urlscan.io logo urlscan.io
SecurityTrails logo

pay.bm.pl Open in urlscan Pro
195.187.130.220  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://s.bm.pl/046afe30600c478c31ea
Effective URL: https://pay.bm.pl/ergohestiak06
Submission: On August 02 via manual from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 5 countries across 7 domains to perform 105 HTTP transactions. The main IP is 195.187.130.220, located in Poland and belongs to BLUEMEDIA-AS, PL. The main domain is pay.bm.pl.
TLS certificate: Issued by DOMENY SSL EV Certification Authority on January 21st 2021. Valid for: a year.
This is the only time pay.bm.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
32 195.182.23.217 39198 (PTI-AS)
20 195.187.130.220 34826 (BLUEMEDIA-AS)
3 99.81.139.101 16509 (AMAZON-02)
2 12 104.18.24.161 13335 (CLOUDFLAR...)
9 19 104.19.208.81 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
105 12
32    195.182.23.217 (Poland)

ASN39198 (PTI-AS, PL)
PTR: h217.blue.pl
s.bm.pl
platnosci.bm.pl
20    195.187.130.220 (Poland)

ASN34826 (BLUEMEDIA-AS, PL)
PTR: h220.blue.pl
pay.bm.pl
3    99.81.139.101 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-139-101.eu-west-1.compute.amazonaws.com
piwik.blue.pl
12    104.18.24.161 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.secure.checkout.visa.com
19    104.19.208.81 (United States)

ASN13335 (CLOUDFLARENET, US)
secure.checkout.visa.com
3    2a00:1450:400c:c09::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
pay.google.com
2    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
7    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
play.google.com
12    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Domain Requested by
31 platnosci.bm.pl
20 pay.bm.pl pay.bm.pl
19 secure.checkout.visa.com 9 redirects assets.secure.checkout.visa.com
secure.checkout.visa.com
13 www.google-analytics.com www.gstatic.com
www.googletagmanager.com
www.google-analytics.com
12 assets.secure.checkout.visa.com 2 redirects secure.checkout.visa.com
7 play.google.com www.gstatic.com
5 www.gstatic.com pay.google.com
www.gstatic.com
3 pay.google.com pay.bm.pl
pay.google.com
www.gstatic.com
3 piwik.blue.pl pay.bm.pl
piwik.blue.pl
2 www.googletagmanager.com secure.checkout.visa.com
1 s.bm.pl
105 11

This site contains links to these domains. Also see Links.

Domain
pomoc.bluemedia.pl
bluemedia.pl
Subject Issuer Validity Valid
*.bm.pl
Sectigo RSA Domain Validation Secure Server CA		 2020-02-17 -
2022-02-28		 2 years crt.sh
pay.bm.pl
DOMENY SSL EV Certification Authority		 2021-01-21 -
2022-01-21		 a year crt.sh
*.blue.pl
Amazon		 2021-03-24 -
2022-04-22		 a year crt.sh
assets.secure.checkout.visa.com
Cloudflare Inc ECC CA-3		 2020-10-22 -
2021-10-21		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
secure.checkout.visa.com
DigiCert SHA2 Secure Server CA		 2020-08-13 -
2021-08-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-07-05 -
2021-09-27		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://pay.bm.pl/ergohestiak06
Frame ID: 4DD4AA55DEE3A9FAA9F2FE77E91357F3
Requests: 64 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fpay.bm.pl&mid=
Frame ID: C98DF2AF7508BD8D7AAA29B24D995CE6
Requests: 12 HTTP requests in this frame

Frame: https://secure.checkout.visa.com/checkout-widget/gtm?apikey=A92M10WGYXL33W8YRN2E21fGMPqgYFqeU0t1kMgY45yX-BGw0&externalClientId=100084&externalProfileId=&parentUrl=https%3A%2F%2Fpay.bm.pl%2Fergohestiak06&locale=&country=&browserLocale=&countryCode=&formFactor=WEB&isSplunkLoggingEnabled=true&isVsbMerchant=false&buttonElement=true&allowCXO=false&buttonPosition=&postmessage=true&allowRXO=true
Frame ID: 7958031C097CFDD2468B927B7D7DB322
Requests: 7 HTTP requests in this frame

Frame: https://secure.checkout.visa.com/checkout-widget/config?apikey=A92M10WGYXL33W8YRN2E21fGMPqgYFqeU0t1kMgY45yX-BGw0&externalClientId=100084&externalProfileId=&parentUrl=https%3A%2F%2Fpay.bm.pl%2Fergohestiak06&locale=&country=&browserLocale=&countryCode=&formFactor=WEB&isSplunkLoggingEnabled=true&isVsbMerchant=false&buttonElement=true&postMessageId=VKy6FDXmh8&allowCXO=false&buttonPosition=&postmessage=true&allowRXO=true
Frame ID: 95E17A2180D233D7A9A81696946F0A2D
Requests: 6 HTTP requests in this frame

Frame: https://secure.checkout.visa.com/checkout-widget/external-src-system?parentUrl=https%3A%2F%2Fpay.bm.pl
Frame ID: AB85E968387D1688C248BB0268948242
Requests: 15 HTTP requests in this frame

Frame: https://secure.checkout.visa.com/checkout-widget/sdk-loader?isSRCBranded=true
Frame ID: A535F8F1B892D79B2361B3CC3C2440BA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://s.bm.pl/046afe30600c478c31ea Page URL
  2. https://pay.bm.pl/ergohestiak06 Page URL

Page Statistics

105
Requests

100 %
HTTPS

55 %
IPv6

7
Domains

11
Subdomains

12
IPs

5
Countries

2801 kB
Transfer

6853 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://s.bm.pl/046afe30600c478c31ea Page URL
  2. https://pay.bm.pl/ergohestiak06 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://assets.secure.checkout.visa.com/checkout-widget/resources/js/integration/v1/sdk.js HTTP 302
  • https://assets.secure.checkout.visa.com/checkout-widget/resources/js/integration/v1/sdk.js?refererUrl=undefined
Request Chain 57
  • https://secure.checkout.visa.com/wallet-services-web/xo/button.png HTTP 301
  • https://assets.secure.checkout.visa.com/wallet-services-web/xo/button.png HTTP 302
  • https://assets.secure.checkout.visa.com/wallet-services-web/xo/button.png?country=DE&refererUrl=undefined&appType=web
Request Chain 80
  • https://secure.checkout.visa.com/checkout-widget/resources/css/bundle-rxo.min.fe348665e58021effddb135db401192e.css HTTP 301
  • https://assets.secure.checkout.visa.com/checkout-widget/resources/css/bundle-rxo.min.fe348665e58021effddb135db401192e.css
Request Chain 81
  • https://secure.checkout.visa.com/checkout-widget/resources/js/bundle-common.min.f7f0b1ebda5add0b724c9aebc02d1ddd.js HTTP 301
  • https://assets.secure.checkout.visa.com/checkout-widget/resources/js/bundle-common.min.f7f0b1ebda5add0b724c9aebc02d1ddd.js
Request Chain 82
  • https://secure.checkout.visa.com/checkout-widget/resources/js/bundle-rxo.min.cb51492130251445ca9b13c7c909af00.js HTTP 301
  • https://assets.secure.checkout.visa.com/checkout-widget/resources/js/bundle-rxo.min.cb51492130251445ca9b13c7c909af00.js
Request Chain 83
  • https://secure.checkout.visa.com/checkout-widget/resources/js/vsb/vsbSrcSdk.js HTTP 301
  • https://assets.secure.checkout.visa.com/checkout-widget/resources/js/vsb/vsbSrcSdk.js
Request Chain 84
  • https://secure.checkout.visa.com/wallet-services-web/xo/button.png?cobrand=false&svg=true&legacy=false&orderedCardBrands=VISA HTTP 301
  • https://assets.secure.checkout.visa.com/wallet-services-web/xo/button.png?cobrand=false&svg=true&legacy=false&orderedCardBrands=VISA
Request Chain 89
  • https://secure.checkout.visa.com/checkout-widget/resources/js/src-i-adapter/visaSdk.js HTTP 301
  • https://assets.secure.checkout.visa.com/checkout-widget/resources/js/src-i-adapter/visaSdk.js
Request Chain 93
  • https://secure.checkout.visa.com/checkout-widget/resources/src-system/js/srcSysExternalSdk.185b7732.js HTTP 301
  • https://assets.secure.checkout.visa.com/checkout-widget/resources/src-system/js/srcSysExternalSdk.185b7732.js
Request Chain 95
  • https://secure.checkout.visa.com/checkout-widget/resources/vba/js/vba-2.5.0.min.js HTTP 301
  • https://assets.secure.checkout.visa.com/checkout-widget/resources/vba/js/vba-2.5.0.min.js

105 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set 046afe30600c478c31ea
s.bm.pl/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.bm.pl/046afe30600c478c31ea
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.182.23.217 , Poland, ASN39198 (PTI-AS, PL),
Reverse DNS
h217.blue.pl
Software
/
Resource Hash
2736fdfc411375f77070edc516f975d2f8a691e363407cbcb98dfb56a071f814
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Host
s.bm.pl
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Aug 2021 10:04:55 GMT
Set-Cookie
JSESSIONID=eIp-Xs03n34uJsV0XsugksB1tpruczL7LEXI1hkl.asl1-prod.jboss.dc2; path=/
X-FRAME-OPTIONS
DENY
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=60, max=100
Primary Request Cookie set ergohestiak06
pay.bm.pl/ 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.bm.pl/ergohestiak06
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.187.130.220 , Poland, ASN34826 (BLUEMEDIA-AS, PL),
Reverse DNS
h220.blue.pl
Software
/
Resource Hash
c6a31b497e11f6419bdaa0476353fe6b9b842ace5ac5aa92af5689bfc5c3d596
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://error.blue.pl https://piwik.blue.pl https://play.google.com https://www.google-analytics.com https://sandbox.secure.checkout.visa.com https://secure.checkout.visa.com https://thm.visa.com https://bluelead.blue.pl wss://wtn.bm.pl https://wtn.bm.pl; report-uri https://error.blue.pl/api/144/security/?sentry_key=dfeeb5be9555424aac6b718b63a21baa&sentry_environment=prod
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Host
pay.bm.pl
Connection
keep-alive
Content-Length
562
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
Origin
https://s.bm.pl
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://s.bm.pl/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
Origin
https://s.bm.pl
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.bm.pl/

Response headers

Date
Mon, 02 Aug 2021 10:04:55 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
2925
Set-Cookie
SFSESSID=ac8o9e1v32nla3n42nsmfnvte2; Path=/; Secure; HttpOnly SFSESSID=ac8o9e1v32nla3n42nsmfnvte2; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control
private, no-cache, no-store, must-revalidate
Content-Security-Policy
connect-src 'self' https://error.blue.pl https://piwik.blue.pl https://play.google.com https://www.google-analytics.com https://sandbox.secure.checkout.visa.com https://secure.checkout.visa.com https://thm.visa.com https://bluelead.blue.pl wss://wtn.bm.pl https://wtn.bm.pl; report-uri https://error.blue.pl/api/144/security/?sentry_key=dfeeb5be9555424aac6b718b63a21baa&sentry_environment=prod
Referrer-Policy
no-referrer-when-downgrade, same-origin
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
Vary
Accept-Encoding
Content-Encoding
gzip
Expires
Mon, 02 Aug 2021 10:04:56 GMT
Pragma
no-cache
styles.css
pay.bm.pl/v/20210730094458/css/ 		266 KB
122 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pay.bm.pl/v/20210730094458/css/styles.css
Requested by
Host: pay.bm.pl
URL: https://pay.bm.pl/ergohestiak06
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.187.130.220 , Poland, ASN34826 (BLUEMEDIA-AS, PL),
Reverse DNS
h220.blue.pl
Software
/
Resource Hash
a135e14de01db838c016834f780461740925f48638b34fe901a3d93df86fc97a

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
pay.bm.pl
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://pay.bm.pl/ergohestiak06
Cookie
SFSESSID=ac8o9e1v32nla3n42nsmfnvte2
Connection
keep-alive
Referer
https://pay.bm.pl/ergohestiak06
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 10:04:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 23 Jul 2021 10:17:09 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
private, no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
125067
Expires
Thu, 02 Sep 2021 13:51:35 GMT
style.css
pay.bm.pl/v/20210730094458/bundles/webpaybm/css/ergohestiak01/ 		381 B
523 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pay.bm.pl/v/20210730094458/bundles/webpaybm/css/ergohestiak01/style.css
Requested by
Host: pay.bm.pl
URL: https://pay.bm.pl/ergohestiak06
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.187.130.220 , Poland, ASN34826 (BLUEMEDIA-AS, PL),
Reverse DNS
h220.blue.pl
Software
/
Resource Hash
7042b4b9b1f622df53f9c433312bb48fc09b62298381ae4ee7b8cfc51585e750

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
pay.bm.pl
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://pay.bm.pl/ergohestiak06
Cookie
SFSESSID=ac8o9e1v32nla3n42nsmfnvte2
Connection
keep-alive
Referer
https://pay.bm.pl/ergohestiak06
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 10:04:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 23 Jul 2021 10:17:09 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
private, no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
188
Expires
Thu, 02 Sep 2021 13:51:35 GMT
bundle.min.js
pay.bm.pl/v/20210730094458/bundles/webpaybm/js/common/ 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.bm.pl/v/20210730094458/bundles/webpaybm/js/common/bundle.min.js
Requested by
Host: pay.bm.pl
URL: https://pay.bm.pl/ergohestiak06
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.187.130.220 , Poland, ASN34826 (BLUEMEDIA-AS, PL),
Reverse DNS
h220.blue.pl
Software
/
Resource Hash
4ce77a45249855fbcb3520a4d78194efa6eb5bb50808faf00eea5b6064777b79

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
pay.bm.pl
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://pay.bm.pl/ergohestiak06
Cookie
SFSESSID=ac8o9e1v32nla3n42nsmfnvte2
Connection
keep-alive
Referer
https://pay.bm.pl/ergohestiak06
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 10:04:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 23 Jul 2021 10:17:09 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
private, no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
18462
Expires
Mon, 02 Aug 2021 10:04:56 GMT
scripts.js
pay.bm.pl/v/20210730094458/js/ 		253 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.bm.pl/v/20210730094458/js/scripts.js
Requested by
Host: pay.bm.pl
URL: https://pay.bm.pl/ergohestiak06
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.187.130.220 , Poland, ASN34826 (BLUEMEDIA-AS, PL),
Reverse DNS
h220.blue.pl
Software
/
Resource Hash
af7f78ae8ec220d222520ac783455c63c1a29e4c8bea036a33c83ae674f1bece

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
pay.bm.pl
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://pay.bm.pl/ergohestiak06
Cookie
SFSESSID=ac8o9e1v32nla3n42nsmfnvte2
Connection
keep-alive
Referer
https://pay.bm.pl/ergohestiak06
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 10:04:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 23 Jul 2021 10:17:09 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
private, no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
79737
Expires
Mon, 02 Aug 2021 10:04:56 GMT
en.js
pay.bm.pl/js/translations/ 		34 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.bm.pl/js/translations/en.js
Requested by
Host: pay.bm.pl
URL: https://pay.bm.pl/ergohestiak06
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.187.130.220 , Poland, ASN34826 (BLUEMEDIA-AS, PL),
Reverse DNS
h220.blue.pl
Software
/
Resource Hash
a5afa2d35f96743410a73002f1e1bf58a4b810c9fa30ae7276af79269facd3e3

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
pay.bm.pl
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://pay.bm.pl/ergohestiak06
Cookie
SFSESSID=ac8o9e1v32nla3n42nsmfnvte2
Connection
keep-alive
Referer
https://pay.bm.pl/ergohestiak06
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 10:04:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 23 Jul 2021 10:17:09 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
private, no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
7578
Expires
Mon, 02 Aug 2021 10:04:56 GMT
init.js
pay.bm.pl/v/20210730094458/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.bm.pl/v/20210730094458/js/init.js
Requested by
Host: pay.bm.pl
URL: https://pay.bm.pl/ergohestiak06
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.187.130.220 , Poland, ASN34826 (BLUEMEDIA-AS, PL),
Reverse DNS
h220.blue.pl
Software
/
Resource Hash
83407949bf695f0d16d86b131123e96a4eeb30bcaa5a737b0d5b2f90613d1e77

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
pay.bm.pl
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://pay.bm.pl/ergohestiak06
Cookie
SFSESSID=ac8o9e1v32nla3n42nsmfnvte2
Connection
keep-alive
Referer
https://pay.bm.pl/ergohestiak06
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 10:04:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 23 Jul 2021 10:17:09 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
private, no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
9425
Expires
Mon, 02 Aug 2021 10:04:56 GMT
logo.png
pay.bm.pl/v/20210730094458/bundles/webpaybm/images/ergohestiak01/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay.bm.pl/v/20210730094458/bundles/webpaybm/images/ergohestiak01/logo.png
Requested by
Host: pay.bm.pl
URL: https://pay.bm.pl/ergohestiak06
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.187.130.220 , Poland, ASN34826 (BLUEMEDIA-AS, PL),
Reverse DNS
h220.blue.pl
Software
/
Resource Hash
6236cc609e253b61cc1be35851a6b8ab0396a33d73a9dc63a6ac9dd2e27d743b

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
pay.bm.pl
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://pay.bm.pl/ergohestiak06
Cookie
SFSESSID=ac8o9e1v32nla3n42nsmfnvte2
Connection
keep-alive
Referer
https://pay.bm.pl/ergohestiak06
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 10:04:55 GMT
Last-Modified
Fri, 23 Jul 2021 10:16:39 GMT
Content-Type
image/png
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
Content-Length
1744
Expires
Thu, 02 Sep 2021 13:51:35 GMT
overflowProblem.png
pay.bm.pl/v/20210730094458/bundles/webpaybm/images/common/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay.bm.pl/v/20210730094458/bundles/webpaybm/images/common/overflowProblem.png
Requested by
Host: pay.bm.pl
URL: https://pay.bm.pl/ergohestiak06
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.187.130.220 , Poland, ASN34826 (BLUEMEDIA-AS, PL),
Reverse DNS
h220.blue.pl
Software
/
Resource Hash
d87a40d241767fd5d9ce9c80dc1ed9066b4852fac9d1213fd6cee050581dd73b

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
pay.bm.pl
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://pay.bm.pl/ergohestiak06
Cookie
SFSESSID=ac8o9e1v32nla3n42nsmfnvte2
Connection
keep-alive
Referer
https://pay.bm.pl/ergohestiak06
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 10:04:55 GMT
Last-Modified
Fri, 23 Jul 2021 10:16:39 GMT
Content-Type
image/png
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
Content-Length
1714
Expires
Thu, 02 Sep 2021 13:51:35 GMT
matomo.js
piwik.blue.pl/ 		61 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://piwik.blue.pl/matomo.js
Requested by
Host: pay.bm.pl
URL: https://pay.bm.pl/ergohestiak06
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.139.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-139-101.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
06587cdfccdef20227d296641a33b1d477131b6873024164bcb9a31aa6343018

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 10:04:55 GMT
content-encoding
gzip
last-modified
Thu, 22 Jul 2021 07:57:07 GMT
server
Apache/2.4.38 (Debian)
etag
"f330-5c7b1a2249ac0-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
20225
bluemedia_logo.png
pay.bm.pl/v/20210730094458/bundles/webpaybm/images/redirect/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay.bm.pl/v/20210730094458/bundles/webpaybm/images/redirect/bluemedia_logo.png
Requested by
Host: pay.bm.pl
URL: https://pay.bm.pl/ergohestiak06
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.187.130.220 , Poland, ASN34826 (BLUEMEDIA-AS, PL),
Reverse DNS
h220.blue.pl
Software
/
Resource Hash
fedc5d43a0b0764f1716cb8f39e81f672ecbb969db63c55c7d344f6d17ba020b

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
pay.bm.pl
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://pay.bm.pl/ergohestiak06
Cookie
SFSESSID=ac8o9e1v32nla3n42nsmfnvte2
Connection
keep-alive
Referer
https://pay.bm.pl/ergohestiak06
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 10:04:55 GMT
Last-Modified
Fri, 23 Jul 2021 10:16:39 GMT
Content-Type
image/png
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
Content-Length
1451
Expires
Thu, 02 Sep 2021 13:51:35 GMT
redirect.gif
pay.bm.pl/v/20210730094458/bundles/webpaybm/images/common/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay.bm.pl/v/20210730094458/bundles/webpaybm/images/common/redirect.gif
Requested by
Host: pay.bm.pl
URL: https://pay.bm.pl/ergohestiak06
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.187.130.220 , Poland, ASN34826 (BLUEMEDIA-AS, PL),
Reverse DNS
h220.blue.pl
Software
/
Resource Hash
55a6a3037855c0b493c17b8476b5796bef2d5c629259fdc9a56ae70173a20948

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
pay.bm.pl
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://pay.bm.pl/ergohestiak06
Cookie
SFSESSID=ac8o9e1v32nla3n42nsmfnvte2
Connection
keep-alive
Referer
https://pay.bm.pl/ergohestiak06
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 10:04:55 GMT
Last-Modified
Fri, 23 Jul 2021 10:16:39 GMT
Content-Type
image/gif
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
Content-Length
2488
Expires
Thu, 02 Sep 2021 13:51:35 GMT
Cookie set start_transaction
pay.bm.pl/api/ 		24 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.bm.pl/api/start_transaction
Requested by
Host: pay.bm.pl
URL: https://pay.bm.pl/v/20210730094458/bundles/webpaybm/js/common/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.187.130.220 , Poland, ASN34826 (BLUEMEDIA-AS, PL),
Reverse DNS
h220.blue.pl
Software
/
Resource Hash
52d00801d16559c015c8d462aa11f1ec28c7682956cf8d34708008429c7e5b3f
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://error.blue.pl https://piwik.blue.pl https://play.google.com https://www.google-analytics.com https://sandbox.secure.checkout.visa.com https://secure.checkout.visa.com https://thm.visa.com https://bluelead.blue.pl wss://wtn.bm.pl https://wtn.bm.pl; report-uri https://error.blue.pl/api/144/security/?sentry_key=dfeeb5be9555424aac6b718b63a21baa&sentry_environment=prod
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
Origin
https://pay.bm.pl
Accept-Encoding
gzip, deflate, br
X-ARI
f39016ac3d97ecf1a40eaacd24f2a3f3ccbacce3e966d6987518b978d7025475
Accept-Language
en-US
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Cookie
SFSESSID=ac8o9e1v32nla3n42nsmfnvte2
Connection
keep-alive
Content-Length
1050
Pragma
no-cache
Host
pay.bm.pl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Cache-Control
no-cache
Referer
https://pay.bm.pl/ergohestiak06
Sec-Fetch-Site
same-origin
Accept
*/*
Referer
https://pay.bm.pl/ergohestiak06
X-Requested-With
XMLHttpRequest
X-ARI
f39016ac3d97ecf1a40eaacd24f2a3f3ccbacce3e966d6987518b978d7025475
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 10:04:55 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer-when-downgrade, same-origin
X-Frame-Options
DENY
Content-Type
text/html; charset=UTF-8
Cache-Control
private, no-cache, no-store, must-revalidate
Content-Security-Policy
connect-src 'self' https://error.blue.pl https://piwik.blue.pl https://play.google.com https://www.google-analytics.com https://sandbox.secure.checkout.visa.com https://secure.checkout.visa.com https://thm.visa.com https://bluelead.blue.pl wss://wtn.bm.pl https://wtn.bm.pl; report-uri https://error.blue.pl/api/144/security/?sentry_key=dfeeb5be9555424aac6b718b63a21baa&sentry_environment=prod
Set-Cookie
payBmLanguage=pl; Expires=Wed, 02-Aug-2023 10:04:55 GMT; Domain=.bm.pl; Path=/; Secure; HttpOnly payBmLanguage=pl; Expires=Wed, 02-Aug-2023 10:04:55 GMT; Domain=.bm.pl; Path=/; Secure; HttpOnly; SameSite=None
Vary
Accept-Encoding
Content-Length
4027
X-XSS-Protection
1; mode=block
Expires
Mon, 02 Aug 2021 10:04:56 GMT
doubletwo_studios_-_xxiicentarregular-webfont.woff
pay.bm.pl/v/20210730094458/bundles/webpaybm/fonts/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://pay.bm.pl/v/20210730094458/bundles/webpaybm/fonts/doubletwo_studios_-_xxiicentarregular-webfont.woff
Requested by
Host: pay.bm.pl
URL: https://pay.bm.pl/v/20210730094458/css/styles.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.187.130.220 , Poland, ASN34826 (BLUEMEDIA-AS, PL),
Reverse DNS
h220.blue.pl
Software
/
Resource Hash
7d34774731318cc783794d43e4318096c931c3c112f6d98d8c28006030ef458b

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://pay.bm.pl
Accept-Encoding
gzip, deflate, br
Host
pay.bm.pl
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://pay.bm.pl/v/20210730094458/css/styles.css
Cookie
SFSESSID=ac8o9e1v32nla3n42nsmfnvte2
Connection
keep-alive
Origin
https://pay.bm.pl
Referer
https://pay.bm.pl/v/20210730094458/css/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 10:04:55 GMT
Last-Modified
Fri, 23 Jul 2021 10:16:39 GMT
Content-Type
application/font-woff
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
Content-Length
27872
Expires
Thu, 02 Sep 2021 13:51:35 GMT
matomo.php
piwik.blue.pl/ 		0
142 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://piwik.blue.pl/matomo.php?action_name=Ergo%20Hestia&idsite=42&rec=1&r=421522&h=12&m=4&s=55&url=https%3A%2F%2Fpay.bm.pl%2Fergohestiak06&urlref=https%3A%2F%2Fs.bm.pl%2F&_id=e347fad0d3bea928&_idn=1&_refts=1627898696&_ref=https%3A%2F%2Fs.bm.pl%2F&send_image=0&cookie=1&res=1600x1200&pv_id=UBhhml&pf_net=135&pf_srv=84&pf_tfr=1&pf_dm1=208
Requested by
Host: piwik.blue.pl
URL: https://piwik.blue.pl/matomo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.139.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-139-101.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.38 (Debian) / PHP/7.4.21
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin
https://pay.bm.pl
date
Mon, 02 Aug 2021 10:04:55 GMT
access-control-allow-credentials
true
server
Apache/2.4.38 (Debian)
x-powered-by
PHP/7.4.21
ergohestiak06
pay.bm.pl/ 		46 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.bm.pl/ergohestiak06
Requested by
Host: pay.bm.pl
URL: https://pay.bm.pl/v/20210730094458/bundles/webpaybm/js/common/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.187.130.220 , Poland, ASN34826 (BLUEMEDIA-AS, PL),
Reverse DNS
h220.blue.pl
Software
/
Resource Hash
0aebb33c65d6b7756c930b13590fc1da9e4d22727c4f9b77907dbe517147041b
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://error.blue.pl https://piwik.blue.pl https://play.google.com https://www.google-analytics.com https://sandbox.secure.checkout.visa.com https://secure.checkout.visa.com https://thm.visa.com https://bluelead.blue.pl wss://wtn.bm.pl https://wtn.bm.pl; report-uri https://error.blue.pl/api/144/security/?sentry_key=dfeeb5be9555424aac6b718b63a21baa&sentry_environment=prod
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
Origin
https://pay.bm.pl
Accept-Encoding
gzip, deflate, br
X-ARI
f39016ac3d97ecf1a40eaacd24f2a3f3ccbacce3e966d6987518b978d7025475
Accept-Language
en-US
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Cookie
SFSESSID=ac8o9e1v32nla3n42nsmfnvte2; _pk_ref.42.faaa=%5B%22%22%2C%22%22%2C1627898696%2C%22https%3A%2F%2Fs.bm.pl%2F%22%5D; _pk_id.42.faaa=e347fad0d3bea928.1627898696.; _pk_ses.42.faaa=1; payBmLanguage=pl
Connection
keep-alive
Content-Length
32198
Pragma
no-cache
Host
pay.bm.pl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Cache-Control
no-cache
Referer
https://pay.bm.pl/ergohestiak06
Sec-Fetch-Site
same-origin
Accept
*/*
Referer
https://pay.bm.pl/ergohestiak06
X-Requested-With
XMLHttpRequest
X-ARI
f39016ac3d97ecf1a40eaacd24f2a3f3ccbacce3e966d6987518b978d7025475
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 10:04:55 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer-when-downgrade, same-origin
X-Frame-Options
DENY
Content-Type
text/html; charset=UTF-8
Cache-Control
private, no-cache, no-store, must-revalidate
Content-Security-Policy
connect-src 'self' https://error.blue.pl https://piwik.blue.pl https://play.google.com https://www.google-analytics.com https://sandbox.secure.checkout.visa.com https://secure.checkout.visa.com https://thm.visa.com https://bluelead.blue.pl wss://wtn.bm.pl https://wtn.bm.pl; report-uri https://error.blue.pl/api/144/security/?sentry_key=dfeeb5be9555424aac6b718b63a21baa&sentry_environment=prod
Vary
Accept-Encoding
Content-Length
5194
X-XSS-Protection
1; mode=block
Expires
Mon, 02 Aug 2021 10:04:56 GMT
sdk.js
assets.secure.checkout.visa.com/checkout-widget/resources/js/integration/v1/
Redirect Chain
  • https://assets.secure.checkout.visa.com/checkout-widget/resources/js/integration/v1/sdk.js
  • https://assets.secure.checkout.visa.com/checkout-widget/resources/js/integration/v1/sdk.js?refererUrl=undefined
227 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.secure.checkout.visa.com/checkout-widget/resources/js/integration/v1/sdk.js?refererUrl=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.18.24.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17f8143f6605dd490c34c49880aa67710d97dd895a30f15bac97bc45e390f88c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains, max-age=15768000;includeSubdomains;always
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 10:04:56 GMT
x-correlation-id
2_1627609393_723_68_b2k8l55-5b9967b4f_CHECKOUT-WIDGET
x-content-type-options
nosniff
cf-cache-status
HIT
age
289303
content-security-policy-report-only
block-all-mixed-content; base-uri 'none'; default-src 'self' *.visa.com; script-src-elem 'self' https://assets.secure.checkout.visa.com https://thm.visa.com https://secure.checkout.visa.com https://api-mastercard-src.nd.nudatasecurity.com https://www.aexp-static.com https://aug.americanexpress.com https://srcdcf.americanexpress.com https://webapp.src.discover.com https://dcf.src.discover.com https://src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com *.optimizely.com https://www.googletagmanager.com https://www.google-analytics.com https://maps.googleapis.com https://payments.google.com https://spay.samsung.com https://policy.cookiereports.com https://translate.google.com *.googleapis.com *.google-analytics.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://qwww.aexp-static.com https://sandbox-assets.secure.checkout.visa.com https://cdncache-a.akamaihd.net *.discover.com *.mastercard.com *.googletagmanager.com https://gateway.zscalertwo.net https://gateway.zscalerthree.net https://gateway.zscloud.net https://gateway.zscalergov.net https://gateway.zscaler.net https://gateway.zscalerone.net *.amazonaws.com https://cdn.appdynamics.com *.akamaihd.net *.opendns.com *.trendmicro.com 'unsafe-inline' 'unsafe-eval' ; script-src 'self' https://assets.secure.checkout.visa.com https://thm.visa.com https://secure.checkout.visa.com https://api-mastercard-src.nd.nudatasecurity.com https://www.aexp-static.com https://aug.americanexpress.com https://srcdcf.americanexpress.com https://webapp.src.discover.com https://dcf.src.discover.com https://src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com *.optimizely.com https://www.googletagmanager.com https://www.google-analytics.com https://maps.googleapis.com https://payments.google.com https://spay.samsung.com https://policy.cookiereports.com https://translate.google.com *.googleapis.com *.google-analytics.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://qwww.aexp-static.com https://sandbox-assets.secure.checkout.visa.com https://cdncache-a.akamaihd.net *.discover.com *.mastercard.com *.googletagmanager.com https://gateway.zscalertwo.net https://gateway.zscalerthree.net https://gateway.zscloud.net https://gateway.zscalergov.net https://gateway.zscaler.net https://gateway.zscalerone.net *.amazonaws.com https://cdn.appdynamics.com *.akamaihd.net *.opendns.com *.trendmicro.com 'unsafe-inline' 'unsafe-eval' ; frame-src data: 'self' https://h.online-metrix.net *.visa.com *.mastercard.com *.americanexpress.com *.aexp-static.com *.assets.mastercard.com https://webapp.src.discover.com https://dcf.src.discover.com https://src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com *.doubleclick.net *.online-metrix.net https://www.googletagmanager.com *.googleapis.com *.cardinalcommerce.com *.opendns.com; style-src 'self' *.secure.checkout.visa.com https://fonts.googleapis.com https://translate.googleapis.com https://icm.aexp-static.com *.assets.mastercard.com https://webapp.src.discover.com https://dcf.src.discover.com https://src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com https://fonts.googleapis.com https://translate.googleapis.com *.googleapis.com 'unsafe-inline'; style-src-elem 'self' *.secure.checkout.visa.com https://fonts.googleapis.com https://translate.googleapis.com https://icm.aexp-static.com *.assets.mastercard.com https://fonts.googleapis.com https://translate.googleapis.com *.googleapis.com 'unsafe-inline'; img-src data: 'self' *.discover.com *.americanexpress.com https://cdn.betread.com https://l.betrad.com *.secure.checkout.visa.com https://cdn.betrad.com https://assets.secure.checkout.visa.com https://thm.visa.com https://secure.checkout.visa.com https://webapp.src.discover.com https://dcf.src.discover.com https://src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com https://src.mastercard.com *.mastercard.com https://api-mastercard-src.nd.nudatasecurity.com https://www.aexp-static.com *.optimizely.com *.doubleclick.net *.online-metrix.net https://www.google-analytics.com https://www.google.com https://maps.gstatic.com https://www.staticv.me https://www.gstatic.com https://translate.google.com https://translate.googleapis.com https://www.googletagmanager.com *.google.com *.staticv.me *.twitter.com *.opendns.com h.online-metrix.net ; connect-src 'self' *.visa.com *.google-analytics.com *.optimizely.com *.doubleclick.net https://translate.googleapis.com *.googleapis.com https://code.jquery.com *.googletagmanager.com *.secure.checkout.visa.com https://srcservicing-qa.americanexpress.com https://sandbox.src.mastercard.com https://webapp.src.discover.com https://dcf.src.discover.com https://src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com wss://secure.checkout.visa.com; media-src 'none'; font-src data: 'self' https://www.aexp-static.com https://fonts.gstatic.com *.visa.com https://fonts.googleapis.com *.googleusercontent.com; object-src 'self' https://thm.visa.com; report-uri /logging/logCSPReport; report-to csp-endpoint
content-encoding
br
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-served-by
b2k8l55-5b9967b4f
last-modified
Fri, 30 Jul 2021 01:43:13 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000 ; includeSubDomains, max-age=15768000;includeSubdomains;always
report-to
{ "group": "csp-endpoint", "max_age": 10886400, "endpoints": [{ "url": "/logging/logCSPReport" }] }, { "max_age": 10886400, "endpoints": [{ "url": "/logging/logCSPReport" }] }
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
67867c227e44edab-CDG
expires
Mon, 02 Aug 2021 11:04:56 GMT

Redirect headers

location
https://assets.secure.checkout.visa.com/checkout-widget/resources/js/integration/v1/sdk.js?refererUrl=undefined
date
Mon, 02 Aug 2021 10:04:56 GMT
server
cloudflare
cf-ray
67867c223dfaedab-CDG
content-length
0
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
pl.js
pay.bm.pl/js/translations/ 		38 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.bm.pl/js/translations/pl.js?_=1627898695488
Requested by
Host: pay.bm.pl
URL: https://pay.bm.pl/v/20210730094458/bundles/webpaybm/js/common/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.187.130.220 , Poland, ASN34826 (BLUEMEDIA-AS, PL),
Reverse DNS
h220.blue.pl
Software
/
Resource Hash
107b35035211ed46ce01cf2d82e2a2961c96faab48585b94d415b38d32786ce1

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
pay.bm.pl
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Cache-Control
no-cache
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Cookie
SFSESSID=ac8o9e1v32nla3n42nsmfnvte2; _pk_ref.42.faaa=%5B%22%22%2C%22%22%2C1627898696%2C%22https%3A%2F%2Fs.bm.pl%2F%22%5D; _pk_id.42.faaa=e347fad0d3bea928.1627898696.; _pk_ses.42.faaa=1; payBmLanguage=pl
Connection
keep-alive
Referer
https://pay.bm.pl/ergohestiak06
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://pay.bm.pl/ergohestiak06
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 10:04:56 GMT
Content-Encoding
gzip
Last-Modified
Fri, 23 Jul 2021 10:17:09 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
private, no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
8250
Expires
Mon, 02 Aug 2021 10:04:56 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e567ba956cf3f1d9e5d2a6061cf78d4ffdd2e74bcceb09931c10da7e5e28b190

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4569a142b304d45be06decf175f4f262e5670ffe30f0a4c76603849821a6606b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fedc5d43a0b0764f1716cb8f39e81f672ecbb969db63c55c7d344f6d17ba020b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
lato-bold-webfont.woff
pay.bm.pl/v/20210730094458/bundles/webpaybm/fonts/ 		71 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://pay.bm.pl/v/20210730094458/bundles/webpaybm/fonts/lato-bold-webfont.woff
Requested by
Host: pay.bm.pl
URL: https://pay.bm.pl/v/20210730094458/css/styles.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.187.130.220 , Poland, ASN34826 (BLUEMEDIA-AS, PL),
Reverse DNS
h220.blue.pl
Software
/
Resource Hash
7cebe978fde661e6a5a690aad9bed83703318bf58c2901174deff6aa9baa5643

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://pay.bm.pl
Accept-Encoding
gzip, deflate, br
Host
pay.bm.pl
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://pay.bm.pl/v/20210730094458/css/styles.css
Cookie
SFSESSID=ac8o9e1v32nla3n42nsmfnvte2; _pk_ref.42.faaa=%5B%22%22%2C%22%22%2C1627898696%2C%22https%3A%2F%2Fs.bm.pl%2F%22%5D; _pk_id.42.faaa=e347fad0d3bea928.1627898696.; _pk_ses.42.faaa=1; payBmLanguage=pl
Connection
keep-alive
Origin
https://pay.bm.pl
Referer
https://pay.bm.pl/v/20210730094458/css/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 10:04:55 GMT
Last-Modified
Fri, 23 Jul 2021 10:16:39 GMT
Content-Type
application/font-woff
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
Content-Length
72376
Expires
Thu, 02 Sep 2021 13:51:35 GMT
lato-light-webfont.woff
pay.bm.pl/v/20210730094458/bundles/webpaybm/fonts/ 		71 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://pay.bm.pl/v/20210730094458/bundles/webpaybm/fonts/lato-light-webfont.woff
Requested by
Host: pay.bm.pl
URL: https://pay.bm.pl/v/20210730094458/css/styles.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.187.130.220 , Poland, ASN34826 (BLUEMEDIA-AS, PL),
Reverse DNS
h220.blue.pl
Software
/
Resource Hash
7ff2abf17af087e4a1fcb20434b31177c0dceef1c3ead81786feb1142e87c485

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://pay.bm.pl
Accept-Encoding
gzip, deflate, br
Host
pay.bm.pl
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://pay.bm.pl/v/20210730094458/css/styles.css
Cookie
SFSESSID=ac8o9e1v32nla3n42nsmfnvte2; _pk_ref.42.faaa=%5B%22%22%2C%22%22%2C1627898696%2C%22https%3A%2F%2Fs.bm.pl%2F%22%5D; _pk_id.42.faaa=e347fad0d3bea928.1627898696.; _pk_ses.42.faaa=1; payBmLanguage=pl
Connection
keep-alive
Origin
https://pay.bm.pl
Referer
https://pay.bm.pl/v/20210730094458/css/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 10:04:56 GMT
Last-Modified
Fri, 23 Jul 2021 10:16:39 GMT
Content-Type
application/font-woff
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
Content-Length
72604
Expires
Thu, 02 Sep 2021 13:51:36 GMT
select.png
pay.bm.pl/bundles/webpaybm/uniform/bs3/images/ 		235 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay.bm.pl/bundles/webpaybm/uniform/bs3/images/select.png
Requested by
Host: pay.bm.pl
URL: https://pay.bm.pl/v/20210730094458/css/styles.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.187.130.220 , Poland, ASN34826 (BLUEMEDIA-AS, PL),
Reverse DNS
h220.blue.pl
Software
/
Resource Hash
0109c2cfa149482c6a7f0befdf87f62734e22a10565aa25f4477e952ba129964

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
pay.bm.pl
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://pay.bm.pl/v/20210730094458/css/styles.css
Cookie
SFSESSID=ac8o9e1v32nla3n42nsmfnvte2; _pk_ref.42.faaa=%5B%22%22%2C%22%22%2C1627898696%2C%22https%3A%2F%2Fs.bm.pl%2F%22%5D; _pk_id.42.faaa=e347fad0d3bea928.1627898696.; _pk_ses.42.faaa=1; payBmLanguage=pl
Connection
keep-alive
Referer
https://pay.bm.pl/v/20210730094458/css/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 10:04:56 GMT
Last-Modified
Fri, 23 Jul 2021 10:16:39 GMT
Content-Type
image/png
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
Content-Length
235
Expires
Thu, 02 Sep 2021 13:51:36 GMT
info
pay.bm.pl/logger/ 		4 B
764 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.bm.pl/logger/info
Requested by
Host: pay.bm.pl
URL: https://pay.bm.pl/v/20210730094458/bundles/webpaybm/js/common/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.187.130.220 , Poland, ASN34826 (BLUEMEDIA-AS, PL),
Reverse DNS
h220.blue.pl
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://error.blue.pl https://piwik.blue.pl https://play.google.com https://www.google-analytics.com https://sandbox.secure.checkout.visa.com https://secure.checkout.visa.com https://thm.visa.com https://bluelead.blue.pl wss://wtn.bm.pl https://wtn.bm.pl; report-uri https://error.blue.pl/api/144/security/?sentry_key=dfeeb5be9555424aac6b718b63a21baa&sentry_environment=prod
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
Origin
https://pay.bm.pl
Accept-Encoding
gzip, deflate, br
X-ARI
f39016ac3d97ecf1a40eaacd24f2a3f3ccbacce3e966d6987518b978d7025475
Accept-Language
en-US
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Cookie
SFSESSID=ac8o9e1v32nla3n42nsmfnvte2; _pk_ref.42.faaa=%5B%22%22%2C%22%22%2C1627898696%2C%22https%3A%2F%2Fs.bm.pl%2F%22%5D; _pk_id.42.faaa=e347fad0d3bea928.1627898696.; _pk_ses.42.faaa=1; payBmLanguage=pl
Connection
keep-alive
Content-Length
18
Pragma
no-cache
Host
pay.bm.pl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Cache-Control
no-cache
Referer
https://pay.bm.pl/ergohestiak06
Sec-Fetch-Site
same-origin
Accept
*/*
Referer
https://pay.bm.pl/ergohestiak06
X-Requested-With
XMLHttpRequest
X-ARI
f39016ac3d97ecf1a40eaacd24f2a3f3ccbacce3e966d6987518b978d7025475
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 10:04:56 GMT
Referrer-Policy
no-referrer-when-downgrade, same-origin
X-Frame-Options
DENY
Content-Type
application/json
Cache-Control
private, no-cache, no-store, must-revalidate
Content-Security-Policy
connect-src 'self' https://error.blue.pl https://piwik.blue.pl https://play.google.com https://www.google-analytics.com https://sandbox.secure.checkout.visa.com https://secure.checkout.visa.com https://thm.visa.com https://bluelead.blue.pl wss://wtn.bm.pl https://wtn.bm.pl; report-uri https://error.blue.pl/api/144/security/?sentry_key=dfeeb5be9555424aac6b718b63a21baa&sentry_environment=prod
Content-Length
4
X-XSS-Protection
1; mode=block
Expires
Mon, 02 Aug 2021 10:04:57 GMT
pl.js
pay.bm.pl/js/translations/ 		38 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.bm.pl/js/translations/pl.js?_=1627898695489
Requested by
Host: pay.bm.pl
URL: https://pay.bm.pl/v/20210730094458/bundles/webpaybm/js/common/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.187.130.220 , Poland, ASN34826 (BLUEMEDIA-AS, PL),
Reverse DNS
h220.blue.pl
Software
/
Resource Hash
107b35035211ed46ce01cf2d82e2a2961c96faab48585b94d415b38d32786ce1

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
pay.bm.pl
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Cache-Control
no-cache
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Cookie
SFSESSID=ac8o9e1v32nla3n42nsmfnvte2; _pk_ref.42.faaa=%5B%22%22%2C%22%22%2C1627898696%2C%22https%3A%2F%2Fs.bm.pl%2F%22%5D; _pk_id.42.faaa=e347fad0d3bea928.1627898696.; _pk_ses.42.faaa=1; payBmLanguage=pl
Connection
keep-alive
Referer
https://pay.bm.pl/ergohestiak06
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://pay.bm.pl/ergohestiak06
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Aug 2021 10:04:56 GMT
Content-Encoding
gzip
Last-Modified
Fri, 23 Jul 2021 10:17:09 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
private, no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
8250
Expires
Mon, 02 Aug 2021 10:04:57 GMT
509.png
platnosci.bm.pl/pomoc/grafika/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platnosci.bm.pl/pomoc/grafika/509.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.182.23.217 , Poland, ASN39198 (PTI-AS, PL),
Reverse DNS
h217.blue.pl
Software
/
Resource Hash
81b6ac3496945a7e009dbd92b9a0337bff12e2e2255eec246de6d2c00d8c0dcf

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Aug 2021 10:04:56 GMT
Last-Modified
Mon, 02 Aug 2021 07:08:15 GMT
ETag
"9fb-5c88e3ba2f5c0"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=100
Content-Length
2555
1500.gif
platnosci.bm.pl/pomoc/grafika/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platnosci.bm.pl/pomoc/grafika/1500.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.182.23.217 , Poland, ASN39198 (PTI-AS, PL),
Reverse DNS
h217.blue.pl
Software
/
Resource Hash
d42042fcd8ac6626a2d5aa842df3264989344f96c06fb3b6c1b0e914a1076e2f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Aug 2021 10:04:56 GMT
Last-Modified
Mon, 02 Aug 2021 07:08:15 GMT
ETag
"d03-5c88e3ba2f5c0"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=100
Content-Length
3331
1512.png
platnosci.bm.pl/pomoc/grafika/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platnosci.bm.pl/pomoc/grafika/1512.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.182.23.217 , Poland, ASN39198 (PTI-AS, PL),
Reverse DNS
h217.blue.pl
Software
/
Resource Hash
ac883aa3667c17465400df10cfcc6a81649982d888bccdd5d6edd807a8dc36ee

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Aug 2021 10:04:56 GMT
Last-Modified
Mon, 02 Aug 2021 07:08:15 GMT
ETag
"b30-5c88e3ba2f5c0"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=100
Content-Length
2864
1511.png
platnosci.bm.pl/pomoc/grafika/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platnosci.bm.pl/pomoc/grafika/1511.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.182.23.217 , Poland, ASN39198 (PTI-AS, PL),
Reverse DNS
h217.blue.pl
Software
/
Resource Hash
efcbb222dd9ab1d2aa4fe717e03b0b29108ec82030871dd18c09bff1f5625667

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Aug 2021 10:04:56 GMT
Last-Modified
Mon, 02 Aug 2021 07:08:15 GMT
ETag
"a52-5c88e3ba2f5c0"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=100
Content-Length
2642
1808.png
platnosci.bm.pl/pomoc/grafika/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platnosci.bm.pl/pomoc/grafika/1808.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.182.23.217 , Poland, ASN39198 (PTI-AS, PL),
Reverse DNS
h217.blue.pl
Software
/
Resource Hash
60d7bfece897beeb054b37a5833f0166f126cb71b86e51af398df3ad3d89b648

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Aug 2021 10:04:56 GMT
Last-Modified
Mon, 02 Aug 2021 07:08:15 GMT
ETag
"868-5c88e3ba2f5c0"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=100
Content-Length
2152
1800.png
platnosci.bm.pl/pomoc/grafika/ 		910 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platnosci.bm.pl/pomoc/grafika/1800.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.182.23.217 , Poland, ASN39198 (PTI-AS, PL),
Reverse DNS
h217.blue.pl
Software
/
Resource Hash
64faeb94d95bb35c2987730e0a8f7a5100bfcea8a39c60f540e0aa4c3342ca9b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Aug 2021 10:04:56 GMT
Last-Modified
Mon, 02 Aug 2021 07:08:15 GMT
ETag
"38e-5c88e3ba2f5c0"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=100
Content-Length
910
1803.png
platnosci.bm.pl/pomoc/grafika/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platnosci.bm.pl/pomoc/grafika/1803.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.182.23.217 , Poland, ASN39198 (PTI-AS, PL),
Reverse DNS
h217.blue.pl
Software
/
Resource Hash
59190c03df1bb4d4d4fd749e71a475f809e050e740c98fdf1564a695bccc2016

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Aug 2021 10:04:56 GMT
Last-Modified
Mon, 02 Aug 2021 07:08:15 GMT
ETag
"d68-5c88e3ba2f5c0"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=100
Content-Length
3432
1806.png
platnosci.bm.pl/pomoc/grafika/ 		908 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platnosci.bm.pl/pomoc/grafika/1806.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.182.23.217 , Poland, ASN39198 (PTI-AS, PL),
Reverse DNS
h217.blue.pl
Software
/
Resource Hash
d7732c6ac82be7c61a2bf20681684fa0d2d1e8a94ccbb95545d25576efa26b3d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Aug 2021 10:04:56 GMT
Last-Modified
Mon, 02 Aug 2021 07:08:15 GMT
ETag
"38c-5c88e3ba2f5c0"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=100
Content-Length
908
1805.png
platnosci.bm.pl/pomoc/grafika/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platnosci.bm.pl/pomoc/grafika/1805.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.182.23.217 , Poland, ASN39198 (PTI-AS, PL),
Reverse DNS
h217.blue.pl
Software
/
Resource Hash
dc1885cd61803006d2c5557e52a68fd2079f2266be20938df84ec95222c3bb60

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Aug 2021 10:04:56 GMT
Last-Modified
Mon, 02 Aug 2021 07:08:15 GMT
ETag
"5eb-5c88e3ba2f5c0"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=100
Content-Length
1515
85.gif
platnosci.bm.pl/pomoc/grafika/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platnosci.bm.pl/pomoc/grafika/85.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.182.23.217 , Poland, ASN39198 (PTI-AS, PL),
Reverse DNS
h217.blue.pl
Software
/
Resource Hash
6b0fc984ed533b9ade09d94c5f4847e84b0e6ee2486ea7dd588f8ea7c76eb982

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Aug 2021 10:04:56 GMT
Last-Modified
Mon, 02 Aug 2021 07:08:15 GMT
ETag
"b67-5c88e3ba2f5c0"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=100
Content-Length
2919
1802.png
platnosci.bm.pl/pomoc/grafika/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platnosci.bm.pl/pomoc/grafika/1802.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.182.23.217 , Poland, ASN39198 (PTI-AS, PL),
Reverse DNS
h217.blue.pl
Software
/
Resource Hash
35ca86447a07d66bff593492a0b0cd25b72bb16a321ba11ac3034e0af6f8ae50

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Aug 2021 10:04:56 GMT
Last-Modified
Mon, 02 Aug 2021 07:08:15 GMT
ETag
"10b2-5c88e3ba2f5c0"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=100
Content-Length
4274
59.gif
platnosci.bm.pl/pomoc/grafika/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platnosci.bm.pl/pomoc/grafika/59.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.182.23.217 , Poland, ASN39198 (PTI-AS, PL),
Reverse DNS
h217.blue.pl
Software
/
Resource Hash
20ee85647906e3265ee92d70c712d7006cf022f991a09ad610da2a8ddd94d236

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Aug 2021 10:04:56 GMT
Last-Modified
Mon, 02 Aug 2021 07:08:15 GMT
ETag
"19b0-5c88e3ba2f5c0"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=100
Content-Length
6576
1810.png
platnosci.bm.pl/pomoc/grafika/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platnosci.bm.pl/pomoc/grafika/1810.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.182.23.217 , Poland, ASN39198 (PTI-AS, PL),
Reverse DNS
h217.blue.pl
Software
/
Resource Hash
68589c809013fd9bd0755c4afacff7905ec24b817f87a762d9c38b004a4ff1f7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Aug 2021 10:04:56 GMT
Last-Modified
Mon, 02 Aug 2021 07:08:15 GMT
ETag
"ec9-5c88e3ba2f5c0"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=100
Content-Length
3785
1035.png
platnosci.bm.pl/pomoc/grafika/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platnosci.bm.pl/pomoc/grafika/1035.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.182.23.217 , Poland, ASN39198 (PTI-AS, PL),
Reverse DNS
h217.blue.pl
Software
/
Resource Hash
23e318f4b48801ec7a88aebedb06773b99a1696cb683867d65bc87aff9cf4e85

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Aug 2021 10:04:56 GMT
Last-Modified
Mon, 02 Aug 2021 07:08:15 GMT
ETag
"1053-5c88e3ba2f5c0"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=100
Content-Length
4179
1801.png
platnosci.bm.pl/pomoc/grafika/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platnosci.bm.pl/pomoc/grafika/1801.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.182.23.217 , Poland, ASN39198 (PTI-AS, PL),
Reverse DNS
h217.blue.pl
Software
/
Resource Hash
a77936efcc67c6cb558e439dd9fa2f521eb684ac4f0985a0a68b195a61888e6a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Aug 2021 10:04:56 GMT
Last-Modified
Mon, 02 Aug 2021 07:08:15 GMT
ETag
"4d7-5c88e3ba2f5c0"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=100
Content-Length
1239
90.gif
platnosci.bm.pl/pomoc/grafika/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platnosci.bm.pl/pomoc/grafika/90.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.182.23.217 , Poland, ASN39198 (PTI-AS, PL),
Reverse DNS
h217.blue.pl
Software
/
Resource Hash
8392d625cc4223f968c262d2b7a6ede3b2657fa3e68e5a20b54d2517fcf7415c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Aug 2021 10:04:56 GMT
Last-Modified
Mon, 02 Aug 2021 07:08:15 GMT
ETag
"ff9-5c88e3ba2f5c0"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=100
Content-Length
4089
108.gif
platnosci.bm.pl/pomoc/grafika/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platnosci.bm.pl/pomoc/grafika/108.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.182.23.217 , Poland, ASN39198 (PTI-AS, PL),
Reverse DNS
h217.blue.pl
Software
/
Resource Hash
a57b617f8ddbf2c81f2cd8fc9ca7c1c4f644d341a27caa34f05f4da622da7f18

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Aug 2021 10:04:56 GMT
Last-Modified
Mon, 02 Aug 2021 07:08:15 GMT
ETag
"869-5c88e3ba2f5c0"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=100
Content-Length
2153
517.png
platnosci.bm.pl/pomoc/grafika/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platnosci.bm.pl/pomoc/grafika/517.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.182.23.217 , Poland, ASN39198 (PTI-AS, PL),
Reverse DNS
h217.blue.pl
Software
/
Resource Hash
f1a4fd8f3ff9280b624669bd19a9fbb2d169fa73ef58afaf98ce6c4d992eaf9d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Aug 2021 10:04:56 GMT
Last-Modified
Mon, 02 Aug 2021 07:08:15 GMT
ETag
"26a8-5c88e3ba2f5c0"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=100
Content-Length
9896
131.gif
platnosci.bm.pl/pomoc/grafika/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platnosci.bm.pl/pomoc/grafika/131.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.182.23.217 , Poland, ASN39198 (PTI-AS, PL),
Reverse DNS
h217.blue.pl
Software
/
Resource Hash
ea2859fa9548e633966773fe82fd1dbcd4fd48d79f08619cc11ee2f64f1c4323

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Aug 2021 10:04:56 GMT
Last-Modified
Mon, 02 Aug 2021 07:08:15 GMT
ETag
"f38-5c88e3ba2f5c0"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=100
Content-Length
3896
86.gif
platnosci.bm.pl/pomoc/grafika/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platnosci.bm.pl/pomoc/grafika/86.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.182.23.217 , Poland, ASN39198 (PTI-AS, PL),
Reverse DNS
h217.blue.pl
Software
/
Resource Hash
35b2e03319a58374912090d8b891ef1783c09c0b142e63cc7940e115c3a74c3a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Aug 2021 10:04:56 GMT
Last-Modified
Mon, 02 Aug 2021 07:08:15 GMT
ETag
"145b-5c88e3ba2f5c0"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=100
Content-Length
5211
98.gif
platnosci.bm.pl/pomoc/grafika/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platnosci.bm.pl/pomoc/grafika/98.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.182.23.217 , Poland, ASN39198 (PTI-AS, PL),
Reverse DNS
h217.blue.pl
Software
/
Resource Hash
bf18509e866451a8177190dcba355282c3ad65f80dd014bbbaad5ea8ed61b095

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Aug 2021 10:04:56 GMT
Last-Modified
Mon, 02 Aug 2021 07:08:15 GMT
ETag
"b5f-5c88e3ba2f5c0"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=100
Content-Length
2911
117.gif
platnosci.bm.pl/pomoc/grafika/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platnosci.bm.pl/pomoc/grafika/117.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.182.23.217 , Poland, ASN39198 (PTI-AS, PL),
Reverse DNS
h217.blue.pl
Software
/
Resource Hash
54ce826bd4c886221a93f58f1401d7b089ec366639efd0a864d6139c82f620c3

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Aug 2021 10:04:56 GMT
Last-Modified
Mon, 02 Aug 2021 07:08:15 GMT
ETag
"d94-5c88e3ba2f5c0"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=100
Content-Length
3476
514.gif
platnosci.bm.pl/pomoc/grafika/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platnosci.bm.pl/pomoc/grafika/514.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.182.23.217 , Poland, ASN39198 (PTI-AS, PL),
Reverse DNS
h217.blue.pl
Software
/
Resource Hash
3455e464eaf19408030efea25ca5ddc05f09c15501f6599bc4f1274e4cf571ee

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Aug 2021 10:04:56 GMT
Last-Modified
Mon, 02 Aug 2021 07:08:15 GMT
ETag
"d80-5c88e3ba2f5c0"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=100
Content-Length
3456
109.gif
platnosci.bm.pl/pomoc/grafika/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platnosci.bm.pl/pomoc/grafika/109.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.182.23.217 , Poland, ASN39198 (PTI-AS, PL),
Reverse DNS
h217.blue.pl
Software
/
Resource Hash
08b5100852d38b941251d248106e71b27de62f46fae4aa67d53c115371cc54e7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Aug 2021 10:04:56 GMT
Last-Modified
Mon, 02 Aug 2021 07:08:15 GMT
ETag
"9a4-5c88e3ba2f5c0"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=100
Content-Length
2468
1507.gif
platnosci.bm.pl/pomoc/grafika/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platnosci.bm.pl/pomoc/grafika/1507.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.182.23.217 , Poland, ASN39198 (PTI-AS, PL),
Reverse DNS
h217.blue.pl
Software
/
Resource Hash
7dddc508f942625d698f7652dbcb5bc9f9603a8ddc74891bd30ab22cfc2faff2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Aug 2021 10:04:56 GMT
Last-Modified
Mon, 02 Aug 2021 07:08:15 GMT
ETag
"c52-5c88e3ba2f5c0"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=100
Content-Length
3154
1510.gif
platnosci.bm.pl/pomoc/grafika/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platnosci.bm.pl/pomoc/grafika/1510.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.182.23.217 , Poland, ASN39198 (PTI-AS, PL),
Reverse DNS
h217.blue.pl
Software
/
Resource Hash
630f7785388f5953943ac18937cc1304bed1e8d55b0cb74d326ca6e6c8916947

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Aug 2021 10:04:56 GMT
Last-Modified
Mon, 02 Aug 2021 07:08:15 GMT
ETag
"ee0-5c88e3ba2f5c0"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=100
Content-Length
3808
1515.png
platnosci.bm.pl/pomoc/grafika/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platnosci.bm.pl/pomoc/grafika/1515.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.182.23.217 , Poland, ASN39198 (PTI-AS, PL),
Reverse DNS
h217.blue.pl
Software
/
Resource Hash
23f79c9985bcb79d3cdcdcc629ed9cd6139d0e5ce24cf8e17e0febeb9f14747a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Aug 2021 10:04:56 GMT
Last-Modified
Mon, 02 Aug 2021 07:08:15 GMT
ETag
"407-5c88e3ba2f5c0"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=100
Content-Length
1031
1520.png
platnosci.bm.pl/pomoc/grafika/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platnosci.bm.pl/pomoc/grafika/1520.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.182.23.217 , Poland, ASN39198 (PTI-AS, PL),
Reverse DNS
h217.blue.pl
Software
/
Resource Hash
174fcc100377c5b3615569a19301930c47516caf63d9e325ba29a2a8d244ef27

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Aug 2021 10:04:56 GMT
Last-Modified
Mon, 02 Aug 2021 07:08:15 GMT
ETag
"987-5c88e3ba2f5c0"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=100
Content-Length
2439
1519.png
platnosci.bm.pl/pomoc/grafika/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platnosci.bm.pl/pomoc/grafika/1519.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.182.23.217 , Poland, ASN39198 (PTI-AS, PL),
Reverse DNS
h217.blue.pl
Software
/
Resource Hash
e0877f8b938dd3493327879c8897764a511beb63eb6b7d7329b1e810488602e3

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Aug 2021 10:04:56 GMT
Last-Modified
Mon, 02 Aug 2021 07:08:15 GMT
ETag
"1c40-5c88e3ba2f5c0"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=100
Content-Length
7232
1522.png
platnosci.bm.pl/pomoc/grafika/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platnosci.bm.pl/pomoc/grafika/1522.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.182.23.217 , Poland, ASN39198 (PTI-AS, PL),
Reverse DNS
h217.blue.pl
Software
/
Resource Hash
ed7ef0f78700ca74ca94d71db57b238e6e47706af41d2ceb3b17ac8fc0953f63

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Aug 2021 10:04:56 GMT
Last-Modified
Mon, 02 Aug 2021 07:08:15 GMT
ETag
"1851-5c88e3ba2f5c0"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=100
Content-Length
6225
9.gif
platnosci.bm.pl/pomoc/grafika/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platnosci.bm.pl/pomoc/grafika/9.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.182.23.217 , Poland, ASN39198 (PTI-AS, PL),
Reverse DNS
h217.blue.pl
Software
/
Resource Hash
8a821cc6f1b6f584bc5eb6a2f82cfa5120ee7166845f7480a575f1bfb450a3cb

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Aug 2021 10:04:56 GMT
Last-Modified
Mon, 02 Aug 2021 07:08:15 GMT
ETag
"52f-5c88e3ba2f5c0"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=100
Content-Length
1327
button.png
assets.secure.checkout.visa.com/wallet-services-web/xo/
Redirect Chain
  • https://secure.checkout.visa.com/wallet-services-web/xo/button.png
  • https://assets.secure.checkout.visa.com/wallet-services-web/xo/button.png
  • https://assets.secure.checkout.visa.com/wallet-services-web/xo/button.png?country=DE&refererUrl=undefined&appType=web
24 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.secure.checkout.visa.com/wallet-services-web/xo/button.png?country=DE&refererUrl=undefined&appType=web
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.18.24.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a87e999160e645d1bd074bd988557e26027a487febeca2761b8136d1cb07d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains, max-age=15768000;includeSubdomains;always
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 10:04:56 GMT
x-correlation-id
1_1627898696_558_226_b2k8l73c7c6x9d_ARM
x-content-security-policy-report-only
default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
cf-cache-status
EXPIRED
content-security-policy-report-only
default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
content-encoding
br
vary
Accept-Encoding
x-xss-protection
1; mode=block, 1; mode=block
x-served-by
b2k8l73-7c8f88b5l
cf-ray
67867c230ef3edab-CDG
pragma
no-cache
last-modified
Mon, 02 Aug 2021 07:16:47 GMT
server
cloudflare
cache-control
public, max-age=14400
x-frame-options
SAMEORIGIN
x-webkit-csp-report-only
default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;includeSubdomains, max-age=15768000;includeSubdomains;always
content-language
en-US
access-control-allow-origin
*
x-app-status
200
content-type
image/svg+xml;charset=UTF-8
v-token
1_{001}:AARQMTZBgP7n3ciqZOux3h1BYk+S3zVfoozNv5Y9eIvceBWLXwHM/hJGlhg5+rr4s4QQskTRK7c/tEHZIyrBsijMk1qjv4jsNEhcMWAv4+awQ6XtOpRO/AxFJeugw0XdEzzBjBZc703fMp1eqCXbtqOOZsVIcA2UYa3EM6BCY+ErM84BOWXjRU0uR3J7J/EnE4oMn1XSyJAm+i4W5CXN0G0ZXgxnEkQL4ZSxG0sXNlDSE8aAQ58qMYQaprnEbcR4f4C/Ajsqj0qnWy+sF8BnOlUoHp1Uq+xTfCy+JjTsBC0h4i9riYSa/uZL9qT51+nv6YC6mBm64yUMyQcaxogiemnvNFX98AV2ylTscGRAyAwBKAy0QUepMjBpJH6zayRVyoBsu/PiFRYeJeHLIU9qflCM4f+2wBmJSgXFBiaDvI+b1Q==
x-content-type-options
nosniff, nosniff
expires
Mon, 02 Aug 2021 14:04:56 GMT

Redirect headers

location
https://assets.secure.checkout.visa.com/wallet-services-web/xo/button.png?country=DE&refererUrl=undefined&appType=web
date
Mon, 02 Aug 2021 10:04:56 GMT
server
cloudflare
cf-ray
67867c22be92edab-CDG
content-length
0
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
pay.js
pay.google.com/gp/p/js/ 		95 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: pay.bm.pl
URL: https://pay.bm.pl/v/20210730094458/js/scripts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b759c0b4ffe74659b6447d73f206ff4995e6146f599389e5a1ac82f27616e85a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QJj02O8CmVJ15VdSlNGAaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-QJj02O8CmVJ15VdSlNGAaw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 10:04:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
cross-origin-opener-policy
same-origin; report-to="InstantbuyFrontendHttp"
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"InstantbuyFrontendHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendHttp/external"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=600
content-security-policy
script-src 'report-sample' 'nonce-QJj02O8CmVJ15VdSlNGAaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-QJj02O8CmVJ15VdSlNGAaw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
expires
Mon, 02 Aug 2021 10:04:56 GMT
payframe
pay.google.com/gp/p/ui/ Frame C98D 		17 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fpay.bm.pl&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c09::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c0d7aafe6c7af5822f7326651bd8bf0995bb454f6b97a3086c06a8b853ff2d3e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-oE8nktLV3WYDw5u9VucVLw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-oE8nktLV3WYDw5u9VucVLw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pay.google.com
:scheme
https
:path
/gp/p/ui/payframe?origin=https%3A%2F%2Fpay.bm.pl&mid=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=220=dUevdGMWDQjdI7s4GYcegQb6GiuCQF923ojcE0C9ot9Z26UHdPo0ScLKCUD2KEwxVh3nQKBH0h60re3ye0X9mzOL3uEbjDl-ocldROxjcjNjjfiocZPoUvev8OB1wwzCHnu4iHiPMNL6gOcXDLBecK78se0OitHmf3MKEPY0Qzc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible
IE=edge
expires
Mon, 02 Aug 2021 10:04:56 GMT
date
Mon, 02 Aug 2021 10:04:56 GMT
cache-control
private, max-age=3600
strict-transport-security
max-age=31536000
content-security-policy
script-src 'report-sample' 'nonce-oE8nktLV3WYDw5u9VucVLw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-oE8nktLV3WYDw5u9VucVLw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
cross-origin-opener-policy
same-origin; report-to="InstantbuyFrontendBuyflowPayframeUi"
report-to
{"group":"InstantbuyFrontendBuyflowPayframeUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayframeUi/external"}]}
cross-origin-resource-policy
same-site
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gtm
secure.checkout.visa.com/checkout-widget/ Frame 7958 		3 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.checkout.visa.com/checkout-widget/gtm?apikey=A92M10WGYXL33W8YRN2E21fGMPqgYFqeU0t1kMgY45yX-BGw0&externalClientId=100084&externalProfileId=&parentUrl=https%3A%2F%2Fpay.bm.pl%2Fergohestiak06&locale=&country=&browserLocale=&countryCode=&formFactor=WEB&isSplunkLoggingEnabled=true&isVsbMerchant=false&buttonElement=true&allowCXO=false&buttonPosition=&postmessage=true&allowRXO=true
Requested by
Host: assets.secure.checkout.visa.com
URL: https://assets.secure.checkout.visa.com/checkout-widget/resources/js/integration/v1/sdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.19.208.81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28f2b8104d2e9e53e00528c920cb4a77622e58388015bdc8896ac2c960b6c152
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;includeSubdomains;always
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
secure.checkout.visa.com
:scheme
https
:path
/checkout-widget/gtm?apikey=A92M10WGYXL33W8YRN2E21fGMPqgYFqeU0t1kMgY45yX-BGw0&externalClientId=100084&externalProfileId=&parentUrl=https%3A%2F%2Fpay.bm.pl%2Fergohestiak06&locale=&country=&browserLocale=&countryCode=&formFactor=WEB&isSplunkLoggingEnabled=true&isVsbMerchant=false&buttonElement=true&allowCXO=false&buttonPosition=&postmessage=true&allowRXO=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfruid=727a44e2b753fb4ec729e50f854009f61466a2ea-1627898696
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 10:04:56 GMT
content-type
text/html;charset=UTF-8
cf-ray
67867c232ae53a2f-CDG
cache-control
no-cache, no-store, must-revalidate
expires
Wed, 31 Dec 1969 23:59:59 GMT
strict-transport-security
max-age=15768000;includeSubdomains;always
cf-cache-status
DYNAMIC
content-security-policy-report-only
block-all-mixed-content; base-uri 'none'; default-src 'self' *.visa.com; script-src-elem 'self' https://assets.secure.checkout.visa.com https://thm.visa.com https://secure.checkout.visa.com https://api-mastercard-src.nd.nudatasecurity.com https://www.aexp-static.com https://aug.americanexpress.com https://srcdcf.americanexpress.com https://webapp.src.discover.com https://dcf.src.discover.com https://src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com *.optimizely.com https://www.googletagmanager.com https://www.google-analytics.com https://maps.googleapis.com https://payments.google.com https://spay.samsung.com https://policy.cookiereports.com https://translate.google.com *.googleapis.com *.google-analytics.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://qwww.aexp-static.com https://sandbox-assets.secure.checkout.visa.com https://cdncache-a.akamaihd.net *.discover.com *.mastercard.com *.googletagmanager.com https://gateway.zscalertwo.net https://gateway.zscalerthree.net https://gateway.zscloud.net https://gateway.zscalergov.net https://gateway.zscaler.net https://gateway.zscalerone.net *.amazonaws.com https://cdn.appdynamics.com *.akamaihd.net *.opendns.com *.trendmicro.com 'unsafe-inline' 'unsafe-eval' ; script-src 'self' https://assets.secure.checkout.visa.com https://thm.visa.com https://secure.checkout.visa.com https://api-mastercard-src.nd.nudatasecurity.com https://www.aexp-static.com https://aug.americanexpress.com https://srcdcf.americanexpress.com https://webapp.src.discover.com https://dcf.src.discover.com https://src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com *.optimizely.com https://www.googletagmanager.com https://www.google-analytics.com https://maps.googleapis.com https://payments.google.com https://spay.samsung.com https://policy.cookiereports.com https://translate.google.com *.googleapis.com *.google-analytics.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://qwww.aexp-static.com https://sandbox-assets.secure.checkout.visa.com https://cdncache-a.akamaihd.net *.discover.com *.mastercard.com *.googletagmanager.com https://gateway.zscalertwo.net https://gateway.zscalerthree.net https://gateway.zscloud.net https://gateway.zscalergov.net https://gateway.zscaler.net https://gateway.zscalerone.net *.amazonaws.com https://cdn.appdynamics.com *.akamaihd.net *.opendns.com *.trendmicro.com 'unsafe-inline' 'unsafe-eval' ; frame-src data: 'self' https://h.online-metrix.net *.visa.com *.mastercard.com *.americanexpress.com *.aexp-static.com *.assets.mastercard.com https://webapp.src.discover.com https://dcf.src.discover.com https://src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com *.doubleclick.net *.online-metrix.net https://www.googletagmanager.com *.googleapis.com *.cardinalcommerce.com *.opendns.com; style-src 'self' *.secure.checkout.visa.com https://fonts.googleapis.com https://translate.googleapis.com https://icm.aexp-static.com *.assets.mastercard.com https://webapp.src.discover.com https://dcf.src.discover.com https://src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com https://fonts.googleapis.com https://translate.googleapis.com *.googleapis.com 'unsafe-inline'; style-src-elem 'self' *.secure.checkout.visa.com https://fonts.googleapis.com https://translate.googleapis.com https://icm.aexp-static.com *.assets.mastercard.com https://fonts.googleapis.com https://translate.googleapis.com *.googleapis.com 'unsafe-inline'; img-src data: 'self' *.discover.com *.americanexpress.com https://cdn.betread.com https://l.betrad.com *.secure.checkout.visa.com https://cdn.betrad.com https://assets.secure.checkout.visa.com https://thm.visa.com https://secure.checkout.visa.com https://webapp.src.discover.com https://dcf.src.discover.com https://src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com https://src.mastercard.com *.mastercard.com https://api-mastercard-src.nd.nudatasecurity.com https://www.aexp-static.com *.optimizely.com *.doubleclick.net *.online-metrix.net https://www.google-analytics.com https://www.google.com https://maps.gstatic.com https://www.staticv.me https://www.gstatic.com https://translate.google.com https://translate.googleapis.com https://www.googletagmanager.com *.google.com *.staticv.me *.twitter.com *.opendns.com h.online-metrix.net ; connect-src 'self' *.visa.com *.google-analytics.com *.optimizely.com *.doubleclick.net https://translate.googleapis.com *.googleapis.com https://code.jquery.com *.googletagmanager.com *.secure.checkout.visa.com https://srcservicing-qa.americanexpress.com https://sandbox.src.mastercard.com https://webapp.src.discover.com https://dcf.src.discover.com https://src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com wss://secure.checkout.visa.com; media-src 'none'; font-src data: 'self' https://www.aexp-static.com https://fonts.gstatic.com *.visa.com https://fonts.googleapis.com *.googleusercontent.com; object-src 'self' https://thm.visa.com; report-uri /logging/logCSPReport; report-to csp-endpoint
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
pragma
no-cache
report-to
{ "group": "csp-endpoint", "max_age": 10886400, "endpoints": [{ "url": "/logging/logCSPReport" }] }, { "max_age": 10886400, "endpoints": [{ "url": "/logging/logCSPReport" }] }
x-content-type-options
nosniff
x-correlation-id
1_1627898696_279_74_b2k8l73-57b69697-649k_CHECKOUT-WIDGET
x-served-by
b2k8l73-57b69697-649k
x-xss-protection
1; mode=block
vary
Accept-Encoding
server
cloudflare
content-encoding
br
config
secure.checkout.visa.com/checkout-widget/ Frame 95E1 		54 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.checkout.visa.com/checkout-widget/config?apikey=A92M10WGYXL33W8YRN2E21fGMPqgYFqeU0t1kMgY45yX-BGw0&externalClientId=100084&externalProfileId=&parentUrl=https%3A%2F%2Fpay.bm.pl%2Fergohestiak06&locale=&country=&browserLocale=&countryCode=&formFactor=WEB&isSplunkLoggingEnabled=true&isVsbMerchant=false&buttonElement=true&postMessageId=VKy6FDXmh8&allowCXO=false&buttonPosition=&postmessage=true&allowRXO=true
Requested by
Host: assets.secure.checkout.visa.com
URL: https://assets.secure.checkout.visa.com/checkout-widget/resources/js/integration/v1/sdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.19.208.81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
859b40f817c3cffa92b638606b7120ef6e10e0d5a12710c6f54ada212d835d82
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;includeSubdomains;always
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
secure.checkout.visa.com
:scheme
https
:path
/checkout-widget/config?apikey=A92M10WGYXL33W8YRN2E21fGMPqgYFqeU0t1kMgY45yX-BGw0&externalClientId=100084&externalProfileId=&parentUrl=https%3A%2F%2Fpay.bm.pl%2Fergohestiak06&locale=&country=&browserLocale=&countryCode=&formFactor=WEB&isSplunkLoggingEnabled=true&isVsbMerchant=false&buttonElement=true&postMessageId=VKy6FDXmh8&allowCXO=false&buttonPosition=&postmessage=true&allowRXO=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfruid=727a44e2b753fb4ec729e50f854009f61466a2ea-1627898696
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 10:04:56 GMT
content-type
text/html;charset=UTF-8
cf-ray
67867c232aea3a2f-CDG
cache-control
no-cache, no-store, must-revalidate
expires
Wed, 31 Dec 1969 23:59:59 GMT
strict-transport-security
max-age=15768000;includeSubdomains;always
cf-cache-status
DYNAMIC
content-security-policy-report-only
block-all-mixed-content; base-uri 'none'; default-src 'self' *.visa.com; script-src-elem 'self' https://assets.secure.checkout.visa.com https://thm.visa.com https://secure.checkout.visa.com https://api-mastercard-src.nd.nudatasecurity.com https://www.aexp-static.com https://aug.americanexpress.com https://srcdcf.americanexpress.com https://webapp.src.discover.com https://dcf.src.discover.com https://src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com *.optimizely.com https://www.googletagmanager.com https://www.google-analytics.com https://maps.googleapis.com https://payments.google.com https://spay.samsung.com https://policy.cookiereports.com https://translate.google.com *.googleapis.com *.google-analytics.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://qwww.aexp-static.com https://sandbox-assets.secure.checkout.visa.com https://cdncache-a.akamaihd.net *.discover.com *.mastercard.com *.googletagmanager.com https://gateway.zscalertwo.net https://gateway.zscalerthree.net https://gateway.zscloud.net https://gateway.zscalergov.net https://gateway.zscaler.net https://gateway.zscalerone.net *.amazonaws.com https://cdn.appdynamics.com *.akamaihd.net *.opendns.com *.trendmicro.com 'unsafe-inline' 'unsafe-eval' ; script-src 'self' https://assets.secure.checkout.visa.com https://thm.visa.com https://secure.checkout.visa.com https://api-mastercard-src.nd.nudatasecurity.com https://www.aexp-static.com https://aug.americanexpress.com https://srcdcf.americanexpress.com https://webapp.src.discover.com https://dcf.src.discover.com https://src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com *.optimizely.com https://www.googletagmanager.com https://www.google-analytics.com https://maps.googleapis.com https://payments.google.com https://spay.samsung.com https://policy.cookiereports.com https://translate.google.com *.googleapis.com *.google-analytics.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://qwww.aexp-static.com https://sandbox-assets.secure.checkout.visa.com https://cdncache-a.akamaihd.net *.discover.com *.mastercard.com *.googletagmanager.com https://gateway.zscalertwo.net https://gateway.zscalerthree.net https://gateway.zscloud.net https://gateway.zscalergov.net https://gateway.zscaler.net https://gateway.zscalerone.net *.amazonaws.com https://cdn.appdynamics.com *.akamaihd.net *.opendns.com *.trendmicro.com 'unsafe-inline' 'unsafe-eval' ; frame-src data: 'self' https://h.online-metrix.net *.visa.com *.mastercard.com *.americanexpress.com *.aexp-static.com *.assets.mastercard.com https://webapp.src.discover.com https://dcf.src.discover.com https://src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com *.doubleclick.net *.online-metrix.net https://www.googletagmanager.com *.googleapis.com *.cardinalcommerce.com *.opendns.com; style-src 'self' *.secure.checkout.visa.com https://fonts.googleapis.com https://translate.googleapis.com https://icm.aexp-static.com *.assets.mastercard.com https://webapp.src.discover.com https://dcf.src.discover.com https://src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com https://fonts.googleapis.com https://translate.googleapis.com *.googleapis.com 'unsafe-inline'; style-src-elem 'self' *.secure.checkout.visa.com https://fonts.googleapis.com https://translate.googleapis.com https://icm.aexp-static.com *.assets.mastercard.com https://fonts.googleapis.com https://translate.googleapis.com *.googleapis.com 'unsafe-inline'; img-src data: 'self' *.discover.com *.americanexpress.com https://cdn.betread.com https://l.betrad.com *.secure.checkout.visa.com https://cdn.betrad.com https://assets.secure.checkout.visa.com https://thm.visa.com https://secure.checkout.visa.com https://webapp.src.discover.com https://dcf.src.discover.com https://src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com https://src.mastercard.com *.mastercard.com https://api-mastercard-src.nd.nudatasecurity.com https://www.aexp-static.com *.optimizely.com *.doubleclick.net *.online-metrix.net https://www.google-analytics.com https://www.google.com https://maps.gstatic.com https://www.staticv.me https://www.gstatic.com https://translate.google.com https://translate.googleapis.com https://www.googletagmanager.com *.google.com *.staticv.me *.twitter.com *.opendns.com h.online-metrix.net ; connect-src 'self' *.visa.com *.google-analytics.com *.optimizely.com *.doubleclick.net https://translate.googleapis.com *.googleapis.com https://code.jquery.com *.googletagmanager.com *.secure.checkout.visa.com https://srcservicing-qa.americanexpress.com https://sandbox.src.mastercard.com https://webapp.src.discover.com https://dcf.src.discover.com https://src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com wss://secure.checkout.visa.com; media-src 'none'; font-src data: 'self' https://www.aexp-static.com https://fonts.gstatic.com *.visa.com https://fonts.googleapis.com *.googleusercontent.com; object-src 'self' https://thm.visa.com; report-uri /logging/logCSPReport; report-to csp-endpoint
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
pragma
no-cache
report-to
{ "group": "csp-endpoint", "max_age": 10886400, "endpoints": [{ "url": "/logging/logCSPReport" }] }, { "max_age": 10886400, "endpoints": [{ "url": "/logging/logCSPReport" }] }
x-content-type-options
nosniff
x-correlation-id
1_1627898696_574_41799_b2k8l73-57b69697f6_CHECKOUT-WIDGET
x-served-by
b2k8l73-57b69697f6
x-xss-protection
1; mode=block
vary
Accept-Encoding
server
cloudflare
content-encoding
br
gtm.js
www.googletagmanager.com/ Frame 7958 		749 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KD2D59&l=vxo_data_layer
Requested by
Host: secure.checkout.visa.com
URL: https://secure.checkout.visa.com/checkout-widget/gtm?apikey=A92M10WGYXL33W8YRN2E21fGMPqgYFqeU0t1kMgY45yX-BGw0&externalClientId=100084&externalProfileId=&parentUrl=https%3A%2F%2Fpay.bm.pl%2Fergohestiak06&locale=&country=&browserLocale=&countryCode=&formFactor=WEB&isSplunkLoggingEnabled=true&isVsbMerchant=false&buttonElement=true&allowCXO=false&buttonPosition=&postmessage=true&allowRXO=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cbe9f8c29fab447a99317fb763fee1edbac1f085b87561c616786c019cf22073
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://secure.checkout.visa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 10:04:56 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61400
x-xss-protection
0
last-modified
Mon, 02 Aug 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 02 Aug 2021 10:04:56 GMT
m=_b,_tp
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dUSdnBC72Vo.es5.O/am=QgAB/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrh5k... Frame C98D 		146 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dUSdnBC72Vo.es5.O/am=QgAB/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrh5kjStJhKyD9coeur35TeWZ9bjqg/m=_b,_tp
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fpay.bm.pl&mid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9aacdbdb6bafe0779c1a38df982474188e063f3c26749b96b4d4359d909c35f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Jul 2021 16:37:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
408469
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52277
x-xss-protection
0
last-modified
Wed, 28 Jul 2021 05:35:50 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Jul 2022 16:37:07 GMT
m=byfTOb,lsjVmc,LEikZe
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dUSdnBC72Vo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.hvx... Frame C98D 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dUSdnBC72Vo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.hvx1T9MQpx8.L.B1.O/am=QgAB/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/rs=AMitfrgiJYR3GvmNCLIknWuLg3A3pl4DRw/m=byfTOb,lsjVmc,LEikZe
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dUSdnBC72Vo.es5.O/am=QgAB/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrh5kjStJhKyD9coeur35TeWZ9bjqg/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
404ca89146ac256a0f00f94b150c843376e720ba3421bfd5a8d1512e3fb696f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Jul 2021 16:37:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
408468
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13289
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 05:27:13 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Jul 2022 16:37:08 GMT
m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dUSdnBC72Vo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.hvx... Frame C98D 		72 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dUSdnBC72Vo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.hvx1T9MQpx8.L.B1.O/am=QgAB/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/ed=1/wt=2/rs=AMitfrgiJYR3GvmNCLIknWuLg3A3pl4DRw/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dUSdnBC72Vo.es5.O/am=QgAB/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrh5kjStJhKyD9coeur35TeWZ9bjqg/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0f3bcfe729905277534b8e131b5294df01fb61c34b8d2b5a11cc38b4b4f3455
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Jul 2021 16:37:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
408467
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26669
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 05:27:13 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Jul 2022 16:37:09 GMT
analytics.js
www.google-analytics.com/ Frame C98D 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dUSdnBC72Vo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.hvx1T9MQpx8.L.B1.O/am=QgAB/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/ed=1/wt=2/rs=AMitfrgiJYR3GvmNCLIknWuLg3A3pl4DRw/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
3075
date
Mon, 02 Aug 2021 09:13:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Mon, 02 Aug 2021 11:13:41 GMT
pay
pay.google.com/gp/p/ui/ Frame C98D 		1 MB
348 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/pay
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dUSdnBC72Vo.es5.O/am=QgAB/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrh5kjStJhKyD9coeur35TeWZ9bjqg/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c09::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e9d2dfa368d26b775dc12171ee2f94f864cf9c76fe2ddb790450bd9bac231f22
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-2kOxTXlxBgdrjH03yV9DjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-2kOxTXlxBgdrjH03yV9DjA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge
server
ESF
cross-origin-opener-policy
unsafe-none; report-to="InstantbuyFrontendBuyflowPayUi"
date
Mon, 02 Aug 2021 10:04:56 GMT
x-frame-options
DENY
report-to
{"group":"InstantbuyFrontendBuyflowPayUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayUi/external"}]}
content-type
text/html; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
private, max-age=3600
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-2kOxTXlxBgdrjH03yV9DjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-2kOxTXlxBgdrjH03yV9DjA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
expires
Mon, 02 Aug 2021 10:04:56 GMT
log
play.google.com/ Frame C98D 		131 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dUSdnBC72Vo.es5.O/am=QgAB/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrh5kjStJhKyD9coeur35TeWZ9bjqg/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 02 Aug 2021 10:04:56 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Mon, 02 Aug 2021 10:04:56 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://pay.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://pay.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Mon, 02 Aug 2021 10:04:56 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 02 Aug 2021 10:04:56 GMT
cache-control
private
log
play.google.com/ Frame C98D 		131 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dUSdnBC72Vo.es5.O/am=QgAB/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrh5kjStJhKyD9coeur35TeWZ9bjqg/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 02 Aug 2021 10:04:56 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Mon, 02 Aug 2021 10:04:56 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://pay.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://pay.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Mon, 02 Aug 2021 10:04:56 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 02 Aug 2021 10:04:56 GMT
cache-control
private
log
play.google.com/ Frame C98D 		131 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dUSdnBC72Vo.es5.O/am=QgAB/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrh5kjStJhKyD9coeur35TeWZ9bjqg/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 02 Aug 2021 10:04:56 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Mon, 02 Aug 2021 10:04:56 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://pay.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://pay.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Mon, 02 Aug 2021 10:04:56 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 02 Aug 2021 10:04:56 GMT
cache-control
private
m=Wt6vjf,_latency,FCpbqb,WhJNk,EFQ78c
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dUSdnBC72Vo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.hvx... Frame C98D 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dUSdnBC72Vo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.hvx1T9MQpx8.L.B1.O/am=QgAB/d=1/exm=Das5Le,IZT63,LEikZe,PrPYRd,Ru0Pgb,ZyYHPb,_b,_tp,byfTOb,hc6Ubd,lsjVmc,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/ed=1/wt=2/rs=AMitfrgiJYR3GvmNCLIknWuLg3A3pl4DRw/m=Wt6vjf,_latency,FCpbqb,WhJNk,EFQ78c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dUSdnBC72Vo.es5.O/am=QgAB/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrh5kjStJhKyD9coeur35TeWZ9bjqg/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d412a91cba31ba2fecf18f9569b682355587bbe5738124abf5524877657d1035
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Jul 2021 16:37:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
408464
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10272
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 05:27:13 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Jul 2022 16:37:12 GMT
m=lwddkf
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dUSdnBC72Vo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.hvx... Frame C98D 		260 B
192 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dUSdnBC72Vo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.hvx1T9MQpx8.L.B1.O/am=QgAB/d=1/exm=Das5Le,EFQ78c,FCpbqb,IZT63,LEikZe,PrPYRd,Ru0Pgb,WhJNk,Wt6vjf,ZyYHPb,_b,_latency,_tp,byfTOb,hc6Ubd,lsjVmc,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/ed=1/wt=2/rs=AMitfrgiJYR3GvmNCLIknWuLg3A3pl4DRw/m=lwddkf
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dUSdnBC72Vo.es5.O/am=QgAB/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrh5kjStJhKyD9coeur35TeWZ9bjqg/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
26b6a29d18339a5cf68bc6d4e17b6a52c2f0de7cbe79ea9d74a4886e57995561
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Jul 2021 16:37:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
408464
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
168
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 05:27:13 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Jul 2022 16:37:12 GMT
matomo.php
piwik.blue.pl/ 		0
142 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://piwik.blue.pl/matomo.php?e_c=Sciezka%20platnosci_Wybierz%20forme%20zaplaty&e_a=Wyswietlenie%20strony_Partner%3A101160_Produkt%3AECOMMERCE_TransID%3AAE6KCPPRBD_Kwota%3A461&ca=1&idsite=42&rec=1&r=876677&h=12&m=4&s=55&url=https%3A%2F%2Fpay.bm.pl%2Fergohestiak06&urlref=https%3A%2F%2Fs.bm.pl%2F&_id=e347fad0d3bea928&_idn=0&_refts=1627898696&_ref=https%3A%2F%2Fs.bm.pl%2F&send_image=0&cookie=1&res=1600x1200&pf_net=135&pf_srv=84&pf_tfr=1&pf_dm1=208&pf_dm2=173&pf_onl=1&pv_id=UBhhml
Requested by
Host: piwik.blue.pl
URL: https://piwik.blue.pl/matomo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.139.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-139-101.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.38 (Debian) / PHP/7.4.21
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin
https://pay.bm.pl
date
Mon, 02 Aug 2021 10:04:56 GMT
access-control-allow-credentials
true
server
Apache/2.4.38 (Debian)
x-powered-by
PHP/7.4.21
log
play.google.com/ Frame C98D 		131 B
429 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dUSdnBC72Vo.es5.O/am=QgAB/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrh5kjStJhKyD9coeur35TeWZ9bjqg/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 02 Aug 2021 10:04:56 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Mon, 02 Aug 2021 10:04:56 GMT
logEvent
secure.checkout.visa.com/logging/ Frame 95E1 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.checkout.visa.com/logging/logEvent
Requested by
Host: secure.checkout.visa.com
URL: https://secure.checkout.visa.com/checkout-widget/config?apikey=A92M10WGYXL33W8YRN2E21fGMPqgYFqeU0t1kMgY45yX-BGw0&externalClientId=100084&externalProfileId=&parentUrl=https%3A%2F%2Fpay.bm.pl%2Fergohestiak06&locale=&country=&browserLocale=&countryCode=&formFactor=WEB&isSplunkLoggingEnabled=true&isVsbMerchant=false&buttonElement=true&postMessageId=VKy6FDXmh8&allowCXO=false&buttonPosition=&postmessage=true&allowRXO=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.19.208.81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000;includeSubdomains, max-age=15768000;includeSubdomains;always
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

X-VISIT-ID
VID_cbe4d3d8-4eba-4d35-a4a7-1e379d3a8434
Accept
application/json
X-CORRELATION-ID
1_1627898696_574_41799_b2k8l73-57b69697f6_CHECKOUT-WIDGET
Referer
https://secure.checkout.visa.com/checkout-widget/config?apikey=A92M10WGYXL33W8YRN2E21fGMPqgYFqeU0t1kMgY45yX-BGw0&externalClientId=100084&externalProfileId=&parentUrl=https%3A%2F%2Fpay.bm.pl%2Fergohestiak06&locale=&country=&browserLocale=&countryCode=&formFactor=WEB&isSplunkLoggingEnabled=true&isVsbMerchant=false&buttonElement=true&postMessageId=VKy6FDXmh8&allowCXO=false&buttonPosition=&postmessage=true&allowRXO=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/json

Response headers

date
Mon, 02 Aug 2021 10:04:56 GMT
x-correlation-id
1_1627898696_574_41799_b2k8l73-57b69697f6_CHECKOUT-WIDGET
x-content-security-policy-report-only
default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
cf-cache-status
DYNAMIC
content-security-policy-report-only
default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
vary
Accept-Encoding
x-xss-protection
1; mode=block, 1; mode=block
x-served-by
l73p170
pragma
no-cache
x-app-status
204
server
cloudflare
x-frame-options
SAMEORIGIN
x-webkit-csp-report-only
default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000;includeSubdomains, max-age=15768000;includeSubdomains;always
cache-control
no-cache, no-store, must-revalidate
cf-ray
67867c26ae4e3a2f-CDG
x-content-type-options
nosniff, nosniff
expires
-1
merchant
secure.checkout.visa.com/wallet-services-web/ Frame 95E1 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.checkout.visa.com/wallet-services-web/merchant?profileOwner=100084&profileName=&country=&locale=&formFactor=WEB
Requested by
Host: secure.checkout.visa.com
URL: https://secure.checkout.visa.com/checkout-widget/config?apikey=A92M10WGYXL33W8YRN2E21fGMPqgYFqeU0t1kMgY45yX-BGw0&externalClientId=100084&externalProfileId=&parentUrl=https%3A%2F%2Fpay.bm.pl%2Fergohestiak06&locale=&country=&browserLocale=&countryCode=&formFactor=WEB&isSplunkLoggingEnabled=true&isVsbMerchant=false&buttonElement=true&postMessageId=VKy6FDXmh8&allowCXO=false&buttonPosition=&postmessage=true&allowRXO=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.19.208.81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47ff01c880336f7e0ec7c257bc27c23d4c1b0766a10ee543c45c2a967826970a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains, max-age=15768000;includeSubdomains;always
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept
application/json
X-CORRELATION-ID
1_1627898696_574_41799_b2k8l73-57b69697f6_CHECKOUT-WIDGET
Referer
https://secure.checkout.visa.com/checkout-widget/config?apikey=A92M10WGYXL33W8YRN2E21fGMPqgYFqeU0t1kMgY45yX-BGw0&externalClientId=100084&externalProfileId=&parentUrl=https%3A%2F%2Fpay.bm.pl%2Fergohestiak06&locale=&country=&browserLocale=&countryCode=&formFactor=WEB&isSplunkLoggingEnabled=true&isVsbMerchant=false&buttonElement=true&postMessageId=VKy6FDXmh8&allowCXO=false&buttonPosition=&postmessage=true&allowRXO=true
API_KEY
A92M10WGYXL33W8YRN2E21fGMPqgYFqeU0t1kMgY45yX-BGw0
X-MERCHANT-API-KEY
A92M10WGYXL33W8YRN2E21fGMPqgYFqeU0t1kMgY45yX-BGw0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/json

Response headers

date
Mon, 02 Aug 2021 10:04:57 GMT
x-correlation-id
1_1627898696_574_41799_b2k8l73-57b69697f6_CHECKOUT-WIDGET
x-content-security-policy-report-only
default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
cf-cache-status
EXPIRED
content-security-policy-report-only
default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
content-encoding
br
vary
Accept-Encoding
x-xss-protection
1; mode=block, 1; mode=block
x-served-by
b2k8l73-7c8f88b5m4f
pragma
no-cache
x-app-status
200
server
cloudflare
x-frame-options
SAMEORIGIN
x-webkit-csp-report-only
default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;includeSubdomains, max-age=15768000;includeSubdomains;always
content-type
application/json;charset=UTF-8
cache-control
public, max-age=14400
cf-ray
67867c26ae523a2f-CDG
v-token
1_{001}:AAMyMEG6YttADbmkVUTX3fCR9B5rVgA8dYBxyYBMvGQ88/Q/yDx/oTXxPhJeGcCQNmOZ50GkvWBISE+hz5YqGRoiYfClqX1cwJgaxelg1DCLNce9FVVZ6cZmP+f128YKmgExZici176rdvQ32bFyZkuD5Z67fGjXygchY7X5uKK99+cBAQpnXVBdYVuOTfcHdEIXWi7EUYILAdoNklLN21oIjQxlpLkEhXXek1C7kBMFIfAjJhp+4t4BrdCMmwuMWXEDAbHKxgy+09PlJrXwoLatqYsv3X3Bt7avdiKBToFlq6E6Bi8so9ySwKQCG4XHJzEKL3ziQ+PpDqIOyVtrgnPP3f+ZEUybM/31Hz1ulE5wMQ9JQ3133fBQqnTNTi1aVCmGKs3mxgycBInTZ7MR1ms24QBz4uqS+pnhueB64ewJDEaB87pIYYHe3PA0VDBPOoZ/0Jh2/xqsuH7iTpr7J+c3olJxrK2XAIGie1bd0+dkHA==
x-content-type-options
nosniff, nosniff
expires
Mon, 02 Aug 2021 14:04:57 GMT
bundle-rxo.min.fe348665e58021effddb135db401192e.css
assets.secure.checkout.visa.com/checkout-widget/resources/css/ Frame 95E1
Redirect Chain
  • https://secure.checkout.visa.com/checkout-widget/resources/css/bundle-rxo.min.fe348665e58021effddb135db401192e.css
  • https://assets.secure.checkout.visa.com/checkout-widget/resources/css/bundle-rxo.min.fe348665e58021effddb135db401192e.css
0
185 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://assets.secure.checkout.visa.com/checkout-widget/resources/css/bundle-rxo.min.fe348665e58021effddb135db401192e.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.18.24.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;includeSubdomains;always
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.checkout.visa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 10:04:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
290365
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 27 Jul 2021 21:24:12 GMT
server
cloudflare
etag
W/"6100797c-78588"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000;includeSubdomains;always
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
67867c2aed63edab-CDG
expires
Tue, 02 Aug 2022 10:04:57 GMT

Redirect headers

location
https://assets.secure.checkout.visa.com/checkout-widget/resources/css/bundle-rxo.min.fe348665e58021effddb135db401192e.css
date
Mon, 02 Aug 2021 10:04:57 GMT
server
cloudflare
cf-ray
67867c2a9a2f3a2f-CDG
content-length
0
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
bundle-common.min.f7f0b1ebda5add0b724c9aebc02d1ddd.js
assets.secure.checkout.visa.com/checkout-widget/resources/js/ Frame 95E1
Redirect Chain
  • https://secure.checkout.visa.com/checkout-widget/resources/js/bundle-common.min.f7f0b1ebda5add0b724c9aebc02d1ddd.js
  • https://assets.secure.checkout.visa.com/checkout-widget/resources/js/bundle-common.min.f7f0b1ebda5add0b724c9aebc02d1ddd.js
0
120 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://assets.secure.checkout.visa.com/checkout-widget/resources/js/bundle-common.min.f7f0b1ebda5add0b724c9aebc02d1ddd.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.18.24.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;includeSubdomains;always
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.checkout.visa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 10:04:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
290365
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 27 Jul 2021 21:24:12 GMT
server
cloudflare
etag
W/"6100797c-5bcb3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000;includeSubdomains;always
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
67867c2aed66edab-CDG
expires
Tue, 02 Aug 2022 10:04:57 GMT

Redirect headers

location
https://assets.secure.checkout.visa.com/checkout-widget/resources/js/bundle-common.min.f7f0b1ebda5add0b724c9aebc02d1ddd.js
date
Mon, 02 Aug 2021 10:04:57 GMT
server
cloudflare
cf-ray
67867c2a9a323a2f-CDG
content-length
0
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
bundle-rxo.min.cb51492130251445ca9b13c7c909af00.js
assets.secure.checkout.visa.com/checkout-widget/resources/js/ Frame 95E1
Redirect Chain
  • https://secure.checkout.visa.com/checkout-widget/resources/js/bundle-rxo.min.cb51492130251445ca9b13c7c909af00.js
  • https://assets.secure.checkout.visa.com/checkout-widget/resources/js/bundle-rxo.min.cb51492130251445ca9b13c7c909af00.js
0
612 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://assets.secure.checkout.visa.com/checkout-widget/resources/js/bundle-rxo.min.cb51492130251445ca9b13c7c909af00.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.18.24.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;includeSubdomains;always
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.checkout.visa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 10:04:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
290372
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 27 Jul 2021 21:24:12 GMT
server
cloudflare
etag
W/"6100797c-296be9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000;includeSubdomains;always
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
67867c2aed65edab-CDG
expires
Tue, 02 Aug 2022 10:04:57 GMT

Redirect headers

location
https://assets.secure.checkout.visa.com/checkout-widget/resources/js/bundle-rxo.min.cb51492130251445ca9b13c7c909af00.js
date
Mon, 02 Aug 2021 10:04:57 GMT
server
cloudflare
cf-ray
67867c2a9a333a2f-CDG
content-length
0
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vsbSrcSdk.js
assets.secure.checkout.visa.com/checkout-widget/resources/js/vsb/
Redirect Chain
  • https://secure.checkout.visa.com/checkout-widget/resources/js/vsb/vsbSrcSdk.js
  • https://assets.secure.checkout.visa.com/checkout-widget/resources/js/vsb/vsbSrcSdk.js
350 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.secure.checkout.visa.com/checkout-widget/resources/js/vsb/vsbSrcSdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.18.24.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da92ee6f2c0c35f4885a385fdbe11d75480b1b12df0a20ad92c2ee7f7a2567c8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;includeSubdomains;always
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 10:04:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
290368
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Wed, 28 Jul 2021 01:17:05 GMT
server
cloudflare
etag
W/"6100b011-576c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000;includeSubdomains;always
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
67867c2aed67edab-CDG
expires
Mon, 02 Aug 2021 11:04:57 GMT

Redirect headers

location
https://assets.secure.checkout.visa.com/checkout-widget/resources/js/vsb/vsbSrcSdk.js
date
Mon, 02 Aug 2021 10:04:57 GMT
server
cloudflare
cf-ray
67867c2a9a393a2f-CDG
content-length
0
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
button.png
assets.secure.checkout.visa.com/wallet-services-web/xo/
Redirect Chain
  • https://secure.checkout.visa.com/wallet-services-web/xo/button.png?cobrand=false&svg=true&legacy=false&orderedCardBrands=VISA
  • https://assets.secure.checkout.visa.com/wallet-services-web/xo/button.png?cobrand=false&svg=true&legacy=false&orderedCardBrands=VISA
20 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.secure.checkout.visa.com/wallet-services-web/xo/button.png?cobrand=false&svg=true&legacy=false&orderedCardBrands=VISA
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.18.24.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
879d2198201be230f6063e51c8e23eeb1a8dc80a5f3239f5e75e4049cf7a9562
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains, max-age=15768000;includeSubdomains;always
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 10:04:57 GMT
x-correlation-id
2_1627895769_841_219_b2k8l55-74844b787t2f_ARM
x-content-security-policy-report-only
default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
cf-cache-status
HIT
age
2928
content-security-policy-report-only
default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
content-encoding
br
vary
Accept-Encoding
x-xss-protection
1; mode=block, 1; mode=block
x-served-by
b2k8l55-7c958c9f8-6d44
cf-ray
67867c2aed62edab-CDG
pragma
no-cache
last-modified
Mon, 02 Aug 2021 09:16:09 GMT
server
cloudflare
cache-control
public, max-age=14400
x-frame-options
SAMEORIGIN
x-webkit-csp-report-only
default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;includeSubdomains, max-age=15768000;includeSubdomains;always
content-language
en-US
access-control-allow-origin
*
x-app-status
200
content-type
image/svg+xml;charset=UTF-8
v-token
2_{001}:AARQMTdBddwNYZbjGrZ3+tiZaff7Bq2n4AibOAnrArSiJLVP2VOF/0UZCXzcWnnh7016aro9lcdzGNaRrfBpzNh5x7dBDMgKCGqTb4t9A+cntN1ybqzSdl7PEKJx9HqRR8IOSJm9sh8655C8bO4DbPkNj9NbCDf9SMGH72TjkSMvOFTtLHmn5k4UdQXEHhrFPiC5lh/BT/rC4/gQOOACQj9I4QKTwtiPCUsU1Tb4G2jf0DzA7XI1n9UXAXYcGcJa+yX+DnxrLBvbxwfYPA6yoTvjAp0TAoW3ijtZ/7FVfN996crGX4Ud9YIWeCOZxl9GeWE+3GjF9+k6QdShY3DGuK3Bc1tCAS6k5xcyB4OT75ThyWoydyHBzp2TRf39XLUhFfwywORhMeB9mygBypkGNaQleFE9FSrMFz+9/XKa1A3zjA==
x-content-type-options
nosniff, nosniff
expires
Mon, 02 Aug 2021 14:04:57 GMT

Redirect headers

location
https://assets.secure.checkout.visa.com/wallet-services-web/xo/button.png?cobrand=false&svg=true&legacy=false&orderedCardBrands=VISA
date
Mon, 02 Aug 2021 10:04:57 GMT
server
cloudflare
cf-ray
67867c2a9a3f3a2f-CDG
content-length
0
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
analytics.js
www.google-analytics.com/ Frame 7958 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KD2D59&l=vxo_data_layer
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.checkout.visa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
1703
date
Mon, 02 Aug 2021 09:36:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Mon, 02 Aug 2021 11:36:34 GMT
collect
www.google-analytics.com/ Frame 7958 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.checkout.visa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 10:04:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://secure.checkout.visa.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame 7958 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.checkout.visa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 10:04:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://secure.checkout.visa.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame 7958 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&aip=1&a=1576822632&t=event&ni=0&_s=1&dl=https%3A%2F%2Fsecure.checkout.visa.com%2Fcheckout-widget%2Fgtm%3Fapikey%3DA92M10WGYXL33W8YRN2E21fGMPqgYFqeU0t1kMgY45yX-BGw0%26externalClientId%3D100084%26externalProfileId%3D%26parentUrl%3Dhttps%253A%252F%252Fpay.bm.pl%252Fergohestiak06%26locale%3D%26country%3D%26browserLocale%3D%26countryCode%3D%26formFactor%3DWEB%26isSplunkLoggingEnabled%3Dtrue%26isVsbMerchant%3Dfalse%26buttonElement%3Dtrue%26allowCXO%3Dfalse%26buttonPosition%3D%26postmessage%3Dtrue%26allowRXO%3Dtrue&ul=en-us&de=UTF-8&dt=VME%20GTM&sd=24-bit&sr=1600x1200&vp=&je=0&ec=flow&ea=flow&el=flow&_u=YIAAAAAB~&cid=VID_cbe4d3d8-4eba-4d35-a4a7-1e379d3a8434&tid=UA-61684798-2&_gid=348463740.1627898697&gtm=2wg7s0KD2D59&cd3=undefined&cd5=1_1627898696_574_41799_b2k8l73-57b69697f6_CHECKOUT-WIDGET&cd16=Merchant&cd17=VDCP-INO&cd19=undefined&cd23=undefined&cd31=15&cd36=undefined&cd39=undefined&cd69=VID_cbe4d3d8-4eba-4d35-a4a7-1e379d3a8434&cd71=undefined&cd73=undefined&cd79=undefined&cd81=undefined&cd88=VDCP-INO&cd100=true&cd101=false&cd102=false&cd108=default-OUT&cd120=undefined&cd122=web&cd127=undefined&cd128=undefined&cd131=undefined&cd135=undefined&cd153=undefined&cd164=undefined&cd165=undefined&cd167=undefined&cd169=undefined&cd171=undefined&cd173=undefined&cd174=undefined&cd175=undefined&cd178=undefined&cd179=undefined&cd181=undefined&cd183=undefined&cd184=undefined&cd185=undefined&cd186=undefined&cd187=undefined&cd189=undefined&cd190=undefined&cd191=undefined&cd192=undefined&cd193=undefined&cd194=undefined&cd195=undefined&z=15342382
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.checkout.visa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Aug 2021 21:30:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
45266
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
visaSdk.js
assets.secure.checkout.visa.com/checkout-widget/resources/js/src-i-adapter/
Redirect Chain
  • https://secure.checkout.visa.com/checkout-widget/resources/js/src-i-adapter/visaSdk.js
  • https://assets.secure.checkout.visa.com/checkout-widget/resources/js/src-i-adapter/visaSdk.js
244 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.secure.checkout.visa.com/checkout-widget/resources/js/src-i-adapter/visaSdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.18.24.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce5b268b0f7b16bb037e01bfbbd6225949ea5d923605ef3fed1eac3e8c2664f2
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;includeSubdomains;always
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 10:04:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
290365
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Wed, 28 Jul 2021 01:17:06 GMT
server
cloudflare
etag
W/"6100b012-3d029"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000;includeSubdomains;always
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
67867c2bcdf0edab-CDG
expires
Mon, 02 Aug 2021 11:04:57 GMT

Redirect headers

location
https://assets.secure.checkout.visa.com/checkout-widget/resources/js/src-i-adapter/visaSdk.js
date
Mon, 02 Aug 2021 10:04:57 GMT
server
cloudflare
cf-ray
67867c2b8b2a3a2f-CDG
content-length
0
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
collect
www.google-analytics.com/ Frame 7958 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&aip=1&a=1576822632&t=event&ni=0&_s=1&dl=https%3A%2F%2Fsecure.checkout.visa.com%2Fcheckout-widget%2Fgtm%3Fapikey%3DA92M10WGYXL33W8YRN2E21fGMPqgYFqeU0t1kMgY45yX-BGw0%26externalClientId%3D100084%26externalProfileId%3D%26parentUrl%3Dhttps%253A%252F%252Fpay.bm.pl%252Fergohestiak06%26locale%3D%26country%3D%26browserLocale%3D%26countryCode%3D%26formFactor%3DWEB%26isSplunkLoggingEnabled%3Dtrue%26isVsbMerchant%3Dfalse%26buttonElement%3Dtrue%26allowCXO%3Dfalse%26buttonPosition%3D%26postmessage%3Dtrue%26allowRXO%3Dtrue&ul=en-us&de=UTF-8&dt=VME%20GTM&sd=24-bit&sr=1600x1200&vp=&je=0&ec=VSB%20Merchant%20SDK%20Load&ea=VSB%20Merchant%20SDK%20Load&el=VSB%20Merchant%20SDK%20Load%20%E2%80%93%20Successful&_u=aIAAAAAB~&cid=VID_cbe4d3d8-4eba-4d35-a4a7-1e379d3a8434&tid=UA-61684798-2&_gid=1036469610.1627898698&gtm=2wg7s0KD2D59&cd3=undefined&cd4=Unrecognized&cd5=1_1627898696_574_41799_b2k8l73-57b69697f6_CHECKOUT-WIDGET&cd15=A92M10WGYXL33W8YRN2E21fGMPqgYFqeU0t1kMgY45yX-BGw0&cd16=Merchant&cd17=VDCP-INO&cd19=false&cd23=undefined&cd31=32&cd36=undefined&cd39=false&cd81=undefined&cd88=VDCP-INO&cd100=true&cd101=false&cd102=false&cd120=undefined&cd126=VCO&cd127=false&cd128=false&cd131=undefined&cd134=web&cd135=undefined&cd150=https&cd151=623&cd152=false&cd153=undefined&cd163=SRC%20Eligible&cd164=legacy&cd165=undefined&cd167=undefined&cd169=undefined&cd171=undefined&cd173=undefined&cd174=undefined&cd175=undefined&cd178=undefined&cd179=undefined&cd181=undefined&cd183=undefined&cd184=undefined&cd185=undefined&cd186=undefined&cd187=undefined&cd189=undefined&cd190=undefined&cd191=undefined&cd192=undefined&cd193=undefined&cd194=1.345&cd195=Standard%20button&cd115=undefined&z=765746695
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.checkout.visa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Aug 2021 21:30:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
45266
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
external-src-system
secure.checkout.visa.com/checkout-widget/ Frame AB85 		3 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.checkout.visa.com/checkout-widget/external-src-system?parentUrl=https%3A%2F%2Fpay.bm.pl
Requested by
Host: secure.checkout.visa.com
URL: https://secure.checkout.visa.com/checkout-widget/resources/js/src-i-adapter/visaSdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.19.208.81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
143be20401fa196fdc35a8f37fd2fd29dedcddcdde33484559d73050b5bc4aa8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;includeSubdomains;always
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
secure.checkout.visa.com
:scheme
https
:path
/checkout-widget/external-src-system?parentUrl=https%3A%2F%2Fpay.bm.pl
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfruid=727a44e2b753fb4ec729e50f854009f61466a2ea-1627898696
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 10:04:57 GMT
content-type
text/html;charset=UTF-8
cf-ray
67867c2c4bba3a2f-CDG
cache-control
no-cache, no-store, must-revalidate
expires
Wed, 31 Dec 1969 23:59:59 GMT
strict-transport-security
max-age=15768000;includeSubdomains;always
cf-cache-status
DYNAMIC
content-security-policy-report-only
block-all-mixed-content; base-uri 'none'; default-src 'self' *.visa.com; script-src-elem 'self' https://assets.secure.checkout.visa.com https://thm.visa.com https://secure.checkout.visa.com https://api-mastercard-src.nd.nudatasecurity.com https://www.aexp-static.com https://aug.americanexpress.com https://srcdcf.americanexpress.com https://webapp.src.discover.com https://dcf.src.discover.com https://src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com *.optimizely.com https://www.googletagmanager.com https://www.google-analytics.com https://maps.googleapis.com https://payments.google.com https://spay.samsung.com https://policy.cookiereports.com https://translate.google.com *.googleapis.com *.google-analytics.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://qwww.aexp-static.com https://sandbox-assets.secure.checkout.visa.com https://cdncache-a.akamaihd.net *.discover.com *.mastercard.com *.googletagmanager.com https://gateway.zscalertwo.net https://gateway.zscalerthree.net https://gateway.zscloud.net https://gateway.zscalergov.net https://gateway.zscaler.net https://gateway.zscalerone.net *.amazonaws.com https://cdn.appdynamics.com *.akamaihd.net *.opendns.com *.trendmicro.com 'unsafe-inline' 'unsafe-eval' ; script-src 'self' https://assets.secure.checkout.visa.com https://thm.visa.com https://secure.checkout.visa.com https://api-mastercard-src.nd.nudatasecurity.com https://www.aexp-static.com https://aug.americanexpress.com https://srcdcf.americanexpress.com https://webapp.src.discover.com https://dcf.src.discover.com https://src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com *.optimizely.com https://www.googletagmanager.com https://www.google-analytics.com https://maps.googleapis.com https://payments.google.com https://spay.samsung.com https://policy.cookiereports.com https://translate.google.com *.googleapis.com *.google-analytics.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://qwww.aexp-static.com https://sandbox-assets.secure.checkout.visa.com https://cdncache-a.akamaihd.net *.discover.com *.mastercard.com *.googletagmanager.com https://gateway.zscalertwo.net https://gateway.zscalerthree.net https://gateway.zscloud.net https://gateway.zscalergov.net https://gateway.zscaler.net https://gateway.zscalerone.net *.amazonaws.com https://cdn.appdynamics.com *.akamaihd.net *.opendns.com *.trendmicro.com 'unsafe-inline' 'unsafe-eval' ; frame-src data: 'self' https://h.online-metrix.net *.visa.com *.mastercard.com *.americanexpress.com *.aexp-static.com *.assets.mastercard.com https://webapp.src.discover.com https://dcf.src.discover.com https://src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com *.doubleclick.net *.online-metrix.net https://www.googletagmanager.com *.googleapis.com *.cardinalcommerce.com *.opendns.com; style-src 'self' *.secure.checkout.visa.com https://fonts.googleapis.com https://translate.googleapis.com https://icm.aexp-static.com *.assets.mastercard.com https://webapp.src.discover.com https://dcf.src.discover.com https://src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com https://fonts.googleapis.com https://translate.googleapis.com *.googleapis.com 'unsafe-inline'; style-src-elem 'self' *.secure.checkout.visa.com https://fonts.googleapis.com https://translate.googleapis.com https://icm.aexp-static.com *.assets.mastercard.com https://fonts.googleapis.com https://translate.googleapis.com *.googleapis.com 'unsafe-inline'; img-src data: 'self' *.discover.com *.americanexpress.com https://cdn.betread.com https://l.betrad.com *.secure.checkout.visa.com https://cdn.betrad.com https://assets.secure.checkout.visa.com https://thm.visa.com https://secure.checkout.visa.com https://webapp.src.discover.com https://dcf.src.discover.com https://src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com https://src.mastercard.com *.mastercard.com https://api-mastercard-src.nd.nudatasecurity.com https://www.aexp-static.com *.optimizely.com *.doubleclick.net *.online-metrix.net https://www.google-analytics.com https://www.google.com https://maps.gstatic.com https://www.staticv.me https://www.gstatic.com https://translate.google.com https://translate.googleapis.com https://www.googletagmanager.com *.google.com *.staticv.me *.twitter.com *.opendns.com h.online-metrix.net ; connect-src 'self' *.visa.com *.google-analytics.com *.optimizely.com *.doubleclick.net https://translate.googleapis.com *.googleapis.com https://code.jquery.com *.googletagmanager.com *.secure.checkout.visa.com https://srcservicing-qa.americanexpress.com https://sandbox.src.mastercard.com https://webapp.src.discover.com https://dcf.src.discover.com https://src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com wss://secure.checkout.visa.com; media-src 'none'; font-src data: 'self' https://www.aexp-static.com https://fonts.gstatic.com *.visa.com https://fonts.googleapis.com *.googleusercontent.com; object-src 'self' https://thm.visa.com; report-uri /logging/logCSPReport; report-to csp-endpoint
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
pragma
no-cache
report-to
{ "group": "csp-endpoint", "max_age": 10886400, "endpoints": [{ "url": "/logging/logCSPReport" }] }, { "max_age": 10886400, "endpoints": [{ "url": "/logging/logCSPReport" }] }
x-content-type-options
nosniff
x-correlation-id
1_1627898697_743_126506_b2k8l73-57b69697f6_CHECKOUT-WIDGET
x-served-by
b2k8l73-57b69697f6
x-xss-protection
1; mode=block
vary
Accept-Encoding
server
cloudflare
content-encoding
br
sdk-loader
secure.checkout.visa.com/checkout-widget/ Frame A535 		36 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.checkout.visa.com/checkout-widget/sdk-loader?isSRCBranded=true
Requested by
Host: secure.checkout.visa.com
URL: https://secure.checkout.visa.com/checkout-widget/resources/js/src-i-adapter/visaSdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.19.208.81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c53811ac395c801c7c3881c518a0984f0d6d05108cb3f5701c2a336c07fb0b89
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;includeSubdomains;always
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
secure.checkout.visa.com
:scheme
https
:path
/checkout-widget/sdk-loader?isSRCBranded=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfruid=727a44e2b753fb4ec729e50f854009f61466a2ea-1627898696
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 10:04:57 GMT
content-type
text/html;charset=UTF-8
cf-ray
67867c2c4bbe3a2f-CDG
cache-control
private
expires
Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security
max-age=15768000;includeSubdomains;always
cf-cache-status
DYNAMIC
content-security-policy-report-only
block-all-mixed-content; base-uri 'none'; default-src 'self' *.visa.com; script-src-elem 'self' https://assets.secure.checkout.visa.com https://thm.visa.com https://secure.checkout.visa.com https://api-mastercard-src.nd.nudatasecurity.com https://www.aexp-static.com https://aug.americanexpress.com https://srcdcf.americanexpress.com https://webapp.src.discover.com https://dcf.src.discover.com https://src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com *.optimizely.com https://www.googletagmanager.com https://www.google-analytics.com https://maps.googleapis.com https://payments.google.com https://spay.samsung.com https://policy.cookiereports.com https://translate.google.com *.googleapis.com *.google-analytics.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://qwww.aexp-static.com https://sandbox-assets.secure.checkout.visa.com https://cdncache-a.akamaihd.net *.discover.com *.mastercard.com *.googletagmanager.com https://gateway.zscalertwo.net https://gateway.zscalerthree.net https://gateway.zscloud.net https://gateway.zscalergov.net https://gateway.zscaler.net https://gateway.zscalerone.net *.amazonaws.com https://cdn.appdynamics.com *.akamaihd.net *.opendns.com *.trendmicro.com 'unsafe-inline' 'unsafe-eval' ; script-src 'self' https://assets.secure.checkout.visa.com https://thm.visa.com https://secure.checkout.visa.com https://api-mastercard-src.nd.nudatasecurity.com https://www.aexp-static.com https://aug.americanexpress.com https://srcdcf.americanexpress.com https://webapp.src.discover.com https://dcf.src.discover.com https://src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com *.optimizely.com https://www.googletagmanager.com https://www.google-analytics.com https://maps.googleapis.com https://payments.google.com https://spay.samsung.com https://policy.cookiereports.com https://translate.google.com *.googleapis.com *.google-analytics.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://qwww.aexp-static.com https://sandbox-assets.secure.checkout.visa.com https://cdncache-a.akamaihd.net *.discover.com *.mastercard.com *.googletagmanager.com https://gateway.zscalertwo.net https://gateway.zscalerthree.net https://gateway.zscloud.net https://gateway.zscalergov.net https://gateway.zscaler.net https://gateway.zscalerone.net *.amazonaws.com https://cdn.appdynamics.com *.akamaihd.net *.opendns.com *.trendmicro.com 'unsafe-inline' 'unsafe-eval' ; frame-src data: 'self' https://h.online-metrix.net *.visa.com *.mastercard.com *.americanexpress.com *.aexp-static.com *.assets.mastercard.com https://webapp.src.discover.com https://dcf.src.discover.com https://src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com *.doubleclick.net *.online-metrix.net https://www.googletagmanager.com *.googleapis.com *.cardinalcommerce.com *.opendns.com; style-src 'self' *.secure.checkout.visa.com https://fonts.googleapis.com https://translate.googleapis.com https://icm.aexp-static.com *.assets.mastercard.com https://webapp.src.discover.com https://dcf.src.discover.com https://src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com https://fonts.googleapis.com https://translate.googleapis.com *.googleapis.com 'unsafe-inline'; style-src-elem 'self' *.secure.checkout.visa.com https://fonts.googleapis.com https://translate.googleapis.com https://icm.aexp-static.com *.assets.mastercard.com https://fonts.googleapis.com https://translate.googleapis.com *.googleapis.com 'unsafe-inline'; img-src data: 'self' *.discover.com *.americanexpress.com https://cdn.betread.com https://l.betrad.com *.secure.checkout.visa.com https://cdn.betrad.com https://assets.secure.checkout.visa.com https://thm.visa.com https://secure.checkout.visa.com https://webapp.src.discover.com https://dcf.src.discover.com https://src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com https://src.mastercard.com *.mastercard.com https://api-mastercard-src.nd.nudatasecurity.com https://www.aexp-static.com *.optimizely.com *.doubleclick.net *.online-metrix.net https://www.google-analytics.com https://www.google.com https://maps.gstatic.com https://www.staticv.me https://www.gstatic.com https://translate.google.com https://translate.googleapis.com https://www.googletagmanager.com *.google.com *.staticv.me *.twitter.com *.opendns.com h.online-metrix.net ; connect-src 'self' *.visa.com *.google-analytics.com *.optimizely.com *.doubleclick.net https://translate.googleapis.com *.googleapis.com https://code.jquery.com *.googletagmanager.com *.secure.checkout.visa.com https://srcservicing-qa.americanexpress.com https://sandbox.src.mastercard.com https://webapp.src.discover.com https://dcf.src.discover.com https://src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com wss://secure.checkout.visa.com; media-src 'none'; font-src data: 'self' https://www.aexp-static.com https://fonts.gstatic.com *.visa.com https://fonts.googleapis.com *.googleusercontent.com; object-src 'self' https://thm.visa.com; report-uri /logging/logCSPReport; report-to csp-endpoint
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{ "group": "csp-endpoint", "max_age": 10886400, "endpoints": [{ "url": "/logging/logCSPReport" }] }, { "max_age": 10886400, "endpoints": [{ "url": "/logging/logCSPReport" }] }
x-content-type-options
nosniff
x-correlation-id
1_1627898697_738_86_b2k8l73-57b69697j45_CHECKOUT-WIDGET
x-served-by
b2k8l73-57b69697j45
x-xss-protection
1; mode=block
vary
Accept-Encoding
server
cloudflare
content-encoding
br
srcSysExternalSdk.185b7732.js
assets.secure.checkout.visa.com/checkout-widget/resources/src-system/js/ Frame AB85
Redirect Chain
  • https://secure.checkout.visa.com/checkout-widget/resources/src-system/js/srcSysExternalSdk.185b7732.js
  • https://assets.secure.checkout.visa.com/checkout-widget/resources/src-system/js/srcSysExternalSdk.185b7732.js
738 KB
192 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.secure.checkout.visa.com/checkout-widget/resources/src-system/js/srcSysExternalSdk.185b7732.js
Requested by
Host: secure.checkout.visa.com
URL: https://secure.checkout.visa.com/checkout-widget/external-src-system?parentUrl=https%3A%2F%2Fpay.bm.pl
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.18.24.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a138872b2abbd499a3f28e972988684f1fbf80b44c5051d33c35ae37e7a9402b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;includeSubdomains;always
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.checkout.visa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 10:04:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
290370
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 27 Jul 2021 21:24:12 GMT
server
cloudflare
etag
W/"6100797c-b8950"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000;includeSubdomains;always
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
67867c2d9f77edab-CDG
expires
Mon, 02 Aug 2021 11:04:57 GMT

Redirect headers

location
https://assets.secure.checkout.visa.com/checkout-widget/resources/src-system/js/srcSysExternalSdk.185b7732.js
date
Mon, 02 Aug 2021 10:04:57 GMT
server
cloudflare
cf-ray
67867c2d5ccf3a2f-CDG
content-length
0
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
gtm.js
www.googletagmanager.com/ Frame AB85 		749 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KD2D59
Requested by
Host: secure.checkout.visa.com
URL: https://secure.checkout.visa.com/checkout-widget/external-src-system?parentUrl=https%3A%2F%2Fpay.bm.pl
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b95584d960f1b07fd31f4ca5b91f4553124a176f147dae9db079ed5defb60ce0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://secure.checkout.visa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 10:04:57 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61323
x-xss-protection
0
last-modified
Mon, 02 Aug 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 02 Aug 2021 10:04:57 GMT
vba-2.5.0.min.js
assets.secure.checkout.visa.com/checkout-widget/resources/vba/js/ Frame AB85
Redirect Chain
  • https://secure.checkout.visa.com/checkout-widget/resources/vba/js/vba-2.5.0.min.js
  • https://assets.secure.checkout.visa.com/checkout-widget/resources/vba/js/vba-2.5.0.min.js
681 KB
147 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.secure.checkout.visa.com/checkout-widget/resources/vba/js/vba-2.5.0.min.js
Requested by
Host: secure.checkout.visa.com
URL: https://secure.checkout.visa.com/checkout-widget/external-src-system?parentUrl=https%3A%2F%2Fpay.bm.pl
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.18.24.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1d824c21a9af852879b32748b49cf74ccc062a7a6b5dd44c8f36f971f67c710
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;includeSubdomains;always
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.checkout.visa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 10:04:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
290370
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Mon, 14 Jun 2021 20:11:20 GMT
server
cloudflare
etag
W/"60c7b7e8-aa51b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000;includeSubdomains;always
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
67867c2d9f7aedab-CDG
expires
Mon, 02 Aug 2021 11:04:57 GMT

Redirect headers

location
https://assets.secure.checkout.visa.com/checkout-widget/resources/vba/js/vba-2.5.0.min.js
date
Mon, 02 Aug 2021 10:04:57 GMT
server
cloudflare
cf-ray
67867c2d6cd33a2f-CDG
content-length
0
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
analytics.js
www.google-analytics.com/ Frame AB85 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KD2D59
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.checkout.visa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
1704
date
Mon, 02 Aug 2021 09:36:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Mon, 02 Aug 2021 11:36:34 GMT
recognize
secure.checkout.visa.com/apn/vdcp-web/oauth2/token/idproof/promise/ Frame AB85 		0
275 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://secure.checkout.visa.com/apn/vdcp-web/oauth2/token/idproof/promise/recognize
Requested by
Host: secure.checkout.visa.com
URL: https://secure.checkout.visa.com/checkout-widget/resources/src-system/js/srcSysExternalSdk.185b7732.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.19.208.81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains, max-age=15768000;includeSubdomains;always
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-CORRELATION-ID
1_1627898696_574_41799_b2k8l73-57b69697f6_CHECKOUT-WIDGET
Authorization
Basic QTkyTTEwV0dZWEwzM1c4WVJOMkUyMWZHTVBxZ1lGcWVVMHQxa01nWTQ1eVgtQkd3MA==
Content-Type
application/json
Accept
application/json
Referer
https://secure.checkout.visa.com/checkout-widget/external-src-system?parentUrl=https%3A%2F%2Fpay.bm.pl
X-THMID
vme_prod_001TTwGW2RYsF0gsi2cc9cKW35K9A7F_pemXZP9fJ_oRWnJWpPhHZ1w8ppdPKKnrn4ebQ4FbTPPjxfuIIonNh854r3k
dfpSessionId
vme_prod_001TTwGW2RYsF0gsi2cc9cKW35K9A7F_pemXZP9fJ_oRWnJWpPhHZ1w8ppdPKKnrn4ebQ4FbTPPjxfuIIonNh854r3k

Response headers

date
Mon, 02 Aug 2021 10:04:58 GMT
x-correlation-id
1_1627898696_574_41799_b2k8l73-57b69697f6_CHECKOUT-WIDGET
x-content-security-policy-report-only
default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
cf-cache-status
DYNAMIC
x-internal-service-instrumentation
eyJyZXNwb25zZUNvbnRleHQiOlt7ImtleSI6IlJDIiwidmFsdWUiOiJtaXNzaW5nQ29va2llQ3JlZGVudGlhbCIsInNjb3BlIjoiSFRUUF9SRVNQT05TRV9DT05ESVRJT05BTF9HTE9CQUwifV19
content-security-policy-report-only
default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
vary
Accept-Encoding
x-xss-protection
1; mode=block, 1; mode=block
x-served-by
l73p003m, b2k8l73-66b6646q2
pragma
no-cache
x-app-status
204
server
cloudflare
x-frame-options
SAMEORIGIN
x-webkit-csp-report-only
default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;includeSubdomains, max-age=15768000;includeSubdomains;always
cache-control
no-cache, no-store, must-revalidate
cf-ray
67867c2eeebc3a2f-CDG
x-content-type-options
nosniff, nosniff
expires
-1
logEvent
secure.checkout.visa.com/logging/ Frame AB85 		0
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://secure.checkout.visa.com/logging/logEvent
Requested by
Host: secure.checkout.visa.com
URL: https://secure.checkout.visa.com/checkout-widget/resources/src-system/js/srcSysExternalSdk.185b7732.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.19.208.81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000;includeSubdomains, max-age=15768000;includeSubdomains;always
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept
application/json
X-CORRELATION-ID
1_1627898696_574_41799_b2k8l73-57b69697f6_CHECKOUT-WIDGET
X-THMID
vme_prod_001TTwGW2RYsF0gsi2cc9cKW35K9A7F_pemXZP9fJ_oRWnJWpPhHZ1w8ppdPKKnrn4ebQ4FbTPPjxfuIIonNh854r3k
Referer
https://secure.checkout.visa.com/checkout-widget/external-src-system?parentUrl=https%3A%2F%2Fpay.bm.pl
dfpSessionId
vme_prod_001TTwGW2RYsF0gsi2cc9cKW35K9A7F_pemXZP9fJ_oRWnJWpPhHZ1w8ppdPKKnrn4ebQ4FbTPPjxfuIIonNh854r3k
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 02 Aug 2021 10:04:58 GMT
x-correlation-id
1_1627898696_574_41799_b2k8l73-57b69697f6_CHECKOUT-WIDGET
x-content-security-policy-report-only
default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
cf-cache-status
DYNAMIC
content-security-policy-report-only
default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
vary
Accept-Encoding
x-xss-protection
1; mode=block, 1; mode=block
x-served-by
l73p170
pragma
no-cache
x-app-status
204
server
cloudflare
x-frame-options
SAMEORIGIN
x-webkit-csp-report-only
default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000;includeSubdomains, max-age=15768000;includeSubdomains;always
cache-control
no-cache, no-store, must-revalidate
cf-ray
67867c2eeebe3a2f-CDG
x-content-type-options
nosniff, nosniff
expires
-1
logEvent
secure.checkout.visa.com/logging/ Frame AB85 		0
120 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://secure.checkout.visa.com/logging/logEvent
Requested by
Host: secure.checkout.visa.com
URL: https://secure.checkout.visa.com/checkout-widget/resources/src-system/js/srcSysExternalSdk.185b7732.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.19.208.81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000;includeSubdomains, max-age=15768000;includeSubdomains;always
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept
application/json
X-CORRELATION-ID
1_1627898696_574_41799_b2k8l73-57b69697f6_CHECKOUT-WIDGET
X-THMID
vme_prod_001TTwGW2RYsF0gsi2cc9cKW35K9A7F_pemXZP9fJ_oRWnJWpPhHZ1w8ppdPKKnrn4ebQ4FbTPPjxfuIIonNh854r3k
Referer
https://secure.checkout.visa.com/checkout-widget/external-src-system?parentUrl=https%3A%2F%2Fpay.bm.pl
dfpSessionId
vme_prod_001TTwGW2RYsF0gsi2cc9cKW35K9A7F_pemXZP9fJ_oRWnJWpPhHZ1w8ppdPKKnrn4ebQ4FbTPPjxfuIIonNh854r3k
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 02 Aug 2021 10:04:58 GMT
x-correlation-id
1_1627898696_574_41799_b2k8l73-57b69697f6_CHECKOUT-WIDGET
x-content-security-policy-report-only
default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
cf-cache-status
DYNAMIC
content-security-policy-report-only
default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
vary
Accept-Encoding
x-xss-protection
1; mode=block, 1; mode=block
x-served-by
l73p170
pragma
no-cache
x-app-status
204
server
cloudflare
x-frame-options
SAMEORIGIN
x-webkit-csp-report-only
default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000;includeSubdomains, max-age=15768000;includeSubdomains;always
cache-control
no-cache, no-store, must-revalidate
cf-ray
67867c2eeebf3a2f-CDG
x-content-type-options
nosniff, nosniff
expires
-1
collect
www.google-analytics.com/ Frame AB85 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&aip=1&a=1946965875&t=event&ni=0&_s=1&dl=https%3A%2F%2Fsecure.checkout.visa.com%2Fcheckout-widget%2Fexternal-src-system%3FparentUrl%3Dhttps%253A%252F%252Fpay.bm.pl&ul=en-us&de=UTF-8&dt=Visa%20SRC%20System&sd=24-bit&sr=1600x1200&vp=&je=0&ec=Init%20initiation&ea=Init%20initiation&el=Init%20initiation-API%20Request%20Pending&_u=YIAAAAAB~&cid=VID_cbe4d3d8-4eba-4d35-a4a7-1e379d3a8434&tid=UA-61684798-2&_gid=1891993411.1627898698&gtm=2wg7s0KD2D59&cd3=undefined&cd4=Unrecognized&cd5=1_1627898696_574_41799_b2k8l73-57b69697f6_CHECKOUT-WIDGET&cd15=A92M10WGYXL33W8YRN2E21fGMPqgYFqeU0t1kMgY45yX-BGw0&cd16=Merchant&cd17=VDCP-INO&cd19=undefined&cd23=undefined&cd31=6&cd34=Merchant&cd36=undefined&cd39=false&cd69=VID_cbe4d3d8-4eba-4d35-a4a7-1e379d3a8434&cd71=undefined&cd81=100084&cd83=undefined&cd88=VDCP-INO&cd100=undefined&cd101=undefined&cd102=undefined&cd115=undefined&cd120=undefined&cd121=undefined&cd122=web&cd123=undefined&cd127=undefined&cd128=undefined&cd131=undefined&cd134=web&cd135=undefined&cd150=https&cd153=undefined&cd164=legacy&cd165=SRCi&cd167=undefined&cd169=undefined&cd171=undefined&cd172=VISA&cd173=undefined&cd174=PURCHASE&cd175=undefined&cd178=undefined&cd179=undefined&cd181=undefined&cd182=undefined&cd183=PL&cd184=undefined&cd185=undefined&cd186=undefined&cd187=undefined&cd189=undefined&cd190=undefined&cd191=undefined&cd192=undefined&cd193=undefined&cd194=undefined&cd195=undefined&z=35206370
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.checkout.visa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Aug 2021 21:30:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
45267
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame AB85 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&aip=1&a=1946965875&t=event&ni=0&_s=1&dl=https%3A%2F%2Fsecure.checkout.visa.com%2Fcheckout-widget%2Fexternal-src-system%3FparentUrl%3Dhttps%253A%252F%252Fpay.bm.pl&ul=en-us&de=UTF-8&dt=Visa%20SRC%20System&sd=24-bit&sr=1600x1200&vp=&je=0&ec=Init%20initiation&ea=Init%20initiation&el=Init%20initiation-API%20Response%20Success&_u=YIAAAAAB~&cid=VID_cbe4d3d8-4eba-4d35-a4a7-1e379d3a8434&tid=UA-61684798-2&_gid=2132884571.1627898698&gtm=2wg7s0KD2D59&cd3=undefined&cd4=Unrecognized&cd5=1_1627898696_574_41799_b2k8l73-57b69697f6_CHECKOUT-WIDGET&cd15=A92M10WGYXL33W8YRN2E21fGMPqgYFqeU0t1kMgY45yX-BGw0&cd16=Merchant&cd17=VDCP-INO&cd19=undefined&cd23=undefined&cd31=8&cd34=Merchant&cd36=undefined&cd39=false&cd69=VID_cbe4d3d8-4eba-4d35-a4a7-1e379d3a8434&cd71=undefined&cd81=100084&cd83=undefined&cd88=VDCP-INO&cd100=undefined&cd101=undefined&cd102=undefined&cd115=undefined&cd120=undefined&cd121=undefined&cd122=web&cd123=undefined&cd127=undefined&cd128=undefined&cd131=undefined&cd134=web&cd135=undefined&cd150=https&cd153=undefined&cd164=legacy&cd165=SRCi&cd167=undefined&cd169=undefined&cd171=undefined&cd172=VISA&cd173=undefined&cd174=PURCHASE&cd175=undefined&cd178=undefined&cd179=undefined&cd181=undefined&cd182=undefined&cd183=PL&cd184=undefined&cd185=undefined&cd186=undefined&cd187=undefined&cd189=undefined&cd190=undefined&cd191=undefined&cd192=undefined&cd193=undefined&cd194=undefined&cd195=undefined&z=1681664900
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.checkout.visa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Aug 2021 21:30:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
45267
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame AB85 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&aip=1&a=1946965875&t=event&ni=0&_s=1&dl=https%3A%2F%2Fsecure.checkout.visa.com%2Fcheckout-widget%2Fexternal-src-system%3FparentUrl%3Dhttps%253A%252F%252Fpay.bm.pl&ul=en-us&de=UTF-8&dt=Visa%20SRC%20System&sd=24-bit&sr=1600x1200&vp=&je=0&ec=User%20type%20identification&ea=User%20type%20identification&el=User%20type%20identification-API&_u=YIAAAAAB~&cid=VID_cbe4d3d8-4eba-4d35-a4a7-1e379d3a8434&tid=UA-61684798-2&_gid=1938149212.1627898698&gtm=2wg7s0KD2D59&cd3=undefined&cd4=Unrecognized&cd5=1_1627898696_574_41799_b2k8l73-57b69697f6_CHECKOUT-WIDGET&cd15=A92M10WGYXL33W8YRN2E21fGMPqgYFqeU0t1kMgY45yX-BGw0&cd16=Merchant&cd17=VDCP-INO&cd19=undefined&cd23=undefined&cd31=10&cd34=Merchant&cd36=undefined&cd39=false&cd69=VID_cbe4d3d8-4eba-4d35-a4a7-1e379d3a8434&cd71=undefined&cd81=100084&cd83=undefined&cd88=VDCP-INO&cd100=undefined&cd101=undefined&cd102=undefined&cd115=undefined&cd120=undefined&cd121=undefined&cd122=web&cd123=undefined&cd127=undefined&cd128=undefined&cd131=undefined&cd134=web&cd135=undefined&cd150=https&cd153=undefined&cd164=legacy&cd165=SRCi&cd167=undefined&cd169=undefined&cd171=undefined&cd172=VISA&cd173=undefined&cd174=PURCHASE&cd175=undefined&cd178=undefined&cd179=undefined&cd181=undefined&cd182=undefined&cd183=PL&cd184=Recognized%20user&cd185=false&cd186=false&cd187=true&cd189=undefined&cd190=undefined&cd191=undefined&cd192=undefined&cd193=undefined&cd194=1.345&cd195=Standard%20button&z=1113723245
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.checkout.visa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Aug 2021 21:30:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
45267
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame AB85 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&aip=1&a=1946965875&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsecure.checkout.visa.com%2Fcheckout-widget%2Fexternal-src-system%3FparentUrl%3Dhttps%253A%252F%252Fpay.bm.pl&ul=en-us&de=UTF-8&dt=Visa%20SRC%20System&sd=24-bit&sr=1600x1200&vp=&je=0&ec=javaScript%20error&ea=Script%20error.%20-%200&el=&_u=YIAAAAAB~&cid=VID_cbe4d3d8-4eba-4d35-a4a7-1e379d3a8434&tid=UA-61684798-24&_gid=19716783.1627898698&gtm=2wg7s0KD2D59&cd3=A92M10WGYXL33W8YRN2E21fGMPqgYFqeU0t1kMgY45yX-BGw0&cd2=1_1627898696_574_41799_b2k8l73-57b69697f6_CHECKOUT-WIDGET&z=493733529
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.checkout.visa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Aug 2021 21:30:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
45267
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame AB85 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&aip=1&a=1946965875&t=event&ni=0&_s=1&dl=https%3A%2F%2Fsecure.checkout.visa.com%2Fcheckout-widget%2Fexternal-src-system%3FparentUrl%3Dhttps%253A%252F%252Fpay.bm.pl&ul=en-us&de=UTF-8&dt=Visa%20SRC%20System&sd=24-bit&sr=1600x1200&vp=&je=0&ec=User%20type%20identification&ea=User%20type%20identification&el=User%20type%20identification-API&_u=aIAAAAAB~&cid=VID_cbe4d3d8-4eba-4d35-a4a7-1e379d3a8434&tid=UA-61684798-2&_gid=648306972.1627898699&gtm=2wg7s0KD2D59&cd3=undefined&cd4=Unrecognized&cd5=1_1627898696_574_41799_b2k8l73-57b69697f6_CHECKOUT-WIDGET&cd15=A92M10WGYXL33W8YRN2E21fGMPqgYFqeU0t1kMgY45yX-BGw0&cd16=Merchant&cd17=VDCP-INO&cd19=undefined&cd23=undefined&cd31=14&cd34=Merchant&cd36=undefined&cd39=false&cd69=VID_cbe4d3d8-4eba-4d35-a4a7-1e379d3a8434&cd71=undefined&cd81=undefined&cd83=undefined&cd88=VDCP-INO&cd100=undefined&cd101=undefined&cd102=undefined&cd115=undefined&cd120=undefined&cd121=undefined&cd122=web&cd123=undefined&cd127=undefined&cd128=undefined&cd131=undefined&cd134=web&cd135=undefined&cd150=https&cd153=undefined&cd164=legacy&cd165=SRCi&cd167=undefined&cd169=VISA&cd171=undefined&cd172=undefined&cd173=undefined&cd174=PURCHASE&cd175=undefined&cd178=undefined&cd179=undefined&cd181=undefined&cd182=undefined&cd183=PL&cd184=Recognized%20user&cd185=false&cd186=true&cd187=false&cd189=undefined&cd190=undefined&cd191=undefined&cd192=undefined&cd193=undefined&cd194=1.345&cd195=Standard%20button&z=120753927
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.checkout.visa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Aug 2021 21:30:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
45267
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame AB85 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&aip=1&a=1946965875&t=event&ni=0&_s=1&dl=https%3A%2F%2Fsecure.checkout.visa.com%2Fcheckout-widget%2Fexternal-src-system%3FparentUrl%3Dhttps%253A%252F%252Fpay.bm.pl&ul=en-us&de=UTF-8&dt=Visa%20SRC%20System&sd=24-bit&sr=1600x1200&vp=&je=0&ec=User%20type%20identification&ea=User%20type%20identification&el=User%20type%20identification-API&_u=aIAAAAAB~&cid=VID_cbe4d3d8-4eba-4d35-a4a7-1e379d3a8434&tid=UA-61684798-2&_gid=1601024581.1627898699&gtm=2wg7s0KD2D59&cd3=undefined&cd4=Unrecognized&cd5=1_1627898696_574_41799_b2k8l73-57b69697f6_CHECKOUT-WIDGET&cd15=A92M10WGYXL33W8YRN2E21fGMPqgYFqeU0t1kMgY45yX-BGw0&cd16=Merchant&cd17=VDCP-INO&cd19=undefined&cd23=undefined&cd31=17&cd34=Merchant&cd36=undefined&cd39=false&cd69=VID_cbe4d3d8-4eba-4d35-a4a7-1e379d3a8434&cd71=undefined&cd81=100084&cd83=undefined&cd88=VDCP-INO&cd100=undefined&cd101=undefined&cd102=undefined&cd115=undefined&cd120=undefined&cd121=undefined&cd122=web&cd123=undefined&cd127=undefined&cd128=undefined&cd131=undefined&cd134=web&cd135=undefined&cd150=https&cd153=undefined&cd164=legacy&cd165=SRCi&cd167=undefined&cd169=VISA&cd171=undefined&cd172=VISA&cd173=undefined&cd174=PURCHASE&cd175=undefined&cd178=undefined&cd179=undefined&cd181=undefined&cd182=undefined&cd183=PL&cd184=Unrecognized%20Returning%20user&cd185=false&cd186=false&cd187=true&cd189=undefined&cd190=undefined&cd191=undefined&cd192=undefined&cd193=undefined&cd194=1.345&cd195=Standard%20button&z=266871425
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.checkout.visa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Aug 2021 21:30:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
45267
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
logEvent
secure.checkout.visa.com/logging/ Frame AB85 		0
66 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://secure.checkout.visa.com/logging/logEvent
Requested by
Host: secure.checkout.visa.com
URL: https://secure.checkout.visa.com/checkout-widget/resources/src-system/js/srcSysExternalSdk.185b7732.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.19.208.81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000;includeSubdomains, max-age=15768000;includeSubdomains;always
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept
application/json
X-CORRELATION-ID
1_1627898696_574_41799_b2k8l73-57b69697f6_CHECKOUT-WIDGET
X-THMID
vme_prod_001TTwGW2RYsF0gsi2cc9cKW35K9A7F_pemXZP9fJ_oRWnJWpPhHZ1w8ppdPKKnrn4ebQ4FbTPPjxfuIIonNh854r3k
Referer
https://secure.checkout.visa.com/checkout-widget/external-src-system?parentUrl=https%3A%2F%2Fpay.bm.pl
dfpSessionId
vme_prod_001TTwGW2RYsF0gsi2cc9cKW35K9A7F_pemXZP9fJ_oRWnJWpPhHZ1w8ppdPKKnrn4ebQ4FbTPPjxfuIIonNh854r3k
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 02 Aug 2021 10:04:58 GMT
x-correlation-id
1_1627898696_574_41799_b2k8l73-57b69697f6_CHECKOUT-WIDGET
x-content-security-policy-report-only
default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
cf-cache-status
DYNAMIC
content-security-policy-report-only
default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
vary
Accept-Encoding
x-xss-protection
1; mode=block, 1; mode=block
x-served-by
l73p170
pragma
no-cache
x-app-status
204
server
cloudflare
x-frame-options
SAMEORIGIN
x-webkit-csp-report-only
default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000;includeSubdomains, max-age=15768000;includeSubdomains;always
cache-control
no-cache, no-store, must-revalidate
cf-ray
67867c320a313a2f-CDG
x-content-type-options
nosniff, nosniff
expires
-1

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| Sentry object| __SENTRY__ object| payway1512 object| payway1513 function| removeApplePayPaymentMethod function| checkApplePaySupport object| payways function| TransactionStatusListener boolean| setCookie object| Main function| $ function| jQuery object| utf8 object| base64 object| Translator function| PiwikEvents string| redirectTitle string| redirectLogo string| redirectNewLogo string| redirectImg boolean| redirectHideInfo boolean| redirectHideArrows number| gpPaywayId number| vcPaywayId number| apPaywayId string| integratorBMVerificationServiceId string| selectedText string| sourceFrData string| sourcePayways string| sourcePbl string| sourcePg string| sourcePbi string| sourcePbc string| sourceWalletData string| sourcePsd2Data string| warningBankDisabled string| warningBankTemporaryMaintenance string| defaultFlashMessageTranslationKey string| SDK_3_1 object| payBM object| _paq object| url object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log string| returnUrl string| blikPaywayId object| a object| b object| c string| d object| denylistedDomainsHashedValueListForGpayButtonWithCardInfo object| whitelistedDomainsHashedValueListForGpayButtonWithCardInfo object| denylistedMerchentIdsHashedValueListForGpayButtonWithCardInfo object| google object| VisaCheckoutSDK object| V object| __core-js_shared__ object| vAdapters object| VsbOrchAdapterInstance

4 Cookies

Domain/Path Name / Value
pay.bm.pl/ Name: _pk_ses.42.faaa
Value: 1
pay.bm.pl/ Name: _pk_id.42.faaa
Value: e347fad0d3bea928.1627898696.
pay.bm.pl/ Name: _pk_ref.42.faaa
Value: %5B%22%22%2C%22%22%2C1627898696%2C%22https%3A%2F%2Fs.bm.pl%2F%22%5D
pay.bm.pl/ Name: SFSESSID
Value: ac8o9e1v32nla3n42nsmfnvte2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.secure.checkout.visa.com
pay.bm.pl
pay.google.com
piwik.blue.pl
platnosci.bm.pl
play.google.com
s.bm.pl
secure.checkout.visa.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
104.18.24.161
104.19.208.81
195.182.23.217
195.187.130.220
2a00:1450:4001:80f::200e
2a00:1450:4001:828::200e
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2008
2a00:1450:4001:831::2003
2a00:1450:400c:c09::5c
99.81.139.101
0109c2cfa149482c6a7f0befdf87f62734e22a10565aa25f4477e952ba129964
06587cdfccdef20227d296641a33b1d477131b6873024164bcb9a31aa6343018
08b5100852d38b941251d248106e71b27de62f46fae4aa67d53c115371cc54e7
0aebb33c65d6b7756c930b13590fc1da9e4d22727c4f9b77907dbe517147041b
107b35035211ed46ce01cf2d82e2a2961c96faab48585b94d415b38d32786ce1
143be20401fa196fdc35a8f37fd2fd29dedcddcdde33484559d73050b5bc4aa8
174fcc100377c5b3615569a19301930c47516caf63d9e325ba29a2a8d244ef27
17f8143f6605dd490c34c49880aa67710d97dd895a30f15bac97bc45e390f88c
20ee85647906e3265ee92d70c712d7006cf022f991a09ad610da2a8ddd94d236
23e318f4b48801ec7a88aebedb06773b99a1696cb683867d65bc87aff9cf4e85
23f79c9985bcb79d3cdcdcc629ed9cd6139d0e5ce24cf8e17e0febeb9f14747a
26b6a29d18339a5cf68bc6d4e17b6a52c2f0de7cbe79ea9d74a4886e57995561
2736fdfc411375f77070edc516f975d2f8a691e363407cbcb98dfb56a071f814
28f2b8104d2e9e53e00528c920cb4a77622e58388015bdc8896ac2c960b6c152
3455e464eaf19408030efea25ca5ddc05f09c15501f6599bc4f1274e4cf571ee
35b2e03319a58374912090d8b891ef1783c09c0b142e63cc7940e115c3a74c3a
35ca86447a07d66bff593492a0b0cd25b72bb16a321ba11ac3034e0af6f8ae50
36a87e999160e645d1bd074bd988557e26027a487febeca2761b8136d1cb07d7
404ca89146ac256a0f00f94b150c843376e720ba3421bfd5a8d1512e3fb696f5
4569a142b304d45be06decf175f4f262e5670ffe30f0a4c76603849821a6606b
47ff01c880336f7e0ec7c257bc27c23d4c1b0766a10ee543c45c2a967826970a
4ce77a45249855fbcb3520a4d78194efa6eb5bb50808faf00eea5b6064777b79
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
52d00801d16559c015c8d462aa11f1ec28c7682956cf8d34708008429c7e5b3f
54ce826bd4c886221a93f58f1401d7b089ec366639efd0a864d6139c82f620c3
55a6a3037855c0b493c17b8476b5796bef2d5c629259fdc9a56ae70173a20948
59190c03df1bb4d4d4fd749e71a475f809e050e740c98fdf1564a695bccc2016
60d7bfece897beeb054b37a5833f0166f126cb71b86e51af398df3ad3d89b648
6236cc609e253b61cc1be35851a6b8ab0396a33d73a9dc63a6ac9dd2e27d743b
630f7785388f5953943ac18937cc1304bed1e8d55b0cb74d326ca6e6c8916947
64faeb94d95bb35c2987730e0a8f7a5100bfcea8a39c60f540e0aa4c3342ca9b
68589c809013fd9bd0755c4afacff7905ec24b817f87a762d9c38b004a4ff1f7
6b0fc984ed533b9ade09d94c5f4847e84b0e6ee2486ea7dd588f8ea7c76eb982
7042b4b9b1f622df53f9c433312bb48fc09b62298381ae4ee7b8cfc51585e750
7cebe978fde661e6a5a690aad9bed83703318bf58c2901174deff6aa9baa5643
7d34774731318cc783794d43e4318096c931c3c112f6d98d8c28006030ef458b
7dddc508f942625d698f7652dbcb5bc9f9603a8ddc74891bd30ab22cfc2faff2
7ff2abf17af087e4a1fcb20434b31177c0dceef1c3ead81786feb1142e87c485
81b6ac3496945a7e009dbd92b9a0337bff12e2e2255eec246de6d2c00d8c0dcf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83407949bf695f0d16d86b131123e96a4eeb30bcaa5a737b0d5b2f90613d1e77
8392d625cc4223f968c262d2b7a6ede3b2657fa3e68e5a20b54d2517fcf7415c
859b40f817c3cffa92b638606b7120ef6e10e0d5a12710c6f54ada212d835d82
879d2198201be230f6063e51c8e23eeb1a8dc80a5f3239f5e75e4049cf7a9562
8a821cc6f1b6f584bc5eb6a2f82cfa5120ee7166845f7480a575f1bfb450a3cb
9aacdbdb6bafe0779c1a38df982474188e063f3c26749b96b4d4359d909c35f7
a135e14de01db838c016834f780461740925f48638b34fe901a3d93df86fc97a
a138872b2abbd499a3f28e972988684f1fbf80b44c5051d33c35ae37e7a9402b
a1d824c21a9af852879b32748b49cf74ccc062a7a6b5dd44c8f36f971f67c710
a57b617f8ddbf2c81f2cd8fc9ca7c1c4f644d341a27caa34f05f4da622da7f18
a5afa2d35f96743410a73002f1e1bf58a4b810c9fa30ae7276af79269facd3e3
a77936efcc67c6cb558e439dd9fa2f521eb684ac4f0985a0a68b195a61888e6a
ac883aa3667c17465400df10cfcc6a81649982d888bccdd5d6edd807a8dc36ee
af7f78ae8ec220d222520ac783455c63c1a29e4c8bea036a33c83ae674f1bece
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b759c0b4ffe74659b6447d73f206ff4995e6146f599389e5a1ac82f27616e85a
b95584d960f1b07fd31f4ca5b91f4553124a176f147dae9db079ed5defb60ce0
bf18509e866451a8177190dcba355282c3ad65f80dd014bbbaad5ea8ed61b095
c0d7aafe6c7af5822f7326651bd8bf0995bb454f6b97a3086c06a8b853ff2d3e
c53811ac395c801c7c3881c518a0984f0d6d05108cb3f5701c2a336c07fb0b89
c6a31b497e11f6419bdaa0476353fe6b9b842ace5ac5aa92af5689bfc5c3d596
cbe9f8c29fab447a99317fb763fee1edbac1f085b87561c616786c019cf22073
ce5b268b0f7b16bb037e01bfbbd6225949ea5d923605ef3fed1eac3e8c2664f2
d412a91cba31ba2fecf18f9569b682355587bbe5738124abf5524877657d1035
d42042fcd8ac6626a2d5aa842df3264989344f96c06fb3b6c1b0e914a1076e2f
d7732c6ac82be7c61a2bf20681684fa0d2d1e8a94ccbb95545d25576efa26b3d
d87a40d241767fd5d9ce9c80dc1ed9066b4852fac9d1213fd6cee050581dd73b
da92ee6f2c0c35f4885a385fdbe11d75480b1b12df0a20ad92c2ee7f7a2567c8
dc1885cd61803006d2c5557e52a68fd2079f2266be20938df84ec95222c3bb60
e0877f8b938dd3493327879c8897764a511beb63eb6b7d7329b1e810488602e3
e0f3bcfe729905277534b8e131b5294df01fb61c34b8d2b5a11cc38b4b4f3455
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e567ba956cf3f1d9e5d2a6061cf78d4ffdd2e74bcceb09931c10da7e5e28b190
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e9d2dfa368d26b775dc12171ee2f94f864cf9c76fe2ddb790450bd9bac231f22
ea2859fa9548e633966773fe82fd1dbcd4fd48d79f08619cc11ee2f64f1c4323
ed7ef0f78700ca74ca94d71db57b238e6e47706af41d2ceb3b17ac8fc0953f63
efcbb222dd9ab1d2aa4fe717e03b0b29108ec82030871dd18c09bff1f5625667
f1a4fd8f3ff9280b624669bd19a9fbb2d169fa73ef58afaf98ce6c4d992eaf9d
fedc5d43a0b0764f1716cb8f39e81f672ecbb969db63c55c7d344f6d17ba020b