urlscan.io logo urlscan.io
SecurityTrails logo

payments.gosite.com Open in urlscan Pro
2606:4700:20::681a:95f  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://payments.gosite.com/
Effective URL: https://payments.gosite.com/
Submission: On June 28 via manual from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 40 HTTP transactions. The main IP is 2606:4700:20::681a:95f, located in United States and belongs to CLOUDFLARENET, US. The main domain is payments.gosite.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 15th 2023. Valid for: a year.
This is the only time payments.gosite.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
12 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
8 99.86.8.175 16509 (AMAZON-02)
2 54.176.236.126 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 13.224.189.49 16509 (AMAZON-02)
1 2600:1901:0:4... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 18.66.147.5 16509 (AMAZON-02)
40 9
1    2606:4700:20::ac43:49b6 (United States)

ASN13335 (CLOUDFLARENET, US)
payments.gosite.com
12    2606:4700:20::681a:95f (United States)

ASN13335 (CLOUDFLARENET, US)
payments.gosite.com
4    2a00:1450:400c:c0a::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
pay.google.com
8    99.86.8.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-8-175.fra6.r.cloudfront.net
cdn.segment.com
2    54.176.236.126 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-176-236-126.us-west-1.compute.amazonaws.com
invoices.gosite.com
4    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    13.224.189.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-49.fra2.r.cloudfront.net
widget.intercom.io
1    2600:1901:0:498c:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
cdn.mxpnl.com
6    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
play.google.com
2    18.66.147.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-5.fra60.r.cloudfront.net
js.intercomcdn.com
Apex Domain
Subdomains		 Transfer
15 gosite.com
payments.gosite.com
invoices.gosite.com
250 KB
10 google.com
pay.google.com — Cisco Umbrella Rank: 3447
play.google.com — Cisco Umbrella Rank: 58
430 KB
8 segment.com
cdn.segment.com — Cisco Umbrella Rank: 1616
79 KB
4 gstatic.com
www.gstatic.com
106 KB
2 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 3347
209 KB
1 mxpnl.com
cdn.mxpnl.com — Cisco Umbrella Rank: 5599
18 KB
1 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 2743
3 KB
40 7
Domain Requested by
13 payments.gosite.com 1 redirects payments.gosite.com
8 cdn.segment.com payments.gosite.com
cdn.segment.com
6 play.google.com www.gstatic.com
4 www.gstatic.com pay.google.com
www.gstatic.com
4 pay.google.com payments.gosite.com
pay.google.com
www.gstatic.com
2 js.intercomcdn.com widget.intercom.io
2 invoices.gosite.com payments.gosite.com
1 cdn.mxpnl.com cdn.segment.com
1 widget.intercom.io cdn.segment.com
40 9

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-15 -
2024-04-14		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
*.segment.com
Amazon RSA 2048 M01		 2023-02-24 -
2024-01-12		 a year crt.sh
*.gosite.com
Amazon RSA 2048 M01		 2023-03-02 -
2024-03-30		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
*.intercom.com
Amazon RSA 2048 M02		 2023-02-14 -
2024-03-14		 a year crt.sh
*.mxpnl.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2022-07-11 -
2023-07-28		 a year crt.sh
*.intercomcdn.com
Amazon RSA 2048 M01		 2023-02-21 -
2024-01-29		 a year crt.sh

This page contains 3 frames:

Primary Page: https://payments.gosite.com/
Frame ID: 81E4DFCFF76B7B82690AF87CFAB57368
Requests: 24 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fpayments.gosite.com&mid=
Frame ID: F70308DDA135074D9E257D3F20876EE1
Requests: 10 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.6f359e61.js
Frame ID: 8C2BBF0C026582D57961B2AD6B1F6C21
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

GoSite Customer Dashboard: Manage new and pending payments and see your payment history

Page URL History Show full URLs

  1. http://payments.gosite.com/ HTTP 301
    https://payments.gosite.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • pay\.google\.com/([a-z/]+)/pay\.js
Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js

Page Statistics

40
Requests

100 %
HTTPS

60 %
IPv6

7
Domains

9
Subdomains

9
IPs

3
Countries

1094 kB
Transfer

3445 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://payments.gosite.com/ HTTP 301
    https://payments.gosite.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
payments.gosite.com/
Redirect Chain
  • http://payments.gosite.com/
  • https://payments.gosite.com/
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://payments.gosite.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:95f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3504ec57905e9073aec1ecfd0fe082b05d11c5022ab219273dce8b34a859159d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

age
75214
cf-cache-status
DYNAMIC
cf-ray
7de8c7bddb260e85-MXP
content-encoding
br
content-type
text/html
date
Wed, 28 Jun 2023 20:46:37 GMT
last-modified
Fri, 23 Jun 2023 06:39:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tgCeuk24I4LkhKeQCZyN94xIl7HJ19TEHxqfckB2%2B%2FPWJoOjKhhIDzmn8WO7t%2F3ceAQmgNwoLZbPxDiFiL%2F43vEHVvcG%2FfmPhyGZlhz6IdboEDo8uHXDLIKGxur9wA4ryB33V8PJR05Mm%2Bz%2B6A%2FoDT0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
via
1.1 b28067dcf0cd83a34da216e94df8ba72.cloudfront.net (CloudFront)
x-amz-cf-id
-ZX7f_S-VrJpKNaS85_EUb7kqkOvAjJTCSdw7l60EG2CXKNul1Fy_Q==
x-amz-cf-pop
MXP64-P2
x-cache
Hit from cloudfront

Redirect headers

CF-RAY
7de8c7bd1e8683a2-MXP
Cache-Control
max-age=3600
Connection
keep-alive
Date
Wed, 28 Jun 2023 20:46:37 GMT
Expires
Wed, 28 Jun 2023 21:46:37 GMT
Location
https://payments.gosite.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jsgUcrZzvxs8imJ8RhQMIvtb7kDt41OyO7tQzMznMZJpv6PB62FkhrDjKIsWY82ShpmV%2Ffi78AHfUtCgjr449Py0gp06yow6YG6qy%2BjIuTfbnYR%2B5izw8wO7io1X48pBPq2jqja8bExFpy84e8jYej8%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
4.1eb21bb0.chunk.css
payments.gosite.com/static/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payments.gosite.com/static/css/4.1eb21bb0.chunk.css
Requested by
Host: payments.gosite.com
URL: https://payments.gosite.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:95f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cecd78ca9472f3c19a41b16ea2b55ba195cc2cefbda75bc82ee13bff09b29c39

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://payments.gosite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 20:46:37 GMT
via
1.1 18c94d92342408d8a23be5466431eb84.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MXP64-P2
x-cache
Hit from cloudfront
last-modified
Fri, 23 Jun 2023 06:39:18 GMT
server
cloudflare
etag
W/"aa42976edbca2da9c945bd7a27b60e1d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h52YEStVChLrkB8P8QDx%2BG3j4M3jngtnEaLnc37oUf%2B2lRys9b7wZHn94rgKPAbMp3EtKz%2FU8PnDhdj0BrbA%2BXVPGLLvBZW5rXiPFQ8ruF0NQJJ2mzE31Jd%2Fx%2Fg3EmkUzTMivDMiFt78k0%2FdtstEgeI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
7de8c7bebd310e85-MXP
x-amz-cf-id
QiUAi56zPvfGW_Y7X6WKXSsWdKilt4MHLb2j1V5k9FQHvW1o1RUmwA==
main.64f5111c.chunk.css
payments.gosite.com/static/css/ 		25 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payments.gosite.com/static/css/main.64f5111c.chunk.css
Requested by
Host: payments.gosite.com
URL: https://payments.gosite.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:95f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e2c02066772c8094b2e49f3ffe917490093cfb54b34bd62d09bc94d83d17048

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://payments.gosite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 20:46:37 GMT
via
1.1 b0fb64973ef509b9c9508897337515c2.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MXP64-C3
x-cache
Hit from cloudfront
last-modified
Fri, 23 Jun 2023 06:39:18 GMT
server
cloudflare
etag
W/"ed295eb71dddfacc30d7843c22f203b8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gIxooGOdu64Zp9htDHePE%2BQ832txTC8HxJnh9pEEsJn7azZ%2Bk4w3b%2FZaOZz80vup%2F0UneDEiVilJrT52lh3aNwN4s7UTFyPkiTVBANNV22ubq6Klx8IM%2BGRQLNToIqzEgCEZv59n5lqEjElbDyzb1tc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
7de8c7bebd380e85-MXP
x-amz-cf-id
tGMnMCSCnQ2O64xlxlK548_9b7mVGZq43TjfHjbe3qTYdeIqXZTOvQ==
rocket-loader.min.js
payments.gosite.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments.gosite.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: payments.gosite.com
URL: https://payments.gosite.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:95f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://payments.gosite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 20:46:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 22 Jun 2023 09:29:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64941465-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3nqfnNpL%2B0wyI%2BQ4xGvf7I99HsAPliHEG3ur5tBBBMwBlSxNFYx6yhlpPPF4853XHFGpfQvH3WZow2PlsRitnY2nFNuxuaCE3x5RAbhQq3BWAfLXVTc%2Ffn84kzb6oH1KONX53HJXRjb%2BxnXLdAFUQQ0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7de8c7bebd410e85-MXP
expires
Fri, 30 Jun 2023 20:46:37 GMT
pay.js
pay.google.com/gp/p/js/ 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: payments.gosite.com
URL: https://payments.gosite.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
19a0f014c0d3edf26067c94da12902d1d211cbdfbf242cba8112f60163e15e99
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FCZCg5ShVWtB3WWNcTj4-Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://payments.gosite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 20:46:38 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-FCZCg5ShVWtB3WWNcTj4-Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Wed, 28 Jun 2023 20:46:38 GMT
main.19463100.chunk.js
payments.gosite.com/static/js/ 		209 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments.gosite.com/static/js/main.19463100.chunk.js
Requested by
Host: payments.gosite.com
URL: https://payments.gosite.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:95f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41f60aa4f3f291a44b2a3a4831068d785f167b2d6fd0b53aa39ff88e84e5755f

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://payments.gosite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 20:46:38 GMT
via
1.1 31806b2c47634ce66d4f41f8f0f3e17c.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MXP64-C3
x-cache
Miss from cloudfront
last-modified
Fri, 23 Jun 2023 06:39:20 GMT
server
cloudflare
etag
W/"a56db1c48b1694f15735d6fac144730e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x0oPjuCLJ6SkZWeZIKwPwedJ4Adyz8GdClmfCjuoFLuPgrjKQ9jcop4Gp0k4LWHpwqceVM4goiRDaGQeGq8Nfiw39%2FdGRYuEW2%2BeTC4B2g4qm3n2WZLud1WN4BKcgwQ1V3zU68OS2UjnCB%2F0ikdmenQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
7de8c7bf8f020e85-MXP
x-amz-cf-id
Z5708Qv9g4C-lPZ6Bq_-vXHy35dL6Dp1pvrsN9cdzusXhWNiogD1Rg==
4.c4422485.chunk.js
payments.gosite.com/static/js/ 		335 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments.gosite.com/static/js/4.c4422485.chunk.js
Requested by
Host: payments.gosite.com
URL: https://payments.gosite.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:95f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7315d9a400ade0f4954c2ab56aca671b955181b551f332437c0a3b3d441af07b

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://payments.gosite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 20:46:38 GMT
via
1.1 f7cdc3b68cccfc0698290f9c3be53118.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MXP64-C3
x-cache
Hit from cloudfront
last-modified
Fri, 23 Jun 2023 06:39:21 GMT
server
cloudflare
etag
W/"bd0318d3589842e4beeab153cad559c7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lm7VyXWIgFD1sOXgC2EDFqM%2FYhu3O030to5wpPYGpSYOwOCkeu3BZNvbaNtMVeyCtGlBSsDCKxOAKCaev0pZk4Kp2PsZxXubHoAtf1JWrPisbyf7lK8h%2FXKZNMYhTgJhkQ%2B0g29dLZTqcEaXVypZ%2F1Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
7de8c7bf8f040e85-MXP
x-amz-cf-id
fXY3B_5i0vYeAuRc-G31cFiHBq7jtMaVSssLmx_G4QJRUWppthHcog==
5.968da535.chunk.css
payments.gosite.com/static/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payments.gosite.com/static/css/5.968da535.chunk.css
Requested by
Host: payments.gosite.com
URL: https://payments.gosite.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:95f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9dca258df9e93d56138d8345b04670c453ec6126b8329edc8bd873ec58b44892

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://payments.gosite.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 20:46:39 GMT
via
1.1 61fd230060a8ca1a11091c689601a7ea.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MXP64-C3
x-cache
Hit from cloudfront
last-modified
Fri, 23 Jun 2023 06:39:18 GMT
server
cloudflare
etag
W/"559113d5412227ee91c937bc34a0ca00"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3flt9jyjYjXZhhqbj2A80%2FW0%2B%2B2OC1hkpkdpuH5cY2mTA8g6iB9FE%2BnhU30e1T7uRLdvmG2nI7IyO%2FNvX7squ3l%2Br%2F4StJ2EHIaRsRm9bYfKXaC4UqI6cxcpD0VQr5Xutjb5wakAlh9T5HCG%2Bx%2BT%2Bz4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
7de8c7c58a8c0e85-MXP
x-amz-cf-id
IQMCZ1ev3F4JSCztd04TL3SL4oFjcmVfj76oJNVj-ljN_B5ddeszZQ==
5.53614122.chunk.js
payments.gosite.com/static/js/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments.gosite.com/static/js/5.53614122.chunk.js
Requested by
Host: payments.gosite.com
URL: https://payments.gosite.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:95f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f99a4117069490a264cd45a63fd840a4717f86a14b96a5a172dfe641ce5f2689

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://payments.gosite.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 20:46:39 GMT
via
1.1 b0fb64973ef509b9c9508897337515c2.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MXP64-C3
x-cache
Hit from cloudfront
last-modified
Fri, 23 Jun 2023 06:39:20 GMT
server
cloudflare
etag
W/"0786ee0722f53d1dc81b6b8e38c5455b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pujY9lvfSXq6XU0QrC2NM6yix%2Fh1XBHsxtss7BSGJejvSdHylDts2aAuTz%2BEuctoIrx%2FjMKToO6Tj3eev9M8yZO5WX3gm4We4vcx20EbSjKqu0mmJJvnen%2BTa3yLHszZVSCJyGR6349HzByAeds2apA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
7de8c7c58a8f0e85-MXP
x-amz-cf-id
ClwPzXqjC0KhtNtsrpCTrOVo4mNHTRR5zBR93ZWMZI9VySuIjVwx3g==
analytics.min.js
cdn.segment.com/analytics.js/v1/mmr5fe4N1T01Felsulra5rufrtuiqqoa/ 		105 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/mmr5fe4N1T01Felsulra5rufrtuiqqoa/analytics.min.js
Requested by
Host: payments.gosite.com
URL: https://payments.gosite.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d437c99d9e5bd8bd4ad20da6cdaef43dc0e76e4b29195e5780d77f05c42fbe2

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://payments.gosite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
h74MSio_HsD0vJe.S_syR4UsqV.16CIu
content-encoding
br
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
date
Wed, 28 Jun 2023 20:45:03 GMT
x-amz-cf-pop
FRA6-C1
age
97
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 09 Jun 2023 10:55:45 GMT
server
AmazonS3
etag
W/"8fa12e52fef5f096dee5994136a16843"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=120
vary
Accept-Encoding
x-amz-cf-id
DkOQk-su20LdOOrW0_RzxnC8v790LS2rh1hfNkhlneJ--m3J9Usxqg==
payframe
pay.google.com/gp/p/ui/ Frame F703 		18 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fpayments.gosite.com&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a89541847169c70337903ffa0606b62bd81e0682f38a0f17be002a0c7d2811e1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QcEZOcpHiga3UQkEMSaoKw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://payments.gosite.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-QcEZOcpHiga3UQkEMSaoKw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Wed, 28 Jun 2023 20:46:39 GMT
expires
Wed, 28 Jun 2023 20:46:39 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
un-auth
invoices.gosite.com/v1/api/segment/track/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://invoices.gosite.com/v1/api/segment/track/un-auth
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.176.236.126 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-176-236-126.us-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://payments.gosite.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization , x-access-token , externalIp , storeURL , visitor , csrf, isfromadmin, enterprise_group, x-cognito-user
access-control-allow-methods
GET, PUT, POST, DELETE , OPTIONS
access-control-allow-origin
*
allow
POST
content-length
4
content-type
text/html; charset=utf-8
date
Wed, 28 Jun 2023 20:46:39 GMT
etag
W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
x-powered-by
Express
un-auth
invoices.gosite.com/v1/api/segment/track/ 		49 B
508 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://invoices.gosite.com/v1/api/segment/track/un-auth
Requested by
Host: payments.gosite.com
URL: https://payments.gosite.com/static/js/4.c4422485.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.176.236.126 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-176-236-126.us-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
d52dacda299a81ccaac2cfd5997f11a71b79b3c3eb71351242064aa72b1bc553

Request headers

Referer
https://payments.gosite.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Wed, 28 Jun 2023 20:46:39 GMT
etag
W/"31-OdRmPCbGTR8kodSppOrVSTK1ScM"
x-powered-by
Express
access-control-allow-methods
GET, PUT, POST, DELETE , OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization , x-access-token , externalIp , storeURL , visitor , csrf, isfromadmin, enterprise_group, x-cognito-user
content-length
49
phone.svg
payments.gosite.com/icons/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payments.gosite.com/icons/phone.svg
Requested by
Host: payments.gosite.com
URL: https://payments.gosite.com/static/css/5.968da535.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:95f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://payments.gosite.com/static/css/5.968da535.chunk.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 20:46:39 GMT
via
1.1 1b85b70d3076f639e39cb6d3bd427e80.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 23 Jun 2023 06:39:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-cf-pop
MXP64-C3
vary
Accept-Encoding
x-cache
Error from cloudfront
content-type
text/html
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ev2DXIrxFRVFPB0SJYgdnHyEoAXFqNy9emjrIatCcRRsgvXo%2BbN%2BZo%2B0LNvg0UhJx45l3hGfkflENv2pKAscW3y%2ByTVYjGL%2BhhTTYzpifPdeOHHTZBTheJyqKY%2BED19TxoYhL%2Fch%2BwS43DxbzWloWHs%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400
cf-ray
7de8c7c62cc60e85-MXP
x-amz-cf-id
QUpD_hzryKz-ZQTrG3FWgXzL2WUclo8Ii9zRddeuz8zUP0JRalrHQQ==
MontBold.woff2
payments.gosite.com/fonts/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://payments.gosite.com/fonts/MontBold.woff2
Requested by
Host: payments.gosite.com
URL: https://payments.gosite.com/static/css/main.64f5111c.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:95f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c03bbf1d4fa613288a01e13c7855751e3923b6513ebb10df96ee5e78f54973db

Request headers

Referer
https://payments.gosite.com/static/css/main.64f5111c.chunk.css
Origin
https://payments.gosite.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 20:46:39 GMT
via
1.1 6f6484aa8a9f0cd7156cc9e6f320c8f2.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MXP64-C3
x-cache
Hit from cloudfront
content-length
19484
last-modified
Fri, 23 Jun 2023 06:39:11 GMT
server
cloudflare
etag
"fd1f32772151c5a3a9329d2ced9388c5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9jeK0BlnKZmklGPqIzr5juoZ5XWzgXCzAigg15A1LBf8lxCuQgN06%2BVhTlZF0%2FDLsvI7kkhVepieHLRtuJjo4FLbKJFQ1MAXGAMvX9TUgIwTZzL19zCMwFU0WzqoNK5Uo3iwYVAbVsGWWMq0l6Qlwxs%3D"}],"group":"cf-nel","max_age":604800}
content-type
binary/octet-stream
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
7de8c7c62cce0e85-MXP
x-amz-cf-id
0p_Glv0vwTTWOR63fVjR9MB0qnm8HJW0PRksqXkAQWN3_6QgZRF44Q==
2cd55546-ec00-4af9-aeca-4a3cd186da53.woff2
payments.gosite.com/fonts/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://payments.gosite.com/fonts/2cd55546-ec00-4af9-aeca-4a3cd186da53.woff2
Requested by
Host: payments.gosite.com
URL: https://payments.gosite.com/static/css/main.64f5111c.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:95f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bdf2d6d46e641a0c03746f42712decb7547af00786702e5dd41efaf19f31af0

Request headers

Referer
https://payments.gosite.com/static/css/main.64f5111c.chunk.css
Origin
https://payments.gosite.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 20:46:39 GMT
via
1.1 e459b04c35249d5dc407dc0a45b9f29e.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MXP64-P2
x-cache
Hit from cloudfront
content-length
16560
last-modified
Fri, 23 Jun 2023 06:39:10 GMT
server
cloudflare
etag
"457e94a5b665614917d1dc45a13d97b8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BNTGOZ8H2ViqlsdbH2Clt0KYYp2fo9RkogzTH1odmVb%2BMYDg5yWZMfTqYoqN6FG85vQKt0G%2FK0Krj5ScKSw2m3WBI0CpcRZxm4Jy2LoliL%2BEJ%2BSWiCyzCt74Fpj4SWvi8o0LWLpQWURZpCE8VMfmX24%3D"}],"group":"cf-nel","max_age":604800}
content-type
binary/octet-stream
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
7de8c7c62cd30e85-MXP
x-amz-cf-id
M_lFR7Ojq-lDiBmwxBYyEGjMTgx5l2pT-wnrDF1NPNbQJ3zElmsn7g==
14c73713-e4df-4dba-933b-057feeac8dd1.woff2
payments.gosite.com/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://payments.gosite.com/fonts/14c73713-e4df-4dba-933b-057feeac8dd1.woff2
Requested by
Host: payments.gosite.com
URL: https://payments.gosite.com/static/css/main.64f5111c.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:95f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efc7ac648dc8db352235e7effc55f7a515d91e9c3c838af9cc2c7bd7e2e959aa

Request headers

Referer
https://payments.gosite.com/static/css/main.64f5111c.chunk.css
Origin
https://payments.gosite.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 20:46:39 GMT
via
1.1 950da666aeb2f1c767ee4d6f91c2858e.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MXP64-C3
x-cache
Hit from cloudfront
content-length
18920
last-modified
Fri, 23 Jun 2023 06:39:07 GMT
server
cloudflare
etag
"d8ee249af8ca02024e208e88ecb52990"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ArouPro8nyvH%2BTVCCLBvGTP3rrDcAhx9LeKSr32UwuOv5fHQuL%2BcW%2Bkuc%2BtCBt9R6aFvbULxs8Zqk9IHWU2qBAv6lhmvJjm3ZAz8YJvDrEAHcqVFwvZ7GpUmFnJZTGrcK6QEbPh9Jgtm4v3dtsTGzEE%3D"}],"group":"cf-nel","max_age":604800}
content-type
binary/octet-stream
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
7de8c7c62cd50e85-MXP
x-amz-cf-id
7GTArGv1Qi-9eXJrldaLCfJmC6RXgtwdSkSHqjYjdb9mj23Ao0DBDw==
settings
cdn.segment.com/v1/projects/mmr5fe4N1T01Felsulra5rufrtuiqqoa/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/mmr5fe4N1T01Felsulra5rufrtuiqqoa/settings
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/mmr5fe4N1T01Felsulra5rufrtuiqqoa/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
52b44a3242e763abba08133a93e2c1aab0543847d03b0a37943d3f9deea586f0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://payments.gosite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
FHgd8a4I.HxMwagqn4y7GVnk9uD5Tb_4
content-encoding
br
via
1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
date
Wed, 28 Jun 2023 20:17:14 GMT
x-amz-cf-pop
FRA6-C1
age
1766
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 12 Dec 2022 19:17:18 GMT
server
AmazonS3
etag
W/"997bd4863ad6ab4dac528733eb4544b7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
vary
Accept-Encoding
x-amz-cf-id
n6Z4ojrN38FDO123ATds2rXB_hLI_ZptIlaudW53Po3ppYBQrlf9dw==
m=_b,_tp,_r
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.jUJLN6AX0yo.es5.O/am=YGwg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=... Frame F703 		159 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.jUJLN6AX0yo.es5.O/am=YGwg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhHYj1bvuW0rObc2GmOaDKHMUF61g/m=_b,_tp,_r
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fpayments.gosite.com&mid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb027c80ef19c6deeb3f0e8135c07bedf988eec3e3912658d0211668daf05c8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 16:29:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15413
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57637
x-xss-protection
0
last-modified
Wed, 28 Jun 2023 02:25:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 27 Jun 2024 16:29:46 GMT
cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame F703 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by
Host: payments.gosite.com
URL: https://payments.gosite.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0a::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer
https://pay.google.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 28 Jun 2023 20:46:39 GMT
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1608
content-type
text/html; charset=UTF-8
ajs-destination.bundle.0f003b5e4b03680982b4.js
cdn.segment.com/analytics-next/bundles/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.0f003b5e4b03680982b4.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/mmr5fe4N1T01Felsulra5rufrtuiqqoa/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3e2bce089186ecc5310b103ce3056fce92ce32e1db3d5e2db4c1dab4fa87c175

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://payments.gosite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 22:41:18 GMT
x-amz-version-id
RsGKQvvF9Yt9j0mZ1IGFuFjuWHMd3XFe
content-encoding
br
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
2325922
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 01 Jun 2023 20:07:54 GMT
server
AmazonS3
etag
W/"5c08e208387787e375df16faad0e6cd2"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
SJHKiB0XUNEEOnDxh6-q3hDMX5PBlvpqA6U0LWflCAhGPZCqQBo5rw==
schemaFilter.bundle.f63551a29dc1697f71b6.js
cdn.segment.com/analytics-next/bundles/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.f63551a29dc1697f71b6.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/mmr5fe4N1T01Felsulra5rufrtuiqqoa/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://payments.gosite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 00:10:37 GMT
x-amz-version-id
MniMHHUYFjJc54scO3EWeBryCREtRHVz
content-encoding
br
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
7245363
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 06 Apr 2023 00:06:35 GMT
server
AmazonS3
etag
W/"2a359f6227308e4ee31623f9381ae1d7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
b4Rz_gZx84mBlSdlP3pK_FvMCpkPqLQuSWyjHIjoQKXf3-yWH3JZtQ==
intercom.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/intercom/3.1.0/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/intercom/3.1.0/intercom.dynamic.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/mmr5fe4N1T01Felsulra5rufrtuiqqoa/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f17f078ea883fbe048f75ab5e7371c081cbd7d85ec5d91d443512d1ecd63dfb3

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://payments.gosite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 15:25:30 GMT
content-encoding
gzip
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
x-amz-version-id
VupdYQ6qBkXuKuwHCUsJq5XIQSASwbug
x-amz-cf-pop
FRA6-C1
age
9523270
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1878
last-modified
Wed, 08 Feb 2023 17:50:06 GMT
server
AmazonS3
etag
"d20b898e8b1fe44f03e532db7fe5cf4e"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
mrduSL85zIj-HrHFjN4TAlzXJjDG5H7UIN8_nOv7_1l5op8L4vM7OA==
mixpanel.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/mixpanel/3.2.1/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/mixpanel/3.2.1/mixpanel.dynamic.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/mmr5fe4N1T01Felsulra5rufrtuiqqoa/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7e15216f9af8cf124d19716c4d4550d4cd46b3215109f438d5bf8eab9618db67

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://payments.gosite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 24 Mar 2023 19:20:50 GMT
content-encoding
gzip
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
x-amz-version-id
cqVQcvFrCi86SPhf6CYYucmTDDXw6osP
x-amz-cf-pop
FRA6-C1
age
8299550
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
3261
last-modified
Thu, 23 Mar 2023 13:55:25 GMT
server
AmazonS3
etag
"4b707616bb405dad306d9a7746c54485"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
3cbq5b2uXA0lsdPJDLepjVetnyLzuD4efLr0rOdSljKtWtFLZz5ZrQ==
visual-tagger.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/visual-tagger/0.3.5/ 		45 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/visual-tagger/0.3.5/visual-tagger.dynamic.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/mmr5fe4N1T01Felsulra5rufrtuiqqoa/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f908387823175b7d9097817c5f9cef879593f7eb9dbdc2ec8a218d688e405bae

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://payments.gosite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 22:44:43 GMT
content-encoding
gzip
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
x-amz-version-id
FMWE2dwQLa9m3RNbb5h0ZI3KUYhH5.v2
x-amz-cf-pop
FRA6-C1
age
79317
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
15523
last-modified
Wed, 03 May 2023 11:04:45 GMT
server
AmazonS3
etag
"22f964b449ca210bdea17404f4624ac9"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
EuQR19kDFjkaW9eRaI5D4DJ0VsBgksjgCCvX_HAv6GGk-Fxh54KsYQ==
commons.c42222c4cb2f8913500f.js.gz
cdn.segment.com/next-integrations/integrations/vendor/ 		73 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/mmr5fe4N1T01Felsulra5rufrtuiqqoa/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://payments.gosite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 03:34:22 GMT
content-encoding
gzip
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
x-amz-version-id
1x6q_MsAdAkmPosImHjKsztmTTUAb2Vd
x-amz-cf-pop
FRA6-C1
age
1876338
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
22177
last-modified
Wed, 03 May 2023 11:04:43 GMT
server
AmazonS3
etag
"befb217271e2e926c7d898f1c85f6cb7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
VIWOstkrL68CSNq3iaMWf_vyDs0Bk_kZ91FgIZ4nZ8YpS2XtegI7fA==
sxnxlfvn
widget.intercom.io/widget/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.intercom.io/widget/sxnxlfvn
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-49.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f76ed88f2fa634cc6a0f4cc385edd1a53eb54bb1d14a46381eda57de7183e8b

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://payments.gosite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
guliu2xy4oIEeFjqxyxxVh9t5p.J6XRz
content-encoding
gzip
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
date
Wed, 28 Jun 2023 20:35:27 GMT
x-amz-cf-pop
FRA2-C1
age
685
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
2680
last-modified
Wed, 28 Jun 2023 13:52:43 GMT
server
AmazonS3
etag
"55162d0c61406f2a96a2d725fa1678a5"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=900, s-maxage=900, public
accept-ranges
bytes
x-amz-cf-id
mZ1UF8a8x1s22UqWxu41qTM_idN1UIPsvruPQX95hGZxigjUo3Okrg==
mixpanel-2-latest.min.js
cdn.mxpnl.com/libs/ 		52 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:498c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
3537aca32fd9019a921a280a6cb8ee3ee9e7443dc14dd04ed24486a04704203d

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://payments.gosite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 03:34:54 GMT
content-encoding
gzip
age
61905
x-guploader-uploadid
ADPycduFcQ9CaZt0rUUSrcdrkPRb9FVG3pC8vOYpom8ZQKBtglhmKmNW85JzNw0JK-0DGoztFyfgdsSf7z_FZ4-qDMkSSchqHnl-
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17969
last-modified
Fri, 05 May 2023 17:33:19 GMT
server
UploadServer
etag
"6eb612a000fc103e2769e576a68fc412"
vary
Accept-Encoding
x-goog-generation
1683307999305716
x-goog-hash
crc32c=6XUl6A==, md5=brYSoAD8ED4naeV2po/EEg==
access-control-allow-origin
*
content-type
text/javascript
cache-control
public,max-age=86400
x-goog-stored-content-length
17969
accept-ranges
bytes
expires
Thu, 29 Jun 2023 03:34:54 GMT
m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.jUJLN6AX0yo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.36K... Frame F703 		70 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.jUJLN6AX0yo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.36KGWZnfm08.L.B1.O/am=YGwg/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriHzg4j9QVnJcillf4QObyycvlNXA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.jUJLN6AX0yo.es5.O/am=YGwg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhHYj1bvuW0rObc2GmOaDKHMUF61g/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7b3c3003461547708230b235df4cba748728564e429d4caf69993fc29a47fb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 16:29:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15412
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26474
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 01:22:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 27 Jun 2024 16:29:47 GMT
pay
pay.google.com/gp/p/ui/ Frame F703 		1 MB
383 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/pay
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.jUJLN6AX0yo.es5.O/am=YGwg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhHYj1bvuW0rObc2GmOaDKHMUF61g/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0a::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
825639c4566d708c262b5a2ec289059f08628709ae231e46b3f86539bb64c0a7
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-9s8Os3rbK-WODQs5Iov9SQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 20:46:39 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-9s8Os3rbK-WODQs5Iov9SQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
x-ua-compatible
IE=edge
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
unsafe-none
server
ESF
x-frame-options
DENY
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Wed, 28 Jun 2023 20:46:39 GMT
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.jUJLN6AX0yo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.36K... Frame F703 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.jUJLN6AX0yo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.36KGWZnfm08.L.B1.O/am=YGwg/d=1/exm=Das5Le,IZT63,PrPYRd,ZyYHPb,_b,_r,_tp,hc6Ubd,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriHzg4j9QVnJcillf4QObyycvlNXA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.jUJLN6AX0yo.es5.O/am=YGwg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhHYj1bvuW0rObc2GmOaDKHMUF61g/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d1df6419a1d194a31fc84e94c3af3181d8dbdc1915e7b69819d4b63609553a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 16:29:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15412
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9541
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 01:22:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 27 Jun 2024 16:29:47 GMT
m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.jUJLN6AX0yo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.36K... Frame F703 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.jUJLN6AX0yo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.36KGWZnfm08.L.B1.O/am=YGwg/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriHzg4j9QVnJcillf4QObyycvlNXA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.jUJLN6AX0yo.es5.O/am=YGwg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhHYj1bvuW0rObc2GmOaDKHMUF61g/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a92e141d13e7bb169d751ca416960688c0c656388433f04b64df3a95d31154a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 16:29:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15412
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13614
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 01:22:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 27 Jun 2024 16:29:47 GMT
log
play.google.com/ Frame F703 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.jUJLN6AX0yo.es5.O/am=YGwg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhHYj1bvuW0rObc2GmOaDKHMUF61g/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 28 Jun 2023 20:46:39 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 28 Jun 2023 20:46:39 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 28 Jun 2023 20:46:39 GMT
expires
Wed, 28 Jun 2023 20:46:39 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame F703 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.jUJLN6AX0yo.es5.O/am=YGwg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhHYj1bvuW0rObc2GmOaDKHMUF61g/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 28 Jun 2023 20:46:39 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 28 Jun 2023 20:46:39 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 28 Jun 2023 20:46:39 GMT
expires
Wed, 28 Jun 2023 20:46:39 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame F703 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.jUJLN6AX0yo.es5.O/am=YGwg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhHYj1bvuW0rObc2GmOaDKHMUF61g/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 28 Jun 2023 20:46:39 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 28 Jun 2023 20:46:39 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 28 Jun 2023 20:46:39 GMT
expires
Wed, 28 Jun 2023 20:46:39 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
frame-modern.6f359e61.js
js.intercomcdn.com/ Frame 8C2B 		488 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.6f359e61.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/sxnxlfvn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-5.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fc7318e389503653692c31bd10174dead5f366535edad0d9021cf7465e9e43ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
4YjqRVjER1CEe.dh4PihI5POPPFQvBku
content-encoding
gzip
via
1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
date
Wed, 28 Jun 2023 19:52:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P4
age
3235
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
138684
last-modified
Wed, 28 Jun 2023 13:49:59 GMT
server
AmazonS3
etag
"38a9b751effa209f8c0f09caeecaf6f3"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
XuSvX7htPe4GYMSA3uKp7-TVDv8S45r2ujRfT4v3Q7ogTjjC26Bc0g==
vendor-modern.f0b75fb3.js
js.intercomcdn.com/ Frame 8C2B 		236 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.f0b75fb3.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/sxnxlfvn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-5.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa6297c6755df25a3f100652df73af178bbc10669ca25e65b2b924b2e1e344c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
HcSAzuQHxRX6xZKwkUVKchC1O.sixYd8
content-encoding
gzip
via
1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
date
Wed, 28 Jun 2023 19:52:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P4
age
3235
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
74418
last-modified
Wed, 28 Jun 2023 13:49:59 GMT
server
AmazonS3
etag
"415163f50eea8c88086d303a35acb581"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
s4bt2BgiE9lWnOdnfqDYRlCfc5cbV1sXBhi2ezQFvrnihuw-KqDdzg==

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| onbeforetoggle object| onscrollend object| __cfQR object| webpackJsonpgosite-customer-dashboard object| regeneratorRuntime string| key object| analytics boolean| __cfRLUnblockHandlers object| denylistedDomainsHashedValueListForGpayButtonWithCardInfo object| whitelistedDomainsHashedValueListForGpayButtonWithCardInfo object| denylistedMerchentIdsHashedValueListForGpayButtonWithCardInfo object| google object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext object| intercomDeps function| intercomLoader object| mixpanelDeps function| mixpanelLoader object| visual-taggerDeps function| visual-taggerLoader object| webpackJsonp_name_Integration function| setImmediate function| clearImmediate function| intercomIntegration function| Intercom function| mixpanelIntegration object| mixpanel object| __core-js_shared__ object| core function| visual-taggerIntegration function| Tracktor function| __intercomAssignLocation function| __intercomReloadLocation

3 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 511=bZu5N1EaGiuXoi0_7pq9SVda1e88t8X9R7ju1m-gmPxVFhHDXUZV_ePkWWnvU9AeeNG5QUe4qYDPgyZZQ2uNtelYcjjRiufuzxEc52HOF5YE87D-7QxR06fI6ZT2TqoAmmZeS6fGr4YoKXRJmawSfuSK7EVE5r8f4WLmqbNvz6Q
payments.gosite.com/ Name: guestUser
Value: {%22userId%22:105739361744}
.gosite.com/ Name: mp_66599295fcb4181724d9a803d70f3993_mixpanel
Value: %7B%22distinct_id%22%3A%20%22%24device%3A18903c21950742-03ca48a8daccc5-6a335054-1d4c00-18903c21950742%22%2C%22%24device_id%22%3A%20%2218903c21950742-03ca48a8daccc5-6a335054-1d4c00-18903c21950742%22%2C%22mp_lib%22%3A%20%22Segment%3A%20web%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D

3 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.mxpnl.com
cdn.segment.com
invoices.gosite.com
js.intercomcdn.com
pay.google.com
payments.gosite.com
play.google.com
widget.intercom.io
www.gstatic.com
13.224.189.49
18.66.147.5
2600:1901:0:498c::
2606:4700:20::681a:95f
2606:4700:20::ac43:49b6
2a00:1450:4001:827::2003
2a00:1450:4001:827::200e
2a00:1450:400c:c0a::5c
54.176.236.126
99.86.8.175
0d1df6419a1d194a31fc84e94c3af3181d8dbdc1915e7b69819d4b63609553a7
19a0f014c0d3edf26067c94da12902d1d211cbdfbf242cba8112f60163e15e99
2d437c99d9e5bd8bd4ad20da6cdaef43dc0e76e4b29195e5780d77f05c42fbe2
3504ec57905e9073aec1ecfd0fe082b05d11c5022ab219273dce8b34a859159d
3537aca32fd9019a921a280a6cb8ee3ee9e7443dc14dd04ed24486a04704203d
3e2bce089186ecc5310b103ce3056fce92ce32e1db3d5e2db4c1dab4fa87c175
41f60aa4f3f291a44b2a3a4831068d785f167b2d6fd0b53aa39ff88e84e5755f
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
52b44a3242e763abba08133a93e2c1aab0543847d03b0a37943d3f9deea586f0
5e2c02066772c8094b2e49f3ffe917490093cfb54b34bd62d09bc94d83d17048
7315d9a400ade0f4954c2ab56aca671b955181b551f332437c0a3b3d441af07b
7bdf2d6d46e641a0c03746f42712decb7547af00786702e5dd41efaf19f31af0
7e15216f9af8cf124d19716c4d4550d4cd46b3215109f438d5bf8eab9618db67
7f76ed88f2fa634cc6a0f4cc385edd1a53eb54bb1d14a46381eda57de7183e8b
825639c4566d708c262b5a2ec289059f08628709ae231e46b3f86539bb64c0a7
9dca258df9e93d56138d8345b04670c453ec6126b8329edc8bd873ec58b44892
a89541847169c70337903ffa0606b62bd81e0682f38a0f17be002a0c7d2811e1
a92e141d13e7bb169d751ca416960688c0c656388433f04b64df3a95d31154a1
aa6297c6755df25a3f100652df73af178bbc10669ca25e65b2b924b2e1e344c8
b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83
c03bbf1d4fa613288a01e13c7855751e3923b6513ebb10df96ee5e78f54973db
c7b3c3003461547708230b235df4cba748728564e429d4caf69993fc29a47fb5
cb027c80ef19c6deeb3f0e8135c07bedf988eec3e3912658d0211668daf05c8c
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cecd78ca9472f3c19a41b16ea2b55ba195cc2cefbda75bc82ee13bff09b29c39
d52dacda299a81ccaac2cfd5997f11a71b79b3c3eb71351242064aa72b1bc553
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efc7ac648dc8db352235e7effc55f7a515d91e9c3c838af9cc2c7bd7e2e959aa
f17f078ea883fbe048f75ab5e7371c081cbd7d85ec5d91d443512d1ecd63dfb3
f908387823175b7d9097817c5f9cef879593f7eb9dbdc2ec8a218d688e405bae
f99a4117069490a264cd45a63fd840a4717f86a14b96a5a172dfe641ce5f2689
fc7318e389503653692c31bd10174dead5f366535edad0d9021cf7465e9e43ed