www.food.paymoney.group Open in urlscan Pro
31.31.196.28  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.food.paymoney.group/	10 KB 3 KB	157ms 64ms	Document text/html	31.31.196.28 AS-REG
General Check archive.org Show headers Download Go to Full URL https://www.food.paymoney.group/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 31.31.196.28 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS server209.hosting.reg.ru Software nginx / PHP/7.3.26 Resource Hash 1b2fb4299d6ec5b95da6631da5e2da32676d07f190e1bdf2653dbdd73815a46b Request headers :method GET :authority www.food.paymoney.group :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers server nginx date Wed, 06 Oct 2021 00:28:18 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding x-powered-by PHP/7.3.26 content-encoding gzip
GET H2	200	jquery.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/	87 KB 28 KB	37ms 14ms	Script application/javascript	104.16.19.94 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js Requested by Host: www.food.paymoney.group URL: https://www.food.paymoney.group/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.food.paymoney.group/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 06 Oct 2021 00:28:18 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 635751 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 27938 timing-allow-origin * last-modified Tue, 02 Mar 2021 18:58:36 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "603e8adc-15d9d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eUeKk4Isu8i5%2Fnv4hJhLYeI7z8M35gpCcSoLUnfb8E%2Fy9MiAIs6%2BOGfYq9cl4fFMWoqgQghnVx4yT5Ukk2%2FmBNb%2FkezXgsiFdD2eyMEDQC%2F6q%2FPKxcEhGPvz6UCsdQewHWqwJdsP"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 699ac4d9edf021c3-DUS expires Mon, 26 Sep 2022 00:28:18 GMT
GET H2	200	jquery.maskedinput.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery.maskedinput/1.4.1/	4 KB 2 KB	40ms 17ms	Script application/javascript	104.16.19.94 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery.maskedinput/1.4.1/jquery.maskedinput.min.js Requested by Host: www.food.paymoney.group URL: https://www.food.paymoney.group/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fb82877818fa23c8c028053cc5744c5d7947faca82bd50a82b918016499bfb62 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.food.paymoney.group/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 06 Oct 2021 00:28:18 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 550644 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 1714 timing-allow-origin * last-modified Mon, 04 May 2020 16:11:47 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec3-10e4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RapDP8bXzVRKvSRVHGQylerG%2BRL063%2FsTsJjETVdoiom0QSd8yqEZKxyDKuLYRYL7avPTjNySpIG%2BKcblNrJ2GVKJgQW3E5Ox%2FVdp0bbWRBBDXrVIIA5%2F8JCwZk%2FlqqwH%2Bam0aSM"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 699ac4d9edf221c3-DUS expires Mon, 26 Sep 2022 00:28:18 GMT
GET H2	200	maks.js Show response www.food.paymoney.group/	1 KB 1 KB	42ms 41ms	Script application/javascript	31.31.196.28 AS-REG
General Check archive.org Show headers Download Go to Full URL https://www.food.paymoney.group/maks.js Requested by Host: www.food.paymoney.group URL: https://www.food.paymoney.group/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 31.31.196.28 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS server209.hosting.reg.ru Software nginx / Resource Hash e0c4f1d3a115bb2a5ace058c97855b858ec8d1b5985b3aaebfdbc201542e734c Request headers :path /maks.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority www.food.paymoney.group referer https://www.food.paymoney.group/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://www.food.paymoney.group/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 06 Oct 2021 00:28:18 GMT last-modified Sat, 17 Jul 2021 06:47:03 GMT server nginx etag "60f27ce7-41d" content-type application/javascript cache-control max-age=3888000 accept-ranges bytes content-length 1053 expires Sat, 20 Nov 2021 00:28:18 GMT
GET H2	200	pay.js Show response pay.google.com/gp/p/js/	95 KB 31 KB	131ms 74ms	Script application/javascript	74.125.133.92 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pay.google.com/gp/p/js/pay.js Requested by Host: www.food.paymoney.group URL: https://www.food.paymoney.group/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.133.92 , United States, ASN15169 (GOOGLE, US), Reverse DNS wo-in-f92.1e100.net Software ESF / Resource Hash 6be878554b440f9a217ce5532e25de6bbf309982d33dc8870153ff2f7b49040f Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-AhVzbdyuVjLdv1oUQwhf9Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-AhVzbdyuVjLdv1oUQwhf9Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.food.paymoney.group/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 06 Oct 2021 00:28:18 GMT content-encoding gzip x-content-type-options nosniff server ESF cross-origin-opener-policy same-origin x-frame-options SAMEORIGIN p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private, max-age=600 cross-origin-resource-policy cross-origin content-security-policy script-src 'report-sample' 'nonce-AhVzbdyuVjLdv1oUQwhf9Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-AhVzbdyuVjLdv1oUQwhf9Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport strict-transport-security max-age=31536000 content-type application/javascript; charset=utf-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 expires Wed, 06 Oct 2021 00:28:18 GMT
GET H/1.1	200 OK	widget.css js.begateway.com/widget/	49 KB 9 KB	149ms 32ms	Stylesheet text/css	54.194.112.188 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.begateway.com/widget/widget.css?6337fa22e6cd7215d519 Requested by Host: www.food.paymoney.group URL: https://www.food.paymoney.group/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.194.112.188 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-194-112-188.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 4f12254642dbcda73c4442876a698105f53fea4f9631e21646378e581c5c60b5 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.food.paymoney.group/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Wed, 06 Oct 2021 00:28:18 GMT Content-Encoding gzip Last-Modified Wed, 01 Sep 2021 08:05:59 GMT Server nginx x-amz-request-id MWFS3GJ4YA83EZR5 ETag W/"a541ffc72add0abcb3a6768ba927e888" Vary Accept-Encoding Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/css Access-Control-Allow-Origin * Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-version-id qYQ_ZiHaOGWyBfLfpCIKUjJG6UsJoWyx x-amz-id-2 GqavN6rwN90XH+cTtgZAVZ0L5/jrvh7UfwHtpo6hhYcKmkBlYEaKx0xPmUkw6bPP0VC1sAwJDV8=
GET H2	404	widget.js www.food.paymoney.group/widget/	0 0	106ms 105ms	Script text/html	31.31.196.28 AS-REG
General Check archive.org Show headers Download Go to Full URL https://www.food.paymoney.group/widget/widget.js?6337fa22e6cd7215d519 Requested by Host: www.food.paymoney.group URL: https://www.food.paymoney.group/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 31.31.196.28 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS server209.hosting.reg.ru Software nginx / Resource Hash Request headers :path /widget/widget.js?6337fa22e6cd7215d519 pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority www.food.paymoney.group referer https://www.food.paymoney.group/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://www.food.paymoney.group/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 06 Oct 2021 00:28:18 GMT content-encoding gzip server nginx vary Accept-Encoding content-type text/html; charset=utf-8
GET H/1.1	200 OK	visa-security-c3016ab827f56daa5f017a153b2e833c.svg js.begateway.com/widget/images/	3 KB 2 KB	116ms 116ms	Image image/svg+xml	54.194.112.188 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://js.begateway.com/widget/images/visa-security-c3016ab827f56daa5f017a153b2e833c.svg Requested by Host: www.food.paymoney.group URL: https://www.food.paymoney.group/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.194.112.188 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-194-112-188.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash df0b460f0263c2bc2fb5eda37ad61678e8c9dd1b4376a15de150e48d9c2b25be Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.food.paymoney.group/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Wed, 06 Oct 2021 00:28:19 GMT Content-Encoding gzip Last-Modified Wed, 04 Aug 2021 11:17:58 GMT Server nginx x-amz-request-id KVZHW46R23TF33D9 ETag W/"c3016ab827f56daa5f017a153b2e833c" Vary Accept-Encoding Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/svg+xml Access-Control-Allow-Origin * Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-version-id JWO_GlzSLQoTCcNDlbELOeDrbkrfWwgy x-amz-id-2 5+wpyCB8Spk7su4Ke+BaxnVeIjMuH8IeVyXTJwX54PzVeIS5+J3XD0jLLCb4xge0efGnvyPpAUo=
GET H/1.1	200 OK	security-pci-dss-249e115af16835c5973bcc0e1b3d32c3.svg js.begateway.com/widget/images/	19 KB 6 KB	86ms 30ms	Image image/svg+xml	54.194.112.188 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://js.begateway.com/widget/images/security-pci-dss-249e115af16835c5973bcc0e1b3d32c3.svg Requested by Host: www.food.paymoney.group URL: https://www.food.paymoney.group/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.194.112.188 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-194-112-188.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 3a00ba71c6bfa8a5db84b13b866446edda3f9dce908417303767d3dfdc70b795 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.food.paymoney.group/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Wed, 06 Oct 2021 00:28:19 GMT Content-Encoding gzip Last-Modified Wed, 04 Aug 2021 11:17:58 GMT Server nginx x-amz-request-id SBTS5WS231S1MAWX ETag W/"249e115af16835c5973bcc0e1b3d32c3" Vary Accept-Encoding Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/svg+xml Access-Control-Allow-Origin * Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-version-id Ln3DFSEtcPem48puEk1lAxhR1DL3Zv24 x-amz-id-2 cgfoXjoYfLKWItpZf5BvrxSkHRV2N40Usw2akPrnVXqYFG8zLmEbRqYRGy43cQ5jV8XLjiuZbNw=
GET H/1.1	200 OK	security-mastercard-9536570560a3cb6aaa1665f064e57659.svg js.begateway.com/widget/images/	14 KB 6 KB	127ms 113ms	Image image/svg+xml	54.194.112.188 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://js.begateway.com/widget/images/security-mastercard-9536570560a3cb6aaa1665f064e57659.svg Requested by Host: www.food.paymoney.group URL: https://www.food.paymoney.group/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.194.112.188 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-194-112-188.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash b740a9e5d04a63f5834c340d81f03cda27be33706d573793e642ff9c19d299a2 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.food.paymoney.group/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Wed, 06 Oct 2021 00:28:19 GMT Content-Encoding gzip Last-Modified Wed, 04 Aug 2021 11:17:58 GMT Server nginx x-amz-request-id SBTTRRDC9PSR82HC ETag W/"9536570560a3cb6aaa1665f064e57659" Vary Accept-Encoding Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/svg+xml Access-Control-Allow-Origin * Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-version-id a3KvX3OaSVwpx3ExDptwXBYipdzwbgib x-amz-id-2 w+6A8xOTa8BFzDATqADklyZNx6CTppKBgeKVhv2v3Cf6L3qkO9ehQJST/MiixiWnieRwuDnoLeE=
GET H2	404	widget.js www.food.paymoney.group/widget/	0 0	66ms 66ms	Script text/html	31.31.196.28 AS-REG
General Check archive.org Show headers Download Go to Full URL https://www.food.paymoney.group/widget/widget.js?6337fa22e6cd7215d519 Requested by Host: www.food.paymoney.group URL: https://www.food.paymoney.group/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 31.31.196.28 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS server209.hosting.reg.ru Software nginx / Resource Hash Request headers :path /widget/widget.js?6337fa22e6cd7215d519 pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority www.food.paymoney.group referer https://www.food.paymoney.group/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://www.food.paymoney.group/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 06 Oct 2021 00:28:19 GMT content-encoding gzip server nginx vary Accept-Encoding content-type text/html; charset=utf-8
GET H/1.1	200 OK	visa-system-1b8d441844591c2c615a95fef219fa7c.svg js.begateway.com/widget/images/	7 KB 4 KB	86ms 29ms	Image image/svg+xml	54.194.112.188 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://js.begateway.com/widget/images/visa-system-1b8d441844591c2c615a95fef219fa7c.svg Requested by Host: js.begateway.com URL: https://js.begateway.com/widget/widget.css?6337fa22e6cd7215d519 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.194.112.188 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-194-112-188.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash b992c83acaa7ff805b5edf01448645a161cea1c3826ee65a86fe4b569e2a5feb Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.begateway.com/widget/widget.css?6337fa22e6cd7215d519 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Wed, 06 Oct 2021 00:28:19 GMT Content-Encoding gzip Last-Modified Wed, 04 Aug 2021 11:17:58 GMT Server nginx x-amz-request-id 22Z4NHJACYZ79E0H ETag W/"1b8d441844591c2c615a95fef219fa7c" Vary Accept-Encoding Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/svg+xml Access-Control-Allow-Origin * Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-version-id Ko3uX6L_eF6ESdP30tbhMJ.RAak14XXI x-amz-id-2 3QkZbO+6+fsnjlr5OflDSzxoiogOaPQxvn167pl2dq9LsnXgmo8KOpUeAOeY7U1tj+LJ1jc/RgQ=
GET H/1.1	200 OK	master-e82d766d6c7205845dbf92905242efa8.svg js.begateway.com/widget/images/	2 KB 2 KB	88ms 30ms	Image image/svg+xml	54.194.112.188 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://js.begateway.com/widget/images/master-e82d766d6c7205845dbf92905242efa8.svg Requested by Host: js.begateway.com URL: https://js.begateway.com/widget/widget.css?6337fa22e6cd7215d519 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.194.112.188 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-194-112-188.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 2c07c50d6905a3627629bb55a2b431211f221902709e8617a8cec54ad84129af Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.begateway.com/widget/widget.css?6337fa22e6cd7215d519 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Wed, 06 Oct 2021 00:28:19 GMT Content-Encoding gzip Last-Modified Wed, 04 Aug 2021 11:17:57 GMT Server nginx x-amz-request-id 22Z2D8Z6AT69E9BP ETag W/"e82d766d6c7205845dbf92905242efa8" Vary Accept-Encoding Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/svg+xml Access-Control-Allow-Origin * Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-version-id uZ5uK1gdE.NAVFKV_Faht1F05FfhFBH7 x-amz-id-2 p+BH4uzxtryQVLFWBPaUY6/w/9MYo1HpSV5Xw5CAI1HzeSYmU8PPPcNvAWNLm+s6981kcnWLdOk=
GET H/1.1	200 OK	maestro-55b192553a8936ff1800831e41e1159a.svg js.begateway.com/widget/images/	3 KB 2 KB	90ms 30ms	Image image/svg+xml	54.194.112.188 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://js.begateway.com/widget/images/maestro-55b192553a8936ff1800831e41e1159a.svg Requested by Host: js.begateway.com URL: https://js.begateway.com/widget/widget.css?6337fa22e6cd7215d519 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.194.112.188 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-194-112-188.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash aad17cfc52dd53b027b5979c0deafdef96690845f4b9f1cc436c2798ef02dd07 Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.begateway.com/widget/widget.css?6337fa22e6cd7215d519 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Wed, 06 Oct 2021 00:28:19 GMT Content-Encoding gzip Last-Modified Wed, 04 Aug 2021 11:17:57 GMT Server nginx x-amz-request-id 22Z3Q1ATTRZV85SD ETag W/"55b192553a8936ff1800831e41e1159a" Vary Accept-Encoding Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/svg+xml Access-Control-Allow-Origin * Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-version-id KyXSTyv954hZzEhqriVwnlQE1GG.ttyW x-amz-id-2 Mk48aBsV+9B7OukLfO7k4EfRVuc1uL0+QOvMJMmDSGBKRGfDyorN5KAJbg1DQ6YYzdS7Qjjeg+w=
GET H/1.1	200 OK	mir-0347de15a0d38f0c05d85d26e492c625.svg js.begateway.com/widget/images/	21 KB 16 KB	130ms 115ms	Image image/svg+xml	54.194.112.188 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://js.begateway.com/widget/images/mir-0347de15a0d38f0c05d85d26e492c625.svg Requested by Host: js.begateway.com URL: https://js.begateway.com/widget/widget.css?6337fa22e6cd7215d519 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.194.112.188 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-194-112-188.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash f57d64f3b3e7fcdcb145764ba8830164eea9e66a24ef1760cda116f29d0bd765 Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.begateway.com/widget/widget.css?6337fa22e6cd7215d519 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Wed, 06 Oct 2021 00:28:19 GMT Content-Encoding gzip Last-Modified Wed, 04 Aug 2021 11:17:57 GMT Server nginx x-amz-request-id D6G4W7E16CFBR2CD ETag W/"0347de15a0d38f0c05d85d26e492c625" Vary Accept-Encoding Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/svg+xml Access-Control-Allow-Origin * Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-version-id 2NWvOicjwl6RTjc5FbgxajqJW2E6OcO2 x-amz-id-2 m18Xbf5islCIB9CUe6WLRRRZCsyROqqH2U79RhEdi3bFPSKXVgfSg2BwLdc0jq5kT7oG+kkdqxc=
GET H/1.1	200 OK	noto-sans-v7-latin_cyrillic-700.woff2 js.begateway.com/widget/fonts/	21 KB 22 KB	108ms 53ms	Font binary/octet-stream	54.194.112.188 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.begateway.com/widget/fonts/noto-sans-v7-latin_cyrillic-700.woff2 Requested by Host: js.begateway.com URL: https://js.begateway.com/widget/widget.css?6337fa22e6cd7215d519 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.194.112.188 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-194-112-188.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash f430a42b0a6e45b14efdb5e7792ad2c2bbf638e0af10b300784fa97992bc19ac Request headers Referer https://js.begateway.com/widget/widget.css?6337fa22e6cd7215d519 Origin https://www.food.paymoney.group Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Wed, 06 Oct 2021 00:28:19 GMT Last-Modified Mon, 04 Oct 2021 12:30:41 GMT Server nginx x-amz-request-id RCXRG1S2GVG3BF0Y ETag "d6909c8e34e7af48c58be5dcc4c26178" Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type binary/octet-stream Access-Control-Allow-Origin * Content-Length 21560 Connection keep-alive Accept-Ranges bytes Access-Control-Allow-Headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-version-id 55q.D.DGrRsN2.8EOzx3Pc2hWuReWRkb x-amz-id-2 Dyvrg5B2qDaKPBWs8ff4n3BXJTQMOjJmu++zYzC9CNC4kuqwA3YJt7LKY3SR0ZEdJQulYQI9VJQ=
GET H/1.1	200 OK	noto-sans-v7-latin_cyrillic-regular.woff2 js.begateway.com/widget/fonts/	21 KB 22 KB	115ms 57ms	Font binary/octet-stream	54.194.112.188 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.begateway.com/widget/fonts/noto-sans-v7-latin_cyrillic-regular.woff2 Requested by Host: js.begateway.com URL: https://js.begateway.com/widget/widget.css?6337fa22e6cd7215d519 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.194.112.188 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-194-112-188.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash e09a25d395eb3d7e86bf24e89932f7c19576b4189db751ff610ba472c3ba2a2b Request headers Referer https://js.begateway.com/widget/widget.css?6337fa22e6cd7215d519 Origin https://www.food.paymoney.group Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Wed, 06 Oct 2021 00:28:19 GMT Last-Modified Mon, 04 Oct 2021 12:30:41 GMT Server nginx x-amz-request-id RCXQYYKN07B7S9XG ETag "e7cc0b32c137f0edebb2dedb25a99ea8" Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type binary/octet-stream Access-Control-Allow-Origin * Content-Length 21404 Connection keep-alive Accept-Ranges bytes Access-Control-Allow-Headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-version-id NYdsYbDerRNkR7fwdlkHeV_HtYAWJMpg x-amz-id-2 rxwSWwQdN085JMtb4WmxiTZw5RLgu4yHQwqsM01JhW3TN7gfz2uVVF2se8qZKwiQ06TRVJLio5M=
GET H/1.1	200 OK	fontello.woff2 js.begateway.com/widget/fonts/	5 KB 6 KB	92ms 31ms	Font binary/octet-stream	54.194.112.188 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.begateway.com/widget/fonts/fontello.woff2 Requested by Host: js.begateway.com URL: https://js.begateway.com/widget/widget.css?6337fa22e6cd7215d519 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.194.112.188 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-194-112-188.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash b68f066f50461343c7c5076fc886f8c1bf2055e6854bdd984c9d7bc43cb94785 Request headers Referer https://js.begateway.com/widget/widget.css?6337fa22e6cd7215d519 Origin https://www.food.paymoney.group Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Wed, 06 Oct 2021 00:28:19 GMT Last-Modified Mon, 04 Oct 2021 12:30:41 GMT Server nginx x-amz-request-id RCXSZHDGHBN8T792 ETag "1f0ad39ad5434cc4947c061856162e02" Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type binary/octet-stream Access-Control-Allow-Origin * Content-Length 5528 Connection keep-alive Accept-Ranges bytes Access-Control-Allow-Headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-version-id ejasqR77pT0qb21YwtWcr7fWst4huFfD x-amz-id-2 5o0SpNsSHYbh4VCFQR8cZF/CsCqvZeClm+Atw3TaaKTT/at2SnMQ1eoLI4TPaQEv66mu+Y4gZGQ=
GET H2	200	payframe Show response pay.google.com/gp/p/ui/ Frame 6A1B	17 KB 7 KB	212ms 211ms	Document text/html	74.125.133.92 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.food.paymoney.group&mid= Requested by Host: pay.google.com URL: https://pay.google.com/gp/p/js/pay.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.133.92 , United States, ASN15169 (GOOGLE, US), Reverse DNS wo-in-f92.1e100.net Software ESF / Resource Hash 45c3c4192c90c0e3abc8bfb006894ab70bba374b627472c3d8799b212f1362df Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-OZk7XAbomXrqzYxkIg8zng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-OZk7XAbomXrqzYxkIg8zng' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority pay.google.com :scheme https :path /gp/p/ui/payframe?origin=https%3A%2F%2Fwww.food.paymoney.group&mid= pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.food.paymoney.group/ accept-encoding gzip, deflate, br cookie NID=511=ntRXSLbiydam-6-brex5YE-1dbhwaHq6xu8fOv99e3k3jH1gZFlyhR4NGJSRbVIFqrYAalchXxdYP_X9ti3RLuuPqT6SIewsaumv1h5IjzqqpaZk1ukvbf8Qvj4wykwl-WInQUynBFsLzakmUdqpmMUskYe4muabslnmO2pqDrw Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.food.paymoney.group/ Response headers content-type text/html; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-ua-compatible IE=edge expires Wed, 06 Oct 2021 00:28:19 GMT date Wed, 06 Oct 2021 00:28:19 GMT cache-control private, max-age=3600 strict-transport-security max-age=31536000 content-security-policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-OZk7XAbomXrqzYxkIg8zng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-OZk7XAbomXrqzYxkIg8zng' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport cross-origin-resource-policy same-site cross-origin-opener-policy same-origin content-encoding gzip server ESF x-xss-protection 0 x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H3	404	cspreport pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 6A1B	2 KB 2 KB	20ms 20ms	Other text/html	74.125.133.92 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Requested by Host: www.food.paymoney.group URL: https://www.food.paymoney.group/ Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.133.92 , United States, ASN15169 (GOOGLE, US), Reverse DNS wo-in-f92.1e100.net Software / Resource Hash d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101 Request headers Referer https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.food.paymoney.group&mid= Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/csp-report Response headers date Wed, 06 Oct 2021 00:28:19 GMT referrer-policy no-referrer alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1608 content-type text/html; charset=UTF-8
GET H2	200	m=_b,_tp Show response www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.N2O_5-qCKOQ.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMi... Frame 6A1B	146 KB 52 KB	73ms 24ms	Script text/javascript	142.250.186.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.N2O_5-qCKOQ.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgCuVeNJjjhEAZ6soBYsVcHXH9J6Q/m=_b,_tp Requested by Host: pay.google.com URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.food.paymoney.group&mid= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f3.1e100.net Software sffe / Resource Hash c5c3ae205b34343a94c69d7a05c6aef007d422382f4b857e298b229a3c9da3d5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 01 Oct 2021 16:30:35 GMT content-encoding gzip x-content-type-options nosniff age 374264 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 52433 x-xss-protection 0 last-modified Thu, 30 Sep 2021 15:23:38 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers" expires Sat, 01 Oct 2022 16:30:35 GMT
GET H3	200	m=byfTOb,lsjVmc,LEikZe Show response www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.N2O_5-qCKOQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Akx... Frame 6A1B	36 KB 13 KB	57ms 24ms	Script text/javascript	142.250.186.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.N2O_5-qCKOQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.AkxUdA-AWCI.L.B1.O/am=AoA/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrhy4Q5biqzQu9syUJO7g5wrfzDmkQ/m=byfTOb,lsjVmc,LEikZe Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.N2O_5-qCKOQ.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgCuVeNJjjhEAZ6soBYsVcHXH9J6Q/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f3.1e100.net Software sffe / Resource Hash 2ba7104d8e962bd55d5dd0abffbaf6c291f17b28117b3c70398e7a3806e8695d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 01 Oct 2021 16:57:00 GMT content-encoding gzip x-content-type-options nosniff age 372679 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13485 x-xss-protection 0 last-modified Thu, 30 Sep 2021 02:23:13 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers" expires Sat, 01 Oct 2022 16:57:00 GMT
GET H3	200	m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le Show response www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.N2O_5-qCKOQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Akx... Frame 6A1B	72 KB 26 KB	59ms 29ms	Script text/javascript	142.250.186.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.N2O_5-qCKOQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.AkxUdA-AWCI.L.B1.O/am=AoA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrhy4Q5biqzQu9syUJO7g5wrfzDmkQ/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.N2O_5-qCKOQ.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgCuVeNJjjhEAZ6soBYsVcHXH9J6Q/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f3.1e100.net Software sffe / Resource Hash 002a7a220ef59c36c127de7f74ea7280f384c0fdfbe9d11506a2120332ca149c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 01 Oct 2021 16:57:00 GMT content-encoding gzip x-content-type-options nosniff age 372679 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 26819 x-xss-protection 0 last-modified Thu, 30 Sep 2021 02:23:13 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers" expires Sat, 01 Oct 2022 16:57:00 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/ Frame 6A1B	48 KB 20 KB	47ms 13ms	Script text/javascript	172.217.23.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.N2O_5-qCKOQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.AkxUdA-AWCI.L.B1.O/am=AoA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrhy4Q5biqzQu9syUJO7g5wrfzDmkQ/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f14.1e100.net Software Golfe2 / Resource Hash fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 11 Aug 2021 00:32:57 GMT server Golfe2 age 6082 date Tue, 05 Oct 2021 22:46:57 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19747 expires Wed, 06 Oct 2021 00:46:57 GMT
GET H3	200	pay Show response pay.google.com/gp/p/ui/ Frame 6A1B	1 MB 346 KB	86ms 85ms	XHR text/html	74.125.133.92 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pay.google.com/gp/p/ui/pay Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.N2O_5-qCKOQ.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgCuVeNJjjhEAZ6soBYsVcHXH9J6Q/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.133.92 , United States, ASN15169 (GOOGLE, US), Reverse DNS wo-in-f92.1e100.net Software ESF / Resource Hash 0cc577014ae49ee3cc66758ca0b0bf198adc162370d4232084f8417f56dbeb61 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-ZE+b6vfdPh7dkkP3Bnp5gA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-ZE+b6vfdPh7dkkP3Bnp5gA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy same-site alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 x-ua-compatible IE=edge server ESF cross-origin-opener-policy unsafe-none date Wed, 06 Oct 2021 00:28:19 GMT x-frame-options DENY content-type text/html; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site cache-control private, max-age=3600 content-security-policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-ZE+b6vfdPh7dkkP3Bnp5gA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-ZE+b6vfdPh7dkkP3Bnp5gA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport expires Wed, 06 Oct 2021 00:28:19 GMT
POST H3	200	log Show response play.google.com/ Frame 6A1B	131 B 155 B	109ms 82ms	XHR text/plain	216.58.212.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.N2O_5-qCKOQ.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgCuVeNJjjhEAZ6soBYsVcHXH9J6Q/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.142 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f14.1e100.net Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pay.google.com/ X-Goog-AuthUser 0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Wed, 06 Oct 2021 00:28:19 GMT content-encoding gzip server Playlog access-control-allow-headers X-Playlog-Web x-frame-options SAMEORIGIN p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." access-control-allow-origin https://pay.google.com cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin content-type text/plain; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 131 x-xss-protection 0 expires Wed, 06 Oct 2021 00:28:19 GMT
OPTIONS H2	200	log play.google.com/ Frame	0 0	92ms 49ms	Preflight text/plain	216.58.212.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Protocol H2 Server 216.58.212.142 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f14.1e100.net Software Playlog / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers x-goog-authuser Origin https://pay.google.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode cors Response headers access-control-allow-origin https://pay.google.com access-control-allow-methods GET, POST, OPTIONS access-control-max-age 86400 access-control-allow-credentials true access-control-allow-headers X-Playlog-Web,authorization,origin,x-goog-authuser content-type text/plain; charset=UTF-8 date Wed, 06 Oct 2021 00:28:19 GMT server Playlog content-length 0 x-xss-protection 0 x-frame-options SAMEORIGIN p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Wed, 06 Oct 2021 00:28:19 GMT cache-control private
POST H3	200	log Show response play.google.com/ Frame 6A1B	131 B 155 B	111ms 83ms	XHR text/plain	216.58.212.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.N2O_5-qCKOQ.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgCuVeNJjjhEAZ6soBYsVcHXH9J6Q/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.142 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f14.1e100.net Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pay.google.com/ X-Goog-AuthUser 0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Wed, 06 Oct 2021 00:28:19 GMT content-encoding gzip server Playlog access-control-allow-headers X-Playlog-Web x-frame-options SAMEORIGIN p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." access-control-allow-origin https://pay.google.com cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin content-type text/plain; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 131 x-xss-protection 0 expires Wed, 06 Oct 2021 00:28:19 GMT
OPTIONS H2	200	log play.google.com/ Frame	0 0	86ms 49ms	Preflight text/plain	216.58.212.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Protocol H2 Server 216.58.212.142 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f14.1e100.net Software Playlog / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers x-goog-authuser Origin https://pay.google.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode cors Response headers access-control-allow-origin https://pay.google.com access-control-allow-methods GET, POST, OPTIONS access-control-max-age 86400 access-control-allow-credentials true access-control-allow-headers X-Playlog-Web,authorization,origin,x-goog-authuser content-type text/plain; charset=UTF-8 date Wed, 06 Oct 2021 00:28:19 GMT server Playlog content-length 0 x-xss-protection 0 x-frame-options SAMEORIGIN p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Wed, 06 Oct 2021 00:28:19 GMT cache-control private
POST H3	200	log Show response play.google.com/ Frame 6A1B	131 B 155 B	74ms 48ms	XHR text/plain	216.58.212.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.N2O_5-qCKOQ.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgCuVeNJjjhEAZ6soBYsVcHXH9J6Q/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.142 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f14.1e100.net Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pay.google.com/ X-Goog-AuthUser 0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Wed, 06 Oct 2021 00:28:19 GMT content-encoding gzip server Playlog access-control-allow-headers X-Playlog-Web x-frame-options SAMEORIGIN p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." access-control-allow-origin https://pay.google.com cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin content-type text/plain; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 131 x-xss-protection 0 expires Wed, 06 Oct 2021 00:28:19 GMT
OPTIONS H2	200	log play.google.com/ Frame	0 0	83ms 50ms	Preflight text/plain	216.58.212.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Protocol H2 Server 216.58.212.142 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f14.1e100.net Software Playlog / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers x-goog-authuser Origin https://pay.google.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode cors Response headers access-control-allow-origin https://pay.google.com access-control-allow-methods GET, POST, OPTIONS access-control-max-age 86400 access-control-allow-credentials true access-control-allow-headers X-Playlog-Web,authorization,origin,x-goog-authuser content-type text/plain; charset=UTF-8 date Wed, 06 Oct 2021 00:28:19 GMT server Playlog content-length 0 x-xss-protection 0 x-frame-options SAMEORIGIN p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Wed, 06 Oct 2021 00:28:19 GMT cache-control private
GET H3	200	m=Wt6vjf,_latency,FCpbqb,WhJNk Show response www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.N2O_5-qCKOQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Akx... Frame 6A1B	17 KB 7 KB	25ms 24ms	Script text/javascript	142.250.186.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.N2O_5-qCKOQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.AkxUdA-AWCI.L.B1.O/am=AoA/d=1/exm=Das5Le,IZT63,LEikZe,PrPYRd,Ru0Pgb,ZyYHPb,_b,_tp,byfTOb,hc6Ubd,lsjVmc,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrhy4Q5biqzQu9syUJO7g5wrfzDmkQ/m=Wt6vjf,_latency,FCpbqb,WhJNk Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.N2O_5-qCKOQ.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgCuVeNJjjhEAZ6soBYsVcHXH9J6Q/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f3.1e100.net Software sffe / Resource Hash 283f805e47d3a99058afc9750c1ab1defb6b801ea55b3aa6f40b76a773897720 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 01 Oct 2021 16:57:02 GMT content-encoding gzip x-content-type-options nosniff age 372677 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7265 x-xss-protection 0 last-modified Thu, 30 Sep 2021 02:23:13 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers" expires Sat, 01 Oct 2022 16:57:02 GMT
GET H3	200	m=lwddkf,EFQ78c Show response www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.N2O_5-qCKOQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Akx... Frame 6A1B	8 KB 3 KB	24ms 23ms	Script text/javascript	142.250.186.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.N2O_5-qCKOQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.AkxUdA-AWCI.L.B1.O/am=AoA/d=1/exm=Das5Le,FCpbqb,IZT63,LEikZe,PrPYRd,Ru0Pgb,WhJNk,Wt6vjf,ZyYHPb,_b,_latency,_tp,byfTOb,hc6Ubd,lsjVmc,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrhy4Q5biqzQu9syUJO7g5wrfzDmkQ/m=lwddkf,EFQ78c Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.N2O_5-qCKOQ.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgCuVeNJjjhEAZ6soBYsVcHXH9J6Q/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f3.1e100.net Software sffe / Resource Hash 0355f8ad2907b7b6b9a87b8cd88d221187d2752c80451ea395b842e3c42be357 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 01 Oct 2021 16:57:02 GMT content-encoding gzip x-content-type-options nosniff age 372677 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3312 x-xss-protection 0 last-modified Thu, 30 Sep 2021 02:23:13 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers" expires Sat, 01 Oct 2022 16:57:02 GMT
POST H2	200	log Show response play.google.com/ Frame 6A1B	131 B 692 B	86ms 50ms	XHR text/plain	216.58.212.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.N2O_5-qCKOQ.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgCuVeNJjjhEAZ6soBYsVcHXH9J6Q/m=_b,_tp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.142 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f14.1e100.net Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pay.google.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Wed, 06 Oct 2021 00:28:19 GMT content-encoding gzip server Playlog access-control-allow-headers X-Playlog-Web x-frame-options SAMEORIGIN p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." access-control-allow-origin https://pay.google.com cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin content-type text/plain; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 131 x-xss-protection 0 expires Wed, 06 Oct 2021 00:28:19 GMT

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery object| a object| b object| c string| d object| denylistedDomainsHashedValueListForGpayButtonWithCardInfo object| whitelistedDomainsHashedValueListForGpayButtonWithCardInfo object| denylistedMerchentIdsHashedValueListForGpayButtonWithCardInfo object| google

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.google.com/	1970-01-20 02:08:11	Name: NID Value: 511=ntRXSLbiydam-6-brex5YE-1dbhwaHq6xu8fOv99e3k3jH1gZFlyhR4NGJSRbVIFqrYAalchXxdYP_X9ti3RLuuPqT6SIewsaumv1h5IjzqqpaZk1ukvbf8Qvj4wykwl-WInQUynBFsLzakmUdqpmMUskYe4muabslnmO2pqDrw

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.food.paymoney.group/widget/widget.js?6337fa22e6cd7215d519 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.food.paymoney.group/widget/widget.js?6337fa22e6cd7215d519 Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
js.begateway.com
pay.google.com
play.google.com
www.food.paymoney.group
www.google-analytics.com
www.gstatic.com
104.16.19.94
142.250.186.99
172.217.23.110
216.58.212.142
31.31.196.28
54.194.112.188
74.125.133.92
002a7a220ef59c36c127de7f74ea7280f384c0fdfbe9d11506a2120332ca149c
0355f8ad2907b7b6b9a87b8cd88d221187d2752c80451ea395b842e3c42be357
0cc577014ae49ee3cc66758ca0b0bf198adc162370d4232084f8417f56dbeb61
1b2fb4299d6ec5b95da6631da5e2da32676d07f190e1bdf2653dbdd73815a46b
283f805e47d3a99058afc9750c1ab1defb6b801ea55b3aa6f40b76a773897720
2ba7104d8e962bd55d5dd0abffbaf6c291f17b28117b3c70398e7a3806e8695d
2c07c50d6905a3627629bb55a2b431211f221902709e8617a8cec54ad84129af
3a00ba71c6bfa8a5db84b13b866446edda3f9dce908417303767d3dfdc70b795
45c3c4192c90c0e3abc8bfb006894ab70bba374b627472c3d8799b212f1362df
4f12254642dbcda73c4442876a698105f53fea4f9631e21646378e581c5c60b5
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
6be878554b440f9a217ce5532e25de6bbf309982d33dc8870153ff2f7b49040f
aad17cfc52dd53b027b5979c0deafdef96690845f4b9f1cc436c2798ef02dd07
b68f066f50461343c7c5076fc886f8c1bf2055e6854bdd984c9d7bc43cb94785
b740a9e5d04a63f5834c340d81f03cda27be33706d573793e642ff9c19d299a2
b992c83acaa7ff805b5edf01448645a161cea1c3826ee65a86fe4b569e2a5feb
c5c3ae205b34343a94c69d7a05c6aef007d422382f4b857e298b229a3c9da3d5
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
df0b460f0263c2bc2fb5eda37ad61678e8c9dd1b4376a15de150e48d9c2b25be
e09a25d395eb3d7e86bf24e89932f7c19576b4189db751ff610ba472c3ba2a2b
e0c4f1d3a115bb2a5ace058c97855b858ec8d1b5985b3aaebfdbc201542e734c
f430a42b0a6e45b14efdb5e7792ad2c2bbf638e0af10b300784fa97992bc19ac
f57d64f3b3e7fcdcb145764ba8830164eea9e66a24ef1760cda116f29d0bd765
fb82877818fa23c8c028053cc5744c5d7947faca82bd50a82b918016499bfb62
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e