urlscan.io logo urlscan.io
SecurityTrails logo

secure.transaxgateway.com Open in urlscan Pro
174.129.3.150  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bit.ly/38Xntwh
Effective URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=K72j8VUWT%2BcZZ8AfGxJvTZEcN74iATuKkFdZbIFxU3s%3D
Submission: On October 19 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 6 domains to perform 46 HTTP transactions. The main IP is 174.129.3.150, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is secure.transaxgateway.com. The Cisco Umbrella rank of the primary domain is 466209.
TLS certificate: Issued by Amazon RSA 2048 M03 on August 28th 2023. Valid for: a year.
This is the only time secure.transaxgateway.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.11 396982 (GOOGLE-CL...)
17 174.129.3.150 14618 (AMAZON-AES)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a01:b740:a30... 6185 (APPLE-AUSTIN)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
46 9
1    67.199.248.11 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly
bit.ly
17    174.129.3.150 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-174-129-3-150.compute-1.amazonaws.com
secure.transaxgateway.com
4    2a00:1450:400c:c0a::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
pay.google.com
1    2a01:b740:a30:f100::198 (Frankfurt am Main, Germany)

ASN6185 (APPLE-AUSTIN, US)
applepay.cdn-apple.com
2    2606:4700::6810:7baf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
4    2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
10    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
6    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
play.google.com
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
17 transaxgateway.com
secure.transaxgateway.com — Cisco Umbrella Rank: 466209
309 KB
14 google.com
pay.google.com — Cisco Umbrella Rank: 3064
www.google.com — Cisco Umbrella Rank: 2
play.google.com — Cisco Umbrella Rank: 37
454 KB
11 gstatic.com
www.gstatic.com
fonts.gstatic.com
722 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1102
13 KB
1 cdn-apple.com
applepay.cdn-apple.com — Cisco Umbrella Rank: 17951
49 KB
1 bit.ly
bit.ly — Cisco Umbrella Rank: 6920
514 B
46 6
Domain Requested by
17 secure.transaxgateway.com secure.transaxgateway.com
10 www.gstatic.com www.google.com
pay.google.com
www.gstatic.com
6 play.google.com www.gstatic.com
4 www.google.com secure.transaxgateway.com
www.gstatic.com
www.google.com
4 pay.google.com secure.transaxgateway.com
pay.google.com
www.gstatic.com
2 unpkg.com 1 redirects secure.transaxgateway.com
1 fonts.gstatic.com www.google.com
1 applepay.cdn-apple.com secure.transaxgateway.com
1 bit.ly 1 redirects
46 9

This site contains no links.

Subject Issuer Validity Valid
*.transaxgateway.com
Amazon RSA 2048 M03		 2023-08-28 -
2024-09-24		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
applepay.cdn-apple.com
Apple Public Server ECC CA 12 - G1		 2023-10-05 -
2024-01-03		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=K72j8VUWT%2BcZZ8AfGxJvTZEcN74iATuKkFdZbIFxU3s%3D
Frame ID: DA7046AB699C71A3FAFC970C4EAD47F6
Requests: 24 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.transaxgateway.com&mid=
Frame ID: CF1C67A4B5A12640A5E64CB457AA5778
Requests: 10 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJxMEUAAAAABITPAWnvcn6gfW6AWRSUy_DqTxD&co=aHR0cHM6Ly9zZWN1cmUudHJhbnNheGdhdGV3YXkuY29tOjQ0Mw..&hl=de&v=MydHw_zggsxIJuhSbyOmPv5R&size=normal&cb=i7c1to43xoix
Frame ID: 75D9C7648928123A5791C6D787350648
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=MydHw_zggsxIJuhSbyOmPv5R&k=6LdJxMEUAAAAABITPAWnvcn6gfW6AWRSUy_DqTxD
Frame ID: D3116BCA8C22B34565F313907D2AF019
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Process Order

Page URL History Show full URLs

  1. http://bit.ly/38Xntwh HTTP 301
    https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=K72j8VUWT%2BcZZ8AfGxJvTZEcN74i... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
  • <input[^>]+name="__VIEWSTATE
Overall confidence: 100%
Detected patterns
  • pay\.google\.com/([a-z/]+)/pay\.js
Overall confidence: 100%
Detected patterns
  • /axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

46
Requests

93 %
HTTPS

78 %
IPv6

6
Domains

9
Subdomains

9
IPs

3
Countries

1546 kB
Transfer

3950 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bit.ly/38Xntwh HTTP 301
    https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=K72j8VUWT%2BcZZ8AfGxJvTZEcN74iATuKkFdZbIFxU3s%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://unpkg.com/axios/dist/axios.min.js HTTP 302
  • https://unpkg.com/axios@1.5.1/dist/axios.min.js

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request HostedPaymentPage.aspx
secure.transaxgateway.com/HostedPaymentForm/
Redirect Chain
  • http://bit.ly/38Xntwh
  • https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=K72j8VUWT%2BcZZ8AfGxJvTZEcN74iATuKkFdZbIFxU3s%3D
91 KB
92 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=K72j8VUWT%2BcZZ8AfGxJvTZEcN74iATuKkFdZbIFxU3s%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.129.3.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-3-150.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1d2af42c1f44abd80bb673db11c076eb6d251c97a4dc77264d0adbe1acb4a11b
Security Headers
Name Value
Content-Security-Policy GOFORIT
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options GOFORIT

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
content-length
93159
content-security-policy
GOFORIT
content-type
text/html; charset=utf-8
date
Thu, 19 Oct 2023 12:53:41 GMT
expires
-1
pragma
no-cache
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-aspnet-version
4.0.30319
x-content-type-options
nosniff
x-frame-options
GOFORIT
x-powered-by
ASP.NET

Redirect headers

Cache-Control
private, max-age=90
Content-Length
215
Content-Security-Policy
referrer always;
Content-Type
text/html; charset=utf-8
Date
Thu, 19 Oct 2023 12:53:41 GMT
Location
https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=K72j8VUWT%2BcZZ8AfGxJvTZEcN74iATuKkFdZbIFxU3s%3D
Referrer-Policy
unsafe-url
Server
nginx
Via
1.1 google
hosted.css
secure.transaxgateway.com/Styles/ 		35 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.transaxgateway.com/Styles/hosted.css
Requested by
Host: secure.transaxgateway.com
URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=K72j8VUWT%2BcZZ8AfGxJvTZEcN74iATuKkFdZbIFxU3s%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.129.3.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-3-150.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4ff8a311c20d871eb917b464a63da00f76efcac353588708185dca450c1594d7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=K72j8VUWT%2BcZZ8AfGxJvTZEcN74iATuKkFdZbIFxU3s%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 12:53:41 GMT
content-security-policy
frame-ancestors 'none';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 05 Oct 2023 18:31:42 GMT
server
Microsoft-IIS/10.0
etag
"03bad2fbaf7d91:0"
x-powered-by
ASP.NET
x-frame-options
sameorigin
content-type
text/css
cache-control
no-cache
accept-ranges
bytes
content-length
36296
tx-icons.css
secure.transaxgateway.com/Styles/ 		0
0
fonts.css
secure.transaxgateway.com/Styles/ 		0
0
ApplePayJSv1.js
secure.transaxgateway.com/HostedPaymentForm/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.transaxgateway.com/HostedPaymentForm/ApplePayJSv1.js
Requested by
Host: secure.transaxgateway.com
URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=K72j8VUWT%2BcZZ8AfGxJvTZEcN74iATuKkFdZbIFxU3s%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.129.3.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-3-150.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
Security Headers
Name Value
Content-Security-Policy GOFORIT
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options GOFORIT

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=K72j8VUWT%2BcZZ8AfGxJvTZEcN74iATuKkFdZbIFxU3s%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 12:53:41 GMT
content-security-policy
GOFORIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
x-frame-options
GOFORIT
content-type
text/html
content-length
1245
pay.js
pay.google.com/gp/p/js/ 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: secure.transaxgateway.com
URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=K72j8VUWT%2BcZZ8AfGxJvTZEcN74iATuKkFdZbIFxU3s%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b7e82e6f7c70e3a25f97065417a5bb4dd5690931fdb16f71a49dab26f9d480ca
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-KtT3OJKBOUInkuXiR6SZCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.transaxgateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 12:53:41 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-KtT3OJKBOUInkuXiR6SZCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Thu, 19 Oct 2023 12:53:41 GMT
apple-pay-sdk.js
applepay.cdn-apple.com/jsapi/v1/ 		162 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js
Requested by
Host: secure.transaxgateway.com
URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=K72j8VUWT%2BcZZ8AfGxJvTZEcN74iATuKkFdZbIFxU3s%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a01:b740:a30:f100::198 Frankfurt am Main, Germany, ASN6185 (APPLE-AUSTIN, US),
Reverse DNS
Software
Apple /
Resource Hash
4f3604f1ead4e51e75612bbe34446f8f91b84879fa85453e8ca46a664f78b3cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.transaxgateway.com/
Origin
https://secure.transaxgateway.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-apple-jingle-correlation-key
M7X6GW2LFU3TE3DCFL74PUEU4Q
Date
Wed, 18 Oct 2023 21:57:11 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains
X-Content-Type-Options
nosniff
Content-Encoding
gzip
x-b3-traceid
67efe35b4b2d37326c622affc7d094e4
Via
http/1.1 defra1-edge-lx-003.ts.apple.com (acdn/4.8), http/1.1 defra1-edge-bx-006.ts.apple.com (acdn/4.8)
Age
53790
X-Cache
hit-fresh, hit-fresh
CDNUUID
7b845bee-854e-4da7-b24b-2a4631cb4608-3594301734
b3
67efe35b4b2d37326c622affc7d094e4-bb1b237412b7a711
Connection
keep-alive
Content-Length
48883
X-XSS-Protection
1; mode=block
apple-tk
false
Server
Apple
apple-seq
0
Last-Modified
Mon, 18 Sep 2023 23:48:35 GMT
apple-originating-system
payment-client-service-PROD
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-apple-request-uuid
67efe35b-4b2d-3732-6c62-2affc7d094e4
x-b3-spanid
bb1b237412b7a711
Access-Control-Allow-Credentials
false
Cache-Control
public, max-age=86400, stale-while-revalidate=86400
axios.min.js
unpkg.com/axios@1.5.1/dist/
Redirect Chain
  • https://unpkg.com/axios/dist/axios.min.js
  • https://unpkg.com/axios@1.5.1/dist/axios.min.js
32 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/axios@1.5.1/dist/axios.min.js
Requested by
Host: secure.transaxgateway.com
URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=K72j8VUWT%2BcZZ8AfGxJvTZEcN74iATuKkFdZbIFxU3s%3D
Protocol
H2
Server
2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd688b0ff9f17567ad22bf34a05ed17ee78750b9965418309c821eb3f55cc38f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.transaxgateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 12:53:41 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1966030
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HB9D0X410EQCE82VGHRHHJXY-waw
server
cloudflare
etag
W/"7e51-T4rJbSBNkdaBUKcCugO26+F2VqU"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
81892a58bcb044f8-TXL

Redirect headers

date
Thu, 19 Oct 2023 12:53:41 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01HD3ZK240XFMGPW7BPP92Z6T8-fra
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
404
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/axios@1.5.1/dist/axios.min.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
81892a588c4944f8-TXL
WebResource.axd
secure.transaxgateway.com/ 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.transaxgateway.com/WebResource.axd?d=X7q8oq9Rfn_ksZhT1QTo96v2VmLdnnaTwwfcWImIa805GYvcmaOyuvrX3fsPv4YIyUt1cHe3v8BQt8MSSHBW_QFoa5o1&t=638259182771233176
Requested by
Host: secure.transaxgateway.com
URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=K72j8VUWT%2BcZZ8AfGxJvTZEcN74iATuKkFdZbIFxU3s%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.129.3.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-3-150.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=K72j8VUWT%2BcZZ8AfGxJvTZEcN74iATuKkFdZbIFxU3s%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 12:53:41 GMT
content-security-policy
frame-ancestors 'none';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-frame-options
sameorigin
content-type
application/x-javascript
cache-control
no-cache, no-store
content-length
23063
expires
-1
ScriptResource.axd
secure.transaxgateway.com/ 		26 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.transaxgateway.com/ScriptResource.axd?d=E0G2se1wjIMSI90mCuAM1bsuY5PpvwVpFlP9n2ZcHzu4aHAADWgf8wkA6c1ov3M5XHMBRy_ryM6rIvgrgCMN5yMyjMbgH8N5bQSZp7eUCM2txSA1BH3CXYypKEX1EoSNM-OruAx5AI0vwZ4GAeiwupRziQo1&t=3fff4fa7
Requested by
Host: secure.transaxgateway.com
URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=K72j8VUWT%2BcZZ8AfGxJvTZEcN74iATuKkFdZbIFxU3s%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.129.3.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-3-150.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=K72j8VUWT%2BcZZ8AfGxJvTZEcN74iATuKkFdZbIFxU3s%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 12:53:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'none';
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-frame-options
sameorigin
content-type
application/x-javascript
cache-control
no-cache, no-store
content-length
5479
expires
-1
ScriptResource.axd
secure.transaxgateway.com/ 		100 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.transaxgateway.com/ScriptResource.axd?d=KTyiOYnWccdW3ahPZWZdAB4Q6bs5lNhMaAfEGPzZI81_XzRk7A828_g5cBeUFbqX_Dtb7l9yygeylforVz44AivsI1EU-WW8um-EUafsJjfdu2OYllIZCOBNqRUnpenrBODjbAWtg_lLJXNfZj17QjHj5AlfxJjrTZXEU-IoRez-IkDc0&t=5d0a842b
Requested by
Host: secure.transaxgateway.com
URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=K72j8VUWT%2BcZZ8AfGxJvTZEcN74iATuKkFdZbIFxU3s%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.129.3.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-3-150.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=K72j8VUWT%2BcZZ8AfGxJvTZEcN74iATuKkFdZbIFxU3s%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 12:53:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'none';
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-frame-options
sameorigin
content-type
application/x-javascript
cache-control
no-cache, no-store
content-length
25609
expires
-1
ScriptResource.axd
secure.transaxgateway.com/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.transaxgateway.com/ScriptResource.axd?d=LiRE6BpPPmFbhbyGiy7s99_QR5KD581nVbH8eG_or2QH8r5mSntdd40xHzcjAj3VJ2QFG92YLMhLezS8UGgF4i-lyb2DwrTbiuY2HI359tfzqk_BNgnTqLIhWh3NaKDCckOdjROsqrpyPVzTl2Xu-udYBgXlgBhj2-_vQsb3rB1T3ojY0&t=5d0a842b
Requested by
Host: secure.transaxgateway.com
URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=K72j8VUWT%2BcZZ8AfGxJvTZEcN74iATuKkFdZbIFxU3s%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.129.3.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-3-150.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=K72j8VUWT%2BcZZ8AfGxJvTZEcN74iATuKkFdZbIFxU3s%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 12:53:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'none';
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-frame-options
sameorigin
content-type
application/x-javascript
cache-control
no-cache, no-store
content-length
9984
expires
-1
jquery-3.7.0.min.js
secure.transaxgateway.com/Scripts/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.transaxgateway.com/Scripts/jquery-3.7.0.min.js
Requested by
Host: secure.transaxgateway.com
URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=K72j8VUWT%2BcZZ8AfGxJvTZEcN74iATuKkFdZbIFxU3s%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.129.3.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-3-150.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=K72j8VUWT%2BcZZ8AfGxJvTZEcN74iATuKkFdZbIFxU3s%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 12:53:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'none';
last-modified
Thu, 05 Oct 2023 18:31:42 GMT
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000; includeSubDomains; preload
etag
"03bad2fbaf7d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
sameorigin
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
content-length
30416
masonry.pkgd.min.js
secure.transaxgateway.com/Scripts/ 		24 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.transaxgateway.com/Scripts/masonry.pkgd.min.js
Requested by
Host: secure.transaxgateway.com
URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=K72j8VUWT%2BcZZ8AfGxJvTZEcN74iATuKkFdZbIFxU3s%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.129.3.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-3-150.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a95b499f9d269eaaf206deeb1819aecb4bf622d50cfa0ec4aaf485bba18cee7e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=K72j8VUWT%2BcZZ8AfGxJvTZEcN74iATuKkFdZbIFxU3s%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 12:53:41 GMT
content-security-policy
frame-ancestors 'none';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 05 Oct 2023 18:31:42 GMT
server
Microsoft-IIS/10.0
etag
"03bad2fbaf7d91:0"
x-powered-by
ASP.NET
x-frame-options
sameorigin
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
content-length
24825
transax20190506.js
secure.transaxgateway.com/Scripts/ 		34 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.transaxgateway.com/Scripts/transax20190506.js
Requested by
Host: secure.transaxgateway.com
URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=K72j8VUWT%2BcZZ8AfGxJvTZEcN74iATuKkFdZbIFxU3s%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.129.3.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-3-150.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8665d2f44e09b242236e831e3fab1306845537140d22d3d6ad94eec6da493ab4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=K72j8VUWT%2BcZZ8AfGxJvTZEcN74iATuKkFdZbIFxU3s%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 12:53:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'none';
last-modified
Thu, 05 Oct 2023 18:31:42 GMT
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000; includeSubDomains; preload
etag
"03bad2fbaf7d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
sameorigin
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
content-length
5474
FixFocus.js
secure.transaxgateway.com/Scripts/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.transaxgateway.com/Scripts/FixFocus.js
Requested by
Host: secure.transaxgateway.com
URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=K72j8VUWT%2BcZZ8AfGxJvTZEcN74iATuKkFdZbIFxU3s%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.129.3.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-3-150.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c5a6c65e0659cd90e83bc3c9e6bd2cab63beca386a402ab362f64430653c98a8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=K72j8VUWT%2BcZZ8AfGxJvTZEcN74iATuKkFdZbIFxU3s%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 12:53:41 GMT
content-security-policy
frame-ancestors 'none';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 05 Oct 2023 18:31:42 GMT
server
Microsoft-IIS/10.0
etag
"03bad2fbaf7d91:0"
x-powered-by
ASP.NET
x-frame-options
sameorigin
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
content-length
1554
doubletaptogo.min.js
secure.transaxgateway.com/Scripts/ 		585 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.transaxgateway.com/Scripts/doubletaptogo.min.js
Requested by
Host: secure.transaxgateway.com
URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=K72j8VUWT%2BcZZ8AfGxJvTZEcN74iATuKkFdZbIFxU3s%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.129.3.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-3-150.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
37384673af8d6661ec5ce9b017723426444f80b065e16e7a2a66d0fa81ed9fcf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=K72j8VUWT%2BcZZ8AfGxJvTZEcN74iATuKkFdZbIFxU3s%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 12:53:41 GMT
content-security-policy
frame-ancestors 'none';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 05 Oct 2023 18:31:42 GMT
server
Microsoft-IIS/10.0
etag
"03bad2fbaf7d91:0"
x-powered-by
ASP.NET
x-frame-options
sameorigin
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
content-length
585
Payment_Processing_Form.jpg
secure.transaxgateway.com/images/HPP/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.transaxgateway.com/images/HPP/Payment_Processing_Form.jpg
Requested by
Host: secure.transaxgateway.com
URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=K72j8VUWT%2BcZZ8AfGxJvTZEcN74iATuKkFdZbIFxU3s%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.129.3.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-3-150.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
77b2af5b518dacce86ad0497e09dbbccd09737ae36592d25e16a31df38ba0508
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=K72j8VUWT%2BcZZ8AfGxJvTZEcN74iATuKkFdZbIFxU3s%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 12:53:41 GMT
content-security-policy
frame-ancestors 'none';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 05 Oct 2023 18:31:42 GMT
server
Microsoft-IIS/10.0
etag
"03bad2fbaf7d91:0"
x-powered-by
ASP.NET
x-frame-options
sameorigin
content-type
image/jpeg
cache-control
no-cache
accept-ranges
bytes
content-length
14006
Visa.png
secure.transaxgateway.com/images/cardbrand/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.transaxgateway.com/images/cardbrand/Visa.png
Requested by
Host: secure.transaxgateway.com
URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=K72j8VUWT%2BcZZ8AfGxJvTZEcN74iATuKkFdZbIFxU3s%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.129.3.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-3-150.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8aaef69b5f798f99583f9401814e896194b00017adc83fea26e4fd39c9f7e7b7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=K72j8VUWT%2BcZZ8AfGxJvTZEcN74iATuKkFdZbIFxU3s%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 12:53:41 GMT
content-security-policy
frame-ancestors 'none';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 05 Oct 2023 18:31:42 GMT
server
Microsoft-IIS/10.0
etag
"03bad2fbaf7d91:0"
x-powered-by
ASP.NET
x-frame-options
sameorigin
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
content-length
6736
MasterCard.png
secure.transaxgateway.com/images/cardbrand/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.transaxgateway.com/images/cardbrand/MasterCard.png
Requested by
Host: secure.transaxgateway.com
URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=K72j8VUWT%2BcZZ8AfGxJvTZEcN74iATuKkFdZbIFxU3s%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.129.3.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-3-150.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fc8db7870587a768ae33540ede126501d2cf29670b3004708c422095745a1faf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=K72j8VUWT%2BcZZ8AfGxJvTZEcN74iATuKkFdZbIFxU3s%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 12:53:42 GMT
content-security-policy
frame-ancestors 'none';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 05 Oct 2023 18:31:42 GMT
server
Microsoft-IIS/10.0
etag
"03bad2fbaf7d91:0"
x-powered-by
ASP.NET
x-frame-options
sameorigin
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
content-length
8648
Discover.png
secure.transaxgateway.com/images/cardbrand/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.transaxgateway.com/images/cardbrand/Discover.png
Requested by
Host: secure.transaxgateway.com
URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=K72j8VUWT%2BcZZ8AfGxJvTZEcN74iATuKkFdZbIFxU3s%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.129.3.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-3-150.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5fc1d6472e832d022ebdcc0c5ba3b99230b117a657eb425dec292448bc189a09
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=K72j8VUWT%2BcZZ8AfGxJvTZEcN74iATuKkFdZbIFxU3s%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 12:53:42 GMT
content-security-policy
frame-ancestors 'none';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 05 Oct 2023 18:31:42 GMT
server
Microsoft-IIS/10.0
etag
"03bad2fbaf7d91:0"
x-powered-by
ASP.NET
x-frame-options
sameorigin
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
content-length
9774
AMEX.png
secure.transaxgateway.com/images/cardbrand/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.transaxgateway.com/images/cardbrand/AMEX.png
Requested by
Host: secure.transaxgateway.com
URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=K72j8VUWT%2BcZZ8AfGxJvTZEcN74iATuKkFdZbIFxU3s%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.129.3.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-3-150.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8ff665f46765a156d12b96a537e6af65f1a831ae83749ce6a01e7df75b565b48
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=K72j8VUWT%2BcZZ8AfGxJvTZEcN74iATuKkFdZbIFxU3s%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 12:53:42 GMT
content-security-policy
frame-ancestors 'none';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 05 Oct 2023 18:31:42 GMT
server
Microsoft-IIS/10.0
etag
"03bad2fbaf7d91:0"
x-powered-by
ASP.NET
x-frame-options
sameorigin
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
content-length
9578
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Requested by
Host: secure.transaxgateway.com
URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=K72j8VUWT%2BcZZ8AfGxJvTZEcN74iATuKkFdZbIFxU3s%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8c39269349c4fb6b993fd649d6677c8cba5fdc217034d638c5b824cb3ee70f08
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.transaxgateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 12:53:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 19 Oct 2023 12:53:42 GMT
payframe
pay.google.com/gp/p/ui/ Frame CF1C 		19 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.transaxgateway.com&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1bd4a31c8e847882c26f45fcaef90b2df0317d58a7e3c484113bb3f71e2daa09
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IMYG8t3tF1HL-_fnA-zukw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.transaxgateway.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-IMYG8t3tF1HL-_fnA-zukw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Thu, 19 Oct 2023 12:53:42 GMT
expires
Thu, 19 Oct 2023 12:53:42 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
recaptcha__de.js
www.gstatic.com/recaptcha/releases/MydHw_zggsxIJuhSbyOmPv5R/ 		463 KB
186 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/MydHw_zggsxIJuhSbyOmPv5R/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
248db48e14eb17f19974117472ca07d25a1cbd60c623f91689efae0fab808e53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.transaxgateway.com/
Origin
https://secure.transaxgateway.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 15:35:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76685
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
189533
x-xss-protection
0
last-modified
Mon, 09 Oct 2023 02:01:40 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Oct 2024 15:35:37 GMT
m=_b,_tp
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.YBw80MDWjZA.es5.O/am=AEMM/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame CF1C 		156 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.YBw80MDWjZA.es5.O/am=AEMM/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriEk1D9o7Zei6viMXFOEIS2PsSCgg/m=_b,_tp
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsecure.transaxgateway.com&mid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7bce5bbe27e832ba258850d83c0b9e86eb0a23e07aa996ab44c11436a96c1ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:16:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74207
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56386
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 21:29:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Oct 2024 16:16:55 GMT
cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame CF1C 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by
Host: secure.transaxgateway.com
URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=K72j8VUWT%2BcZZ8AfGxJvTZEcN74iATuKkFdZbIFxU3s%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0a::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer
https://pay.google.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 19 Oct 2023 12:53:42 GMT
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1608
content-type
text/html; charset=UTF-8
anchor
www.google.com/recaptcha/api2/ Frame 75D9 		59 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJxMEUAAAAABITPAWnvcn6gfW6AWRSUy_DqTxD&co=aHR0cHM6Ly9zZWN1cmUudHJhbnNheGdhdGV3YXkuY29tOjQ0Mw..&hl=de&v=MydHw_zggsxIJuhSbyOmPv5R&size=normal&cb=i7c1to43xoix
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MydHw_zggsxIJuhSbyOmPv5R/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c829094d7c65c0edf080ab49896a36b4dc880322a80a23619bba0fa73bcda38b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3gNjx9RxeWy4BdtzCTgg_Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.transaxgateway.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-3gNjx9RxeWy4BdtzCTgg_Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 12:53:42 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
m=Das5Le
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.YBw80MDWjZA.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.QYrdAm... Frame CF1C 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.YBw80MDWjZA.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.QYrdAmcy1gk.L.B1.O/am=AEMM/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjsy94GEaH7k1xjusaVOZeEn2U0GA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.YBw80MDWjZA.es5.O/am=AEMM/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriEk1D9o7Zei6viMXFOEIS2PsSCgg/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e4009bb4a2203968b0f2efe8f94df1fd9b7bb1c98012b80c246d52d9383043a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 19:51:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61333
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27215
x-xss-protection
0
last-modified
Fri, 13 Oct 2023 03:24:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Oct 2024 19:51:29 GMT
pay
pay.google.com/gp/p/ui/ Frame CF1C 		1 MB
371 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/pay
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.YBw80MDWjZA.es5.O/am=AEMM/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriEk1D9o7Zei6viMXFOEIS2PsSCgg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0a::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c9540139ccea9359136764a77fa56bbc4bcfd6f563f3300b5a138f5ca6e99f7b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-eVMlorig8pcEy889Dlog0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 12:53:42 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-eVMlorig8pcEy889Dlog0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
x-ua-compatible
IE=edge
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
unsafe-none
server
ESF
x-frame-options
DENY
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Thu, 19 Oct 2023 12:53:42 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/MydHw_zggsxIJuhSbyOmPv5R/ Frame 75D9 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/MydHw_zggsxIJuhSbyOmPv5R/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJxMEUAAAAABITPAWnvcn6gfW6AWRSUy_DqTxD&co=aHR0cHM6Ly9zZWN1cmUudHJhbnNheGdhdGV3YXkuY29tOjQ0Mw..&hl=de&v=MydHw_zggsxIJuhSbyOmPv5R&size=normal&cb=i7c1to43xoix
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 12:51:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
148
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 09 Oct 2023 02:01:40 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 18 Oct 2024 12:51:14 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/MydHw_zggsxIJuhSbyOmPv5R/ Frame 75D9 		463 KB
185 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/MydHw_zggsxIJuhSbyOmPv5R/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJxMEUAAAAABITPAWnvcn6gfW6AWRSUy_DqTxD&co=aHR0cHM6Ly9zZWN1cmUudHJhbnNheGdhdGV3YXkuY29tOjQ0Mw..&hl=de&v=MydHw_zggsxIJuhSbyOmPv5R&size=normal&cb=i7c1to43xoix
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
248db48e14eb17f19974117472ca07d25a1cbd60c623f91689efae0fab808e53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 15:35:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76685
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
189533
x-xss-protection
0
last-modified
Mon, 09 Oct 2023 02:01:40 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Oct 2024 15:35:37 GMT
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.YBw80MDWjZA.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.QYrdAm... Frame CF1C 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.YBw80MDWjZA.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.QYrdAmcy1gk.L.B1.O/am=AEMM/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjsy94GEaH7k1xjusaVOZeEn2U0GA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.YBw80MDWjZA.es5.O/am=AEMM/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriEk1D9o7Zei6viMXFOEIS2PsSCgg/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd0262a4252df13a4ddc1284ffcc7ae10da3e268bbe29a8be68e80b8515054cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 19:51:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61326
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3915
x-xss-protection
0
last-modified
Fri, 13 Oct 2023 03:24:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Oct 2024 19:51:36 GMT
m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.YBw80MDWjZA.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.QYrdAm... Frame CF1C 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.YBw80MDWjZA.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.QYrdAmcy1gk.L.B1.O/am=AEMM/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjsy94GEaH7k1xjusaVOZeEn2U0GA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.YBw80MDWjZA.es5.O/am=AEMM/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriEk1D9o7Zei6viMXFOEIS2PsSCgg/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
187972db754c49fe0909034f454f59921d71908160b4d65fff4e4f2a1b3bcfc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 19:51:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61326
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14050
x-xss-protection
0
last-modified
Fri, 13 Oct 2023 03:24:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Oct 2024 19:51:36 GMT
log
play.google.com/ Frame CF1C 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.YBw80MDWjZA.es5.O/am=AEMM/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriEk1D9o7Zei6viMXFOEIS2PsSCgg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 19 Oct 2023 12:53:43 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 19 Oct 2023 12:53:43 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 19 Oct 2023 12:53:42 GMT
expires
Thu, 19 Oct 2023 12:53:42 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame CF1C 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.YBw80MDWjZA.es5.O/am=AEMM/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriEk1D9o7Zei6viMXFOEIS2PsSCgg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 19 Oct 2023 12:53:43 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 19 Oct 2023 12:53:43 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 19 Oct 2023 12:53:42 GMT
expires
Thu, 19 Oct 2023 12:53:42 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame CF1C 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.YBw80MDWjZA.es5.O/am=AEMM/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriEk1D9o7Zei6viMXFOEIS2PsSCgg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 19 Oct 2023 12:53:43 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 19 Oct 2023 12:53:43 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 19 Oct 2023 12:53:42 GMT
expires
Thu, 19 Oct 2023 12:53:42 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
truncated
/ Frame 75D9 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 75D9 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 75D9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MydHw_zggsxIJuhSbyOmPv5R/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/MydHw_zggsxIJuhSbyOmPv5R/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 00:18:29 GMT
x-content-type-options
nosniff
age
563714
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Fri, 20 Oct 2023 00:18:29 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 75D9 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJxMEUAAAAABITPAWnvcn6gfW6AWRSUy_DqTxD&co=aHR0cHM6Ly9zZWN1cmUudHJhbnNheGdhdGV3YXkuY29tOjQ0Mw..&hl=de&v=MydHw_zggsxIJuhSbyOmPv5R&size=normal&cb=i7c1to43xoix
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 06:47:09 GMT
x-content-type-options
nosniff
age
453994
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Oct 2024 06:47:09 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 75D9 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=MydHw_zggsxIJuhSbyOmPv5R
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJxMEUAAAAABITPAWnvcn6gfW6AWRSUy_DqTxD&co=aHR0cHM6Ly9zZWN1cmUudHJhbnNheGdhdGV3YXkuY29tOjQ0Mw..&hl=de&v=MydHw_zggsxIJuhSbyOmPv5R&size=normal&cb=i7c1to43xoix
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
769962ab7a07c4983d99a56f89f1b55e54dbeea7d50a24e796d42e4c02610a91
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJxMEUAAAAABITPAWnvcn6gfW6AWRSUy_DqTxD&co=aHR0cHM6Ly9zZWN1cmUudHJhbnNheGdhdGV3YXkuY29tOjQ0Mw..&hl=de&v=MydHw_zggsxIJuhSbyOmPv5R&size=normal&cb=i7c1to43xoix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 12:53:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 19 Oct 2023 12:53:43 GMT
bframe
www.google.com/recaptcha/api2/ Frame D311 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=MydHw_zggsxIJuhSbyOmPv5R&k=6LdJxMEUAAAAABITPAWnvcn6gfW6AWRSUy_DqTxD
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MydHw_zggsxIJuhSbyOmPv5R/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c3195aa9e99def3c82ed62f8a05c4063edf60c3d10d43f79073fff1c5d1d47b0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-y_p5ec1FVdHAMBx_gMoWLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.transaxgateway.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-y_p5ec1FVdHAMBx_gMoWLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 12:53:43 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/MydHw_zggsxIJuhSbyOmPv5R/ Frame D311 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/MydHw_zggsxIJuhSbyOmPv5R/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=MydHw_zggsxIJuhSbyOmPv5R&k=6LdJxMEUAAAAABITPAWnvcn6gfW6AWRSUy_DqTxD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 12:51:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 09 Oct 2023 02:01:40 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 18 Oct 2024 12:51:14 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/MydHw_zggsxIJuhSbyOmPv5R/ Frame D311 		463 KB
185 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/MydHw_zggsxIJuhSbyOmPv5R/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=MydHw_zggsxIJuhSbyOmPv5R&k=6LdJxMEUAAAAABITPAWnvcn6gfW6AWRSUy_DqTxD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
248db48e14eb17f19974117472ca07d25a1cbd60c623f91689efae0fab808e53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 15:35:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76686
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
189533
x-xss-protection
0
last-modified
Mon, 09 Oct 2023 02:01:40 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Oct 2024 15:35:37 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
secure.transaxgateway.com
URL
https://secure.transaxgateway.com/Styles/tx-icons.css
Domain
secure.transaxgateway.com
URL
https://secure.transaxgateway.com/Styles/fonts.css

Verdicts & Comments Add Verdict or Comment

202 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| ValidateShowLoading object| denylistedDomainsHashedValueListForGpayButtonWithCardInfo object| whitelistedDomainsHashedValueListForGpayButtonWithCardInfo object| denylistedMerchentIdsHashedValueListForGpayButtonWithCardInfo object| google function| gtag object| dataLayer object| theForm function| __doPostBack function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY string| Page_ValidationVer boolean| Page_IsValid boolean| Page_BlockSubmit object| Page_InvalidControlToBeFocused object| Page_TextTypes function| ValidatorUpdateDisplay function| ValidatorUpdateIsValid function| AllValidatorsValid function| ValidatorHookupControlID function| ValidatorHookupControl function| ValidatorHookupEvent function| ValidatorGetValue function| ValidatorGetValueRecursive function| Page_ClientValidate function| ValidatorCommonOnSubmit function| ValidatorEnable function| ValidatorOnChange function| ValidatedTextBoxOnKeyPress function| ValidatedControlOnBlur function| ValidatorValidate function| ValidatorSetFocus function| IsInVisibleContainer function| IsValidationGroupMatch function| ValidatorOnLoad function| ValidatorConvert function| ValidatorCompare function| CompareValidatorEvaluateIsValid function| CustomValidatorEvaluateIsValid function| RegularExpressionValidatorEvaluateIsValid function| ValidatorTrim function| RequiredFieldValidatorEvaluateIsValid function| RangeValidatorEvaluateIsValid function| ValidationSummaryOnSubmit function| Sys$Enum$parse function| Sys$Enum$toString function| Sys$Component$_setProperties function| Sys$Component$_setReferences function| $create function| $addHandler function| $addHandlers function| $clearHandlers function| $removeHandler function| $get function| $find function| Type object| Sys object| _events function| $ function| jQuery object| eventie function| docReady function| EventEmitter function| getStyleProperty function| getSize function| matchesSelector function| Outlayer function| Masonry function| fix_layout function| toggleLayer function| toggleLayer_noreturn function| toggleLayer_payment function| popitup function| Prepopulate_Country function| confirm_product_purchase function| confirm_board function| confirm_test_board function| confirm_delete function| confirm_billpay function| confirm_batch function| confirm_delete_processor function| confirm_update_defaultprocessor function| confirm_settlebatchnow function| confirm_stored_price_delete function| ShowDescription function| numberToCurrency function| confirm_no_ach_refund function| confirm_lock_user function| confirm_delete_group function| group_has_users function| AutoCalcAmount function| sumCalc function| sumCalcHPPConfig function| sumCalc2 function| sumCalcHPP function| sumCalcPayBills function| sumCalcRecurring function| mathRound function| mathRound2 function| mathRoundHPP function| mathRoundHPP2 function| sumCalcPOS function| mathRoundPOS function| GetPDSFee string| lastFocusedControlId function| focusHandler function| appInit function| pageLoadingHandler function| focusControl function| pageLoadedHandler function| WebForm_OnSubmit function| onloadCallback function| CloseModal function| CallTestAPI function| Test function| disableSourceControl function| CallConvenienceFeeAPI function| OnSuccess object| $container object| Page_Validators object| req_AmountEntered object| cv_AmountEntered object| req_ccnumber object| req_expdatemonth object| req_expdateyear_val object| req_cvv2 object| req_checkname object| req_checkaba object| req_checkaccount object| req_accountholdertype object| req_billing_first_name object| req_billing_last_name object| req_billing_company object| req_billing_phone object| req_billing_fax object| req_billing_email object| req_billing_website object| req_billing_address_1 object| req_billing_address_2 object| req_billing_city object| req_billing_state object| req_billing_zip object| req_billing_country object| req_custom_field_1 object| req_custom_field_2 object| req_custom_field_3 object| req_custom_field_4 object| req_custom_field_5 object| req_custom_field_6 object| req_custom_field_7 object| req_custom_field_8 object| req_custom_field_9 object| req_custom_field_10 undefined| Page_ValidationActive function| ValidatorOnSubmit object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_397537

5 Cookies

Domain/Path Name / Value
.bit.ly/ Name: _bit
Value: n9jcRF-aa1e49172af89fc074-00P
secure.transaxgateway.com/ Name: ASP.NET_SessionId
Value: xfu5c5z4x4r5vmdel43pgjrp
.google.com/ Name: NID
Value: 511=O9Lm21-Hp0TJzyBJft-s2qYACv07nD47j8kVTfyE6Erhn7BPpoo5zv--GRLX37UWvxUivje3uVw5lo0GLTi67avMvHLBKmv9BIawp5uam4A2A1nNCla7wRAny_g7BjsFkkrDjyXiUfmpl81GNGS9zAhZmtDOwtCJ3xpZwc7EdA0
secure.transaxgateway.com/ Name: AWSALB
Value: kDGEMQQ8gMXzR341lIvFpo1WEyWyMg/ykYHtAYThfQI3h6MHfMT9ns4ATQOtPhtFV2nA95Uy5L1uTyILJJfTqch2iH4M4MIvsyETNV4dVBE73l7PSW6G8r1QjZy0
secure.transaxgateway.com/ Name: AWSALBCORS
Value: kDGEMQQ8gMXzR341lIvFpo1WEyWyMg/ykYHtAYThfQI3h6MHfMT9ns4ATQOtPhtFV2nA95Uy5L1uTyILJJfTqch2iH4M4MIvsyETNV4dVBE73l7PSW6G8r1QjZy0

14 Console Messages

Source Level URL
Text
security error URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=K72j8VUWT%2BcZZ8AfGxJvTZEcN74iATuKkFdZbIFxU3s%3D
Message:
Unrecognized Content-Security-Policy directive 'GOFORIT'.
security error URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=K72j8VUWT%2BcZZ8AfGxJvTZEcN74iATuKkFdZbIFxU3s%3D
Message:
Refused to apply style from 'https://secure.transaxgateway.com/Styles/tx-icons.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security error URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=K72j8VUWT%2BcZZ8AfGxJvTZEcN74iATuKkFdZbIFxU3s%3D
Message:
Refused to apply style from 'https://secure.transaxgateway.com/Styles/fonts.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
network error URL: https://secure.transaxgateway.com/HostedPaymentForm/ApplePayJSv1.js
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=K72j8VUWT%2BcZZ8AfGxJvTZEcN74iATuKkFdZbIFxU3s%3D
Message:
Refused to execute script from 'https://secure.transaxgateway.com/HostedPaymentForm/ApplePayJSv1.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
security error URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=K72j8VUWT%2BcZZ8AfGxJvTZEcN74iATuKkFdZbIFxU3s%3D
Message:
Failed to find a valid digest in the 'integrity' attribute for resource 'https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js' with computed SHA-512 integrity 'ymVZ3zh7rg8q9gwMcroxG4BkXAv5vIqKwyftaBA2XBWhUStuyTevDZ9yjlAchyfOB/hn4qkmXDY2XqWwPHAGgg=='. The resource has been blocked.
security error URL: https://secure.transaxgateway.com/HostedPaymentForm/HostedPaymentPage.aspx?hash=K72j8VUWT%2BcZZ8AfGxJvTZEcN74iATuKkFdZbIFxU3s%3D
Message:
Failed to find a valid digest in the 'integrity' attribute for resource 'https://unpkg.com/axios/dist/axios.min.js' with computed SHA-512 integrity 'emSwuKiMyYedRwflbZB2ghzX8Cw8fmNVgZ6yQNNXXagFzFOaQmbvQ1vmDkddHjm5AITcBIZfC7k4ShQSjgPAmQ=='. The resource has been blocked.
security error URL: https://pay.google.com/gp/p/js/pay.js(Line 167)
Message:
Unrecognized Content-Security-Policy directive 'GOFORIT'.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://www.gstatic.com/recaptcha/releases/MydHw_zggsxIJuhSbyOmPv5R/recaptcha__de.js(Line 101)
Message:
Unrecognized Content-Security-Policy directive 'GOFORIT'.
security error URL: https://www.gstatic.com/recaptcha/releases/MydHw_zggsxIJuhSbyOmPv5R/recaptcha__de.js(Line 247)
Message:
Unrecognized Content-Security-Policy directive 'GOFORIT'.
security error URL: https://www.gstatic.com/recaptcha/releases/MydHw_zggsxIJuhSbyOmPv5R/recaptcha__de.js(Line 247)
Message:
Unrecognized Content-Security-Policy directive 'GOFORIT'.
security error URL: https://www.gstatic.com/recaptcha/releases/MydHw_zggsxIJuhSbyOmPv5R/recaptcha__de.js(Line 293)
Message:
Unrecognized Content-Security-Policy directive 'GOFORIT'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy GOFORIT
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options GOFORIT

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

applepay.cdn-apple.com
bit.ly
fonts.gstatic.com
pay.google.com
play.google.com
secure.transaxgateway.com
unpkg.com
www.google.com
www.gstatic.com
secure.transaxgateway.com
174.129.3.150
2606:4700::6810:7baf
2a00:1450:4001:800::2004
2a00:1450:4001:806::200e
2a00:1450:4001:813::2003
2a00:1450:4001:82f::2003
2a00:1450:400c:c0a::5c
2a01:b740:a30:f100::198
67.199.248.11
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
187972db754c49fe0909034f454f59921d71908160b4d65fff4e4f2a1b3bcfc8
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bd4a31c8e847882c26f45fcaef90b2df0317d58a7e3c484113bb3f71e2daa09
1d2af42c1f44abd80bb673db11c076eb6d251c97a4dc77264d0adbe1acb4a11b
248db48e14eb17f19974117472ca07d25a1cbd60c623f91689efae0fab808e53
37384673af8d6661ec5ce9b017723426444f80b065e16e7a2a66d0fa81ed9fcf
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
4f3604f1ead4e51e75612bbe34446f8f91b84879fa85453e8ca46a664f78b3cf
4ff8a311c20d871eb917b464a63da00f76efcac353588708185dca450c1594d7
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5fc1d6472e832d022ebdcc0c5ba3b99230b117a657eb425dec292448bc189a09
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
769962ab7a07c4983d99a56f89f1b55e54dbeea7d50a24e796d42e4c02610a91
77b2af5b518dacce86ad0497e09dbbccd09737ae36592d25e16a31df38ba0508
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
8665d2f44e09b242236e831e3fab1306845537140d22d3d6ad94eec6da493ab4
8aaef69b5f798f99583f9401814e896194b00017adc83fea26e4fd39c9f7e7b7
8c39269349c4fb6b993fd649d6677c8cba5fdc217034d638c5b824cb3ee70f08
8ff665f46765a156d12b96a537e6af65f1a831ae83749ce6a01e7df75b565b48
a95b499f9d269eaaf206deeb1819aecb4bf622d50cfa0ec4aaf485bba18cee7e
b7e82e6f7c70e3a25f97065417a5bb4dd5690931fdb16f71a49dab26f9d480ca
c3195aa9e99def3c82ed62f8a05c4063edf60c3d10d43f79073fff1c5d1d47b0
c5a6c65e0659cd90e83bc3c9e6bd2cab63beca386a402ab362f64430653c98a8
c829094d7c65c0edf080ab49896a36b4dc880322a80a23619bba0fa73bcda38b
c9540139ccea9359136764a77fa56bbc4bcfd6f563f3300b5a138f5ca6e99f7b
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
e4009bb4a2203968b0f2efe8f94df1fd9b7bb1c98012b80c246d52d9383043a9
e7bce5bbe27e832ba258850d83c0b9e86eb0a23e07aa996ab44c11436a96c1ca
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192
fc8db7870587a768ae33540ede126501d2cf29670b3004708c422095745a1faf
fd0262a4252df13a4ddc1284ffcc7ae10da3e268bbe29a8be68e80b8515054cd
fd688b0ff9f17567ad22bf34a05ed17ee78750b9965418309c821eb3f55cc38f