pay.mbnk.biz Open in urlscan Pro
54.154.48.112 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pay.mbnk.biz/2305138xScEXPyocF7jL
Submission: On May 13 via api (May 13th 2023, 12:50:04 pm UTC) from US — Scanned from DE

Summary HTTP 45 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 4 domains to perform 45 HTTP transactions. The main IP is 54.154.48.112, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is pay.mbnk.biz.
TLS certificate: Issued by Amazon RSA 2048 M02 on May 6th 2023. Valid for: a year.

This is the only time pay.mbnk.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	54.154.48.112 54.154.48.112	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:400c:c09::5c	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
45	6

11 54.154.48.112 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-48-112.eu-west-1.compute.amazonaws.com

pay.mbnk.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400c:c09::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	google.com pay.google.com — Cisco Umbrella Rank: 2786 play.google.com — Cisco Umbrella Rank: 34	446 KB
11	gstatic.com www.gstatic.com fonts.gstatic.com	213 KB
11	mbnk.biz pay.mbnk.biz	329 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 50	1 KB
45	4

	Domain	Requested by
16	play.google.com	www.gstatic.com
11	pay.mbnk.biz	pay.mbnk.biz
10	www.gstatic.com	pay.google.com www.gstatic.com
6	pay.google.com	pay.mbnk.biz pay.google.com www.gstatic.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	client
45	6

This site contains links to these domains. Also see Links.

Domain
monobank.ua

Subject Issuer	Validity	Valid
mbnk.biz Amazon RSA 2048 M02	`2023-05-06` - `2024-06-03`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://pay.mbnk.biz/2305138xScEXPyocF7jL
Frame ID: 7CAC4514DE30BEF9F727E4D2EFAF4752
Requests: 16 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fpay.mbnk.biz&mid=
Frame ID: DAB40C060295E88EE8E269F74014F78C
Requests: 15 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/generate_gpay_btn_img?buttonColor=black&browserLocale=uk&buttonSizeMode=fill&enableGpayNewButtonAsset=false
Frame ID: 06BE9E77E3AEAD8DDC2B31E2236AC556
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

monobank

Detected technologies

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Page Statistics

45
Requests

100 %
HTTPS

83 %
IPv6

4
Domains

6
Subdomains

6
IPs

3
Countries

989 kB
Transfer

2841 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://monobank.ua/get
Title: monobank

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 2305138xScEXPyocF7jL Show response
pay.mbnk.biz/ 11 KB
3 KB 243ms
117ms Document
text/html 54.154.48.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.mbnk.biz/2305138xScEXPyocF7jL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.154.48.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-48-112.eu-west-1.compute.amazonaws.com

Software

n/a /

Resource Hash

1d403b25e5158dd1ea4592f40aeedef5c06498d23202251b11043533d95cf7dc

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' https: http: 'unsafe-inline' 'unsafe-eval' 'nonce-DWbC1vkorRQuqnt6CdIq5A==' 'strict-dynamic'; worker-src 'self'; manifest-src 'self' 'nonce-DWbC1vkorRQuqnt6CdIq5A=='; media-src 'self' 'nonce-DWbC1vkorRQuqnt6CdIq5A=='; object-src 'none'; prefetch-src 'self' 'nonce-DWbC1vkorRQuqnt6CdIq5A=='; frame-ancestors 'self'; base-uri 'self' 'nonce-DWbC1vkorRQuqnt6CdIq5A==';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'self' https: http: 'unsafe-inline' 'unsafe-eval' 'nonce-DWbC1vkorRQuqnt6CdIq5A==' 'strict-dynamic'; worker-src 'self'; manifest-src 'self' 'nonce-DWbC1vkorRQuqnt6CdIq5A=='; media-src 'self' 'nonce-DWbC1vkorRQuqnt6CdIq5A=='; object-src 'none'; prefetch-src 'self' 'nonce-DWbC1vkorRQuqnt6CdIq5A=='; frame-ancestors 'self'; base-uri 'self' 'nonce-DWbC1vkorRQuqnt6CdIq5A==';
content-type: text/html
date: Sat, 13 May 2023 12:50:00 GMT
server: n/a
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: fOAz5H4kyG60S9Z9cx866630vI
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1

GET
H2 200 535c3e66c749c9520f78.woff2
pay.mbnk.biz/assets/fonts/ 17 KB
17 KB 192ms
191ms Font
font/woff2 54.154.48.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.mbnk.biz/assets/fonts/535c3e66c749c9520f78.woff2

Requested by

Host: pay.mbnk.biz
URL: https://pay.mbnk.biz/2305138xScEXPyocF7jL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.154.48.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-48-112.eu-west-1.compute.amazonaws.com

Software

n/a /

Resource Hash

57ef7131e31bcda57b1282446094604509ae1593b0d0e974df73ddda0cc5b2df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://pay.mbnk.biz/2305138xScEXPyocF7jL
Origin: https://pay.mbnk.biz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 12:50:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 09 May 2023 09:00:45 GMT
server: n/a
etag: W/"4358-187ffbdda48"
content-type: font/woff2
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 17240

GET
H2 200 b66bb5eb704e9be99f97.woff2
pay.mbnk.biz/assets/fonts/ 63 KB
63 KB 102ms
102ms Font
font/woff2 54.154.48.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.mbnk.biz/assets/fonts/b66bb5eb704e9be99f97.woff2

Requested by

Host: pay.mbnk.biz
URL: https://pay.mbnk.biz/2305138xScEXPyocF7jL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.154.48.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-48-112.eu-west-1.compute.amazonaws.com

Software

n/a /

Resource Hash

00bc8de388a41c17584be40b009996d820aa1df9d7a0271696c9b1699b61e626

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://pay.mbnk.biz/2305138xScEXPyocF7jL
Origin: https://pay.mbnk.biz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 12:50:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 09 May 2023 09:00:45 GMT
server: n/a
etag: W/"fcb0-187ffbdda48"
content-type: font/woff2
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 64688

GET
H2 200 main.js Show response
pay.mbnk.biz/ 669 KB
204 KB 170ms
170ms Script
application/javascript 54.154.48.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.mbnk.biz/main.js?8c9e0a4a73566e59ad76

Requested by

Host: pay.mbnk.biz
URL: https://pay.mbnk.biz/2305138xScEXPyocF7jL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.154.48.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-48-112.eu-west-1.compute.amazonaws.com

Software

n/a /

Resource Hash

6c784eb2e49e6bd99cf0db240ffe4ff65499835bfc012543cfe0b199c2fb8b81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.mbnk.biz/2305138xScEXPyocF7jL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 12:50:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 09 May 2023 09:00:45 GMT
server: n/a
content-encoding: gzip
etag: W/"a7586-187ffbdda48"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0

POST
H2 200 sync Show response
pay.mbnk.biz/api/web/ 129 B
428 B 130ms
130ms XHR
application/json 54.154.48.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.mbnk.biz/api/web/sync

Requested by

Host: pay.mbnk.biz
URL: https://pay.mbnk.biz/main.js?8c9e0a4a73566e59ad76

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.154.48.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-48-112.eu-west-1.compute.amazonaws.com

Software

n/a /

Resource Hash

30015799175cefcc665ca295428fae228a1a302e9a7ce6c00cf1d2f37243a73c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

X-Pub-Key: AyGAQAZzJO5JaK6qWH9yxANJqL7AUIyAAzY_x2wLoXpc
X-App-Version: 1.0.95
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/json
X-Browser-Id: BCGAQAZzJO5JaK6qWH9yxANJqL7AUIyAAzY_x2wLoXpcYgSQ0QinGolTPTLnJ2oObf7aSRxFp2P-WWsgeGSj8QU
Accept: application/json
Lang: en
Referer: https://pay.mbnk.biz/2305138xScEXPyocF7jL

Response headers

pragma: no-cache
date: Sat, 13 May 2023 12:50:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
server: n/a
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
trace-id: 3158a8c158a8bdd0d347894fd8b8769c
content-length: 129

POST
H2 200 get Show response
pay.mbnk.biz/api/web/invoice/ 592 B
825 B 193ms
193ms XHR
application/octet-stream 54.154.48.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.mbnk.biz/api/web/invoice/get

Requested by

Host: pay.mbnk.biz
URL: https://pay.mbnk.biz/main.js?8c9e0a4a73566e59ad76

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.154.48.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-48-112.eu-west-1.compute.amazonaws.com

Software

n/a /

Resource Hash

0c8b1102501c34d8f668b4e53e30888720f61038aeef019fe82739751d7feeba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

X-Pub-Key: AyGAQAZzJO5JaK6qWH9yxANJqL7AUIyAAzY_x2wLoXpc
X-App-Version: 1.0.95
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/octet-stream
X-Browser-Id: BCGAQAZzJO5JaK6qWH9yxANJqL7AUIyAAzY_x2wLoXpcYgSQ0QinGolTPTLnJ2oObf7aSRxFp2P-WWsgeGSj8QU
Accept: application/octet-stream
Lang: en
Referer: https://pay.mbnk.biz/2305138xScEXPyocF7jL
X-Referer

Response headers

access-control-allow-origin: *
date: Sat, 13 May 2023 12:50:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
server: n/a
trace-id: e6e31226466bda6a4f9fd5acac6204ef
content-length: 592
content-type: application/octet-stream

POST
H2 200 pay-tokens-data Show response
pay.mbnk.biz/api/web/ 314 B
547 B 124ms
124ms XHR
application/octet-stream 54.154.48.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.mbnk.biz/api/web/pay-tokens-data

Requested by

Host: pay.mbnk.biz
URL: https://pay.mbnk.biz/main.js?8c9e0a4a73566e59ad76

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.154.48.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-48-112.eu-west-1.compute.amazonaws.com

Software

n/a /

Resource Hash

e01cffac576bb23c2a566e319119268ab15703f14b3344a16c7c9288930dc919

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

X-Pub-Key: AyGAQAZzJO5JaK6qWH9yxANJqL7AUIyAAzY_x2wLoXpc
X-App-Version: 1.0.95
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/octet-stream
X-Browser-Id: BCGAQAZzJO5JaK6qWH9yxANJqL7AUIyAAzY_x2wLoXpcYgSQ0QinGolTPTLnJ2oObf7aSRxFp2P-WWsgeGSj8QU
Accept: application/octet-stream
Lang: en
Referer: https://pay.mbnk.biz/2305138xScEXPyocF7jL

Response headers

access-control-allow-origin: *
date: Sat, 13 May 2023 12:50:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
server: n/a
trace-id: 99ae2509e73d4704e8dd1048cafe4d5b
content-length: 314
content-type: application/octet-stream

GET
H2 200 company_default.png
pay.mbnk.biz/assets/const/ 14 KB
14 KB 100ms
100ms Image
image/png 54.154.48.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pay.mbnk.biz/assets/const/company_default.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.154.48.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-48-112.eu-west-1.compute.amazonaws.com

Software

n/a /

Resource Hash

56da67789510e57cc200f89fb78974a7677090ffff75b2cdc656191e043561d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.mbnk.biz/2305138xScEXPyocF7jL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 12:50:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 09 May 2023 09:00:45 GMT
server: n/a
etag: W/"3679-187ffbdda48"
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 13945

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ 116 KB
36 KB 152ms
72ms Script
application/javascript 2a00:1450:400c:c09::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: pay.mbnk.biz
URL: https://pay.mbnk.biz/main.js?8c9e0a4a73566e59ad76

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

248a1075a0c6bd06c4f88ba216bb1e53ea9313b8cc4034a2781768d140ad0bc5

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-sN0qOq68cy02CwaSZdlY4w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.mbnk.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 12:50:01 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-sN0qOq68cy02CwaSZdlY4w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Sat, 13 May 2023 12:50:01 GMT

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame DAB4 18 KB
8 KB 203ms
202ms Document
text/html 2a00:1450:400c:c09::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fpay.mbnk.biz&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

65d23ac59a75f048ed22daa87109f6ea3515bdb9ee21c695b32de732e4e790d2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sG0wP6rRaw35rk45NK4VCg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pay.mbnk.biz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-sG0wP6rRaw35rk45NK4VCg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Sat, 13 May 2023 12:50:01 GMT
expires: Sat, 13 May 2023 12:50:01 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 payment_white_36dp.png
www.gstatic.com/images/icons/material/system/1x/ 149 B
596 B 75ms
22ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/1x/payment_white_36dp.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

004d7aa90e2889f6291a71c84ac3d3e394e0cade32bd41dc214736418f769181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.mbnk.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 22:15:18 GMT
x-content-type-options: nosniff
age: 570883
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 149
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 05 May 2024 22:15:18 GMT

POST
H2 200 create-order Show response
pay.mbnk.biz/api/web/invoice/ 131 B
364 B 214ms
214ms XHR
application/octet-stream 54.154.48.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.mbnk.biz/api/web/invoice/create-order

Requested by

Host: pay.mbnk.biz
URL: https://pay.mbnk.biz/main.js?8c9e0a4a73566e59ad76

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.154.48.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-48-112.eu-west-1.compute.amazonaws.com

Software

n/a /

Resource Hash

345688af9c21bb8ce8ab4932d51d3ad98b8a1b16aaeb4d0d31eb2485753a5ab0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

X-Pub-Key: AyGAQAZzJO5JaK6qWH9yxANJqL7AUIyAAzY_x2wLoXpc
X-App-Version: 1.0.95
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/octet-stream
X-Browser-Id: BCGAQAZzJO5JaK6qWH9yxANJqL7AUIyAAzY_x2wLoXpcYgSQ0QinGolTPTLnJ2oObf7aSRxFp2P-WWsgeGSj8QU
Accept: application/octet-stream
Lang: en
Referer: https://pay.mbnk.biz/2305138xScEXPyocF7jL

Response headers

access-control-allow-origin: *
date: Sat, 13 May 2023 12:50:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
server: n/a
trace-id: 2808fdaef564da43609df2b07c5f81c6
content-length: 131
content-type: application/octet-stream

GET
H2 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mcakmH4xCHI.es5.O/am=wLEBQA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/r... Frame DAB4 157 KB
56 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mcakmH4xCHI.es5.O/am=wLEBQA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjZjS-b846bU9JFjWbDuYp4J7U-1g/m=_b,_tp,_r

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fpay.mbnk.biz&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

413eee8802417be36862c02a0f6742e89047cddd35fc4efbd29f8a7cffbcd5e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 16:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 160407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56654
x-xss-protection: 0
last-modified: Thu, 11 May 2023 02:25:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 May 2024 16:16:34 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame DAB4 2 KB
2 KB 128ms
128ms Other
text/html 2a00:1450:400c:c09::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: pay.mbnk.biz
URL: https://pay.mbnk.biz/2305138xScEXPyocF7jL
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c09::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 13 May 2023 12:50:01 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H3 200 m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mcakmH4xCHI.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fSa... Frame DAB4 70 KB
26 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mcakmH4xCHI.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fSa0xJY05bI.L.B1.O/am=wLEBQA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhJO2OHJLE4blNm3FMEPO9Xj_y85w/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mcakmH4xCHI.es5.O/am=wLEBQA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjZjS-b846bU9JFjWbDuYp4J7U-1g/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

827edd70319f63fa71429a0e8efe6451fa6f1affd57d3237443a6e13a99567e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 16:49:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 158435
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26119
x-xss-protection: 0
last-modified: Tue, 09 May 2023 11:23:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 May 2024 16:49:26 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 82ms
29ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google+Sans_old:500

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1301059eeba32b21e7027d434bf0a3cc2f4f9c72466a2a05d7fb0055c05e1bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.mbnk.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 13 May 2023 12:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 13 May 2023 11:04:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 May 2023 12:50:01 GMT

GET
H3 200 generate_gpay_btn_img Show response
pay.google.com/gp/p/ Frame 06BE 19 KB
8 KB 94ms
93ms Document
text/html 2a00:1450:400c:c09::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/generate_gpay_btn_img?buttonColor=black&browserLocale=uk&buttonSizeMode=fill&enableGpayNewButtonAsset=false

Requested by

Host: pay.mbnk.biz
URL: https://pay.mbnk.biz/main.js?8c9e0a4a73566e59ad76

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c09::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7057cc528ce8336f8135627c1392ebf5d8c44a3098a013522cb4346db5f91fef

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayButtonUi/cspreport script-src 'report-sample' 'nonce-Lj71Wv1Oph_03IjarjC9OQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayButtonUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayButtonUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pay.mbnk.biz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayButtonUi/cspreport script-src 'report-sample' 'nonce-Lj71Wv1Oph_03IjarjC9OQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayButtonUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayButtonUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Sat, 13 May 2023 12:50:01 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 company_default.png
pay.mbnk.biz/assets/const/ 14 KB
14 KB 125ms
124ms Image
image/png 54.154.48.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pay.mbnk.biz/assets/const/company_default.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.154.48.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-48-112.eu-west-1.compute.amazonaws.com

Software

n/a /

Resource Hash

56da67789510e57cc200f89fb78974a7677090ffff75b2cdc656191e043561d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.mbnk.biz/2305138xScEXPyocF7jL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 12:50:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 09 May 2023 09:00:45 GMT
server: n/a
etag: W/"3679-187ffbdda48"
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 13945

GET
H2 200 ff2844a469a4d202a0a2.png
pay.mbnk.biz/assets/images/ 11 KB
11 KB 101ms
100ms Image
image/png 54.154.48.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pay.mbnk.biz/assets/images/ff2844a469a4d202a0a2.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.154.48.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-48-112.eu-west-1.compute.amazonaws.com

Software

n/a /

Resource Hash

8825094da91f9cdc4a95ebf266ac3aaf08798bc950292095be695eff534df710

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.mbnk.biz/2305138xScEXPyocF7jL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 12:50:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 09 May 2023 09:00:45 GMT
server: n/a
etag: W/"2b87-187ffbdda48"
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 11143

GET
H3 200 dark_gpay.svg
www.gstatic.com/instantbuy/svg/ 2 KB
953 B 22ms
21ms Image
image/svg+xml 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/instantbuy/svg/dark_gpay.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f383d270511912b2da11555947cb3e6012e6375cb5f0d90493c25f6048169073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.mbnk.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 20:31:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 577127
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 928
x-xss-protection: 0
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 05 May 2024 20:31:14 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame DAB4 1 MB
390 KB 89ms
89ms XHR
text/html 2a00:1450:400c:c09::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c09::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9ec59c307c069c68f80f18677683e71887e8c47e2a5b41adebee32034b4a3076

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UjaienFFghNZt4JnVSCI8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 12:50:01 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-UjaienFFghNZt4JnVSCI8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Sat, 13 May 2023 12:50:01 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mcakmH4xCHI.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fSa... Frame DAB4 23 KB
9 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mcakmH4xCHI.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fSa0xJY05bI.L.B1.O/am=wLEBQA/d=1/exm=Das5Le,IZT63,PrPYRd,ZyYHPb,_b,_r,_tp,hc6Ubd,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhJO2OHJLE4blNm3FMEPO9Xj_y85w/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2388cc07bac3930391667033d85607cb695ff5d7bf466eab6052aef3d853c1a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 16:49:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 158435
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9401
x-xss-protection: 0
last-modified: Tue, 09 May 2023 11:23:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 May 2024 16:49:26 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mcakmH4xCHI.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fSa... Frame DAB4 35 KB
13 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mcakmH4xCHI.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fSa0xJY05bI.L.B1.O/am=wLEBQA/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhJO2OHJLE4blNm3FMEPO9Xj_y85w/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0b590e2a456890d37d2059f2f34f645c8a6209d57c328d63622c8c951874aa2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 16:49:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 158435
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13544
x-xss-protection: 0
last-modified: Tue, 09 May 2023 11:23:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 May 2024 16:49:26 GMT

POST
H3 200 log Show response
play.google.com/ Frame DAB4 131 B
155 B 74ms
33ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 13 May 2023 12:50:01 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 13 May 2023 12:50:01 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 78ms
26ms Preflight
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 13 May 2023 12:50:01 GMT
expires: Sat, 13 May 2023 12:50:01 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame DAB4 131 B
155 B 58ms
31ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 13 May 2023 12:50:01 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 13 May 2023 12:50:01 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 90ms
41ms Preflight
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 13 May 2023 12:50:01 GMT
expires: Sat, 13 May 2023 12:50:01 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 74ms
27ms Preflight
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 13 May 2023 12:50:01 GMT
expires: Sat, 13 May 2023 12:50:01 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame DAB4 131 B
155 B 69ms
31ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 13 May 2023 12:50:01 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 13 May 2023 12:50:01 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 73ms
28ms Preflight
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 13 May 2023 12:50:01 GMT
expires: Sat, 13 May 2023 12:50:01 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame DAB4 131 B
155 B 73ms
34ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 13 May 2023 12:50:01 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 13 May 2023 12:50:01 GMT

POST
H3 200 log Show response
play.google.com/ Frame DAB4 131 B
155 B 73ms
34ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 13 May 2023 12:50:01 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 13 May 2023 12:50:01 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 72ms
28ms Preflight
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 13 May 2023 12:50:01 GMT
expires: Sat, 13 May 2023 12:50:01 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame DAB4 131 B
155 B 72ms
34ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 13 May 2023 12:50:01 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 13 May 2023 12:50:01 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 70ms
28ms Preflight
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 13 May 2023 12:50:01 GMT
expires: Sat, 13 May 2023 12:50:01 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame DAB4 131 B
155 B 73ms
35ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 13 May 2023 12:50:01 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 13 May 2023 12:50:01 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 70ms
28ms Preflight
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 13 May 2023 12:50:01 GMT
expires: Sat, 13 May 2023 12:50:01 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame DAB4 131 B
155 B 78ms
39ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 13 May 2023 12:50:01 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 13 May 2023 12:50:01 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 68ms
28ms Preflight
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 13 May 2023 12:50:01 GMT
expires: Sat, 13 May 2023 12:50:01 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrw2IJllpyk.woff2
fonts.gstatic.com/s/googlesans/v46/ 19 KB
19 KB 73ms
22ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrw2IJllpyk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans_old:500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e279d129f2bab6f05d19432d16ab708dae86b30278dd9de186ba135414f104cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pay.mbnk.biz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 20:31:11 GMT
x-content-type-options: nosniff
age: 577130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19384
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 20:31:11 GMT

GET
H3 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.q179ac9dxF0.es5.O/am=wDEDgA/d=1/excm=_b,_r,_tp,generategooglepaybuttonimage/ed=1/... Frame 06BE 160 KB
57 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.q179ac9dxF0.es5.O/am=wDEDgA/d=1/excm=_b,_r,_tp,generategooglepaybuttonimage/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgEDsGEY82v7duVoJqGcrrp3-CKNQ/m=_b,_tp,_r

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/generate_gpay_btn_img?buttonColor=black&browserLocale=uk&buttonSizeMode=fill&enableGpayNewButtonAsset=false

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a2c3b91b856ea92dacb72691ea44d7e15487efc9ee86b5539f142a29be4b3cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 20:02:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 146875
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57956
x-xss-protection: 0
last-modified: Thu, 11 May 2023 02:25:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 May 2024 20:02:06 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayButtonUi/ Frame 06BE 2 KB
2 KB 147ms
147ms Other
text/html 2a00:1450:400c:c09::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayButtonUi/cspreport
Requested by: Host: pay.mbnk.biz
URL: https://pay.mbnk.biz/2305138xScEXPyocF7jL
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c09::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 65ff9ae6d7be23f1b0164644acc1c8af7d7daccc143c976fd133b5b19f0505ff

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 13 May 2023 12:50:01 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1609
content-type: text/html; charset=UTF-8

GET
H3 200 uk.svg
www.gstatic.com/instantbuy/svg/dark/ Frame 06BE 6 KB
3 KB 28ms
28ms Image
image/svg+xml 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/instantbuy/svg/dark/uk.svg

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/generate_gpay_btn_img?buttonColor=black&browserLocale=uk&buttonSizeMode=fill&enableGpayNewButtonAsset=false

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

561b0388719d1bd5687d32b48059318e96c119a632df8497b27e25855ba5d7cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 17:37:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 587576
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2693
x-xss-protection: 0
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 05 May 2024 17:37:05 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.q179ac9dxF0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.w... Frame 06BE 42 KB
16 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.q179ac9dxF0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.w_VQfLlyuUo.L.B1.O/am=wDEDgA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,generategooglepaybuttonimage/ed=1/wt=2/ujg=1/rs=AMitfrjq3VhhMB765ZlYIrcl1EjeJ-Y8_g/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.q179ac9dxF0.es5.O/am=wDEDgA/d=1/excm=_b,_r,_tp,generategooglepaybuttonimage/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgEDsGEY82v7duVoJqGcrrp3-CKNQ/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

545a881f13949219cf2ba30f1df6ff1b845665f555b39899ea7c4678ca81b5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 20:02:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 146874
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16304
x-xss-protection: 0
last-modified: Thu, 11 May 2023 02:25:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 May 2024 20:02:07 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.q179ac9dxF0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.w... Frame 06BE 35 KB
13 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.q179ac9dxF0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.w_VQfLlyuUo.L.B1.O/am=wDEDgA/d=1/exm=FCpbqb,WhJNk,Wt6vjf,_b,_r,_tp,hhhU8,ws9Tlc/excm=_b,_r,_tp,generategooglepaybuttonimage/ed=1/wt=2/ujg=1/rs=AMitfrjq3VhhMB765ZlYIrcl1EjeJ-Y8_g/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0d5569b47db0ee1cf2da00a459159f007f86f84a9e9f10d639d4d3871856e5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 20:02:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 146874
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13294
x-xss-protection: 0
last-modified: Thu, 11 May 2023 02:25:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 May 2024 20:02:07 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.google.com/	1970-01-20 16:09:53	Name: NID Value: 511=i3Z04qI_17GMrETObRe1xlKSsj5_EAcmHqjfyv2PI2G-PRmywby5kz3hTBIy8tvScrfmkdTJrZ9BxYhZ70Ep779pyuFK6CKfpDCsYqoBPHUhQJUeRzjIW6D8r0-d6pUwaJzLy35QT6bffNl52EUoYRHH8XSRc9LRuEGl9TzNKBo

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://pay.mbnk.biz/2305138xScEXPyocF7jL Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://pay.google.com/gp/p/js/pay.js(Line 165) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	error	URL: https://pay.mbnk.biz/main.js?8c9e0a4a73566e59ad76 Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayButtonUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'self' https: http: 'unsafe-inline' 'unsafe-eval' 'nonce-DWbC1vkorRQuqnt6CdIq5A==' 'strict-dynamic'; worker-src 'self'; manifest-src 'self' 'nonce-DWbC1vkorRQuqnt6CdIq5A=='; media-src 'self' 'nonce-DWbC1vkorRQuqnt6CdIq5A=='; object-src 'none'; prefetch-src 'self' 'nonce-DWbC1vkorRQuqnt6CdIq5A=='; frame-ancestors 'self'; base-uri 'self' 'nonce-DWbC1vkorRQuqnt6CdIq5A==';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
pay.google.com
pay.mbnk.biz
play.google.com
www.gstatic.com
2a00:1450:4001:827::2003
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200e
2a00:1450:400c:c09::5c
54.154.48.112
004d7aa90e2889f6291a71c84ac3d3e394e0cade32bd41dc214736418f769181
00bc8de388a41c17584be40b009996d820aa1df9d7a0271696c9b1699b61e626
0c8b1102501c34d8f668b4e53e30888720f61038aeef019fe82739751d7feeba
1301059eeba32b21e7027d434bf0a3cc2f4f9c72466a2a05d7fb0055c05e1bfd
1a2c3b91b856ea92dacb72691ea44d7e15487efc9ee86b5539f142a29be4b3cf
1d403b25e5158dd1ea4592f40aeedef5c06498d23202251b11043533d95cf7dc
2388cc07bac3930391667033d85607cb695ff5d7bf466eab6052aef3d853c1a0
248a1075a0c6bd06c4f88ba216bb1e53ea9313b8cc4034a2781768d140ad0bc5
30015799175cefcc665ca295428fae228a1a302e9a7ce6c00cf1d2f37243a73c
345688af9c21bb8ce8ab4932d51d3ad98b8a1b16aaeb4d0d31eb2485753a5ab0
413eee8802417be36862c02a0f6742e89047cddd35fc4efbd29f8a7cffbcd5e2
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
545a881f13949219cf2ba30f1df6ff1b845665f555b39899ea7c4678ca81b5ee
561b0388719d1bd5687d32b48059318e96c119a632df8497b27e25855ba5d7cf
56da67789510e57cc200f89fb78974a7677090ffff75b2cdc656191e043561d8
57ef7131e31bcda57b1282446094604509ae1593b0d0e974df73ddda0cc5b2df
65d23ac59a75f048ed22daa87109f6ea3515bdb9ee21c695b32de732e4e790d2
65ff9ae6d7be23f1b0164644acc1c8af7d7daccc143c976fd133b5b19f0505ff
6c784eb2e49e6bd99cf0db240ffe4ff65499835bfc012543cfe0b199c2fb8b81
7057cc528ce8336f8135627c1392ebf5d8c44a3098a013522cb4346db5f91fef
827edd70319f63fa71429a0e8efe6451fa6f1affd57d3237443a6e13a99567e0
8825094da91f9cdc4a95ebf266ac3aaf08798bc950292095be695eff534df710
9ec59c307c069c68f80f18677683e71887e8c47e2a5b41adebee32034b4a3076
c0b590e2a456890d37d2059f2f34f645c8a6209d57c328d63622c8c951874aa2
c0d5569b47db0ee1cf2da00a459159f007f86f84a9e9f10d639d4d3871856e5b
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
e01cffac576bb23c2a566e319119268ab15703f14b3344a16c7c9288930dc919
e279d129f2bab6f05d19432d16ab708dae86b30278dd9de186ba135414f104cd
f383d270511912b2da11555947cb3e6012e6375cb5f0d90493c25f6048169073

pay.mbnk.biz Open in urlscan Pro 54.154.48.112 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

45 Requests

100 %HTTPS

83 %IPv6

4 Domains

6 Subdomains

6 IPs

3 Countries

989 kBTransfer

2841 kBSize

1 Cookies

1 Outgoing links

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pay.mbnk.biz Open in urlscan Pro
54.154.48.112 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

100 %
HTTPS

83 %
IPv6

4
Domains

6
Subdomains

6
IPs

3
Countries

989 kB
Transfer

2841 kB
Size

1
Cookies

45 HTTP transactions
0 data transactions