go.air-pay.co.uk Open in urlscan Pro
18.239.50.120 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://go.air-pay.co.uk/PqccC4BtwaT
Submission: On January 04 via manual (January 4th 2024, 5:05:29 pm UTC) from GB — Scanned from GB

Summary HTTP 30 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 30 HTTP transactions. The main IP is 18.239.50.120, located in United States and belongs to AMAZON-02, US. The main domain is go.air-pay.co.uk.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 23rd 2023. Valid for: a year.

This is the only time go.air-pay.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	18.239.50.120 18.239.50.120	16509 (AMAZON-02) (AMAZON-02)
2	108.157.177.96 108.157.177.96	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700:20:... 2606:4700:20::ac43:4951	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	147.12.16.68 147.12.16.68	200596 (ADYEN) (ADYEN)
4	2a00:1450:401... 2a00:1450:4013:c03::5c	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
30	9

10 18.239.50.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-50-120.ams58.r.cloudfront.net

go.air-pay.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.157.177.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-177-96.mxp53.r.cloudfront.net

api.mapbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4951 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

npmcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.12.16.68 (Netherlands)

ASN200596 (ADYEN, NL)
PTR: 930C1044.adyen.com

checkoutshopper-live.adyen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4013:c03::5c (Groningen, Netherlands)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	google.com pay.google.com — Cisco Umbrella Rank: 3910 play.google.com — Cisco Umbrella Rank: 95	423 KB
10	air-pay.co.uk go.air-pay.co.uk	1 MB
4	gstatic.com www.gstatic.com	101 KB
2	adyen.com checkoutshopper-live.adyen.com — Cisco Umbrella Rank: 20300	109 KB
2	npmcdn.com 1 redirects npmcdn.com — Cisco Umbrella Rank: 48596	151 KB
2	mapbox.com api.mapbox.com — Cisco Umbrella Rank: 4791	197 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 395	2 KB
30	7

	Domain	Requested by
10	go.air-pay.co.uk	go.air-pay.co.uk
6	play.google.com	www.gstatic.com
4	www.gstatic.com	pay.google.com www.gstatic.com
4	pay.google.com	go.air-pay.co.uk pay.google.com www.gstatic.com
2	checkoutshopper-live.adyen.com	go.air-pay.co.uk
2	npmcdn.com	1 redirects go.air-pay.co.uk
2	api.mapbox.com	go.air-pay.co.uk
1	cdnjs.cloudflare.com	go.air-pay.co.uk
30	8

This site contains no links.

Subject Issuer	Validity	Valid
air-pay.co.uk Amazon RSA 2048 M01	`2023-02-23` - `2024-03-23`	a year	crt.sh
api.mapbox.com Amazon RSA 2048 M03	`2023-11-06` - `2024-12-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
adyen.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2022-12-31` - `2024-01-31`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://go.air-pay.co.uk/PqccC4BtwaT
Frame ID: 63DFE1A08D8FA1B42DEB6A6ADCA0447D
Requests: 18 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fgo.air-pay.co.uk&mid=
Frame ID: A9623822922C27F90F1A8DD50BDCF24A
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Airpay

Detected technologies

Mapbox GL JS (Maps) Expand

Overall confidence: 100%
Detected patterns

mapbox-gl.js

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

TurfJS (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

(turf@[\d.]+)?/?turf\.min\.js

Page Statistics

30
Requests

97 %
HTTPS

63 %
IPv6

7
Domains

8
Subdomains

9
IPs

3
Countries

2009 kB
Transfer

6004 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://npmcdn.com/@turf/turf/turf.min.js HTTP 302
https://npmcdn.com/@turf/turf@6.5.0/turf.min.js

30 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request PqccC4BtwaT Show response
go.air-pay.co.uk/ 707 B
1 KB 225ms
102ms Document
text/html 18.239.50.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.air-pay.co.uk/PqccC4BtwaT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-120.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 473267325f2d978ae3130bae9e3a8eabcf128200933252d56c880c28b9628a74

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 2854
cache-control: public, max-age=14400
content-length: 707
content-type: text/html
date: Thu, 04 Jan 2024 16:36:40 GMT
etag: "93d51b82d7c803a1bfaa5149b67ad1e3"
last-modified: Mon, 04 Dec 2023 14:59:12 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 5090b605a7b968781de55827dd170bf2.cloudfront.net (CloudFront)
x-amz-cf-id: Q1g63yRx0AUAdvDt6iNjPEABL5ANa_EfMqlBaFjX0t0ovEP8-O7-yw==
x-amz-cf-pop: AMS58-P3
x-cache: Error from cloudfront

GET
H/1.1 200
OK mapbox-gl.js Show response
api.mapbox.com/mapbox-gl-js/v1.12.0/ 746 KB
191 KB 187ms
58ms Script
application/javascript 108.157.177.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.mapbox.com/mapbox-gl-js/v1.12.0/mapbox-gl.js
Requested by: Host: go.air-pay.co.uk
URL: https://go.air-pay.co.uk/PqccC4BtwaT
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.177.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-177-96.mxp53.r.cloudfront.net
Software: / Express
Resource Hash: 1922facc9b201acbc96303d498ff5c5483a2b646c56c37ab7e9c51119aab342a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://go.air-pay.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 24 May 2023 05:23:19 GMT
Content-Encoding: gzip
Via: 1.1 1ef0a1ac6ea08b592d4639edad112622.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MXP53-P1
Age: 19482125
X-Powered-By: Express
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed Aug 12 2020 16:07:22 GMT+0000 (Coordinated Universal Time)
ETag: "9ff70a5a62693d0024537b3d39a0b4f0"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Timing-Allow-Origin: *
X-Amz-Cf-Id: eVfSRyGX_QHzAAeVRBcMFNNFpeXe59BEGsmnxIXWrZPYumcIZBjAog==

GET
H/1.1 200
OK mapbox-gl.css
api.mapbox.com/mapbox-gl-js/v1.12.0/ 34 KB
5 KB 177ms
50ms Stylesheet
text/css 108.157.177.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.mapbox.com/mapbox-gl-js/v1.12.0/mapbox-gl.css
Requested by: Host: go.air-pay.co.uk
URL: https://go.air-pay.co.uk/PqccC4BtwaT
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.177.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-177-96.mxp53.r.cloudfront.net
Software: / Express
Resource Hash: f80d0d241321e4821b86874153a10ee2d3535b874d1e65bb2e0cc2c061ac0f52

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://go.air-pay.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 15 May 2023 20:19:45 GMT
Content-Encoding: gzip
Via: 1.1 b4991b2d8ebadd9999d062d127a55248.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MXP53-P1
Age: 20205939
X-Powered-By: Express
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed Aug 12 2020 16:07:25 GMT+0000 (Coordinated Universal Time)
ETag: "abd77169b68f1b61bc7aa0ef6a9c7a1e"
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Timing-Allow-Origin: *
X-Amz-Cf-Id: Kd7CAUU6v_AWbO3yqAX9yJuW7LheV67oV2-42x5oc4M_-GYRrr8izQ==

GET
H2

200

turf.min.js Show response
npmcdn.com/@turf/turf@6.5.0/
Redirect Chain

https://npmcdn.com/@turf/turf/turf.min.js
https://npmcdn.com/@turf/turf@6.5.0/turf.min.js

590 KB
151 KB

55ms
55ms

Script
application/javascript

2606:4700:20::ac43:4951
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://npmcdn.com/@turf/turf@6.5.0/turf.min.js

Requested by

Host: go.air-pay.co.uk
URL: https://go.air-pay.co.uk/PqccC4BtwaT

Protocol

Server

2606:4700:20::ac43:4951 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d00f3e8ff8a8f9c103dad61c2fd4bb58143e1404aadfdf09e29b6db1a2de0a3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://go.air-pay.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 17:05:24 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 3073807
content-encoding: br
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HGF3JFASVXHYDC7TRFHS8099-lhr
server: cloudflare
etag: W/"939c2-B/O2XVTbZ/U8c28UNSVGFwzH8yM"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FkC7SqzdBBZmFHqeO%2BVZE39he%2BTAN5ScF%2BEECL0AzPPefLwIh5uYaAZ6%2B4sPTNE3qJVvaHjwuRoomZ6fiqaJaApqJJnol0ZrMpMNZEqO243gtCn4WRTLD4G%2FfTZ6BQzlZelRPoEa3Vw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 840510f2fa7b76f5-LHR

Redirect headers

date: Thu, 04 Jan 2024 17:05:24 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 572
fly-request-id: 01HKAPE60GRH4E591GHTZQ4ZA5-lhr
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VnGpjWjLidvgWZovdZfNsp4FaE2s%2B%2BKiCRI0zyJ1mu%2B1NjdtcOxJZxZDdDEkVa4ascdkNzQBIQdtgbFgZGaGS536ag%2FjpUeiN%2BKJxg2%2FB8TVA8XbgkTeKOxW0Hf6w55E0OvFVYr8710%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /@turf/turf@6.5.0/turf.min.js
cache-control: public, max-age=14400, s-maxage=600
cf-ray: 840510f2ba2b76f5-LHR

GET
H2 200 polyline.js Show response
cdnjs.cloudflare.com/ajax/libs/mapbox-polyline/1.1.1/ 4 KB
2 KB 104ms
41ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/mapbox-polyline/1.1.1/polyline.js

Requested by

Host: go.air-pay.co.uk
URL: https://go.air-pay.co.uk/PqccC4BtwaT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cd5979d64a7697697f0e245c5bdcce6dc3531eaf77657c0f0f0888326be9e48

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://go.air-pay.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 17:05:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5658047
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1315
last-modified: Mon, 18 May 2020 14:12:40 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5ec297d8-117d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jND41wZQImELA0aBfy1BrHmEWPAiAbFw8MfJI8Enn60zmUCPD2YeQSVtkiNaAQPkOkP4eLcFykcKyYTDOmdAjuCUMkmrR8ETTecP7HzubeTsKn3Bgvp8cbWt9iZvGa8%2Fhf1SApivCl2MrZVNzwaTQmGC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 840510f2ab8071f3-LHR
expires: Tue, 24 Dec 2024 17:05:24 GMT

GET
H2 200 index.4edeaff9.css
go.air-pay.co.uk/ 6 KB
2 KB 37ms
36ms Stylesheet
text/css 18.239.50.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.air-pay.co.uk/index.4edeaff9.css
Requested by: Host: go.air-pay.co.uk
URL: https://go.air-pay.co.uk/PqccC4BtwaT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-120.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8f2cdda862da5353441993011a954aa01411704f39619e6a349152283f018895

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://go.air-pay.co.uk/PqccC4BtwaT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 16:36:40 GMT
content-encoding: gzip
via: 1.1 5090b605a7b968781de55827dd170bf2.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 14:59:12 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P3
age: 2420
etag: W/"dd1b82a110db190bf2430e449d853228"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, max-age=14400
x-amz-cf-id: rzhAzOVdFlbVTlyINDsFjItLcDUUZ_d9wIA0bXmX7shpeNFxoRbSEg==

GET
H2 200 index.0ddfc29d.js Show response
go.air-pay.co.uk/ 2 MB
573 KB 43ms
43ms Script
application/javascript 18.239.50.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.air-pay.co.uk/index.0ddfc29d.js
Requested by: Host: go.air-pay.co.uk
URL: https://go.air-pay.co.uk/PqccC4BtwaT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-120.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 247e2544425d01cab9974673412cbb696cbf79a6c524d195486713a3e664eebf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://go.air-pay.co.uk/PqccC4BtwaT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 13:09:08 GMT
content-encoding: gzip
via: 1.1 5090b605a7b968781de55827dd170bf2.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 14:59:12 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P3
age: 14177
etag: W/"763a4844ea9288e8b98f6bae3a2a5bca"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=14400
x-amz-cf-id: 9Yix-6pZT07RRjYuDtHMbfPl968hM4JQW8CdALhIpVFsDBwsZ1QOOg==

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/webp

POST
H2 200 gql Show response
go.air-pay.co.uk/ 104 B
485 B 114ms
114ms Fetch
application/json 18.239.50.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.air-pay.co.uk/gql
Requested by: Host: go.air-pay.co.uk
URL: https://go.air-pay.co.uk/index.0ddfc29d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-120.ams58.r.cloudfront.net
Software: nginx/1.14.1 / Express
Resource Hash: a8e2daf6b357e3814709a71c221045211adad6a274e20899f8f6edf0d4430a3a

Request headers

accept: */*
Referer: https://go.air-pay.co.uk/PqccC4BtwaT
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: application/json

Response headers

date: Thu, 04 Jan 2024 17:05:25 GMT
via: 1.1 5090b605a7b968781de55827dd170bf2.cloudfront.net (CloudFront)
server: nginx/1.14.1
x-amz-cf-pop: AMS58-P3
x-powered-by: Express
vary: Origin
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 104
x-amz-cf-id: qud4eomn8jJtN6QQGwJVYCcNeQsYctTTC3PeBojMxZX4tm-liGtDdA==

POST
H2 200 gql Show response
go.air-pay.co.uk/ 944 B
1 KB 114ms
114ms Fetch
application/json 18.239.50.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.air-pay.co.uk/gql
Requested by: Host: go.air-pay.co.uk
URL: https://go.air-pay.co.uk/index.0ddfc29d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-120.ams58.r.cloudfront.net
Software: nginx/1.14.1 / Express
Resource Hash: 5b08839070638057a0f85496373ec1cfc2b704864d0732068c311a3d5e9c0368

Request headers

accept: */*
Referer: https://go.air-pay.co.uk/PqccC4BtwaT
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: application/json

Response headers

date: Thu, 04 Jan 2024 17:05:25 GMT
via: 1.1 5090b605a7b968781de55827dd170bf2.cloudfront.net (CloudFront)
server: nginx/1.14.1
x-amz-cf-pop: AMS58-P3
x-powered-by: Express
vary: Origin
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 944
x-amz-cf-id: 6VURHGpy6oLP-ie9BAqpA9CUHl5YuXfCp8qGnMYD33IDZfxNKZi-QQ==

GET
H2 200 airpay-logo-white.9fec7098.png
go.air-pay.co.uk/ 4 KB
4 KB 45ms
45ms Image
image/png 18.239.50.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.air-pay.co.uk/airpay-logo-white.9fec7098.png
Requested by: Host: go.air-pay.co.uk
URL: https://go.air-pay.co.uk/PqccC4BtwaT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-120.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fa1aa5a8d8499ae5c024a19a2035934ccf0b979bcdc0bb5f5ec77c28a32ba6a0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://go.air-pay.co.uk/PqccC4BtwaT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 15:36:17 GMT
via: 1.1 5090b605a7b968781de55827dd170bf2.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 14:59:12 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P3
age: 5349
etag: "4064ba66820b5a07a437f5ba9b04f31f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=14400
content-length: 3685
x-amz-cf-id: uUDsw70WclzFs78_C3kNaVziOwpwOjiqVJgJlu00OvFTLgiEZ3iKTA==

GET
H/1.1 200 adyen.css
checkoutshopper-live.adyen.com/checkoutshopper/sdk/3.5.0/ 40 KB
7 KB 159ms
45ms Stylesheet
text/css 147.12.16.68
ADYEN

General

Check archive.org

Show headers Download Go to

Full URL: https://checkoutshopper-live.adyen.com/checkoutshopper/sdk/3.5.0/adyen.css
Requested by: Host: go.air-pay.co.uk
URL: https://go.air-pay.co.uk/index.0ddfc29d.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.12.16.68 , Netherlands, ASN200596 (ADYEN, NL),
Reverse DNS: 930C1044.adyen.com
Software: /
Resource Hash: 7289b7b9757692c406d3caf83e63d3e381aaf477a6c38f24a2176c8178536904

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://go.air-pay.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Thu, 04 Jan 2024 17:05:24 GMT
content-encoding: gzip
traceparent: 00-c92a8307cc709bee310c6380e162991c-f6b2fe720f95792a-01
Transfer-Encoding: chunked
Content-Type: text/css;charset=UTF8
access-control-allow-origin: *
Cache-Control: max-age=600
cross-origin-resource-policy: cross-origin

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ 120 KB
37 KB 173ms
83ms Script
application/javascript 2a00:1450:4013:c03::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: go.air-pay.co.uk
URL: https://go.air-pay.co.uk/index.0ddfc29d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c03::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

281aecc99c20ba4d375f2700f117b524ace89608c54441461c2487627bc265ad

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-zlLH7qnLSeQ3tmIiyVJPWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://go.air-pay.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 17:05:25 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-zlLH7qnLSeQ3tmIiyVJPWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Thu, 04 Jan 2024 17:05:25 GMT

GET
H/1.1 200 adyen.js Show response
checkoutshopper-live.adyen.com/checkoutshopper/sdk/3.5.0/ 451 KB
102 KB 202ms
88ms Script
text/javascript 147.12.16.68
ADYEN

General

Check archive.org

Show headers Download Go to

Full URL: https://checkoutshopper-live.adyen.com/checkoutshopper/sdk/3.5.0/adyen.js
Requested by: Host: go.air-pay.co.uk
URL: https://go.air-pay.co.uk/index.0ddfc29d.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.12.16.68 , Netherlands, ASN200596 (ADYEN, NL),
Reverse DNS: 930C1044.adyen.com
Software: /
Resource Hash: e4af4db6f8243dd869eeebbd02c95b3838d497cc1333fe1488dcf6ad97a27b6b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://go.air-pay.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Thu, 04 Jan 2024 17:05:24 GMT
content-encoding: gzip
traceparent: 00-3a440681f65898832b33b5532339e528-289188697ffbab3f-01
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF8
access-control-allow-origin: *
Cache-Control: max-age=600
cross-origin-resource-policy: cross-origin

GET
H2 200 bg-map.dad6f6ee.png
go.air-pay.co.uk/ 422 KB
423 KB 82ms
82ms Image
image/png 18.239.50.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.air-pay.co.uk/bg-map.dad6f6ee.png
Requested by: Host: go.air-pay.co.uk
URL: https://go.air-pay.co.uk/PqccC4BtwaT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-120.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f155d0fabe9a45ab7449a3dff82ad73bcdffab4a91159394cf28528d925f7e9b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://go.air-pay.co.uk/PqccC4BtwaT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 16:17:05 GMT
via: 1.1 5090b605a7b968781de55827dd170bf2.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 14:59:12 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P3
age: 2901
etag: "28b5f9f3b48039222521274d104de7b3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=14400
content-length: 431795
x-amz-cf-id: sMgTR9PmC1r6P0357auGqbPOiA7TwzhQQjtj5OcbRsJ6mx1dv9QX2Q==

GET
H2 200 info.23111dbd.svg
go.air-pay.co.uk/ 402 B
762 B 37ms
37ms Image
image/svg+xml 18.239.50.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.air-pay.co.uk/info.23111dbd.svg
Requested by: Host: go.air-pay.co.uk
URL: https://go.air-pay.co.uk/PqccC4BtwaT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-120.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1ecdf5d32f46dbf044f4f8222d0c405971f8331b311dd282f293bc1fd7a9a7cc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://go.air-pay.co.uk/PqccC4BtwaT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 16:36:41 GMT
via: 1.1 5090b605a7b968781de55827dd170bf2.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 14:59:12 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P3
age: 2900
etag: "cf5ee37a37eb91584e4f123736ddf7f2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=14400
content-length: 402
x-amz-cf-id: ZMtEd-Bfuy8M2uSLQFxujHKcYWs90p-CIGbNw9EPUyxZ_H8k0VF7pQ==

GET
H2 200 F37Ginger.037dc753.woff
go.air-pay.co.uk/ 21 KB
21 KB 37ms
37ms Font
font/woff 18.239.50.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.air-pay.co.uk/F37Ginger.037dc753.woff
Requested by: Host: go.air-pay.co.uk
URL: https://go.air-pay.co.uk/index.4edeaff9.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-120.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 149ee1dbb14130a112cd1f9730620595c867eca96b18197c3706ff3d0a45b6a2

Request headers

Referer: https://go.air-pay.co.uk/index.4edeaff9.css
Origin: https://go.air-pay.co.uk
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 15:36:17 GMT
via: 1.1 5090b605a7b968781de55827dd170bf2.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 14:59:12 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P3
age: 5349
etag: "a419a0edbf2e0a501d4570717fb98141"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/woff
cache-control: public, max-age=14400
content-length: 21104
x-amz-cf-id: b_r1cIsaEjP2Eg_ZTmI6AGOnLRJFA3UrtPaumJ6cFQx696gW5LeR6g==

GET
H2 200 car.1a22251a.svg Show response
go.air-pay.co.uk/ 1 KB
931 B 47ms
46ms XHR
image/svg+xml 18.239.50.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.air-pay.co.uk/car.1a22251a.svg
Requested by: Host: go.air-pay.co.uk
URL: https://go.air-pay.co.uk/index.0ddfc29d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-120.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8e6ae28a2d4392571081500cfd56d42212f0d1cc233472f6908ede6500d739a8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://go.air-pay.co.uk/PqccC4BtwaT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 17:05:25 GMT
content-encoding: gzip
via: 1.1 5090b605a7b968781de55827dd170bf2.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 14:59:12 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P3
age: 686
etag: W/"91ec8494ef9e466b9520e51de8f4098f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=14400
x-amz-cf-id: jF2FSFFI4BluYOSvHFmpNQyBJz2nr45-DLG6tjbwwiCidzOSe4A47A==

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame A962 19 KB
8 KB 310ms
309ms Document
text/html 2a00:1450:4013:c03::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fgo.air-pay.co.uk&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c03::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c47aa1f6fc1157805ecd804262437ee6b2bb8ab37780d9484934d3ce4349a431

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-I_d9ZcXlCyvImOzLeAMzdA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go.air-pay.co.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-I_d9ZcXlCyvImOzLeAMzdA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Thu, 04 Jan 2024 17:05:25 GMT
expires: Thu, 04 Jan 2024 17:05:25 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ml81igzmqtE.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMi... Frame A962 158 KB
57 KB 137ms
44ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ml81igzmqtE.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjMTBsAAuGUxiNdV6i_eH_iXsrmeA/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fgo.air-pay.co.uk&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38f226addac7efd1da80eccb4a5bd77dbc612716a24b29a88dd396aeb7d7d515

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84300
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57303
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 06:22:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Jan 2025 17:40:25 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame A962 2 KB
2 KB 140ms
140ms Other
text/html 2a00:1450:4013:c03::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: go.air-pay.co.uk
URL: https://go.air-pay.co.uk/PqccC4BtwaT
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4013:c03::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 04 Jan 2024 17:05:25 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H2 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ml81igzmqtE.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.leW... Frame A962 73 KB
27 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ml81igzmqtE.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.leW5DVEP8Ag.L.B1.O/am=gEEY/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrgu7fop0BcTTCHtEevWCJZ5r4c-8g/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ml81igzmqtE.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjMTBsAAuGUxiNdV6i_eH_iXsrmeA/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd78a04b80c92219f5c2a3da207af5c90ee6fdb6a532e52becd24ef0669b24b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:44:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84039
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27264
x-xss-protection: 0
last-modified: Thu, 21 Dec 2023 00:54:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Jan 2025 17:44:47 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame A962 1 MB
376 KB 88ms
87ms XHR
text/html 2a00:1450:4013:c03::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4013:c03::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5eec7e2798e665b537f04cf831bd6494703cd52993954df338a573c912beca0e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-dtNVTSUFub1iI1tHBZie8A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 17:05:26 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-dtNVTSUFub1iI1tHBZie8A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Thu, 04 Jan 2024 17:05:26 GMT

GET
H2 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ml81igzmqtE.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.leW... Frame A962 9 KB
4 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ml81igzmqtE.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.leW5DVEP8Ag.L.B1.O/am=gEEY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrgu7fop0BcTTCHtEevWCJZ5r4c-8g/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a575803415cca235830720d8e4604b908ad2aafbbbb46e318c13313172656634

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:44:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84039
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3729
x-xss-protection: 0
last-modified: Thu, 21 Dec 2023 00:54:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Jan 2025 17:44:47 GMT

GET
H2 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ml81igzmqtE.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.leW... Frame A962 37 KB
14 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ml81igzmqtE.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.leW5DVEP8Ag.L.B1.O/am=gEEY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrgu7fop0BcTTCHtEevWCJZ5r4c-8g/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4c2fe3a3ab6a2159badd85e537919f8a0c2120a189c0200506a2cef34367b3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:44:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84039
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14294
x-xss-protection: 0
last-modified: Thu, 21 Dec 2023 00:54:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Jan 2025 17:44:47 GMT

POST
H3 200 log Show response
play.google.com/ Frame A962 131 B
155 B 153ms
67ms XHR
text/plain 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 04 Jan 2024 17:05:26 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 04 Jan 2024 17:05:26 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 135ms
47ms Preflight
text/plain 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 04 Jan 2024 17:05:26 GMT
expires: Thu, 04 Jan 2024 17:05:26 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame A962 131 B
155 B 153ms
68ms XHR
text/plain 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 04 Jan 2024 17:05:26 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 04 Jan 2024 17:05:26 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 135ms
48ms Preflight
text/plain 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 04 Jan 2024 17:05:26 GMT
expires: Thu, 04 Jan 2024 17:05:26 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame A962 131 B
155 B 151ms
66ms XHR
text/plain 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 04 Jan 2024 17:05:26 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 04 Jan 2024 17:05:26 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 135ms
48ms Preflight
text/plain 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 04 Jan 2024 17:05:26 GMT
expires: Thu, 04 Jan 2024 17:05:26 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.google.com/	1970-01-20 21:49:59	Name: NID Value: 511=TsuyOBskcQE9TqJdgUS2lthmDJLwoYTQuZo5Q9dtLNWCT2qwiwj98cTsfdXZrtaazCBaZSV_ap5pI4WFVwg1vhbyx3YyNPYBERgmX9GZakRbSEKSPdcBlivk9mgnN_dtyV1Mk7UMrOkiZqpY69XJcpX3-442wYlzHbmSMo1mfFg

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.mapbox.com
cdnjs.cloudflare.com
checkoutshopper-live.adyen.com
go.air-pay.co.uk
npmcdn.com
pay.google.com
play.google.com
www.gstatic.com
108.157.177.96
147.12.16.68
18.239.50.120
2606:4700:20::ac43:4951
2606:4700::6811:190e
2a00:1450:4001:81c::200e
2a00:1450:4001:82f::2003
2a00:1450:4013:c03::5c
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
149ee1dbb14130a112cd1f9730620595c867eca96b18197c3706ff3d0a45b6a2
1922facc9b201acbc96303d498ff5c5483a2b646c56c37ab7e9c51119aab342a
1cd5979d64a7697697f0e245c5bdcce6dc3531eaf77657c0f0f0888326be9e48
1ecdf5d32f46dbf044f4f8222d0c405971f8331b311dd282f293bc1fd7a9a7cc
247e2544425d01cab9974673412cbb696cbf79a6c524d195486713a3e664eebf
281aecc99c20ba4d375f2700f117b524ace89608c54441461c2487627bc265ad
38f226addac7efd1da80eccb4a5bd77dbc612716a24b29a88dd396aeb7d7d515
473267325f2d978ae3130bae9e3a8eabcf128200933252d56c880c28b9628a74
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5b08839070638057a0f85496373ec1cfc2b704864d0732068c311a3d5e9c0368
5eec7e2798e665b537f04cf831bd6494703cd52993954df338a573c912beca0e
7289b7b9757692c406d3caf83e63d3e381aaf477a6c38f24a2176c8178536904
8e6ae28a2d4392571081500cfd56d42212f0d1cc233472f6908ede6500d739a8
8f2cdda862da5353441993011a954aa01411704f39619e6a349152283f018895
a575803415cca235830720d8e4604b908ad2aafbbbb46e318c13313172656634
a8e2daf6b357e3814709a71c221045211adad6a274e20899f8f6edf0d4430a3a
bd78a04b80c92219f5c2a3da207af5c90ee6fdb6a532e52becd24ef0669b24b5
c47aa1f6fc1157805ecd804262437ee6b2bb8ab37780d9484934d3ce4349a431
d00f3e8ff8a8f9c103dad61c2fd4bb58143e1404aadfdf09e29b6db1a2de0a3f
d4c2fe3a3ab6a2159badd85e537919f8a0c2120a189c0200506a2cef34367b3c
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
e4af4db6f8243dd869eeebbd02c95b3838d497cc1333fe1488dcf6ad97a27b6b
f155d0fabe9a45ab7449a3dff82ad73bcdffab4a91159394cf28528d925f7e9b
f80d0d241321e4821b86874153a10ee2d3535b874d1e65bb2e0cc2c061ac0f52
fa1aa5a8d8499ae5c024a19a2035934ccf0b979bcdc0bb5f5ec77c28a32ba6a0

go.air-pay.co.uk Open in urlscan Pro 18.239.50.120 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

30 Requests

97 %HTTPS

63 %IPv6

7 Domains

8 Subdomains

9 IPs

3 Countries

2009 kBTransfer

6004 kBSize

1 Cookies

0 Outgoing links

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

go.air-pay.co.uk Open in urlscan Pro
18.239.50.120 Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

97 %
HTTPS

63 %
IPv6

7
Domains

8
Subdomains

9
IPs

3
Countries

2009 kB
Transfer

6004 kB
Size

1
Cookies

30 HTTP transactions
1 data transactions