d7110572de48fdc88590461caddfdbd398debae0a1d95e7aaae02308a4ed

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Z0cZ54A6VQ1ChNDq7cKYrw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 01:39:56 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Z0cZ54A6VQ1ChNDq7cKYrw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Sun, 13 Aug 2023 01:39:56 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/ Frame 6B64 55 KB
24 KB 41ms
40ms Stylesheet
text/css 2607:f8b0:4020:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdwcnQUAAAAAB6t1dmWPmomBwv1WsQzNj0mmUvq&co=aHR0cHM6Ly9zZWN1cmUucGF5bWVudHBvcnRhbC5jYzo0NDM.&hl=en&v=3kTz7WGoZLQTivI-amNftGZO&theme=light&size=normal&cb=2n2ohg4qwc2y

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 16:07:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 466370
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sun, 06 Aug 2023 12:02:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Aug 2024 16:07:06 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/ Frame 6B64 438 KB
176 KB 41ms
39ms Script
text/javascript 2607:f8b0:4020:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973351a8332ef14670e481d690b0e7d242a6b3c949fdcac75cb767068ee5241c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 16:07:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 466370
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 180114
x-xss-protection: 0
last-modified: Sun, 06 Aug 2023 12:02:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Aug 2024 16:07:06 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 34D3 1 MB
371 KB 94ms
94ms XHR
text/html 2607:f8b0:4004:c17::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::5c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c3ddbe69d9fe7ccdf9d98a62be199271ce069f1d15da41ec63aef2680b33534e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6sQbk9Q_He6zy4z-EnT3KQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 01:39:56 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-6sQbk9Q_He6zy4z-EnT3KQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Sun, 13 Aug 2023 01:39:56 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.NHJ_dRw3ETQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.x7t... Frame 34D3 9 KB
4 KB 76ms
74ms Script
text/javascript 2607:f8b0:4020:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.NHJ_dRw3ETQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.x7tkdOc3ijo.L.B1.O/am=AMB4/d=1/exm=Das5Le,IZT63,PrPYRd,ZyYHPb,_b,_r,_tp,hc6Ubd,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriAMEEfkl-WV1J1kxulMvaBRo6zKg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b50c4745db73346779b558ca2fea2384d9a2a459e5cdaf00462da783f47f7c0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 18:33:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111967
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3916
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 20:36:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Aug 2024 18:33:49 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.NHJ_dRw3ETQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.x7t... Frame 34D3 36 KB
14 KB 75ms
75ms Script
text/javascript 2607:f8b0:4020:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.NHJ_dRw3ETQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.x7tkdOc3ijo.L.B1.O/am=AMB4/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriAMEEfkl-WV1J1kxulMvaBRo6zKg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b761fe3aef8072d6fe04fd7ecb6ec9ea14fca9886850ab28ec0876b59649ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 18:33:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111967
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13836
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 20:36:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Aug 2024 18:33:49 GMT

POST
H3 200 log Show response
play.google.com/ Frame 34D3 131 B
152 B 199ms
131ms XHR
text/plain 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 13 Aug 2023 01:39:56 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 200 log Show response
play.google.com/ Frame 34D3 131 B
152 B 196ms
130ms XHR
text/plain 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 13 Aug 2023 01:39:56 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 200 log Show response
play.google.com/ Frame 34D3 131 B
152 B 197ms
131ms XHR
text/plain 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 13 Aug 2023 01:39:56 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 138ms
53ms Preflight
text/plain 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 13 Aug 2023 01:39:56 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 137ms
55ms Preflight
text/plain 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 13 Aug 2023 01:39:56 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 136ms
55ms Preflight
text/plain 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 13 Aug 2023 01:39:56 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 6B64 102 B
134 B 64ms
64ms Other
text/javascript 2607:f8b0:4020:805::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=3kTz7WGoZLQTivI-amNftGZO

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0d62c80e8180a2c275d761c5fb681cc5b0e41fff53d32926ebed430f91f511c9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdwcnQUAAAAAB6t1dmWPmomBwv1WsQzNj0mmUvq&co=aHR0cHM6Ly9zZWN1cmUucGF5bWVudHBvcnRhbC5jYzo0NDM.&hl=en&v=3kTz7WGoZLQTivI-amNftGZO&theme=light&size=normal&cb=2n2ohg4qwc2y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 01:39:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Sun, 13 Aug 2023 01:39:56 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 1D7D 7 KB
1 KB 106ms
105ms Document
text/html 2607:f8b0:4020:805::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=3kTz7WGoZLQTivI-amNftGZO&k=6LdwcnQUAAAAAB6t1dmWPmomBwv1WsQzNj0mmUvq

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2c9adaeb267ee4bdc9d596e4cb01953d4a1c61e9023f5434b8de5e3e498c88cf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-a7BTN0BqEwYm0QHfeM-QlQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.paymentportal.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1156
content-security-policy: script-src 'report-sample' 'nonce-a7BTN0BqEwYm0QHfeM-QlQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 13 Aug 2023 01:39:56 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/ Frame 1D7D 55 KB
24 KB 33ms
32ms Stylesheet
text/css 2607:f8b0:4020:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=3kTz7WGoZLQTivI-amNftGZO&k=6LdwcnQUAAAAAB6t1dmWPmomBwv1WsQzNj0mmUvq

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 16:07:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 466370
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sun, 06 Aug 2023 12:02:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Aug 2024 16:07:06 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/ Frame 1D7D 438 KB
176 KB 34ms
33ms Script
text/javascript 2607:f8b0:4020:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=3kTz7WGoZLQTivI-amNftGZO&k=6LdwcnQUAAAAAB6t1dmWPmomBwv1WsQzNj0mmUvq

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973351a8332ef14670e481d690b0e7d242a6b3c949fdcac75cb767068ee5241c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 16:07:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 466370
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 180114
x-xss-protection: 0
last-modified: Sun, 06 Aug 2023 12:02:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Aug 2024 16:07:06 GMT

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			secure.paymentportal.cc/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: hpmmdzbhedohrsjyn3dig4ba
			.google.com/	1970-01-20 18:21:41	Name: NID Value: 511=kMeJ2Q4G6C09pNQIN_LkgpVXJwXevJq_LWJCwMK61DlaBNeaiNSLpmDb6-j8MaBeAB8fSu2qoj4egC88ozvuAdJehbS_Jts2US7nD-Bw0yGg4Lw3O5sJXR8IJdW_kC3dhTmMvBJ4M5JKl5qQBJfZVYzpAPk5tRCkluXEWNqxumc

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayButtonUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
pay.google.com
pay.x4.com
play.google.com
s3.amazonaws.com
secure.paymentportal.cc
www.google.com
www.gstatic.com
208.109.26.237
2607:f8b0:4004:c17::5c
2607:f8b0:4020:804::200e
2607:f8b0:4020:805::2003
2607:f8b0:4020:805::2004
2607:f8b0:4020:807::200a
52.217.232.240
54.159.72.216
004d7aa90e2889f6291a71c84ac3d3e394e0cade32bd41dc214736418f769181
035219b6bf7f56f49f3078f9071656ce9a1bb7b1b52deffddc8d8b4d0344dd71
0b761fe3aef8072d6fe04fd7ecb6ec9ea14fca9886850ab28ec0876b59649ac4
0ca05966b4d7f60f6d6fe25073b87b246c1d1b31e3ceedc08ad4841e30de680d
0d17870143ea3a78707be5020e89ac14dbdc1be0e442e808585376c2b8ba1205
0d62c80e8180a2c275d761c5fb681cc5b0e41fff53d32926ebed430f91f511c9
1d092aa8b7a7e037ecc95b39db6c39559ba0f3bf6f56d6d0fc39ea5b25f5d811
2c9adaeb267ee4bdc9d596e4cb01953d4a1c61e9023f5434b8de5e3e498c88cf
3084d7110572de48fdc88590461caddfdbd398debae0a1d95e7aaae02308a4ed
311fa1e9c7165ddea02014e24ca1f992897dc74dee0b4cc740b5f7d940a7d984
31cd7bd5f71dfcb7caebc43b16ea2ef880d2ac8da1212dacc0213e7eb0ecbb3e
35b3888e0b893b06ac86b4a85d249e65df8fc8c6a0c8cb9c5f964164692be49a
38a6bb6aaa338adae0078a4088c4f19def7438b01dcf201834784f9f29ac6b5e
3d452a4714e91dadeedfb695edf5f8a255a6533cbb1e60c9a0d4a435a0622acf
4925f31a037caf21a18cd1b69d07134dba8a693b85ba2be3fdb6372a122657f0
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
510b0d3f2370083584fbfdc0d2978f0858beec21b1311e5d01c80780f207f3cb
5ceb0e0c3449db349fa2a8a141591291f82fe401208e523a1674a6aa366340b2
63abe98596070e1d4e3e87757a1a6e098fb3c9c8c432a7f5d4840a637d9eb0df
65ff9ae6d7be23f1b0164644acc1c8af7d7daccc143c976fd133b5b19f0505ff
6af389fb316282c317a0944d821c5a98d56016a1dce1a93b8cf69ced5b2175bf
7820e02323112cbb0d469193260b641e4a5ef0f4d510f35e8021a2d00d886c1a
78673761ff40de8ebfce4e19be760ab83ba2af9f6c52f7f29e2f7092f84785c5
7e3ac31336e182449073b4f32bb6498c66125db7a45a4db6b597197d6a1bb3e0
804bd01f3dbff5b5e1e99dca0c6a9d1a45efbb9270f0084a93ed7c508c652bba
8d82bca06e76f5d79e15e1a80c3810292e3275a9839fe2d8648588e0d7a2e351
93adea47e9f023bac9e48ad2c7f22c9b9b75630175b190c2d3b41a1586db33e3
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
973351a8332ef14670e481d690b0e7d242a6b3c949fdcac75cb767068ee5241c
a771731f8ddb3a2c0426884135e1136b22d3a40bb48c69bf77b58f3e5c854ed7
a8685028cebba4bc6fc6c9975024772fb69d0397e2ac270c4b045a56a595edbd
b50c4745db73346779b558ca2fea2384d9a2a459e5cdaf00462da783f47f7c0e
b9ab4fbcea65e7295a6dab6402314a59b60d890ba2e67d4dbf79e3fc44850148
bd73795a36105df3f2ae20f25b799ee4e9c4d73c3671d5110d551cd2236b9847
be0e4bfca06b6a7d8b717aebed3e633859b690dc555b25a7c920fc33701a00de
befe3b0e19e77a1734113d7c925766ae97ac1aa7ab47c4021c4a3cd70f388a76
bf02c7944e7c68ef1a600e12ccc07272619357e0e7b99e869c5a63442d0b59bf
c3ddbe69d9fe7ccdf9d98a62be199271ce069f1d15da41ec63aef2680b33534e
cb6acb83a873f3779fde9ace888ba3b628b0be9ca6a4d0794a91892a3e04e972
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
df9fee751d012c66fc8eb5d880ca1760424d58236f235e68e6fd89259e63d1a1
e77c7e1c8f859611d1200ee9a75eadbce02664f28a53b05807233e88deb82f65
edd6d5d9cb8a11c16ba69b9d10db1ce1c9ad572f6651e0225e6934660ec13357
f0f21c2ea71d5cdf5d5a21bbc6552910554369f1053b4c6b8f539e0c0eb72d32
fda8a7e4376867e3bbb7e73a49d04b2592998bf56b7804477876fd0c9999b28d

secure.paymentportal.cc Open in urlscan Pro 54.159.72.216 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

58 Requests

100 %HTTPS

63 %IPv6

6 Domains

8 Subdomains

7 IPs

2 Countries

2977 kBTransfer

6179 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

secure.paymentportal.cc Open in urlscan Pro
54.159.72.216 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

100 %
HTTPS

63 %
IPv6

6
Domains

8
Subdomains

7
IPs

2
Countries

2977 kB
Transfer

6179 kB
Size

2
Cookies

58 HTTP transactions
0 data transactions