www.food.paymoney.group Open in urlscan Pro
2a00:f940:2:2:1:1:0:209  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.food.paymoney.group/	9 KB 3 KB	218ms 67ms	Document text/html	2a00:f940:2:2:1:1:0:209 AS-REG
General Check archive.org Show headers Download Go to Full URL https://www.food.paymoney.group/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:f940:2:2:1:1:0:209 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS Software nginx / PHP/7.3.26 Resource Hash f159bf2ce7ace6a74e8c8b053740286cfcc2e1c71c94658fb88b7defbfa04ff4 Request headers :method GET :authority www.food.paymoney.group :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers server nginx date Thu, 15 Jul 2021 06:59:04 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding x-powered-by PHP/7.3.26 content-encoding gzip
GET H2	200	jquery.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/	87 KB 28 KB	20ms 18ms	Script application/javascript	2606:4700::6810:125e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js Requested by Host: www.food.paymoney.group URL: https://www.food.paymoney.group/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://www.food.paymoney.group/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Jul 2021 06:59:04 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 4275563 cross-origin-resource-policy cross-origin alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 27938 cf-request-id 0a4bb75f26000098087f9c6000000001 timing-allow-origin * last-modified Tue, 02 Mar 2021 18:58:36 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "603e8adc-15d9d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wztV2fS%2BQuTAVG4XF44kzOSwbpfbzMu%2Fq8gPhGWwZRCIcDLIvvYg%2BP3TdqrNxnXCfGjthxhtqdTKu%2BK8TiE17VDCi6tXDFqrVY5XbLN5A5GHgpEHumVEpi%2FIlv88Mpcl8Jk0saZW4jNcIz9vbzMBAu0e"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 66f11b1e2b471f21-FRA expires Tue, 05 Jul 2022 06:59:04 GMT
GET H2	200	jquery.maskedinput.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery.maskedinput/1.4.1/	4 KB 2 KB	15ms 14ms	Script application/javascript	2606:4700::6810:125e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery.maskedinput/1.4.1/jquery.maskedinput.min.js Requested by Host: www.food.paymoney.group URL: https://www.food.paymoney.group/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fb82877818fa23c8c028053cc5744c5d7947faca82bd50a82b918016499bfb62 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://www.food.paymoney.group/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Jul 2021 06:59:04 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 735051 cross-origin-resource-policy cross-origin alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 1714 timing-allow-origin * last-modified Mon, 04 May 2020 16:11:47 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec3-10e4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u0Va19BcM4INEVEDdLAqVAVKGckNgt%2B2XerWNbVUZ8RT6jRQBYABclQIAVm0%2BNvB%2FalN6qDF%2FNF%2FWVuQX1l76qGfHuckQ7pcJWAeI7yNezKD9%2BjS1ts2rilKQImmIQta25NRtvNPPx%2BjLIagb5ABEebC"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 66f11b1e2b4d1f21-FRA expires Tue, 05 Jul 2022 06:59:04 GMT
GET H2	200	maks.js Show response www.food.paymoney.group/	1 KB 1 KB	46ms 45ms	Script application/javascript	2a00:f940:2:2:1:1:0:209 AS-REG
General Check archive.org Show headers Download Go to Full URL https://www.food.paymoney.group/maks.js Requested by Host: www.food.paymoney.group URL: https://www.food.paymoney.group/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:f940:2:2:1:1:0:209 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS Software nginx / Resource Hash e0c4f1d3a115bb2a5ace058c97855b858ec8d1b5985b3aaebfdbc201542e734c Request headers :path /maks.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority www.food.paymoney.group referer https://www.food.paymoney.group/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.food.paymoney.group/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Jul 2021 06:59:04 GMT last-modified Thu, 15 Jul 2021 06:53:00 GMT server nginx etag "60efdb4c-41d" content-type application/javascript cache-control max-age=3888000 accept-ranges bytes content-length 1053 expires Sun, 29 Aug 2021 06:59:04 GMT
GET H2	200	pay.js Show response pay.google.com/gp/p/js/	95 KB 31 KB	88ms 60ms	Script application/javascript	2a00:1450:400c:c04::5c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pay.google.com/gp/p/js/pay.js Requested by Host: www.food.paymoney.group URL: https://www.food.paymoney.group/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c04::5c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 7ad6658c7d2de9f8b4ca1f0f546dc45dcaf3ff28ce137154f7eb184f45f2fa88 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-yj9o1ZqY8XjKy22c7q3jag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-yj9o1ZqY8XjKy22c7q3jag' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.food.paymoney.group/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Jul 2021 06:59:04 GMT content-encoding gzip x-content-type-options nosniff p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 x-xss-protection 0 server ESF cross-origin-opener-policy same-origin; report-to="InstantbuyFrontendHttp" x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 report-to {"group":"InstantbuyFrontendHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendHttp/external"}]} content-type application/javascript; charset=utf-8 cache-control private, max-age=600 content-security-policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-yj9o1ZqY8XjKy22c7q3jag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-yj9o1ZqY8XjKy22c7q3jag' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport expires Thu, 15 Jul 2021 06:59:04 GMT
GET H/1.1	200 OK	widget.css js.begateway.com/widget/	49 KB 9 KB	133ms 29ms	Stylesheet text/css	54.194.112.188 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.begateway.com/widget/widget.css?6337fa22e6cd7215d519 Requested by Host: www.food.paymoney.group URL: https://www.food.paymoney.group/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.194.112.188 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-194-112-188.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash c47b6a595fbeef00d0eb3010ec1d4042ecbf689d7f5c291be3b8097ab17a8598 Request headers Referer https://www.food.paymoney.group/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 06:59:04 GMT Content-Encoding gzip Last-Modified Mon, 28 Jun 2021 09:00:22 GMT Server nginx x-amz-request-id H13NJDGPE4Z4APCV ETag W/"c86d83839827f144dfdd157a8a29dc86" Vary Accept-Encoding Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/css Access-Control-Allow-Origin * Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-version-id wp9.VedOxT0TD8EsVgYZNu6_yWLSd82c x-amz-id-2 ULg3ngDj+FSRBr8LN8k3QrYvH6S77RDeSUTx3nVmDat1iUlMozjOJvJ4kQPeJ2W1vG/jO14hwaY=
GET H2	404	widget.js www.food.paymoney.group/widget/	0 0	111ms 109ms	Script text/html	2a00:f940:2:2:1:1:0:209 AS-REG
General Check archive.org Show headers Download Go to Full URL https://www.food.paymoney.group/widget/widget.js?6337fa22e6cd7215d519 Requested by Host: www.food.paymoney.group URL: https://www.food.paymoney.group/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:f940:2:2:1:1:0:209 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS Software nginx / Resource Hash Request headers :path /widget/widget.js?6337fa22e6cd7215d519 pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority www.food.paymoney.group referer https://www.food.paymoney.group/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.food.paymoney.group/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Jul 2021 06:59:04 GMT content-encoding gzip server nginx vary Accept-Encoding content-type text/html; charset=utf-8
GET H/1.1	200 OK	visa-security-c3016ab827f56daa5f017a153b2e833c.svg js.begateway.com/widget/images/	3 KB 2 KB	147ms 127ms	Image image/svg+xml	54.194.112.188 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://js.begateway.com/widget/images/visa-security-c3016ab827f56daa5f017a153b2e833c.svg Requested by Host: www.food.paymoney.group URL: https://www.food.paymoney.group/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.194.112.188 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-194-112-188.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash df0b460f0263c2bc2fb5eda37ad61678e8c9dd1b4376a15de150e48d9c2b25be Request headers Referer https://www.food.paymoney.group/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 06:59:04 GMT Content-Encoding gzip Last-Modified Thu, 13 May 2021 15:17:32 GMT Server nginx x-amz-request-id SAY2EDCDGEB4AKBN ETag W/"c3016ab827f56daa5f017a153b2e833c" Vary Accept-Encoding Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/svg+xml Access-Control-Allow-Origin * Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-version-id g9FsIGhHNp5t49ryAvZ4t_pbEzcbEPlL x-amz-id-2 8g3058aGmmjneY7k7uTa8hPwT/XUzY+stoSurp9m5I810PxV5UCaii1oYN1CKFVwMB8XzGqFKJA=
GET H/1.1	200 OK	security-pci-dss-249e115af16835c5973bcc0e1b3d32c3.svg js.begateway.com/widget/images/	19 KB 6 KB	72ms 32ms	Image image/svg+xml	54.194.112.188 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://js.begateway.com/widget/images/security-pci-dss-249e115af16835c5973bcc0e1b3d32c3.svg Requested by Host: www.food.paymoney.group URL: https://www.food.paymoney.group/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.194.112.188 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-194-112-188.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 3a00ba71c6bfa8a5db84b13b866446edda3f9dce908417303767d3dfdc70b795 Request headers Referer https://www.food.paymoney.group/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 06:59:04 GMT Content-Encoding gzip Last-Modified Thu, 13 May 2021 15:17:32 GMT Server nginx x-amz-request-id 71VWN8X0G0DVWGN1 ETag W/"249e115af16835c5973bcc0e1b3d32c3" Vary Accept-Encoding Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/svg+xml Access-Control-Allow-Origin * Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-version-id WvUo_XFPl3X8cIP3IRxtRkUg0Jvjspia x-amz-id-2 kci3YrhDXLrGZSRHzvUd0AN+QwyJkm7OSjidI30Bi4qQUARw7TE6qnJyHPHTp5dHetRqfBUEZj4=
GET H/1.1	200 OK	security-mastercard-9536570560a3cb6aaa1665f064e57659.svg js.begateway.com/widget/images/	14 KB 6 KB	88ms 30ms	Image image/svg+xml	54.194.112.188 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://js.begateway.com/widget/images/security-mastercard-9536570560a3cb6aaa1665f064e57659.svg Requested by Host: www.food.paymoney.group URL: https://www.food.paymoney.group/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.194.112.188 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-194-112-188.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash b740a9e5d04a63f5834c340d81f03cda27be33706d573793e642ff9c19d299a2 Request headers Referer https://www.food.paymoney.group/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 06:59:04 GMT Content-Encoding gzip Last-Modified Thu, 13 May 2021 15:17:32 GMT Server nginx x-amz-request-id 71VR82N9H5EP2F7S ETag W/"9536570560a3cb6aaa1665f064e57659" Vary Accept-Encoding Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/svg+xml Access-Control-Allow-Origin * Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-version-id QttEGUt8A1ujBH2Dw6fNXw19Fz2_GWxt x-amz-id-2 gypiuORyrKNT8z/1EIUrm7T08CZrdefP1l9vuIvJbIZKonP41I+5MpqfeaJH5/aAfPUzZRrdFFo=
GET H/1.1	200 OK	visa-system-1b8d441844591c2c615a95fef219fa7c.svg js.begateway.com/widget/images/	7 KB 4 KB	95ms 32ms	Image image/svg+xml	54.194.112.188 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://js.begateway.com/widget/images/visa-system-1b8d441844591c2c615a95fef219fa7c.svg Requested by Host: js.begateway.com URL: https://js.begateway.com/widget/widget.css?6337fa22e6cd7215d519 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.194.112.188 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-194-112-188.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash b992c83acaa7ff805b5edf01448645a161cea1c3826ee65a86fe4b569e2a5feb Request headers Referer https://js.begateway.com/widget/widget.css?6337fa22e6cd7215d519 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 06:59:04 GMT Content-Encoding gzip Last-Modified Thu, 13 May 2021 15:17:32 GMT Server nginx x-amz-request-id 71VH0N6ZGQ3V9760 ETag W/"1b8d441844591c2c615a95fef219fa7c" Vary Accept-Encoding Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/svg+xml Access-Control-Allow-Origin * Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-version-id qub_DLc5Oy9Yhf4Y4Q9_Zr7JmVN9qPfy x-amz-id-2 dNLbWegHdKsBv+VOKDE/DM9PCHR4lnCW6cYWBZRoc2vzvIsDnwlNfn3m9XKRQF1ttUvOA1Qrj8U=
GET H/1.1	200 OK	master-e82d766d6c7205845dbf92905242efa8.svg js.begateway.com/widget/images/	2 KB 2 KB	99ms 31ms	Image image/svg+xml	54.194.112.188 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://js.begateway.com/widget/images/master-e82d766d6c7205845dbf92905242efa8.svg Requested by Host: js.begateway.com URL: https://js.begateway.com/widget/widget.css?6337fa22e6cd7215d519 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.194.112.188 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-194-112-188.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 2c07c50d6905a3627629bb55a2b431211f221902709e8617a8cec54ad84129af Request headers Referer https://js.begateway.com/widget/widget.css?6337fa22e6cd7215d519 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 06:59:04 GMT Content-Encoding gzip Last-Modified Thu, 13 May 2021 15:17:31 GMT Server nginx x-amz-request-id SAY78FJP87815FCB ETag W/"e82d766d6c7205845dbf92905242efa8" Vary Accept-Encoding Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/svg+xml Access-Control-Allow-Origin * Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-version-id M1u5ZSLK28meZLolC6EuFwhk_8oxy1Ex x-amz-id-2 RdjAnTDIg7xm52BHFT3uKORZJSnX8Ox7aK4lTKaiRVk0u3mY9kd6vvkwh2KgfZH+0o+1aRrs+4Q=
GET H/1.1	200 OK	maestro-55b192553a8936ff1800831e41e1159a.svg js.begateway.com/widget/images/	3 KB 2 KB	99ms 31ms	Image image/svg+xml	54.194.112.188 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://js.begateway.com/widget/images/maestro-55b192553a8936ff1800831e41e1159a.svg Requested by Host: js.begateway.com URL: https://js.begateway.com/widget/widget.css?6337fa22e6cd7215d519 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.194.112.188 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-194-112-188.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash aad17cfc52dd53b027b5979c0deafdef96690845f4b9f1cc436c2798ef02dd07 Request headers Referer https://js.begateway.com/widget/widget.css?6337fa22e6cd7215d519 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 06:59:04 GMT Content-Encoding gzip Last-Modified Thu, 13 May 2021 15:17:31 GMT Server nginx x-amz-request-id 3XH06ZDK7C7JCD0T ETag W/"55b192553a8936ff1800831e41e1159a" Vary Accept-Encoding Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/svg+xml Access-Control-Allow-Origin * Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-version-id .OslUtQP7HNweSWaTWe54r7fhznVOS0U x-amz-id-2 v7UgjGUMdDPQi3Ux23jvlEbHtDtxxzugxx0JyItBKgaaYuplJ2Pm45D1c/o27jWnDo0Q9tkvYgI=
GET H/1.1	200 OK	mir-0347de15a0d38f0c05d85d26e492c625.svg js.begateway.com/widget/images/	21 KB 16 KB	69ms 64ms	Image image/svg+xml	54.194.112.188 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://js.begateway.com/widget/images/mir-0347de15a0d38f0c05d85d26e492c625.svg Requested by Host: js.begateway.com URL: https://js.begateway.com/widget/widget.css?6337fa22e6cd7215d519 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.194.112.188 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-194-112-188.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash f57d64f3b3e7fcdcb145764ba8830164eea9e66a24ef1760cda116f29d0bd765 Request headers Referer https://js.begateway.com/widget/widget.css?6337fa22e6cd7215d519 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 06:59:04 GMT Content-Encoding gzip Last-Modified Fri, 09 Jul 2021 15:45:09 GMT Server nginx x-amz-request-id YFM2D835BE7BYFSV ETag W/"0347de15a0d38f0c05d85d26e492c625" Vary Accept-Encoding Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/svg+xml Access-Control-Allow-Origin * Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-version-id wNoAT9EHMpmuYWQbJEQNcL_HGyMAwfrd x-amz-id-2 U8n4uh8QtKEoabHkkNR+mKRz5ZLX4WacW8FQsOfaF/Ji0YA01F83k6piWR0DA2/hDV3tmwt0o7E=
GET H/1.1	200 OK	noto-sans-v7-latin_cyrillic-regular.woff2 js.begateway.com/widget/fonts/	21 KB 22 KB	120ms 61ms	Font binary/octet-stream	54.194.112.188 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.begateway.com/widget/fonts/noto-sans-v7-latin_cyrillic-regular.woff2 Requested by Host: js.begateway.com URL: https://js.begateway.com/widget/widget.css?6337fa22e6cd7215d519 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.194.112.188 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-194-112-188.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash e09a25d395eb3d7e86bf24e89932f7c19576b4189db751ff610ba472c3ba2a2b Request headers Origin https://www.food.paymoney.group Referer https://js.begateway.com/widget/widget.css?6337fa22e6cd7215d519 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 06:59:04 GMT Last-Modified Mon, 12 Jul 2021 14:18:08 GMT Server nginx x-amz-request-id 8PQTF4943GJVR204 ETag "e7cc0b32c137f0edebb2dedb25a99ea8" Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type binary/octet-stream Access-Control-Allow-Origin * Content-Length 21404 Connection keep-alive Accept-Ranges bytes Access-Control-Allow-Headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-version-id Ty62km2DoyUZ9VKUdQPV4tTFUL6TkUcb x-amz-id-2 78Meu3z1DOOtda6b1Qj/pCd01saQNj1HMRsIVs7V09XaajR0VCzGuHXKyK/aop0WcP2dUokSYpA=
GET H/1.1	200 OK	fontello.woff2 js.begateway.com/widget/fonts/	5 KB 6 KB	96ms 30ms	Font binary/octet-stream	54.194.112.188 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.begateway.com/widget/fonts/fontello.woff2 Requested by Host: js.begateway.com URL: https://js.begateway.com/widget/widget.css?6337fa22e6cd7215d519 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.194.112.188 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-194-112-188.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash b68f066f50461343c7c5076fc886f8c1bf2055e6854bdd984c9d7bc43cb94785 Request headers Origin https://www.food.paymoney.group Referer https://js.begateway.com/widget/widget.css?6337fa22e6cd7215d519 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 06:59:04 GMT Last-Modified Mon, 12 Jul 2021 14:18:08 GMT Server nginx x-amz-request-id 8PQSPHT9J8J5VB75 ETag "1f0ad39ad5434cc4947c061856162e02" Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type binary/octet-stream Access-Control-Allow-Origin * Content-Length 5528 Connection keep-alive Accept-Ranges bytes Access-Control-Allow-Headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-version-id 91jLt4QR2KgLTabXwEH8HwWQJSuaH.Yd x-amz-id-2 pkcbEPg9VG3BZ9Zz32ZO9p5X9BZzrMaY4Wji+sWquq3wfTIQfshdM2DyVfbBKjBhSdJH8zZXAgQ=
GET H/1.1	200 OK	noto-sans-v7-latin_cyrillic-700.woff2 js.begateway.com/widget/fonts/	21 KB 22 KB	127ms 62ms	Font binary/octet-stream	54.194.112.188 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.begateway.com/widget/fonts/noto-sans-v7-latin_cyrillic-700.woff2 Requested by Host: js.begateway.com URL: https://js.begateway.com/widget/widget.css?6337fa22e6cd7215d519 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.194.112.188 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-194-112-188.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash f430a42b0a6e45b14efdb5e7792ad2c2bbf638e0af10b300784fa97992bc19ac Request headers Origin https://www.food.paymoney.group Referer https://js.begateway.com/widget/widget.css?6337fa22e6cd7215d519 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 06:59:04 GMT Last-Modified Mon, 12 Jul 2021 14:18:08 GMT Server nginx x-amz-request-id 8PQXA5ZR7K7E4PV1 ETag "d6909c8e34e7af48c58be5dcc4c26178" Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type binary/octet-stream Access-Control-Allow-Origin * Content-Length 21560 Connection keep-alive Accept-Ranges bytes Access-Control-Allow-Headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-version-id ArLJVBnLzocdLtn5IlRSBj3Y1tD9kEZc x-amz-id-2 0hVeZxULHp2liuAcpQmX6/B3KHp4dTb5ApxA8YVxSCzjX21xuvlMekUN3szYGaEG8cyrmapk7ik=
GET H3-29	200	payframe Show response pay.google.com/gp/p/ui/ Frame 250E	17 KB 7 KB	216ms 190ms	Document text/html	2a00:1450:400c:c04::5c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.food.paymoney.group&mid= Requested by Host: pay.google.com URL: https://pay.google.com/gp/p/js/pay.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:400c:c04::5c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 28c5edbb57a75cebb742985f0440311e56abb9c2917b7cbc8199652e2f1878f2 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-MoRwP/Lzn2HI27LvW7WH7w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-MoRwP/Lzn2HI27LvW7WH7w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority pay.google.com :scheme https :path /gp/p/ui/payframe?origin=https%3A%2F%2Fwww.food.paymoney.group&mid= pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.food.paymoney.group/ accept-encoding gzip, deflate, br accept-language en-US cookie NID=219=N3jQnQ8LaX7vgdUP_SuAQ5iUorzrpzYcM3bloKK-qPC2V92SEHPoMdpAGxzB9DWMP2Y1Cgus_qYXv1LPFP-W5h_nx-4lPmiQtblf5W14X4IS18rHMP71cdrif2liScPst0394ek487ltGYLhvOk6C8ZKQX3trIZodeJeuTMMW00 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.food.paymoney.group/ Response headers content-type text/html; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-ua-compatible IE=edge expires Thu, 15 Jul 2021 06:59:04 GMT date Thu, 15 Jul 2021 06:59:04 GMT cache-control private, max-age=3600 strict-transport-security max-age=31536000 content-security-policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-MoRwP/Lzn2HI27LvW7WH7w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-MoRwP/Lzn2HI27LvW7WH7w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport cross-origin-opener-policy same-origin; report-to="InstantbuyFrontendBuyflowPayframeUi" report-to {"group":"InstantbuyFrontendBuyflowPayframeUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayframeUi/external"}]} cross-origin-resource-policy same-site content-encoding gzip server ESF x-xss-protection 0 x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
GET H2	200	m=_b,_tp Show response www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.m7AHOB4o2kE.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhoDH... Frame 250E	147 KB 52 KB	27ms 6ms	Script text/javascript	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.m7AHOB4o2kE.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhoDHAp3nHTQRbq7EXqqQrz64_ldQ/m=_b,_tp Requested by Host: pay.google.com URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.food.paymoney.group&mid= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9827f68718a489764e8e872c2183498bfd4e396496d2f1b8168613da0074bca8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Jul 2021 16:34:14 GMT content-encoding gzip x-content-type-options nosniff age 51890 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 52759 x-xss-protection 0 last-modified Wed, 14 Jul 2021 04:27:03 GMT server sffe vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Thu, 14 Jul 2022 16:34:14 GMT
GET H3-29	200	m=byfTOb,lsjVmc,LEikZe Show response www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.m7AHOB4o2kE.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.SQD... Frame 250E	35 KB 13 KB	21ms 7ms	Script text/javascript	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.m7AHOB4o2kE.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.SQDzBod90jo.L.B1.O/am=AoA/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/rs=AMitfriWDqG9i4Mw43DiI2uLcf6IF9gzqQ/m=byfTOb,lsjVmc,LEikZe Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.m7AHOB4o2kE.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhoDHAp3nHTQRbq7EXqqQrz64_ldQ/m=_b,_tp Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4cd8e17549e161b4828d66ba03c87b9bc8590059e63103d61f256b02f070f405 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Jul 2021 16:42:57 GMT content-encoding gzip x-content-type-options nosniff age 51367 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13259 x-xss-protection 0 last-modified Wed, 14 Jul 2021 04:27:03 GMT server sffe vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Thu, 14 Jul 2022 16:42:57 GMT
GET H3-29	200	m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,NpD4ec,Y2UGcc,SF3gsd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le Show response www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.m7AHOB4o2kE.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.SQD... Frame 250E	72 KB 26 KB	18ms 8ms	Script text/javascript	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.m7AHOB4o2kE.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.SQDzBod90jo.L.B1.O/am=AoA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/ed=1/wt=2/rs=AMitfriWDqG9i4Mw43DiI2uLcf6IF9gzqQ/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,NpD4ec,Y2UGcc,SF3gsd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.m7AHOB4o2kE.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhoDHAp3nHTQRbq7EXqqQrz64_ldQ/m=_b,_tp Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 03a9a5cfdac29fd3e8a3ca7a5430a921d442b9d8c2d6ae1774b99cf07a50ecd6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Jul 2021 16:42:57 GMT content-encoding gzip x-content-type-options nosniff age 51367 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 26652 x-xss-protection 0 last-modified Wed, 14 Jul 2021 04:27:03 GMT server sffe vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Thu, 14 Jul 2022 16:42:57 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/ Frame 250E	48 KB 19 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.m7AHOB4o2kE.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.SQDzBod90jo.L.B1.O/am=AoA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/ed=1/wt=2/rs=AMitfriWDqG9i4Mw43DiI2uLcf6IF9gzqQ/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,NpD4ec,Y2UGcc,SF3gsd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 09 Jun 2021 17:36:57 GMT server Golfe2 age 485 date Thu, 15 Jul 2021 06:50:59 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19661 expires Thu, 15 Jul 2021 08:50:59 GMT
GET H3-29	200	pay Show response pay.google.com/gp/p/ui/ Frame 250E	1 MB 348 KB	78ms 77ms	XHR text/html	2a00:1450:400c:c04::5c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pay.google.com/gp/p/ui/pay Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.m7AHOB4o2kE.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhoDHAp3nHTQRbq7EXqqQrz64_ldQ/m=_b,_tp Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:400c:c04::5c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 31162661aa1b1bdd3799e9fd178147c01615431d8664d0d44585a343c19968df Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-gBA4K4wt4RzN5MZQguv3Vw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-gBA4K4wt4RzN5MZQguv3Vw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy same-site alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 x-xss-protection 0 x-ua-compatible IE=edge server ESF cross-origin-opener-policy unsafe-none; report-to="InstantbuyFrontendBuyflowPayUi" date Thu, 15 Jul 2021 06:59:04 GMT x-frame-options DENY report-to {"group":"InstantbuyFrontendBuyflowPayUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayUi/external"}]} content-type text/html; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site cache-control private, max-age=3600 content-security-policy script-src 'report-sample' 'nonce-gBA4K4wt4RzN5MZQguv3Vw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-gBA4K4wt4RzN5MZQguv3Vw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport expires Thu, 15 Jul 2021 06:59:04 GMT
POST H3-29	200	log Show response play.google.com/ Frame 250E	131 B 154 B	33ms 19ms	XHR text/plain	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.m7AHOB4o2kE.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhoDHAp3nHTQRbq7EXqqQrz64_ldQ/m=_b,_tp Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pay.google.com/ X-Goog-AuthUser 0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Thu, 15 Jul 2021 06:59:04 GMT content-encoding gzip server Playlog access-control-allow-headers X-Playlog-Web x-frame-options SAMEORIGIN p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." access-control-allow-origin https://pay.google.com cache-control private access-control-allow-credentials true content-type text/plain; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 131 x-xss-protection 0 expires Thu, 15 Jul 2021 06:59:04 GMT
OPTIONS H2	200	log play.google.com/ Frame	0 0	43ms 13ms	Preflight text/plain	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Protocol H2 Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers x-goog-authuser Origin https://pay.google.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers access-control-allow-origin https://pay.google.com access-control-allow-methods GET, POST, OPTIONS access-control-max-age 86400 access-control-allow-credentials true access-control-allow-headers X-Playlog-Web,authorization,origin,x-goog-authuser content-type text/plain; charset=UTF-8 date Thu, 15 Jul 2021 06:59:04 GMT server Playlog content-length 0 x-xss-protection 0 x-frame-options SAMEORIGIN p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Thu, 15 Jul 2021 06:59:04 GMT cache-control private
OPTIONS H2	200	log play.google.com/ Frame	0 0	38ms 38ms	Preflight text/plain	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Protocol H2 Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers x-goog-authuser Origin https://pay.google.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers access-control-allow-origin https://pay.google.com access-control-allow-methods GET, POST, OPTIONS access-control-max-age 86400 access-control-allow-credentials true access-control-allow-headers X-Playlog-Web,authorization,origin,x-goog-authuser content-type text/plain; charset=UTF-8 date Thu, 15 Jul 2021 06:59:04 GMT server Playlog content-length 0 x-xss-protection 0 x-frame-options SAMEORIGIN p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Thu, 15 Jul 2021 06:59:04 GMT cache-control private
POST H3-29	200	log Show response play.google.com/ Frame 250E	131 B 154 B	41ms 41ms	XHR text/plain	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.m7AHOB4o2kE.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhoDHAp3nHTQRbq7EXqqQrz64_ldQ/m=_b,_tp Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pay.google.com/ X-Goog-AuthUser 0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Thu, 15 Jul 2021 06:59:04 GMT content-encoding gzip server Playlog access-control-allow-headers X-Playlog-Web x-frame-options SAMEORIGIN p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." access-control-allow-origin https://pay.google.com cache-control private access-control-allow-credentials true content-type text/plain; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 131 x-xss-protection 0 expires Thu, 15 Jul 2021 06:59:04 GMT
POST H3-29	200	log Show response play.google.com/ Frame 250E	131 B 154 B	50ms 42ms	XHR text/plain	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.m7AHOB4o2kE.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhoDHAp3nHTQRbq7EXqqQrz64_ldQ/m=_b,_tp Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pay.google.com/ X-Goog-AuthUser 0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Thu, 15 Jul 2021 06:59:04 GMT content-encoding gzip server Playlog access-control-allow-headers X-Playlog-Web x-frame-options SAMEORIGIN p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." access-control-allow-origin https://pay.google.com cache-control private access-control-allow-credentials true content-type text/plain; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 131 x-xss-protection 0 expires Thu, 15 Jul 2021 06:59:04 GMT
OPTIONS H2	200	log play.google.com/ Frame	0 0	13ms 13ms	Preflight text/plain	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Protocol H2 Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers x-goog-authuser Origin https://pay.google.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers access-control-allow-origin https://pay.google.com access-control-allow-methods GET, POST, OPTIONS access-control-max-age 86400 access-control-allow-credentials true access-control-allow-headers X-Playlog-Web,authorization,origin,x-goog-authuser content-type text/plain; charset=UTF-8 date Thu, 15 Jul 2021 06:59:04 GMT server Playlog content-length 0 x-xss-protection 0 x-frame-options SAMEORIGIN p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Thu, 15 Jul 2021 06:59:04 GMT cache-control private
GET H3-29	200	m=Wt6vjf,_latency,FCpbqb,WhJNk,EFQ78c Show response www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.m7AHOB4o2kE.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.SQD... Frame 250E	25 KB 10 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.m7AHOB4o2kE.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.SQDzBod90jo.L.B1.O/am=AoA/d=1/exm=Das5Le,IZT63,LEikZe,NpD4ec,PrPYRd,Ru0Pgb,SF3gsd,Y2UGcc,ZyYHPb,_b,_tp,byfTOb,hc6Ubd,lsjVmc,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/ed=1/wt=2/rs=AMitfriWDqG9i4Mw43DiI2uLcf6IF9gzqQ/m=Wt6vjf,_latency,FCpbqb,WhJNk,EFQ78c Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.m7AHOB4o2kE.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhoDHAp3nHTQRbq7EXqqQrz64_ldQ/m=_b,_tp Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash df5f573d4d8d164f11a03cddf21f813ed5f60fa6dcb531205b0c9e343b512b5e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Jul 2021 16:42:58 GMT content-encoding gzip x-content-type-options nosniff age 51366 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10271 x-xss-protection 0 last-modified Wed, 14 Jul 2021 04:27:03 GMT server sffe vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Thu, 14 Jul 2022 16:42:58 GMT
GET H3-29	200	m=lwddkf Show response www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.m7AHOB4o2kE.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.SQD... Frame 250E	260 B 192 B	7ms 7ms	Script text/javascript	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.m7AHOB4o2kE.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.SQDzBod90jo.L.B1.O/am=AoA/d=1/exm=Das5Le,EFQ78c,FCpbqb,IZT63,LEikZe,NpD4ec,PrPYRd,Ru0Pgb,SF3gsd,WhJNk,Wt6vjf,Y2UGcc,ZyYHPb,_b,_latency,_tp,byfTOb,hc6Ubd,lsjVmc,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/ed=1/wt=2/rs=AMitfriWDqG9i4Mw43DiI2uLcf6IF9gzqQ/m=lwddkf Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.m7AHOB4o2kE.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhoDHAp3nHTQRbq7EXqqQrz64_ldQ/m=_b,_tp Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 26b6a29d18339a5cf68bc6d4e17b6a52c2f0de7cbe79ea9d74a4886e57995561 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Jul 2021 16:42:58 GMT content-encoding gzip x-content-type-options nosniff age 51366 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 168 x-xss-protection 0 last-modified Wed, 14 Jul 2021 04:27:03 GMT server sffe vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Thu, 14 Jul 2022 16:42:58 GMT
POST H3-29	200	log Show response play.google.com/ Frame 250E	131 B 154 B	47ms 43ms	XHR text/plain	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.m7AHOB4o2kE.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhoDHAp3nHTQRbq7EXqqQrz64_ldQ/m=_b,_tp Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Thu, 15 Jul 2021 06:59:04 GMT content-encoding gzip server Playlog access-control-allow-headers X-Playlog-Web x-frame-options SAMEORIGIN p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." access-control-allow-origin https://pay.google.com cache-control private access-control-allow-credentials true content-type text/plain; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 131 x-xss-protection 0 expires Thu, 15 Jul 2021 06:59:04 GMT

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| a object| b object| c string| d object| denylistedDomainsHashedValueListForGpayButtonWithCardInfo object| whitelistedDomainsHashedValueListForGpayButtonWithCardInfo object| denylistedMerchentIdsHashedValueListForGpayButtonWithCardInfo object| google

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.google.com/	1970-01-20 00:09:03	Name: NID Value: 219=N3jQnQ8LaX7vgdUP_SuAQ5iUorzrpzYcM3bloKK-qPC2V92SEHPoMdpAGxzB9DWMP2Y1Cgus_qYXv1LPFP-W5h_nx-4lPmiQtblf5W14X4IS18rHMP71cdrif2liScPst0394ek487ltGYLhvOk6C8ZKQX3trIZodeJeuTMMW00

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
js.begateway.com
pay.google.com
play.google.com
www.food.paymoney.group
www.google-analytics.com
www.gstatic.com
2606:4700::6810:125e
2a00:1450:4001:810::200e
2a00:1450:4001:827::2003
2a00:1450:4001:82a::200e
2a00:1450:400c:c04::5c
2a00:f940:2:2:1:1:0:209
54.194.112.188
03a9a5cfdac29fd3e8a3ca7a5430a921d442b9d8c2d6ae1774b99cf07a50ecd6
26b6a29d18339a5cf68bc6d4e17b6a52c2f0de7cbe79ea9d74a4886e57995561
28c5edbb57a75cebb742985f0440311e56abb9c2917b7cbc8199652e2f1878f2
2c07c50d6905a3627629bb55a2b431211f221902709e8617a8cec54ad84129af
31162661aa1b1bdd3799e9fd178147c01615431d8664d0d44585a343c19968df
3a00ba71c6bfa8a5db84b13b866446edda3f9dce908417303767d3dfdc70b795
4cd8e17549e161b4828d66ba03c87b9bc8590059e63103d61f256b02f070f405
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
7ad6658c7d2de9f8b4ca1f0f546dc45dcaf3ff28ce137154f7eb184f45f2fa88
9827f68718a489764e8e872c2183498bfd4e396496d2f1b8168613da0074bca8
aad17cfc52dd53b027b5979c0deafdef96690845f4b9f1cc436c2798ef02dd07
b68f066f50461343c7c5076fc886f8c1bf2055e6854bdd984c9d7bc43cb94785
b740a9e5d04a63f5834c340d81f03cda27be33706d573793e642ff9c19d299a2
b992c83acaa7ff805b5edf01448645a161cea1c3826ee65a86fe4b569e2a5feb
c47b6a595fbeef00d0eb3010ec1d4042ecbf689d7f5c291be3b8097ab17a8598
df0b460f0263c2bc2fb5eda37ad61678e8c9dd1b4376a15de150e48d9c2b25be
df5f573d4d8d164f11a03cddf21f813ed5f60fa6dcb531205b0c9e343b512b5e
e09a25d395eb3d7e86bf24e89932f7c19576b4189db751ff610ba472c3ba2a2b
e0c4f1d3a115bb2a5ace058c97855b858ec8d1b5985b3aaebfdbc201542e734c
f159bf2ce7ace6a74e8c8b053740286cfcc2e1c71c94658fb88b7defbfa04ff4
f430a42b0a6e45b14efdb5e7792ad2c2bbf638e0af10b300784fa97992bc19ac
f57d64f3b3e7fcdcb145764ba8830164eea9e66a24ef1760cda116f29d0bd765
fb82877818fa23c8c028053cc5744c5d7947faca82bd50a82b918016499bfb62
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e