urlscan.io logo urlscan.io
SecurityTrails logo

www.pamal.com Open in urlscan Pro
13.32.121.78  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.pamal.com/contact-us/client-portal/
Submission: On November 03 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 4 countries across 14 domains to perform 64 HTTP transactions. The main IP is 13.32.121.78, located in United States and belongs to AMAZON-02, US. The main domain is www.pamal.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on October 2nd 2023. Valid for: a year.
This is the only time www.pamal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    13.32.121.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-78.fra60.r.cloudfront.net
www.pamal.com
8    2606:4700::6812:493 (United States)

ASN13335 (CLOUDFLARENET, US)
c.aiircdn.com
a.aiircdn.com
mmo.aiircdn.com
1    2a04:4e42:400::282 (United States)

ASN54113 (FASTLY, US)
polyfill.io
1    2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a02:26f0:2c:395::2a1 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
is3-ssl.mzstatic.com
16    34.224.13.27 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-13-27.compute-1.amazonaws.com
secure.transaxgateway.com
2    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    52.210.164.78 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-164-78.eu-west-1.compute.amazonaws.com
ads.aiir.net
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
5    2a00:1450:400c:c0a::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
pay.google.com
1    2a01:b740:a30:f000::201 (Frankfurt am Main, Germany)

ASN6185 (APPLE-AUSTIN, US)
applepay.cdn-apple.com
2    2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    18.66.192.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-11.muc50.r.cloudfront.net
static.transaxgateway.com
4    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
10    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
6    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
play.google.com
Apex Domain
Subdomains		 Transfer
17 transaxgateway.com
secure.transaxgateway.com — Cisco Umbrella Rank: 443121
static.transaxgateway.com
262 KB
15 google.com
pay.google.com — Cisco Umbrella Rank: 2685
www.google.com — Cisco Umbrella Rank: 2
play.google.com — Cisco Umbrella Rank: 28
459 KB
12 gstatic.com
fonts.gstatic.com
www.gstatic.com
778 KB
8 aiircdn.com
c.aiircdn.com — Cisco Umbrella Rank: 272192
a.aiircdn.com — Cisco Umbrella Rank: 329550
mmo.aiircdn.com — Cisco Umbrella Rank: 186627
185 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 903
13 KB
1 cdn-apple.com
applepay.cdn-apple.com — Cisco Umbrella Rank: 17216
49 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2462
253 B
1 aiir.net
ads.aiir.net — Cisco Umbrella Rank: 278965
503 B
1 mzstatic.com
is3-ssl.mzstatic.com — Cisco Umbrella Rank: 8180
104 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
91 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
1 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 762
30 KB
1 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1329
611 B
1 pamal.com
www.pamal.com
7 KB
64 14
Domain Requested by
16 secure.transaxgateway.com www.pamal.com
secure.transaxgateway.com
10 www.gstatic.com www.google.com
pay.google.com
www.gstatic.com
6 play.google.com www.gstatic.com
5 pay.google.com secure.transaxgateway.com
pay.google.com
www.pamal.com
www.gstatic.com
4 www.google.com secure.transaxgateway.com
www.gstatic.com
www.google.com
4 c.aiircdn.com www.pamal.com
2 unpkg.com 1 redirects secure.transaxgateway.com
2 fonts.gstatic.com fonts.googleapis.com
www.google.com
2 mmo.aiircdn.com www.pamal.com
2 a.aiircdn.com www.pamal.com
1 static.transaxgateway.com secure.transaxgateway.com
1 applepay.cdn-apple.com secure.transaxgateway.com
1 region1.google-analytics.com www.googletagmanager.com
1 ads.aiir.net c.aiircdn.com
1 is3-ssl.mzstatic.com www.pamal.com
1 www.googletagmanager.com www.pamal.com
1 fonts.googleapis.com www.pamal.com
1 code.jquery.com www.pamal.com
1 polyfill.io www.pamal.com
1 www.pamal.com
64 20

This site contains links to these domains. Also see Links.

Domain
pamaldigital.com
mail.albanybroadcasting.com
ads.aiir.net
pamal.com
aiir.com
Subject Issuer Validity Valid
*.pamal.com
Amazon RSA 2048 M03		 2023-10-02 -
2024-10-30		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
polyfill.io
Certainly Intermediate R1		 2023-10-23 -
2023-11-22		 a month crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
itunes.apple.com
Apple Public EV Server RSA CA 2 - G1		 2023-09-26 -
2023-12-25		 3 months crt.sh
*.transaxgateway.com
Amazon RSA 2048 M03		 2023-08-28 -
2024-09-24		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
aiir.net
Amazon RSA 2048 M02		 2023-02-10 -
2024-01-02		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
applepay.cdn-apple.com
Apple Public Server ECC CA 12 - G1		 2023-10-05 -
2024-01-03		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://www.pamal.com/contact-us/client-portal/
Frame ID: 927221B8600D68E0087233370C334EF2
Requests: 17 HTTP requests in this frame

Frame: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=edVHtTpKWCuwz8MLv5//afNKSH1wG1kwflqvGZD%2Bghg%3D
Frame ID: 443EB814315803EB621172517B2C4978
Requests: 24 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.transaxgateway.com&mid=
Frame ID: DF96C33CA2EABB2C349B40EF7465227A
Requests: 11 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJxMEUAAAAABITPAWnvcn6gfW6AWRSUy_DqTxD&co=aHR0cHM6Ly9zZWN1cmUudHJhbnNheGdhdGV3YXkuY29tOjQ0Mw..&hl=de&v=3sU2vDRVDmUU2E0Ro4VadvPr&size=normal&cb=g5edk5armyyf
Frame ID: CFC5CA061C3AD8A9E203398CBAE9D005
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=3sU2vDRVDmUU2E0Ro4VadvPr&k=6LdJxMEUAAAAABITPAWnvcn6gfW6AWRSUy_DqTxD
Frame ID: 39B6BE03A84769082CD7928B7E604FB4
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Client Portal -

Detected technologies

Overall confidence: 100%
Detected patterns
  • pay\.google\.com/([a-z/]+)/pay\.js
Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js
Overall confidence: 100%
Detected patterns
  • <[^>]+data-controller
Overall confidence: 100%
Detected patterns
  • /axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

64
Requests

95 %
HTTPS

78 %
IPv6

14
Domains

20
Subdomains

19
IPs

4
Countries

1980 kB
Transfer

4883 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://unpkg.com/axios/dist/axios.min.js HTTP 302
  • https://unpkg.com/axios@1.6.0/dist/axios.min.js

64 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.pamal.com/contact-us/client-portal/ 		23 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.pamal.com/contact-us/client-portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-78.fra60.r.cloudfront.net
Software
awselb/2.0 /
Resource Hash
c951125ada6af0f0872b8309b360550dc5af5dea67338afe89fb3a3acdf6de45

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
8
cache-control
max-age=60
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 03 Nov 2023 15:40:19 GMT
server
awselb/2.0
vary
Accept-Encoding
via
1.1 b04a6cb0bde4a78c29099913e07f9056.cloudfront.net (CloudFront)
x-amz-cf-id
0v-XI2tnP1-GhTF7QwVddp_7UWz4n3zNRE4YKSeohIyPu2My8opSoA==
x-amz-cf-pop
FRA60-P1
x-cache
Hit from cloudfront
afe-ada1102978.min.css
c.aiircdn.com/fe/css/dist/ 		49 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.aiircdn.com/fe/css/dist/afe-ada1102978.min.css
Requested by
Host: www.pamal.com
URL: https://www.pamal.com/contact-us/client-portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:493 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6a388c7c2652bae41f28b4e508f6fd0392f3db08b7b0a65d0d75f1e35924e55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pamal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 15:40:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 25 Oct 2023 10:00:37 GMT
server
cloudflare
x-amz-request-id
TDZ1XR83GZCTSWFS
age
107832
etag
W/"ada11029785f421b08d2ecacb442136c"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=155520000
cf-ray
8205b7450a912c42-FRA
x-amz-id-2
3h2/hMRA4MRTBpPZf+W694JHbJG+Xlq/UB9tjtAHlNJUN4JDJ40NG1uv23MD0a8ScLugLUIL0aE=
expires
Sat, 07 Oct 2028 15:40:28 GMT
polyfill.min.js
polyfill.io/v3/ 		101 B
611 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=default%2CArray.prototype.find%2CArray.prototype.findIndex%2CArray.prototype.includes%2CObject.values
Requested by
Host: www.pamal.com
URL: https://www.pamal.com/contact-us/client-portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.pamal.com/
Origin
https://www.pamal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 03 Nov 2023 15:40:28 GMT
age
238652
detected-user-agent
Chrome/119.0.0
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=2
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
113
referrer-policy
origin-when-cross-origin
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/119.0.0
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges
bytes
timing-allow-origin
*
jquery-3.7.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.7.1.min.js
Requested by
Host: www.pamal.com
URL: https://www.pamal.com/contact-us/client-portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pamal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 15:40:28 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
4225363
x-cache
HIT, HIT
content-length
30336
x-served-by
cache-lga21978-LGA, cache-fra-etou8220079-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1699026028.319654,VS0,VE0
etag
W/"28feccc0-155ed"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
34, 19439
runtime.412127dd94083351e8bd.js
c.aiircdn.com/fe/js/dist/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.aiircdn.com/fe/js/dist/runtime.412127dd94083351e8bd.js
Requested by
Host: www.pamal.com
URL: https://www.pamal.com/contact-us/client-portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:493 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8452aecf501efe9bee7acd30843a8efd968cec7d59553eae6a98b0ff6e58401

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pamal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 15:40:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 24 Oct 2023 15:51:24 GMT
server
cloudflare
x-amz-request-id
C33NX0A6EQ5CZCKW
age
136986
etag
W/"837e9cd11a312f8d70415488531ee3ad"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=155520000
cf-ray
8205b7450a962c42-FRA
x-amz-id-2
+5jpmafSVbOTL4JaF6sTwulxybR3/xXkTm6now+XJXpMOkUSOUdqcIrX/Kem1LUako+P0XXV9uM=
expires
Sat, 07 Oct 2028 15:40:28 GMT
vendor.0547060b1b8fd7f72e3b.js
c.aiircdn.com/fe/js/dist/ 		57 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.aiircdn.com/fe/js/dist/vendor.0547060b1b8fd7f72e3b.js
Requested by
Host: www.pamal.com
URL: https://www.pamal.com/contact-us/client-portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:493 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ca285d9a1b045e2dff9f0f842705d9d379df01b7c46607c7714d36f0de570b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pamal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 15:40:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 24 Oct 2023 15:51:24 GMT
server
cloudflare
x-amz-request-id
BD7V002PW745XED2
age
126960
etag
W/"9af4c296267e4c2110b5d590273f065d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=155520000
cf-ray
8205b7450a952c42-FRA
x-amz-id-2
7UQamDLgE+FxZzckuvUWXqhK8mADj2k21BGVgaA4o2NdxnmTE8Q0rjnl5Qn+J1ctBBcbclAHpH8=
expires
Sat, 07 Oct 2028 15:40:28 GMT
afe.b1da0ef2008e90dba4c3.js
c.aiircdn.com/fe/js/dist/ 		61 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.aiircdn.com/fe/js/dist/afe.b1da0ef2008e90dba4c3.js
Requested by
Host: www.pamal.com
URL: https://www.pamal.com/contact-us/client-portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:493 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3011e17d6d096d9756a192a6c07e17c5e64b7acbb02b2f5ab9179ee8217ee592

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pamal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 15:40:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 24 Oct 2023 15:51:24 GMT
server
cloudflare
x-amz-request-id
8A40AN9JXVEV9GYX
age
862728
etag
W/"9d8103be5ea884f4b80561be831afaf0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=155520000
cf-ray
8205b7450a922c42-FRA
x-amz-id-2
HRr5qZQggDDU07+yRSK28HvskPsPjgRq1GudaIyaw+vD/r/5Bnr+ZpUoQ+Cr4aAw3eJetMZA5UU=
expires
Sat, 07 Oct 2028 15:40:28 GMT
3287-upwcaoqaz1tekp.css
a.aiircdn.com/d/c/ 		48 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.aiircdn.com/d/c/3287-upwcaoqaz1tekp.css
Requested by
Host: www.pamal.com
URL: https://www.pamal.com/contact-us/client-portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:493 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec739605fbe09bad59017fdcb6306a7c67e4666f93678df8c8ad8d4a25e5d5df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pamal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 15:40:28 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 25 Sep 2023 19:34:51 GMT
server
cloudflare
x-amz-request-id
6FZCB8HFP0NS79XK
etag
W/"c00707b189fc1e9e5940bd81f7c3b97f"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=155520000
cf-ray
8205b744f98e9bac-FRA
x-amz-id-2
OI3Xm7Agkop7YXp1iQvT3bKmBwUjj3/AoYBmk+p2AvPu8nkLdBjxINJzgo7hQr6t2ZTWL3ErfrE=
expires
Sat, 07 Oct 2028 15:40:28 GMT
3288-4hbhm8ufbzprye.js
a.aiircdn.com/d/j/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.aiircdn.com/d/j/3288-4hbhm8ufbzprye.js
Requested by
Host: www.pamal.com
URL: https://www.pamal.com/contact-us/client-portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:493 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4d358effbac5b9c9a2bd0435570e65ae19026ecf5c0c48218c6cca0149bcc71

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pamal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 15:40:28 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 13 Jun 2023 21:06:02 GMT
server
cloudflare
x-amz-request-id
6FZ2BG4G57R2ZMCV
etag
W/"d58647b359ea8e76244be10c9021c564"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=155520000
cf-ray
8205b744f9929bac-FRA
x-amz-id-2
nPdyGkb8WTjMdAhsMwdttoE0XPQmaSzggTOxQsRpgw/tqfPF85/+tUmkEfYryPSr5OVwYB5J1U4=
expires
Sat, 07 Oct 2028 15:40:28 GMT
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700&display=swap
Requested by
Host: www.pamal.com
URL: https://www.pamal.com/contact-us/client-portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
028530634b479a39a45a77216857fffc70fa654dee4da69129cbfd2563379981
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pamal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 03 Nov 2023 15:40:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 03 Nov 2023 15:40:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 03 Nov 2023 15:40:28 GMT
js
www.googletagmanager.com/gtag/ 		274 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NCVC52ESHR
Requested by
Host: www.pamal.com
URL: https://www.pamal.com/contact-us/client-portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d6c3f7dc1e4be2cf68438f04eae7852c00b6981d43a89a2b0524ed21ad54ec55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pamal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 15:40:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92935
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 03 Nov 2023 15:40:28 GMT
6511ddfb3a849.png
mmo.aiircdn.com/1023/ 		111 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mmo.aiircdn.com/1023/6511ddfb3a849.png
Requested by
Host: www.pamal.com
URL: https://www.pamal.com/contact-us/client-portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:493 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d6467ba36a4ba7c7a4e13cb4d330041a91efa524858ead06c50ad5b7460bc7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pamal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 15:40:28 GMT
x-amz-version-id
UppBEpPtgAoixJIIweahdQarMCDU75fh
cf-cache-status
HIT
x-amz-request-id
6MGVMDMJ0N009HFG
age
6725
content-length
114014
x-amz-id-2
fJCAk9aiFsF2Qa47XaL+MTJz/1l5GL4xP6HC7XbxP1CGkxHbGPH5yukqlVmB4dBOtBD1zXAjxsU=
last-modified
Mon, 25 Sep 2023 19:22:39 GMT
server
cloudflare
etag
"b316f08343b656ae3487ca4c25741583"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8205b745087a1c34-FRA
expires
Sat, 02 Nov 2024 15:40:28 GMT
600x600bb.jpg
is3-ssl.mzstatic.com/image/thumb/Music124/v4/1c/fd/34/1cfd3490-f752-b814-1175-150dcb6a90ea/06UMGIM42200.rgb.jpg/ 		104 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://is3-ssl.mzstatic.com/image/thumb/Music124/v4/1c/fd/34/1cfd3490-f752-b814-1175-150dcb6a90ea/06UMGIM42200.rgb.jpg/600x600bb.jpg
Requested by
Host: www.pamal.com
URL: https://www.pamal.com/contact-us/client-portal/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2c:395::2a1 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
daiquiri/3.0.0 /
Resource Hash
ad2a7f3953bb7cbe0db1123612fa709f693db69b2fcd95764c5deebd42cb6173
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pamal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-apple-jingle-correlation-key
GXX57XU6UDKM45BWLWCNKY2KJ4
strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 03 Nov 2023 15:40:28 GMT
x-b3-traceid
35efdfde9ea0d4ce74365d84d5634a4f
x-daiquiri-instance
daiquiri:33624002:pv50p00it-hyhk12033901:7987:23RELEASE81:daiquiri-amp-processing-shared-int-001-pv
cdnuuid
18c8e3b5-f17c-460c-9716-f999af0d9b96-3958062337
x-cache
TCP_MISS from a2-19-96-62.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-)
b3
35efdfde9ea0d4ce74365d84d5634a4f-b7946f63ba0e10cb
content-length
106032
apple-tk
false
server
daiquiri/3.0.0
apple-seq
0.0
last-modified
Fri, 09 Jun 2023 03:07:38 GMT
x-cache-remote
TCP_HIT from a2-19-96-54.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-)
etag
"MSwxLjUuMy0yM0YsVmVyc2lvbiAxMi4xIChCdWlsZCAyMUM1MiksMTY4NjI4MDA1ODk1Mixpc0J1aWxkVmVyc2lvbk5vdFNldCw2MDI3MCxub0VmZmVjdA=="
apple-originating-system
UnknownOriginatingSystem
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid
35efdfde-9ea0-d4ce-7436-5d84d5634a4f
x-b3-spanid
b7946f63ba0e10cb
cache-control
no-transform, max-age=16579454
timing-allow-origin
*
HostedPaymentPage.aspx
secure.transaxgateway.com/HostedPaymentForm/ Frame 443E 		72 KB
73 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=edVHtTpKWCuwz8MLv5//afNKSH1wG1kwflqvGZD%2Bghg%3D
Requested by
Host: www.pamal.com
URL: https://www.pamal.com/contact-us/client-portal/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.13.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-13-27.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2b96d5985d1d97ed5a6ce6892b0778da2ebe76deb1a43465aa230f3cee3cd6ce
Security Headers
Name Value
Content-Security-Policy GOFORIT
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options GOFORIT

Request headers

Referer
https://www.pamal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
content-length
74019
content-security-policy
GOFORIT
content-type
text/html; charset=utf-8
date
Fri, 03 Nov 2023 15:40:28 GMT
expires
-1
pragma
no-cache
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-aspnet-version
4.0.30319
x-content-type-options
nosniff
x-frame-options
GOFORIT
x-powered-by
ASP.NET
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.pamal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 18:16:19 GMT
x-content-type-options
nosniff
age
77049
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48432
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:40:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Nov 2024 18:16:19 GMT
pageads
ads.aiir.net/ 		386 B
503 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.aiir.net/pageads?s=1520&path_no_tll=%2Fcontact-us%2Fclient-portal%2F&pos%5B%5D=10062&pos%5B%5D=10063&pos%5B%5D=10064&pos%5B%5D=10065&pos%5B%5D=10066&pos%5B%5D=10067&pos%5B%5D=10068&pos%5B%5D=10069&pos%5B%5D=to&pos%5B%5D=cs&service_id=4905&callback=_jsonp_1699026028519
Requested by
Host: c.aiircdn.com
URL: https://c.aiircdn.com/fe/js/dist/afe.b1da0ef2008e90dba4c3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.164.78 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-164-78.eu-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
8df636ccf5cf4441c75e054ffd2a8be92a7d91d8688461e9b822bddff44fa59b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pamal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-type
application/javascript
pragma
no-cache
date
Fri, 03 Nov 2023 15:40:29 GMT
cache-control
no-cache
server
awselb/2.0
content-length
386
expires
0
collect
region1.google-analytics.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-NCVC52ESHR&gtm=45je3b11v9166991713&_p=1699026028504&gcd=11l1l1l1l1&cid=1793321698.1699026029&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699026028&sct=1&seg=0&dl=https%3A%2F%2Fwww.pamal.com%2Fcontact-us%2Fclient-portal%2F&dt=Client%20Portal%20-&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=516
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NCVC52ESHR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pamal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 15:40:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.pamal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hosted.css
secure.transaxgateway.com/Styles/ Frame 443E 		35 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.transaxgateway.com/Styles/hosted.css
Requested by
Host: secure.transaxgateway.com
URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=edVHtTpKWCuwz8MLv5//afNKSH1wG1kwflqvGZD%2Bghg%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.13.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-13-27.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4ff8a311c20d871eb917b464a63da00f76efcac353588708185dca450c1594d7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=edVHtTpKWCuwz8MLv5//afNKSH1wG1kwflqvGZD%2Bghg%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 15:40:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'none';
last-modified
Thu, 02 Nov 2023 23:34:04 GMT
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000; includeSubDomains; preload
etag
"0beb710e5dda1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
sameorigin
content-type
text/css
cache-control
no-cache
accept-ranges
bytes
content-length
6258
tx-icons.css
secure.transaxgateway.com/Styles/ Frame 443E 		0
0
fonts.css
secure.transaxgateway.com/Styles/ Frame 443E 		0
0
ApplePayJSv1.js
secure.transaxgateway.com/HostedPaymentForm/ Frame 443E 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.transaxgateway.com/HostedPaymentForm/ApplePayJSv1.js
Requested by
Host: secure.transaxgateway.com
URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=edVHtTpKWCuwz8MLv5//afNKSH1wG1kwflqvGZD%2Bghg%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.13.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-13-27.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
Security Headers
Name Value
Content-Security-Policy GOFORIT
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options GOFORIT

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=edVHtTpKWCuwz8MLv5//afNKSH1wG1kwflqvGZD%2Bghg%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 15:40:29 GMT
content-security-policy
GOFORIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
x-frame-options
GOFORIT
content-type
text/html
content-length
1245
pay.js
pay.google.com/gp/p/js/ Frame 443E 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: secure.transaxgateway.com
URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=edVHtTpKWCuwz8MLv5//afNKSH1wG1kwflqvGZD%2Bghg%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b2ca074e06b24a5adbed403260d9a354a1d13d2eb95f13c59740e3c378f5a0c3
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-_mRp88HysaTlCO2eqCUCjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.transaxgateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 15:40:29 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-_mRp88HysaTlCO2eqCUCjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Fri, 03 Nov 2023 15:40:29 GMT
apple-pay-sdk.js
applepay.cdn-apple.com/jsapi/v1/ Frame 443E 		162 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js
Requested by
Host: secure.transaxgateway.com
URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=edVHtTpKWCuwz8MLv5//afNKSH1wG1kwflqvGZD%2Bghg%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a01:b740:a30:f000::201 Frankfurt am Main, Germany, ASN6185 (APPLE-AUSTIN, US),
Reverse DNS
Software
Apple /
Resource Hash
4f3604f1ead4e51e75612bbe34446f8f91b84879fa85453e8ca46a664f78b3cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.transaxgateway.com/
Origin
https://secure.transaxgateway.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-apple-jingle-correlation-key
K7KZHG6IVR7UL4S7FM7PX3WRGE
Date
Fri, 03 Nov 2023 14:11:39 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains
X-Content-Type-Options
nosniff
Content-Encoding
gzip
x-b3-traceid
57d5939bc8ac7f45f25f2b3efbeed131
Via
http/1.1 defra1-edge-lx-003.ts.apple.com (acdn/4.8), http/1.1 defra1-edge-bx-010.ts.apple.com (acdn/4.8)
Age
5330
X-Cache
hit-fresh, hit-fresh
CDNUUID
10baa049-89b9-4749-8ed8-1a9a8c4d0f95-12585787108
b3
57d5939bc8ac7f45f25f2b3efbeed131-dcf50bb5351fb236
Connection
keep-alive
Content-Length
48883
X-XSS-Protection
1; mode=block
apple-tk
false
Server
Apple
apple-seq
0
Last-Modified
Mon, 23 Oct 2023 05:24:20 GMT
apple-originating-system
payment-client-service-PROD
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-apple-request-uuid
57d5939b-c8ac-7f45-f25f-2b3efbeed131
x-b3-spanid
dcf50bb5351fb236
Access-Control-Allow-Credentials
false
Cache-Control
public, max-age=86400, stale-while-revalidate=86400
axios.min.js
unpkg.com/axios@1.6.0/dist/ Frame 443E
Redirect Chain
  • https://unpkg.com/axios/dist/axios.min.js
  • https://unpkg.com/axios@1.6.0/dist/axios.min.js
32 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/axios@1.6.0/dist/axios.min.js
Requested by
Host: secure.transaxgateway.com
URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=edVHtTpKWCuwz8MLv5//afNKSH1wG1kwflqvGZD%2Bghg%3D
Protocol
H2
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dc60b613493f242077201a552d894e8b6bbf844396e92206441a3772e19f8d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.transaxgateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 15:40:29 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
203105
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HE4VSA0WFPVY0JV5NPZRXGZB-fra
server
cloudflare
etag
W/"7e3c-e1wBNFHIUnqeYFwFmjZKh5MDVVo"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8205b74a6c574d97-FRA

Redirect headers

date
Fri, 03 Nov 2023 15:40:29 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01HEAXF0ZN96RT3T4CXDJ5VV18-fra
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
18
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/axios@1.6.0/dist/axios.min.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
8205b74a2c224d97-FRA
WebResource.axd
secure.transaxgateway.com/ Frame 443E 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.transaxgateway.com/WebResource.axd?d=X7q8oq9Rfn_ksZhT1QTo96v2VmLdnnaTwwfcWImIa805GYvcmaOyuvrX3fsPv4YIyUt1cHe3v8BQt8MSSHBW_QFoa5o1&t=638259182771233176
Requested by
Host: secure.transaxgateway.com
URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=edVHtTpKWCuwz8MLv5//afNKSH1wG1kwflqvGZD%2Bghg%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.13.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-13-27.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=edVHtTpKWCuwz8MLv5//afNKSH1wG1kwflqvGZD%2Bghg%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 15:40:29 GMT
content-security-policy
frame-ancestors 'none';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-frame-options
sameorigin
content-type
application/x-javascript
cache-control
no-cache, no-store
content-length
23063
expires
-1
ScriptResource.axd
secure.transaxgateway.com/ Frame 443E 		26 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.transaxgateway.com/ScriptResource.axd?d=E0G2se1wjIMSI90mCuAM1bsuY5PpvwVpFlP9n2ZcHzu4aHAADWgf8wkA6c1ov3M5XHMBRy_ryM6rIvgrgCMN5yMyjMbgH8N5bQSZp7eUCM2txSA1BH3CXYypKEX1EoSNM-OruAx5AI0vwZ4GAeiwupRziQo1&t=3fff4fa7
Requested by
Host: secure.transaxgateway.com
URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=edVHtTpKWCuwz8MLv5//afNKSH1wG1kwflqvGZD%2Bghg%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.13.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-13-27.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=edVHtTpKWCuwz8MLv5//afNKSH1wG1kwflqvGZD%2Bghg%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 15:40:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'none';
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-frame-options
sameorigin
content-type
application/x-javascript
cache-control
no-cache, no-store
content-length
5479
expires
-1
ScriptResource.axd
secure.transaxgateway.com/ Frame 443E 		100 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.transaxgateway.com/ScriptResource.axd?d=KTyiOYnWccdW3ahPZWZdAB4Q6bs5lNhMaAfEGPzZI81_XzRk7A828_g5cBeUFbqX_Dtb7l9yygeylforVz44AivsI1EU-WW8um-EUafsJjfdu2OYllIZCOBNqRUnpenrBODjbAWtg_lLJXNfZj17QjHj5AlfxJjrTZXEU-IoRez-IkDc0&t=5d0a842b
Requested by
Host: secure.transaxgateway.com
URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=edVHtTpKWCuwz8MLv5//afNKSH1wG1kwflqvGZD%2Bghg%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.13.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-13-27.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=edVHtTpKWCuwz8MLv5//afNKSH1wG1kwflqvGZD%2Bghg%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 15:40:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'none';
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-frame-options
sameorigin
content-type
application/x-javascript
cache-control
no-cache, no-store
content-length
25609
expires
-1
ScriptResource.axd
secure.transaxgateway.com/ Frame 443E 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.transaxgateway.com/ScriptResource.axd?d=LiRE6BpPPmFbhbyGiy7s99_QR5KD581nVbH8eG_or2QH8r5mSntdd40xHzcjAj3VJ2QFG92YLMhLezS8UGgF4i-lyb2DwrTbiuY2HI359tfzqk_BNgnTqLIhWh3NaKDCckOdjROsqrpyPVzTl2Xu-udYBgXlgBhj2-_vQsb3rB1T3ojY0&t=5d0a842b
Requested by
Host: secure.transaxgateway.com
URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=edVHtTpKWCuwz8MLv5//afNKSH1wG1kwflqvGZD%2Bghg%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.13.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-13-27.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=edVHtTpKWCuwz8MLv5//afNKSH1wG1kwflqvGZD%2Bghg%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 15:40:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'none';
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-frame-options
sameorigin
content-type
application/x-javascript
cache-control
no-cache, no-store
content-length
9984
expires
-1
jquery-3.7.0.min.js
secure.transaxgateway.com/Scripts/ Frame 443E 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.transaxgateway.com/Scripts/jquery-3.7.0.min.js
Requested by
Host: secure.transaxgateway.com
URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=edVHtTpKWCuwz8MLv5//afNKSH1wG1kwflqvGZD%2Bghg%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.13.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-13-27.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=edVHtTpKWCuwz8MLv5//afNKSH1wG1kwflqvGZD%2Bghg%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 15:40:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'none';
last-modified
Thu, 02 Nov 2023 23:34:04 GMT
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000; includeSubDomains; preload
etag
"0beb710e5dda1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
sameorigin
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
content-length
30416
masonry.pkgd.min.js
secure.transaxgateway.com/Scripts/ Frame 443E 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.transaxgateway.com/Scripts/masonry.pkgd.min.js
Requested by
Host: secure.transaxgateway.com
URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=edVHtTpKWCuwz8MLv5//afNKSH1wG1kwflqvGZD%2Bghg%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.13.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-13-27.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a95b499f9d269eaaf206deeb1819aecb4bf622d50cfa0ec4aaf485bba18cee7e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=edVHtTpKWCuwz8MLv5//afNKSH1wG1kwflqvGZD%2Bghg%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 15:40:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'none';
last-modified
Thu, 02 Nov 2023 23:34:04 GMT
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000; includeSubDomains; preload
etag
"0beb710e5dda1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
sameorigin
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
content-length
7454
transax20190506.js
secure.transaxgateway.com/Scripts/ Frame 443E 		34 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.transaxgateway.com/Scripts/transax20190506.js
Requested by
Host: secure.transaxgateway.com
URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=edVHtTpKWCuwz8MLv5//afNKSH1wG1kwflqvGZD%2Bghg%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.13.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-13-27.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8665d2f44e09b242236e831e3fab1306845537140d22d3d6ad94eec6da493ab4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=edVHtTpKWCuwz8MLv5//afNKSH1wG1kwflqvGZD%2Bghg%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 15:40:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'none';
last-modified
Thu, 02 Nov 2023 23:34:04 GMT
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000; includeSubDomains; preload
etag
"0beb710e5dda1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
sameorigin
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
content-length
5474
FixFocus.js
secure.transaxgateway.com/Scripts/ Frame 443E 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.transaxgateway.com/Scripts/FixFocus.js
Requested by
Host: secure.transaxgateway.com
URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=edVHtTpKWCuwz8MLv5//afNKSH1wG1kwflqvGZD%2Bghg%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.13.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-13-27.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c5a6c65e0659cd90e83bc3c9e6bd2cab63beca386a402ab362f64430653c98a8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=edVHtTpKWCuwz8MLv5//afNKSH1wG1kwflqvGZD%2Bghg%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 15:40:29 GMT
content-security-policy
frame-ancestors 'none';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 02 Nov 2023 23:34:04 GMT
server
Microsoft-IIS/10.0
etag
"0beb710e5dda1:0"
x-powered-by
ASP.NET
x-frame-options
sameorigin
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
content-length
1554
doubletaptogo.min.js
secure.transaxgateway.com/Scripts/ Frame 443E 		585 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.transaxgateway.com/Scripts/doubletaptogo.min.js
Requested by
Host: secure.transaxgateway.com
URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=edVHtTpKWCuwz8MLv5//afNKSH1wG1kwflqvGZD%2Bghg%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.13.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-13-27.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
37384673af8d6661ec5ce9b017723426444f80b065e16e7a2a66d0fa81ed9fcf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=edVHtTpKWCuwz8MLv5//afNKSH1wG1kwflqvGZD%2Bghg%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 15:40:29 GMT
content-security-policy
frame-ancestors 'none';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 02 Nov 2023 23:34:04 GMT
server
Microsoft-IIS/10.0
etag
"0beb710e5dda1:0"
x-powered-by
ASP.NET
x-frame-options
sameorigin
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
content-length
585
logo.png
static.transaxgateway.com/images/config_images/_15708/ Frame 443E 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.transaxgateway.com/images/config_images/_15708/logo.png
Requested by
Host: secure.transaxgateway.com
URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=edVHtTpKWCuwz8MLv5//afNKSH1wG1kwflqvGZD%2Bghg%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-11.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
34ae4591c72eff5ca9a68123476df240c645c978d51a7a5342f88dc72b74ff62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.transaxgateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 20:45:15 GMT
via
1.1 ba2af690a81a9d904af393a857344bf4.cloudfront.net (CloudFront)
last-modified
Mon, 28 Sep 2020 20:52:14 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
68115
etag
"6e970110efaa0ad52d3920a69e798e4c"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
33217
x-amz-cf-id
wSOac7H1E2RTEsuuVpXodmS04qnbLD9UmQatBgXLhjY1jFJWeVHAew==
Visa.png
secure.transaxgateway.com/images/cardbrand/ Frame 443E 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.transaxgateway.com/images/cardbrand/Visa.png
Requested by
Host: secure.transaxgateway.com
URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=edVHtTpKWCuwz8MLv5//afNKSH1wG1kwflqvGZD%2Bghg%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.13.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-13-27.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8aaef69b5f798f99583f9401814e896194b00017adc83fea26e4fd39c9f7e7b7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=edVHtTpKWCuwz8MLv5//afNKSH1wG1kwflqvGZD%2Bghg%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 15:40:29 GMT
content-security-policy
frame-ancestors 'none';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 02 Nov 2023 23:34:04 GMT
server
Microsoft-IIS/10.0
etag
"0beb710e5dda1:0"
x-powered-by
ASP.NET
x-frame-options
sameorigin
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
content-length
6736
MasterCard.png
secure.transaxgateway.com/images/cardbrand/ Frame 443E 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.transaxgateway.com/images/cardbrand/MasterCard.png
Requested by
Host: secure.transaxgateway.com
URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=edVHtTpKWCuwz8MLv5//afNKSH1wG1kwflqvGZD%2Bghg%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.13.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-13-27.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fc8db7870587a768ae33540ede126501d2cf29670b3004708c422095745a1faf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=edVHtTpKWCuwz8MLv5//afNKSH1wG1kwflqvGZD%2Bghg%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 15:40:29 GMT
content-security-policy
frame-ancestors 'none';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 02 Nov 2023 23:34:04 GMT
server
Microsoft-IIS/10.0
etag
"0beb710e5dda1:0"
x-powered-by
ASP.NET
x-frame-options
sameorigin
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
content-length
8648
Discover.png
secure.transaxgateway.com/images/cardbrand/ Frame 443E 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.transaxgateway.com/images/cardbrand/Discover.png
Requested by
Host: secure.transaxgateway.com
URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=edVHtTpKWCuwz8MLv5//afNKSH1wG1kwflqvGZD%2Bghg%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.13.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-13-27.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5fc1d6472e832d022ebdcc0c5ba3b99230b117a657eb425dec292448bc189a09
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=edVHtTpKWCuwz8MLv5//afNKSH1wG1kwflqvGZD%2Bghg%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 15:40:29 GMT
content-security-policy
frame-ancestors 'none';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 02 Nov 2023 23:34:04 GMT
server
Microsoft-IIS/10.0
etag
"0beb710e5dda1:0"
x-powered-by
ASP.NET
x-frame-options
sameorigin
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
content-length
9774
AMEX.png
secure.transaxgateway.com/images/cardbrand/ Frame 443E 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.transaxgateway.com/images/cardbrand/AMEX.png
Requested by
Host: secure.transaxgateway.com
URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=edVHtTpKWCuwz8MLv5//afNKSH1wG1kwflqvGZD%2Bghg%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.13.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-13-27.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8ff665f46765a156d12b96a537e6af65f1a831ae83749ce6a01e7df75b565b48
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=edVHtTpKWCuwz8MLv5//afNKSH1wG1kwflqvGZD%2Bghg%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 15:40:29 GMT
content-security-policy
frame-ancestors 'none';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 02 Nov 2023 23:34:04 GMT
server
Microsoft-IIS/10.0
etag
"0beb710e5dda1:0"
x-powered-by
ASP.NET
x-frame-options
sameorigin
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
content-length
9578
api.js
www.google.com/recaptcha/ Frame 443E 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Requested by
Host: secure.transaxgateway.com
URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=edVHtTpKWCuwz8MLv5//afNKSH1wG1kwflqvGZD%2Bghg%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
14962ca468bd63574d7d0ea9b43226a86efc06d285083676e9bf308db9072412
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.transaxgateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 15:40:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Fri, 03 Nov 2023 15:40:29 GMT
payframe
pay.google.com/gp/p/ui/ Frame DF96 		19 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.transaxgateway.com&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
26fc84421ca9a8ac1619f9ed6952f0740e4e9db6cf0cfdecc80d05baa9e283d2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JXfYidbWgRBAxHs6ouJT5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.transaxgateway.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-JXfYidbWgRBAxHs6ouJT5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Fri, 03 Nov 2023 15:40:29 GMT
expires
Fri, 03 Nov 2023 15:40:29 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
6501c2c814c23.jpg
mmo.aiircdn.com/1023/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mmo.aiircdn.com/1023/6501c2c814c23.jpg
Requested by
Host: www.pamal.com
URL: https://www.pamal.com/contact-us/client-portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:493 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5bf3d056289f66723c7ec91ba2e67d8b3279a48623627ba8d18d15308229577

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pamal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 15:40:29 GMT
x-amz-version-id
NN84CENO7IqaTsRoLOcbrkRIfgwZAK_W
cf-cache-status
HIT
x-amz-request-id
5NF7K75SBQRPDPSC
age
8
content-length
18834
x-amz-id-2
bhh7aRP1zqKqUSqIF83LkNcqp9cWVrK9SjtO0jsXupchEth+mbRoBi9oiAAvqGBFGDMkNbJrcLk=
cf-bgj
h2pri
last-modified
Wed, 13 Sep 2023 14:10:18 GMT
server
cloudflare
etag
"434062e2104a8666ea38ec4edf38db92"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8205b74c2f551c34-FRA
expires
Sat, 02 Nov 2024 15:40:29 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/ Frame 443E 		470 KB
189 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a57a9f18c1cd1427deb1df65b1b059636ddb7b36aa32fe394f094203feb1f99e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.transaxgateway.com/
Origin
https://secure.transaxgateway.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 12:31:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11363
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
192400
x-xss-protection
0
last-modified
Mon, 30 Oct 2023 02:02:02 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Nov 2024 12:31:06 GMT
anchor
www.google.com/recaptcha/api2/ Frame CFC5 		59 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJxMEUAAAAABITPAWnvcn6gfW6AWRSUy_DqTxD&co=aHR0cHM6Ly9zZWN1cmUudHJhbnNheGdhdGV3YXkuY29tOjQ0Mw..&hl=de&v=3sU2vDRVDmUU2E0Ro4VadvPr&size=normal&cb=g5edk5armyyf
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c93614aadf70fd9db6b7c152daf7218e0c2fc742212f28d3a2b84e25469038f2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-HmaBqRUI6Zdv6-8BqX0_OQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.transaxgateway.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-HmaBqRUI6Zdv6-8BqX0_OQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 15:40:29 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
m=_b,_tp
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.dZUEh5t69fE.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame DF96 		158 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.dZUEh5t69fE.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgQFwuzfs_U8bsdUi58_nTatb8yKA/m=_b,_tp
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.transaxgateway.com&mid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5965df46f80d473c4e6f62e8f672256938a0aa6cc98bb8b44489a196766b81c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 16:25:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
170099
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57388
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 08:39:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 31 Oct 2024 16:25:30 GMT
cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame DF96 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by
Host: www.pamal.com
URL: https://www.pamal.com/contact-us/client-portal/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0a::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer
https://pay.google.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 03 Nov 2023 15:40:29 GMT
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1608
content-type
text/html; charset=UTF-8
styles__ltr.css
www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/ Frame CFC5 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJxMEUAAAAABITPAWnvcn6gfW6AWRSUy_DqTxD&co=aHR0cHM6Ly9zZWN1cmUudHJhbnNheGdhdGV3YXkuY29tOjQ0Mw..&hl=de&v=3sU2vDRVDmUU2E0Ro4VadvPr&size=normal&cb=g5edk5armyyf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 13:44:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6962
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 30 Oct 2023 02:02:02 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Nov 2024 13:44:27 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/ Frame CFC5 		470 KB
188 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJxMEUAAAAABITPAWnvcn6gfW6AWRSUy_DqTxD&co=aHR0cHM6Ly9zZWN1cmUudHJhbnNheGdhdGV3YXkuY29tOjQ0Mw..&hl=de&v=3sU2vDRVDmUU2E0Ro4VadvPr&size=normal&cb=g5edk5armyyf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a57a9f18c1cd1427deb1df65b1b059636ddb7b36aa32fe394f094203feb1f99e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 12:31:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11363
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
192400
x-xss-protection
0
last-modified
Mon, 30 Oct 2023 02:02:02 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Nov 2024 12:31:06 GMT
truncated
/ Frame CFC5 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame CFC5 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame CFC5 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 00:18:29 GMT
x-content-type-options
nosniff
age
55320
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Fri, 10 Nov 2023 00:18:29 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CFC5 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJxMEUAAAAABITPAWnvcn6gfW6AWRSUy_DqTxD&co=aHR0cHM6Ly9zZWN1cmUudHJhbnNheGdhdGV3YXkuY29tOjQ0Mw..&hl=de&v=3sU2vDRVDmUU2E0Ro4VadvPr&size=normal&cb=g5edk5armyyf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 02:58:03 GMT
x-content-type-options
nosniff
age
564146
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Oct 2024 02:58:03 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame CFC5 		102 B
133 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=3sU2vDRVDmUU2E0Ro4VadvPr
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJxMEUAAAAABITPAWnvcn6gfW6AWRSUy_DqTxD&co=aHR0cHM6Ly9zZWN1cmUudHJhbnNheGdhdGV3YXkuY29tOjQ0Mw..&hl=de&v=3sU2vDRVDmUU2E0Ro4VadvPr&size=normal&cb=g5edk5armyyf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7ffe61323539ba49fe99cd67ecf8ea8ee1f5d0a16f4b3566cb392d88bcfab491
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJxMEUAAAAABITPAWnvcn6gfW6AWRSUy_DqTxD&co=aHR0cHM6Ly9zZWN1cmUudHJhbnNheGdhdGV3YXkuY29tOjQ0Mw..&hl=de&v=3sU2vDRVDmUU2E0Ro4VadvPr&size=normal&cb=g5edk5armyyf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 15:40:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Fri, 03 Nov 2023 15:40:29 GMT
m=Das5Le
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.dZUEh5t69fE.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ylLQ0D... Frame DF96 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.dZUEh5t69fE.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ylLQ0DVug9w.L.B1.O/am=EIYY/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriH6vgB5hwS1BfFX5Lu8c7dPPDP3w/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.dZUEh5t69fE.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgQFwuzfs_U8bsdUi58_nTatb8yKA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e670ed3138ce1631c59261b27fbc1ce77fb9484a3cf6fb4c1055a4ab80c7868b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 16:25:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
170099
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27247
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 08:39:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 31 Oct 2024 16:25:30 GMT
pay
pay.google.com/gp/p/ui/ Frame DF96 		1 MB
376 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/pay
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.dZUEh5t69fE.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgQFwuzfs_U8bsdUi58_nTatb8yKA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0a::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3dfd8346074f020cd92afd311d09837dc707bfc4cb09fe4eb4f6f3a286f84fe5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-U1GjKwcULaQI-PncdYlkkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 15:40:29 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-U1GjKwcULaQI-PncdYlkkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
x-ua-compatible
IE=edge
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
unsafe-none
server
ESF
x-frame-options
DENY
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Fri, 03 Nov 2023 15:40:29 GMT
jserror
pay.google.com/gp/p/_/InstantbuyFrontendBuyflowPayframeUi/ Frame DF96 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/_/InstantbuyFrontendBuyflowPayframeUi/jserror?script=https%3A%2F%2Fpay.google.com%2Fgp%2Fp%2Fui%2Fpayframe%3Forigin%3Dhttps%253A%252F%252Fsecure.transaxgateway.com%26mid%3D&error=Failed%20to%20construct%20%27PaymentRequest%27%3A%20Must%20be%20in%20a%20top-level%20browsing%20context%20or%20an%20iframe%20needs%20to%20specify%20allow%3D%22payment%22%20explicitly&line=Not%20available
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.dZUEh5t69fE.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgQFwuzfs_U8bsdUi58_nTatb8yKA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0a::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport, script-src 'report-sample' 'nonce-7Oh9EM69zVBd6uQFS96tEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 03 Nov 2023 15:40:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport, script-src 'report-sample' 'nonce-7Oh9EM69zVBd6uQFS96tEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.dZUEh5t69fE.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ylLQ0D... Frame DF96 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.dZUEh5t69fE.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ylLQ0DVug9w.L.B1.O/am=EIYY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriH6vgB5hwS1BfFX5Lu8c7dPPDP3w/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.dZUEh5t69fE.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgQFwuzfs_U8bsdUi58_nTatb8yKA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d352dd04d825a5c78227fbbd3abe50f686a04fba43dcd8b8a365d78be33722c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 16:25:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
170099
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3931
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 08:39:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 31 Oct 2024 16:25:30 GMT
m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.dZUEh5t69fE.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ylLQ0D... Frame DF96 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.dZUEh5t69fE.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ylLQ0DVug9w.L.B1.O/am=EIYY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriH6vgB5hwS1BfFX5Lu8c7dPPDP3w/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.dZUEh5t69fE.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgQFwuzfs_U8bsdUi58_nTatb8yKA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05721517a8ccaba9f1b5748b8a4c6f1821793d29f3538faecbad680826b6afb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 16:25:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
170099
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14052
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 08:39:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 31 Oct 2024 16:25:30 GMT
log
play.google.com/ Frame DF96 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.dZUEh5t69fE.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgQFwuzfs_U8bsdUi58_nTatb8yKA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 03 Nov 2023 15:40:30 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 03 Nov 2023 15:40:30 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 03 Nov 2023 15:40:30 GMT
expires
Fri, 03 Nov 2023 15:40:30 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame DF96 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.dZUEh5t69fE.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgQFwuzfs_U8bsdUi58_nTatb8yKA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 03 Nov 2023 15:40:30 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 03 Nov 2023 15:40:30 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 03 Nov 2023 15:40:30 GMT
expires
Fri, 03 Nov 2023 15:40:30 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame DF96 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.dZUEh5t69fE.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgQFwuzfs_U8bsdUi58_nTatb8yKA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 03 Nov 2023 15:40:30 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 03 Nov 2023 15:40:30 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 03 Nov 2023 15:40:30 GMT
expires
Fri, 03 Nov 2023 15:40:30 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
bframe
www.google.com/recaptcha/api2/ Frame 39B6 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=3sU2vDRVDmUU2E0Ro4VadvPr&k=6LdJxMEUAAAAABITPAWnvcn6gfW6AWRSUy_DqTxD
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3342cf39053b356e456d17f77fd2c3558ea0a19d9dcf6816af32c95c942753a3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Kx1qvJwXQNh3POAKthphgg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.transaxgateway.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Kx1qvJwXQNh3POAKthphgg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 15:40:30 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/ Frame 39B6 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=3sU2vDRVDmUU2E0Ro4VadvPr&k=6LdJxMEUAAAAABITPAWnvcn6gfW6AWRSUy_DqTxD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 13:44:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6963
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 30 Oct 2023 02:02:02 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Nov 2024 13:44:27 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/ Frame 39B6 		470 KB
188 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=3sU2vDRVDmUU2E0Ro4VadvPr&k=6LdJxMEUAAAAABITPAWnvcn6gfW6AWRSUy_DqTxD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a57a9f18c1cd1427deb1df65b1b059636ddb7b36aa32fe394f094203feb1f99e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 12:31:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11364
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
192400
x-xss-protection
0
last-modified
Mon, 30 Oct 2023 02:02:02 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Nov 2024 12:31:06 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
secure.transaxgateway.com
URL
https://secure.transaxgateway.com/Styles/tx-icons.css
Domain
secure.transaxgateway.com
URL
https://secure.transaxgateway.com/Styles/fonts.css

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture function| $ function| jQuery object| webpackChunkfrontend_js object| regeneratorRuntime object| gm object| AFE object| RecaptchaOptions function| Navigation function| Site function| _createClass function| _classCallCheck function| Carousel function| SlideNavigation function| gtag object| dataLayer object| site object| slideNavigation object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

4 Cookies

Domain/Path Name / Value
.pamal.com/ Name: _ga_NCVC52ESHR
Value: GS1.1.1699026028.1.0.1699026028.0.0.0
.pamal.com/ Name: _ga
Value: GA1.1.1793321698.1699026029
.google.com/ Name: NID
Value: 511=vmJU_CuI8fQeDPJdy9NsSdA5bnzxzBZbJusEb7FqnGtS6SWV-EcjQqTq2nh9pEGvpMNl9JyjEHjG6R0lx3TkkMhuqCTYlss9dULhwEvlsReyL78IDK2EpQCLuhROZ0R6dYZrgAoUyx1BS1YJHwvtqvb5wgrhbcSF35h97aSbZqI
secure.transaxgateway.com/ Name: AWSALBCORS
Value: giQIo14L3r5+aUAAFeUEBNnC9hqgzDRyy9hopXpYmRTjprRkp5Xczzk0C5UsdLh2gQ8nd8J3U6yXb0JIIkz8HOP3f1128JXRzMCh5APnZ0bDGMarkvg7LjlCvHh7

15 Console Messages

Source Level URL
Text
security error URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=edVHtTpKWCuwz8MLv5//afNKSH1wG1kwflqvGZD%2Bghg%3D
Message:
Unrecognized Content-Security-Policy directive 'GOFORIT'.
other error URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=edVHtTpKWCuwz8MLv5//afNKSH1wG1kwflqvGZD%2Bghg%3D
Message:
Invalid 'X-Frame-Options' header encountered when loading 'https://secure.transaxgateway.com/': 'GOFORIT' is not a recognized directive. The header will be ignored.
security error URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=edVHtTpKWCuwz8MLv5//afNKSH1wG1kwflqvGZD%2Bghg%3D
Message:
Refused to apply style from 'https://secure.transaxgateway.com/Styles/fonts.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security error URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=edVHtTpKWCuwz8MLv5//afNKSH1wG1kwflqvGZD%2Bghg%3D
Message:
Refused to apply style from 'https://secure.transaxgateway.com/Styles/tx-icons.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
network error URL: https://secure.transaxgateway.com/HostedPaymentForm/ApplePayJSv1.js
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=edVHtTpKWCuwz8MLv5//afNKSH1wG1kwflqvGZD%2Bghg%3D
Message:
Refused to execute script from 'https://secure.transaxgateway.com/HostedPaymentForm/ApplePayJSv1.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
security error URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=edVHtTpKWCuwz8MLv5//afNKSH1wG1kwflqvGZD%2Bghg%3D
Message:
Failed to find a valid digest in the 'integrity' attribute for resource 'https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js' with computed SHA-512 integrity 'ymVZ3zh7rg8q9gwMcroxG4BkXAv5vIqKwyftaBA2XBWhUStuyTevDZ9yjlAchyfOB/hn4qkmXDY2XqWwPHAGgg=='. The resource has been blocked.
security error URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=edVHtTpKWCuwz8MLv5//afNKSH1wG1kwflqvGZD%2Bghg%3D
Message:
Failed to find a valid digest in the 'integrity' attribute for resource 'https://unpkg.com/axios/dist/axios.min.js' with computed SHA-512 integrity 'WrdC3CE9vf1nBf58JHepuWT4x24uTacky9fuzw2g/3L9JkihgwZ6Cfv+JGTtNyosOhEmttMtEZ6H3qJWfI7gIQ=='. The resource has been blocked.
security error URL: https://pay.google.com/gp/p/js/pay.js(Line 173)
Message:
Unrecognized Content-Security-Policy directive 'GOFORIT'.
security error URL: https://www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/recaptcha__de.js(Line 85)
Message:
Unrecognized Content-Security-Policy directive 'GOFORIT'.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/recaptcha__de.js(Line 280)
Message:
Unrecognized Content-Security-Policy directive 'GOFORIT'.
security error URL: https://www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/recaptcha__de.js(Line 280)
Message:
Unrecognized Content-Security-Policy directive 'GOFORIT'.
security error URL: https://www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/recaptcha__de.js(Line 399)
Message:
Unrecognized Content-Security-Policy directive 'GOFORIT'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.aiircdn.com
ads.aiir.net
applepay.cdn-apple.com
c.aiircdn.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
is3-ssl.mzstatic.com
mmo.aiircdn.com
pay.google.com
play.google.com
polyfill.io
region1.google-analytics.com
secure.transaxgateway.com
static.transaxgateway.com
unpkg.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.pamal.com
secure.transaxgateway.com
13.32.121.78
18.66.192.11
2001:4860:4802:32::36
2606:4700::6810:7caf
2606:4700::6812:493
2a00:1450:4001:801::200a
2a00:1450:4001:808::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:828::200e
2a00:1450:4001:830::2004
2a00:1450:4001:831::2003
2a00:1450:400c:c0a::5c
2a01:b740:a30:f000::201
2a02:26f0:2c:395::2a1
2a04:4e42:400::282
2a04:4e42::649
34.224.13.27
52.210.164.78
028530634b479a39a45a77216857fffc70fa654dee4da69129cbfd2563379981
05721517a8ccaba9f1b5748b8a4c6f1821793d29f3538faecbad680826b6afb3
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
14962ca468bd63574d7d0ea9b43226a86efc06d285083676e9bf308db9072412
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1dc60b613493f242077201a552d894e8b6bbf844396e92206441a3772e19f8d5
26fc84421ca9a8ac1619f9ed6952f0740e4e9db6cf0cfdecc80d05baa9e283d2
2b96d5985d1d97ed5a6ce6892b0778da2ebe76deb1a43465aa230f3cee3cd6ce
3011e17d6d096d9756a192a6c07e17c5e64b7acbb02b2f5ab9179ee8217ee592
3342cf39053b356e456d17f77fd2c3558ea0a19d9dcf6816af32c95c942753a3
34ae4591c72eff5ca9a68123476df240c645c978d51a7a5342f88dc72b74ff62
37384673af8d6661ec5ce9b017723426444f80b065e16e7a2a66d0fa81ed9fcf
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
3dfd8346074f020cd92afd311d09837dc707bfc4cb09fe4eb4f6f3a286f84fe5
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
4d6467ba36a4ba7c7a4e13cb4d330041a91efa524858ead06c50ad5b7460bc7a
4f3604f1ead4e51e75612bbe34446f8f91b84879fa85453e8ca46a664f78b3cf
4ff8a311c20d871eb917b464a63da00f76efcac353588708185dca450c1594d7
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5ca285d9a1b045e2dff9f0f842705d9d379df01b7c46607c7714d36f0de570b3
5fc1d6472e832d022ebdcc0c5ba3b99230b117a657eb425dec292448bc189a09
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
6d352dd04d825a5c78227fbbd3abe50f686a04fba43dcd8b8a365d78be33722c
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7ffe61323539ba49fe99cd67ecf8ea8ee1f5d0a16f4b3566cb392d88bcfab491
8665d2f44e09b242236e831e3fab1306845537140d22d3d6ad94eec6da493ab4
8aaef69b5f798f99583f9401814e896194b00017adc83fea26e4fd39c9f7e7b7
8df636ccf5cf4441c75e054ffd2a8be92a7d91d8688461e9b822bddff44fa59b
8ff665f46765a156d12b96a537e6af65f1a831ae83749ce6a01e7df75b565b48
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
a4d358effbac5b9c9a2bd0435570e65ae19026ecf5c0c48218c6cca0149bcc71
a57a9f18c1cd1427deb1df65b1b059636ddb7b36aa32fe394f094203feb1f99e
a5965df46f80d473c4e6f62e8f672256938a0aa6cc98bb8b44489a196766b81c
a95b499f9d269eaaf206deeb1819aecb4bf622d50cfa0ec4aaf485bba18cee7e
ad2a7f3953bb7cbe0db1123612fa709f693db69b2fcd95764c5deebd42cb6173
b2ca074e06b24a5adbed403260d9a354a1d13d2eb95f13c59740e3c378f5a0c3
c5a6c65e0659cd90e83bc3c9e6bd2cab63beca386a402ab362f64430653c98a8
c8452aecf501efe9bee7acd30843a8efd968cec7d59553eae6a98b0ff6e58401
c93614aadf70fd9db6b7c152daf7218e0c2fc742212f28d3a2b84e25469038f2
c951125ada6af0f0872b8309b360550dc5af5dea67338afe89fb3a3acdf6de45
d6c3f7dc1e4be2cf68438f04eae7852c00b6981d43a89a2b0524ed21ad54ec55
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e670ed3138ce1631c59261b27fbc1ce77fb9484a3cf6fb4c1055a4ab80c7868b
e6a388c7c2652bae41f28b4e508f6fd0392f3db08b7b0a65d0d75f1e35924e55
ec739605fbe09bad59017fdcb6306a7c67e4666f93678df8c8ad8d4a25e5d5df
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192
f5bf3d056289f66723c7ec91ba2e67d8b3279a48623627ba8d18d15308229577
fc8db7870587a768ae33540ede126501d2cf29670b3004708c422095745a1faf
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a