urlscan.io logo urlscan.io
SecurityTrails logo

online.skytab.com Open in urlscan Pro
18.66.112.59  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.wiseguysdelivery.com/
Effective URL: https://online.skytab.com/s/wiseguysdeli
Submission: On May 19 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 1 countries across 7 domains to perform 23 HTTP transactions. The main IP is 18.66.112.59, located in United States and belongs to AMAZON-02, US. The main domain is online.skytab.com. The Cisco Umbrella rank of the primary domain is 739459.
TLS certificate: Issued by Amazon RSA 2048 M03 on March 26th 2024. Valid for: a year.
This is the only time online.skytab.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.33.152.147 16509 (AMAZON-02)
8 18.66.112.59 16509 (AMAZON-02)
3 38.67.17.39 174 (COGENT-174)
2 108.177.15.92 15169 (GOOGLE)
1 142.250.185.138 15169 (GOOGLE)
3 3.229.18.162 14618 (AMAZON-AES)
3 216.58.206.67 15169 (GOOGLE)
2 172.64.145.94 13335 (CLOUDFLAR...)
1 142.250.181.227 15169 (GOOGLE)
23 8
1    3.33.152.147 (United States)

ASN16509 (AMAZON-02, US)
PTR: a4ec4c6ea1c92e2e6.awsglobalaccelerator.com
www.wiseguysdelivery.com
8    18.66.112.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-59.fra56.r.cloudfront.net
online.skytab.com
3    38.67.17.39 (Austin, United States)

ASN174 (COGENT-174, US)
i4m.i4go.com
2    108.177.15.92 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f92.1e100.net
pay.google.com
1    142.250.185.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f10.1e100.net
fonts.googleapis.com
3    3.229.18.162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-18-162.compute-1.amazonaws.com
apps-api.shift4payments.com
3    216.58.206.67 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s11-in-f3.1e100.net
fonts.gstatic.com
2    172.64.145.94 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
oloapi.shift4payments.com
1    142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net
www.gstatic.com
Apex Domain
Subdomains		 Transfer
8 skytab.com
online.skytab.com — Cisco Umbrella Rank: 739459
684 KB
5 shift4payments.com
apps-api.shift4payments.com — Cisco Umbrella Rank: 778401
oloapi.shift4payments.com — Cisco Umbrella Rank: 752858
4 KB
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
44 KB
3 i4go.com
i4m.i4go.com — Cisco Umbrella Rank: 202040
20 KB
2 google.com
pay.google.com — Cisco Umbrella Rank: 2881
38 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
907 B
1 wiseguysdelivery.com
www.wiseguysdelivery.com
332 B
23 7
Domain Requested by
8 online.skytab.com online.skytab.com
3 fonts.gstatic.com fonts.googleapis.com
3 apps-api.shift4payments.com online.skytab.com
3 i4m.i4go.com online.skytab.com
2 oloapi.shift4payments.com online.skytab.com
2 pay.google.com online.skytab.com
pay.google.com
1 www.gstatic.com online.skytab.com
1 fonts.googleapis.com online.skytab.com
1 www.wiseguysdelivery.com 1 redirects
23 9

This site contains no links.

Subject Issuer Validity Valid
online-ordering.shift4payments.com
Amazon RSA 2048 M03		 2024-03-26 -
2025-04-23		 a year crt.sh
access.i4go.com
GeoTrust EV RSA CA 2018		 2024-01-10 -
2025-02-09		 a year crt.sh
*.google.com
GTS CA 1C3		 2024-05-06 -
2024-07-29		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.shift4payments.com
Amazon RSA 2048 M02		 2023-06-30 -
2024-07-28		 a year crt.sh
*.gstatic.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
oloapi.shift4payments.com
GTS CA 1P5		 2024-04-29 -
2024-07-28		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://online.skytab.com/s/wiseguysdeli
Frame ID: 6E107EDDF3FDEEB1E75869BAC200ABB6
Requests: 21 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fonline.skytab.com&mid=
Frame ID: 09E57201BA12E8E55EE5F2017026D2BD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Wise Guys Deli North Providence - SkyTab Online

Page URL History Show full URLs

  1. http://www.wiseguysdelivery.com/ HTTP 307
    https://www.wiseguysdelivery.com/ HTTP 307
    http://www.wiseguysdelivery.com/ HTTP 301
    http://online.skytab.com/s/wiseguysdeli HTTP 307
    https://online.skytab.com/s/wiseguysdeli Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • pay\.google\.com/([a-z/]+)/pay\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

9
Subdomains

8
IPs

1
Countries

791 kB
Transfer

3229 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.wiseguysdelivery.com/ HTTP 307
    https://www.wiseguysdelivery.com/ HTTP 307
    http://www.wiseguysdelivery.com/ HTTP 301
    http://online.skytab.com/s/wiseguysdeli HTTP 307
    https://online.skytab.com/s/wiseguysdeli Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request wiseguysdeli
online.skytab.com/s/
Redirect Chain
  • http://www.wiseguysdelivery.com/
  • https://www.wiseguysdelivery.com/
  • http://www.wiseguysdelivery.com/
  • http://online.skytab.com/s/wiseguysdeli
  • https://online.skytab.com/s/wiseguysdeli
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://online.skytab.com/s/wiseguysdeli
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-59.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
690931fe7f7469d549229e5724aed9857ab67fcfef8d3e5c3de8847dbe96a580
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

age
17160
content-encoding
gzip
content-type
text/html
date
Sun, 19 May 2024 02:17:20 GMT
etag
W/"15af859f037127e2287f0d0c74e1bf4c"
last-modified
Thu, 16 May 2024 14:38:41 GMT
server
AmazonS3
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
x-amz-cf-id
65HGyVglX0HWY8juy8ZfhwlqDyUOGQr3KRzNMuinvg6KMlL7F98NEw==
x-amz-cf-pop
FRA56-P5
x-cache
Error from cloudfront

Redirect headers

Location
https://online.skytab.com/s/wiseguysdeli
Non-Authoritative-Reason
HttpsUpgrades
vendor-7df173f110a2f981534070d968fea992.css
online.skytab.com/assets/ 		572 KB
95 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://online.skytab.com/assets/vendor-7df173f110a2f981534070d968fea992.css
Requested by
Host: online.skytab.com
URL: https://online.skytab.com/s/wiseguysdeli
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-59.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1ce66181236a830d740deeeabedf175c376f05a78b1aca828dd4cabc9880c6c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://online.skytab.com/s/wiseguysdeli
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 19 May 2024 06:56:24 GMT
content-encoding
gzip
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 16 May 2024 14:38:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
2582
etag
W/"7df173f110a2f981534070d968fea992"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
Fu1Bo8y2uVFS1b6ynReqbrCs7HfYz064O2j1gR1s-ex2wOuIyOst5g==
lh-public-olo-da36ebd2c872dbd42e965801664bdbc7.css
online.skytab.com/assets/ 		26 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://online.skytab.com/assets/lh-public-olo-da36ebd2c872dbd42e965801664bdbc7.css
Requested by
Host: online.skytab.com
URL: https://online.skytab.com/s/wiseguysdeli
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-59.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6b89c34d1c23a2fa8db3b11ecca92638885d987d595167f57133919d7b623ce9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://online.skytab.com/s/wiseguysdeli
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 18 May 2024 15:00:40 GMT
content-encoding
br
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 16 May 2024 14:38:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
57345
etag
W/"da36ebd2c872dbd42e965801664bdbc7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
H6brcAJIlospg9QA0nPvmLEIDI9hdBBdES6ISs_reyH3QVsk8V19vg==
vendor-d2b9d8cefbc70383b631037c3000232a.js
online.skytab.com/assets/ 		2 MB
429 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://online.skytab.com/assets/vendor-d2b9d8cefbc70383b631037c3000232a.js
Requested by
Host: online.skytab.com
URL: https://online.skytab.com/s/wiseguysdeli
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-59.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b5ec0dcc5922bee142e37a58cf4fa0b9207179441ce7459e91061149af998343
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://online.skytab.com/s/wiseguysdeli
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 18 May 2024 14:56:31 GMT
content-encoding
br
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 16 May 2024 14:38:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
57594
etag
W/"5f8514206b70647291c810e340678a51"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
-hXb7FFcgresKbl8qaDXRfQtDECya1VLJK9BrD2FZplPzWGcQ0EHDA==
lh-public-olo-f3dd4aec3fe0c8d1d699f316f8b672a6.js
online.skytab.com/assets/ 		366 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://online.skytab.com/assets/lh-public-olo-f3dd4aec3fe0c8d1d699f316f8b672a6.js
Requested by
Host: online.skytab.com
URL: https://online.skytab.com/s/wiseguysdeli
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-59.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
36f63db4a6762b30528e60e5c6b05003d63a659a19666290adcffffc59364013
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://online.skytab.com/s/wiseguysdeli
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 19 May 2024 06:56:24 GMT
content-encoding
gzip
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 16 May 2024 14:38:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
2582
etag
W/"62176a3b60637567ed32df678c6f52da"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
TNLfsciIdWpxOwwTOHJg21vbh2-1f8ahribU9T_L3SeC4CNYRARfWg==
wallets.css
i4m.i4go.com/css/ 		666 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i4m.i4go.com/css/wallets.css?_v=
Requested by
Host: online.skytab.com
URL: https://online.skytab.com/s/wiseguysdeli
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.67.17.39 Austin, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
612586fd254a545edf3a8f062fc6c3e9bdca29e7f33cf95aca65f5e5404d36b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://online.skytab.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Sun, 19 May 2024 06:56:25 GMT
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Tue, 28 Feb 2023 20:38:47 GMT
X-Permitted-Cross-Domain-Policies
none
ETag
"92fe31a8b44bd91:0"
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, max-age=0
Accept-Ranges
bytes
Content-Length
666
X-XSS-Protection
1; mode=block
pay.js
pay.google.com/gp/p/js/ 		127 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/js/pay.js?_v=
Requested by
Host: online.skytab.com
URL: https://online.skytab.com/s/wiseguysdeli
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.15.92 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f92.1e100.net
Software
ESF /
Resource Hash
8a31929e9267cbf11ed472c4217905bc7ce488861c9fe0dfa53731439f4768a6
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-A6dbCf-0jm0iUL77UrIvMw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://online.skytab.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 19 May 2024 06:56:25 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-A6dbCf-0jm0iUL77UrIvMw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/gp/p/_/InstantbuyFrontendHttp/web-reports?context=eJzjytDikmLw0JBiWFYqxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UMyaJry-ZNID4cPR0Vqf0GaxBQOxTP4M1Bohbb55jnQrEcwPOsyb9O89aBMTbJlxgbf98gXU6EAtxc8w8umwTm8CK7muRStpJ-YXxmXnFJYl5JUmllWlF-XklqXkpxalFZalF8UYGRiYGpobmegaG8QUGAL7AQWI"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Sun, 19 May 2024 06:56:25 GMT
wallets.js
i4m.i4go.com/js/ 		39 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i4m.i4go.com/js/wallets.js?_v=
Requested by
Host: online.skytab.com
URL: https://online.skytab.com/s/wiseguysdeli
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.67.17.39 Austin, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
661107997113e300d448ea29869317373feb46cec11444fcfc85369473dc7d5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://online.skytab.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Thu, 21 Sep 2023 17:38:10 GMT
X-Permitted-Cross-Domain-Policies
none
Date
Sun, 19 May 2024 06:56:25 GMT
ETag
"06d6463b2ecd91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, max-age=0
Accept-Ranges
bytes
Content-Length
7979
X-XSS-Protection
1; mode=block
jquery.i4goTrueToken.js
i4m.i4go.com/js/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i4m.i4go.com/js/jquery.i4goTrueToken.js
Requested by
Host: online.skytab.com
URL: https://online.skytab.com/s/wiseguysdeli
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.67.17.39 Austin, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e4819f36244a3273659b127af594ebee1b59797b839dc46effa8a48f524555ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://online.skytab.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Mon, 08 Jan 2024 22:01:09 GMT
X-Permitted-Cross-Domain-Policies
none
Date
Sun, 19 May 2024 06:56:25 GMT
ETag
"80806f2f7e42da1:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, max-age=0
Accept-Ranges
bytes
Content-Length
10521
X-XSS-Protection
1; mode=block
css
fonts.googleapis.com/ 		3 KB
907 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin
Requested by
Host: online.skytab.com
URL: https://online.skytab.com/assets/lh-public-olo-da36ebd2c872dbd42e965801664bdbc7.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
ESF /
Resource Hash
ea5d04a50784f787eef62feb99d12649860ada0af5fa2157f083112fb187b2d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://online.skytab.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

strict-transport-security
max-age=31536000
date
Sun, 19 May 2024 06:56:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 19 May 2024 06:32:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 19 May 2024 06:56:25 GMT
payframe
pay.google.com/gp/p/ui/ Frame 09E5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fonline.skytab.com&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js?_v=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.15.92 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f92.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-VZfNohBB5Mo4wTPwtqN64w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://online.skytab.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-VZfNohBB5Mo4wTPwtqN64w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Sun, 19 May 2024 06:56:25 GMT
expires
Sun, 19 May 2024 06:56:25 GMT
origin-trial
AssDE6uDpaVUq9mb8HyrCnDR4hxNa3P1PQl8E0huFRpGw4MFWswRwyuk1E68LufiBFMulCrRk3VCexIRW39eYwoAAABMeyJvcmlnaW4iOiJodHRwczovL3BheS5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJUcGNkIiwiZXhwaXJ5IjoxNzM1MzQzOTk5fQ==
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
reporting-endpoints
default="/gp/p/_/InstantbuyFrontendBuyflowPayframeUi/web-reports?context=eJzjytDikmLw0JBiWFYqxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UMyaJry-ZNID4cPR0Vqf0GaxBQOxTP4M1Bohbb55jnQrEcwPOsyb9O89aBMTbJlxgbf98gXU6EAvxcMw8umwTm8CBs78WMCtpJ-UXxmfmFZck5pUklVamFeXnlaTmpRSnFpWlFsUbGRiZGJgamusZGMYXGAAAFlhCKw"
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
feature-flags
apps-api.shift4payments.com/online-ordering/mars/api/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://apps-api.shift4payments.com/online-ordering/mars/api/v2/feature-flags
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.18.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-18-162.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://online.skytab.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Sun, 19 May 2024 06:56:25 GMT
origin-agent-cluster
?1
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Access-Control-Request-Headers
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
feature-flags
apps-api.shift4payments.com/online-ordering/mars/api/v2/ 		1018 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apps-api.shift4payments.com/online-ordering/mars/api/v2/feature-flags
Requested by
Host: online.skytab.com
URL: https://online.skytab.com/assets/vendor-d2b9d8cefbc70383b631037c3000232a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.18.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-18-162.compute-1.amazonaws.com
Software
/
Resource Hash
a34cc883709a8a63433f2d8146262074ec8d9371fe2e65d4d9a6e2996786ac01
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://online.skytab.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type
application/json; charset=utf-8

Response headers

date
Sun, 19 May 2024 06:56:25 GMT
content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
cross-origin-resource-policy
same-origin
content-length
1018
x-xss-protection
0
referrer-policy
no-referrer
cross-origin-opener-policy
same-origin
etag
W/"3fa-bV7QoyZR2xStlLCRctqSFp+mclk"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?1
wiseguysdeli
apps-api.shift4payments.com/online-ordering/mars/api/v2/stores/vanity/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apps-api.shift4payments.com/online-ordering/mars/api/v2/stores/vanity/wiseguysdeli
Requested by
Host: online.skytab.com
URL: https://online.skytab.com/assets/vendor-d2b9d8cefbc70383b631037c3000232a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.18.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-18-162.compute-1.amazonaws.com
Software
/
Resource Hash
8bcba88964b155fd986ca468ba147570138570c20be2bc132e5cf88d539a6608
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://online.skytab.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sun, 19 May 2024 06:56:26 GMT
content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
cross-origin-resource-policy
same-origin
x-xss-protection
0
referrer-policy
no-referrer
cross-origin-opener-policy
same-origin
etag
W/"abe-HKUx2NGBdKLn7HzRvegTQALG8hM"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?1
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v24/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s11-in-f3.1e100.net
Software
sffe /
Resource Hash
d4ae5188a65370ecfe28f42293bbee8297cfd5712c6aadfdb270d48f2bcd88b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://online.skytab.com
Accept-Language
en-GB,en;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 18 May 2024 16:47:33 GMT
x-content-type-options
nosniff
age
50933
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13980
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 18 May 2025 16:47:33 GMT
categories
oloapi.shift4payments.com/api/v2/public/458e4b525c202ff3042381600b1dc56d/menu/24dada60-f34c-11ed-a336-0d68e7d49d79/ 		160 B
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://oloapi.shift4payments.com/api/v2/public/458e4b525c202ff3042381600b1dc56d/menu/24dada60-f34c-11ed-a336-0d68e7d49d79/categories
Requested by
Host: online.skytab.com
URL: https://online.skytab.com/assets/vendor-d2b9d8cefbc70383b631037c3000232a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.145.94 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcdc766b114bd62a529a7a8bfbd706b4c2da90063bbd5ed40ab041d218a764f7

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://online.skytab.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

access-control-allow-origin
https://online.skytab.com
date
Sun, 19 May 2024 06:56:26 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
88622fe5d8cb35de-LHR
content-type
application/json
items
oloapi.shift4payments.com/api/v2/public/458e4b525c202ff3042381600b1dc56d/menu/24dada60-f34c-11ed-a336-0d68e7d49d79/ 		160 B
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://oloapi.shift4payments.com/api/v2/public/458e4b525c202ff3042381600b1dc56d/menu/24dada60-f34c-11ed-a336-0d68e7d49d79/items
Requested by
Host: online.skytab.com
URL: https://online.skytab.com/assets/vendor-d2b9d8cefbc70383b631037c3000232a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.145.94 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcdc766b114bd62a529a7a8bfbd706b4c2da90063bbd5ed40ab041d218a764f7

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://online.skytab.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

access-control-allow-origin
https://online.skytab.com
date
Sun, 19 May 2024 06:56:26 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
88622fe5d8cc35de-LHR
content-type
application/json
S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2
fonts.gstatic.com/s/lato/v24/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s11-in-f3.1e100.net
Software
sffe /
Resource Hash
5c3360f8439a1a3f48e8b58fcb6f3a3cbaaa76488a1b846acfe1e3b623c0562f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://online.skytab.com
Accept-Language
en-GB,en;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 18 May 2024 16:56:15 GMT
x-content-type-options
nosniff
age
50411
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14860
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:10:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 18 May 2025 16:56:15 GMT
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v24/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s11-in-f3.1e100.net
Software
sffe /
Resource Hash
7a7ce1a34f3e9944fe88fc61abbc93b6db383afa2b90815fd7ccea456fbce4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://online.skytab.com
Accept-Language
en-GB,en;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Mon, 13 May 2024 21:16:47 GMT
x-content-type-options
nosniff
age
466779
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14168
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:29:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 May 2025 21:16:47 GMT
icons.woff2
online.skytab.com/assets/themes/default/assets/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://online.skytab.com/assets/themes/default/assets/fonts/icons.woff2
Requested by
Host: online.skytab.com
URL: https://online.skytab.com/assets/vendor-7df173f110a2f981534070d968fea992.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-59.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://online.skytab.com/assets/vendor-7df173f110a2f981534070d968fea992.css
Origin
https://online.skytab.com
Accept-Language
en-GB,en;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 18 May 2024 15:13:20 GMT
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 16 May 2024 14:38:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
56587
etag
"af7ae505a9eed503f8b8e6982036873e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
binary/octet-stream
content-length
77160
x-amz-cf-id
NsyrGsqew6L2t84Zs1nHKMBiRYcIRktF7xHgN5jjwr1HK8-A3NsuQg==
logo-black-aff6728f61e4eb017ce4944db554e576.png
online.skytab.com/img/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://online.skytab.com/img/logo-black-aff6728f61e4eb017ce4944db554e576.png
Requested by
Host: online.skytab.com
URL: https://online.skytab.com/s/wiseguysdeli
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-59.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7fb211d8312cf81850bfd4c09740ca3547bb12a23338f4b5419176c229bc5f83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://online.skytab.com/s/wiseguysdeli
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 18 May 2024 09:43:41 GMT
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 16 May 2024 14:38:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
76366
etag
"aff6728f61e4eb017ce4944db554e576"
x-cache
Hit from cloudfront
content-type
image/png
content-length
11647
x-amz-cf-id
76j7GZJP_7wQWVJl75kjLmFHMYEG1YFQpz4zGO4mDPm_G8fF3hoUyQ==
light_square_gpay.svg
www.gstatic.com/instantbuy/svg/ 		2 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/instantbuy/svg/light_square_gpay.svg
Requested by
Host: online.skytab.com
URL: https://online.skytab.com/s/wiseguysdeli
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
c76f766ed128ff1c05cbab4f53e470751b475152992a770d42273047bc1708c5
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/instantbuy-eng
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://online.skytab.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/instantbuy-eng
content-encoding
br
x-content-type-options
nosniff
date
Sat, 18 May 2024 08:46:34 GMT
age
79792
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
894
x-xss-protection
0
last-modified
Fri, 03 Mar 2023 17:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="instantbuy-eng"
vary
Accept-Encoding
report-to
{"group":"instantbuy-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/instantbuy-eng"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 18 May 2025 08:46:34 GMT
favicon-32x32-d18acb4b5a8627dad8053b4fd8321ca0.png
online.skytab.com/img/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://online.skytab.com/img/favicon-32x32-d18acb4b5a8627dad8053b4fd8321ca0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-59.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a9b873ab2d37eb1ec460d50a057ac00cd54362fdf989cbda4bbbeea4c482b4ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://online.skytab.com/s/wiseguysdeli
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 18 May 2024 15:13:19 GMT
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 16 May 2024 14:38:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
56588
etag
"d18acb4b5a8627dad8053b4fd8321ca0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
content-length
1050
x-amz-cf-id
vfTZCtWKASH6ZfenJJJJcTbDtFHSPkgRjenkbPjSr1PTfdW7HV0B1A==

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| runningTests object| loader function| define function| requireModule function| require function| requirejs boolean| preferNative function| _typeof undefined| __ember_auto_import__ function| _get function| _superPropBase function| _inherits function| _setPrototypeOf function| _createSuper function| _possibleConstructorReturn function| _assertThisInitialized function| _isNativeReflectConstruct function| _getPrototypeOf function| _classCallCheck function| _defineProperties function| _createClass object| EmberENV object| regeneratorRuntime function| $ function| jQuery object| Ember object| Em object| base64 object| libphonenumber object| webpackJsonp_ember_auto_import_ function| _eai_r function| _eai_d function| emberAutoImportDynamic object| DD_LOGS object| denylistedDomainsHashedValueListForGpayButtonWithCardInfo object| whitelistedDomainsHashedValueListForGpayButtonWithCardInfo object| denylistedMerchentIdsHashedValueListForGpayButtonWithCardInfo object| denylistedMerchantIdsHashedValueListForGpayButtonVariant object| allowlistedMerchantDomainsForBnplDynamicButton string| dynamicGpayButtonVariant object| google boolean| _wallets_canMakeApplePayments object| _wallets_i4goTrueTokenObj object| _wallet_session function| i4goWalletsInit function| postWalletComplete function| remoteLog function| applePayInit function| onApplePayClick function| getApplePaySession function| postApplePayToken function| postApplePayComplete function| apGetRequiredShippingContactFields function| apGetDefaultShippingMethods function| ap2gpIntermediatePaymentData function| gp2apPaymentDataRequestUpdate function| apOnPaymentDataChanged function| apOnShippingContactSelected function| apOnShippingMethodSelected function| googlePayInit function| getGoogleIsReadyToPayRequest function| getGooglePaymentDataRequest function| getGooglePaymentsClient function| gpOnPaymentAuthorized function| gpOnPaymentDataChanged function| calculateNewTransactionInfo function| onGooglePayLoaded function| addGooglePayButton function| getGoogleTransactionInfo function| getDefaultShippingCost function| getGoogleBillingAddressParameters function| getGoogleShippingAddressParameters function| getGoogleShippingOptions function| getDefaultShippingOptions function| getGoogleUnserviceableAddressError function| prefetchGooglePaymentData function| onGooglePaymentButtonClicked function| processPayment function| postGooglePayComplete

2 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 514=CeKsJpjS1Po7VWEsdnxVZicVs-riuEHpf7c6Ljnpgpq0UCGx_8U039DZUiwwaKKZKAc3xI9SNjwRl3rsGzKkUClSkhzXEzfaFMGQb205s-x0Wa5kArW1pXT37cKUPcC07mpsGfoa3UNOx9IegzNlfCouKwQ6etYmjiU2irmHmOQ
online.skytab.com/ Name: _dd_s
Value: logs=1&id=927f0651-86c7-4714-bfa0-80bdef1b54d3&created=1716101785337&expire=1716102685337

12 Console Messages

Source Level URL
Text
other warning URL: https://online.skytab.com/s/wiseguysdeli
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://online.skytab.com/s/wiseguysdeli
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://online.skytab.com/s/wiseguysdeli
Message:
Each dictionary in the list "icons" should contain a non-empty UTF8 string field "sizes".
other warning URL: https://online.skytab.com/s/wiseguysdeli
Message:
Each dictionary in the list "icons" should contain a non-empty UTF8 string field "type".
other warning URL: https://online.skytab.com/s/wiseguysdeli
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://online.skytab.com/s/wiseguysdeli
Message:
Each dictionary in the list "icons" should contain a non-empty UTF8 string field "sizes".
other warning URL: https://online.skytab.com/s/wiseguysdeli
Message:
Each dictionary in the list "icons" should contain a non-empty UTF8 string field "type".
network error URL: https://oloapi.shift4payments.com/api/v2/public/458e4b525c202ff3042381600b1dc56d/menu/24dada60-f34c-11ed-a336-0d68e7d49d79/categories
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://oloapi.shift4payments.com/api/v2/public/458e4b525c202ff3042381600b1dc56d/menu/24dada60-f34c-11ed-a336-0d68e7d49d79/items
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://online.skytab.com/s/wiseguysdeli
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://online.skytab.com/s/wiseguysdeli
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://online.skytab.com/s/wiseguysdeli
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apps-api.shift4payments.com
fonts.googleapis.com
fonts.gstatic.com
i4m.i4go.com
oloapi.shift4payments.com
online.skytab.com
pay.google.com
www.gstatic.com
www.wiseguysdelivery.com
108.177.15.92
142.250.181.227
142.250.185.138
172.64.145.94
18.66.112.59
216.58.206.67
3.229.18.162
3.33.152.147
38.67.17.39
1ce66181236a830d740deeeabedf175c376f05a78b1aca828dd4cabc9880c6c2
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
36f63db4a6762b30528e60e5c6b05003d63a659a19666290adcffffc59364013
5c3360f8439a1a3f48e8b58fcb6f3a3cbaaa76488a1b846acfe1e3b623c0562f
612586fd254a545edf3a8f062fc6c3e9bdca29e7f33cf95aca65f5e5404d36b7
661107997113e300d448ea29869317373feb46cec11444fcfc85369473dc7d5b
690931fe7f7469d549229e5724aed9857ab67fcfef8d3e5c3de8847dbe96a580
6b89c34d1c23a2fa8db3b11ecca92638885d987d595167f57133919d7b623ce9
7a7ce1a34f3e9944fe88fc61abbc93b6db383afa2b90815fd7ccea456fbce4e5
7fb211d8312cf81850bfd4c09740ca3547bb12a23338f4b5419176c229bc5f83
8a31929e9267cbf11ed472c4217905bc7ce488861c9fe0dfa53731439f4768a6
8bcba88964b155fd986ca468ba147570138570c20be2bc132e5cf88d539a6608
a34cc883709a8a63433f2d8146262074ec8d9371fe2e65d4d9a6e2996786ac01
a9b873ab2d37eb1ec460d50a057ac00cd54362fdf989cbda4bbbeea4c482b4ae
b5ec0dcc5922bee142e37a58cf4fa0b9207179441ce7459e91061149af998343
c76f766ed128ff1c05cbab4f53e470751b475152992a770d42273047bc1708c5
d4ae5188a65370ecfe28f42293bbee8297cfd5712c6aadfdb270d48f2bcd88b0
dcdc766b114bd62a529a7a8bfbd706b4c2da90063bbd5ed40ab041d218a764f7
e4819f36244a3273659b127af594ebee1b59797b839dc46effa8a48f524555ec
ea5d04a50784f787eef62feb99d12649860ada0af5fa2157f083112fb187b2d3