URL: https://payments.payplus.co.il/ec4d5ebc-1b30-47e4-92f0-30e6923450e1
Submission: On September 19 via manual from IL — Scanned from DE

Summary

This website contacted 6 IPs in 3 countries across 4 domains to perform 43 HTTP transactions. The main IP is 2606:4700:20::681a:158, located in United States and belongs to CLOUDFLARENET, US. The main domain is payments.payplus.co.il.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 11th 2023. Valid for: a year.
This is the only time payments.payplus.co.il was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
2 52.219.170.82 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
16 2a00:1450:400... 15169 (GOOGLE)
43 6
Apex Domain
Subdomains
Transfer
20 google.com
pay.google.com — Cisco Umbrella Rank: 3915
play.google.com — Cisco Umbrella Rank: 85
414 KB
16 payplus.co.il
payments.payplus.co.il
restapi.payplus.co.il
795 KB
5 gstatic.com
www.gstatic.com
100 KB
2 amazonaws.com
pay-plus.s3.eu-central-1.amazonaws.com
59 KB
43 4
Domain Requested by
16 play.google.com www.gstatic.com
12 payments.payplus.co.il payments.payplus.co.il
5 www.gstatic.com pay.google.com
www.gstatic.com
4 pay.google.com payments.payplus.co.il
pay.google.com
www.gstatic.com
4 restapi.payplus.co.il payments.payplus.co.il
2 pay-plus.s3.eu-central-1.amazonaws.com
43 6

This site contains links to these domains. Also see Links.

Domain
www.payplus.co.il
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-11 -
2024-05-10
a year crt.sh
*.google.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
*.s3.eu-central-1.amazonaws.com
Amazon RSA 2048 M01
2023-04-11 -
2024-01-14
9 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh

This page contains 2 frames:

Primary Page: https://payments.payplus.co.il/ec4d5ebc-1b30-47e4-92f0-30e6923450e1
Frame ID: 80BA2A3E7A76D23D842DB7206030BDE0
Requests: 20 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fpayments.payplus.co.il&mid=
Frame ID: 3D15972B54F55283ABA58FE61460EC56
Requests: 15 HTTP requests in this frame

Screenshot

Page Title

PayPlus - Secured Purchase

Detected technologies

Overall confidence: 100%
Detected patterns
  • pay\.google\.com/([a-z/]+)/pay\.js

Page Statistics

43
Requests

100 %
HTTPS

80 %
IPv6

4
Domains

6
Subdomains

6
IPs

3
Countries

1368 kB
Transfer

4641 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request ec4d5ebc-1b30-47e4-92f0-30e6923450e1
payments.payplus.co.il/
734 B
791 B
Document
General
Full URL
https://payments.payplus.co.il/ec4d5ebc-1b30-47e4-92f0-30e6923450e1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cab706d78614298f4b87b8f7e5d09ccfb3a637ff94cd7dbfd94b104a0084382

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
809083cddb563671-FRA
content-encoding
br
content-type
text/html
date
Tue, 19 Sep 2023 08:38:51 GMT
last-modified
Tue, 12 Sep 2023 12:08:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2tE55Bcm8WIey0D7XVsOaPmiTxzFBUbC1SFPUJgVrxlTNCfW3Ob80DlopgqQ1Cj3rOuCeoS9no6gtYDFnplWqut6HYueVrh1RVvTSd%2B%2FJxI75GgSs14doB1gOS49T67QmwEOeN183%2B6ydB%2BaRqB%2Fo0ZVPjw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vendor.d2b38b97.js
payments.payplus.co.il/js/
2 MB
511 KB
Script
General
Full URL
https://payments.payplus.co.il/js/vendor.d2b38b97.js
Requested by
Host: payments.payplus.co.il
URL: https://payments.payplus.co.il/ec4d5ebc-1b30-47e4-92f0-30e6923450e1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03ad4175551b7a737e9ca48553c820d6ec96dc2c007bedd88cf95768ba84e346

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.payplus.co.il/ec4d5ebc-1b30-47e4-92f0-30e6923450e1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 08:38:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 12 Sep 2023 12:08:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2120
etag
W/"650054a4-1f5b63"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vtK85h7WU2OsRIn7HBnR6ya88cCeMi7u8IR7iwWLDtBg%2BUsfueOwmJVHsiy2LVv4dyWSUufEjgKLBwGlnA3edn7%2BaNlzqGlQW2t0ZizpohUq80pAONzkiDSP%2BGK06JWkcMQWdeeCRFGfd2yuun7foK3eJqY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
809083ce7c8b3671-FRA
app.d07f0eb9.js
payments.payplus.co.il/js/
81 KB
27 KB
Script
General
Full URL
https://payments.payplus.co.il/js/app.d07f0eb9.js
Requested by
Host: payments.payplus.co.il
URL: https://payments.payplus.co.il/ec4d5ebc-1b30-47e4-92f0-30e6923450e1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4975b41a7bf0d8a84ab6e6b62b7cfdea586173f170c34febf80fef3229cbd4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.payplus.co.il/ec4d5ebc-1b30-47e4-92f0-30e6923450e1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 08:38:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 12 Sep 2023 12:08:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2120
etag
W/"650054a4-145f2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WXtDNInFSaezZZDBTd1sCFxMt%2BuW6bGkTsb3cNlC6AnV5ZCjj81fcokbfuxBP2V7IaUvHz%2BZ803429nhowrf4KscjsSuqfEme8JhbcjIILvtD8Dv6B5Q677Xo3fjIVabDxvR6HR5wjW9NjElICZDurqJB%2FE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
809083ce7c8f3671-FRA
runtime.36b0b990.js
payments.payplus.co.il/js/
3 KB
2 KB
Script
General
Full URL
https://payments.payplus.co.il/js/runtime.36b0b990.js
Requested by
Host: payments.payplus.co.il
URL: https://payments.payplus.co.il/ec4d5ebc-1b30-47e4-92f0-30e6923450e1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80f43ac7c42fb1ced8633f815c2e205a1310550b4212401081b102200490eb9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.payplus.co.il/ec4d5ebc-1b30-47e4-92f0-30e6923450e1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 08:38:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 12 Sep 2023 12:08:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2627
etag
W/"650054a4-a53"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i32x64ixyDC%2Bdzt5DD5wLzoFIliWsoruazVZNWIjwiuvH0kZ9vMhLF6%2FDdrNL4PEmjEcvLFHvOtOyGQolsQY8Fvq3giCDTpS7ntM9as1NnWmAW1Yaz6%2Bkv3%2FDOVX4cfbPlZcbWntwSoRciQr5INaq7UJwzA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
809083ce7c903671-FRA
4.14d7d3c2.js
payments.payplus.co.il/js/
511 B
670 B
Script
General
Full URL
https://payments.payplus.co.il/js/4.14d7d3c2.js
Requested by
Host: payments.payplus.co.il
URL: https://payments.payplus.co.il/js/runtime.36b0b990.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6239dc95588514c507bdfdc9958aae105869867cd30d809225067a07969afae9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.payplus.co.il/ec4d5ebc-1b30-47e4-92f0-30e6923450e1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 08:38:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 12 Sep 2023 12:08:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2121
etag
W/"650054a4-1ff"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xSZKAyEzKt2hOM2hKreq%2BlCOj3x9iSCRH9cz%2BiKziz%2BL8yu4Yus7hLuKaDpBW6zeHXK%2BUh0ia%2F41pUYCzAdYIVEPj2uY6gwAEMgQiCdOmRiOhtQPRobPnD3GMKsNd5AXdYUHnYu662P%2Bgfz%2Bp4MbRFeHhYs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
809083d09f523671-FRA
chunk-common.7de78554.js
payments.payplus.co.il/js/
78 KB
34 KB
Script
General
Full URL
https://payments.payplus.co.il/js/chunk-common.7de78554.js
Requested by
Host: payments.payplus.co.il
URL: https://payments.payplus.co.il/js/runtime.36b0b990.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c10e21bf4ebd857478d640c75e9069d68c36df7d5c7c38f30854a657b4d06cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.payplus.co.il/ec4d5ebc-1b30-47e4-92f0-30e6923450e1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 08:38:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 12 Sep 2023 12:08:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2121
etag
W/"650054a4-136bd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uwcS3nqvquqgldqt9YFNYdI1p1yuWHt5IOmwhP4Pf10Fa720FclzvhXzGBAZQvhWxBP1ZKxnneHX%2BVCZYdM4gzlnnrVhm9WrQ5xPryYM%2BZXCq%2FVg6eOrCcthSkXCT9Xf1pFwcj4sQ9Nsz70x8nxaOA%2FXR7E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
809083d09f553671-FRA
21.89dff9d4.js
payments.payplus.co.il/js/
2 KB
1 KB
Script
General
Full URL
https://payments.payplus.co.il/js/21.89dff9d4.js
Requested by
Host: payments.payplus.co.il
URL: https://payments.payplus.co.il/js/runtime.36b0b990.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39739aa006c612c7b38d82a2e397f0e0cb9841f7ffaca8f206143bd6e84c2549

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.payplus.co.il/ec4d5ebc-1b30-47e4-92f0-30e6923450e1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 08:38:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 12 Sep 2023 12:08:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2606
etag
W/"650054a4-8fa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QiKW5swCmyjO%2FG5kX2oMnNk0jaDcNYvsSFoD0%2BoC8oEPvQHWddyszObvItwMmiT%2BmkcwAe668UV9PpHV5klorZS%2BVjqd9X4SzxsBNca1eBhsvRzSbat%2F2v0jXzEnlzleMj%2FtsMR0B10QUe9FFRB4sHevnbI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
809083d09f583671-FRA
9.09242e4d.js
payments.payplus.co.il/js/
504 KB
91 KB
Script
General
Full URL
https://payments.payplus.co.il/js/9.09242e4d.js
Requested by
Host: payments.payplus.co.il
URL: https://payments.payplus.co.il/js/runtime.36b0b990.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72a7ff4e7412423b3ef3b2d87760efdbf9856457efd8a0687b4fca21d01262a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.payplus.co.il/ec4d5ebc-1b30-47e4-92f0-30e6923450e1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 08:38:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 12 Sep 2023 12:08:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2121
etag
W/"650054a4-7df41"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XIS%2FULhrQpzPmTMMBrLy6mu9IGWCnX8kKIETV6KvsYoXSFwF3ydPPBx68EjvsFNRhkZZzYE4f7%2BHcDgF36eTEn2lZXwowE%2BQOcbnZrcU0%2BhKnRi5QHWnJ1sSgUikUmZibtQZXeQCmPVvYocWBSQ%2FlACfd4E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
809083d09f593671-FRA
ec4d5ebc-1b30-47e4-92f0-30e6923450e1
restapi.payplus.co.il/api/payment-pages/payment-request/ Frame
0
0
Preflight
General
Full URL
https://restapi.payplus.co.il/api/payment-pages/payment-request/ec4d5ebc-1b30-47e4-92f0-30e6923450e1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://payments.payplus.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://payments.payplus.co.il
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
809083d1bde05b7a-FRA
content-length
0
date
Tue, 19 Sep 2023 08:38:52 GMT
last-modified
Tuesday, 19-Sep-2023 08:38:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n6GRy%2BKBR2GK0saIxDJ1CdMxz00m8qJPXPz0VUF0ym8wEsMeWqcy2uDMLk%2FoGlmoshUsdxynkBi%2ByTDGh1DlUBMfxurEEU6%2Blszy8vBjiFkws3qb8ByHmuamG1IKK7%2Fx8oOPUykdA106eSNm%2FEZUmv1AvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Access-Control-Request-Headers
x-powered-by
Express
ec4d5ebc-1b30-47e4-92f0-30e6923450e1
restapi.payplus.co.il/api/payment-pages/payment-request/
7 KB
3 KB
XHR
General
Full URL
https://restapi.payplus.co.il/api/payment-pages/payment-request/ec4d5ebc-1b30-47e4-92f0-30e6923450e1
Requested by
Host: payments.payplus.co.il
URL: https://payments.payplus.co.il/js/vendor.d2b38b97.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
9a119d77978a0457df9601cd9e5dee8d3ed60f41952a48d5895bbbdc0f864162

Request headers

Accept
application/json, text/plain, */*
Referer
https://payments.payplus.co.il/
accept-language
de-DE,de;q=0.9
Authorization
p3jZtzWxRJXi+yEzUoP4kChzb21BXQGrgB72EtCZ4FVBKc80W2VZYUosbFnB3dkp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 08:38:52 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tuesday, 19-Sep-2023 08:38:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"1de9-EuxX/LY74WjqLqP2UeiVK5gr1bM"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hBYQZxyt84Iu%2FOMNPpl2i7Q9Il2pH5%2BHNBg25u4bFQ4EvsJp%2Fp3Th7ODhdDh9A909aPYHcuxJ5%2FQJheyJ2VOgYNUb%2Ff6cIZZ1YEwTSF2nPvL%2FLTy2Fn21g7BNqvi9%2BN8c1SIIpLPcHW6vJK9RRbtZjzNSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://payments.payplus.co.il
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
809083d26e475b7a-FRA
list-for-payments
restapi.payplus.co.il/api/translation/ Frame
0
0
Preflight
General
Full URL
https://restapi.payplus.co.il/api/translation/list-for-payments?default_language=he&uid=ec4d5ebc-1b30-47e4-92f0-30e6923450e1&type=payment-page
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://payments.payplus.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://payments.payplus.co.il
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
809083d4afc15b7a-FRA
content-length
0
date
Tue, 19 Sep 2023 08:38:52 GMT
last-modified
Tuesday, 19-Sep-2023 08:38:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ISgM57LY4b4RT6BQpRfzj6U64ZD9xJbxGxUyKhq0wZWrf9W9kQNzPL7ulzD6wlCjypZ%2BdVB%2FOMZ4fDpS8KgF%2BGy77ZOo%2BUrJeVQcUAjt5kb%2FHIl9juNookwFeIGgKiZUCzFQwTz1Au%2Fb%2Fbv9KcWxVX1YFw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Access-Control-Request-Headers
x-powered-by
Express
list-for-payments
restapi.payplus.co.il/api/translation/
173 KB
38 KB
XHR
General
Full URL
https://restapi.payplus.co.il/api/translation/list-for-payments?default_language=he&uid=ec4d5ebc-1b30-47e4-92f0-30e6923450e1&type=payment-page
Requested by
Host: payments.payplus.co.il
URL: https://payments.payplus.co.il/js/vendor.d2b38b97.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
06b91124063382b7201d05572eca628ba0d34f5eb9b7a7bdec113cefdb0ebb56

Request headers

Accept
application/json, text/plain, */*
Referer
https://payments.payplus.co.il/
accept-language
de-DE,de;q=0.9
Authorization
p3jZtzWxRJXi+yEzUoP4kChzb21BXQGrgB72EtCZ4FVBKc80W2VZYUosbFnB3dkp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 08:38:53 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tuesday, 19-Sep-2023 08:38:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"2b45e-kVCyjOQc8FKyqTOrvJFkl/dOh6k"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2eLWlvjxPmTwBnGFW223wJyIloQ%2B9mA98w6D2HMM%2BaXgpn%2FXkeu6s5mt0EidG%2FjcFbyg2QU7obfl%2FsLX5g0yEfezvgfsCh%2FFQ95bwCXjcNoh0W24jB6MQEqJ3NeU8%2FuQHLqm5fPJ0V%2BxloM0sOiMODEWuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://payments.payplus.co.il
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
809083d518125b7a-FRA
pay.js
pay.google.com/gp/p/js/
117 KB
36 KB
Script
General
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: payments.payplus.co.il
URL: https://payments.payplus.co.il/js/9.09242e4d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6e51b39b935c7d0ffb35a8c983c49209aab324ffe297a272bb1c7ddeb7541ea9
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-AQaCAPZ8D9feRbAODL3eiA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.payplus.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 08:38:53 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-AQaCAPZ8D9feRbAODL3eiA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Tue, 19 Sep 2023 08:38:53 GMT
logo_payment_page_5253.jpeg
pay-plus.s3.eu-central-1.amazonaws.com/companies/7401/payment_pages/5253/
57 KB
57 KB
Image
General
Full URL
https://pay-plus.s3.eu-central-1.amazonaws.com/companies/7401/payment_pages/5253/logo_payment_page_5253.jpeg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.170.82 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
2fa4124196fd5260c7b971808427c6bb6ca2f9c966ad413eae10967b8f25cdf0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.payplus.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Tue, 19 Sep 2023 08:38:54 GMT
Last-Modified
Fri, 24 Mar 2023 06:52:57 GMT
Server
AmazonS3
x-amz-request-id
P8ZG5S1RGEVFZ23E
ETag
"817ae40b9cdef1d34e92c6c5bbfad8e6"
x-amz-server-side-encryption
AES256
Content-Type
application/octet-stream
Accept-Ranges
bytes
Content-Length
58257
x-amz-id-2
9ckUkcWLHHoEQUXWrzI+nd4NTG2KjXrLGsqxGi4PxLZ0NERNFXLPOxg2vDXQv1hXkmfYLX43ujw=
google-pay.svg
payments.payplus.co.il/statics/tab-icons/light/
3 KB
2 KB
Image
General
Full URL
https://payments.payplus.co.il/statics/tab-icons/light/google-pay.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eac369c7aa5220cad153cf7c5e417fed7462fedd5789ded01b05fd3790bab8fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.payplus.co.il/ec4d5ebc-1b30-47e4-92f0-30e6923450e1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 08:38:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 12 Sep 2023 12:08:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6132
etag
W/"650054a4-d2b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ct6aIaR72uu6GRwDFsCXPPAOoFGBUV%2BdpZEEjBYsbk%2F5vm%2F4HLfrU2hq1aIDknF20lJFVSJkNV8XatrJ3%2BqX4n1iGY1VvkDbUh8L%2FTZGrZazWlqbkLwmCyUTwz9ycfKIz%2B51z%2FbzOrQ0S1OOpRF2LBlTpBk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=1800
cf-ray
809083d62f5a3671-FRA
card.svg
payments.payplus.co.il/statics/tab-icons/light/
903 B
764 B
Image
General
Full URL
https://payments.payplus.co.il/statics/tab-icons/light/card.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d33e129769522118e37be1e4643f21c9abe6265cde3fe0b0dc3e5706de766fd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.payplus.co.il/ec4d5ebc-1b30-47e4-92f0-30e6923450e1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 08:38:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 12 Sep 2023 12:08:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2606
etag
W/"650054a4-387"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PW7WV4ut%2BWUh8lGb98soWpRQWvpJx5KG6FHc5rcgCK3hxlGU%2BndwztQxDMazlW%2F1%2FMCERNwRPVn7k1vg89nMPNHvAdEiQL5FC9n00KS62ImHYNQIIt0xYNaM7b6jgDHd%2Bpb7L4JSKspHsSZQXEL%2FUdBSPb4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=1800
cf-ray
809083d62f603671-FRA
bit.svg
payments.payplus.co.il/statics/tab-icons/light/
4 KB
2 KB
Image
General
Full URL
https://payments.payplus.co.il/statics/tab-icons/light/bit.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
884c0d1c1a5175ed799758feff48a1aea99c619278495af1594d2d04ec2e5487

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.payplus.co.il/ec4d5ebc-1b30-47e4-92f0-30e6923450e1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 08:38:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 12 Sep 2023 12:08:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2606
etag
W/"650054a4-110f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2FuFuuOHQEdIePxTMH3m4b2FKABWL%2Fz8TdnOYjFZDvtt60BCvbQVKts4Yp2qS9s0f%2BpC2g8oxXT1milH%2Bte8FYF2ZSMTlCGbKVYD%2BAqvHhXVdOwl5ybh52yhNkQ0Lqgk%2BdY8THHhQFoDLBALwLuBqPXNwPU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=1800
cf-ray
809083d62f633671-FRA
payplus-logo-new.png
pay-plus.s3.eu-central-1.amazonaws.com/upload/email/
1 KB
2 KB
Image
General
Full URL
https://pay-plus.s3.eu-central-1.amazonaws.com/upload/email/payplus-logo-new.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.170.82 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
7f0710fd9b8937187ab1b0cfda3fc07af5f9424cce51f58fa4164439fed4eee7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.payplus.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Tue, 19 Sep 2023 08:38:54 GMT
Last-Modified
Mon, 27 Mar 2023 11:44:48 GMT
Server
AmazonS3
x-amz-request-id
P8ZJZEGTV12RBF4V
ETag
"eba39fd22ac1f797c3b31be67f068a03"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1211
x-amz-id-2
9SqDluv3Z/hC+LoOcDspUb8uWeu1zgYdpMhHzYIOe8FK7dGMWJi5s+VSHejBcj62bgu7nGQf5IE=
truncated
/
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0920763923b2cd13fcf644265197971a75e20ce6a34131d5c0fb7e3ee22ce02e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
186 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c0ce0c37afa10d0d7a40798a00d737550c161abb7e79241ab5b424f1ab6fd181

Request headers

Referer
Origin
https://payments.payplus.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type
image/svg+xml
almoni-regular-aaa.25cf3818.woff
payments.payplus.co.il/fonts/
80 KB
80 KB
Font
General
Full URL
https://payments.payplus.co.il/fonts/almoni-regular-aaa.25cf3818.woff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea61af7fc31f9fa8f28ff566f3b06fd928c95872ac3a543cf4274d1ac9064636

Request headers

Referer
https://payments.payplus.co.il/ec4d5ebc-1b30-47e4-92f0-30e6923450e1
Origin
https://payments.payplus.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 08:38:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 12 Sep 2023 12:08:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6325
etag
W/"650054a4-13e7c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TIJ%2BD7c%2BlBwFNjCq2sACQjHl7qWUUYM2PD9h2fdBPwCgcPSc%2BjgmGK%2FyDiFz7hnV5qVt8YCWowlLIr7XV9QoT1eY83RLIzKU8fH%2FXdRkeu7RVwqjMMkZz4goToeJAKBfSgBao4eR5aInrB79N8Yxd%2B%2FVPY4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
max-age=1800
cf-ray
809083d65fc83671-FRA
payframe
pay.google.com/gp/p/ui/ Frame 3D15
18 KB
8 KB
Document
General
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fpayments.payplus.co.il&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
55575dbe80c5ec655ef592b7f4bf20f67affc38e1376ff7803cea3813be72839
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-SGyaa0B98PS4meQXmylzgA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://payments.payplus.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-SGyaa0B98PS4meQXmylzgA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Tue, 19 Sep 2023 08:38:53 GMT
expires
Tue, 19 Sep 2023 08:38:53 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
payment_white_36dp.png
www.gstatic.com/images/icons/material/system/1x/
149 B
596 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/1x/payment_white_36dp.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
004d7aa90e2889f6291a71c84ac3d3e394e0cade32bd41dc214736418f769181
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.payplus.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 15:14:33 GMT
x-content-type-options
nosniff
age
321860
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
149
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 14 Sep 2024 15:14:33 GMT
m=_b,_tp
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.szbMmF2GrhI.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame 3D15
156 KB
56 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.szbMmF2GrhI.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriqme5z72uS9aEkDXSuwFHpWC7u_g/m=_b,_tp
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fpayments.payplus.co.il&mid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
504419abc5166448f672ded8e22ed0012f7d614ed30c60601ee8cfb178f8f02d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 16:17:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58869
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56293
x-xss-protection
0
last-modified
Sat, 16 Sep 2023 21:26:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 17 Sep 2024 16:17:44 GMT
cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 3D15
2 KB
2 KB
Other
General
Full URL
https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by
Host: payments.payplus.co.il
URL: https://payments.payplus.co.il/ec4d5ebc-1b30-47e4-92f0-30e6923450e1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer
https://pay.google.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 19 Sep 2023 08:38:53 GMT
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1608
content-type
text/html; charset=UTF-8
m=Das5Le
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.szbMmF2GrhI.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TWG4Oh... Frame 3D15
72 KB
26 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.szbMmF2GrhI.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TWG4OhFXjrM.L.B1.O/am=AMAY/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrgYcNEEhiHTUYeX5BKybYSY20dfsg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.szbMmF2GrhI.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriqme5z72uS9aEkDXSuwFHpWC7u_g/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac38501fd0ec5d38f0eaca0b5517ce7e2ab6ff0d395028ecdb3ae9bba39e5d16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 19:48:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46216
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26888
x-xss-protection
0
last-modified
Sat, 16 Sep 2023 21:26:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 17 Sep 2024 19:48:37 GMT
pay
pay.google.com/gp/p/ui/ Frame 3D15
1 MB
367 KB
XHR
General
Full URL
https://pay.google.com/gp/p/ui/pay
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.szbMmF2GrhI.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriqme5z72uS9aEkDXSuwFHpWC7u_g/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f9b12b39350ed38f901d525e150fe17c4dfc8950837bf5e6963aa18e62eb9b91
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-lTVXkgFkzWpPorfqx9NFPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 08:38:53 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-lTVXkgFkzWpPorfqx9NFPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
x-ua-compatible
IE=edge
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
unsafe-none
server
ESF
x-frame-options
DENY
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Tue, 19 Sep 2023 08:38:53 GMT
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.szbMmF2GrhI.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TWG4Oh... Frame 3D15
9 KB
4 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.szbMmF2GrhI.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TWG4OhFXjrM.L.B1.O/am=AMAY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrgYcNEEhiHTUYeX5BKybYSY20dfsg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.szbMmF2GrhI.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriqme5z72uS9aEkDXSuwFHpWC7u_g/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f96d742ea8ea49d52a9b969add7d531e9dea4ddb3774def507d605d6a4c8af8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 19:48:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46215
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3926
x-xss-protection
0
last-modified
Sat, 16 Sep 2023 21:26:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 17 Sep 2024 19:48:38 GMT
m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.szbMmF2GrhI.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TWG4Oh... Frame 3D15
36 KB
14 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.szbMmF2GrhI.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TWG4OhFXjrM.L.B1.O/am=AMAY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrgYcNEEhiHTUYeX5BKybYSY20dfsg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.szbMmF2GrhI.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriqme5z72uS9aEkDXSuwFHpWC7u_g/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
570ec1150fd10ceaabb87e4461645a7a0860c26070e513f64aa45ae7cba0ebf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 19:48:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46215
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13832
x-xss-protection
0
last-modified
Sat, 16 Sep 2023 21:26:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 17 Sep 2024 19:48:38 GMT
log
play.google.com/ Frame 3D15
131 B
155 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.szbMmF2GrhI.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriqme5z72uS9aEkDXSuwFHpWC7u_g/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 19 Sep 2023 08:38:54 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 19 Sep 2023 08:38:54 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 19 Sep 2023 08:38:54 GMT
expires
Tue, 19 Sep 2023 08:38:54 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 3D15
131 B
155 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.szbMmF2GrhI.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriqme5z72uS9aEkDXSuwFHpWC7u_g/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 19 Sep 2023 08:38:54 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 19 Sep 2023 08:38:54 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 19 Sep 2023 08:38:54 GMT
expires
Tue, 19 Sep 2023 08:38:54 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 3D15
131 B
155 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.szbMmF2GrhI.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriqme5z72uS9aEkDXSuwFHpWC7u_g/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 19 Sep 2023 08:38:54 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 19 Sep 2023 08:38:54 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 19 Sep 2023 08:38:54 GMT
expires
Tue, 19 Sep 2023 08:38:54 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 3D15
131 B
155 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.szbMmF2GrhI.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriqme5z72uS9aEkDXSuwFHpWC7u_g/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 19 Sep 2023 08:38:54 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 19 Sep 2023 08:38:54 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 19 Sep 2023 08:38:54 GMT
expires
Tue, 19 Sep 2023 08:38:54 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 19 Sep 2023 08:38:54 GMT
expires
Tue, 19 Sep 2023 08:38:54 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 3D15
131 B
155 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.szbMmF2GrhI.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriqme5z72uS9aEkDXSuwFHpWC7u_g/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 19 Sep 2023 08:38:54 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 19 Sep 2023 08:38:54 GMT
log
play.google.com/ Frame 3D15
131 B
155 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.szbMmF2GrhI.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriqme5z72uS9aEkDXSuwFHpWC7u_g/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 19 Sep 2023 08:38:54 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 19 Sep 2023 08:38:54 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 19 Sep 2023 08:38:54 GMT
expires
Tue, 19 Sep 2023 08:38:54 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 19 Sep 2023 08:38:54 GMT
expires
Tue, 19 Sep 2023 08:38:54 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 3D15
131 B
155 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.szbMmF2GrhI.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriqme5z72uS9aEkDXSuwFHpWC7u_g/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 19 Sep 2023 08:38:54 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 19 Sep 2023 08:38:54 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 19 Sep 2023 08:38:54 GMT
expires
Tue, 19 Sep 2023 08:38:54 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 3D15
131 B
155 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.szbMmF2GrhI.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriqme5z72uS9aEkDXSuwFHpWC7u_g/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 19 Sep 2023 08:38:54 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 19 Sep 2023 08:38:54 GMT

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| webpackJsonp object| regeneratorRuntime object| __core-js_shared__ object| core function| vueRecaptchaApiLoaded object| test function| onCardReady object| denylistedDomainsHashedValueListForGpayButtonWithCardInfo object| whitelistedDomainsHashedValueListForGpayButtonWithCardInfo object| denylistedMerchentIdsHashedValueListForGpayButtonWithCardInfo object| google

1 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 511=jw4RT9cxmuHizzH0wxzqeLI4QU6mBlHX56vN9me_FUHg2JAETIf2gaNrtt3VzaFNrUX_GPp6rNBoklRmV6R0jLF1VK4Be7UItnhoq-yT1NLgYKnUiSDDinV158Xmj1EmHPNKY47zenZ6q7qHk-0pkfL6g-w8CK_jNHGBHn1hwCQ

2 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

pay-plus.s3.eu-central-1.amazonaws.com
pay.google.com
payments.payplus.co.il
play.google.com
restapi.payplus.co.il
www.gstatic.com
2606:4700:20::681a:158
2a00:1450:4001:811::2003
2a00:1450:4001:812::200e
2a00:1450:400c:c07::5c
52.219.170.82
004d7aa90e2889f6291a71c84ac3d3e394e0cade32bd41dc214736418f769181
03ad4175551b7a737e9ca48553c820d6ec96dc2c007bedd88cf95768ba84e346
06b91124063382b7201d05572eca628ba0d34f5eb9b7a7bdec113cefdb0ebb56
0920763923b2cd13fcf644265197971a75e20ce6a34131d5c0fb7e3ee22ce02e
2fa4124196fd5260c7b971808427c6bb6ca2f9c966ad413eae10967b8f25cdf0
39739aa006c612c7b38d82a2e397f0e0cb9841f7ffaca8f206143bd6e84c2549
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
504419abc5166448f672ded8e22ed0012f7d614ed30c60601ee8cfb178f8f02d
55575dbe80c5ec655ef592b7f4bf20f67affc38e1376ff7803cea3813be72839
570ec1150fd10ceaabb87e4461645a7a0860c26070e513f64aa45ae7cba0ebf9
5c10e21bf4ebd857478d640c75e9069d68c36df7d5c7c38f30854a657b4d06cd
6239dc95588514c507bdfdc9958aae105869867cd30d809225067a07969afae9
6cab706d78614298f4b87b8f7e5d09ccfb3a637ff94cd7dbfd94b104a0084382
6e51b39b935c7d0ffb35a8c983c49209aab324ffe297a272bb1c7ddeb7541ea9
72a7ff4e7412423b3ef3b2d87760efdbf9856457efd8a0687b4fca21d01262a6
7f0710fd9b8937187ab1b0cfda3fc07af5f9424cce51f58fa4164439fed4eee7
80f43ac7c42fb1ced8633f815c2e205a1310550b4212401081b102200490eb9a
884c0d1c1a5175ed799758feff48a1aea99c619278495af1594d2d04ec2e5487
9a119d77978a0457df9601cd9e5dee8d3ed60f41952a48d5895bbbdc0f864162
9f96d742ea8ea49d52a9b969add7d531e9dea4ddb3774def507d605d6a4c8af8
ac38501fd0ec5d38f0eaca0b5517ce7e2ab6ff0d395028ecdb3ae9bba39e5d16
c0ce0c37afa10d0d7a40798a00d737550c161abb7e79241ab5b424f1ab6fd181
d33e129769522118e37be1e4643f21c9abe6265cde3fe0b0dc3e5706de766fd5
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
e4975b41a7bf0d8a84ab6e6b62b7cfdea586173f170c34febf80fef3229cbd4e
ea61af7fc31f9fa8f28ff566f3b06fd928c95872ac3a543cf4274d1ac9064636
eac369c7aa5220cad153cf7c5e417fed7462fedd5789ded01b05fd3790bab8fe
f9b12b39350ed38f901d525e150fe17c4dfc8950837bf5e6963aa18e62eb9b91