urlscan.io logo urlscan.io
SecurityTrails logo

gate.thepay.cz Open in urlscan Pro
93.185.102.193  Public Scan

Go To Rescan Add Verdict Report
URL: https://gate.thepay.cz/af703ece1c4e4ac541faa8d0428ce226482e0440e1a2c2eb5bf679753d73fa58/pay
Submission: On June 07 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 5 domains to perform 22 HTTP transactions. The main IP is 93.185.102.193, located in Brno, Czech Republic and belongs to VSHOSTING, CZ. The main domain is gate.thepay.cz.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 23rd 2023. Valid for: a year.
This is the only time gate.thepay.cz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 93.185.102.193 43541 (VSHOSTING)
1 2a02:26f0:310... 20940 (AKAMAI-ASN1)
10 153.46.254.150 9042 (SIX Zuerich)
1 2a02:26f0:310... 20940 (AKAMAI-ASN1)
3 172.67.184.158 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
22 6
6    93.185.102.193 (Brno, Czech Republic)

ASN43541 (VSHOSTING, CZ)
PTR: thepay8.vshosting.cz
gate.thepay.cz
1    2a02:26f0:3100::1735:2812 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
10    153.46.254.150 (Zurich, Switzerland)

ASN9042 (SIX Zuerich, Switzerland, CH)
PTR: www.saferpay.com
www.saferpay.com
1    2a02:26f0:3100::1735:2823 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
3    172.67.184.158 (United States)

ASN13335 (CLOUDFLARENET, US)
fonts.cdnfonts.com
1    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
Apex Domain
Subdomains		 Transfer
10 saferpay.com
www.saferpay.com — Cisco Umbrella Rank: 320326
7 KB
6 thepay.cz
gate.thepay.cz
2 MB
3 cdnfonts.com
fonts.cdnfonts.com — Cisco Umbrella Rank: 9923
133 KB
2 typekit.net
use.typekit.net — Cisco Umbrella Rank: 621
p.typekit.net — Cisco Umbrella Rank: 778
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
64 KB
22 5
Domain Requested by
10 www.saferpay.com gate.thepay.cz
www.saferpay.com
6 gate.thepay.cz gate.thepay.cz
3 fonts.cdnfonts.com gate.thepay.cz
fonts.cdnfonts.com
1 www.googletagmanager.com gate.thepay.cz
1 p.typekit.net use.typekit.net
1 use.typekit.net gate.thepay.cz
22 6

This site contains links to these domains. Also see Links.

Domain
pay.drumloops.pro
drumloops.pro
www.thepay.eu
Subject Issuer Validity Valid
*.thepay.cz
Sectigo RSA Domain Validation Secure Server CA		 2023-11-23 -
2024-11-22		 a year crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-01 -
2025-03-03		 a year crt.sh
www.saferpay.com
SwissSign RSA TLS OV ICA 2022 - 1		 2024-02-13 -
2025-02-13		 a year crt.sh
cdnfonts.com
GTS CA 1P5		 2024-05-25 -
2024-08-23		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://gate.thepay.cz/af703ece1c4e4ac541faa8d0428ce226482e0440e1a2c2eb5bf679753d73fa58/pay
Frame ID: EA4EACE5DC9E76FA69BFB1AF0F3C817A
Requests: 15 HTTP requests in this frame

Frame: https://www.saferpay.com/Fields/UI/322489/6db058b4-daff-4fe2-9816-f8bb20dcb428/Field/controller
Frame ID: C2EB9C4ED30698DE1B85C00EFA979CA1
Requests: 1 HTTP requests in this frame

Frame: https://www.saferpay.com/Fields/UI/322489/6db058b4-daff-4fe2-9816-f8bb20dcb428/Field/holdername
Frame ID: D6C841078DB97C31F743A8F271EF81DC
Requests: 1 HTTP requests in this frame

Frame: https://www.saferpay.com/Fields/UI/322489/6db058b4-daff-4fe2-9816-f8bb20dcb428/Field/cardnumber
Frame ID: AFF087DEE30683F77F01C3833BB79782
Requests: 1 HTTP requests in this frame

Frame: https://www.saferpay.com/Fields/UI/322489/6db058b4-daff-4fe2-9816-f8bb20dcb428/Field/expiration
Frame ID: 8CFB8B07C9DDBE836DCC1213649E17BF
Requests: 1 HTTP requests in this frame

Frame: https://www.saferpay.com/Fields/UI/322489/6db058b4-daff-4fe2-9816-f8bb20dcb428/Field/cvc
Frame ID: FD26AFD80247F879D25E7AC0027CA6DA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Zahlungserstattung

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Page Statistics

22
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

6
IPs

4
Countries

1743 kB
Transfer

1895 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request pay
gate.thepay.cz/af703ece1c4e4ac541faa8d0428ce226482e0440e1a2c2eb5bf679753d73fa58/ 		33 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gate.thepay.cz/af703ece1c4e4ac541faa8d0428ce226482e0440e1a2c2eb5bf679753d73fa58/pay
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.185.102.193 Brno, Czech Republic, ASN43541 (VSHOSTING, CZ),
Reverse DNS
thepay8.vshosting.cz
Software
nginx /
Resource Hash
422b5fef6e881556458f530700a23a2b01227b12ee673fe4cff2bc98becaf9d3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
private, must-revalidate
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Fri, 07 Jun 2024 16:09:51 GMT
expires
-1
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=86400; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
rud0lsj.css
use.typekit.net/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/rud0lsj.css
Requested by
Host: gate.thepay.cz
URL: https://gate.thepay.cz/af703ece1c4e4ac541faa8d0428ce226482e0440e1a2c2eb5bf679753d73fa58/pay
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2812 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
2d238e9469ecc9921371956c2c5abfa5852be24f8f199326efe71fea916b833a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gate.thepay.cz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Fri, 07 Jun 2024 16:09:52 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1144
app.css
gate.thepay.cz/css/ 		383 KB
384 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gate.thepay.cz/css/app.css?id=443cae9bb6931330618e0631f45ebc3e
Requested by
Host: gate.thepay.cz
URL: https://gate.thepay.cz/af703ece1c4e4ac541faa8d0428ce226482e0440e1a2c2eb5bf679753d73fa58/pay
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.185.102.193 Brno, Czech Republic, ASN43541 (VSHOSTING, CZ),
Reverse DNS
thepay8.vshosting.cz
Software
nginx /
Resource Hash
39e1204443ad6837c7c61818d90720695258a887e0354a339890b0a66dd146df
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gate.thepay.cz/af703ece1c4e4ac541faa8d0428ce226482e0440e1a2c2eb5bf679753d73fa58/pay
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:09:51 GMT
strict-transport-security
max-age=86400; includeSubDomains
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 06 Jun 2024 05:18:27 GMT
server
nginx
content-security-policy
upgrade-insecure-requests
etag
"5fd0d-61a31d0180342"
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
392461
x-xss-protection
1; mode=block
app.js
gate.thepay.cz/js/ 		987 KB
988 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gate.thepay.cz/js/app.js?id=68b22c98955c25139738aafa5d649350
Requested by
Host: gate.thepay.cz
URL: https://gate.thepay.cz/af703ece1c4e4ac541faa8d0428ce226482e0440e1a2c2eb5bf679753d73fa58/pay
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.185.102.193 Brno, Czech Republic, ASN43541 (VSHOSTING, CZ),
Reverse DNS
thepay8.vshosting.cz
Software
nginx /
Resource Hash
e0d75f419f4d8e0f10004b5303d575caaffb64e33a1f8b6766707b79b78ecfcc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gate.thepay.cz/af703ece1c4e4ac541faa8d0428ce226482e0440e1a2c2eb5bf679753d73fa58/pay
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:09:51 GMT
strict-transport-security
max-age=86400; includeSubDomains
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 06 Jun 2024 05:18:27 GMT
server
nginx
content-security-policy
upgrade-insecure-requests
etag
"f6b3d-61a31d01812e2"
x-frame-options
SAMEORIGIN
content-type
application/javascript
accept-ranges
bytes
content-length
1010493
x-xss-protection
1; mode=block
saferpay-fields.js
www.saferpay.com/Fields/lib/1/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.saferpay.com/Fields/lib/1/saferpay-fields.js
Requested by
Host: gate.thepay.cz
URL: https://gate.thepay.cz/af703ece1c4e4ac541faa8d0428ce226482e0440e1a2c2eb5bf679753d73fa58/pay
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
153.46.254.150 Zurich, Switzerland, ASN9042 (SIX Zuerich, Switzerland, CH),
Reverse DNS
www.saferpay.com
Software
/
Resource Hash
ca5e34e9c181ba2ce244b6c0138a6778c10205df7d6e033cd73cf93e7714ce8b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; report-uri /BO/Error/Csp; report-to csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gate.thepay.cz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; report-uri /BO/Error/Csp; report-to csp-report
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Referrer-Policy
no-referrer-when-downgrade
Date
Fri, 07 Jun 2024 16:09:51 GMT
Transfer-Encoding
chunked
Report-To
{ "group": "csp-report", "max_age": 1000000, "endpoints": [ { "url": "/BO/Error/Csp" } ] }
Content-Type
application/javascript
Vary
Accept-Encoding
Content-Disposition
inline; filename="saferpay-fields-1.7.0.js"
X-XSS-Protection
1; mode=block
p.css
p.typekit.net/ 		5 B
173 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=rud0lsj&ht=tk&f=24539.24540.24543.24544.24545.24546.24547.24548.24549.24552.39187.39200.39203&a=76772073&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/rud0lsj.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2823 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://use.typekit.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:09:52 GMT
last-modified
Sun, 19 May 2024 12:57:48 GMT
server
nginx
etag
"6649f74c-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
sofia-pro
fonts.cdnfonts.com/css/ 		3 KB
793 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.cdnfonts.com/css/sofia-pro
Requested by
Host: gate.thepay.cz
URL: https://gate.thepay.cz/css/app.css?id=443cae9bb6931330618e0631f45ebc3e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.184.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16643719847be9083fc67f029b0de4424d19d43f075f578c54fe458c32459062

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gate.thepay.cz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:09:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6809480
cf-polished
origSize=3322
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 20 Mar 2024 20:38:32 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QM0wcGQp0bBEAcHjXP1yqXsM%2BltXum0dyOkbxm%2FpJA0fP6CK3k8Hu8Fc2e%2FcgIYaz2Mvx4oyzSdMMeTx7j25RJ7Ab78gcuoe077%2FOiK7W8hh9KRanaxQyshobc7HEz7Uwfcu0FU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
8901e8b4eb214dcc-FRA
gtm.js
www.googletagmanager.com/ 		177 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MW3W4P2
Requested by
Host: gate.thepay.cz
URL: https://gate.thepay.cz/af703ece1c4e4ac541faa8d0428ce226482e0440e1a2c2eb5bf679753d73fa58/pay
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b376e89837f8e28b394388418d21972a62261e50799341b46362309454b69304
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gate.thepay.cz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:09:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65558
x-xss-protection
0
last-modified
Fri, 07 Jun 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 07 Jun 2024 16:09:52 GMT
sprite.svg
gate.thepay.cz/img/ 		13 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://gate.thepay.cz/img/sprite.svg?id=c7a1047b2a48403713bb442c0922ee36
Requested by
Host: gate.thepay.cz
URL: https://gate.thepay.cz/af703ece1c4e4ac541faa8d0428ce226482e0440e1a2c2eb5bf679753d73fa58/pay
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.185.102.193 Brno, Czech Republic, ASN43541 (VSHOSTING, CZ),
Reverse DNS
thepay8.vshosting.cz
Software
nginx /
Resource Hash
f509b82c39a4b789a504f8eb16fa01ca08882bb1771eace3424e1d00e660d21c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gate.thepay.cz/af703ece1c4e4ac541faa8d0428ce226482e0440e1a2c2eb5bf679753d73fa58/pay
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:09:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=86400; includeSubDomains
last-modified
Thu, 06 Jun 2024 05:18:27 GMT
server
nginx
content-security-policy
upgrade-insecure-requests
referrer-policy
strict-origin-when-cross-origin
etag
"356e-61a31d0180342-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
accept-ranges
bytes
content-length
5438
x-xss-protection
1; mode=block
webfa-solid-900.woff2
gate.thepay.cz/fonts/vendor/@fortawesome/fontawesome-free/ 		147 KB
147 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gate.thepay.cz/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?bb975c966c37455a1bc3c7e29971386c
Requested by
Host: gate.thepay.cz
URL: https://gate.thepay.cz/css/app.css?id=443cae9bb6931330618e0631f45ebc3e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.185.102.193 Brno, Czech Republic, ASN43541 (VSHOSTING, CZ),
Reverse DNS
thepay8.vshosting.cz
Software
nginx /
Resource Hash
7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gate.thepay.cz/css/app.css?id=443cae9bb6931330618e0631f45ebc3e
Origin
https://gate.thepay.cz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:09:52 GMT
strict-transport-security
max-age=86400; includeSubDomains
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 06 Jun 2024 05:18:27 GMT
server
nginx
content-security-policy
upgrade-insecure-requests
etag
"24a6c-61a31d01812e2"
x-frame-options
SAMEORIGIN
content-type
font/woff2
accept-ranges
bytes
content-length
150124
x-xss-protection
1; mode=block
Sofia%20Pro%20Regular%20Az.woff
fonts.cdnfonts.com/s/14903/ 		65 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.cdnfonts.com/s/14903/Sofia%20Pro%20Regular%20Az.woff
Requested by
Host: fonts.cdnfonts.com
URL: https://fonts.cdnfonts.com/css/sofia-pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.184.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfa63386ad0cf4c2f6bc910b7c925b2ced1f1c11b00c397c17ec4a6c1886e181

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.cdnfonts.com/css/sofia-pro
Origin
https://gate.thepay.cz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:09:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6628788
alt-svc
h3=":443"; ma=86400
content-length
66308
last-modified
Sat, 05 Feb 2022 02:00:37 GMT
server
cloudflare
etag
"10304-5d73bbbd27f1e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G6fmXd5XSjCAd3w54wCE%2B5W7X6zPx5Ndlkd32VHHNDMsnqDyzoyVcZBrMhWFLWI2KCDl1oCCQCFjtYSzIJENWJgpAY9hkIy3oECfos5iDxDdQT9Lx%2BK0ae4GsiiUoyQNwl1A6%2FI%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
8901e8b73dac9bee-FRA
Sofia%20Pro%20Semi%20Bold%20Az.woff
fonts.cdnfonts.com/s/14903/ 		66 KB
67 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.cdnfonts.com/s/14903/Sofia%20Pro%20Semi%20Bold%20Az.woff
Requested by
Host: fonts.cdnfonts.com
URL: https://fonts.cdnfonts.com/css/sofia-pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.184.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7e1be04f4bf38e0046e78906d1f50488702ae4320d8019c95715ab89409d786

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.cdnfonts.com/css/sofia-pro
Origin
https://gate.thepay.cz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:09:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
195077
alt-svc
h3=":443"; ma=86400
content-length
67988
last-modified
Sat, 05 Feb 2022 02:00:37 GMT
server
cloudflare
etag
"10994-5d73bbbd28306"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i%2BD562Kn59LCFujp8zM4nbV7qezGWTV7LT3aw4HnbH0FBYDcnwDNLdy2IMPvuJZowGh%2BZyL%2FlITTHIx0QNK2n55QfA2ftuajmUiQyZxSaoWsUAwynwLKmfGZM4WqE%2BdTOlaIlBo%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
8901e8b73dae9bee-FRA
Initialize
www.saferpay.com/Fields/Api/322489/ 		106 B
765 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.saferpay.com/Fields/Api/322489/Initialize
Requested by
Host: www.saferpay.com
URL: https://www.saferpay.com/Fields/lib/1/saferpay-fields.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
153.46.254.150 Zurich, Switzerland, ASN9042 (SIX Zuerich, Switzerland, CH),
Reverse DNS
www.saferpay.com
Software
/
Resource Hash
cee963d57f252d4da0ab309ec1f5ae5048ce184bbbaf0807c1e11706c0bac4dc
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; report-uri /BO/Error/Csp; report-to csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Saferpay-LibVersion
1.7.0
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Saferpay-AuthToken
a6fc1eb1-df1e-42d5-8396-e05cafe61496
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8
Referer
https://gate.thepay.cz/
Saferpay-Url
https://gate.thepay.cz/af703ece1c4e4ac541faa8d0428ce226482e0440e1a2c2eb5bf679753d73fa58/pay
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; report-uri /BO/Error/Csp; report-to csp-report
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer-when-downgrade
Date
Fri, 07 Jun 2024 16:09:51 GMT
Transfer-Encoding
chunked
Report-To
{ "group": "csp-report", "max_age": 1000000, "endpoints": [ { "url": "/BO/Error/Csp" } ] }
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
X-XSS-Protection
1; mode=block
Initialize
www.saferpay.com/Fields/Api/322489/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.saferpay.com/Fields/Api/322489/Initialize
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
153.46.254.150 Zurich, Switzerland, ASN9042 (SIX Zuerich, Switzerland, CH),
Reverse DNS
www.saferpay.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; report-uri /BO/Error/Csp; report-to csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,saferpay-authtoken,saferpay-libversion,saferpay-url
Access-Control-Request-Method
POST
Origin
https://gate.thepay.cz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
Saferpay-AuthToken,Saferpay-LibVersion,Referer,Saferpay-Url,content-type
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; report-uri /BO/Error/Csp; report-to csp-report
Date
Fri, 07 Jun 2024 16:09:51 GMT
Referrer-Policy
no-referrer-when-downgrade
Report-To
{ "group": "csp-report", "max_age": 1000000, "endpoints": [ { "url": "/BO/Error/Csp" } ] }
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
favicon-32x32.png
gate.thepay.cz/fav/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://gate.thepay.cz/fav/favicon-32x32.png?v=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.185.102.193 Brno, Czech Republic, ASN43541 (VSHOSTING, CZ),
Reverse DNS
thepay8.vshosting.cz
Software
nginx /
Resource Hash
712ef1be5a6aea7fc7a06e9f65b60e4d958c6377ddce699fa461ee063889b96d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gate.thepay.cz/af703ece1c4e4ac541faa8d0428ce226482e0440e1a2c2eb5bf679753d73fa58/pay
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:09:52 GMT
strict-transport-security
max-age=86400; includeSubDomains
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 06 Jun 2024 05:18:27 GMT
server
nginx
content-security-policy
upgrade-insecure-requests
etag
"554-61a31d01b6e3f"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
1364
x-xss-protection
1; mode=block
controller
www.saferpay.com/Fields/UI/322489/6db058b4-daff-4fe2-9816-f8bb20dcb428/Field/ Frame C2EB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.saferpay.com/Fields/UI/322489/6db058b4-daff-4fe2-9816-f8bb20dcb428/Field/controller
Requested by
Host: www.saferpay.com
URL: https://www.saferpay.com/Fields/lib/1/saferpay-fields.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
153.46.254.150 Zurich, Switzerland, ASN9042 (SIX Zuerich, Switzerland, CH),
Reverse DNS
www.saferpay.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; report-uri /BO/Error/Csp; report-to csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://gate.thepay.cz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
Content-Encoding
gzip
Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; report-uri /BO/Error/Csp; report-to csp-report
Content-Type
text/html
Date
Fri, 07 Jun 2024 16:09:52 GMT
ETag
"1dab27ace6f3568"
Last-Modified
Thu, 30 May 2024 10:19:08 GMT
Referrer-Policy
no-referrer-when-downgrade
Report-To
{ "group": "csp-report", "max_age": 1000000, "endpoints": [ { "url": "/BO/Error/Csp" } ] }
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
holdername
www.saferpay.com/Fields/UI/322489/6db058b4-daff-4fe2-9816-f8bb20dcb428/Field/ Frame D6C8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.saferpay.com/Fields/UI/322489/6db058b4-daff-4fe2-9816-f8bb20dcb428/Field/holdername
Requested by
Host: www.saferpay.com
URL: https://www.saferpay.com/Fields/lib/1/saferpay-fields.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
153.46.254.150 Zurich, Switzerland, ASN9042 (SIX Zuerich, Switzerland, CH),
Reverse DNS
www.saferpay.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; report-uri /BO/Error/Csp; report-to csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://gate.thepay.cz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
Content-Encoding
gzip
Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; report-uri /BO/Error/Csp; report-to csp-report
Content-Type
text/html
Date
Fri, 07 Jun 2024 16:09:52 GMT
ETag
"1dab27ace6f3568"
Last-Modified
Thu, 30 May 2024 10:19:08 GMT
Referrer-Policy
no-referrer-when-downgrade
Report-To
{ "group": "csp-report", "max_age": 1000000, "endpoints": [ { "url": "/BO/Error/Csp" } ] }
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
cardnumber
www.saferpay.com/Fields/UI/322489/6db058b4-daff-4fe2-9816-f8bb20dcb428/Field/ Frame AFF0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.saferpay.com/Fields/UI/322489/6db058b4-daff-4fe2-9816-f8bb20dcb428/Field/cardnumber
Requested by
Host: www.saferpay.com
URL: https://www.saferpay.com/Fields/lib/1/saferpay-fields.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
153.46.254.150 Zurich, Switzerland, ASN9042 (SIX Zuerich, Switzerland, CH),
Reverse DNS
www.saferpay.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; report-uri /BO/Error/Csp; report-to csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://gate.thepay.cz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
Content-Encoding
gzip
Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; report-uri /BO/Error/Csp; report-to csp-report
Content-Type
text/html
Date
Fri, 07 Jun 2024 16:09:52 GMT
ETag
"1dab27ace6f3568"
Last-Modified
Thu, 30 May 2024 10:19:08 GMT
Referrer-Policy
no-referrer-when-downgrade
Report-To
{ "group": "csp-report", "max_age": 1000000, "endpoints": [ { "url": "/BO/Error/Csp" } ] }
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
expiration
www.saferpay.com/Fields/UI/322489/6db058b4-daff-4fe2-9816-f8bb20dcb428/Field/ Frame 8CFB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.saferpay.com/Fields/UI/322489/6db058b4-daff-4fe2-9816-f8bb20dcb428/Field/expiration
Requested by
Host: www.saferpay.com
URL: https://www.saferpay.com/Fields/lib/1/saferpay-fields.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
153.46.254.150 Zurich, Switzerland, ASN9042 (SIX Zuerich, Switzerland, CH),
Reverse DNS
www.saferpay.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; report-uri /BO/Error/Csp; report-to csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://gate.thepay.cz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
Content-Encoding
gzip
Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; report-uri /BO/Error/Csp; report-to csp-report
Content-Type
text/html
Date
Fri, 07 Jun 2024 16:09:52 GMT
ETag
"1dab27ace6f3568"
Last-Modified
Thu, 30 May 2024 10:19:08 GMT
Referrer-Policy
no-referrer-when-downgrade
Report-To
{ "group": "csp-report", "max_age": 1000000, "endpoints": [ { "url": "/BO/Error/Csp" } ] }
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
cvc
www.saferpay.com/Fields/UI/322489/6db058b4-daff-4fe2-9816-f8bb20dcb428/Field/ Frame FD26 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.saferpay.com/Fields/UI/322489/6db058b4-daff-4fe2-9816-f8bb20dcb428/Field/cvc
Requested by
Host: www.saferpay.com
URL: https://www.saferpay.com/Fields/lib/1/saferpay-fields.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
153.46.254.150 Zurich, Switzerland, ASN9042 (SIX Zuerich, Switzerland, CH),
Reverse DNS
www.saferpay.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; report-uri /BO/Error/Csp; report-to csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://gate.thepay.cz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
Content-Encoding
gzip
Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: www.google-analytics.com; font-src 'self' data: ; report-uri /BO/Error/Csp; report-to csp-report
Content-Type
text/html
Date
Fri, 07 Jun 2024 16:09:52 GMT
ETag
"1dab27ace6f3568"
Last-Modified
Thu, 30 May 2024 10:19:08 GMT
Referrer-Policy
no-referrer-when-downgrade
Report-To
{ "group": "csp-report", "max_age": 1000000, "endpoints": [ { "url": "/BO/Error/Csp" } ] }
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Log
www.saferpay.com/BO/Log/ 		0
867 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.saferpay.com/BO/Log/Log
Requested by
Host: www.saferpay.com
URL: https://www.saferpay.com/Fields/lib/1/saferpay-fields.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
153.46.254.150 Zurich, Switzerland, ASN9042 (SIX Zuerich, Switzerland, CH),
Reverse DNS
www.saferpay.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data:; script-src 'self' 'unsafe-inline' www.google-analytics.com; img-src 'self' data: blob: www.google-analytics.com; frame-src *; report-uri /BO/Error/Csp;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://gate.thepay.cz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data:; script-src 'self' 'unsafe-inline' www.google-analytics.com; img-src 'self' data: blob: www.google-analytics.com; frame-src *; report-uri /BO/Error/Csp;
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Date
Fri, 07 Jun 2024 16:09:52 GMT
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
-1
Log
www.saferpay.com/BO/Log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.saferpay.com/BO/Log/Log
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
153.46.254.150 Zurich, Switzerland, ASN9042 (SIX Zuerich, Switzerland, CH),
Reverse DNS
www.saferpay.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data:; script-src 'self' 'unsafe-inline' www.google-analytics.com; img-src 'self' data: blob: www.google-analytics.com; frame-src *; report-uri /BO/Error/Csp;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://gate.thepay.cz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
0
Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data:; script-src 'self' 'unsafe-inline' www.google-analytics.com; img-src 'self' data: blob: www.google-analytics.com; frame-src *; report-uri /BO/Error/Csp;
Date
Fri, 07 Jun 2024 16:09:51 GMT
Expires
-1
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| dataLayer object| webpackChunk object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill number| uidEvent function| $ object| bootstrap object| lang function| Helpers function| Loader function| Axios function| CheckoutApi object| paymentFingerprintSender object| payInMobile function| ApplePayInitializer function| GooglePayInitializer object| SaferpayFields string| paidState number| checkStateInterval object| google_tag_manager object| google_tag_data

2 Cookies

Domain/Path Name / Value
gate.thepay.cz/ Name: XSRF-TOKEN
Value: eyJpdiI6ImlaNWI4eTA0eFVDc284VWtqbWxRV3c9PSIsInZhbHVlIjoiK3JoMkJRTEUyb1hkVVNjYXhTeHdzWHh3UTBKTk05cTJndmxSRU5qSjBoZGk5WlF0b2tkZnBjcHlZQUtUR250T3pCR3BNZ2tLdWs4elVKWmV0THpQMVhsQWlvdmdQcWRwUW5OZzEwNm92WWlacnQySUlROWMxK21RTitTMnMvSXMiLCJtYWMiOiI5ZDY0N2FlYmQ3YmQ1MDU1ZWIyOGE0NzZmYTJkOGYzYjhkNjk3ZTQ4NThkNjVkNjFmM2Y1ZjYyZGI1ZDJkZWMyIiwidGFnIjoiIn0%3D
gate.thepay.cz/ Name: thepay_gate_session
Value: eyJpdiI6IlZsdnZUcVhmTHFDV1FhZEVtdmVWa2c9PSIsInZhbHVlIjoiZzNISmVja3pyTVpxSUxNNmNxaHRBZm13cGlibHZOc1hzZy8rYzE1YnVIVDFkQkZ4NW1jTi9NZW5pTXpZN2hOaHlMRDJEb0ludFRlTnRKQ2ltR1YvUWJ3eGlpYzJWWm0rdnFNTFUwSzAvUWxSQjN0RmplYzlxcHh4U1FTNUY0TTAiLCJtYWMiOiIwMzkyYWI3ZWE3ZjIyNjM0ZmI4MWRlYjA0MjZiNGRjNDA5ODJhNGRiMjg4M2ZhYTYxNDM3YTI0OTU5MmEyNDA4IiwidGFnIjoiIn0%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block