stripeapplepay.jjtestsite.us Open in urlscan Pro
18.235.204.176 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://stripeapplepay.jjtestsite.us/
Submission Tags: @phishunt_io
Submission: On August 13 via api (August 13th 2021, 5:13:45 pm UTC) from DE

Summary HTTP 67 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 6 domains to perform 67 HTTP transactions. The main IP is 18.235.204.176, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is stripeapplepay.jjtestsite.us.
TLS certificate: Issued by R3 on August 13th 2021. Valid for: 3 months.

This is the only time stripeapplepay.jjtestsite.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	18.235.204.176 18.235.204.176	14618 (AMAZON-AES) (AMAZON-AES)
18	52.84.45.84 52.84.45.84	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:401... 2a00:1450:4010:c05::5c	15169 (GOOGLE) (GOOGLE)
2	65.9.73.64 65.9.73.64	16509 (AMAZON-02) (AMAZON-02)
2	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
19	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	52.13.204.6 52.13.204.6	16509 (AMAZON-02) (AMAZON-02)
14	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
67	12

1 18.235.204.176 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-204-176.compute-1.amazonaws.com

stripeapplepay.jjtestsite.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 52.84.45.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-45-84.mrs52.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4010:c05::5c (Lappeenranta, Finland)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.73.64 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.13.204.6 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-13-204-6.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	stripe.com js.stripe.com r.stripe.com q.stripe.com m.stripe.com	414 KB
18	google.com pay.google.com play.google.com www.google.com	388 KB
5	gstatic.com www.gstatic.com	100 KB
2	stripe.network m.stripe.network	20 KB
1	google-analytics.com www.google-analytics.com	19 KB
1	jjtestsite.us stripeapplepay.jjtestsite.us	2 KB
67	6

	Domain	Requested by
19	q.stripe.com	stripeapplepay.jjtestsite.us
18	js.stripe.com	stripeapplepay.jjtestsite.us js.stripe.com
14	play.google.com	www.gstatic.com
5	www.gstatic.com	pay.google.com www.gstatic.com
3	pay.google.com	js.stripe.com pay.google.com www.gstatic.com
2	r.stripe.com	js.stripe.com
2	m.stripe.network	js.stripe.com m.stripe.network
1	www.google.com	www.gstatic.com
1	m.stripe.com	m.stripe.network
1	www.google-analytics.com	www.gstatic.com
1	stripeapplepay.jjtestsite.us
67	11

This site contains no links.

Subject Issuer	Validity	Valid
stripeapplepay.jjtestsite.us R3	`2021-08-13` - `2021-11-11`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2021-07-09` - `2021-11-03`	4 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.stripe.com DigiCert SHA2 Secure Server CA	`2021-01-12` - `2021-09-29`	9 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-13` - `2021-11-03`	4 months	crt.sh
www.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://stripeapplepay.jjtestsite.us/
Frame ID: 37E0E4D7D807AF097CA9FBCE3C8754FD
Requests: 3 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-439acd7f6e5119f0af591fe10f1cfc9d.html
Frame ID: 2F601CEC99AE6DCC190995FC5D34D605
Requests: 24 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-1c29559b424039959403b844a69a38bc.html
Frame ID: F7D86199BA90F0F1B71326BC84ECF633
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-535f63aaf1b18cffc85fedb3f3fe749a.html
Frame ID: A829E17202BFC629DEC3A45B8B6A1F39
Requests: 3 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-775bcd17e5e345e5c78406e66e355cd7.html
Frame ID: E4CD40A6D8F65C02CD947AAB885C2D29
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: E1E41E826546D71EF17B81A660012482
Requests: 3 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: E4D121A05F982FAD59FB7EF46229D40E
Requests: 16 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-payment-request-83dee4df0cb1025be8a64b41525d6776.html
Frame ID: 7DE7705D526FAE418C7281656089C3CB
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

script /js\.stripe\.com/i

Page Statistics

67
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

11
Subdomains

12
IPs

3
Countries

942 kB
Transfer

3235 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

67 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
stripeapplepay.jjtestsite.us/ 3 KB
2 KB 412ms
130ms Document
text/html 18.235.204.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://stripeapplepay.jjtestsite.us/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.235.204.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-235-204-176.compute-1.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 3be26adb244a81a485a3a55042d09644b8b1c8b4ab990d0b8de00b92c3f91bef

Request headers

Host: stripeapplepay.jjtestsite.us
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 17:13:25 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Fri, 13 Aug 2021 17:02:42 GMT
ETag: "cbd-5c973d1cf70b5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 1172
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

GET
H2 200 / Show response
js.stripe.com/v3/ 234 KB
63 KB 286ms
104ms Script
application/javascript 52.84.45.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: stripeapplepay.jjtestsite.us
URL: https://stripeapplepay.jjtestsite.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.45.84 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-45-84.mrs52.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

2d0c068778f9ddf50cfd9b3ba3dae7d045cad544b1b9efabeb647bef10fa170c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://stripeapplepay.jjtestsite.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 17:11:16 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 131
via: 1.1 f1647fac58c5fa2c4d7d531e7b786e56.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-request-id: PSZTXMT0N0NJKVEF
x-amz-id-2: xYEMajlR2L+CAirzBopngayAa96F9qXwUu7eMz1MoUTCSfgQB3sqyZtqYeHNt2JVU9BLH0Bm1FU=
last-modified: Thu, 12 Aug 2021 14:57:47 GMT
server: AmazonS3
etag: W/"b92df85813fb3e61b4be05d05c000af8"
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: MRS52-P1
timing-allow-origin: *
x-amz-cf-id: FVmT_M8MfLkyVUj6WzQLnKMQHZOp64szYVNjDl3HmKjxNkyQRwdfcw==

GET
H2 200 controller-439acd7f6e5119f0af591fe10f1cfc9d.html Show response
js.stripe.com/v3/ Frame 2F60 299 B
1 KB 92ms
92ms Document
text/html 52.84.45.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-439acd7f6e5119f0af591fe10f1cfc9d.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.45.84 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-45-84.mrs52.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5c6d2c5a1abcb98109b6dad7da0ec5d653b3936c3f519be0f015f2aa0a441dd6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/controller-439acd7f6e5119f0af591fe10f1cfc9d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://stripeapplepay.jjtestsite.us/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://stripeapplepay.jjtestsite.us/

Response headers

content-type: text/html; charset=utf-8
content-length: 299
x-amz-id-2: 0oUuyindRJ0wzCAF8o1H2ikIqhETVWmnFIbh5EMhWwy30lXQfkSEOHYLSSbriS8N8PgCrH6i48A=
x-amz-request-id: J4J09EKRNEHE7TC1
last-modified: Thu, 12 Aug 2021 14:39:05 GMT
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
access-control-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
date: Fri, 13 Aug 2021 17:10:42 GMT
cache-control: public, max-age=300
etag: "439acd7f6e5119f0af591fe10f1cfc9d"
x-cache: Hit from cloudfront
via: 1.1 f1647fac58c5fa2c4d7d531e7b786e56.cloudfront.net (CloudFront)
x-amz-cf-pop: MRS52-P1
x-amz-cf-id: RzVAKbBtOpQbJZmZ9JIo2gwHz8-7h0mD--IMpsL1S8A2adsYHBkPlg==
age: 165

GET
H2 200 payment-request-inner-google-pay-1c29559b424039959403b844a69a38bc.html Show response
js.stripe.com/v3/ Frame F7D8 384 B
1 KB 108ms
108ms Document
text/html 52.84.45.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-1c29559b424039959403b844a69a38bc.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.45.84 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-45-84.mrs52.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f5697b9d54a2ca2c8cc0cf62751658dbdf8e77a80f8a271700b68b421b4d4883

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; connect-src 'self' https://google.com/pay https://pay.google.com; script-src 'self' https://pay.google.com; style-src 'self' 'unsafe-inline'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com;
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/payment-request-inner-google-pay-1c29559b424039959403b844a69a38bc.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://stripeapplepay.jjtestsite.us/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://stripeapplepay.jjtestsite.us/

Response headers

content-type: text/html; charset=utf-8
content-length: 384
x-amz-id-2: zFF+o+qlaKFbD8V1zQ6SAQ7iHV0dLiuZPb2TBXPbGRgKBzDLGgTv+0tdB5TJa+tpuvZ4dK6PwhE=
x-amz-request-id: KTX08H68JGV1ENHT
last-modified: Thu, 12 Aug 2021 14:39:05 GMT
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
access-control-allow-origin: *
content-security-policy: default-src 'none'; connect-src 'self' https://google.com/pay https://pay.google.com; script-src 'self' https://pay.google.com; style-src 'self' 'unsafe-inline'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com;
date: Fri, 13 Aug 2021 17:13:26 GMT
cache-control: public, max-age=300
etag: "1c29559b424039959403b844a69a38bc"
x-cache: Hit from cloudfront
via: 1.1 f1647fac58c5fa2c4d7d531e7b786e56.cloudfront.net (CloudFront)
x-amz-cf-pop: MRS52-P1
x-amz-cf-id: lFY_xw2oa5WXOwfhrY692OLIqWFCSNpjzVkwjjJ6YAOSBZ88pMOJbw==

GET
H2 200 payment-request-inner-browser-535f63aaf1b18cffc85fedb3f3fe749a.html Show response
js.stripe.com/v3/ Frame A829 320 B
1 KB 94ms
94ms Document
text/html 52.84.45.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-535f63aaf1b18cffc85fedb3f3fe749a.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.45.84 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-45-84.mrs52.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

bf45cb63376d70528ea20c34a4dad9b37c3bde6bd8bd02debbfd31b4ff2eaf52

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://google.com/pay https://pay.google.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/payment-request-inner-browser-535f63aaf1b18cffc85fedb3f3fe749a.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://stripeapplepay.jjtestsite.us/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://stripeapplepay.jjtestsite.us/

Response headers

content-type: text/html; charset=utf-8
content-length: 320
x-amz-id-2: 8BGOpHuB/BjDrJ7oIv92NIBWJ1U0ZOURYOxUhZ1RIDy1lQPIZeRGgJNFfoUtljdCvQ2aAVZ45J4=
x-amz-request-id: J4JACNYT09913B32
last-modified: Thu, 12 Aug 2021 14:38:59 GMT
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
access-control-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://google.com/pay https://pay.google.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; font-src data: https:; media-src 'none'; object-src 'self';
date: Fri, 13 Aug 2021 17:12:30 GMT
cache-control: public, max-age=300
etag: "535f63aaf1b18cffc85fedb3f3fe749a"
x-cache: Hit from cloudfront
via: 1.1 f1647fac58c5fa2c4d7d531e7b786e56.cloudfront.net (CloudFront)
x-amz-cf-pop: MRS52-P1
x-amz-cf-id: vl34MqMDZbAMNn1Gn1AgIyGZecJctGp1WyFKPBRLwQX9pSslsFRa6w==
age: 100

GET
H2 200 m-outer-775bcd17e5e345e5c78406e66e355cd7.html Show response
js.stripe.com/v3/ Frame E4CD 215 B
956 B 93ms
93ms Document
text/html 52.84.45.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-775bcd17e5e345e5c78406e66e355cd7.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.45.84 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-45-84.mrs52.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4de975f97fecd028e959b36ad8636ff6b418f8894caa2ec16cf18581643ece47

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/m-outer-775bcd17e5e345e5c78406e66e355cd7.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://stripeapplepay.jjtestsite.us/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://stripeapplepay.jjtestsite.us/

Response headers

content-type: text/html; charset=utf-8
content-length: 215
x-amz-id-2: h/77cOyK5++wxQ5NaQfYwU64yw+ArkYvy/gXMi4vM/2XzUSsm/5soIR7+UVoI7Py45FUUgEdzVA=
x-amz-request-id: G9W3ZEXBY8ZXPHKH
last-modified: Wed, 04 Aug 2021 20:44:45 GMT
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
access-control-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
date: Fri, 13 Aug 2021 17:09:54 GMT
cache-control: public, max-age=300
etag: "775bcd17e5e345e5c78406e66e355cd7"
x-cache: Hit from cloudfront
via: 1.1 f1647fac58c5fa2c4d7d531e7b786e56.cloudfront.net (CloudFront)
x-amz-cf-pop: MRS52-P1
x-amz-cf-id: SqYvjXii1eAAfL3Ram4lL9I4XSXHxLh__jynpqgXtBUNgKINge4xgg==
age: 212

GET
H2 200 shared-4fb7b7c956e1a2dd82ef4a7d861eb421.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2F60 175 KB
49 KB 98ms
97ms Script
application/javascript 52.84.45.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-4fb7b7c956e1a2dd82ef4a7d861eb421.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-439acd7f6e5119f0af591fe10f1cfc9d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.45.84 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-45-84.mrs52.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5f5c57d466c11734736eb943a2c4b253244b4af4e9fb0cec234ad20fb6217902

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/controller-439acd7f6e5119f0af591fe10f1cfc9d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 17:10:08 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 199
via: 1.1 f1647fac58c5fa2c4d7d531e7b786e56.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-request-id: GWFZMEN1V0CMC11F
x-amz-id-2: UbM9pzbnEIPXfynM2KlTyvO2bw+1U7stWW/5+NzKON6HYwOO34hXN4XYcFOvRZQ/tDKuggFN2Ag=
last-modified: Thu, 12 Aug 2021 14:38:59 GMT
server: AmazonS3
etag: W/"fb3244a464ce2da6dcb15f4a5eed8849"
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: MRS52-P1
timing-allow-origin: *
x-amz-cf-id: RU-PpsXx_9YBF_9q4EwST0UNDn5uRmPsRhmT1wufV1ciQzTT0BoI3g==

GET
H2 200 controller-a7ce8e288bb25005853b79feb30d5bc6.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2F60 184 KB
47 KB 135ms
135ms Script
application/javascript 52.84.45.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-a7ce8e288bb25005853b79feb30d5bc6.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-439acd7f6e5119f0af591fe10f1cfc9d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.45.84 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-45-84.mrs52.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

1c2908910a1e9797577c2c5ce84ae1f558013df392daf62b7378f9c291f399ee

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/controller-439acd7f6e5119f0af591fe10f1cfc9d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: W/"3916649b95e6f75fd60f5d57a3e87cc8"
age: 198
via: 1.1 f1647fac58c5fa2c4d7d531e7b786e56.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-request-id: D15H8SKSJE71G1AM
x-amz-id-2: VXqhL9QJQGE15FUHCvg+tW2t+KZ6K1lctsoS5EKFJuJQF3yIiAtSsqHBeevtvEc1fQj/C9S+Jl8=
last-modified: Thu, 12 Aug 2021 14:39:00 GMT
server: AmazonS3
date: Fri, 13 Aug 2021 17:10:09 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: MRS52-P1
timing-allow-origin: *
x-amz-cf-id: -Jzimd3Qrhj9tc8Z-vZvbFlFLVzil5myUbGfLdQaYxgDtwAEP4ePwg==

GET
H2 200 shared-4fb7b7c956e1a2dd82ef4a7d861eb421.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame A829 175 KB
49 KB 115ms
115ms Script
application/javascript 52.84.45.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-4fb7b7c956e1a2dd82ef4a7d861eb421.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-535f63aaf1b18cffc85fedb3f3fe749a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.45.84 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-45-84.mrs52.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5f5c57d466c11734736eb943a2c4b253244b4af4e9fb0cec234ad20fb6217902

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/payment-request-inner-browser-535f63aaf1b18cffc85fedb3f3fe749a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: W/"fb3244a464ce2da6dcb15f4a5eed8849"
age: 199
via: 1.1 f1647fac58c5fa2c4d7d531e7b786e56.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-request-id: SP9T4N3VY3N7FWGJ
x-amz-id-2: YmqE481jMPVAl0kirFfaaI9nzwHs5hOywv+RGcyytfR3zNTq7DVARBIDqhBCYIoo7g1NTvtJlcA=
last-modified: Thu, 12 Aug 2021 14:38:59 GMT
server: AmazonS3
date: Fri, 13 Aug 2021 17:10:08 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: MRS52-P1
timing-allow-origin: *
x-amz-cf-id: AcaqGJG6A4TPgTHLu_iuwS4vRIRxr4UMiME7FVmI-16zIvXTvoieng==

GET
H2 200 payment-request-inner-browser-280e092614a7fef79439865137de6fc3.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame A829 11 KB
5 KB 92ms
91ms Script
application/javascript 52.84.45.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-280e092614a7fef79439865137de6fc3.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-535f63aaf1b18cffc85fedb3f3fe749a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.45.84 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-45-84.mrs52.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

270fe718917cbf7e9dba9f517b374e88be11de50611032250abf2bd88be6a544

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/payment-request-inner-browser-535f63aaf1b18cffc85fedb3f3fe749a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: W/"46abc66d38ca886f3c418dcb5fb06de1"
age: 145
via: 1.1 f1647fac58c5fa2c4d7d531e7b786e56.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-request-id: H8KBHGM7N4NK1484
x-amz-id-2: Q+S41GcPqtMVcJ3uw+n6mHvP+3Wi/3BBf8soGPzZp/wo7FY1SnVzwjPbREUqLlNNW90jqySKBsQ=
last-modified: Thu, 12 Aug 2021 14:39:01 GMT
server: AmazonS3
date: Fri, 13 Aug 2021 17:11:23 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: MRS52-P1
timing-allow-origin: *
x-amz-cf-id: S6Y9D1bkQlnG0ftgo_HncnU9EypSW-JWzdk0HZRsWvjWWqbsjSbruA==

GET
H2 200 m-outer-6d5bfd64b1e0529131bed3eaf87b7c9b.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E4CD 1 KB
1 KB 133ms
133ms Script
application/javascript 52.84.45.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-6d5bfd64b1e0529131bed3eaf87b7c9b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-775bcd17e5e345e5c78406e66e355cd7.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.45.84 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-45-84.mrs52.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

691b9a514dcd9541c4d3fa26dc23c391eaf00535415d84f9cda5f910fe721840

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/m-outer-775bcd17e5e345e5c78406e66e355cd7.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: W/"78581b5abad6c4e7b59c0f8ee45a8134"
age: 15
via: 1.1 f1647fac58c5fa2c4d7d531e7b786e56.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-request-id: 9JCG9KZQ9Q4RBFHC
x-amz-id-2: wncG+PTaGjHYAPjYUOPLeAd8YUkBEzUtcE5j0LvVUkrIt29kZPqmrCrDxlZM7p2G4h7lacT8lI8=
last-modified: Wed, 04 Aug 2021 20:44:37 GMT
server: AmazonS3
date: Fri, 13 Aug 2021 17:13:12 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: MRS52-P1
timing-allow-origin: *
x-amz-cf-id: gqwtKu8oqtdnPypimsX6GGNj1qYEPgB1eIhS0bMMPR4KgOp-HR1FBQ==

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame F7D8 95 KB
31 KB 131ms
48ms Script
application/javascript 2a00:1450:4010:c05::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-1c29559b424039959403b844a69a38bc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4010:c05::5c Lappeenranta, Finland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

007437cc9f13d9ffa56f1de428bab19328b2d714b22ce1e97f3c7d5b01a8dae2

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-QmE5c86CgaBMHEpuu5j/Vw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-QmE5c86CgaBMHEpuu5j/Vw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 17:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
cross-origin-opener-policy: same-origin; report-to="InstantbuyFrontendHttp"
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"InstantbuyFrontendHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-QmE5c86CgaBMHEpuu5j/Vw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-QmE5c86CgaBMHEpuu5j/Vw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport
expires: Fri, 13 Aug 2021 17:13:26 GMT

GET
H2 200 shared-4fb7b7c956e1a2dd82ef4a7d861eb421.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F7D8 175 KB
49 KB 152ms
152ms Script
application/javascript 52.84.45.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-4fb7b7c956e1a2dd82ef4a7d861eb421.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-1c29559b424039959403b844a69a38bc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.45.84 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-45-84.mrs52.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5f5c57d466c11734736eb943a2c4b253244b4af4e9fb0cec234ad20fb6217902

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-1c29559b424039959403b844a69a38bc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: W/"fb3244a464ce2da6dcb15f4a5eed8849"
age: 199
via: 1.1 f1647fac58c5fa2c4d7d531e7b786e56.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-request-id: FFTJPNZANNDB40XG
x-amz-id-2: HWJgq3WaTkmi946Saxqh5h16YPEQOD2mJs4rWXdbnVGPTClnbtUxfq/MvoU6UGoUwUKzTSuSXno=
last-modified: Thu, 12 Aug 2021 14:38:59 GMT
server: AmazonS3
date: Fri, 13 Aug 2021 17:10:09 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: MRS52-P1
timing-allow-origin: *
x-amz-cf-id: 75cl0uu6zJ4BEp2lag2RJH5Mjunxa7SESvi9wooADWUbQnlzdNfLpg==

GET
H2 200 payment-request-inner-google-pay-8ca17b3a1769ff048434c069111aaff6.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F7D8 13 KB
5 KB 132ms
131ms Script
application/javascript 52.84.45.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-8ca17b3a1769ff048434c069111aaff6.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-1c29559b424039959403b844a69a38bc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.45.84 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-45-84.mrs52.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

fc1a13622436fd0ee80433c77f305d8c3a081c2910a411592c0366995553671d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-1c29559b424039959403b844a69a38bc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 17:09:28 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 239
via: 1.1 f1647fac58c5fa2c4d7d531e7b786e56.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-request-id: YNZ2ZXRFGJCVRF44
x-amz-id-2: 43tGISgOZ/9Cr54bJ01Dt6slbp3ejtSqK8sNdbGc3RTomgEXP7mFb7ABAeIzEojLbYKZk3Ciw3c=
last-modified: Wed, 04 Aug 2021 20:44:39 GMT
server: AmazonS3
etag: W/"1eae113584971cc7b3f56acb1849cd21"
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: MRS52-P1
timing-allow-origin: *
x-amz-cf-id: UNiJIEw3Zms_rlBHt19P_SOoWpeJKMEfADpSrxgViAvW8BryIPOyog==

GET
H2 200 inner.html Show response
m.stripe.network/ Frame E1E4 932 B
1 KB 156ms
49ms Document
text/html 65.9.73.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6d5bfd64b1e0529131bed3eaf87b7c9b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.73.64 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c4a8402fde1e397bcabe7467c0de035e7851eeb1bad9af5d1b67487e7d7f2a4a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: m.stripe.network
:scheme: https
:path: /inner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://js.stripe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Thu, 12 Aug 2021 00:00:27 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-encoding: gzip
date: Fri, 13 Aug 2021 17:10:55 GMT
cache-control: public, max-age=300
etag: W/"6114649b-3a4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: JB-MFCpUsUsCGWnPKN1D4YxYr7pMB2gOHenyI_meg7uqbdtdMLfYeQ==
age: 151

POST
H2 200 0 Show response
r.stripe.com/ Frame 2F60 0
214 B 635ms
212ms XHR
application/octet-stream 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4fb7b7c956e1a2dd82ef4a7d861eb421.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 13 Aug 2021 17:13:27 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
content-length: 0

GET
H3-29 200 payframe Show response
pay.google.com/gp/p/ui/ Frame E4D1 17 KB
7 KB 126ms
51ms Document
text/html 2a00:1450:4010:c05::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4010:c05::5c Lappeenranta, Finland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8f96189d061fc4b87f3dfd454ead6d52c12375f549e29244ca20ef47962bf90b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yaa8c/9nIdoSUVMOag/+Fg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-yaa8c/9nIdoSUVMOag/+Fg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pay.google.com
:scheme: https
:path: /gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://js.stripe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=221=aEP50zKwCN0or9ZpOq51PL_QIGKrBn_Kl3ozlpg5MgJwNk7i5T7vBnT43E-UdK2IJsCOs8xsiBi7pCqVG31z0mIZUf-t0wH3T0BGSjGO_OEISl2JpVHWp0VFzUhy5-wA418TCWbIGllaLkxZygt7-bR6QJJW4v8eN6xhgYUKGg4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
expires: Fri, 13 Aug 2021 17:13:26 GMT
date: Fri, 13 Aug 2021 17:13:26 GMT
cache-control: private, max-age=3600
strict-transport-security: max-age=31536000
content-security-policy: script-src 'report-sample' 'nonce-yaa8c/9nIdoSUVMOag/+Fg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-yaa8c/9nIdoSUVMOag/+Fg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
cross-origin-opener-policy: same-origin; report-to="InstantbuyFrontendBuyflowPayframeUi"
report-to: {"group":"InstantbuyFrontendBuyflowPayframeUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayframeUi/external"}]}
cross-origin-resource-policy: same-site
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 /
q.stripe.com/ Frame 2F60 43 B
286 B 625ms
206ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.fetch_locale&event_count=2&timestamp=1628874806611&event_id=e5b8cf20-2a8f-4471-8a8e-d6e214887f5e&os=Windows&browserFamily=Chrome&version=71deb8c0e&key=pk_test_TYooMQauvdEDq54NiTphI7jx&referrer=https%3A%2F%2Fstripeapplepay.jjtestsite.us&stripe_js_id=2cfbc145-a86b-406e-91fa-8c14d340ec00&controller_load_time=1628874806570&wrapper=unknown&es_module=false&frame_width=1600

Requested by

Host: stripeapplepay.jjtestsite.us
URL: https://stripeapplepay.jjtestsite.us/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 17:13:27 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 2F60 43 B
285 B 625ms
207ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.pr.options&event_count=3&timestamp=1628874806612&event_id=46fb8b84-c457-407b-bc95-76343c0390fc&os=Windows&browserFamily=Chrome&version=71deb8c0e&key=pk_test_TYooMQauvdEDq54NiTphI7jx&referrer=https%3A%2F%2Fstripeapplepay.jjtestsite.us&stripe_js_id=2cfbc145-a86b-406e-91fa-8c14d340ec00&controller_load_time=1628874806570&wrapper=unknown&es_module=false&frame_width=1600&options-country=US&options-currency=usd&options-requestPayerEmail=true&options-requestPayerName=true&usesButtonElement=false

Requested by

Host: stripeapplepay.jjtestsite.us
URL: https://stripeapplepay.jjtestsite.us/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 17:13:27 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 2F60 43 B
285 B 625ms
207ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.pr.query_strategy&event_count=4&timestamp=1628874806612&event_id=0d252135-a483-44e6-b0df-5419ca645973&os=Windows&browserFamily=Chrome&version=71deb8c0e&key=pk_test_TYooMQauvdEDq54NiTphI7jx&referrer=https%3A%2F%2Fstripeapplepay.jjtestsite.us&stripe_js_id=2cfbc145-a86b-406e-91fa-8c14d340ec00&controller_load_time=1628874806570&wrapper=unknown&es_module=false&frame_width=1600&queryStrategy=GOOGLE_PAY+BROWSER&usesButtonElement=false

Requested by

Host: stripeapplepay.jjtestsite.us
URL: https://stripeapplepay.jjtestsite.us/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 17:13:27 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 2F60 43 B
285 B 624ms
207ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.fetch_locale&event_count=5&timestamp=1628874806613&event_id=ce57951d-0b42-4361-9019-da4644173ba9&os=Windows&browserFamily=Chrome&version=71deb8c0e&key=pk_test_TYooMQauvdEDq54NiTphI7jx&referrer=https%3A%2F%2Fstripeapplepay.jjtestsite.us&stripe_js_id=2cfbc145-a86b-406e-91fa-8c14d340ec00&controller_load_time=1628874806570&wrapper=unknown&es_module=false&frame_width=1600

Requested by

Host: stripeapplepay.jjtestsite.us
URL: https://stripeapplepay.jjtestsite.us/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 17:13:27 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 2F60 43 B
285 B 625ms
208ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.fetch_locale&event_count=6&timestamp=1628874806614&event_id=64e70530-29b3-435c-98eb-5de4fadef0de&os=Windows&browserFamily=Chrome&version=71deb8c0e&key=pk_test_TYooMQauvdEDq54NiTphI7jx&referrer=https%3A%2F%2Fstripeapplepay.jjtestsite.us&stripe_js_id=2cfbc145-a86b-406e-91fa-8c14d340ec00&controller_load_time=1628874806570&wrapper=unknown&es_module=false&frame_width=1600

Requested by

Host: stripeapplepay.jjtestsite.us
URL: https://stripeapplepay.jjtestsite.us/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 17:13:27 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 2F60 43 B
285 B 624ms
208ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.elements&event_count=7&timestamp=1628874806614&event_id=16c6e067-4200-4ef5-b0a3-f433fd2f981a&os=Windows&browserFamily=Chrome&version=71deb8c0e&key=pk_test_TYooMQauvdEDq54NiTphI7jx&referrer=https%3A%2F%2Fstripeapplepay.jjtestsite.us&stripe_js_id=2cfbc145-a86b-406e-91fa-8c14d340ec00&controller_load_time=1628874806570&wrapper=unknown&es_module=false&frame_width=1600

Requested by

Host: stripeapplepay.jjtestsite.us
URL: https://stripeapplepay.jjtestsite.us/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 17:13:27 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 2F60 43 B
285 B 210ms
209ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.fetch_locale&event_count=8&timestamp=1628874806615&event_id=6979aad1-fc69-43a2-9037-976b7342adf8&os=Windows&browserFamily=Chrome&version=71deb8c0e&key=pk_test_TYooMQauvdEDq54NiTphI7jx&referrer=https%3A%2F%2Fstripeapplepay.jjtestsite.us&stripe_js_id=2cfbc145-a86b-406e-91fa-8c14d340ec00&controller_load_time=1628874806570&wrapper=unknown&es_module=false&frame_width=1600

Requested by

Host: stripeapplepay.jjtestsite.us
URL: https://stripeapplepay.jjtestsite.us/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 17:13:27 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 2F60 43 B
285 B 210ms
209ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.pr.can_make_payment&event_count=9&timestamp=1628874806615&event_id=b00f4dc2-90c9-4336-8361-a3f339de97a5&os=Windows&browserFamily=Chrome&version=71deb8c0e&key=pk_test_TYooMQauvdEDq54NiTphI7jx&referrer=https%3A%2F%2Fstripeapplepay.jjtestsite.us&stripe_js_id=2cfbc145-a86b-406e-91fa-8c14d340ec00&controller_load_time=1628874806570&wrapper=unknown&es_module=false&frame_width=1600&usesButtonElement=true

Requested by

Host: stripeapplepay.jjtestsite.us
URL: https://stripeapplepay.jjtestsite.us/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 17:13:27 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 2F60 43 B
285 B 211ms
210ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.timings&event_count=10&timestamp=1628874806617&event_id=842c4462-8af3-47ee-901f-a8a9b4cdd784&os=Windows&browserFamily=Chrome&version=71deb8c0e&key=pk_test_TYooMQauvdEDq54NiTphI7jx&referrer=https%3A%2F%2Fstripeapplepay.jjtestsite.us&stripe_js_id=2cfbc145-a86b-406e-91fa-8c14d340ec00&controller_load_time=1628874806570&wrapper=unknown&es_module=false&frame_width=1600&element=ControllerApp&dom_loading=186&dom_interactive=378&dom_complete=378&since_sjs_load=387&since_stripe_create=383&since_create=383&mount_duration=379&since_fetch=376&load_count=1&match_frame=true&resource_timings-shared.js-transfer_size=49959&resource_timings-shared.js-duration=110&resource_timings-controller.js-transfer_size=48513&resource_timings-controller.js-duration=153

Requested by

Host: stripeapplepay.jjtestsite.us
URL: https://stripeapplepay.jjtestsite.us/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 17:13:27 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 out-4.5.40.js Show response
m.stripe.network/ Frame E1E4 85 KB
19 KB 59ms
59ms Script
application/x-javascript 65.9.73.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.40.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.73.64 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6a6915872afa798395a56c7aa50d086cb325ff7214ad78ada3c7a96350bbad39

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: W/"6114649b-154bc"
age: 45
x-cache: Hit from cloudfront
last-modified: Thu, 12 Aug 2021 00:00:27 GMT
server: nginx
date: Fri, 13 Aug 2021 17:12:41 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: AMS1-C1
timing-allow-origin: *
x-amz-cf-id: 5_njmpBZxDLwKEQjwAD3d_ec04wGsdeDN1qQdR5LLskCd7sWFKmkgw==

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Oyg1SKj1wgE.es5.O/am=QgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrix0... Frame E4D1 146 KB
51 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Oyg1SKj1wgE.es5.O/am=QgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrix0UFRsLsWoQZd0EbtXLN61hdbXQ/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1da12ea28facb834150e90b9e7c121149da4b58f23a92c471643b7e704835eac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:26:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89246
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52056
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 23:26:50 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Aug 2022 16:26:00 GMT

GET
H3-29 200 m=byfTOb,lsjVmc,LEikZe Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Oyg1SKj1wgE.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Zlc... Frame E4D1 35 KB
13 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Oyg1SKj1wgE.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Zlcoliltf-k.L.B1.O/am=QgAC/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/rs=AMitfrjwHDWspeGQgye26nMAbYmbo70sHA/m=byfTOb,lsjVmc,LEikZe

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Oyg1SKj1wgE.es5.O/am=QgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrix0UFRsLsWoQZd0EbtXLN61hdbXQ/m=_b,_tp

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad2b1ac574fb1162e655a2ed48c24d3369259562e158bdb7a8e6db7907287971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:56:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87412
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13289
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 19:28:50 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Aug 2022 16:56:34 GMT

GET
H3-29 200 m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Oyg1SKj1wgE.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Zlc... Frame E4D1 72 KB
26 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Oyg1SKj1wgE.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Zlcoliltf-k.L.B1.O/am=QgAC/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/ed=1/wt=2/rs=AMitfrjwHDWspeGQgye26nMAbYmbo70sHA/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Oyg1SKj1wgE.es5.O/am=QgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrix0UFRsLsWoQZd0EbtXLN61hdbXQ/m=_b,_tp

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dd8a71fd7abb36bdbfe0666cbc4ac099b3dbc9a7653bf6c803514ee3170bf33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:56:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87412
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26688
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 19:28:50 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Aug 2022 16:56:34 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame E4D1 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Oyg1SKj1wgE.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Zlcoliltf-k.L.B1.O/am=QgAC/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/ed=1/wt=2/rs=AMitfrjwHDWspeGQgye26nMAbYmbo70sHA/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 7185
date: Fri, 13 Aug 2021 15:13:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Fri, 13 Aug 2021 17:13:41 GMT

GET
H3-29 200 pay Show response
pay.google.com/gp/p/ui/ Frame E4D1 1 MB
348 KB 58ms
58ms XHR
text/html 2a00:1450:4010:c05::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Oyg1SKj1wgE.es5.O/am=QgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrix0UFRsLsWoQZd0EbtXLN61hdbXQ/m=_b,_tp

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4010:c05::5c Lappeenranta, Finland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

373e07bbe8f09b1833aee8b125890e3e751bddac01acf7fb25ae77188e4935c3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nMou80s+Wbgr7hKSYg4XBA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-nMou80s+Wbgr7hKSYg4XBA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge
server: ESF
cross-origin-opener-policy: unsafe-none; report-to="InstantbuyFrontendBuyflowPayUi"
date: Fri, 13 Aug 2021 17:13:26 GMT
x-frame-options: DENY
report-to: {"group":"InstantbuyFrontendBuyflowPayUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayUi/external"}]}
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: private, max-age=3600
content-security-policy: script-src 'report-sample' 'nonce-nMou80s+Wbgr7hKSYg4XBA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-nMou80s+Wbgr7hKSYg4XBA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
expires: Fri, 13 Aug 2021 17:13:26 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame E1E4 156 B
518 B 667ms
213ms XHR
text/plain 52.13.204.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.40.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.13.204.6 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-13-204-6.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

7edf6ec7405f9c09b0a7ae23c05d1c0bf18c3185ad94aaded258cf1202634eca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 13 Aug 2021 17:13:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
strict-transport-security: max-age=31556926; includeSubDomains; preload
access-control-allow-headers: Content-Type

POST
H3-29 200 log Show response
play.google.com/ Frame E4D1 131 B
155 B 55ms
41ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Oyg1SKj1wgE.es5.O/am=QgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrix0UFRsLsWoQZd0EbtXLN61hdbXQ/m=_b,_tp

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 13 Aug 2021 17:13:27 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 13 Aug 2021 17:13:27 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 58ms
37ms Preflight
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 13 Aug 2021 17:13:27 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 13 Aug 2021 17:13:27 GMT
cache-control: private

POST
H3-29 200 log Show response
play.google.com/ Frame E4D1 131 B
155 B 55ms
42ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Oyg1SKj1wgE.es5.O/am=QgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrix0UFRsLsWoQZd0EbtXLN61hdbXQ/m=_b,_tp

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 13 Aug 2021 17:13:27 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 13 Aug 2021 17:13:27 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 43ms
38ms Preflight
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 13 Aug 2021 17:13:27 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 13 Aug 2021 17:13:27 GMT
cache-control: private

POST
H3-29 200 log Show response
play.google.com/ Frame E4D1 131 B
155 B 49ms
40ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Oyg1SKj1wgE.es5.O/am=QgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrix0UFRsLsWoQZd0EbtXLN61hdbXQ/m=_b,_tp

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 13 Aug 2021 17:13:27 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 13 Aug 2021 17:13:27 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 37ms
37ms Preflight
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 13 Aug 2021 17:13:27 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 13 Aug 2021 17:13:27 GMT
cache-control: private

POST
H3-29 200 log Show response
play.google.com/ Frame E4D1 131 B
155 B 43ms
40ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Oyg1SKj1wgE.es5.O/am=QgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrix0UFRsLsWoQZd0EbtXLN61hdbXQ/m=_b,_tp

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 13 Aug 2021 17:13:27 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 13 Aug 2021 17:13:27 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 38ms
37ms Preflight
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 13 Aug 2021 17:13:27 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 13 Aug 2021 17:13:27 GMT
cache-control: private

POST
H3-29 200 log Show response
play.google.com/ Frame E4D1 131 B
155 B 41ms
41ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Oyg1SKj1wgE.es5.O/am=QgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrix0UFRsLsWoQZd0EbtXLN61hdbXQ/m=_b,_tp

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 13 Aug 2021 17:13:27 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 13 Aug 2021 17:13:27 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 37ms
37ms Preflight
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 13 Aug 2021 17:13:27 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 13 Aug 2021 17:13:27 GMT
cache-control: private

POST
H3-29 200 log Show response
play.google.com/ Frame E4D1 131 B
155 B 40ms
39ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Oyg1SKj1wgE.es5.O/am=QgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrix0UFRsLsWoQZd0EbtXLN61hdbXQ/m=_b,_tp

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 13 Aug 2021 17:13:27 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 13 Aug 2021 17:13:27 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 37ms
37ms Preflight
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 13 Aug 2021 17:13:27 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 13 Aug 2021 17:13:27 GMT
cache-control: private

GET
H2 200 /
q.stripe.com/ Frame 2F60 43 B
285 B 207ms
207ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.timings&event_count=11&timestamp=1628874807084&event_id=8dc54667-dd66-4e20-aa0b-8fc19f8b1c61&os=Windows&browserFamily=Chrome&version=71deb8c0e&key=pk_test_TYooMQauvdEDq54NiTphI7jx&referrer=https%3A%2F%2Fstripeapplepay.jjtestsite.us&stripe_js_id=2cfbc145-a86b-406e-91fa-8c14d340ec00&controller_load_time=1628874806570&wrapper=unknown&es_module=false&frame_width=1600&element=outer&dom_loading=415&dom_interactive=782&dom_complete=1608&since_fetch=762&load_count=1&load_before_dom_content_loaded=true&load_ready_state=loading&first_create_ready_state=loading&first_mount_readyState=loading&until_first_create=3&until_first_mount=8&until_first_load=417&resource_timings-stripe.js-transfer_size=64876&resource_timings-stripe.js-duration=329&resource_timings-controller.html-transfer_size=1087&resource_timings-controller.html-duration=93&resource_timings-payment-request-inner-google-pay.html-transfer_size=1141&resource_timings-payment-request-inner-google-pay.html-duration=110&resource_timings-payment-request-inner-browser.html-transfer_size=1139&resource_timings-payment-request-inner-browser.html-duration=95&resource_timings-m-outer.html-transfer_size=956&resource_timings-m-outer.html-duration=95

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 17:13:27 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H3-29 200 m=Wt6vjf,_latency,FCpbqb,WhJNk,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Oyg1SKj1wgE.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Zlc... Frame E4D1 25 KB
10 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Oyg1SKj1wgE.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Zlcoliltf-k.L.B1.O/am=QgAC/d=1/exm=Das5Le,IZT63,LEikZe,PrPYRd,Ru0Pgb,ZyYHPb,_b,_tp,byfTOb,hc6Ubd,lsjVmc,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/ed=1/wt=2/rs=AMitfrjwHDWspeGQgye26nMAbYmbo70sHA/m=Wt6vjf,_latency,FCpbqb,WhJNk,EFQ78c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Oyg1SKj1wgE.es5.O/am=QgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrix0UFRsLsWoQZd0EbtXLN61hdbXQ/m=_b,_tp

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e56f86b0dcc3bcba8030f1c84503819037a6c9ce1e1310abd3f2c5313a494831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:56:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87412
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10263
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 19:28:50 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Aug 2022 16:56:35 GMT

GET
H3-29 200 m=lwddkf Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Oyg1SKj1wgE.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Zlc... Frame E4D1 260 B
192 B 8ms
8ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Oyg1SKj1wgE.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Zlcoliltf-k.L.B1.O/am=QgAC/d=1/exm=Das5Le,EFQ78c,FCpbqb,IZT63,LEikZe,PrPYRd,Ru0Pgb,WhJNk,Wt6vjf,ZyYHPb,_b,_latency,_tp,byfTOb,hc6Ubd,lsjVmc,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/ed=1/wt=2/rs=AMitfrjwHDWspeGQgye26nMAbYmbo70sHA/m=lwddkf

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Oyg1SKj1wgE.es5.O/am=QgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrix0UFRsLsWoQZd0EbtXLN61hdbXQ/m=_b,_tp

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26b6a29d18339a5cf68bc6d4e17b6a52c2f0de7cbe79ea9d74a4886e57995561

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:56:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87412
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 168
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 19:28:50 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Aug 2022 16:56:35 GMT

POST
H3-29 200 log Show response
play.google.com/ Frame E4D1 131 B
155 B 40ms
40ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Oyg1SKj1wgE.es5.O/am=QgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrix0UFRsLsWoQZd0EbtXLN61hdbXQ/m=_b,_tp

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 13 Aug 2021 17:13:27 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 13 Aug 2021 17:13:27 GMT

OPTIONS
H3-29 200 log
play.google.com/ Frame 0
0 51ms
38ms Preflight
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

H3-29

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 13 Aug 2021 17:13:27 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 13 Aug 2021 17:13:27 GMT
cache-control: private

GET
H2 200 /
q.stripe.com/ Frame 2F60 43 B
285 B 208ms
207ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.pr.google_pay.activity_mode&event_count=12&timestamp=1628874807103&event_id=512d1027-d022-47a6-bc8f-108af94a9c4f&os=Windows&browserFamily=Chrome&version=71deb8c0e&key=pk_test_TYooMQauvdEDq54NiTphI7jx&referrer=https%3A%2F%2Fstripeapplepay.jjtestsite.us&stripe_js_id=2cfbc145-a86b-406e-91fa-8c14d340ec00&controller_load_time=1628874806570&wrapper=unknown&es_module=false&frame_width=1600&activityModeName=POPUP&activityMode=2&backingLibrary=GOOGLE_PAY

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 17:13:27 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 2F60 43 B
285 B 316ms
315ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.pr.google_pay.can_make_payment_native_response&event_count=13&timestamp=1628874807103&event_id=e9512ea6-82e7-4f06-9181-801ea78833e5&os=Windows&browserFamily=Chrome&version=71deb8c0e&key=pk_test_TYooMQauvdEDq54NiTphI7jx&referrer=https%3A%2F%2Fstripeapplepay.jjtestsite.us&stripe_js_id=2cfbc145-a86b-406e-91fa-8c14d340ec00&controller_load_time=1628874806570&wrapper=unknown&es_module=false&frame_width=1600&available=false&backingLibrary=GOOGLE_PAY

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 17:13:27 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 2F60 43 B
285 B 311ms
309ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.error.pr.browser.can_make_payment_rate_limited&event_count=14&timestamp=1628874807108&event_id=e5d6a329-29ec-4824-b2c8-31d0c01988e8&os=Windows&browserFamily=Chrome&version=71deb8c0e&key=pk_test_TYooMQauvdEDq54NiTphI7jx&referrer=https%3A%2F%2Fstripeapplepay.jjtestsite.us&stripe_js_id=2cfbc145-a86b-406e-91fa-8c14d340ec00&controller_load_time=1628874806570&wrapper=unknown&es_module=false&frame_width=1600&error-stack=Error%3A+Failed+to+execute+%27hasEnrolledInstrument%27+on+%27PaymentRequest%27%3A+Cannot+query+payment+request%0A++++at+https%3A%2F%2Fjs.stripe.com%2Fv3%2Ffingerprinted%2Fjs%2Fpayment-request-inner-browser-280e092614a7fef%3Csanitized%3Ede6fc3.js%3A1%3A9976%0A++++at+https%3A%2F%2Fjs.stripe.com%2Fv3%2Ffingerprinted%2Fjs%2Fshared-4fb7b7c956e1a2dd82ef4a7d861eb421.js%3A1%3A74477%0A++++at+Array.forEach+(%3Canonymous%3E)%0A++++at+t._emit+(https%3A%2F%2Fjs.stripe.com%2Fv3%2Ffingerprinted%2Fjs%2Fshared-4fb7b7c956e1a2dd82ef4a7d861eb421.js%3A1%3A74454)%0A++++at+e.value+(https%3A%2F%2Fjs.stripe.com%2Fv3%2Ffingerprinted%2Fjs%2Fshared-4fb7b7c956e1a2dd82ef4a7d861eb421.js%3A1%3A53616)%0A++++at+https%3A%2F%2Fjs.stripe.com%2Fv3%2Ffingerprinted%2Fjs%2Fshared-4fb7b7c956e1a2dd82ef4a7d861eb421.js%3A1%3A81062%0A++++at+https%3A%2F%2Fjs.stripe.com%2Fv3%2Ffingerprinted%2Fjs%2Fshared-4fb7b7c956e1a2dd82ef4a7d861eb421.js%3A1%3A76732%0A++++at+new+Promise+(%3Canonymous%3E)%0A++++at+t.a._respondUsingPromise+(https%3A%2F%2Fjs.stripe.com%2Fv3%2Ffingerprinted%2Fjs%2Fshared-4fb7b7c956e1a2dd82ef4a7d861eb421.js%3A1%3A76704)%0A++++at+t.value+(https%3A%2F%2Fjs.stripe.com%2Fv3%2Ffingerprinted%2Fjs%2Fshared-4fb7b7c956e1a2dd82ef4a7d861eb421.js%3A1%3A80986)&backingLibrary=BROWSER

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 17:13:27 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 2F60 43 B
285 B 311ms
309ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.error.payreq.can_make_payment_rate_limited&event_count=15&timestamp=1628874807109&event_id=40e2193a-29ad-49e9-aea6-dd1558f483e8&os=Windows&browserFamily=Chrome&version=71deb8c0e&key=pk_test_TYooMQauvdEDq54NiTphI7jx&referrer=https%3A%2F%2Fstripeapplepay.jjtestsite.us&stripe_js_id=2cfbc145-a86b-406e-91fa-8c14d340ec00&controller_load_time=1628874806570&wrapper=unknown&es_module=false&frame_width=1600&message=Failed+to+execute+%27hasEnrolledInstrument%27+on+%27PaymentRequest%27%3A+Cannot+query+payment+request&impl=prapi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 17:13:27 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 elements-inner-payment-request-83dee4df0cb1025be8a64b41525d6776.html Show response
js.stripe.com/v3/ Frame 7DE7 8 KB
3 KB 94ms
94ms Document
text/html 52.84.45.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-payment-request-83dee4df0cb1025be8a64b41525d6776.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.45.84 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-45-84.mrs52.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d780a62c0329fc001925a5b63c605d28bc6c63514a507a8672d26dd0f33a369f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/elements-inner-payment-request-83dee4df0cb1025be8a64b41525d6776.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://stripeapplepay.jjtestsite.us/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://stripeapplepay.jjtestsite.us/

Response headers

content-type: text/html; charset=utf-8
x-amz-id-2: WUg5ZOkqHlbVWWjVqrcAh6N0Hx+Er1vfPze1rce1TaulEYtRw0DN54CyL1bKnkAtZQpLSuoYRBU=
x-amz-request-id: Z1EYR4TM06R3Y709
date: Fri, 13 Aug 2021 17:11:58 GMT
last-modified: Thu, 12 Aug 2021 14:39:05 GMT
etag: W/"83dee4df0cb1025be8a64b41525d6776"
cache-control: public, max-age=300
server: AmazonS3
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
access-control-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f1647fac58c5fa2c4d7d531e7b786e56.cloudfront.net (CloudFront)
x-amz-cf-pop: MRS52-P1
x-amz-cf-id: ybdtHmQZ-_G5b2QApcyoq48O5ybnssyFCXZo5KAK454I7qxDiMPJCA==
age: 90

GET
H2 200 /
q.stripe.com/ Frame 2F60 43 B
285 B 306ms
306ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.pr.can_make_payment_response&event_count=16&timestamp=1628874807114&event_id=1110f74b-d3f8-4b8f-a5b6-3be542db4ebd&os=Windows&browserFamily=Chrome&version=71deb8c0e&key=pk_test_TYooMQauvdEDq54NiTphI7jx&referrer=https%3A%2F%2Fstripeapplepay.jjtestsite.us&stripe_js_id=2cfbc145-a86b-406e-91fa-8c14d340ec00&controller_load_time=1628874806570&wrapper=unknown&es_module=false&frame_width=1600&response-applePay=false&response-googlePay=false&cached=false&duration=907&activeBackingLibrary=BROWSER&usesButtonElement=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 17:13:27 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

POST
H2 200 log Show response
www.google.com/ Frame E4D1 131 B
408 B 18ms
18ms XHR
text/plain 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/log?format=json&hasfast=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Oyg1SKj1wgE.es5.O/am=QgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrix0UFRsLsWoQZd0EbtXLN61hdbXQ/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 13 Aug 2021 17:13:27 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 13 Aug 2021 17:13:27 GMT

GET
H2 200 ui-shared-fbbc6b7fa9d2977c6c9a09143f3027fd.css
js.stripe.com/v3/fingerprinted/css/ Frame 7DE7 17 KB
4 KB 102ms
101ms Stylesheet
text/css 52.84.45.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-fbbc6b7fa9d2977c6c9a09143f3027fd.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-83dee4df0cb1025be8a64b41525d6776.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.45.84 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-45-84.mrs52.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

50cf3499f3f3e660c8d1a6001308c32306961043c33df07163b8f817b63c930e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/elements-inner-payment-request-83dee4df0cb1025be8a64b41525d6776.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: W/"9a9c2063d7db2d15e1e3281da15b9d41"
age: 92
via: 1.1 f1647fac58c5fa2c4d7d531e7b786e56.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-request-id: 2SQVEMFSRV64B9ZX
x-amz-id-2: suc9KyMEZeWw3l6RBl1sZYCOk4jQiNLAdfwjlaDkMj4kYt3b2LkwiagLXrs1/qOPWlpF3mS+NYI=
last-modified: Wed, 04 Aug 2021 20:44:34 GMT
server: AmazonS3
date: Fri, 13 Aug 2021 17:12:31 GMT
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: MRS52-P1
timing-allow-origin: *
x-amz-cf-id: kqgR3BjTlk9iCYeCYE2cF4H9PJB0a_4tnEx-UFyC0_jCC0Ndr4drkg==

GET
H2 200 shared-4fb7b7c956e1a2dd82ef4a7d861eb421.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7DE7 175 KB
49 KB 97ms
96ms Script
application/javascript 52.84.45.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-4fb7b7c956e1a2dd82ef4a7d861eb421.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-83dee4df0cb1025be8a64b41525d6776.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.45.84 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-45-84.mrs52.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5f5c57d466c11734736eb943a2c4b253244b4af4e9fb0cec234ad20fb6217902

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/elements-inner-payment-request-83dee4df0cb1025be8a64b41525d6776.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: W/"fb3244a464ce2da6dcb15f4a5eed8849"
age: 200
via: 1.1 f1647fac58c5fa2c4d7d531e7b786e56.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-request-id: SP9T4N3VY3N7FWGJ
x-amz-id-2: YmqE481jMPVAl0kirFfaaI9nzwHs5hOywv+RGcyytfR3zNTq7DVARBIDqhBCYIoo7g1NTvtJlcA=
last-modified: Thu, 12 Aug 2021 14:38:59 GMT
server: AmazonS3
date: Fri, 13 Aug 2021 17:10:08 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: MRS52-P1
timing-allow-origin: *
x-amz-cf-id: K8HsnZknHP6nms_ATuPExA380nOfV1gZV1jehMNEAH3h5xexHAL54A==

GET
H2 200 ui-shared-23dad43aba760ea72960f47c504204d6.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7DE7 214 KB
66 KB 104ms
103ms Script
application/javascript 52.84.45.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-23dad43aba760ea72960f47c504204d6.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-83dee4df0cb1025be8a64b41525d6776.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.45.84 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-45-84.mrs52.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

92078cacbfc36798a3463b86ba93df479ab46053f00654b7cb5e9234061540b4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/elements-inner-payment-request-83dee4df0cb1025be8a64b41525d6776.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: W/"35d49d0c8eca2ec471e1619e59362a76"
age: 149
via: 1.1 f1647fac58c5fa2c4d7d531e7b786e56.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-request-id: MW8BSCPY2B9G4J9P
x-amz-id-2: 2mLje73Lf1OzURJ3rvI/UxbKnHI/By9t1Bqo7MvOZKNn5wROgYSe35q9+YnAPguTDb+vHcoKVBE=
last-modified: Thu, 12 Aug 2021 14:38:59 GMT
server: AmazonS3
date: Fri, 13 Aug 2021 17:11:08 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: MRS52-P1
timing-allow-origin: *
x-amz-cf-id: OSYnDgeH4gJtxsDJeeC-seOF_0o-tnXduKP5jz-Anc_2MVGdWtefpg==

GET
H2 200 elements-inner-payment-request-44fe1905884b738373a085daa3de133e.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7DE7 35 KB
12 KB 102ms
102ms Script
application/javascript 52.84.45.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-payment-request-44fe1905884b738373a085daa3de133e.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-83dee4df0cb1025be8a64b41525d6776.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.45.84 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-45-84.mrs52.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0838db4e6a1aa95aee3ad2424411560f921b6abfc6c9fa1b97d0d0943efa2534

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/elements-inner-payment-request-83dee4df0cb1025be8a64b41525d6776.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: W/"19497c6bb8366681534e23f2ea8c2a33"
x-amz-request-id: TPE86ZSK18AE8GMS
via: 1.1 f1647fac58c5fa2c4d7d531e7b786e56.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-id-2: 2WnRqXen+DEh4jFxsPnYiLVoC1fcm+dDeqzb5AFQJhGksZaHsuJXlGTTk1l2EcsFxUc1q+2WwkQ=
last-modified: Tue, 03 Aug 2021 18:27:21 GMT
server: AmazonS3
date: Fri, 13 Aug 2021 17:13:27 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: MRS52-P1
timing-allow-origin: *
x-amz-cf-id: H8Nou6r733qZ_lCd4iZJWkwAoBzSaMDxLQV531l6PfEeqqCyl5owlA==

GET
H2 200 /
q.stripe.com/ Frame 2F60 43 B
285 B 207ms
207ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.create&event_count=17&timestamp=1628874807400&event_id=053f7039-8dfa-4072-ae57-e32072d70d20&os=Windows&browserFamily=Chrome&version=71deb8c0e&key=pk_test_TYooMQauvdEDq54NiTphI7jx&referrer=https%3A%2F%2Fstripeapplepay.jjtestsite.us&stripe_js_id=2cfbc145-a86b-406e-91fa-8c14d340ec00&controller_load_time=1628874806570&wrapper=unknown&es_module=false&frame_width=1600&options-betas=&options-componentName=paymentRequestButton&options-wait=false&options-rtl=false&element=paymentRequestButton

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 17:13:27 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2F60 0
213 B 211ms
211ms XHR
application/octet-stream 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4fb7b7c956e1a2dd82ef4a7d861eb421.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 13 Aug 2021 17:13:27 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
content-length: 0

GET
H2 200 /
q.stripe.com/ Frame 2F60 43 B
285 B 207ms
206ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.timings&event_count=19&timestamp=1628874807405&event_id=6be47e7e-9eb8-4973-bddd-7224388b5c9f&os=Windows&browserFamily=Chrome&version=71deb8c0e&key=pk_test_TYooMQauvdEDq54NiTphI7jx&referrer=https%3A%2F%2Fstripeapplepay.jjtestsite.us&stripe_js_id=2cfbc145-a86b-406e-91fa-8c14d340ec00&controller_load_time=1628874806570&wrapper=unknown&es_module=false&frame_width=1600&dom_loading=100&dom_interactive=249&dom_complete=253&since_sjs_load=1174&since_stripe_create=1157&since_group_create=1156&since_create=1156&mount_duration=244&since_fetch=243&load_count=1&match_frame=true&resource_timings-ui-shared.css-transfer_size=3840&resource_timings-ui-shared.css-duration=102&resource_timings-shared.js-transfer_size=50071&resource_timings-shared.js-duration=104&resource_timings-ui-shared.js-transfer_size=67761&resource_timings-ui-shared.js-duration=114&resource_timings-elements-inner-payment-request.js-transfer_size=12163&resource_timings-elements-inner-payment-request.js-duration=103&element=paymentRequestButton

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 17:13:27 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 2F60 43 B
285 B 207ms
206ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.event.ready&event_count=20&timestamp=1628874807407&event_id=4ae2caeb-a8a5-492c-9871-3c202800405c&os=Windows&browserFamily=Chrome&version=71deb8c0e&key=pk_test_TYooMQauvdEDq54NiTphI7jx&referrer=https%3A%2F%2Fstripeapplepay.jjtestsite.us&stripe_js_id=2cfbc145-a86b-406e-91fa-8c14d340ec00&controller_load_time=1628874806570&wrapper=unknown&es_module=false&frame_width=1600&element=paymentRequestButton

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 17:13:27 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 trusted-types-checker-9b6e874f149cc545c2c2335f8707fd1f.js Show response
js.stripe.com/v3/fingerprinted/js/ 172 B
968 B 93ms
93ms Script
application/javascript 52.84.45.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-9b6e874f149cc545c2c2335f8707fd1f.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.45.84 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-45-84.mrs52.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

544bc1adef126901075f00fb30f014fcbcb3b7284269c42d3c0bd0ad8c7b1087

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://stripeapplepay.jjtestsite.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
via: 1.1 f1647fac58c5fa2c4d7d531e7b786e56.cloudfront.net (CloudFront)
etag: "061c04e6217c3eb8dc56a4f26937a7b7"
age: 132
x-cache: Hit from cloudfront
x-amz-request-id: V1WZ8SX9PPFBK5DZ
x-amz-id-2: yFfnn5itDtX3ZmG/Bx29HX+dsEDf8uaOX214+kPHvXWXvLzb1YaRLiZHvWOEjkdip2WbYV2Cb8Y=
accept-ranges: bytes
last-modified: Tue, 01 Jun 2021 22:25:35 GMT
server: AmazonS3
date: Fri, 13 Aug 2021 17:11:27 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: MRS52-P1
content-length: 172
timing-allow-origin: *
x-amz-cf-id: 5DaD06EcGchaVkuR5NlojjO-OQ5EgpSkrayoaDMU08F77m9XSrpp4w==

GET
H2 200 /
q.stripe.com/ Frame 2F60 43 B
285 B 207ms
207ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.trusted_types_check&event_count=21&timestamp=1628874812150&event_id=c90e8864-0393-4518-a220-351a5a7d3a5d&os=Windows&browserFamily=Chrome&version=71deb8c0e&key=pk_test_TYooMQauvdEDq54NiTphI7jx&referrer=https%3A%2F%2Fstripeapplepay.jjtestsite.us&stripe_js_id=2cfbc145-a86b-406e-91fa-8c14d340ec00&controller_load_time=1628874806570&wrapper=unknown&es_module=false&frame_width=1600&result=ALLOWED

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 17:13:32 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.google.com/	1970-01-20 00:51:26	Name: NID Value: 221=aEP50zKwCN0or9ZpOq51PL_QIGKrBn_Kl3ozlpg5MgJwNk7i5T7vBnT43E-UdK2IJsCOs8xsiBi7pCqVG31z0mIZUf-t0wH3T0BGSjGO_OEISl2JpVHWp0VFzUhy5-wA418TCWbIGllaLkxZygt7-bR6QJJW4v8eN6xhgYUKGg4

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://stripeapplepay.jjtestsite.us/(Line 19) Message: [object Object]
console-api	log	URL: https://stripeapplepay.jjtestsite.us/(Line 30) Message: [object Object]
console-api	log	URL: https://stripeapplepay.jjtestsite.us/(Line 35) Message: [object Object]
console-api	warning	URL: https://js.stripe.com/v3/fingerprinted/js/controller-a7ce8e288bb25005853b79feb30d5bc6.js(Line 1) Message: We were rate-limited from checking if your requested Payment Request options are allowed. Please test again before going live.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

js.stripe.com
m.stripe.com
m.stripe.network
pay.google.com
play.google.com
q.stripe.com
r.stripe.com
stripeapplepay.jjtestsite.us
www.google-analytics.com
www.google.com
www.gstatic.com
18.235.204.176
2a00:1450:4001:800::200e
2a00:1450:4001:802::200e
2a00:1450:4001:810::2003
2a00:1450:4001:812::2004
2a00:1450:4001:830::2003
2a00:1450:4010:c05::5c
52.13.204.6
52.84.45.84
54.186.23.98
54.187.159.182
65.9.73.64
007437cc9f13d9ffa56f1de428bab19328b2d714b22ce1e97f3c7d5b01a8dae2
0838db4e6a1aa95aee3ad2424411560f921b6abfc6c9fa1b97d0d0943efa2534
1c2908910a1e9797577c2c5ce84ae1f558013df392daf62b7378f9c291f399ee
1da12ea28facb834150e90b9e7c121149da4b58f23a92c471643b7e704835eac
26b6a29d18339a5cf68bc6d4e17b6a52c2f0de7cbe79ea9d74a4886e57995561
270fe718917cbf7e9dba9f517b374e88be11de50611032250abf2bd88be6a544
2d0c068778f9ddf50cfd9b3ba3dae7d045cad544b1b9efabeb647bef10fa170c
373e07bbe8f09b1833aee8b125890e3e751bddac01acf7fb25ae77188e4935c3
3be26adb244a81a485a3a55042d09644b8b1c8b4ab990d0b8de00b92c3f91bef
4de975f97fecd028e959b36ad8636ff6b418f8894caa2ec16cf18581643ece47
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
50cf3499f3f3e660c8d1a6001308c32306961043c33df07163b8f817b63c930e
544bc1adef126901075f00fb30f014fcbcb3b7284269c42d3c0bd0ad8c7b1087
5c6d2c5a1abcb98109b6dad7da0ec5d653b3936c3f519be0f015f2aa0a441dd6
5f5c57d466c11734736eb943a2c4b253244b4af4e9fb0cec234ad20fb6217902
691b9a514dcd9541c4d3fa26dc23c391eaf00535415d84f9cda5f910fe721840
6a6915872afa798395a56c7aa50d086cb325ff7214ad78ada3c7a96350bbad39
6dd8a71fd7abb36bdbfe0666cbc4ac099b3dbc9a7653bf6c803514ee3170bf33
7edf6ec7405f9c09b0a7ae23c05d1c0bf18c3185ad94aaded258cf1202634eca
8f96189d061fc4b87f3dfd454ead6d52c12375f549e29244ca20ef47962bf90b
92078cacbfc36798a3463b86ba93df479ab46053f00654b7cb5e9234061540b4
ad2b1ac574fb1162e655a2ed48c24d3369259562e158bdb7a8e6db7907287971
bf45cb63376d70528ea20c34a4dad9b37c3bde6bd8bd02debbfd31b4ff2eaf52
c4a8402fde1e397bcabe7467c0de035e7851eeb1bad9af5d1b67487e7d7f2a4a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d780a62c0329fc001925a5b63c605d28bc6c63514a507a8672d26dd0f33a369f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56f86b0dcc3bcba8030f1c84503819037a6c9ce1e1310abd3f2c5313a494831
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
f5697b9d54a2ca2c8cc0cf62751658dbdf8e77a80f8a271700b68b421b4d4883
fc1a13622436fd0ee80433c77f305d8c3a081c2910a411592c0366995553671d

stripeapplepay.jjtestsite.us Open in urlscan Pro 18.235.204.176 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

67 Requests

100 %HTTPS

50 %IPv6

6 Domains

11 Subdomains

12 IPs

3 Countries

942 kBTransfer

3235 kBSize

1 Cookies

0 Outgoing links

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

stripeapplepay.jjtestsite.us Open in urlscan Pro
18.235.204.176 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

11
Subdomains

12
IPs

3
Countries

942 kB
Transfer

3235 kB
Size

1
Cookies

67 HTTP transactions
0 data transactions