urlscan.io logo urlscan.io
SecurityTrails logo

patient.moolah.cc Open in urlscan Pro
104.43.254.102  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.payments.minal.dental/
Effective URL: https://patient.moolah.cc/paymentPage/minalpateldmd
Submission: On January 28 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 2 countries across 14 domains to perform 149 HTTP transactions. The main IP is 104.43.254.102, located in Des Moines, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is patient.moolah.cc.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on October 24th 2023. Valid for: 6 months.
This is the only time patient.moolah.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
9 104.43.254.102 8075 (MICROSOFT...)
4 2a04:4e42:600... 54113 (FASTLY)
7 2606:4700:440... 13335 (CLOUDFLAR...)
8 2607:f8b0:400... 15169 (GOOGLE)
4 141.193.213.20 209242 (CLOUDFLAR...)
5 2606:4700:440... 13335 (CLOUDFLAR...)
1 2620:1ec:29:1... 8075 (MICROSOFT...)
12 2607:f8b0:400... 15169 (GOOGLE)
7 108.138.106.92 16509 (AMAZON-02)
4 2607:f8b0:400... 15169 (GOOGLE)
20 104.18.1.217 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
2 4 23.12.144.244 20940 (AKAMAI-ASN1)
2 3.211.173.186 14618 (AMAZON-AES)
32 192.225.158.132 30286 (THM)
4 2607:f8b0:400... 15169 (GOOGLE)
12 2607:f8b0:400... 15169 (GOOGLE)
4 2600:141b:1c0... 20940 (AKAMAI-ASN1)
1 6 192.225.158.1 30286 (THM)
2 192.225.158.3 30286 (THM)
2 20.118.198.34 8075 (MICROSOFT...)
149 21
1    2606:4700:3035::ac43:9be4 (United States)

ASN13335 (CLOUDFLARENET, US)
www.payments.minal.dental
9    104.43.254.102 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
patient.moolah.cc
4    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
7    2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
ka-p.fontawesome.com
8    2607:f8b0:4006:816::2004 (Colchester, United States)

ASN15169 (GOOGLE, US)
www.google.com
4    141.193.213.20 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
www.moolah.cc
5    2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)
ka-p.fontawesome.com
1    2620:1ec:29:1::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
js.monitor.azure.com
12    2607:f8b0:4006:817::2003 (Colchester, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
7    108.138.106.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-92.jfk50.r.cloudfront.net
cdn.poynt.net
4    2607:f8b0:4004:c08::5c (Ashburn, United States)

ASN15169 (GOOGLE, US)
pay.google.com
20    104.18.1.217 (None, )

ASN13335 (CLOUDFLARENET, US)
checkout.paze.com
3    2607:f8b0:4006:80f::2008 (Colchester, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    23.12.144.244 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-12-144-244.deploy.static.akamaitechnologies.com
img1.wsimg.com
2    3.211.173.186 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-173-186.compute-1.amazonaws.com
services.poynt.net
32    192.225.158.132 (United States)

ASN30286 (THM, US)
thm.visa.com
xmt.paze.com
4    2607:f8b0:4006:81e::2003 (Colchester, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
12    2607:f8b0:4006:817::200e (Colchester, United States)

ASN15169 (GOOGLE, US)
play.google.com
4    2600:141b:1c00:16::17c4:32a (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
events.api.secureserver.net
6    192.225.158.1 (United States)

ASN30286 (THM, US)
h.online-metrix.net
2    192.225.158.3 (United States)

ASN30286 (THM, US)
ge4f5xfnesrroi4xqwd7jslgdwp5qxlvwufnt2fu04a387c47059ecb3sac.d.aa.online-metrix.net
dubkxo24ospy3uz7vwrqx7tiqweiy52voj6tokiqa698d00fb37af09asac.d.aa.online-metrix.net
2    20.118.198.34 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
centralus-2.in.applicationinsights.azure.com
Apex Domain
Subdomains		 Transfer
39 paze.com
checkout.paze.com — Cisco Umbrella Rank: 269950
xmt.paze.com — Cisco Umbrella Rank: 210926
540 KB
24 google.com
www.google.com — Cisco Umbrella Rank: 2
pay.google.com — Cisco Umbrella Rank: 2630
play.google.com — Cisco Umbrella Rank: 31
497 KB
16 gstatic.com
www.gstatic.com
fonts.gstatic.com
985 KB
13 visa.com
thm.visa.com — Cisco Umbrella Rank: 55305
82 KB
13 moolah.cc
patient.moolah.cc
www.moolah.cc
468 KB
12 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1448
ka-p.fontawesome.com — Cisco Umbrella Rank: 3262
274 KB
9 poynt.net
cdn.poynt.net — Cisco Umbrella Rank: 105206
services.poynt.net — Cisco Umbrella Rank: 239157
394 KB
8 online-metrix.net
h.online-metrix.net — Cisco Umbrella Rank: 2734
ge4f5xfnesrroi4xqwd7jslgdwp5qxlvwufnt2fu04a387c47059ecb3sac.d.aa.online-metrix.net
dubkxo24ospy3uz7vwrqx7tiqweiy52voj6tokiqa698d00fb37af09asac.d.aa.online-metrix.net
33 KB
4 secureserver.net
events.api.secureserver.net — Cisco Umbrella Rank: 8665
1 KB
4 wsimg.com
img1.wsimg.com — Cisco Umbrella Rank: 7508
27 KB
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 324
84 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
159 KB
3 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 1654
centralus-2.in.applicationinsights.azure.com — Cisco Umbrella Rank: 34271
46 KB
1 minal.dental
www.payments.minal.dental
500 B
149 14
Domain Requested by
20 checkout.paze.com cdn.poynt.net
checkout.paze.com
19 xmt.paze.com checkout.paze.com
xmt.paze.com
patient.moolah.cc
13 thm.visa.com checkout.paze.com
thm.visa.com
patient.moolah.cc
12 play.google.com www.gstatic.com
12 www.gstatic.com www.google.com
pay.google.com
www.gstatic.com
10 ka-p.fontawesome.com kit.fontawesome.com
9 patient.moolah.cc patient.moolah.cc
8 www.google.com patient.moolah.cc
www.gstatic.com
www.google.com
cdn.poynt.net
7 cdn.poynt.net patient.moolah.cc
cdn.poynt.net
6 h.online-metrix.net 1 redirects thm.visa.com
patient.moolah.cc
xmt.paze.com
4 events.api.secureserver.net img1.wsimg.com
4 fonts.gstatic.com www.google.com
4 img1.wsimg.com 2 redirects patient.moolah.cc
4 pay.google.com cdn.poynt.net
pay.google.com
patient.moolah.cc
www.gstatic.com
4 www.moolah.cc patient.moolah.cc
4 cdn.jsdelivr.net patient.moolah.cc
3 www.googletagmanager.com patient.moolah.cc
www.googletagmanager.com
2 centralus-2.in.applicationinsights.azure.com js.monitor.azure.com
2 services.poynt.net cdn.poynt.net
2 kit.fontawesome.com patient.moolah.cc
1 dubkxo24ospy3uz7vwrqx7tiqweiy52voj6tokiqa698d00fb37af09asac.d.aa.online-metrix.net patient.moolah.cc
1 ge4f5xfnesrroi4xqwd7jslgdwp5qxlvwufnt2fu04a387c47059ecb3sac.d.aa.online-metrix.net patient.moolah.cc
1 js.monitor.azure.com patient.moolah.cc
1 www.payments.minal.dental 1 redirects
149 24

This site contains links to these domains. Also see Links.

Domain
www.moolah.cc
Subject Issuer Validity Valid
patient.moolah.cc
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-10-24 -
2024-04-24		 6 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
*.fontawesome.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-04 -
2025-01-03		 a year crt.sh
www.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
www.moolah.cc
Cloudflare Inc ECC CA-3		 2023-06-15 -
2024-06-13		 a year crt.sh
js.monitor.azure.com
Microsoft Azure RSA TLS Issuing CA 03		 2023-12-19 -
2024-12-13		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.poynt.net
Go Daddy Secure Certificate Authority - G2		 2023-10-12 -
2024-11-12		 a year crt.sh
*.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
checkout.paze.com
Cloudflare Inc ECC CA-3		 2023-05-17 -
2024-05-15		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
thm.visa.com
SSL.com RSA SSL subCA		 2023-03-22 -
2024-03-21		 a year crt.sh
xmt.paze.com
DigiCert EV RSA CA G2		 2023-07-28 -
2024-07-30		 a year crt.sh
*.api.secureserver.net
Starfield Secure Certificate Authority - G2		 2023-07-10 -
2024-08-10		 a year crt.sh
online-metrix.net
Viking Cloud Organization Validation CA, Level 1		 2023-10-20 -
2024-10-21		 a year crt.sh
*.aa.online-metrix.net
Viking Cloud Organization Validation CA, Level 1		 2023-10-20 -
2024-10-21		 a year crt.sh
prod.ai.ingestion.msftcloudes.com
Microsoft Azure RSA TLS Issuing CA 03		 2023-11-18 -
2024-11-12		 a year crt.sh

This page contains 16 frames:

Primary Page: https://patient.moolah.cc/paymentPage/minalpateldmd
Frame ID: 5CA67BE013582A4EC7DE10ED205BD1D3
Requests: 36 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdDd38gAAAAAFCGTIJxNy4d28zq6AU-xtr1WgYS&co=aHR0cHM6Ly9wYXRpZW50Lm1vb2xhaC5jYzo0NDM.&hl=en&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&cb=ouo96ezc2xpo
Frame ID: 38DF8D410471F29B72F6CEC980179AA3
Requests: 8 HTTP requests in this frame

Frame: https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706418534_875_b2k8l7354457b989p8_IWA_CHECKOUT_WIDGET
Frame ID: 94CFDDC330E38994750E5AC475B645A2
Requests: 22 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fpatient.moolah.cc&mid=
Frame ID: 9D67A9A706A6E68DE97D3FD14840635A
Requests: 13 HTTP requests in this frame

Frame: https://cdn.poynt.net/collect/index.html?paymentMethods%5B0%5D=apple_pay&paymentMethods%5B1%5D=google_pay&paymentMethods%5B2%5D=paze&businessId=b86fd1dc-12ba-412f-b933-191cff33a977&applicationId=urn%3Aaid%3Adf5ae5f0-6360-4024-819f-b7a17b92d5c7&sessionId=d60107b4-337a-41d7-b878-4a67482fae72&enableReCaptcha=false&enableCardOnFile=false
Frame ID: EA40AA8C5A4205F6A0CE8CF5DDF362C0
Requests: 7 HTTP requests in this frame

Frame: https://thm.visa.com/fp/tags?org_id=ge4f5xfn&session_id=bc_checkout_001lp1xxf
Frame ID: 2BA4334E1FA2577F15BB8875284F6B6E
Requests: 11 HTTP requests in this frame

Frame: https://xmt.paze.com/fp/tags?org_id=dubkxo24&session_id=bc_checkout_00192f14
Frame ID: 1889CB3FEB09C4A913177E82278AB3F7
Requests: 15 HTTP requests in this frame

Frame: https://cdn.poynt.net/collect/index.html?iFrame%5Bwidth%5D=100%25&iFrame%5Bheight%5D=165px&iFrame%5Bborder%5D=0px&iFrame%5BframeBorder%5D=0px&style%5Btheme%5D=customer&displayComponents%5BfirstName%5D=false&displayComponents%5BlastName%5D=false&displayComponents%5BemailAddress%5D=false&displayComponents%5BsubmitButton%5D=false&displayComponents%5BshowEndingPage%5D=false&displayComponents%5Blabels%5D=true&displayComponents%5BzipCode%5D=true&buttonOptions%5Btype%5D=plain&buttonOptions%5Bwidth%5D=400&buttonOptions%5Bheight%5D=50&businessId=b86fd1dc-12ba-412f-b933-191cff33a977&applicationId=urn%3Aaid%3Adf5ae5f0-6360-4024-819f-b7a17b92d5c7&sessionId=d60107b4-337a-41d7-b878-4a67482fae72&enableReCaptcha=false&enableCardOnFile=false
Frame ID: ECCA688AE7BA4B66EA43A0F6BEB9AAA6
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcdO24hAAAAABf5vhNrKlG7hX8gF_wM8xdtIiee&co=aHR0cHM6Ly9jZG4ucG95bnQubmV0OjQ0Mw..&hl=en&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&cb=hc7heb5e9k74
Frame ID: 2C44F8F25DADCB8246DDCB712B9FCE01
Requests: 8 HTTP requests in this frame

Frame: https://thm.visa.com/fp/ls_fp.html;CIS3SID=7B26224EA9E3E94653C4DB58241B5590?org_id=ge4f5xfn&session_id=bc_checkout_001lp1xxf&nonce=04a387c47059ecb3
Frame ID: 96925EC53E2C9C2D8068CCAD44CCF692
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=7B26224EA9E3E94653C4DB58241B5590?org_id=ge4f5xfn&session_id=bc_checkout_001lp1xxf&nonce=04a387c47059ecb3
Frame ID: 4FE7A458533A651F0A26733DD5A18AA8
Requests: 2 HTTP requests in this frame

Frame: https://thm.visa.com/fp/top_fp.html;CIS3SID=7B26224EA9E3E94653C4DB58241B5590?org_id=ge4f5xfn&session_id=bc_checkout_001lp1xxf&nonce=04a387c47059ecb3
Frame ID: 17ABBB568012368FA05D2977866FD0A6
Requests: 1 HTTP requests in this frame

Frame: https://xmt.paze.com/fp/HP?session_id=bc_checkout_00192f14&org_id=dubkxo24&nonce=a698d00fb37af09a&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Frame ID: 179E72A35DBA1AF9EA84421D51EC4D07
Requests: 3 HTTP requests in this frame

Frame: https://xmt.paze.com/fp/ls_fp.html;CIS3SID=E0061060494F5F4518665DC5ED47344C?org_id=dubkxo24&session_id=bc_checkout_00192f14&nonce=a698d00fb37af09a
Frame ID: 2AF2E856BF250EB0DB194F69CC56BB28
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=E0061060494F5F4518665DC5ED47344C?org_id=dubkxo24&session_id=bc_checkout_00192f14&nonce=a698d00fb37af09a
Frame ID: 7316CB13425B844DFD5BA0941BCA3378
Requests: 2 HTTP requests in this frame

Frame: https://xmt.paze.com/fp/top_fp.html;CIS3SID=E0061060494F5F4518665DC5ED47344C?org_id=dubkxo24&session_id=bc_checkout_00192f14&nonce=a698d00fb37af09a
Frame ID: CF6C0490ADA17C9EF368AE569CECD39B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Minal J Patel DMD - Online Payment Form

Page URL History Show full URLs

  1. https://www.payments.minal.dental/ HTTP 302
    https://patient.moolah.cc/paymentPage/minalpateldmd Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /alpine(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • pay\.google\.com/([a-z/]+)/pay\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /npm/sweetalert2@([\d.]+)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

149
Requests

98 %
HTTPS

55 %
IPv6

14
Domains

24
Subdomains

21
IPs

2
Countries

3587 kB
Transfer

11443 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.payments.minal.dental/ HTTP 302
    https://patient.moolah.cc/paymentPage/minalpateldmd Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61
  • https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 301
  • https://img1.wsimg.com/signals/js/clients/tccl/tccl.min.js
Request Chain 102
  • https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 301
  • https://img1.wsimg.com/signals/js/clients/tccl/tccl.min.js
Request Chain 119
  • https://h.online-metrix.net/fp/clear.png?org_id=dubkxo24&session_id=bc_checkout_00192f14&nonce=a698d00fb37af09a&gttl=155520000 HTTP 302
  • https://h.online-metrix.net/fp/clear.png?org_id=dubkxo24&session_id=bc_checkout_00192f14&nonce=a698d00fb37af09a&k=2

149 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request minalpateldmd
patient.moolah.cc/paymentPage/
Redirect Chain
  • https://www.payments.minal.dental/
  • https://patient.moolah.cc/paymentPage/minalpateldmd
36 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://patient.moolah.cc/paymentPage/minalpateldmd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.43.254.102 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
af5e6f10926689c0a1d8d5cda71c759534ddd4fc98162487e31db7273b744f64
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache, no-store
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sun, 28 Jan 2024 05:08:53 GMT
Pragma
no-cache
Request-Context
appId=cid-v1:6623279e-9fef-469c-8835-4b8f24be3c2c
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=2592000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
X-Powered-By
ASP.NET

Redirect headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
84c6b8567c8b25b8-MIA
date
Sun, 28 Jan 2024 05:08:52 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
location
https://patient.moolah.cc/paymentPage/minalpateldmd
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ouJi2oVcMJSlAeGFAWgzk7IYcPuPzUt9Qy9t5yx0Pl6Sutp4BqX0i7I3rKuWUkfyU3Do4TqQs%2FgB530yjsveTjkg6ZzNcCD2V6G%2Fx6FDJ9IwPnNaaOhcFYxqOxbNCYhdTHlgkOvxiKEelEEUTEM2dWdb0sy8QsOq"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/ 		190 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/bootstrap.min.css
Requested by
Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://patient.moolah.cc/
Origin
https://patient.moolah.cc
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 28 Jan 2024 05:08:53 GMT
x-content-type-options
nosniff
content-encoding
br
age
6499863
x-jsd-version
5.2.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
30336
x-served-by
cache-fra-eddf8230122-FRA, cache-mia-kmia1760064-MIA
x-jsd-version-type
version
etag
W/"2f955-d5HdHzFzoNYsw5wh0q1x/I2tDnI"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
0a5a7cf123.js
kit.fontawesome.com/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/0a5a7cf123.js
Requested by
Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efbe97f39eaec4c6adb8c62042e36241e14eded1837964b0991b13a03373a4ec

Request headers

Referer
https://patient.moolah.cc/
Origin
https://patient.moolah.cc
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 05:08:53 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
server
cloudflare
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
content-type
text/javascript
cache-control
max-age=60, public, stale-while-revalidate=30
cf-ray
84c6b85a4b787498-MIA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F64JHNLKs876atSkVjKB
bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/ 		64 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.css
Requested by
Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3c325075337b768950583012228055ae392e384688d77ec5235e6ca88dcec6ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://patient.moolah.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 28 Jan 2024 05:08:53 GMT
x-content-type-options
nosniff
content-encoding
br
age
4662539
x-jsd-version
1.5.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
8770
x-served-by
cache-fra-eddf8230101-FRA, cache-mia-kmia1760042-MIA
x-jsd-version-type
version
etag
W/"100a0-GGXd3Lt7Z9zvQlDlkMyalXSrpnM"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
0a5a7cf123.css
kit.fontawesome.com/ 		502 B
266 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/0a5a7cf123.css
Requested by
Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
809ab3efb71547b840817152b6f6420044d674175c04f591d3d03f14f340c98a

Request headers

Referer
https://patient.moolah.cc/
Origin
https://patient.moolah.cc
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 05:08:53 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
server
cloudflare
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
content-type
text/css
cache-control
max-age=300, public, stale-while-revalidate=30
cf-ray
84c6b85a4b767498-MIA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F63PsGetcrMJT9VVAHbh
jquery.min.js
patient.moolah.cc/lib/jquery/dist/ 		87 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://patient.moolah.cc/lib/jquery/dist/jquery.min.js
Requested by
Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.43.254.102 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://patient.moolah.cc/paymentPage/minalpateldmd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 28 Jan 2024 05:08:53 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Last-Modified
Thu, 18 Jan 2024 22:26:48 GMT
Server
Microsoft-IIS/10.0
ETag
"1da4a5d6ce09986"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Request-Context
appId=cid-v1:6623279e-9fef-469c-8835-4b8f24be3c2c
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/js/ 		79 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/js/bootstrap.bundle.min.js
Requested by
Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9520018fa5d81f4e4dc9d06afb576f90cbbaba209cfcc6cb60e1464647f7890b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://patient.moolah.cc/
Origin
https://patient.moolah.cc
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 28 Jan 2024 05:08:53 GMT
x-content-type-options
nosniff
content-encoding
br
age
2165940
x-jsd-version
5.2.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
24659
x-served-by
cache-fra-eddf8230056-FRA, cache-mia-kmia1760064-MIA
x-jsd-version-type
version
etag
W/"13a24-kNFQNu9I/LM2oTW66BK0VmnxkEQ"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
transparency-min.js
patient.moolah.cc/lib/transparency/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://patient.moolah.cc/lib/transparency/transparency-min.js
Requested by
Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.43.254.102 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4cda6bb8a89c326eebeed0502e3232d8bbb8c7404a923b47dd304bbd9e34d4a3
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://patient.moolah.cc/paymentPage/minalpateldmd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 28 Jan 2024 05:08:53 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Last-Modified
Thu, 18 Jan 2024 22:26:48 GMT
Server
Microsoft-IIS/10.0
ETag
"1da4a5d6ce1f39a"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Request-Context
appId=cid-v1:6623279e-9fef-469c-8835-4b8f24be3c2c
signaturepad.js
patient.moolah.cc/lib/signaturepad/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://patient.moolah.cc/lib/signaturepad/signaturepad.js
Requested by
Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.43.254.102 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
543775e5a94db5a6de359227d7a77d096aa627aabff43bbaab728dd08c628ce4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://patient.moolah.cc/paymentPage/minalpateldmd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 28 Jan 2024 05:08:53 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Last-Modified
Thu, 18 Jan 2024 22:26:48 GMT
Server
Microsoft-IIS/10.0
ETag
"1da4a5d6ce1e0a5"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Request-Context
appId=cid-v1:6623279e-9fef-469c-8835-4b8f24be3c2c
alpine.js
patient.moolah.cc/lib/alpine/ 		41 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://patient.moolah.cc/lib/alpine/alpine.js
Requested by
Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.43.254.102 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2c01d0b57063d9f32c96ed1a18f7590b596a4084213f551e1f6e03ab6b38792c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://patient.moolah.cc/paymentPage/minalpateldmd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 28 Jan 2024 05:08:53 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Last-Modified
Thu, 18 Jan 2024 22:26:48 GMT
Server
Microsoft-IIS/10.0
ETag
"1da4a5d6ce1668d"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Request-Context
appId=cid-v1:6623279e-9fef-469c-8835-4b8f24be3c2c
autonumeric.js
patient.moolah.cc/lib/autonumeric/ 		673 KB
181 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://patient.moolah.cc/lib/autonumeric/autonumeric.js
Requested by
Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.43.254.102 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1f4e21feed5736f48ba31de512e65b3c0a0e472b04e930940d9656e0f691017a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://patient.moolah.cc/paymentPage/minalpateldmd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 28 Jan 2024 05:08:53 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Last-Modified
Thu, 18 Jan 2024 22:26:48 GMT
Server
Microsoft-IIS/10.0
ETag
"1da4a5d6ceb4193"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Request-Context
appId=cid-v1:6623279e-9fef-469c-8835-4b8f24be3c2c
jquery-input-mask-phone-number.min.js
patient.moolah.cc/lib/jquery-input-mask-phone-number/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://patient.moolah.cc/lib/jquery-input-mask-phone-number/jquery-input-mask-phone-number.min.js
Requested by
Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.43.254.102 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
81405856ecdd7a56958515d7a90de46c8cf39e8fa097ed2cb305c79183b5cb9e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://patient.moolah.cc/paymentPage/minalpateldmd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 28 Jan 2024 05:08:53 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Last-Modified
Thu, 18 Jan 2024 22:26:48 GMT
Server
Microsoft-IIS/10.0
ETag
"1da4a5d6ce1d6d2"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Request-Context
appId=cid-v1:6623279e-9fef-469c-8835-4b8f24be3c2c
sweetalert2@10
cdn.jsdelivr.net/npm/ 		71 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/sweetalert2@10
Requested by
Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2d5fa531e30ac3debad673003128f1ca9ad3c964ef17b547377e7ed09bd4504f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://patient.moolah.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 28 Jan 2024 05:08:53 GMT
x-content-type-options
nosniff
content-encoding
br
age
38350
x-jsd-version
10.16.11
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
20505
x-served-by
cache-fra-etou8220022-FRA, cache-mia-kmia1760042-MIA
x-jsd-version-type
version
etag
W/"11dc8-k2jefS6LDTNa26qxcRQ+MH7V+1Q"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
site.js
patient.moolah.cc/js/ 		680 B
1001 B 		Script
General
Check archive.org
Download Go to
Full URL
https://patient.moolah.cc/js/site.js?v=A_rYjnAAXK8wydTBICCNAYk-BbQRUDjtuO3XuqjsPhc
Requested by
Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.43.254.102 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2068c1b1d70c20a53aef9e1817610fefb9e67648d2966aaa2164f42c722ec124
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://patient.moolah.cc/paymentPage/minalpateldmd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 28 Jan 2024 05:08:53 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Last-Modified
Thu, 18 Jan 2024 22:26:48 GMT
Server
Microsoft-IIS/10.0
ETag
"1da4a5d6ce1c6a8"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Request-Context
appId=cid-v1:6623279e-9fef-469c-8835-4b8f24be3c2c
getImage
patient.moolah.cc/system/ 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://patient.moolah.cc/system/getImage?guid=9a6ecf41-da93-44e9-dfb2-08da929558a8&c=b33ce1d3-a02b-49d0-b935-90eff7502936
Requested by
Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.43.254.102 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fcbc3c5f0c4a62e0cd9aabcfbe09d6ca01dd627e029ad1eb888745b832c405b3
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://patient.moolah.cc/paymentPage/minalpateldmd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
Date
Sun, 28 Jan 2024 05:08:53 GMT
Strict-Transport-Security
max-age=2592000
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Length
82620
Request-Context
appId=cid-v1:6623279e-9fef-469c-8835-4b8f24be3c2c
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LdDd38gAAAAAFCGTIJxNy4d28zq6AU-xtr1WgYS
Requested by
Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e1436774965a08aa0d002c8a8e5541807cadb02dac49274b0be804fe96334627
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://patient.moolah.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 05:08:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sun, 28 Jan 2024 05:08:53 GMT
lock-shield-protection.svg
www.moolah.cc/email/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.moolah.cc/email/lock-shield-protection.svg
Requested by
Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
459a26d5e3a70e69dfdcd34f204baf0b4dbeafb3f36930fb2224a8be475dda5e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://patient.moolah.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 05:08:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 10 Jul 2023 07:59:00 GMT
server
cloudflare
age
353486
etag
W/"64abba44-4db"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84c6b85c0d5ed9b5-MIA
alt-svc
h3=":443"; ma=86400
pro.min.css
ka-p.fontawesome.com/releases/v6.5.1/css/ 		669 KB
117 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.5.1/css/pro.min.css?token=0a5a7cf123
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/0a5a7cf123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c368e74321d2180806d6982ab26271a765594390c0d50a2e4fe452e901778d5e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://patient.moolah.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 05:08:53 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 30 Nov 2023 17:25:52 GMT
server
cloudflare
age
1067484
etag
"6568c5a0-1d52d"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
84c6b85b2c517498-MIA
content-length
120109
pro-v4-shims.min.css
ka-p.fontawesome.com/releases/v6.5.1/css/ 		27 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.5.1/css/pro-v4-shims.min.css?token=0a5a7cf123
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/0a5a7cf123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b3cf99ce39e5fc49169454f5639b5341dba747f16e3d01a5b9ebf50792e9a1c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://patient.moolah.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 05:08:53 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 30 Nov 2023 17:25:51 GMT
server
cloudflare
age
2796081
etag
"6568c59f-10e7"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
84c6b85b2c507498-MIA
content-length
4327
pro-v5-font-face.min.css
ka-p.fontawesome.com/releases/v6.5.1/css/ 		50 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.5.1/css/pro-v5-font-face.min.css?token=0a5a7cf123
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/0a5a7cf123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4946b36e5208a0a01e69ac05696229353e101faece5c1572e2a6177742bf7b5c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://patient.moolah.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 05:08:53 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 30 Nov 2023 17:25:52 GMT
server
cloudflare
age
170343
etag
"6568c5a0-1c12"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
84c6b85b2c4f7498-MIA
content-length
7186
pro-v4-font-face.min.css
ka-p.fontawesome.com/releases/v6.5.1/css/ 		7 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.5.1/css/pro-v4-font-face.min.css?token=0a5a7cf123
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/0a5a7cf123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58f2ed3e8753b14d9456de59f7a58f5089c81d1ce6691d80bbd4e58f145ffd2c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://patient.moolah.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 05:08:53 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 30 Nov 2023 17:25:51 GMT
server
cloudflare
age
370056
etag
"6568c59f-6c5"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
84c6b85b2c527498-MIA
content-length
1733
custom-icons.css
ka-p.fontawesome.com/assets/0a5a7cf123/47345454/ 		5 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/assets/0a5a7cf123/47345454/custom-icons.css?token=0a5a7cf123
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/0a5a7cf123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0a7121d883b013b1878e2b35aa86739d9ff85a3b9801bea0764f37f6c10b0c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://patient.moolah.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 05:08:53 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 16 Aug 2023 00:42:46 GMT
server
cloudflare
age
1032446
etag
W/"32deefaa419a16411c3a9b117a931063"
x-cache-status
MISS
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-ray
84c6b85b2c537498-MIA
pro.min.css
ka-p.fontawesome.com/releases/v6.5.1/css/ 		669 KB
117 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.5.1/css/pro.min.css?token=0a5a7cf123
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/0a5a7cf123.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c368e74321d2180806d6982ab26271a765594390c0d50a2e4fe452e901778d5e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://kit.fontawesome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 05:08:54 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 30 Nov 2023 17:25:52 GMT
server
cloudflare
etag
"6568c5a0-1d52d"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
84c6b85c5e59961a-MIA
content-length
120109
pro-v4-shims.min.css
ka-p.fontawesome.com/releases/v6.5.1/css/ 		27 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.5.1/css/pro-v4-shims.min.css?token=0a5a7cf123
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/0a5a7cf123.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b3cf99ce39e5fc49169454f5639b5341dba747f16e3d01a5b9ebf50792e9a1c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://kit.fontawesome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 05:08:53 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 30 Nov 2023 17:25:51 GMT
server
cloudflare
age
957108
etag
"6568c59f-10e7"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
84c6b85c5e5a961a-MIA
content-length
4327
pro-v5-font-face.min.css
ka-p.fontawesome.com/releases/v6.5.1/css/ 		50 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.5.1/css/pro-v5-font-face.min.css?token=0a5a7cf123
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/0a5a7cf123.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4946b36e5208a0a01e69ac05696229353e101faece5c1572e2a6177742bf7b5c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://kit.fontawesome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 05:08:53 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 30 Nov 2023 17:25:52 GMT
server
cloudflare
age
957108
etag
"6568c5a0-1c12"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
84c6b85c5e5b961a-MIA
content-length
7186
pro-v4-font-face.min.css
ka-p.fontawesome.com/releases/v6.5.1/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.5.1/css/pro-v4-font-face.min.css?token=0a5a7cf123
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/0a5a7cf123.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58f2ed3e8753b14d9456de59f7a58f5089c81d1ce6691d80bbd4e58f145ffd2c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://kit.fontawesome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 05:08:54 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 30 Nov 2023 17:25:51 GMT
server
cloudflare
etag
"6568c59f-6c5"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
84c6b85c5e5c961a-MIA
content-length
1733
custom-icons.css
ka-p.fontawesome.com/assets/0a5a7cf123/47345454/ 		5 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/assets/0a5a7cf123/47345454/custom-icons.css?token=0a5a7cf123
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/0a5a7cf123.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe78e21552bee8237a91924c072cc6ac69915a95cbf4bcd1f78c3612a277ddda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://kit.fontawesome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 05:08:54 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 16 Aug 2023 00:42:46 GMT
server
cloudflare
etag
W/"32deefaa419a16411c3a9b117a931063"
x-cache-status
HIT
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
84c6b85c5e5f961a-MIA
ai.2.min.js
js.monitor.azure.com/scripts/b/ 		120 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/b/ai.2.min.js
Requested by
Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6c14d731b13bcdec4325028eb0d8d2cb0190b3b1e65e0fcb52907fe6f55c2707

Request headers

Referer
https://patient.moolah.cc/
Origin
https://patient.moolah.cc
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 05:08:53 GMT
content-encoding
br
x-azure-ref-originshield
0d9+1ZQAAAABhIz8frWfCQbnvDaQ1X5L3TU5aMjIxMDYwNjEyMDIxAGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng==
content-md5
OTYl0s1WUyP5rZ8mTmvbyA==
x-cache
TCP_HIT
x-ms-meta-aijssdksrc
[cdn]/scripts/b/ai.2.8.16.min.js
last-modified
Wed, 20 Sep 2023 16:12:29 GMT
x-ms-meta-aijssdkver
2.8.16
etag
0x8DBB9F46341BD96
x-azure-ref
0ZuG1ZQAAAADmmSoa8rQiSo1tb29xk29dQk4xQUEyMDUxMDE5MDUxAGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng==
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
833c4a8c-501e-0057-2da5-512ab6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdksrc,x-ms-meta-aijssdkver,x-ms-meta-lastmodified,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-ms-version
2009-09-19
recaptcha__en.js
www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/ 		481 KB
193 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdDd38gAAAAAFCGTIJxNy4d28zq6AU-xtr1WgYS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cccbd316b2e050d41ebf62c8c613d5bfae33cd43104ac3b772c9e10950a3dbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://patient.moolah.cc/
Origin
https://patient.moolah.cc
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 05:01:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
425
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
196969
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 05:28:49 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 27 Jan 2025 05:01:49 GMT
collect.js
cdn.poynt.net/ 		328 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.poynt.net/collect.js
Requested by
Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-92.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b171fe05b9b61912cc25454c52153d374b2b434144833f4396f5fd40138da15

Request headers

accept-language
en-US,en;q=0.9
Referer
https://patient.moolah.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
X_euGqT2NqN_m_59DTirI9VIAgKhcqdV
Content-Encoding
gzip
Via
1.1 5a8a3f9dea8033ff97627e0a0c6df032.cloudfront.net (CloudFront)
Date
Sun, 28 Jan 2024 01:37:44 GMT
X-Amz-Cf-Pop
JFK50-P3
Age
12672
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Last-Modified
Tue, 09 Jan 2024 17:06:24 GMT
Server
AmazonS3
ETag
W/"e2da51fbf119e1d064b41740e1185dce"
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Amz-Cf-Id
a-f5MN6uaqGWUKlrU3DMZ8pebuwqnulY7icj_HrfNJxcbjw0HoivpA==
sf-pro-text-regular.woff
www.moolah.cc/email/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.moolah.cc/email/sf-pro-text-regular.woff
Requested by
Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cf757e2a28dc52d28c78a37806db55bc037ebbf5849bd8b95e5ed77f3a85bef

Request headers

Referer
https://patient.moolah.cc/
Origin
https://patient.moolah.cc
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 05:08:54 GMT
cf-cache-status
HIT
last-modified
Mon, 10 Jul 2023 07:59:01 GMT
server
cloudflare
age
9190
etag
"64abba45-9284"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
84c6b8606c287439-MIA
alt-svc
h3=":443"; ma=86400
content-length
37508
sf-pro-text-bold.woff
www.moolah.cc/email/ 		42 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.moolah.cc/email/sf-pro-text-bold.woff
Requested by
Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7d7d349a66170e207f7c717f260828716a1f2c296e8aafeb474fdc61237afd4

Request headers

Referer
https://patient.moolah.cc/
Origin
https://patient.moolah.cc
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 05:08:54 GMT
cf-cache-status
HIT
last-modified
Mon, 10 Jul 2023 07:59:00 GMT
server
cloudflare
age
719301
etag
"64abba44-a634"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
84c6b8606c227439-MIA
alt-svc
h3=":443"; ma=86400
content-length
42548
sf-pro-text-medium.woff
www.moolah.cc/email/ 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.moolah.cc/email/sf-pro-text-medium.woff
Requested by
Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
88a7829f6e1acbb3def39f71753973f7a7c630709d05334e26c6d33b5befd825

Request headers

Referer
https://patient.moolah.cc/
Origin
https://patient.moolah.cc
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 05:08:54 GMT
cf-cache-status
HIT
last-modified
Mon, 10 Jul 2023 07:59:01 GMT
server
cloudflare
age
9190
etag
"64abba45-ac94"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
84c6b8606c267439-MIA
alt-svc
h3=":443"; ma=86400
content-length
44180
pay.js
pay.google.com/gp/p/js/ 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: cdn.poynt.net
URL: https://cdn.poynt.net/collect.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
83ddb29456c41da1e77cce82a8884218608d69596779ecb8ccb1cf44bbd2da63
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-K1EzTd7CLi-cMyq1G6a3sg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://patient.moolah.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 05:08:54 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-K1EzTd7CLi-cMyq1G6a3sg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/gp/p/_/InstantbuyFrontendHttp/web-reports?context=eJzjqtHikmJw0ZBiWF4qxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3b8XTO--vGTi-PqSSQKI1YB4h48Hi5jPdNY34dNZ2SKms8bVTWfNAWK-ddNZNddPZ22JnsE6CYid0mewBgCxEA_Hs0PX17IJzFjT1s0MAOG7Nxw"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Sun, 28 Jan 2024 05:08:54 GMT
digitalwallet-sdk.js
checkout.paze.com/web/resources/js/ 		87 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://checkout.paze.com/web/resources/js/digitalwallet-sdk.js?id=BZTSGJ5554C9KTTUNQCK21_3-pBQgEwsJ0IPORgO-zUhsv1UA
Requested by
Host: cdn.poynt.net
URL: https://cdn.poynt.net/collect.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.1.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dea71bdbc24eda3757d4e3eeb0ebfd950c5434d29a844867ecaec24b8ee3e124
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' *.visa.com *.googleapis.com *.google-analytics.com; default-src 'self' *.visa.com; font-src 'self'; frame-ancestors 'none'; frame-src https: data: 'self' *.visa.com; img-src https: data: 'self' *.visa.com; media-src 'none'; object-src 'none'; script-src https: 'self' *.visa.com 'unsafe-eval'; script-src-elem https: 'self' *.visa.com 'unsafe-inline' 'unsafe-eval'; style-src https: 'self' *.visa.com 'unsafe-inline'; style-src-elem https: 'self' *.visa.com 'unsafe-inline';
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://patient.moolah.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 05:08:54 GMT
x-correlation-id
1_1706418534_824_b2k8l7354457b989p8_IWA_CHECKOUT_WIDGET
x-content-type-options
nosniff
content-security-policy
base-uri 'none'; connect-src 'self' *.visa.com *.googleapis.com *.google-analytics.com; default-src 'self' *.visa.com; font-src 'self'; frame-ancestors 'none'; frame-src https: data: 'self' *.visa.com; img-src https: data: 'self' *.visa.com; media-src 'none'; object-src 'none'; script-src https: 'self' *.visa.com 'unsafe-eval'; script-src-elem https: 'self' *.visa.com 'unsafe-inline' 'unsafe-eval'; style-src https: 'self' *.visa.com 'unsafe-inline'; style-src-elem https: 'self' *.visa.com 'unsafe-inline';
content-encoding
br
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
MISS
x-served-by
b2k8l7354457b989p8
last-modified
Thu, 30 Nov 2023 23:24:32 GMT
server
cloudflare
etag
W/"15d84-18c228c5b12"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=14400
cf-ray
84c6b8626ccc21e2-MIA
expires
Sun, 28 Jan 2024 09:08:54 GMT
anchor
www.google.com/recaptcha/api2/ Frame 38DF 		44 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdDd38gAAAAAFCGTIJxNy4d28zq6AU-xtr1WgYS&co=aHR0cHM6Ly9wYXRpZW50Lm1vb2xhaC5jYzo0NDM.&hl=en&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&cb=ouo96ezc2xpo
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1efddb924cb0f78a6f3e5a2137fa9ea3c4663b9dc3c45f6031d547d8c9ab2170
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PmAHoGvjxxeYkwYWIibAnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://patient.moolah.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-PmAHoGvjxxeYkwYWIibAnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 28 Jan 2024 05:08:54 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
communicator
checkout.paze.com/web/ Frame 94CF 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706418534_875_b2k8l7354457b989p8_IWA_CHECKOUT_WIDGET
Requested by
Host: checkout.paze.com
URL: https://checkout.paze.com/web/resources/js/digitalwallet-sdk.js?id=BZTSGJ5554C9KTTUNQCK21_3-pBQgEwsJ0IPORgO-zUhsv1UA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.1.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bea98833ee3d809de89c3997c437cd14064ed4fc0031e77096144d145e52cdb0
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' *.visa.com *.googleapis.com *.google-analytics.com; default-src 'self' *.visa.com; font-src 'self'; frame-src https: data: 'self' *.visa.com; img-src https: data: 'self' *.visa.com; media-src 'none'; object-src 'none'; script-src https: 'self' *.visa.com 'unsafe-eval'; script-src-elem https: 'self' *.visa.com 'unsafe-inline' 'unsafe-eval'; style-src https: 'self' *.visa.com 'unsafe-inline'; style-src-elem https: 'self' *.visa.com 'unsafe-inline';
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://patient.moolah.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
84c6b8633d5f21e2-MIA
content-encoding
br
content-security-policy
base-uri 'none'; connect-src 'self' *.visa.com *.googleapis.com *.google-analytics.com; default-src 'self' *.visa.com; font-src 'self'; frame-src https: data: 'self' *.visa.com; img-src https: data: 'self' *.visa.com; media-src 'none'; object-src 'none'; script-src https: 'self' *.visa.com 'unsafe-eval'; script-src-elem https: 'self' *.visa.com 'unsafe-inline' 'unsafe-eval'; style-src https: 'self' *.visa.com 'unsafe-inline'; style-src-elem https: 'self' *.visa.com 'unsafe-inline';
content-type
text/html; charset=utf-8
date
Sun, 28 Jan 2024 05:08:54 GMT
etag
W/"p5yuc9fatf1q5"
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-correlation-id
1_1706418534_875_b2k8l7354457b989p8_IWA_CHECKOUT_WIDGET
x-served-by
b2k8l7354457b98p
payframe
pay.google.com/gp/p/ui/ Frame 9D67 		19 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fpatient.moolah.cc&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fea8a18bf01fd6124fd42a3a4d8f839e67534ac781ea70d46ceb34f349306da7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YWSgCRs91B1YGqfOXbV58Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://patient.moolah.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-YWSgCRs91B1YGqfOXbV58Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Sun, 28 Jan 2024 05:08:55 GMT
expires
Sun, 28 Jan 2024 05:08:55 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
reporting-endpoints
default="/gp/p/_/InstantbuyFrontendBuyflowPayframeUi/web-reports?context=eJzjqtHikmJw0ZBiWF4qxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3b8XTO--vGTi-PqSSQKI1YB4h48Hi5jPdNY34dNZ2SKms8bVTWfNAWK-ddNZNddPZ22JnsE6CYid0mewBgCxEDfH80PX17IJfNg0yR4Aq9s3Nw"
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
index.html
cdn.poynt.net/collect/ Frame EA40 		742 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.poynt.net/collect/index.html?paymentMethods%5B0%5D=apple_pay&paymentMethods%5B1%5D=google_pay&paymentMethods%5B2%5D=paze&businessId=b86fd1dc-12ba-412f-b933-191cff33a977&applicationId=urn%3Aaid%3Adf5ae5f0-6360-4024-819f-b7a17b92d5c7&sessionId=d60107b4-337a-41d7-b878-4a67482fae72&enableReCaptcha=false&enableCardOnFile=false
Requested by
Host: cdn.poynt.net
URL: https://cdn.poynt.net/collect.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-92.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7df2bb71378a86f7de113d17a1766e50aae7b679c1fa25adc8aa23c153f89e27

Request headers

Referer
https://patient.moolah.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Age
77567
Connection
keep-alive
Content-Length
742
Content-Type
text/html
Date
Sat, 27 Jan 2024 07:36:09 GMT
ETag
"34ec6f6eeadfb689dab02af4443ffcac"
Last-Modified
Tue, 09 Jan 2024 17:06:25 GMT
Server
AmazonS3
Vary
Accept-Encoding
Via
1.1 5a8a3f9dea8033ff97627e0a0c6df032.cloudfront.net (CloudFront)
X-Amz-Cf-Id
FmT0pUKp4gvNjVV_jHYASI7V5MNbvaKjmvSGZqUbM4_hJK_e2LYKlA==
X-Amz-Cf-Pop
JFK50-P3
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
tSYxw13QEIpreYtDHun_ZI.ClRHXeGtG
styles__ltr.css
www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/ Frame 38DF 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdDd38gAAAAAFCGTIJxNy4d28zq6AU-xtr1WgYS&co=aHR0cHM6Ly9wYXRpZW50Lm1vb2xhaC5jYzo0NDM.&hl=en&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&cb=ouo96ezc2xpo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 00:34:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16457
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 05:28:49 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 27 Jan 2025 00:34:38 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/ Frame 38DF 		481 KB
192 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdDd38gAAAAAFCGTIJxNy4d28zq6AU-xtr1WgYS&co=aHR0cHM6Ly9wYXRpZW50Lm1vb2xhaC5jYzo0NDM.&hl=en&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&cb=ouo96ezc2xpo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cccbd316b2e050d41ebf62c8c613d5bfae33cd43104ac3b772c9e10950a3dbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 05:01:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
426
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
196969
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 05:28:49 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 27 Jan 2025 05:01:49 GMT
69a5ce675a541060-s.p.woff2
checkout.paze.com/web/_next/static/media/ Frame 94CF 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://checkout.paze.com/web/_next/static/media/69a5ce675a541060-s.p.woff2
Requested by
Host: checkout.paze.com
URL: https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706418534_875_b2k8l7354457b989p8_IWA_CHECKOUT_WIDGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.1.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6af08ac316a08e4311e44f7ccb5196f43389dda40ab5a2566871c7a0efe33894
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706418534_875_b2k8l7354457b989p8_IWA_CHECKOUT_WIDGET
Origin
https://checkout.paze.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 05:08:55 GMT
x-correlation-id
1_1700946012_026_b2k8l73777b48c67v6w7_IWA_CHECKOUT_WIDGET
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
age
5067664
content-length
36380
x-served-by
b2k8l73777b48c67v6w7
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
cloudflare
etag
W/"8e1c-3e8"
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
84c6b8644e1c21e2-MIA
expires
Mon, 27 Jan 2025 05:08:55 GMT
8017a9285af7ff8f-s.p.woff2
checkout.paze.com/web/_next/static/media/ Frame 94CF 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://checkout.paze.com/web/_next/static/media/8017a9285af7ff8f-s.p.woff2
Requested by
Host: checkout.paze.com
URL: https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706418534_875_b2k8l7354457b989p8_IWA_CHECKOUT_WIDGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.1.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d84875fea8da82503a6a562dfd4b9951f39c3931246a0302206949ad69399042
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706418534_875_b2k8l7354457b989p8_IWA_CHECKOUT_WIDGET
Origin
https://checkout.paze.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 05:08:55 GMT
x-correlation-id
1_1699195112_317_b2k8l73777b48c67s6_IWA_CHECKOUT_WIDGET
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
age
5070190
content-length
36616
x-served-by
b2k8l73777b48c67s6
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
cloudflare
etag
W/"8f08-3e8"
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
84c6b8644e1e21e2-MIA
expires
Mon, 27 Jan 2025 05:08:55 GMT
f6f9069615fac772-s.p.woff2
checkout.paze.com/web/_next/static/media/ Frame 94CF 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://checkout.paze.com/web/_next/static/media/f6f9069615fac772-s.p.woff2
Requested by
Host: checkout.paze.com
URL: https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706418534_875_b2k8l7354457b989p8_IWA_CHECKOUT_WIDGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.1.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8087a9d7bf1aca68d19ada4a7e83e7750e3bf6c67573370e8b486051b9ea0d8d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706418534_875_b2k8l7354457b989p8_IWA_CHECKOUT_WIDGET
Origin
https://checkout.paze.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 05:08:55 GMT
x-correlation-id
1_1701425075_442_b2k8l7354457b98g8_IWA_CHECKOUT_WIDGET
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
age
4993460
content-length
36772
x-served-by
b2k8l7354457b98g8
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
cloudflare
etag
W/"8fa4-3e8"
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
84c6b8644e2021e2-MIA
expires
Mon, 27 Jan 2025 05:08:55 GMT
a2ed6284e782df84.css
checkout.paze.com/web/_next/static/css/ Frame 94CF 		25 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://checkout.paze.com/web/_next/static/css/a2ed6284e782df84.css
Requested by
Host: checkout.paze.com
URL: https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706418534_875_b2k8l7354457b989p8_IWA_CHECKOUT_WIDGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.1.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5066f729303a405249469775a90c2a4cee6d523cd413a65813c5082537ca19c4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706418534_875_b2k8l7354457b989p8_IWA_CHECKOUT_WIDGET
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 05:08:55 GMT
x-correlation-id
2_1701225345_598_b2k8l5558559964955h7j_IWA_CHECKOUT_WIDGET
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
age
5177948
content-encoding
br
x-served-by
b2k8l5558559964955h7j
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
cloudflare
etag
W/"63ff-3e8"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
84c6b8644e1a21e2-MIA
expires
Mon, 27 Jan 2025 05:08:55 GMT
366-ca62b210402d0901.js
checkout.paze.com/web/_next/static/chunks/ Frame 94CF 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://checkout.paze.com/web/_next/static/chunks/366-ca62b210402d0901.js
Requested by
Host: checkout.paze.com
URL: https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706418534_875_b2k8l7354457b989p8_IWA_CHECKOUT_WIDGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.1.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a95ae34eadc3618039d66982956ad1a20c56f1ec57489562d42d4ba01c5f722
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706418534_875_b2k8l7354457b989p8_IWA_CHECKOUT_WIDGET
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 05:08:55 GMT
x-correlation-id
1_1699383004_794_b2k8l73777b48c67q_IWA_CHECKOUT_WIDGET
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
age
6873900
content-encoding
br
x-served-by
b2k8l73777b48c67q
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
cloudflare
etag
W/"85d8-3e8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
84c6b8646e2c21e2-MIA
expires
Mon, 27 Jan 2025 05:08:55 GMT
166-93cb71aa09d8d929.js
checkout.paze.com/web/_next/static/chunks/ Frame 94CF 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://checkout.paze.com/web/_next/static/chunks/166-93cb71aa09d8d929.js
Requested by
Host: checkout.paze.com
URL: https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706418534_875_b2k8l7354457b989p8_IWA_CHECKOUT_WIDGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.1.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95c64e2a5edc5cf2f7e4f9f99dde4e772666088edf6c27b6846c5c27421db965
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706418534_875_b2k8l7354457b989p8_IWA_CHECKOUT_WIDGET
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 05:08:55 GMT
x-correlation-id
1_1701399569_120_b2k8l7354457b98s9s_IWA_CHECKOUT_WIDGET
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
age
4994262
content-encoding
br
x-served-by
b2k8l7354457b98s9s
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
cloudflare
etag
W/"9db3-3e8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
84c6b8646e2e21e2-MIA
expires
Mon, 27 Jan 2025 05:08:55 GMT
770.c2079d2f07697879.js
checkout.paze.com/web/_next/static/chunks/ Frame 94CF 		219 B
286 B 		Script
General
Check archive.org
Download Go to
Full URL
https://checkout.paze.com/web/_next/static/chunks/770.c2079d2f07697879.js
Requested by
Host: checkout.paze.com
URL: https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706418534_875_b2k8l7354457b989p8_IWA_CHECKOUT_WIDGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.1.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a85f1f79a1e5eb0253b9d7fb0b81304d1532f062a4505d5d6e26040b699c669c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706418534_875_b2k8l7354457b989p8_IWA_CHECKOUT_WIDGET
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 05:08:55 GMT
x-correlation-id
1_1701073025_183_b2k8l73777b48c67q_IWA_CHECKOUT_WIDGET
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
age
5144093
content-encoding
br
x-served-by
b2k8l73777b48c67q
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
cloudflare
etag
W/"db-3e8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
84c6b8646e2f21e2-MIA
expires
Mon, 27 Jan 2025 05:08:55 GMT
webpack-5039b9e58f3206d7.js
checkout.paze.com/web/_next/static/chunks/ Frame 94CF 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://checkout.paze.com/web/_next/static/chunks/webpack-5039b9e58f3206d7.js
Requested by
Host: checkout.paze.com
URL: https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706418534_875_b2k8l7354457b989p8_IWA_CHECKOUT_WIDGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.1.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f1a84e11f04dcb79a2f1c939c2d527b892f531ae0e2884a6635b707343eb184
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706418534_875_b2k8l7354457b989p8_IWA_CHECKOUT_WIDGET
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 05:08:55 GMT
x-correlation-id
2_1701382788_501_b2k8l5575c589c47w54h_IWA_CHECKOUT_WIDGET
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
age
5035691
content-encoding
br
x-served-by
b2k8l5575c589c47w54h
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
cloudflare
etag
W/"dd8-3e8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
84c6b8646e3121e2-MIA
expires
Mon, 27 Jan 2025 05:08:55 GMT
framework-63157d71ad419e09.js
checkout.paze.com/web/_next/static/chunks/ Frame 94CF 		138 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://checkout.paze.com/web/_next/static/chunks/framework-63157d71ad419e09.js
Requested by
Host: checkout.paze.com
URL: https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706418534_875_b2k8l7354457b989p8_IWA_CHECKOUT_WIDGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.1.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a67c791841e3e122c4961cbe8bac2ffbf8ccac274d6475ac4bf8597eede4379
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706418534_875_b2k8l7354457b989p8_IWA_CHECKOUT_WIDGET
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 05:08:55 GMT
x-correlation-id
1_1699297205_504_b2k8l73777b48c67q_IWA_CHECKOUT_WIDGET
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
age
6891196
content-encoding
br
x-served-by
b2k8l73777b48c67q
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
cloudflare
etag
W/"226d8-3e8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
84c6b8646e3221e2-MIA
expires
Mon, 27 Jan 2025 05:08:55 GMT
main-c094492bcfee1c54.js
checkout.paze.com/web/_next/static/chunks/ Frame 94CF 		103 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://checkout.paze.com/web/_next/static/chunks/main-c094492bcfee1c54.js
Requested by
Host: checkout.paze.com
URL: https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706418534_875_b2k8l7354457b989p8_IWA_CHECKOUT_WIDGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.1.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7a89d474401a5b366d5914dbe46dd043dd9a9209c6df0cbc6bd1c6d3cbfcde7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706418534_875_b2k8l7354457b989p8_IWA_CHECKOUT_WIDGET
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 05:08:55 GMT
x-correlation-id
2_1701399569_684_b2k8l5575c589c47k_IWA_CHECKOUT_WIDGET
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
age
4982276
content-encoding
br
x-served-by
b2k8l5575c589c47k
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
cloudflare
etag
W/"19a18-3e8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
84c6b8646e3321e2-MIA
expires
Mon, 27 Jan 2025 05:08:55 GMT
_app-4fb1d2d0e6ec6ec5.js
checkout.paze.com/web/_next/static/chunks/pages/ Frame 94CF 		88 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://checkout.paze.com/web/_next/static/chunks/pages/_app-4fb1d2d0e6ec6ec5.js
Requested by
Host: checkout.paze.com
URL: https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706418534_875_b2k8l7354457b989p8_IWA_CHECKOUT_WIDGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.1.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a2d69b63163919542fbb8c2d64a9ebd81db9efebb7d10b968d458c0dd4c9abe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706418534_875_b2k8l7354457b989p8_IWA_CHECKOUT_WIDGET
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 05:08:55 GMT
x-correlation-id
2_1701102950_381_b2k8l555855996495n92q_IWA_CHECKOUT_WIDGET
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
age
5172337
content-encoding
br
x-served-by
b2k8l555855996495n92q
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
cloudflare
etag
W/"15ea9-3e8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
84c6b8648e4521e2-MIA
expires
Mon, 27 Jan 2025 05:08:55 GMT
communicator-760f56849712beb0.js
checkout.paze.com/web/_next/static/chunks/pages/ Frame 94CF 		1 KB
883 B 		Script
General
Check archive.org
Download Go to
Full URL
https://checkout.paze.com/web/_next/static/chunks/pages/communicator-760f56849712beb0.js
Requested by
Host: checkout.paze.com
URL: https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706418534_875_b2k8l7354457b989p8_IWA_CHECKOUT_WIDGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.1.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43d8ce764edece404b6fa936be8a8430f8bce9db358669edd967052ff08616e8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706418534_875_b2k8l7354457b989p8_IWA_CHECKOUT_WIDGET
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 05:08:55 GMT
x-correlation-id
1_1701309706_237_b2k8l73777b48c67s6_IWA_CHECKOUT_WIDGET
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
age
5077097
content-encoding
br
x-served-by
b2k8l73777b48c67s6
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
cloudflare
etag
W/"56e-3e8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
84c6b8648e4621e2-MIA
expires
Mon, 27 Jan 2025 05:08:55 GMT
_buildManifest.js
checkout.paze.com/web/_next/static/_Oid0uLYBUa1hBgaz5wKk/ Frame 94CF 		2 KB
1019 B 		Script
General
Check archive.org
Download Go to
Full URL
https://checkout.paze.com/web/_next/static/_Oid0uLYBUa1hBgaz5wKk/_buildManifest.js
Requested by
Host: checkout.paze.com
URL: https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706418534_875_b2k8l7354457b989p8_IWA_CHECKOUT_WIDGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.1.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e436bb99f7b3d50bf6451b9eacd965eafff9f05b3edee7455ae83c8d28957d7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706418534_875_b2k8l7354457b989p8_IWA_CHECKOUT_WIDGET
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 05:08:55 GMT
x-correlation-id
2_1701382778_160_b2k8l5575c589c47n_IWA_CHECKOUT_WIDGET
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
age
5035683
content-encoding
br
x-served-by
b2k8l5575c589c47n
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
cloudflare
etag
W/"917-3e8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
84c6b8648e4921e2-MIA
expires
Mon, 27 Jan 2025 05:08:55 GMT
_ssgManifest.js
checkout.paze.com/web/_next/static/_Oid0uLYBUa1hBgaz5wKk/ Frame 94CF 		348 B
430 B 		Script
General
Check archive.org
Download Go to
Full URL
https://checkout.paze.com/web/_next/static/_Oid0uLYBUa1hBgaz5wKk/_ssgManifest.js
Requested by
Host: checkout.paze.com
URL: https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706418534_875_b2k8l7354457b989p8_IWA_CHECKOUT_WIDGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.1.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4283e11439e7b626f568defa9d3a9be24fcf25af1d7f747cc6f42b5a208fdcfd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706418534_875_b2k8l7354457b989p8_IWA_CHECKOUT_WIDGET
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 05:08:55 GMT
x-correlation-id
2_1701382788_511_b2k8l5575c589c47z2_IWA_CHECKOUT_WIDGET
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
age
5035714
content-encoding
br
x-served-by
b2k8l5575c589c47z2
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
cloudflare
etag
W/"15c-3e8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
84c6b8648e4c21e2-MIA
expires
Mon, 27 Jan 2025 05:08:55 GMT
main.baaf5f56.js
cdn.poynt.net/collect/static/js/ Frame EA40 		502 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.poynt.net/collect/static/js/main.baaf5f56.js
Requested by
Host: cdn.poynt.net
URL: https://cdn.poynt.net/collect/index.html?paymentMethods%5B0%5D=apple_pay&paymentMethods%5B1%5D=google_pay&paymentMethods%5B2%5D=paze&businessId=b86fd1dc-12ba-412f-b933-191cff33a977&applicationId=urn%3Aaid%3Adf5ae5f0-6360-4024-819f-b7a17b92d5c7&sessionId=d60107b4-337a-41d7-b878-4a67482fae72&enableReCaptcha=false&enableCardOnFile=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-92.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e83d497a0603364e9586a8a3521a761f48858e1e7de748eb4e469766c500c71e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.poynt.net/collect/index.html?paymentMethods%5B0%5D=apple_pay&paymentMethods%5B1%5D=google_pay&paymentMethods%5B2%5D=paze&businessId=b86fd1dc-12ba-412f-b933-191cff33a977&applicationId=urn%3Aaid%3Adf5ae5f0-6360-4024-819f-b7a17b92d5c7&sessionId=d60107b4-337a-41d7-b878-4a67482fae72&enableReCaptcha=false&enableCardOnFile=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
RjxNpQuXFCNB7_IZ3lQtGpDCbnwbcfGk
Content-Encoding
gzip
Via
1.1 5a8a3f9dea8033ff97627e0a0c6df032.cloudfront.net (CloudFront)
Date
Sat, 27 Jan 2024 14:05:11 GMT
X-Amz-Cf-Pop
JFK50-P3
Age
54225
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Last-Modified
Tue, 09 Jan 2024 17:06:25 GMT
Server
AmazonS3
ETag
W/"5d2625e6351777f666faebee7af6bb2e"
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Amz-Cf-Id
3i_SuEkzneA-YOhB-hwMzXsw3Up3kfNtVauGjNrQwLCk1sXw-eE4ig==
main.7f7ece38.css
cdn.poynt.net/collect/static/css/ Frame EA40 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.poynt.net/collect/static/css/main.7f7ece38.css
Requested by
Host: cdn.poynt.net
URL: https://cdn.poynt.net/collect/index.html?paymentMethods%5B0%5D=apple_pay&paymentMethods%5B1%5D=google_pay&paymentMethods%5B2%5D=paze&businessId=b86fd1dc-12ba-412f-b933-191cff33a977&applicationId=urn%3Aaid%3Adf5ae5f0-6360-4024-819f-b7a17b92d5c7&sessionId=d60107b4-337a-41d7-b878-4a67482fae72&enableReCaptcha=false&enableCardOnFile=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-92.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c9fe096d933b4cc05ec5d18f284c5e75f84b4c6b4b4c3a21fbe70602d1bd8cde

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.poynt.net/collect/index.html?paymentMethods%5B0%5D=apple_pay&paymentMethods%5B1%5D=google_pay&paymentMethods%5B2%5D=paze&businessId=b86fd1dc-12ba-412f-b933-191cff33a977&applicationId=urn%3Aaid%3Adf5ae5f0-6360-4024-819f-b7a17b92d5c7&sessionId=d60107b4-337a-41d7-b878-4a67482fae72&enableReCaptcha=false&enableCardOnFile=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
UZzRUaNMW9q0ocXZ5m8RpwUVxDpaZlQR
Content-Encoding
gzip
Via
1.1 84eb14fd35e56c52f969c1decfba148c.cloudfront.net (CloudFront)
Date
Sat, 27 Jan 2024 05:12:24 GMT
X-Amz-Cf-Pop
JFK50-P3
Age
86227
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Last-Modified
Tue, 09 Jan 2024 17:06:25 GMT
Server
AmazonS3
ETag
W/"93492fd5625e828aab0ed373d20bb5a3"
Vary
Accept-Encoding
Content-Type
text/css
X-Amz-Cf-Id
gANazRyFmeNJFJeu0mDgx7N3bFnHtHsj1wI_mIp7Wo2ZUWT2GBucAg==
m=_b,_tp
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.9Tp6igBUtNg.es5.O/am=gCEM/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMi... Frame 9D67 		158 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.9Tp6igBUtNg.es5.O/am=gCEM/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgSrcDRKU4imO-C2NOc4FTCEMe6BA/m=_b,_tp
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fpatient.moolah.cc&mid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54b7b3674f73f1375a349af53b10ba2a4362b4f0cf6e544a52ac9d24aebb21a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 17:17:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
129112
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57346
x-xss-protection
0
last-modified
Fri, 26 Jan 2024 08:06:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Jan 2025 17:17:03 GMT
cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 9D67 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by
Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::5c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer
https://pay.google.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sun, 28 Jan 2024 05:08:55 GMT
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1608
content-type
text/html; charset=UTF-8
communicator.js
checkout.paze.com/web/resources/js/ Frame 94CF 		71 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://checkout.paze.com/web/resources/js/communicator.js
Requested by
Host: checkout.paze.com
URL: https://checkout.paze.com/web/_next/static/chunks/main-c094492bcfee1c54.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.1.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a7d4b21b3012f18da0be075ac6b66086b242de02dbdcf8514f1d12e57799dc6
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' *.visa.com *.googleapis.com *.google-analytics.com; default-src 'self' *.visa.com; font-src 'self'; frame-ancestors 'none'; frame-src https: data: 'self' *.visa.com; img-src https: data: 'self' *.visa.com; media-src 'none'; object-src 'none'; script-src https: 'self' *.visa.com 'unsafe-eval'; script-src-elem https: 'self' *.visa.com 'unsafe-inline' 'unsafe-eval'; style-src https: 'self' *.visa.com 'unsafe-inline'; style-src-elem https: 'self' *.visa.com 'unsafe-inline';
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706418534_875_b2k8l7354457b989p8_IWA_CHECKOUT_WIDGET
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 05:08:55 GMT
x-correlation-id
1_1706418535_341_b2k8l7354457b987m7_IWA_CHECKOUT_WIDGET
x-content-type-options
nosniff
content-security-policy
base-uri 'none'; connect-src 'self' *.visa.com *.googleapis.com *.google-analytics.com; default-src 'self' *.visa.com; font-src 'self'; frame-ancestors 'none'; frame-src https: data: 'self' *.visa.com; img-src https: data: 'self' *.visa.com; media-src 'none'; object-src 'none'; script-src https: 'self' *.visa.com 'unsafe-eval'; script-src-elem https: 'self' *.visa.com 'unsafe-inline' 'unsafe-eval'; style-src https: 'self' *.visa.com 'unsafe-inline'; style-src-elem https: 'self' *.visa.com 'unsafe-inline';
content-encoding
br
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
MISS
x-served-by
b2k8l7354457b987m7
last-modified
Thu, 30 Nov 2023 23:24:07 GMT
server
cloudflare
etag
W/"11db4-18c228bf816"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=14400
cf-ray
84c6b865af1721e2-MIA
expires
Sun, 28 Jan 2024 09:08:55 GMT
vba-3.1.2.min.js
checkout.paze.com/web/resources/js/ Frame 94CF 		239 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://checkout.paze.com/web/resources/js/vba-3.1.2.min.js
Requested by
Host: checkout.paze.com
URL: https://checkout.paze.com/web/_next/static/chunks/main-c094492bcfee1c54.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.1.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19e90ebccf9d2ff6c5e30b8127c754591d24adf28002986833aa34ba126587d4
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' *.visa.com *.googleapis.com *.google-analytics.com; default-src 'self' *.visa.com; font-src 'self'; frame-ancestors 'none'; frame-src https: data: 'self' *.visa.com; img-src https: data: 'self' *.visa.com; media-src 'none'; object-src 'none'; script-src https: 'self' *.visa.com 'unsafe-eval'; script-src-elem https: 'self' *.visa.com 'unsafe-inline' 'unsafe-eval'; style-src https: 'self' *.visa.com 'unsafe-inline'; style-src-elem https: 'self' *.visa.com 'unsafe-inline';
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706418534_875_b2k8l7354457b989p8_IWA_CHECKOUT_WIDGET
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 05:08:55 GMT
x-correlation-id
1_1706418535_337_b2k8l7354457b98g8_IWA_CHECKOUT_WIDGET
x-content-type-options
nosniff
content-security-policy
base-uri 'none'; connect-src 'self' *.visa.com *.googleapis.com *.google-analytics.com; default-src 'self' *.visa.com; font-src 'self'; frame-ancestors 'none'; frame-src https: data: 'self' *.visa.com; img-src https: data: 'self' *.visa.com; media-src 'none'; object-src 'none'; script-src https: 'self' *.visa.com 'unsafe-eval'; script-src-elem https: 'self' *.visa.com 'unsafe-inline' 'unsafe-eval'; style-src https: 'self' *.visa.com 'unsafe-inline'; style-src-elem https: 'self' *.visa.com 'unsafe-inline';
content-encoding
br
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
MISS
x-served-by
b2k8l7354457b98g8
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
cloudflare
etag
W/"3ba7c-3e8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=14400
cf-ray
84c6b865af1a21e2-MIA
expires
Sun, 28 Jan 2024 09:08:55 GMT
gtm.js
www.googletagmanager.com/ Frame 94CF 		198 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NZT7WDR
Requested by
Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2008 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
399d3d62420476c9d331c5418e1b224fe39c3383b07908bfce3b180e1ea18129
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://checkout.paze.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 05:08:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69751
x-xss-protection
0
last-modified
Sun, 28 Jan 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 28 Jan 2024 05:08:55 GMT
tccl.min.js
img1.wsimg.com/signals/js/clients/tccl/ Frame EA40
Redirect Chain
  • https://img1.wsimg.com/traffic-assets/js/tccl.min.js
  • https://img1.wsimg.com/signals/js/clients/tccl/tccl.min.js
46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/signals/js/clients/tccl/tccl.min.js
Requested by
Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd
Protocol
H2
Server
23.12.144.244 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-12-144-244.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
53861a013923acea8c682704f3fbcaf994d38a0d2c857e9ba45ae77483b5baf0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.poynt.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
CxfOTvM4.aC7Uz8TppF8SLs_Z6HB3PMp
content-encoding
gzip
date
Sun, 28 Jan 2024 05:08:55 GMT
x-amz-request-id
JGR6XV0ZNGWP0F6Q
x-amz-server-side-encryption
AES256
x-amz-meta-version
2.0.2
content-length
13404
x-amz-id-2
loEK0yBDPd5O1+kVu91qDzSD3F9/2oJTsytYAkteh/pdFz3oT/UFRsBMkhG3uColkGQIrDwl93M=
last-modified
Wed, 18 Oct 2023 16:44:03 GMT
etag
"8e70743bdf9b3d3adbb26471c84a006c"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Jan 2024 05:38:55 GMT

Redirect headers

location
https://img1.wsimg.com/signals/js/clients/tccl/tccl.min.js
access-control-allow-origin
*
date
Sun, 28 Jan 2024 05:08:55 GMT
cache-control
max-age=31536000
timing-allow-origin
*
content-length
0
expires
Mon, 27 Jan 2025 05:08:55 GMT
validate
services.poynt.net/businesses/b86fd1dc-12ba-412f-b933-191cff33a977/google-pay/ Frame EA40 		287 B
757 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.poynt.net/businesses/b86fd1dc-12ba-412f-b933-191cff33a977/google-pay/validate
Requested by
Host: cdn.poynt.net
URL: https://cdn.poynt.net/collect/static/js/main.baaf5f56.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.173.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-173-186.compute-1.amazonaws.com
Software
/
Resource Hash
1e0a8deaee954bf967e1da9872e2bba6c3454ca3e04acadd336c9f887eb66684

Request headers

accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Poynt-Session-Id
d60107b4-337a-41d7-b878-4a67482fae72
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://cdn.poynt.net/
Poynt-Request-Id
b588354c-61ae-4601-a28d-8fe34c763de4
Poynt-Collect-Version
v2.0.41

Response headers

Date
Sun, 28 Jan 2024 05:08:55 GMT
Transfer-Encoding
chunked
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://cdn.poynt.net
Instance-Id
poynt-fargate/f801df0354484106919d3e3c65ea1081
Poynt-Request-Id
b588354c-61ae-4601-a28d-8fe34c763de4
Connection
keep-alive
Poynt-Build-Info
1.4.155-2024-01-24T19:05:07Z
tags
thm.visa.com/fp/ Frame 2BA4 		685 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thm.visa.com/fp/tags?org_id=ge4f5xfn&session_id=bc_checkout_001lp1xxf
Requested by
Host: checkout.paze.com
URL: https://checkout.paze.com/web/resources/js/communicator.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
3101cd8208008efa4b132f11b33b6f20955c61435954fb0be2713eadb6a1909b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://checkout.paze.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Language
en-US
Content-Length
360
Content-Type
text/html;charset=UTF-8
Date
Sun, 28 Jan 2024 05:08:56 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=100
P3P
CP=IVAa PSAa
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-UA-Compatible
IE=Edge
X-XSS-Protection
1; mode=block
tags
xmt.paze.com/fp/ Frame 1889 		682 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xmt.paze.com/fp/tags?org_id=dubkxo24&session_id=bc_checkout_00192f14
Requested by
Host: checkout.paze.com
URL: https://checkout.paze.com/web/resources/js/communicator.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
ad583a4bc9eee95fe213ff1e15619489a81b37d4dbf6a71c3dcd72085c11d95b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://checkout.paze.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Language
en-US
Content-Length
360
Content-Type
text/html;charset=UTF-8
Date
Sun, 28 Jan 2024 05:08:56 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=100
P3P
CP=IVAa PSAa
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-UA-Compatible
IE=Edge
X-XSS-Protection
1; mode=block
merchant
checkout.paze.com/api/v1/iwa/ Frame 94CF 		2 B
113 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://checkout.paze.com/api/v1/iwa/merchant?api_key=BZTSGJ5554C9KTTUNQCK21_3-pBQgEwsJ0IPORgO-zUhsv1UA&profileId=GoDaddyMerchantA
Requested by
Host: checkout.paze.com
URL: https://checkout.paze.com/web/resources/js/communicator.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.1.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-CORRELATION-ID
1_1706418534_875_b2k8l7354457b989p8_IWA_CHECKOUT_WIDGET
accept-language
en-US,en;q=0.9
Authorization
Basic QlpUU0dKNTU1NEM5S1RUVU5RQ0syMV8zLXBCUWdFd3NKMElQT1JnTy16VWhzdjFVQQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json
Accept
application/json
API_KEY
BZTSGJ5554C9KTTUNQCK21_3-pBQgEwsJ0IPORgO-zUhsv1UA
Referer
https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706418534_875_b2k8l7354457b989p8_IWA_CHECKOUT_WIDGET

Response headers

date
Sun, 28 Jan 2024 05:08:55 GMT
x-correlation-id
1_1706418534_875_b2k8l7354457b989p8_IWA_CHECKOUT_WIDGET
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
x-content-security-policy-report-only
default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
content-security-policy-report-only
default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
x-cnection
close
content-length
2
x-xss-protection
0
x-served-by
b2k8l73-69d9c4c7w7k, b2k8l73-65b97d8x
pragma
no-cache
server
cloudflare
x-webkit-csp-report-only
default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
x-frame-options
SAMEORIGIN
content-type
application/json;charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
x-app-status
200
cf-ray
84c6b8668fbd21e2-MIA
expires
-1
token
checkout.paze.com/apn/iwa-web/oauth2/ Frame 94CF 		1 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://checkout.paze.com/apn/iwa-web/oauth2/token
Requested by
Host: checkout.paze.com
URL: https://checkout.paze.com/web/resources/js/communicator.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.1.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38111703971d869078f60ee18eb5b3ff344f2d9082206891cf12a22b86bdcde0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json
X-CORRELATION-ID
1_1706418534_875_b2k8l7354457b989p8_IWA_CHECKOUT_WIDGET
Referer
https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706418534_875_b2k8l7354457b989p8_IWA_CHECKOUT_WIDGET
accept-language
en-US,en;q=0.9
Authorization
Basic QlpUU0dKNTU1NEM5S1RUVU5RQ0syMV8zLXBCUWdFd3NKMElQT1JnTy16VWhzdjFVQQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 28 Jan 2024 05:08:55 GMT
x-correlation-id
1_1706418534_875_b2k8l7354457b989p8_IWA_CHECKOUT_WIDGET
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
x-content-security-policy-report-only
default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
content-security-policy-report-only
default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
x-cnection
close
content-length
1244
x-xss-protection
0
x-served-by
b2k8l73-69d9c4c7w7k, b2k8l73-66b8f65768-6k96v
pragma
no-cache
server
cloudflare
x-webkit-csp-report-only
default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
x-frame-options
SAMEORIGIN
content-type
application/json;charset=UTF-8
x-app-status
201
cache-control
no-cache, no-store, must-revalidate
cf-ray
84c6b8668fbe21e2-MIA
x-via-hint_dca
1_fl3afg
expires
-1
MxL-5nwwlOXLnw48P5Qma8MW4lQG7Q2rhXcL3r2wtjE.js
www.google.com/js/bg/ Frame 38DF 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/MxL-5nwwlOXLnw48P5Qma8MW4lQG7Q2rhXcL3r2wtjE.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3312fee67c3094e5cb9f0e3c3f94266bc316e25406ed0dab85770bdebdb0b631
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdDd38gAAAAAFCGTIJxNy4d28zq6AU-xtr1WgYS&co=aHR0cHM6Ly9wYXRpZW50Lm1vb2xhaC5jYzo0NDM.&hl=en&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&cb=ouo96ezc2xpo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 04:25:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
175404
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6929
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 10:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Jan 2025 04:25:31 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 38DF 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 05:53:22 GMT
x-content-type-options
nosniff
age
170133
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Fri, 02 Feb 2024 05:53:22 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 38DF 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdDd38gAAAAAFCGTIJxNy4d28zq6AU-xtr1WgYS&co=aHR0cHM6Ly9wYXRpZW50Lm1vb2xhaC5jYzo0NDM.&hl=en&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&cb=ouo96ezc2xpo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 05:57:15 GMT
x-content-type-options
nosniff
age
169900
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jan 2025 05:57:15 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 38DF 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdDd38gAAAAAFCGTIJxNy4d28zq6AU-xtr1WgYS&co=aHR0cHM6Ly9wYXRpZW50Lm1vb2xhaC5jYzo0NDM.&hl=en&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&cb=ouo96ezc2xpo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 06:09:12 GMT
x-content-type-options
nosniff
age
169183
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jan 2025 06:09:12 GMT
validate
services.poynt.net/businesses/b86fd1dc-12ba-412f-b933-191cff33a977/google-pay/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://services.poynt.net/businesses/b86fd1dc-12ba-412f-b933-191cff33a977/google-pay/validate
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.173.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-173-186.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,poynt-collect-version,poynt-request-id,poynt-session-id
Access-Control-Request-Method
POST
Origin
https://cdn.poynt.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type, poynt-collect-version, poynt-request-id, poynt-session-id
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
https://cdn.poynt.net
Access-Control-Max-Age
1800
Allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
Connection
keep-alive
Content-Length
0
Date
Sun, 28 Jan 2024 05:08:55 GMT
Instance-Id
poynt-fargate/5222acdddb7d48749a27bf6199d02f39
Poynt-Build-Info
1.4.155-2024-01-24T19:05:07Z
Poynt-Request-Id
6694b808-298d-4ce9-8a3f-fd477c08e75b
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
m=Das5Le
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.9Tp6igBUtNg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ufb... Frame 9D67 		74 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.9Tp6igBUtNg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ufbaBSu4aqg.L.B1.O/am=gCEM/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrguNk65jK40NXlpyacN9ZZTAYDP8A/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.9Tp6igBUtNg.es5.O/am=gCEM/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgSrcDRKU4imO-C2NOc4FTCEMe6BA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13bbc3fbf68d09f1287c06c397f01a21310993d363febc088adee89c537d3d34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 17:17:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
129060
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27607
x-xss-protection
0
last-modified
Wed, 24 Jan 2024 07:38:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Jan 2025 17:17:55 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 38DF 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=QUpyTKFkX5CIV6EF8TFSWEif
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdDd38gAAAAAFCGTIJxNy4d28zq6AU-xtr1WgYS&co=aHR0cHM6Ly9wYXRpZW50Lm1vb2xhaC5jYzo0NDM.&hl=en&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&cb=ouo96ezc2xpo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7d61c6329c5eea651d09e2f4d8f5533751b47d90af6e75c0db658ff1c84712ce
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdDd38gAAAAAFCGTIJxNy4d28zq6AU-xtr1WgYS&co=aHR0cHM6Ly9wYXRpZW50Lm1vb2xhaC5jYzo0NDM.&hl=en&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&cb=ouo96ezc2xpo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 05:08:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sun, 28 Jan 2024 05:08:55 GMT
pay
pay.google.com/gp/p/ui/ Frame 9D67 		1 MB
378 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/pay
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.9Tp6igBUtNg.es5.O/am=gCEM/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgSrcDRKU4imO-C2NOc4FTCEMe6BA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::5c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
094c520af66fbb1ec8d948c9934d21209cdadc530d91d9557e0db2725a7d746e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9quoAcvHgrX_pzLloS7OvA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 05:08:55 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-9quoAcvHgrX_pzLloS7OvA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/gp/p/_/InstantbuyFrontendBuyflowPayUi/web-reports?context=eJzjqtHikmJw0ZBiWF4qxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3b8XTO--vGTi-PqSSQKI1YB4h48Hi5jPdNY34dNZ2SKms8bVTWfNAWK-ddNZNddPZ22JnsE6CYid0mewBgCxEA_H80PX17IJrFgx_RgzAOKvN3U"
x-ua-compatible
IE=edge
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
unsafe-none
server
ESF
x-frame-options
DENY
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Sun, 28 Jan 2024 05:08:55 GMT
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.9Tp6igBUtNg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ufb... Frame 9D67 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.9Tp6igBUtNg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ufbaBSu4aqg.L.B1.O/am=gCEM/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrguNk65jK40NXlpyacN9ZZTAYDP8A/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.9Tp6igBUtNg.es5.O/am=gCEM/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgSrcDRKU4imO-C2NOc4FTCEMe6BA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8485e9c6b387a61386fa01f5328623fbc630c6a75157a1fa3cfa385ba76bcd2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 17:17:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
129060
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3730
x-xss-protection
0
last-modified
Wed, 24 Jan 2024 07:38:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Jan 2025 17:17:55 GMT
m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.9Tp6igBUtNg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ufb... Frame 9D67 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.9Tp6igBUtNg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ufbaBSu4aqg.L.B1.O/am=gCEM/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrguNk65jK40NXlpyacN9ZZTAYDP8A/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.9Tp6igBUtNg.es5.O/am=gCEM/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgSrcDRKU4imO-C2NOc4FTCEMe6BA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7129132b4a93fe06b0aa1dda8e12d4abeb8d2d85b43e1492b21ae30a055fa1be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 17:17:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
129060
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14316
x-xss-protection
0
last-modified
Wed, 24 Jan 2024 07:38:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Jan 2025 17:17:55 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Sun, 28 Jan 2024 05:08:56 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 9D67 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.9Tp6igBUtNg.es5.O/am=gCEM/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgSrcDRKU4imO-C2NOc4FTCEMe6BA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sun, 28 Jan 2024 05:08:56 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 28 Jan 2024 05:08:56 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Sun, 28 Jan 2024 05:08:56 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 9D67 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.9Tp6igBUtNg.es5.O/am=gCEM/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgSrcDRKU4imO-C2NOc4FTCEMe6BA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sun, 28 Jan 2024 05:08:56 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 28 Jan 2024 05:08:56 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Sun, 28 Jan 2024 05:08:56 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 9D67 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.9Tp6igBUtNg.es5.O/am=gCEM/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgSrcDRKU4imO-C2NOc4FTCEMe6BA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sun, 28 Jan 2024 05:08:56 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 28 Jan 2024 05:08:56 GMT
index.html
cdn.poynt.net/collect/ Frame ECCA 		742 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.poynt.net/collect/index.html?iFrame%5Bwidth%5D=100%25&iFrame%5Bheight%5D=165px&iFrame%5Bborder%5D=0px&iFrame%5BframeBorder%5D=0px&style%5Btheme%5D=customer&displayComponents%5BfirstName%5D=false&displayComponents%5BlastName%5D=false&displayComponents%5BemailAddress%5D=false&displayComponents%5BsubmitButton%5D=false&displayComponents%5BshowEndingPage%5D=false&displayComponents%5Blabels%5D=true&displayComponents%5BzipCode%5D=true&buttonOptions%5Btype%5D=plain&buttonOptions%5Bwidth%5D=400&buttonOptions%5Bheight%5D=50&businessId=b86fd1dc-12ba-412f-b933-191cff33a977&applicationId=urn%3Aaid%3Adf5ae5f0-6360-4024-819f-b7a17b92d5c7&sessionId=d60107b4-337a-41d7-b878-4a67482fae72&enableReCaptcha=false&enableCardOnFile=false
Requested by
Host: cdn.poynt.net
URL: https://cdn.poynt.net/collect.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-92.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7df2bb71378a86f7de113d17a1766e50aae7b679c1fa25adc8aa23c153f89e27

Request headers

Referer
https://patient.moolah.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Age
77568
Connection
keep-alive
Content-Length
742
Content-Type
text/html
Date
Sat, 27 Jan 2024 07:36:09 GMT
ETag
"34ec6f6eeadfb689dab02af4443ffcac"
Last-Modified
Tue, 09 Jan 2024 17:06:25 GMT
Server
AmazonS3
Vary
Accept-Encoding
Via
1.1 84eb14fd35e56c52f969c1decfba148c.cloudfront.net (CloudFront)
X-Amz-Cf-Id
BNFXaqFLDCjargpSDXVsd2pPX5-DgXtIVPq7GMDY2wBADhgwi_MP4w==
X-Amz-Cf-Pop
JFK50-P3
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
tSYxw13QEIpreYtDHun_ZI.ClRHXeGtG
event
events.api.secureserver.net/t/1/tl/ Frame EA40 		43 B
280 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.api.secureserver.net/t/1/tl/event?cts=1706418536090&dh=cdn.poynt.net&dr=https%3A%2F%2Fpatient.moolah.cc%2F&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36&vci=1755339138&cv=2.0.2&z=1226220011&vg=7433cd9f-83e0-5bbf-99d7-e4108fe91952&vtg=7433cd9f-83e0-5bbf-99d7-e4108fe91952&dp=%2Fcollect%2Findex.html&ap=PoyntCollect&trfd=%7B%22ap%22%3A%22PoyntCollect%22%7D&hit_id=0014c427-303a-565c-bbb5-c8d4c7edb63a&ht=pageview
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:141b:1c00:16::17c4:32a Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.poynt.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
date
Sun, 28 Jan 2024 05:08:56 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/gif
access-control-allow-origin
https://cdn.poynt.net
cache-control
private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
content-length
43
x-xss-protection
1; mode=block
log
play.google.com/ Frame 9D67 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.9Tp6igBUtNg.es5.O/am=gCEM/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgSrcDRKU4imO-C2NOc4FTCEMe6BA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sun, 28 Jan 2024 05:08:56 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 28 Jan 2024 05:08:56 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Sun, 28 Jan 2024 05:08:56 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 9D67 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.9Tp6igBUtNg.es5.O/am=gCEM/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgSrcDRKU4imO-C2NOc4FTCEMe6BA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sun, 28 Jan 2024 05:08:56 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 28 Jan 2024 05:08:56 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Sun, 28 Jan 2024 05:08:56 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 9D67 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.9Tp6igBUtNg.es5.O/am=gCEM/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgSrcDRKU4imO-C2NOc4FTCEMe6BA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sun, 28 Jan 2024 05:08:56 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 28 Jan 2024 05:08:56 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Sun, 28 Jan 2024 05:08:56 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
js
www.googletagmanager.com/gtag/ Frame 94CF 		271 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-F37RS8EP44&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZT7WDR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2008 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3a8d8c8d1712c6002fcc8c8c2d76595738f8064793990992e1d1b0b4249546c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://checkout.paze.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 05:08:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92307
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 28 Jan 2024 05:08:56 GMT
event
events.api.secureserver.net/t/1/tl/ Frame EA40 		43 B
280 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.api.secureserver.net/t/1/tl/event?cts=1706418536119&dh=cdn.poynt.net&dr=https%3A%2F%2Fpatient.moolah.cc%2F&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36&vci=1755339138&cv=2.0.2&z=1818045722&vg=5b7f6314-32b9-5cfb-9688-27512bb3e9d6&vtg=5b7f6314-32b9-5cfb-9688-27512bb3e9d6&dp=%2Fcollect%2Findex.html&ap=PoyntCollect&trfd=%7B%22ap%22%3A%22PoyntCollect%22%7D&hit_id=9ee15d2b-0e82-5b1e-b63b-a8fb7c08a7b0&ht=perf&tce=1706418535055&tcs=1706418535055&tdc=1706418535343&tdclee=1706418535343&tdcles=1706418535343&tdi=1706418535312&tdl=1706418535121&tdle=1706418535055&tdls=1706418535055&tfs=1706418535055&tns=1706418534959&trqs=1706418535057&tre=1706418535118&trps=1706418535117&tles=1706418535343&tlee=1706418535343&nt=navigate&nav_type=hard
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:141b:1c00:16::17c4:32a Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.poynt.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
date
Sun, 28 Jan 2024 05:08:56 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/gif
access-control-allow-origin
https://cdn.poynt.net
cache-control
private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
content-length
43
x-xss-protection
1; mode=block
a
www.googletagmanager.com/ Frame 94CF 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?v=3&t=l&pid=1524565059&rv=41o0&u=AAAAAAAAAAAAAACA&h=Ag&gtm=45He41o0p2v9116753729&ccid=116753729&cid=GTM-NZT7WDR&l=GTM-NZT7WDR.L406.S4.Y26.B9.E15.I195.EC5.TC1.HTC0~gtm.init.S0.V0.E12~gtm.js.S0.V0.TS5googtag.TI3.TE3~gtm.dom.S0.V0.E4~gtm.load.S0.V0.E4~gtm.init_consent.S1.V0.E13
Requested by
Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2008 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://checkout.paze.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 05:08:56 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
clear.png
xmt.paze.com/fp/ Frame 1889 		81 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xmt.paze.com/fp/clear.png?org_id=dubkxo24&session_id=bc_checkout_00192f14&nonce=a698d00fb37af09a&ck=0&m=2
Requested by
Host: xmt.paze.com
URL: https://xmt.paze.com/fp/tags?org_id=dubkxo24&session_id=bc_checkout_00192f14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://xmt.paze.com/fp/tags?org_id=dubkxo24&session_id=bc_checkout_00192f14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Jan 2024 05:08:56 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=99
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
check.js;CIS3SID=E0061060494F5F4518665DC5ED47344C
xmt.paze.com/fp/ Frame 1889 		487 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xmt.paze.com/fp/check.js;CIS3SID=E0061060494F5F4518665DC5ED47344C?org_id=dubkxo24&session_id=bc_checkout_00192f14&nonce=a698d00fb37af09a
Requested by
Host: xmt.paze.com
URL: https://xmt.paze.com/fp/tags?org_id=dubkxo24&session_id=bc_checkout_00192f14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
1d65e1a66944c0e257d382282e308e40ea8c3c9c20fb0721395e5c3a38c93b32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://xmt.paze.com/fp/tags?org_id=dubkxo24&session_id=bc_checkout_00192f14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 28 Jan 2024 05:08:56 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
tmx-nonce
a698d00fb37af09a
Connection
Keep-Alive, Keep-Alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
X-Robots-Tag
noindex, nofollow
Keep-Alive
timeout=2, max=98
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear.png
thm.visa.com/fp/ Frame 2BA4 		81 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thm.visa.com/fp/clear.png?org_id=ge4f5xfn&session_id=bc_checkout_001lp1xxf&nonce=04a387c47059ecb3&ck=0&m=2
Requested by
Host: thm.visa.com
URL: https://thm.visa.com/fp/tags?org_id=ge4f5xfn&session_id=bc_checkout_001lp1xxf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thm.visa.com/fp/tags?org_id=ge4f5xfn&session_id=bc_checkout_001lp1xxf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Jan 2024 05:08:56 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=99
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
check.js;CIS3SID=7B26224EA9E3E94653C4DB58241B5590
thm.visa.com/fp/ Frame 2BA4 		295 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thm.visa.com/fp/check.js;CIS3SID=7B26224EA9E3E94653C4DB58241B5590?org_id=ge4f5xfn&session_id=bc_checkout_001lp1xxf&nonce=04a387c47059ecb3
Requested by
Host: thm.visa.com
URL: https://thm.visa.com/fp/tags?org_id=ge4f5xfn&session_id=bc_checkout_001lp1xxf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
125538591b76ae391c6ab9cb3360129376b47c4db0c3eb5cc6c22baf190ac8bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thm.visa.com/fp/tags?org_id=ge4f5xfn&session_id=bc_checkout_001lp1xxf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 28 Jan 2024 05:08:56 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
tmx-nonce
04a387c47059ecb3
Connection
Keep-Alive, Keep-Alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-Robots-Tag
noindex, nofollow
Keep-Alive
timeout=2, max=98
Expires
Thu, 01 Jan 1970 00:00:00 GMT
main.baaf5f56.js
cdn.poynt.net/collect/static/js/ Frame ECCA 		502 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.poynt.net/collect/static/js/main.baaf5f56.js
Requested by
Host: cdn.poynt.net
URL: https://cdn.poynt.net/collect/index.html?iFrame%5Bwidth%5D=100%25&iFrame%5Bheight%5D=165px&iFrame%5Bborder%5D=0px&iFrame%5BframeBorder%5D=0px&style%5Btheme%5D=customer&displayComponents%5BfirstName%5D=false&displayComponents%5BlastName%5D=false&displayComponents%5BemailAddress%5D=false&displayComponents%5BsubmitButton%5D=false&displayComponents%5BshowEndingPage%5D=false&displayComponents%5Blabels%5D=true&displayComponents%5BzipCode%5D=true&buttonOptions%5Btype%5D=plain&buttonOptions%5Bwidth%5D=400&buttonOptions%5Bheight%5D=50&businessId=b86fd1dc-12ba-412f-b933-191cff33a977&applicationId=urn%3Aaid%3Adf5ae5f0-6360-4024-819f-b7a17b92d5c7&sessionId=d60107b4-337a-41d7-b878-4a67482fae72&enableReCaptcha=false&enableCardOnFile=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-92.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e83d497a0603364e9586a8a3521a761f48858e1e7de748eb4e469766c500c71e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.poynt.net/collect/index.html?iFrame%5Bwidth%5D=100%25&iFrame%5Bheight%5D=165px&iFrame%5Bborder%5D=0px&iFrame%5BframeBorder%5D=0px&style%5Btheme%5D=customer&displayComponents%5BfirstName%5D=false&displayComponents%5BlastName%5D=false&displayComponents%5BemailAddress%5D=false&displayComponents%5BsubmitButton%5D=false&displayComponents%5BshowEndingPage%5D=false&displayComponents%5Blabels%5D=true&displayComponents%5BzipCode%5D=true&buttonOptions%5Btype%5D=plain&buttonOptions%5Bwidth%5D=400&buttonOptions%5Bheight%5D=50&businessId=b86fd1dc-12ba-412f-b933-191cff33a977&applicationId=urn%3Aaid%3Adf5ae5f0-6360-4024-819f-b7a17b92d5c7&sessionId=d60107b4-337a-41d7-b878-4a67482fae72&enableReCaptcha=false&enableCardOnFile=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
RjxNpQuXFCNB7_IZ3lQtGpDCbnwbcfGk
Content-Encoding
gzip
Via
1.1 84eb14fd35e56c52f969c1decfba148c.cloudfront.net (CloudFront)
Date
Sat, 27 Jan 2024 14:05:11 GMT
X-Amz-Cf-Pop
JFK50-P3
Age
54226
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Last-Modified
Tue, 09 Jan 2024 17:06:25 GMT
Server
AmazonS3
ETag
W/"5d2625e6351777f666faebee7af6bb2e"
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Amz-Cf-Id
wKZweWvngehPxp9CZMtQX1F-upOvmAFmDwPo9BEWWUpLXbMlzR62-g==
main.7f7ece38.css
cdn.poynt.net/collect/static/css/ Frame ECCA 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.poynt.net/collect/static/css/main.7f7ece38.css
Requested by
Host: cdn.poynt.net
URL: https://cdn.poynt.net/collect/index.html?iFrame%5Bwidth%5D=100%25&iFrame%5Bheight%5D=165px&iFrame%5Bborder%5D=0px&iFrame%5BframeBorder%5D=0px&style%5Btheme%5D=customer&displayComponents%5BfirstName%5D=false&displayComponents%5BlastName%5D=false&displayComponents%5BemailAddress%5D=false&displayComponents%5BsubmitButton%5D=false&displayComponents%5BshowEndingPage%5D=false&displayComponents%5Blabels%5D=true&displayComponents%5BzipCode%5D=true&buttonOptions%5Btype%5D=plain&buttonOptions%5Bwidth%5D=400&buttonOptions%5Bheight%5D=50&businessId=b86fd1dc-12ba-412f-b933-191cff33a977&applicationId=urn%3Aaid%3Adf5ae5f0-6360-4024-819f-b7a17b92d5c7&sessionId=d60107b4-337a-41d7-b878-4a67482fae72&enableReCaptcha=false&enableCardOnFile=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-92.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c9fe096d933b4cc05ec5d18f284c5e75f84b4c6b4b4c3a21fbe70602d1bd8cde

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.poynt.net/collect/index.html?iFrame%5Bwidth%5D=100%25&iFrame%5Bheight%5D=165px&iFrame%5Bborder%5D=0px&iFrame%5BframeBorder%5D=0px&style%5Btheme%5D=customer&displayComponents%5BfirstName%5D=false&displayComponents%5BlastName%5D=false&displayComponents%5BemailAddress%5D=false&displayComponents%5BsubmitButton%5D=false&displayComponents%5BshowEndingPage%5D=false&displayComponents%5Blabels%5D=true&displayComponents%5BzipCode%5D=true&buttonOptions%5Btype%5D=plain&buttonOptions%5Bwidth%5D=400&buttonOptions%5Bheight%5D=50&businessId=b86fd1dc-12ba-412f-b933-191cff33a977&applicationId=urn%3Aaid%3Adf5ae5f0-6360-4024-819f-b7a17b92d5c7&sessionId=d60107b4-337a-41d7-b878-4a67482fae72&enableReCaptcha=false&enableCardOnFile=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
UZzRUaNMW9q0ocXZ5m8RpwUVxDpaZlQR
Content-Encoding
gzip
Via
1.1 5a8a3f9dea8033ff97627e0a0c6df032.cloudfront.net (CloudFront)
Date
Sat, 27 Jan 2024 05:12:24 GMT
X-Amz-Cf-Pop
JFK50-P3
Age
86228
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Last-Modified
Tue, 09 Jan 2024 17:06:25 GMT
Server
AmazonS3
ETag
W/"93492fd5625e828aab0ed373d20bb5a3"
Vary
Accept-Encoding
Content-Type
text/css
X-Amz-Cf-Id
PqiEcCxmMJltvc-Yrr5KvNBZ1_bMZdl_ZfxcMjMGvJM2oNSaNQVUZA==
clear.png
thm.visa.com/fp/ Frame 2BA4 		81 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thm.visa.com/fp/clear.png?org_id=ge4f5xfn&session_id=bc_checkout_001lp1xxf&nonce=04a387c47059ecb3&w=04a387c47059ecb3&ck=0&m=1
Requested by
Host: thm.visa.com
URL: https://thm.visa.com/fp/tags?org_id=ge4f5xfn&session_id=bc_checkout_001lp1xxf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thm.visa.com/fp/tags?org_id=ge4f5xfn&session_id=bc_checkout_001lp1xxf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Jan 2024 05:08:56 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear.png
xmt.paze.com/fp/ Frame 1889 		81 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xmt.paze.com/fp/clear.png?org_id=dubkxo24&session_id=bc_checkout_00192f14&nonce=a698d00fb37af09a&w=a698d00fb37af09a&ck=0&m=1
Requested by
Host: xmt.paze.com
URL: https://xmt.paze.com/fp/tags?org_id=dubkxo24&session_id=bc_checkout_00192f14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://xmt.paze.com/fp/tags?org_id=dubkxo24&session_id=bc_checkout_00192f14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Jan 2024 05:08:56 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tccl.min.js
img1.wsimg.com/signals/js/clients/tccl/ Frame ECCA
Redirect Chain
  • https://img1.wsimg.com/traffic-assets/js/tccl.min.js
  • https://img1.wsimg.com/signals/js/clients/tccl/tccl.min.js
46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/signals/js/clients/tccl/tccl.min.js
Requested by
Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd
Protocol
H2
Server
23.12.144.244 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-12-144-244.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
53861a013923acea8c682704f3fbcaf994d38a0d2c857e9ba45ae77483b5baf0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.poynt.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
CxfOTvM4.aC7Uz8TppF8SLs_Z6HB3PMp
content-encoding
gzip
date
Sun, 28 Jan 2024 05:08:56 GMT
x-amz-request-id
JGR6XV0ZNGWP0F6Q
x-amz-server-side-encryption
AES256
x-amz-meta-version
2.0.2
content-length
13404
x-amz-id-2
loEK0yBDPd5O1+kVu91qDzSD3F9/2oJTsytYAkteh/pdFz3oT/UFRsBMkhG3uColkGQIrDwl93M=
last-modified
Wed, 18 Oct 2023 16:44:03 GMT
etag
"8e70743bdf9b3d3adbb26471c84a006c"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Jan 2024 05:38:56 GMT

Redirect headers

location
https://img1.wsimg.com/signals/js/clients/tccl/tccl.min.js
access-control-allow-origin
*
date
Sun, 28 Jan 2024 05:08:56 GMT
cache-control
max-age=31536000
timing-allow-origin
*
content-length
0
expires
Mon, 27 Jan 2025 05:08:56 GMT
enterprise.js
www.google.com/recaptcha/ Frame ECCA 		1 KB
915 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise.js?render=6LcdO24hAAAAABf5vhNrKlG7hX8gF_wM8xdtIiee
Requested by
Host: cdn.poynt.net
URL: https://cdn.poynt.net/collect/static/js/main.baaf5f56.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
58026d1977117c3e75535b694d5c40c88425b3de6e0b007ce47bec141fbd9b91
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.poynt.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 05:08:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sun, 28 Jan 2024 05:08:56 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/ Frame ECCA 		481 KB
193 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6LcdO24hAAAAABf5vhNrKlG7hX8gF_wM8xdtIiee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cccbd316b2e050d41ebf62c8c613d5bfae33cd43104ac3b772c9e10950a3dbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.poynt.net/
Origin
https://cdn.poynt.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 05:01:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
427
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
196969
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 05:28:49 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 27 Jan 2025 05:01:49 GMT
event
events.api.secureserver.net/t/1/tl/ Frame ECCA 		43 B
280 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.api.secureserver.net/t/1/tl/event?cts=1706418536574&dh=cdn.poynt.net&dr=https%3A%2F%2Fpatient.moolah.cc%2F&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36&vci=394055421&cv=2.0.2&z=1100199563&vg=489136b8-c11c-52b4-a307-af490e8190b2&vtg=489136b8-c11c-52b4-a307-af490e8190b2&dp=%2Fcollect%2Findex.html&ap=PoyntCollect&trfd=%7B%22ap%22%3A%22PoyntCollect%22%7D&hit_id=318b6772-bbc1-507e-838a-d8067d3aa40b&ht=pageview
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:141b:1c00:16::17c4:32a Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.poynt.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
date
Sun, 28 Jan 2024 05:08:56 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/gif
access-control-allow-origin
https://cdn.poynt.net
cache-control
private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
content-length
43
x-xss-protection
1; mode=block
event
events.api.secureserver.net/t/1/tl/ Frame ECCA 		43 B
280 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.api.secureserver.net/t/1/tl/event?cts=1706418536581&dh=cdn.poynt.net&dr=https%3A%2F%2Fpatient.moolah.cc%2F&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36&vci=394055421&cv=2.0.2&z=577849424&vg=402f5708-371e-5b1c-9c1e-35095764ff5a&vtg=402f5708-371e-5b1c-9c1e-35095764ff5a&dp=%2Fcollect%2Findex.html&ap=PoyntCollect&trfd=%7B%22ap%22%3A%22PoyntCollect%22%7D&hit_id=89beadac-fc29-5d59-906b-e52a7cd21755&ht=perf&tce=1706418536070&tcs=1706418536070&tdc=1706418536404&tdclee=1706418536403&tdcles=1706418536403&tdi=1706418536284&tdl=1706418536163&tdle=1706418536070&tdls=1706418536070&tfs=1706418536070&tns=1706418536069&trqs=1706418536072&tre=1706418536135&trps=1706418536134&tles=1706418536404&tlee=1706418536404&nt=navigate&nav_type=hard
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:141b:1c00:16::17c4:32a Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.poynt.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
date
Sun, 28 Jan 2024 05:08:56 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/gif
access-control-allow-origin
https://cdn.poynt.net
cache-control
private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
content-length
43
x-xss-protection
1; mode=block
anchor
www.google.com/recaptcha/enterprise/ Frame 2C44 		44 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcdO24hAAAAABf5vhNrKlG7hX8gF_wM8xdtIiee&co=aHR0cHM6Ly9jZG4ucG95bnQubmV0OjQ0Mw..&hl=en&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&cb=hc7heb5e9k74
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a88250ad719c24a9ac181592d3fa25658181d78fa18d100703b658d91bfbe31b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nPjRPN4_K0k11_4v5z6rhg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.poynt.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-nPjRPN4_K0k11_4v5z6rhg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 28 Jan 2024 05:08:56 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
clear.png
thm.visa.com/fp/ Frame 2BA4 		81 B
476 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://thm.visa.com/fp/clear.png
Requested by
Host: thm.visa.com
URL: https://thm.visa.com/fp/check.js;CIS3SID=7B26224EA9E3E94653C4DB58241B5590?org_id=ge4f5xfn&session_id=bc_checkout_001lp1xxf&nonce=04a387c47059ecb3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*, ge4f5xfn/04a387c47059ecb3bc_checkout_001lp1xxf
Referer
https://thm.visa.com/fp/tags?org_id=ge4f5xfn&session_id=bc_checkout_001lp1xxf
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 28 Jan 2024 05:08:56 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Sun, 28 Jan 2024 05:08:56 GMT
Server
Apache
Etag
0979b752cd314af497b9ff1d18d34c23
Content-Type
image/png
Cache-Control
private, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=97
Content-Length
81
Expires
Fri, 26 Jan 2029 05:08:56 GMT
ls_fp.html;CIS3SID=7B26224EA9E3E94653C4DB58241B5590
thm.visa.com/fp/ Frame 9692 		90 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thm.visa.com/fp/ls_fp.html;CIS3SID=7B26224EA9E3E94653C4DB58241B5590?org_id=ge4f5xfn&session_id=bc_checkout_001lp1xxf&nonce=04a387c47059ecb3
Requested by
Host: thm.visa.com
URL: https://thm.visa.com/fp/check.js;CIS3SID=7B26224EA9E3E94653C4DB58241B5590?org_id=ge4f5xfn&session_id=bc_checkout_001lp1xxf&nonce=04a387c47059ecb3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
f4ae03e6fd076b7e479459127b3e0b20f6c85f0f0b3ae52c424c07e6af342a60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://thm.visa.com/fp/tags?org_id=ge4f5xfn&session_id=bc_checkout_001lp1xxf
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Sun, 28 Jan 2024 05:08:56 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=96
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
clear.png
thm.visa.com/fp/ Frame 2BA4 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thm.visa.com/fp/clear.png?org_id=ge4f5xfn&session_id=bc_checkout_001lp1xxf&nonce=04a387c47059ecb3&jb=31342c6e7b613f3b3c62626f3563636c33646d3c3b66676b323163353c6864643f3837323f3036
Requested by
Host: thm.visa.com
URL: https://thm.visa.com/fp/check.js;CIS3SID=7B26224EA9E3E94653C4DB58241B5590?org_id=ge4f5xfn&session_id=bc_checkout_001lp1xxf&nonce=04a387c47059ecb3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thm.visa.com/fp/tags?org_id=ge4f5xfn&session_id=bc_checkout_001lp1xxf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Jan 2024 05:08:56 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=99
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sid_fp.html;CIS3SID=7B26224EA9E3E94653C4DB58241B5590
h.online-metrix.net/fp/ Frame 4FE7 		103 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=7B26224EA9E3E94653C4DB58241B5590?org_id=ge4f5xfn&session_id=bc_checkout_001lp1xxf&nonce=04a387c47059ecb3
Requested by
Host: thm.visa.com
URL: https://thm.visa.com/fp/check.js;CIS3SID=7B26224EA9E3E94653C4DB58241B5590?org_id=ge4f5xfn&session_id=bc_checkout_001lp1xxf&nonce=04a387c47059ecb3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.1 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
bf1ff971d175c4ecb8915d970b136d412e8b7a235685601c1c4f73afe3ba9749
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://thm.visa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Sun, 28 Jan 2024 05:08:57 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=100
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
top_fp.html;CIS3SID=7B26224EA9E3E94653C4DB58241B5590
thm.visa.com/fp/ Frame 17AB 		89 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thm.visa.com/fp/top_fp.html;CIS3SID=7B26224EA9E3E94653C4DB58241B5590?org_id=ge4f5xfn&session_id=bc_checkout_001lp1xxf&nonce=04a387c47059ecb3
Requested by
Host: thm.visa.com
URL: https://thm.visa.com/fp/check.js;CIS3SID=7B26224EA9E3E94653C4DB58241B5590?org_id=ge4f5xfn&session_id=bc_checkout_001lp1xxf&nonce=04a387c47059ecb3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
58c1fd78a12af7457fcc8fe9c49a1b90f59fd6b871e20620c5e5e989d8c0f8a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://thm.visa.com/fp/tags?org_id=ge4f5xfn&session_id=bc_checkout_001lp1xxf
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Sun, 28 Jan 2024 05:08:57 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=98
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
clear.png
thm.visa.com/fp/ Frame 2BA4 		0
219 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thm.visa.com/fp/clear.png?org_id=ge4f5xfn&session_id=bc_checkout_001lp1xxf&nonce=04a387c47059ecb3&ja=333a3c372e2661372736303a267a3d382666353934323272333a30322c6b663d3b363030703132383824717a733f3878322c6e707237312c313e3030243930323226333e3032263b32303a2c3330382c313d382e33343a322431303a3a2c302630266d7c3d61303030636069666b37356e6e66646c396561303431393c353234683b6937632c676e3d3e2673636c3d323c2e6e6a3f62767c70712f394125384625324e74686526746b716b2c6b6f6f2f3846667a2532467c61677b2d31446d78655769662f3944676f34663570666e2d3a3471677971616f6c55636425394462635763686d6b696d777e5d383033667a317872662670643d332e786a3f3532643a38636b3c62636c6265313933623f3b3a35636f326c33606e6832643e2668683566393f386031376c333c6661386c37306e6261326933373f6e3b37346c303b362460796f3d5d696e646777732d3a3233332c687b623f4962726f67652532383132382e68716d7f3f5f696c6e6577732c6a73627d3d43607a6d6f672c6c60633f3e2c6e64673d3826666d74783532247670663550636963666969253246406f6e6764776e772c6f69746a783734303a3364316b32626d6b3230673c616b35343a3a38326b6431353d3430396e663637323a3934336e3c65616b3234646b3934696e6066353831393333333c61266e723d687c74707b2d31432738442d324469626563616f7574267061726d2c616d67273a46247a37706c7f67696e57666c697b6a27374f64696c716f2b706c7f67696e577769666c6d7571556f6d646b6b55706c6b7965722d35456e696e71672b7264756563645f616e6f62655761637a676063762f374d6663667965217a6c7567616e5f797d6b61697e6b6565273f4f666166736521786c756f616c5d71626d6b6b756b7c65253f45666164736529786e7765636c5772676b66706c6b7965722d35456e696e71672b7264756563645f7666635f706461796d7a2737476c636473672b7a6c756d696e5f6c657669647470273f476e616e796f217066756769665f737e6f5d746b6f756d72273f4f666166736521786c756f616c5d686b746925374f6c616c79652667645f63357f67606566556d6245462f32303b2e30253a30284778676c4546273a3047592f3230382e30253a3043607a6d6f6b7f6f215767684d4c253830474c5b4c253a384751273832392e322f3830284570656e4f4c253a3847512738324f4c51462f32304f53253238312e382d3032416270676d6b7f6729576f624b697c57656a436b762738325f65604d46414e4d4c455f616e737c696c61676e5d6972706b737325394225323845585c57606e676466576d6b646761782f3342253a3045505c5d616d666d7a5f607f6c6665785f686164665f6e646d63762f314a25303a4f585455666c6f69745f6a64676c662f314a25303a4f5854556672616f5f646d78766a2739402d32324f52545f796861646d725f7c6d7a76777867576c6d6e2f33422f32304550545f7c6d7a7677786757636d677a72657973696f665f62787c61273148273a3047525e5f746f7874757a655f6b676f72706f717b696d645572677e6325334a2532384d5a565d7e67707477786f5f66636c74657a5f616661716d76786d7869612f394225383045585c5f735a4f40273148273a304d4f595f6566656d6566745f616666677a5577616e762f39422538304f455b5f666a675d706764666d725d6763706d6b7025334a2532384747515d7976696e666b78645f6e6572697e6174617e67712739402d3232454f535f7e6578747d7265576e6e6d637e273b4227383a4f45595f74657074757a6d5d646e65637c5f6e63646561782533422d3230474d515d766f7a7c75706f55686166665f66646f617c2d3140273832474551557e65787e757265576861646e5d646e65637c5f6e63646561782533422d3230474d515d746f707c657a556b72726b795f6f6a6a656b7c2731402f30385747484d4c5f696f6c6f7a5f627d6e6467705564646f637e2f33422f3230574d42474457616d6f7a706d73716f6e5f746f7874757a655f697b76612739402d32325d4f4247465f636f6570726d7b71676655766d78767f78655f6f7463253b42253a385547404d4e57636d677a726579736564577465707c77706755677c63332f394225383057454a474c576b6d6f7278677b73676e557465727475726d5f733b7c61273148273a30554f48474c55636f6d7872657b7b67665d7e67707477786f5f733974635f7b72676a2d31402738325f45404d465f646f627567577265666c677067785d616e64652f33422f3230574d424744576667727e6a577467727e75726f2533422d32305f4d40454e55667a6175556875666c6572732d33422d3a3255474845445f6e6579655f696f6e746d78742d3b4027303a554d424546556d756674695f6c72617f39342465665d603d316c6c35646c6634373c30646c6b3632356f343a62673a6f37346e3235353c3631383c6636303f3b2e7765667c3d496474656c2d32304166612c247d6564723f43647465662532304172697b2d30324d7a6766474e2f3830456467696e6d26636b6c3f30&jb=33373f2464713f47657a69666c61253a463526382730322255616e66657d732538304e542d323039382c322739402d32325d636e363e2533422d3230703e362b273832497072666f5765684b69742d32463d3b352c313c273a302a4142544d462532432d3230646169672738324f656161652925383043687a6f6d6d2d304433383226302c3c3a3939243232342d32305b6964637063273a4637393d2e333c
Requested by
Host: thm.visa.com
URL: https://thm.visa.com/fp/check.js;CIS3SID=7B26224EA9E3E94653C4DB58241B5590?org_id=ge4f5xfn&session_id=bc_checkout_001lp1xxf&nonce=04a387c47059ecb3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thm.visa.com/fp/tags?org_id=ge4f5xfn&session_id=bc_checkout_001lp1xxf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 28 Jan 2024 05:08:56 GMT
Strict-Transport-Security
max-age=31536000
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Type
text/javascript;charset=UTF-8
clear.png
ge4f5xfnesrroi4xqwd7jslgdwp5qxlvwufnt2fu04a387c47059ecb3sac.d.aa.online-metrix.net/fp/ Frame 2BA4 		81 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ge4f5xfnesrroi4xqwd7jslgdwp5qxlvwufnt2fu04a387c47059ecb3sac.d.aa.online-metrix.net/fp/clear.png?org_id=ge4f5xfn&session_id=bc_checkout_001lp1xxf&nonce=04a387c47059ecb3&di=yes
Requested by
Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.3 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thm.visa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Jan 2024 05:08:57 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/ Frame 2C44 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcdO24hAAAAABf5vhNrKlG7hX8gF_wM8xdtIiee&co=aHR0cHM6Ly9jZG4ucG95bnQubmV0OjQ0Mw..&hl=en&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&cb=hc7heb5e9k74
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 00:34:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16459
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 05:28:49 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 27 Jan 2025 00:34:38 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/ Frame 2C44 		481 KB
192 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcdO24hAAAAABf5vhNrKlG7hX8gF_wM8xdtIiee&co=aHR0cHM6Ly9jZG4ucG95bnQubmV0OjQ0Mw..&hl=en&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&cb=hc7heb5e9k74
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cccbd316b2e050d41ebf62c8c613d5bfae33cd43104ac3b772c9e10950a3dbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 05:01:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
428
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
196969
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 05:28:49 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 27 Jan 2025 05:01:49 GMT
HP
xmt.paze.com/fp/ Frame 179E 		19 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xmt.paze.com/fp/HP?session_id=bc_checkout_00192f14&org_id=dubkxo24&nonce=a698d00fb37af09a&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Requested by
Host: xmt.paze.com
URL: https://xmt.paze.com/fp/check.js;CIS3SID=E0061060494F5F4518665DC5ED47344C?org_id=dubkxo24&session_id=bc_checkout_00192f14&nonce=a698d00fb37af09a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
48b3bce3b62db2b48fc94db3aa1a2d3050526941b0daa0755311eae78197806f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xmt.paze.com/fp/tags?org_id=dubkxo24&session_id=bc_checkout_00192f14
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Language
en-US
Content-Length
5768
Content-Type
text/html;charset=UTF-8
Date
Sun, 28 Jan 2024 05:08:58 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=98
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-UA-Compatible
IE=Edge
X-XSS-Protection
1; mode=block
clear.png
xmt.paze.com/fp/ Frame 1889 		81 B
476 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://xmt.paze.com/fp/clear.png
Requested by
Host: xmt.paze.com
URL: https://xmt.paze.com/fp/check.js;CIS3SID=E0061060494F5F4518665DC5ED47344C?org_id=dubkxo24&session_id=bc_checkout_00192f14&nonce=a698d00fb37af09a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*, dubkxo24/a698d00fb37af09abc_checkout_00192f14
Referer
https://xmt.paze.com/fp/tags?org_id=dubkxo24&session_id=bc_checkout_00192f14
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 28 Jan 2024 05:08:57 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Sun, 28 Jan 2024 05:08:57 GMT
Server
Apache
Etag
1ae9cbe5689e40f69d17b637fd8dc07c
Content-Type
image/png
Cache-Control
private, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=97
Content-Length
81
Expires
Fri, 26 Jan 2029 05:08:57 GMT
clear.png
h.online-metrix.net/fp/ Frame 1889
Redirect Chain
  • https://h.online-metrix.net/fp/clear.png?org_id=dubkxo24&session_id=bc_checkout_00192f14&nonce=a698d00fb37af09a&gttl=155520000
  • https://h.online-metrix.net/fp/clear.png?org_id=dubkxo24&session_id=bc_checkout_00192f14&nonce=a698d00fb37af09a&k=2
0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h.online-metrix.net/fp/clear.png?org_id=dubkxo24&session_id=bc_checkout_00192f14&nonce=a698d00fb37af09a&k=2
Requested by
Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd
Protocol
HTTP/1.1
Server
192.225.158.1 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://xmt.paze.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Jan 2024 05:08:58 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=97
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Sun, 28 Jan 2024 05:08:57 GMT
Strict-Transport-Security
max-age=31536000
Server
Apache
P3P
CP=IVAa PSAa
Location
https://h.online-metrix.net/fp/clear.png?org_id=dubkxo24&session_id=bc_checkout_00192f14&nonce=a698d00fb37af09a&k=2
Connection
Keep-Alive
Keep-Alive
timeout=2, max=99
Content-Length
0
ls_fp.html;CIS3SID=E0061060494F5F4518665DC5ED47344C
xmt.paze.com/fp/ Frame 2AF2 		90 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xmt.paze.com/fp/ls_fp.html;CIS3SID=E0061060494F5F4518665DC5ED47344C?org_id=dubkxo24&session_id=bc_checkout_00192f14&nonce=a698d00fb37af09a
Requested by
Host: xmt.paze.com
URL: https://xmt.paze.com/fp/check.js;CIS3SID=E0061060494F5F4518665DC5ED47344C?org_id=dubkxo24&session_id=bc_checkout_00192f14&nonce=a698d00fb37af09a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
7c726031219d8c45278be8daaa80801a9db73449a5875c4874e6cbdd2b34c489
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xmt.paze.com/fp/tags?org_id=dubkxo24&session_id=bc_checkout_00192f14
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Sun, 28 Jan 2024 05:08:58 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=98
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
clear.png
xmt.paze.com/fp/ Frame 1889 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://xmt.paze.com/fp/clear.png?org_id=dubkxo24&session_id=bc_checkout_00192f14&nonce=a698d00fb37af09a&jb=31342c6e7b613f38693464323839356a3161393467673c3b3e38326f3f3362396437363e313632
Requested by
Host: xmt.paze.com
URL: https://xmt.paze.com/fp/check.js;CIS3SID=E0061060494F5F4518665DC5ED47344C?org_id=dubkxo24&session_id=bc_checkout_00192f14&nonce=a698d00fb37af09a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://xmt.paze.com/fp/tags?org_id=dubkxo24&session_id=bc_checkout_00192f14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Jan 2024 05:08:57 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=99
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sid_fp.html;CIS3SID=E0061060494F5F4518665DC5ED47344C
h.online-metrix.net/fp/ Frame 7316 		103 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=E0061060494F5F4518665DC5ED47344C?org_id=dubkxo24&session_id=bc_checkout_00192f14&nonce=a698d00fb37af09a
Requested by
Host: xmt.paze.com
URL: https://xmt.paze.com/fp/check.js;CIS3SID=E0061060494F5F4518665DC5ED47344C?org_id=dubkxo24&session_id=bc_checkout_00192f14&nonce=a698d00fb37af09a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.1 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
2c883418f755a4e5c78f55368a44e6c6e1c0930404fdd856ae0626f8a48fb575
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xmt.paze.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Sun, 28 Jan 2024 05:08:58 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=98
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
top_fp.html;CIS3SID=E0061060494F5F4518665DC5ED47344C
xmt.paze.com/fp/ Frame CF6C 		89 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xmt.paze.com/fp/top_fp.html;CIS3SID=E0061060494F5F4518665DC5ED47344C?org_id=dubkxo24&session_id=bc_checkout_00192f14&nonce=a698d00fb37af09a
Requested by
Host: xmt.paze.com
URL: https://xmt.paze.com/fp/check.js;CIS3SID=E0061060494F5F4518665DC5ED47344C?org_id=dubkxo24&session_id=bc_checkout_00192f14&nonce=a698d00fb37af09a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
3a7785b9970e8e29f2ee7e8c89eb414ea50503f020dc720c39621732db6acdd1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xmt.paze.com/fp/tags?org_id=dubkxo24&session_id=bc_checkout_00192f14
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Sun, 28 Jan 2024 05:08:58 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=97
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
clear.png
xmt.paze.com/fp/ Frame 1889 		0
219 B 		Script
General
Check archive.org
Download Go to
Full URL
https://xmt.paze.com/fp/clear.png?org_id=dubkxo24&session_id=bc_checkout_00192f14&nonce=a698d00fb37af09a&ja=333a3c362e2661372736303a267a3d3824643d3134323a7a3932323a2c616637313630387a3332303224797a713d32723a26647a723d3124333430302e333832382c333c3a302c3b323030243132302c33373a2e3936323a2631323a302c302432246d743f63323a3a6160696e63373d6464666c643b65613a363b333c37323c6839613d61266d663f362673616637303c266e623768747e7073253b4327324627304c7a65742c7a6b7a6524636f6d2d3044667027304c766967712f39466f78675f696c273144647760617a6732362f3836736f737369676c5d696427314e606b5f61626f636b6575745f383233393264333e24786c3f392c7068373738663a3a63613660616c606d31333968373332376165386631626460306e362e686a373861373d3634626d666164393a356e373c6261336b3565383164373a373334652468796d35576b646e6f77792532303933246a73603f496a7a6f6f6f2f32303b32302662716d753d556b64666777712c6073627f3d43687a6d6f65266c6a693f3c266c6e673d382c6e6d74783f3226747866375269636b6c6363253846486f666d6e756c772467637c6870373e3030396431633a6067633030673c616b35343a3a38326b6431353d3632316666363f3a3031363b6e36656b6132346c613b346164606e353a3333393b39366b266472356a767470712739432d32442f3846636265636b6777762e7063786f2c6b6f6f2f3846267a3d706c7d656b6e5f646e6b716025374f6c616c79652170647765696e5d75636c6c6f7579556d656e69615f786e63796570273f476e616e796f217066756769665d63646f606755636b726d686b74253f45666164716721706e776d6b665f737f63636b7e696d652d374766616e716f23786c776d636e5f79686f63637563766527374f64696c716f2b706c7f67696e577067616c726e6b7b6d72273f4f666166736521786e7767696c5d7c6e6b5f72666b7965782535456e636e7365237266776f696c556e65766b6c76722d374766616e716f23786c776d636e5f7976675f7e6b67776570273f476e616e796f217066756769665d68617663273f476e616e796f2667665f633d7f6760676c556768454425303a3b2e302f3230284772676e474e2738324d5327383a322e3a2532304b6a706f6d6b77672b5f65604d4625323a474c53442730304551273832392e322f3830284570656e4f4e27323047512f3038474e594625323a4553253a32332e3027303a4160726d6763756d23576562436b765765604963762d32325d6f624746414e4744475d696e71766b6c6b6566556b72726b7973253b40273230475a5e5d6a6c67646e5f6d636e6d61702731422530324f5a5c5f6165666f72556275666e67705f68636e6c5d6e6c6d6b7e2533482532304d5a565f666e6d6b7657626e6f6464253942253238475a545f64706b655764677a7e68253942253238475a545f716a6b666d725d7e6f78747f72655f646d662533402738324d5856557e65787e75726557616d6d7070677971616f6c55687074692533422d30324558565d7e67707477786f5f63656d70726d7171696f6c5d78657c6327394825323a455854577667787477706f5d6e696e7e6f725f6b6e69736776706f706b612f314a25303a4f5854557352474a27314225303245475b5f67666f6d6564745f69666667785f776b64762d33402f38304f4f535f666a6d5d72656c666f70576d6b7a6761702f3342253a324d45535d717e63666463786e5f646f72697669766b7665712739402d3232454f535f7e6578747d70675f666e6d6b762d33402f38304f4f535f746d7a767572675d6c6e6761765566696e6f6172253b402732304d47595d7c657a7e7f72655568616c6e5d646c6f63762f314a25303a454553557465787c7770655f6a63666457666e656b745f66696e65697027334227303a4d4d535d7c6f72746f785f617a7063795f6d6060676b7427394825323a5745424f4e5d636f6e6d785d6a75646c6f725f6c6c6f617c2731422530325d474a474e55696f6d7a7265737b67665f74677a7e777a655d6b7974632f3342253a32554542454e5561676d72786f73736f645f746d7a767572675d6f766b2531482f32305d454247445d616f6d72706f717b6566557e65787e7572655767766331273148273a30554f48474c55636f6d7870677373676655766d78767f78655f793374632d3140253232554f404f4c5d69656d70786573736d665d74657a767f706d5f71397e635f797267622d3140253232554f404f4c5d6e6f62756d5f72656666677265705d636c6e6f27394825323a5745424f4e5d64657276625d7c657a7e7f72652f3342253a32554542454e55667a6175556875666c6572732d3140253232554f404f4c5d6665736555636f6e7c677a742531402f30385747484d4c5f67756c74615d66726175333c246f6c5d623733666c3564666e36353430666669363837673c3862653a6537346c3037353434333a366c34303f3326776d6c763d416c76656c27303a4b66632c2c7d676c783d496e7c676e2532324b786b7b25303a45706564474c253a32476e676b6c6f246b6366373b&jb=33373f2464713f47657a69666c61253a44372e3027303a2a5f696c6e6577732f32304e5c27303031322c3a273b4227383a5769643634253b402732307a343e2b2d32324b7a706c6f576562436b762532443739352633342f3830284148544d44273043253032666b636527383a4765696b6f292d30324368706d67672d32443b38302e3a2e3630313b2c3232362738325b61646b786925384635333f2c3136
Requested by
Host: xmt.paze.com
URL: https://xmt.paze.com/fp/check.js;CIS3SID=E0061060494F5F4518665DC5ED47344C?org_id=dubkxo24&session_id=bc_checkout_00192f14&nonce=a698d00fb37af09a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://xmt.paze.com/fp/tags?org_id=dubkxo24&session_id=bc_checkout_00192f14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 28 Jan 2024 05:08:57 GMT
Strict-Transport-Security
max-age=31536000
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Type
text/javascript;charset=UTF-8
clear.png
dubkxo24ospy3uz7vwrqx7tiqweiy52voj6tokiqa698d00fb37af09asac.d.aa.online-metrix.net/fp/ Frame 1889 		81 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dubkxo24ospy3uz7vwrqx7tiqweiy52voj6tokiqa698d00fb37af09asac.d.aa.online-metrix.net/fp/clear.png?org_id=dubkxo24&session_id=bc_checkout_00192f14&nonce=a698d00fb37af09a&di=yes
Requested by
Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.3 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://xmt.paze.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Jan 2024 05:08:58 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear.png
thm.visa.com/fp/ Frame 2BA4 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thm.visa.com/fp/clear.png?org_id=ge4f5xfn&session_id=bc_checkout_001lp1xxf&nonce=04a387c47059ecb3&jac=1&je=373432242e6a64643733266066683d313936393f3364606c3b3f33356f393637686137353c62623b3160613638613026686c7e6e3d3a3a34313a3a332e786f3f6c65246a6176797e3d253d4225323a6c657e6d6e273038273b4133243a3025384325323a7374697c77712738302d33432f38326362617267616e672d3a3027354e24697566623763613d6239653e6536303961616369346e32633d693139383933363b34366a3d6131333d3b3e62366e3264643e3836303833386e6d36643239646b643a3e3f39266f78333d6b31336b3c67323733673031663a3d376639666462386438303f633b3a3e366938606f6933633962267569683d2d3f40273038637a636a637e65637e7572652d32322d3b43273038273a322738492532386269746665737b2d30302739432d32302f383225384325323a6272696666712738302d33432f3f42253f4425324b25323a6e776e6e5c677a736b65644c69797425323a2533492d3740273f462d32412f38326d6562696c6d25323a2d3143646b6e7b652738492532386d6f646d6c253a3a2731432f303a2530382f32432f3232706461746e67706f2738302d33432f383225383225324b25323a786e63766c6d7a6d546f787369656e25323a2533492d30302738302d32412f383277657736342d32322d3b43646366716d25354e2c7561663d25374a25323a6a70636c6e712d32302f3941253f4225354c25324b2d30306f6560616c672f383225394166616473652d3a41273038726461766c65726d2f3232253b41253a3a2730302f354c
Requested by
Host: thm.visa.com
URL: https://thm.visa.com/fp/check.js;CIS3SID=7B26224EA9E3E94653C4DB58241B5590?org_id=ge4f5xfn&session_id=bc_checkout_001lp1xxf&nonce=04a387c47059ecb3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thm.visa.com/fp/tags?org_id=ge4f5xfn&session_id=bc_checkout_001lp1xxf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Jan 2024 05:08:57 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=97
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear.png
thm.visa.com/fp/ Frame 9692 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thm.visa.com/fp/clear.png?org_id=ge4f5xfn&session_id=bc_checkout_001lp1xxf&nonce=04a387c47059ecb3&jf=31342c6e7b623f3b3c62626f3563636c33646d3c3b66676b323163353c6864643f3837323f3036
Requested by
Host: thm.visa.com
URL: https://thm.visa.com/fp/ls_fp.html;CIS3SID=7B26224EA9E3E94653C4DB58241B5590?org_id=ge4f5xfn&session_id=bc_checkout_001lp1xxf&nonce=04a387c47059ecb3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thm.visa.com/fp/ls_fp.html;CIS3SID=7B26224EA9E3E94653C4DB58241B5590?org_id=ge4f5xfn&session_id=bc_checkout_001lp1xxf&nonce=04a387c47059ecb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Jan 2024 05:08:57 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=95
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear1.png;CIS3SID=7B26224EA9E3E94653C4DB58241B5590
thm.visa.com/fp/ Frame 2BA4 		0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thm.visa.com/fp/clear1.png;CIS3SID=7B26224EA9E3E94653C4DB58241B5590?org_id=ge4f5xfn&session_id=bc_checkout_001lp1xxf&nonce=04a387c47059ecb3&jf=36333c247b696655786e6437746472574a32435f446b507c67473570624e58542c7369645764617c6d3f33353a343c313a3f3937267969645f7c79706d3575676030676b64716b2c73696e5f6b65713d33383d3b31323b313836323d3861383c3438636d3364383a3233323c32303263323c34386965336438333039383532313e303830323e686530386535396938313f6b6460363d3a396366333c32343f6632653f3565316a663a613c343c31363b3261333f6638333e3431396c6767303b643e303333696466333236656c37346b6e32606338333165306f3f37326c6562326b62616a3061603768366d35673d6b6539383663326e64313a3d35366169636e3434693a65267969645f7b6967353b3236373a303a30343d6b3030326562663f34623f693463323e316b633333383761396135303d663131306366363b326c62366c3c6438683166396a32303f3931666732606c35313a3832313a3062343e38626d3166343432336c3867323d33366b3337336d34386a6a3231323b306a643b3a3d6439323563616962633d383730323c616e39663d3264656b3435267b69667a3532
Requested by
Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thm.visa.com/fp/tags?org_id=ge4f5xfn&session_id=bc_checkout_001lp1xxf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Jan 2024 05:08:57 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=2, max=94
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear3.png;CIS3SID=E0061060494F5F4518665DC5ED47344C
xmt.paze.com/fp/ Frame 1889 		0
218 B 		Script
General
Check archive.org
Download Go to
Full URL
https://xmt.paze.com/fp/clear3.png;CIS3SID=E0061060494F5F4518665DC5ED47344C?org_id=dubkxo24&session_id=bc_checkout_00192f14&nonce=a698d00fb37af09a&je=34342c24626161373b26626273626b352737422537402f303a5a2738382532493225324b33353036363332373b37363a3325354e2535442e606a7362695d636c6c657a373a
Requested by
Host: xmt.paze.com
URL: https://xmt.paze.com/fp/check.js;CIS3SID=E0061060494F5F4518665DC5ED47344C?org_id=dubkxo24&session_id=bc_checkout_00192f14&nonce=a698d00fb37af09a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://xmt.paze.com/fp/tags?org_id=dubkxo24&session_id=bc_checkout_00192f14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 28 Jan 2024 05:08:57 GMT
Strict-Transport-Security
max-age=31536000
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=2, max=99
Content-Type
text/javascript;charset=UTF-8
clear.png
xmt.paze.com/fp/ Frame 1889 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://xmt.paze.com/fp/clear.png?org_id=dubkxo24&session_id=bc_checkout_00192f14&nonce=a698d00fb37af09a&jac=1&je=363b32242e6a64643733266066683d313b343137336468643137313d6f33363d6261373d366062333b6069363a633a2c606674643d303a3a3438332663776e6a3563633d6839653c6536383961616163346438633f6333333839333c3334366a37613331353b3c603c643a6e6e34383c303033306467346632316c616c38363f33266572333d633931613465323733673031663a3d37663966646238663a3837633b32363c613a686f6333693362267d636a3d2535402f303a6170696269746f6374757a6727323227314b273a322738382532492532326a6b766e6571712f303a25314b2f32322f3232253a4127323260706b6c6c7327383825334b2535422d37462532412738306e756e665c657279696f6e446b71742530302f31492537482f35442f3243253a306f6f626b6e6f273a3227394b6661667365253a412732326f6d6e67642530382f33412f3232253a30273243273038726461766c65726d2f3232253b43273232273038273a43273838706c6b74666f7a6f546572716b656c2d32302f394125383225323a2730432530307d6d7f36362f38322539416661647167253746247f63643d273d482532386272616666712532302739432d35402f3f4425384325323a6f6d62696e672f303a25314b6c616c796525324b273032706e637e6467726f2f383225394125323a273032253546
Requested by
Host: xmt.paze.com
URL: https://xmt.paze.com/fp/check.js;CIS3SID=E0061060494F5F4518665DC5ED47344C?org_id=dubkxo24&session_id=bc_checkout_00192f14&nonce=a698d00fb37af09a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://xmt.paze.com/fp/tags?org_id=dubkxo24&session_id=bc_checkout_00192f14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Jan 2024 05:08:58 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=96
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear3.png;CIS3SID=E0061060494F5F4518665DC5ED47344C
xmt.paze.com/fp/ Frame 1889 		0
218 B 		Script
General
Check archive.org
Download Go to
Full URL
https://xmt.paze.com/fp/clear3.png;CIS3SID=E0061060494F5F4518665DC5ED47344C?org_id=dubkxo24&session_id=bc_checkout_00192f14&nonce=a698d00fb37af09a&jac=1&je=35332c246a68717e7a6e3d2f3742253a3036253230273943392530492f32323b3025323a27314133352738412d32303f3a2532382533413927304325303032342d32302f3941312f3744
Requested by
Host: xmt.paze.com
URL: https://xmt.paze.com/fp/check.js;CIS3SID=E0061060494F5F4518665DC5ED47344C?org_id=dubkxo24&session_id=bc_checkout_00192f14&nonce=a698d00fb37af09a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://xmt.paze.com/fp/tags?org_id=dubkxo24&session_id=bc_checkout_00192f14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 28 Jan 2024 05:08:58 GMT
Strict-Transport-Security
max-age=31536000
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=2, max=95
Content-Type
text/javascript;charset=UTF-8
clear.png
thm.visa.com/fp/ Frame 2BA4 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thm.visa.com/fp/clear.png?org_id=ge4f5xfn&session_id=bc_checkout_001lp1xxf&nonce=04a387c47059ecb3&jac=1&je=333a2c247f656b3739382e3b33322e393138263e3a
Requested by
Host: thm.visa.com
URL: https://thm.visa.com/fp/check.js;CIS3SID=7B26224EA9E3E94653C4DB58241B5590?org_id=ge4f5xfn&session_id=bc_checkout_001lp1xxf&nonce=04a387c47059ecb3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thm.visa.com/fp/tags?org_id=ge4f5xfn&session_id=bc_checkout_001lp1xxf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Jan 2024 05:08:58 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=93
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear1.png;CIS3SID=E0061060494F5F4518665DC5ED47344C
xmt.paze.com/fp/ Frame 1889 		0
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xmt.paze.com/fp/clear1.png;CIS3SID=E0061060494F5F4518665DC5ED47344C?org_id=dubkxo24&session_id=bc_checkout_00192f14&nonce=a698d00fb37af09a&jf=36333c247b696655786e6437746472574a72436d744e3a607269313f657056402673696c5d666174673f3b353836363b3235333d2673696c5d767970673f7d676a3a67696e73612c736964576967793d31323f3b3b3033393a36303d3261383e363a636531663a303831323c3a38326b383634306167336432313a33383732393e32303a3034643a343338623a33326139353a333d30336e3266386c66603736316633333938636b3e6530696533623b3a61326235316e673a62353f3266396965336269663666373a356c30306460686964356c6565303e6132316163633a613e35616f696465333836613e3267343133333a34386263383a37353e3432663b6464653932672c7161645d7963673d39303435383030303361363d373f66636f3339666b6432643b323b6561313732343b383b333930633b613638693366323636343e363033343a6b31373b3862613060603361613139323a32333a3a6234336361636d34603539333269373e36646b696162333366306e3433666230336b323e6360683e37356f61653131613a6335306032353a62633e6e6134333626736164703d30
Requested by
Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://xmt.paze.com/fp/tags?org_id=dubkxo24&session_id=bc_checkout_00192f14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Jan 2024 05:08:58 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=2, max=100
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear1.png;CIS3SID=DBE5ABA15CFFD2FA3153B1A55856B842
h.online-metrix.net/fp/ Frame 4FE7 		0
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h.online-metrix.net/fp/clear1.png;CIS3SID=DBE5ABA15CFFD2FA3153B1A55856B842?org_id=ge4f5xfn&session_id=bc_checkout_001lp1xxf&nonce=04a387c47059ecb3&jf=36333e247b696655786e6437746472575546473a494b51656844764a7e7e61762c7369645764617c6d3f33353a343c313a3f3937267969645f7c79706d3575676030676b64716b2c73696e5f6b65713d33383d3b31323b313836323d3861383c3438636d3364383a3233323c32303263323c34386965336438333039383532313e303830323e3b33663c6561316b336438396163663a613d62606b3836343d3631343e6639386c363b366f313a3964333c31386e6133613139656b6d3567316b633f6332333b61303d3364366e61303d3a3334603a676c38606f3937333e3538643163343d6b32303638343c32373d333032333334383833366b396337323834313836383c61267969645f7b6967353b3236363a303a30313f3835356b3538383832396c383336316e3a39303b396e61626f6639336d61303b3d323a373b636e62636e3a34666f3161336d32386b3a3a61673b633d38313a3832303a6238323e3835303c3235636c363932366f6830663e3837623e35646a386631666c613d36373b6936303b3535343d64363e6e3531603e663d62363f3e32396f2673696e723d39
Requested by
Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.1 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=7B26224EA9E3E94653C4DB58241B5590?org_id=ge4f5xfn&session_id=bc_checkout_001lp1xxf&nonce=04a387c47059ecb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Jan 2024 05:08:58 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=2, max=100
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
MxL-5nwwlOXLnw48P5Qma8MW4lQG7Q2rhXcL3r2wtjE.js
www.google.com/js/bg/ Frame 2C44 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/MxL-5nwwlOXLnw48P5Qma8MW4lQG7Q2rhXcL3r2wtjE.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3312fee67c3094e5cb9f0e3c3f94266bc316e25406ed0dab85770bdebdb0b631
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcdO24hAAAAABf5vhNrKlG7hX8gF_wM8xdtIiee&co=aHR0cHM6Ly9jZG4ucG95bnQubmV0OjQ0Mw..&hl=en&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&cb=hc7heb5e9k74
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 04:25:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
175407
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6929
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 10:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Jan 2025 04:25:31 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 2C44 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 05:53:22 GMT
x-content-type-options
nosniff
age
170136
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Fri, 02 Feb 2024 05:53:22 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2C44 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcdO24hAAAAABf5vhNrKlG7hX8gF_wM8xdtIiee&co=aHR0cHM6Ly9jZG4ucG95bnQubmV0OjQ0Mw..&hl=en&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&cb=hc7heb5e9k74
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 05:57:15 GMT
x-content-type-options
nosniff
age
169903
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jan 2025 05:57:15 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2C44 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcdO24hAAAAABf5vhNrKlG7hX8gF_wM8xdtIiee&co=aHR0cHM6Ly9jZG4ucG95bnQubmV0OjQ0Mw..&hl=en&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&cb=hc7heb5e9k74
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 06:09:12 GMT
x-content-type-options
nosniff
age
169186
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jan 2025 06:09:12 GMT
webworker.js
www.google.com/recaptcha/enterprise/ Frame 2C44 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=QUpyTKFkX5CIV6EF8TFSWEif
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcdO24hAAAAABf5vhNrKlG7hX8gF_wM8xdtIiee&co=aHR0cHM6Ly9jZG4ucG95bnQubmV0OjQ0Mw..&hl=en&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&cb=hc7heb5e9k74
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7d61c6329c5eea651d09e2f4d8f5533751b47d90af6e75c0db658ff1c84712ce
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcdO24hAAAAABf5vhNrKlG7hX8gF_wM8xdtIiee&co=aHR0cHM6Ly9jZG4ucG95bnQubmV0OjQ0Mw..&hl=en&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&cb=hc7heb5e9k74
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 05:08:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sun, 28 Jan 2024 05:08:58 GMT
check.js
xmt.paze.com/fp/ Frame 179E 		208 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xmt.paze.com/fp/check.js?&pageid=99998&session_id=bc_checkout_00192f14&org_id=dubkxo24&nonce=a698d00fb37af09a
Requested by
Host: xmt.paze.com
URL: https://xmt.paze.com/fp/HP?session_id=bc_checkout_00192f14&org_id=dubkxo24&nonce=a698d00fb37af09a&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
6ff773611d5e5c74e9f8fa1b19a701f65591aedd13dd052e35cf223ac2cb52c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://xmt.paze.com/fp/HP?session_id=bc_checkout_00192f14&org_id=dubkxo24&nonce=a698d00fb37af09a&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 28 Jan 2024 05:08:58 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
tmx-nonce
a698d00fb37af09a
Connection
Keep-Alive, Keep-Alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
X-Robots-Tag
noindex, nofollow
Keep-Alive
timeout=2, max=100
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear.png
xmt.paze.com/fp/ Frame 2AF2 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://xmt.paze.com/fp/clear.png?org_id=dubkxo24&session_id=bc_checkout_00192f14&nonce=a698d00fb37af09a&jf=31342c6e7b623f38693464323839356a3161393467673c3b3e38326f3f3362396437363e313632
Requested by
Host: xmt.paze.com
URL: https://xmt.paze.com/fp/ls_fp.html;CIS3SID=E0061060494F5F4518665DC5ED47344C?org_id=dubkxo24&session_id=bc_checkout_00192f14&nonce=a698d00fb37af09a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://xmt.paze.com/fp/ls_fp.html;CIS3SID=E0061060494F5F4518665DC5ED47344C?org_id=dubkxo24&session_id=bc_checkout_00192f14&nonce=a698d00fb37af09a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Jan 2024 05:08:58 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=94
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear1.png;CIS3SID=21EEC61CB58BB43224FC6C6FD2A3617A
h.online-metrix.net/fp/ Frame 7316 		0
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h.online-metrix.net/fp/clear1.png;CIS3SID=21EEC61CB58BB43224FC6C6FD2A3617A?org_id=dubkxo24&session_id=bc_checkout_00192f14&nonce=a698d00fb37af09a&jf=36333c247b696655786e64377464725776473578766e53465d574c46695a6b7a2673696c5d666174673f3b353836363b3235333d2673696c5d767970673f7d676a3a67696e73612c736964576967793d31323f3b3b3033393a36303d3261383e363a636531663a303831323c3a38326b383634306167336432313a33383732393e32303a3034313b64346561336139663831616b6e30633f6262613a3436373633363c643130663e33346539323966313433386463316b3b3165616f3d65336b613763383b33613035316e346e61323f38313668306564306067333731363f3a6c39613e3f6330383432363c30373739323033313c3832393c63316b3530323e3b3a343234632c7161645d7963673d393034353830303130323b32616b6361393a34373f6532663a3b66353335376f32313630393a39303f3136343c3464616367643c643d3367386b64633a3134623a3367646666316867313030383a37646f6238646c336062363a6432663a3967696b33636b356539693a6638663b363c3a69613b6e3966393a3530306a32633366353769356c66356f6c31346c3926736164703d31
Requested by
Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.1 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=E0061060494F5F4518665DC5ED47344C?org_id=dubkxo24&session_id=bc_checkout_00192f14&nonce=a698d00fb37af09a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Jan 2024 05:08:58 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=2, max=100
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
track
centralus-2.in.applicationinsights.azure.com//v2/ 		49 B
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://centralus-2.in.applicationinsights.azure.com//v2/track
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.118.198.34 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
2f06451e2da9bcec5593f0e5f8be5aaf93a584def5560838666f6ddcc0f90a19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://patient.moolah.cc/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000
date
Sun, 28 Jan 2024 05:08:58 GMT
x-content-type-options
nosniff
server
Microsoft-HTTPAPI/2.0
content-length
49
content-type
application/json; charset=utf-8
track
centralus-2.in.applicationinsights.azure.com//v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://centralus-2.in.applicationinsights.azure.com//v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.118.198.34 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://patient.moolah.cc
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Sun, 28 Jan 2024 05:08:58 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
clear3.png;CIS3SID=E0061060494F5F4518665DC5ED47344C
xmt.paze.com/fp/ Frame 1889 		0
218 B 		Script
General
Check archive.org
Download Go to
Full URL
https://xmt.paze.com/fp/clear3.png;CIS3SID=E0061060494F5F4518665DC5ED47344C?org_id=dubkxo24&session_id=bc_checkout_00192f14&nonce=a698d00fb37af09a&je=37352c24626161373b26626273626b352737422537402f303a472738382532493130303f2730433127374e273d442468627362615f696e6c677a3d31
Requested by
Host: xmt.paze.com
URL: https://xmt.paze.com/fp/check.js;CIS3SID=E0061060494F5F4518665DC5ED47344C?org_id=dubkxo24&session_id=bc_checkout_00192f14&nonce=a698d00fb37af09a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://xmt.paze.com/fp/tags?org_id=dubkxo24&session_id=bc_checkout_00192f14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 28 Jan 2024 05:08:58 GMT
Strict-Transport-Security
max-age=31536000
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=2, max=99
Content-Type
text/javascript;charset=UTF-8
clear.png
xmt.paze.com/fp/ Frame 1889 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://xmt.paze.com/fp/clear.png?org_id=dubkxo24&session_id=bc_checkout_00192f14&nonce=a698d00fb37af09a&jac=1&je=3a352c247f656b3739382e3b33322e39333a2e363a247a6f356e6d2c68617479743d253f402732326e677c67642530382f33413b2e30302d3041253230717e637c75712f383225394125323a616a6172656b64652d32302f3d44
Requested by
Host: xmt.paze.com
URL: https://xmt.paze.com/fp/check.js;CIS3SID=E0061060494F5F4518665DC5ED47344C?org_id=dubkxo24&session_id=bc_checkout_00192f14&nonce=a698d00fb37af09a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://xmt.paze.com/fp/tags?org_id=dubkxo24&session_id=bc_checkout_00192f14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Jan 2024 05:08:58 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=93
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ARF;CIS3SID=07FDE9E91A66100C408627B8DE83A8A0
xmt.paze.com/fp/ Frame 179E 		35 B
557 B 		Script
General
Check archive.org
Download Go to
Full URL
https://xmt.paze.com/fp/ARF;CIS3SID=07FDE9E91A66100C408627B8DE83A8A0?org_id=dubkxo24&session_id=bc_checkout_00192f14&nonce=a698d00fb37af09a&pageid=99998&sera_parametere=B0YEWVVVCVdVBQEAVlIAVlBTCQ9RUgcEVwdVU1EJXwVVUgFcBQMAVAELBkcVQwQID0ZMTBcVAyJHBHVEUXQcU1FcSl0IVV0DDEdERFV0HFYjBhwPIBUCVgpcRBUVFQolRAF7HVN0FgILDlJRUANfBFMHXQxUVghVVQZUWFUDDVlQVQgJBgJUUFBRA1EDAQkAWVMfVgteUwNfUgFYXlQJUQdUCg8FVgBfAxVdElsAQQAAD1sBUggHX1VRD1MEUghXAFJfAVBUAgBbAVNYUFEOU1FSCl0AAQBAA1oKUFQCDlVHX1AFSQEWFgsODlhfCQFHCV0EHgYNcw4QXFoEQFJPXFAECR4GX0NbNVpZBQlHSkcCVARMAEpvBQNfWwMHU1JHBEIEDFY%3D&count=0&max=0
Requested by
Host: xmt.paze.com
URL: https://xmt.paze.com/fp/check.js?&pageid=99998&session_id=bc_checkout_00192f14&org_id=dubkxo24&nonce=a698d00fb37af09a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
b731e26fa52ba61e7b37a4704134bf63bfc91fdb2fc21bb524dd858ea121b2ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://xmt.paze.com/fp/HP?session_id=bc_checkout_00192f14&org_id=dubkxo24&nonce=a698d00fb37af09a&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Jan 2024 05:08:58 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=2, max=92
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| FontAwesomeKitConfig function| $ function| jQuery number| uidEvent object| bootstrap object| Transparency function| SignaturePad function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal object| formatter object| appInsights object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| amount function| removeApplePay string| state function| appendGetCardRedirect function| stateIs function| getTotal function| doingApplePay function| processing function| error function| getPaymentPayLoad function| getApplePayPaymentPayLoad function| validateEmail function| validateAmount function| validate object| Alpine function| AutoNumeric object| aNFormHandlerMap object| autoNumericGlobalList function| TokenizeJs object| Microsoft object| __dynProto$Gbl object| recaptcha object| closure_lm_513850 object| __post_robot_10_0_46__ object| DIGITAL_WALLET_SDK object| denylistedDomainsHashedValueListForGpayButtonWithCardInfo object| whitelistedDomainsHashedValueListForGpayButtonWithCardInfo object| denylistedMerchentIdsHashedValueListForGpayButtonWithCardInfo object| denylistedMerchantIdsHashedValueListForGpayButtonVariant string| dynamicGpayButtonVariant object| google boolean| isApplePay

14 Cookies

Domain/Path Name / Value
patient.moolah.cc/ Name: .AspNetCore.Antiforgery.9fXoN5jHCXs
Value: CfDJ8Bce-BDY_WFOvvXv45nInWaTskYMKGjUblu34eee0TxEiW6OBxpB0bGvOY56LEM3nFztTyK7rJmKElR5fvfZGIX-P87_5uRysjOtV5ON_WSJTvZBGZEJRo-n4ZQlHA7sAUJ62qkFlWHaTlcN_R745OM
.patient.moolah.cc/ Name: ARRAffinity
Value: 65f8186d9c84064d1cd01131f7eb9bcb94b8cc785e23815e98353abc1486973e
.patient.moolah.cc/ Name: ARRAffinitySameSite
Value: 65f8186d9c84064d1cd01131f7eb9bcb94b8cc785e23815e98353abc1486973e
.www.moolah.cc/ Name: __cf_bm
Value: iPy_LP_6hJVlgavyE3ZgIa6Ju9INQzlyIL2xPZHYxiE-1706418533-1-AeKAoJ30LkqHFK7/tdw2VlftbwlImZf3uEFjA7fovEcgDDRKwf4JCz5f5r8QIZ1pZxXCsEoBOicxaUngUmfsSCQ=
patient.moolah.cc/ Name: mp_b3053c0785212011971a15669b094404_mixpanel
Value: %7B%22distinct_id%22%3A%20%22%24device%3A18d4e78790477c-071380f2f6c80d-6b305750-1d4c00-18d4e78790477c%22%2C%22%24device_id%22%3A%20%2218d4e78790477c-071380f2f6c80d-6b305750-1d4c00-18d4e78790477c%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
patient.moolah.cc/ Name: ai_user
Value: 1e9DKuJQB/BhbBiEn5NJte|2024-01-28T05:08:54.702Z
.checkout.paze.com/ Name: __cf_bm
Value: npFB8a4G3mkXAYmADNowHvrRX8MLw6pG7qLEVcZK5Ro-1706418534-1-AWLYTeSKbYAaF+GtpDIx4OLA0fiIQfo0s2i/DjuRailGZqh822mBLItqu1utTi9bLOGNcNyjXcb3SalcnaSoB3Q=
.checkout.paze.com/ Name: __cfruid
Value: 0228999c7e6e158736acb34001a40de3416c9da4-1706418534
.paze.com/ Name: x-via-hint
Value: D9D9F7D820693030312E762E303030BF0058567B3030317D3A414149335157446B66797A4D686F503259766148483677647A564653625946505A7449645569502B704D48444E79575A6D5241594B3966715958647956623759382B56644B49584766625777766C633DFF
xmt.paze.com/ Name: thx_guid
Value: 287a59ab01370393f9c80784f98ad163
thm.visa.com/ Name: thx_guid
Value: 768816072c36e502d4e6a4175dec527a
.google.com/ Name: NID
Value: 511=LeeR3MxERiiwZFtfvKYsTH4bfgD0tIzstxZ_7ZgU51xm2SnY551q9770EHJLlabRBFndOR1PkPWxf11-Xnc5YBgZqop9LgkXjGRX9t0Uw-HrAm8BAW-N-wh4680cO76zTMJMsGLWrepxaTrMgS9or-g8k0I0pkEt82BpXtPW4VU
h.online-metrix.net/ Name: thx_global_guid
Value: 9471a0f75edd4f5e80f463440c903dd9
patient.moolah.cc/ Name: ai_session
Value: Y3bYbpSKj4aW3lU6qeaa+m|1706418538427|1706418538427

2 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdn.poynt.net
centralus-2.in.applicationinsights.azure.com
checkout.paze.com
dubkxo24ospy3uz7vwrqx7tiqweiy52voj6tokiqa698d00fb37af09asac.d.aa.online-metrix.net
events.api.secureserver.net
fonts.gstatic.com
ge4f5xfnesrroi4xqwd7jslgdwp5qxlvwufnt2fu04a387c47059ecb3sac.d.aa.online-metrix.net
h.online-metrix.net
img1.wsimg.com
js.monitor.azure.com
ka-p.fontawesome.com
kit.fontawesome.com
patient.moolah.cc
pay.google.com
play.google.com
services.poynt.net
thm.visa.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.moolah.cc
www.payments.minal.dental
xmt.paze.com
104.18.1.217
104.43.254.102
108.138.106.92
141.193.213.20
192.225.158.1
192.225.158.132
192.225.158.3
20.118.198.34
23.12.144.244
2600:141b:1c00:16::17c4:32a
2606:4700:3035::ac43:9be4
2606:4700:4400::6812:2844
2606:4700:4400::ac40:93bc
2607:f8b0:4004:c08::5c
2607:f8b0:4006:80f::2008
2607:f8b0:4006:816::2004
2607:f8b0:4006:817::2003
2607:f8b0:4006:817::200e
2607:f8b0:4006:81e::2003
2620:1ec:29:1::40
2a04:4e42:600::485
3.211.173.186
094c520af66fbb1ec8d948c9934d21209cdadc530d91d9557e0db2725a7d746e
125538591b76ae391c6ab9cb3360129376b47c4db0c3eb5cc6c22baf190ac8bf
13bbc3fbf68d09f1287c06c397f01a21310993d363febc088adee89c537d3d34
19e90ebccf9d2ff6c5e30b8127c754591d24adf28002986833aa34ba126587d4
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1d65e1a66944c0e257d382282e308e40ea8c3c9c20fb0721395e5c3a38c93b32
1e0a8deaee954bf967e1da9872e2bba6c3454ca3e04acadd336c9f887eb66684
1efddb924cb0f78a6f3e5a2137fa9ea3c4663b9dc3c45f6031d547d8c9ab2170
1f4e21feed5736f48ba31de512e65b3c0a0e472b04e930940d9656e0f691017a
2068c1b1d70c20a53aef9e1817610fefb9e67648d2966aaa2164f42c722ec124
2a2d69b63163919542fbb8c2d64a9ebd81db9efebb7d10b968d458c0dd4c9abe
2b3cf99ce39e5fc49169454f5639b5341dba747f16e3d01a5b9ebf50792e9a1c
2c01d0b57063d9f32c96ed1a18f7590b596a4084213f551e1f6e03ab6b38792c
2c883418f755a4e5c78f55368a44e6c6e1c0930404fdd856ae0626f8a48fb575
2d5fa531e30ac3debad673003128f1ca9ad3c964ef17b547377e7ed09bd4504f
2f06451e2da9bcec5593f0e5f8be5aaf93a584def5560838666f6ddcc0f90a19
3101cd8208008efa4b132f11b33b6f20955c61435954fb0be2713eadb6a1909b
3312fee67c3094e5cb9f0e3c3f94266bc316e25406ed0dab85770bdebdb0b631
38111703971d869078f60ee18eb5b3ff344f2d9082206891cf12a22b86bdcde0
399d3d62420476c9d331c5418e1b224fe39c3383b07908bfce3b180e1ea18129
3a7785b9970e8e29f2ee7e8c89eb414ea50503f020dc720c39621732db6acdd1
3a8d8c8d1712c6002fcc8c8c2d76595738f8064793990992e1d1b0b4249546c6
3a95ae34eadc3618039d66982956ad1a20c56f1ec57489562d42d4ba01c5f722
3c325075337b768950583012228055ae392e384688d77ec5235e6ca88dcec6ef
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4283e11439e7b626f568defa9d3a9be24fcf25af1d7f747cc6f42b5a208fdcfd
43d8ce764edece404b6fa936be8a8430f8bce9db358669edd967052ff08616e8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
459a26d5e3a70e69dfdcd34f204baf0b4dbeafb3f36930fb2224a8be475dda5e
48b3bce3b62db2b48fc94db3aa1a2d3050526941b0daa0755311eae78197806f
4946b36e5208a0a01e69ac05696229353e101faece5c1572e2a6177742bf7b5c
4a7d4b21b3012f18da0be075ac6b66086b242de02dbdcf8514f1d12e57799dc6
4cda6bb8a89c326eebeed0502e3232d8bbb8c7404a923b47dd304bbd9e34d4a3
4e0a7121d883b013b1878e2b35aa86739d9ff85a3b9801bea0764f37f6c10b0c
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5066f729303a405249469775a90c2a4cee6d523cd413a65813c5082537ca19c4
53861a013923acea8c682704f3fbcaf994d38a0d2c857e9ba45ae77483b5baf0
543775e5a94db5a6de359227d7a77d096aa627aabff43bbaab728dd08c628ce4
54b7b3674f73f1375a349af53b10ba2a4362b4f0cf6e544a52ac9d24aebb21a0
58026d1977117c3e75535b694d5c40c88425b3de6e0b007ce47bec141fbd9b91
58c1fd78a12af7457fcc8fe9c49a1b90f59fd6b871e20620c5e5e989d8c0f8a4
58f2ed3e8753b14d9456de59f7a58f5089c81d1ce6691d80bbd4e58f145ffd2c
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5cf757e2a28dc52d28c78a37806db55bc037ebbf5849bd8b95e5ed77f3a85bef
6af08ac316a08e4311e44f7ccb5196f43389dda40ab5a2566871c7a0efe33894
6c14d731b13bcdec4325028eb0d8d2cb0190b3b1e65e0fcb52907fe6f55c2707
6ff773611d5e5c74e9f8fa1b19a701f65591aedd13dd052e35cf223ac2cb52c6
7129132b4a93fe06b0aa1dda8e12d4abeb8d2d85b43e1492b21ae30a055fa1be
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7b171fe05b9b61912cc25454c52153d374b2b434144833f4396f5fd40138da15
7c726031219d8c45278be8daaa80801a9db73449a5875c4874e6cbdd2b34c489
7d61c6329c5eea651d09e2f4d8f5533751b47d90af6e75c0db658ff1c84712ce
7df2bb71378a86f7de113d17a1766e50aae7b679c1fa25adc8aa23c153f89e27
7e436bb99f7b3d50bf6451b9eacd965eafff9f05b3edee7455ae83c8d28957d7
8087a9d7bf1aca68d19ada4a7e83e7750e3bf6c67573370e8b486051b9ea0d8d
809ab3efb71547b840817152b6f6420044d674175c04f591d3d03f14f340c98a
81405856ecdd7a56958515d7a90de46c8cf39e8fa097ed2cb305c79183b5cb9e
83ddb29456c41da1e77cce82a8884218608d69596779ecb8ccb1cf44bbd2da63
8485e9c6b387a61386fa01f5328623fbc630c6a75157a1fa3cfa385ba76bcd2f
88a7829f6e1acbb3def39f71753973f7a7c630709d05334e26c6d33b5befd825
8f1a84e11f04dcb79a2f1c939c2d527b892f531ae0e2884a6635b707343eb184
9520018fa5d81f4e4dc9d06afb576f90cbbaba209cfcc6cb60e1464647f7890b
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
95c64e2a5edc5cf2f7e4f9f99dde4e772666088edf6c27b6846c5c27421db965
9a67c791841e3e122c4961cbe8bac2ffbf8ccac274d6475ac4bf8597eede4379
a85f1f79a1e5eb0253b9d7fb0b81304d1532f062a4505d5d6e26040b699c669c
a88250ad719c24a9ac181592d3fa25658181d78fa18d100703b658d91bfbe31b
ad583a4bc9eee95fe213ff1e15619489a81b37d4dbf6a71c3dcd72085c11d95b
af5e6f10926689c0a1d8d5cda71c759534ddd4fc98162487e31db7273b744f64
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b731e26fa52ba61e7b37a4704134bf63bfc91fdb2fc21bb524dd858ea121b2ab
bea98833ee3d809de89c3997c437cd14064ed4fc0031e77096144d145e52cdb0
bf1ff971d175c4ecb8915d970b136d412e8b7a235685601c1c4f73afe3ba9749
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
c368e74321d2180806d6982ab26271a765594390c0d50a2e4fe452e901778d5e
c7a89d474401a5b366d5914dbe46dd043dd9a9209c6df0cbc6bd1c6d3cbfcde7
c9fe096d933b4cc05ec5d18f284c5e75f84b4c6b4b4c3a21fbe70602d1bd8cde
cccbd316b2e050d41ebf62c8c613d5bfae33cd43104ac3b772c9e10950a3dbd2
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d84875fea8da82503a6a562dfd4b9951f39c3931246a0302206949ad69399042
dea71bdbc24eda3757d4e3eeb0ebfd950c5434d29a844867ecaec24b8ee3e124
e1436774965a08aa0d002c8a8e5541807cadb02dac49274b0be804fe96334627
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7d7d349a66170e207f7c717f260828716a1f2c296e8aafeb474fdc61237afd4
e83d497a0603364e9586a8a3521a761f48858e1e7de748eb4e469766c500c71e
efbe97f39eaec4c6adb8c62042e36241e14eded1837964b0991b13a03373a4ec
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
f4ae03e6fd076b7e479459127b3e0b20f6c85f0f0b3ae52c424c07e6af342a60
fcbc3c5f0c4a62e0cd9aabcfbe09d6ca01dd627e029ad1eb888745b832c405b3
fe78e21552bee8237a91924c072cc6ac69915a95cbf4bcd1f78c3612a277ddda
fea8a18bf01fd6124fd42a3a4d8f839e67534ac781ea70d46ceb34f349306da7