newstorecheckout.apple-demo-sandbox.p.newstore.net Open in urlscan Pro
18.66.2.124  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response newstorecheckout.apple-demo-sandbox.p.newstore.net/	2 KB 1 KB	503ms 433ms	Document text/html	18.66.2.124 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://newstorecheckout.apple-demo-sandbox.p.newstore.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.2.124 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-2-124.txl50.r.cloudfront.net Software AmazonS3 / Resource Hash e5e516d422ff418e665c48ce51ac689b6cd38f87ebbe786e3727a111693607fe Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control max-age=60 content-encoding gzip content-type text/html date Tue, 21 Feb 2023 01:36:20 GMT etag W/"cd61d77c7578007f5c9d3a51cbedecd8" last-modified Wed, 29 Sep 2021 10:59:34 GMT server AmazonS3 vary Accept-Encoding via 1.1 56924be70c5c0d77fdcb69cb44958832.cloudfront.net (CloudFront) x-amz-cf-id ci2pwd10nbHLFfj5W3qh033uMFXCCbjp3My86CI10E-IkAzTCAPgvw== x-amz-cf-pop TXL50-P1 x-cache RefreshHit from cloudfront
GET H2	200	ionicons.min.css code.ionicframework.com/ionicons/2.0.1/css/	50 KB 9 KB	46ms 15ms	Stylesheet text/css	2606:4700:20::ac43:451d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css Requested by Host: newstorecheckout.apple-demo-sandbox.p.newstore.net URL: https://newstorecheckout.apple-demo-sandbox.p.newstore.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:451d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 92ac508220f5bb60ec94e07650528eb66625f82a4740ada068cde05365781286 Request headers accept-language de-DE,de;q=0.9 Referer https://newstorecheckout.apple-demo-sandbox.p.newstore.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers x-fastly-request-id c103643d055690d4732708f5704fdc2ceeba40fe date Tue, 21 Feb 2023 01:36:19 GMT via 1.1 varnish content-encoding br expires Wed, 15 Feb 2023 02:55:37 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 21693 x-cache HIT x-proxy-cache MISS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-hhn-etou8220063-HHN last-modified Fri, 28 Oct 2022 02:55:05 GMT server cloudflare x-github-request-id 85C4:44BE:51A68E:6AFF04:63EC4751 x-timer S1676921686.489971,VS0,VE20 etag W/"635b4489-c854" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6sO3OsZJztcK6gxd5hpfoDoc4CiOG30uBruNertmufQP1nB%2FruQlOKa9SzO1QhfwIOh%2FjqoCwL2lsqfd3fRniLjJ0kFr2NCuEo0wxTD4KQ5jD%2FJMVOkzm%2BwBeItol8eJnzFgkj6%2BvhjMfno6oPGh60m0y9CL"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 cf-ray 79cbc01b9d6e9118-FRA x-cache-hits 1
GET H2	200	2.8f751961.chunk.css newstorecheckout.apple-demo-sandbox.p.newstore.net/static/css/	44 KB 9 KB	451ms 450ms	Stylesheet text/css	18.66.2.124 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://newstorecheckout.apple-demo-sandbox.p.newstore.net/static/css/2.8f751961.chunk.css Requested by Host: newstorecheckout.apple-demo-sandbox.p.newstore.net URL: https://newstorecheckout.apple-demo-sandbox.p.newstore.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.2.124 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-2-124.txl50.r.cloudfront.net Software AmazonS3 / Resource Hash fe89ed004c763df719c379bb84ddaad79b001106a872cfa52d42dd88bfb4169c Request headers accept-language de-DE,de;q=0.9 Referer https://newstorecheckout.apple-demo-sandbox.p.newstore.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Tue, 21 Feb 2023 01:36:21 GMT content-encoding gzip via 1.1 56924be70c5c0d77fdcb69cb44958832.cloudfront.net (CloudFront) last-modified Wed, 29 Sep 2021 10:59:32 GMT server AmazonS3 x-amz-cf-pop TXL50-P1 etag W/"314d3abe5f8da0090f0fcd0a28c68316" vary Accept-Encoding x-cache Miss from cloudfront content-type text/css cache-control max-age=60 x-amz-cf-id k0FOoWpMmJiVo7BQEqqASDh-EiWTGElHPSVLAsFduLcEJnWBPfnXGQ==
GET H2	200	pay.js Show response pay.google.com/gp/p/js/	115 KB 35 KB	122ms 65ms	Script application/javascript	2a00:1450:400c:c0a::5c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pay.google.com/gp/p/js/pay.js Requested by Host: newstorecheckout.apple-demo-sandbox.p.newstore.net URL: https://newstorecheckout.apple-demo-sandbox.p.newstore.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0a::5c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d7b2d6dd1c24b5bd614315b2e80b2ae979a07cf08fecae4139393e420fe48659 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-JJZlE06No_JL3TlRSWOY3g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://newstorecheckout.apple-demo-sandbox.p.newstore.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Tue, 21 Feb 2023 01:36:19 GMT strict-transport-security max-age=31536000 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-JJZlE06No_JL3TlRSWOY3g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport x-content-type-options nosniff p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin; report-to="InstantbuyFrontendHttp" server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site report-to {"group":"InstantbuyFrontendHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendHttp/external"}]} content-type application/javascript; charset=utf-8 x-frame-options SAMEORIGIN cache-control private, max-age=600 permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=* expires Tue, 21 Feb 2023 01:36:19 GMT
GET H2	200	2.6b77ab5e.chunk.js Show response newstorecheckout.apple-demo-sandbox.p.newstore.net/static/js/	810 KB 227 KB	471ms 470ms	Script application/javascript	18.66.2.124 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://newstorecheckout.apple-demo-sandbox.p.newstore.net/static/js/2.6b77ab5e.chunk.js Requested by Host: newstorecheckout.apple-demo-sandbox.p.newstore.net URL: https://newstorecheckout.apple-demo-sandbox.p.newstore.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.2.124 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-2-124.txl50.r.cloudfront.net Software AmazonS3 / Resource Hash 1ba8a06a70278af1650fe128f01a0a38c8c1b1fd6cc40bfbb1a7c04308d76448 Request headers accept-language de-DE,de;q=0.9 Referer https://newstorecheckout.apple-demo-sandbox.p.newstore.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Tue, 21 Feb 2023 01:36:21 GMT content-encoding gzip via 1.1 56924be70c5c0d77fdcb69cb44958832.cloudfront.net (CloudFront) last-modified Wed, 29 Sep 2021 10:59:32 GMT server AmazonS3 x-amz-cf-pop TXL50-P1 etag W/"a301661fca439b086d8bdf03a15fcd99" vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript cache-control max-age=60 x-amz-cf-id nd0BoNJryUr5M2eLr3N-sncoXmkhPktzVe8E3OguThPnNefeQ2VfjA==
GET H2	200	main.0b14ef06.chunk.js Show response newstorecheckout.apple-demo-sandbox.p.newstore.net/static/js/	42 KB 19 KB	463ms 463ms	Script application/javascript	18.66.2.124 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://newstorecheckout.apple-demo-sandbox.p.newstore.net/static/js/main.0b14ef06.chunk.js Requested by Host: newstorecheckout.apple-demo-sandbox.p.newstore.net URL: https://newstorecheckout.apple-demo-sandbox.p.newstore.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.2.124 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-2-124.txl50.r.cloudfront.net Software AmazonS3 / Resource Hash 254c0612e68c31d67e5c3142733403c9387fe9e516bbd6c4a07bc6e427f66ad4 Request headers accept-language de-DE,de;q=0.9 Referer https://newstorecheckout.apple-demo-sandbox.p.newstore.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Tue, 21 Feb 2023 01:36:21 GMT content-encoding gzip via 1.1 56924be70c5c0d77fdcb69cb44958832.cloudfront.net (CloudFront) last-modified Wed, 29 Sep 2021 10:59:32 GMT server AmazonS3 x-amz-cf-pop TXL50-P1 etag W/"ba1f784719f610175dd91e91b58e063c" vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript cache-control max-age=60 x-amz-cf-id bApyDQwX0KQOFQ4Y1t3NLpkItASEF6Ed5dmkGlAnxydglll9l38dQQ==
GET H2	200	payframe Show response pay.google.com/gp/p/ui/ Frame 12E2	18 KB 8 KB	200ms 198ms	Document text/html	2a00:1450:400c:c0a::5c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fnewstorecheckout.apple-demo-sandbox.p.newstore.net&mid= Requested by Host: pay.google.com URL: https://pay.google.com/gp/p/js/pay.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0a::5c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash a4216ccb3ae3dc3d3b237d56f27f86fb7e9618a6ef55561a28c844df2c0f8567 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-bkFwQrBnWa08uaHWAt1WeQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://newstorecheckout.apple-demo-sandbox.p.newstore.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=3600 content-encoding gzip content-security-policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-bkFwQrBnWa08uaHWAt1WeQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist content-type text/html; charset=utf-8 cross-origin-opener-policy same-origin; report-to="InstantbuyFrontendBuyflowPayframeUi" cross-origin-resource-policy same-site date Tue, 21 Feb 2023 01:36:20 GMT expires Tue, 21 Feb 2023 01:36:20 GMT permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=* report-to {"group":"InstantbuyFrontendBuyflowPayframeUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayframeUi/external"}]} server ESF strict-transport-security max-age=31536000 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-content-type-options nosniff x-ua-compatible IE=edge x-xss-protection 0
POST H3	404	cspreport pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 12E2	2 KB 2 KB	119ms 119ms	Other text/html	2a00:1450:400c:c0a::5c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Requested by Host: newstorecheckout.apple-demo-sandbox.p.newstore.net URL: https://newstorecheckout.apple-demo-sandbox.p.newstore.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400c:c0a::5c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101 Request headers Referer https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fnewstorecheckout.apple-demo-sandbox.p.newstore.net&mid= accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 21 Feb 2023 01:36:20 GMT referrer-policy no-referrer alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1608 content-type text/html; charset=UTF-8
GET H2	200	m=_b,_tp,_r Show response www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Akg4_pXmbk4.es5.O/am=mAFA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfr... Frame 12E2	155 KB 55 KB	31ms 8ms	Script text/javascript	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Akg4_pXmbk4.es5.O/am=mAFA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrilCNOm8UC-UEQ_F3J6LxyxbdOrfA/m=_b,_tp,_r Requested by Host: pay.google.com URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fnewstorecheckout.apple-demo-sandbox.p.newstore.net&mid= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0798a1069aa0ef1068f2d71ad6b1db35413a8278940fc21d6bed72fbf779f633 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Fri, 17 Feb 2023 17:27:40 GMT content-encoding gzip x-content-type-options nosniff age 288520 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 55843 x-xss-protection 0 last-modified Fri, 17 Feb 2023 04:24:37 GMT server sffe cross-origin-opener-policy same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers" vary Accept-Encoding, Origin report-to {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Sat, 17 Feb 2024 17:27:40 GMT
GET H2	200	m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le Show response www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Akg4_pXmbk4.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.G4S... Frame 12E2	69 KB 26 KB	9ms 8ms	Script text/javascript	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Akg4_pXmbk4.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.G4S1w8cg4zM.L.B1.O/am=mAFA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrhznHpXryYgkcAfJ0tIxNJU7Emx6A/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Akg4_pXmbk4.es5.O/am=mAFA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrilCNOm8UC-UEQ_F3J6LxyxbdOrfA/m=_b,_tp,_r Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b7f7748d78a8688440d59d64911866b2b85752cd9544d22bac0e13c7971c92ac Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Fri, 17 Feb 2023 17:35:01 GMT content-encoding gzip x-content-type-options nosniff age 288079 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 26133 x-xss-protection 0 last-modified Tue, 14 Feb 2023 13:27:25 GMT server sffe cross-origin-opener-policy same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers" vary Accept-Encoding, Origin report-to {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Sat, 17 Feb 2024 17:35:01 GMT
GET H3	200	pay Show response pay.google.com/gp/p/ui/ Frame 12E2	1 MB 378 KB	78ms 78ms	XHR text/html	2a00:1450:400c:c0a::5c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pay.google.com/gp/p/ui/pay Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Akg4_pXmbk4.es5.O/am=mAFA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrilCNOm8UC-UEQ_F3J6LxyxbdOrfA/m=_b,_tp,_r Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400c:c0a::5c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 4fd3967cd1106d9dc19bfc0f81a66bbf0d189e5d389a1dde89e67bdc2b6d1744 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-t_KZGILoY1TPyXJVpRLXgw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Tue, 21 Feb 2023 01:36:20 GMT strict-transport-security max-age=31536000 content-encoding gzip content-security-policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-t_KZGILoY1TPyXJVpRLXgw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist x-content-type-options nosniff cross-origin-resource-policy same-site alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 x-ua-compatible IE=edge accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy unsafe-none; report-to="InstantbuyFrontendBuyflowPayUi" server ESF x-frame-options DENY vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site content-type text/html; charset=utf-8 report-to {"group":"InstantbuyFrontendBuyflowPayUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayUi/external"}]} cache-control private, max-age=3600 permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=* expires Tue, 21 Feb 2023 01:36:20 GMT
GET H3	200	m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Akg4_pXmbk4.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.G4S... Frame 12E2	23 KB 9 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Akg4_pXmbk4.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.G4S1w8cg4zM.L.B1.O/am=mAFA/d=1/exm=Das5Le,IZT63,PrPYRd,ZyYHPb,_b,_r,_tp,hc6Ubd,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrhznHpXryYgkcAfJ0tIxNJU7Emx6A/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Akg4_pXmbk4.es5.O/am=mAFA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrilCNOm8UC-UEQ_F3J6LxyxbdOrfA/m=_b,_tp,_r Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7cd5aa7f1e4ed43a5097f8c3c532c6c11a92d09b6362f7c1d3c673b445fbed9e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Fri, 17 Feb 2023 17:35:01 GMT content-encoding gzip x-content-type-options nosniff age 288079 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9253 x-xss-protection 0 last-modified Tue, 14 Feb 2023 13:27:25 GMT server sffe cross-origin-opener-policy same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers" vary Accept-Encoding, Origin report-to {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Sat, 17 Feb 2024 17:35:01 GMT
GET H3	200	m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Akg4_pXmbk4.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.G4S... Frame 12E2	35 KB 13 KB	9ms 9ms	Script text/javascript	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Akg4_pXmbk4.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.G4S1w8cg4zM.L.B1.O/am=mAFA/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrhznHpXryYgkcAfJ0tIxNJU7Emx6A/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Akg4_pXmbk4.es5.O/am=mAFA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrilCNOm8UC-UEQ_F3J6LxyxbdOrfA/m=_b,_tp,_r Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b3658da0c7b44b869de6bd13b79eff64884e4d54a22bd0dbe86bb0fe15f19962 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Fri, 17 Feb 2023 17:35:01 GMT content-encoding gzip x-content-type-options nosniff age 288079 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13393 x-xss-protection 0 last-modified Tue, 14 Feb 2023 13:27:25 GMT server sffe cross-origin-opener-policy same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers" vary Accept-Encoding, Origin report-to {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Sat, 17 Feb 2024 17:35:01 GMT
POST H2	200	log Show response play.google.com/ Frame 12E2	131 B 273 B	21ms 18ms	XHR text/plain	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Akg4_pXmbk4.es5.O/am=mAFA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrilCNOm8UC-UEQ_F3J6LxyxbdOrfA/m=_b,_tp,_r Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pay.google.com/ X-Goog-AuthUser 0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Tue, 21 Feb 2023 01:36:20 GMT content-encoding gzip server Playlog x-frame-options SAMEORIGIN content-type text/plain; charset=UTF-8 access-control-allow-origin https://pay.google.com p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers X-Playlog-Web content-length 131 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 21 Feb 2023 01:36:20 GMT
OPTIONS H2	200	log play.google.com/ Frame	0 0	39ms 14ms	Preflight text/plain	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers x-goog-authuser Access-Control-Request-Method POST Origin https://pay.google.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers X-Playlog-Web,authorization,origin,x-goog-authuser access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://pay.google.com access-control-max-age 86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/plain; charset=UTF-8 date Tue, 21 Feb 2023 01:36:20 GMT expires Tue, 21 Feb 2023 01:36:20 GMT p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." server Playlog x-frame-options SAMEORIGIN x-xss-protection 0
POST H2	200	log Show response play.google.com/ Frame 12E2	131 B 273 B	19ms 17ms	XHR text/plain	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Akg4_pXmbk4.es5.O/am=mAFA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrilCNOm8UC-UEQ_F3J6LxyxbdOrfA/m=_b,_tp,_r Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pay.google.com/ X-Goog-AuthUser 0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Tue, 21 Feb 2023 01:36:20 GMT content-encoding gzip server Playlog x-frame-options SAMEORIGIN content-type text/plain; charset=UTF-8 access-control-allow-origin https://pay.google.com p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers X-Playlog-Web content-length 131 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 21 Feb 2023 01:36:20 GMT
OPTIONS H2	200	log play.google.com/ Frame	0 0	39ms 15ms	Preflight text/plain	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers x-goog-authuser Access-Control-Request-Method POST Origin https://pay.google.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers X-Playlog-Web,authorization,origin,x-goog-authuser access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://pay.google.com access-control-max-age 86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/plain; charset=UTF-8 date Tue, 21 Feb 2023 01:36:20 GMT expires Tue, 21 Feb 2023 01:36:20 GMT p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." server Playlog x-frame-options SAMEORIGIN x-xss-protection 0
POST H2	200	log Show response play.google.com/ Frame 12E2	131 B 273 B	18ms 16ms	XHR text/plain	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Akg4_pXmbk4.es5.O/am=mAFA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrilCNOm8UC-UEQ_F3J6LxyxbdOrfA/m=_b,_tp,_r Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pay.google.com/ X-Goog-AuthUser 0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Tue, 21 Feb 2023 01:36:20 GMT content-encoding gzip server Playlog x-frame-options SAMEORIGIN content-type text/plain; charset=UTF-8 access-control-allow-origin https://pay.google.com p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers X-Playlog-Web content-length 131 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 21 Feb 2023 01:36:20 GMT
OPTIONS H2	200	log play.google.com/ Frame	0 0	38ms 16ms	Preflight text/plain	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers x-goog-authuser Access-Control-Request-Method POST Origin https://pay.google.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers X-Playlog-Web,authorization,origin,x-goog-authuser access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://pay.google.com access-control-max-age 86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/plain; charset=UTF-8 date Tue, 21 Feb 2023 01:36:20 GMT expires Tue, 21 Feb 2023 01:36:20 GMT p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." server Playlog x-frame-options SAMEORIGIN x-xss-protection 0
POST H2	200	log Show response play.google.com/ Frame 12E2	131 B 578 B	39ms 17ms	XHR text/plain	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Akg4_pXmbk4.es5.O/am=mAFA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrilCNOm8UC-UEQ_F3J6LxyxbdOrfA/m=_b,_tp,_r Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pay.google.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Tue, 21 Feb 2023 01:36:20 GMT content-encoding gzip server Playlog x-frame-options SAMEORIGIN content-type text/plain; charset=UTF-8 access-control-allow-origin https://pay.google.com p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers X-Playlog-Web content-length 131 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 21 Feb 2023 01:36:20 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	30ms 7ms	Script text/javascript	2a00:1450:4001:82f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: newstorecheckout.apple-demo-sandbox.p.newstore.net URL: https://newstorecheckout.apple-demo-sandbox.p.newstore.net/static/js/2.6b77ab5e.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://newstorecheckout.apple-demo-sandbox.p.newstore.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Tue, 21 Feb 2023 00:14:50 GMT last-modified Tue, 10 Jan 2023 21:29:14 GMT server Golfe2 age 4890 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20085 expires Tue, 21 Feb 2023 02:14:50 GMT
POST H/1.1	200 OK	/ Show response sentry.io/api/1444696/store/	41 B 480 B	467ms 115ms	Fetch application/json	35.188.42.15 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://sentry.io/api/1444696/store/?sentry_key=9333b16ec0934e53b91b58e6c3d4a9c7&sentry_version=7 Requested by Host: newstorecheckout.apple-demo-sandbox.p.newstore.net URL: https://newstorecheckout.apple-demo-sandbox.p.newstore.net/static/js/2.6b77ab5e.chunk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.188.42.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 15.42.188.35.bc.googleusercontent.com Software nginx / Resource Hash 223b8b96832fd16fa2dfeef0ba12945de0c88201ccc9d9ef7d984b59f19a68c2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://newstorecheckout.apple-demo-sandbox.p.newstore.net/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Tue, 21 Feb 2023 01:36:21 GMT Strict-Transport-Security max-age=31536000; includeSubDomains; preload Server nginx vary Origin Content-Type application/json access-control-allow-origin https://newstorecheckout.apple-demo-sandbox.p.newstore.net access-control-expose-headers x-sentry-rate-limits, x-sentry-error, retry-after x-envoy-upstream-service-time 0 Connection keep-alive Content-Length 41
GET H2	200	error.041c3513.png newstorecheckout.apple-demo-sandbox.p.newstore.net/static/media/	11 KB 11 KB	436ms 435ms	Image image/png	18.66.2.124 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://newstorecheckout.apple-demo-sandbox.p.newstore.net/static/media/error.041c3513.png Requested by Host: newstorecheckout.apple-demo-sandbox.p.newstore.net URL: https://newstorecheckout.apple-demo-sandbox.p.newstore.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.2.124 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-2-124.txl50.r.cloudfront.net Software AmazonS3 / Resource Hash e4c71af5136571fcb4f5c832bf41d4ae6631369e2c6e672df90664e335a64fa0 Request headers accept-language de-DE,de;q=0.9 Referer https://newstorecheckout.apple-demo-sandbox.p.newstore.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Tue, 21 Feb 2023 01:36:22 GMT via 1.1 56924be70c5c0d77fdcb69cb44958832.cloudfront.net (CloudFront) last-modified Wed, 29 Sep 2021 10:59:32 GMT server AmazonS3 x-amz-cf-pop TXL50-P1 etag "041c35130a6de6e20e23cfaa1d4a2821" x-cache Miss from cloudfront content-type image/png cache-control max-age=60 accept-ranges bytes content-length 11413 x-amz-cf-id HKQQ413tSlT96GL5NI5m12ydawty1PmQBDrfUBiVrzpGYYa2omPXZQ==
GET H/1.1	200 OK	sanfranciscodisplay-regular-webfont.woff applesocial.s3.amazonaws.com/assets/styles/fonts/sanfrancisco/	31 KB 32 KB	578ms 199ms	Font application/font-woff	52.218.132.139 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://applesocial.s3.amazonaws.com/assets/styles/fonts/sanfrancisco/sanfranciscodisplay-regular-webfont.woff Requested by Host: newstorecheckout.apple-demo-sandbox.p.newstore.net URL: https://newstorecheckout.apple-demo-sandbox.p.newstore.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.218.132.139 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-us-west-2-w.amazonaws.com Software AmazonS3 / Resource Hash 58ef5a8216eda46e1951a7980f58d4acda08c97a5b41911778f5cc06678dba15 Request headers Referer https://newstorecheckout.apple-demo-sandbox.p.newstore.net/ Origin https://newstorecheckout.apple-demo-sandbox.p.newstore.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Tue, 21 Feb 2023 01:36:22 GMT Last-Modified Tue, 19 Dec 2017 18:28:36 GMT Server AmazonS3 x-amz-request-id FHGFFD7EABTZDXXA ETag "578fb8973c77ca5f3cd54f4a44390d37" Access-Control-Max-Age 3000 Vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method Access-Control-Allow-Methods GET Access-Control-Allow-Origin * Content-Type application/font-woff Accept-Ranges bytes Content-Length 31784 x-amz-id-2 lsd9Yn2pa4lchsRz5P2TkKACVOZGu4lmzvcBbAN5hvk1uhlKZwanqg+MmAOh23duHTUN5oPdP0o=
POST H2	200	collect Show response www.google-analytics.com/j/	3 B 232 B	16ms 15ms	XHR text/plain	2a00:1450:4001:82f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1372131364&t=pageview&_s=1&dl=https%3A%2F%2Fnewstorecheckout.apple-demo-sandbox.p.newstore.net%2F&dp=Overview&ul=en-us&de=UTF-8&dt=Pay%20with%20your%20phone&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=471721136&gjid=379487926&cid=1497678659.1676943381&tid=UA-119902542-1&_gid=450641096.1676943381&_r=1&_slc=1&z=204997950 Requested by Host: newstorecheckout.apple-demo-sandbox.p.newstore.net URL: https://newstorecheckout.apple-demo-sandbox.p.newstore.net/static/js/2.6b77ab5e.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://newstorecheckout.apple-demo-sandbox.p.newstore.net/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 21 Feb 2023 01:36:20 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://newstorecheckout.apple-demo-sandbox.p.newstore.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3 expires Fri, 01 Jan 1990 00:00:00 GMT

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| oncontentvisibilityautostatechange object| denylistedDomainsHashedValueListForGpayButtonWithCardInfo object| whitelistedDomainsHashedValueListForGpayButtonWithCardInfo object| denylistedMerchentIdsHashedValueListForGpayButtonWithCardInfo object| google object| webpackJsonpnewstorepay object| __SENTRY__ object| scCGSHMRCache object| regeneratorRuntime function| _ string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.google.com/	1970-01-20 14:12:34	Name: NID Value: 511=cIDuLqT35i1QbxJ_l8ZqO7vEHhLzgC6fLPh6AnnS1KVR3xjk_2XAecpS1iUUAk_CQkP2AheL_T_MDIGgyVKurSBSR9HdySWsOurGi2OB1Bxn4nt4Ubb5Y4-zFAeUnNdnVql9Cgq-6vtFviGap-6Bjb9sKnPpHpOOyvCmtgIGfQY
			.newstore.net/	1970-01-20 19:25:03	Name: _ga Value: GA1.2.1497678659.1676943381
			.newstore.net/	1970-01-20 09:50:29	Name: _gid Value: GA1.2.450641096.1676943381
			.newstore.net/	1970-01-20 09:49:03	Name: _gat Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

applesocial.s3.amazonaws.com
code.ionicframework.com
newstorecheckout.apple-demo-sandbox.p.newstore.net
pay.google.com
play.google.com
sentry.io
www.google-analytics.com
www.gstatic.com
18.66.2.124
2606:4700:20::ac43:451d
2a00:1450:4001:802::2003
2a00:1450:4001:810::200e
2a00:1450:4001:82f::200e
2a00:1450:400c:c0a::5c
35.188.42.15
52.218.132.139
0798a1069aa0ef1068f2d71ad6b1db35413a8278940fc21d6bed72fbf779f633
1ba8a06a70278af1650fe128f01a0a38c8c1b1fd6cc40bfbb1a7c04308d76448
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
223b8b96832fd16fa2dfeef0ba12945de0c88201ccc9d9ef7d984b59f19a68c2
254c0612e68c31d67e5c3142733403c9387fe9e516bbd6c4a07bc6e427f66ad4
4fd3967cd1106d9dc19bfc0f81a66bbf0d189e5d389a1dde89e67bdc2b6d1744
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
58ef5a8216eda46e1951a7980f58d4acda08c97a5b41911778f5cc06678dba15
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
7cd5aa7f1e4ed43a5097f8c3c532c6c11a92d09b6362f7c1d3c673b445fbed9e
92ac508220f5bb60ec94e07650528eb66625f82a4740ada068cde05365781286
a4216ccb3ae3dc3d3b237d56f27f86fb7e9618a6ef55561a28c844df2c0f8567
b3658da0c7b44b869de6bd13b79eff64884e4d54a22bd0dbe86bb0fe15f19962
b7f7748d78a8688440d59d64911866b2b85752cd9544d22bac0e13c7971c92ac
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d7b2d6dd1c24b5bd614315b2e80b2ae979a07cf08fecae4139393e420fe48659
e4c71af5136571fcb4f5c832bf41d4ae6631369e2c6e672df90664e335a64fa0
e5e516d422ff418e665c48ce51ac689b6cd38f87ebbe786e3727a111693607fe
fe89ed004c763df719c379bb84ddaad79b001106a872cfa52d42dd88bfb4169c