patient.moolah.cc Open in urlscan Pro
104.43.254.102 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.payment.minal.dental/
Effective URL:
https://patient.moolah.cc/paymentPage/minalpateldmd
Submission: On January 28 via automatic, source certstream-suspicious (January 28th 2024, 2:18:48 am UTC) — Scanned from NL

Summary HTTP 146 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 14 domains to perform 146 HTTP transactions. The main IP is 104.43.254.102, located in Des Moines, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is patient.moolah.cc.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on October 24th 2023. Valid for: 6 months.

This is the only time patient.moolah.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	104.43.254.102 104.43.254.102	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2606:4700:440... 2606:4700:4400::ac40:93bc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
4	141.193.213.20 141.193.213.20	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
12	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
7	65.9.95.49 65.9.95.49	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:400c:c02::5c	15169 (GOOGLE) (GOOGLE)
20	104.18.1.217 104.18.1.217	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2 4	23.53.42.160 23.53.42.160	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	18.232.46.218 18.232.46.218	14618 (AMAZON-AES) (AMAZON-AES)
12	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
4	2a02:26f0:170... 2a02:26f0:1700:11::b856:678c	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
2	20.118.198.33 20.118.198.33	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
30	91.235.133.67 91.235.133.67	30286 (THM) (THM)
1 6	91.235.132.130 91.235.132.130	30286 (THM) (THM)
2	91.235.134.131 91.235.134.131	30286 (THM) (THM)
146	20

1 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.payment.minal.dental	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.43.254.102 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

patient.moolah.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.193.213.20 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.moolah.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

js.monitor.azure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 65.9.95.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-49.prg50.r.cloudfront.net

cdn.poynt.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c02::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 104.18.1.217 (None, )

ASN13335 (CLOUDFLARENET, US)

checkout.paze.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.53.42.160 (Frankfurt am Main, Germany) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-42-160.deploy.static.akamaitechnologies.com

img1.wsimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.232.46.218 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-232-46-218.compute-1.amazonaws.com

services.poynt.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:1700:11::b856:678c (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

events.api.secureserver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.118.198.33 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

centralus-2.in.applicationinsights.azure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 91.235.133.67 (United States)

ASN30286 (THM, US)

thm.visa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
xmt.paze.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 91.235.132.130 (United States) 1 redirects

ASN30286 (THM, US)
PTR: h.online-metrix.net

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.235.134.131 (United States)

ASN30286 (THM, US)

ge4f5xfnbegazpkdt6yuqw7ptjsamt455mtqb7o53ad572257c26fc3cam1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dubkxo246o4fpdz2sdlqyw3d7pdcbfqw4cixh3afc49ac9e5c5969fd9am1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	paze.com checkout.paze.com — Cisco Umbrella Rank: 269950 xmt.paze.com — Cisco Umbrella Rank: 210926	539 KB
24	google.com www.google.com — Cisco Umbrella Rank: 2 pay.google.com — Cisco Umbrella Rank: 2630 play.google.com — Cisco Umbrella Rank: 31	498 KB
16	gstatic.com www.gstatic.com fonts.gstatic.com	988 KB
13	moolah.cc patient.moolah.cc www.moolah.cc	468 KB
12	visa.com thm.visa.com — Cisco Umbrella Rank: 55305	82 KB
12	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1448 ka-p.fontawesome.com — Cisco Umbrella Rank: 3262	274 KB
9	poynt.net cdn.poynt.net — Cisco Umbrella Rank: 105206 services.poynt.net — Cisco Umbrella Rank: 239157	393 KB
8	online-metrix.net 1 redirects h.online-metrix.net — Cisco Umbrella Rank: 2734 ge4f5xfnbegazpkdt6yuqw7ptjsamt455mtqb7o53ad572257c26fc3cam1.e.aa.online-metrix.net dubkxo246o4fpdz2sdlqyw3d7pdcbfqw4cixh3afc49ac9e5c5969fd9am1.e.aa.online-metrix.net	33 KB
4	secureserver.net events.api.secureserver.net — Cisco Umbrella Rank: 8665	1 KB
4	wsimg.com 2 redirects img1.wsimg.com — Cisco Umbrella Rank: 7508	27 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	82 KB
3	azure.com js.monitor.azure.com — Cisco Umbrella Rank: 1654 centralus-2.in.applicationinsights.azure.com — Cisco Umbrella Rank: 34271	57 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	157 KB
1	minal.dental 1 redirects www.payment.minal.dental	509 B
146	14

	Domain	Requested by
20	checkout.paze.com	cdn.poynt.net checkout.paze.com
18	xmt.paze.com	checkout.paze.com xmt.paze.com
12	thm.visa.com	checkout.paze.com thm.visa.com
12	play.google.com	www.gstatic.com
12	www.gstatic.com	www.google.com www.gstatic.com pay.google.com
10	ka-p.fontawesome.com	kit.fontawesome.com
9	patient.moolah.cc	patient.moolah.cc
8	www.google.com	patient.moolah.cc www.gstatic.com www.google.com cdn.poynt.net
7	cdn.poynt.net	patient.moolah.cc cdn.poynt.net
6	h.online-metrix.net	1 redirects thm.visa.com xmt.paze.com
4	events.api.secureserver.net	img1.wsimg.com
4	img1.wsimg.com	2 redirects patient.moolah.cc
4	fonts.gstatic.com	www.google.com
4	pay.google.com	cdn.poynt.net pay.google.com patient.moolah.cc www.gstatic.com
4	www.moolah.cc	patient.moolah.cc
4	cdn.jsdelivr.net	patient.moolah.cc
2	centralus-2.in.applicationinsights.azure.com	js.monitor.azure.com
2	www.googletagmanager.com	patient.moolah.cc www.googletagmanager.com
2	services.poynt.net	cdn.poynt.net
2	kit.fontawesome.com	patient.moolah.cc
1	dubkxo246o4fpdz2sdlqyw3d7pdcbfqw4cixh3afc49ac9e5c5969fd9am1.e.aa.online-metrix.net
1	ge4f5xfnbegazpkdt6yuqw7ptjsamt455mtqb7o53ad572257c26fc3cam1.e.aa.online-metrix.net
1	js.monitor.azure.com	patient.moolah.cc
1	www.payment.minal.dental	1 redirects
146	24

This site contains links to these domains. Also see Links.

Domain
www.moolah.cc

Subject Issuer	Validity	Valid
patient.moolah.cc GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-10-24` - `2024-04-24`	6 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.moolah.cc Cloudflare Inc ECC CA-3	`2023-06-15` - `2024-06-13`	a year	crt.sh
js.monitor.azure.com Microsoft Azure RSA TLS Issuing CA 03	`2023-12-19` - `2024-12-13`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.poynt.net Go Daddy Secure Certificate Authority - G2	`2023-10-12` - `2024-11-12`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
checkout.paze.com Cloudflare Inc ECC CA-3	`2023-05-17` - `2024-05-15`	a year	crt.sh
*.api.secureserver.net Starfield Secure Certificate Authority - G2	`2023-07-10` - `2024-08-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
prod.ai.ingestion.msftcloudes.com Microsoft Azure RSA TLS Issuing CA 03	`2023-11-18` - `2024-11-12`	a year	crt.sh
thm.visa.com SSL.com RSA SSL subCA	`2023-03-22` - `2024-03-21`	a year	crt.sh
xmt.paze.com DigiCert EV RSA CA G2	`2023-07-28` - `2024-07-30`	a year	crt.sh
online-metrix.net Viking Cloud Organization Validation CA, Level 1	`2023-10-20` - `2024-10-21`	a year	crt.sh
*.aa.online-metrix.net Viking Cloud Organization Validation CA, Level 1	`2023-10-20` - `2024-10-21`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://patient.moolah.cc/paymentPage/minalpateldmd
Frame ID: 27B96785ED7E8CD6641C9809EE69E826
Requests: 36 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdDd38gAAAAAFCGTIJxNy4d28zq6AU-xtr1WgYS&co=aHR0cHM6Ly9wYXRpZW50Lm1vb2xhaC5jYzo0NDM.&hl=nl&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&cb=97qemn52ft9n
Frame ID: 3B3BD0D7B80663B9D04BC9C1518984BD
Requests: 8 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fpatient.moolah.cc&mid=
Frame ID: 649835AC25600D445E0F1227C2B79C85
Requests: 13 HTTP requests in this frame

Frame: https://cdn.poynt.net/collect/index.html?paymentMethods%5B0%5D=apple_pay&paymentMethods%5B1%5D=google_pay&paymentMethods%5B2%5D=paze&businessId=b86fd1dc-12ba-412f-b933-191cff33a977&applicationId=urn%3Aaid%3Adf5ae5f0-6360-4024-819f-b7a17b92d5c7&sessionId=2fb532a6-2fd4-4668-bd7d-9127b15e26cd&enableReCaptcha=false&enableCardOnFile=false
Frame ID: 061B62C900DC45D56284EAD2FB5DD718
Requests: 7 HTTP requests in this frame

Frame: https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706408324_732_b2k8l7354457b98p_IWA_CHECKOUT_WIDGET
Frame ID: 5183A658EDEEE95F2A19B6B99B3891D9
Requests: 21 HTTP requests in this frame

Frame: https://thm.visa.com/fp/tags?org_id=ge4f5xfn&session_id=bc_checkout_001d9ehhh
Frame ID: 5314FAFE80E05C20B73DD211D2612BD6
Requests: 10 HTTP requests in this frame

Frame: https://xmt.paze.com/fp/tags?org_id=dubkxo24&session_id=bc_checkout_001035dht
Frame ID: CF0C33218A7C4C221B0979A3B441FC11
Requests: 14 HTTP requests in this frame

Frame: https://cdn.poynt.net/collect/index.html?iFrame%5Bwidth%5D=100%25&iFrame%5Bheight%5D=165px&iFrame%5Bborder%5D=0px&iFrame%5BframeBorder%5D=0px&style%5Btheme%5D=customer&displayComponents%5BfirstName%5D=false&displayComponents%5BlastName%5D=false&displayComponents%5BemailAddress%5D=false&displayComponents%5BsubmitButton%5D=false&displayComponents%5BshowEndingPage%5D=false&displayComponents%5Blabels%5D=true&displayComponents%5BzipCode%5D=true&buttonOptions%5Btype%5D=plain&buttonOptions%5Bwidth%5D=400&buttonOptions%5Bheight%5D=50&businessId=b86fd1dc-12ba-412f-b933-191cff33a977&applicationId=urn%3Aaid%3Adf5ae5f0-6360-4024-819f-b7a17b92d5c7&sessionId=2fb532a6-2fd4-4668-bd7d-9127b15e26cd&enableReCaptcha=false&enableCardOnFile=false
Frame ID: B14E8EE45A814F95C082676460650658
Requests: 8 HTTP requests in this frame

Frame: https://thm.visa.com/fp/ls_fp.html;CIS3SID=2BFB97CDF76E39F2B277913019B54499?org_id=ge4f5xfn&session_id=bc_checkout_001d9ehhh&nonce=3ad572257c26fc3c
Frame ID: D1EC976770AB8DC4193F8FCA388647B3
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=2BFB97CDF76E39F2B277913019B54499?org_id=ge4f5xfn&session_id=bc_checkout_001d9ehhh&nonce=3ad572257c26fc3c
Frame ID: 5D49A9D87066E9C0FDFDD75D05F5C8A1
Requests: 2 HTTP requests in this frame

Frame: https://thm.visa.com/fp/top_fp.html;CIS3SID=2BFB97CDF76E39F2B277913019B54499?org_id=ge4f5xfn&session_id=bc_checkout_001d9ehhh&nonce=3ad572257c26fc3c
Frame ID: 2D8AD1E0F97E8FAE025F91A1DC509C44
Requests: 1 HTTP requests in this frame

Frame: https://xmt.paze.com/fp/HP?session_id=bc_checkout_001035dht&org_id=dubkxo24&nonce=c49ac9e5c5969fd9&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Frame ID: A960DE18DC4C296DBEEC22FF96C9FE53
Requests: 3 HTTP requests in this frame

Frame: https://xmt.paze.com/fp/ls_fp.html;CIS3SID=65451A9C5512AB37C7D3355466609A03?org_id=dubkxo24&session_id=bc_checkout_001035dht&nonce=c49ac9e5c5969fd9
Frame ID: B3FB66A36D2300DC87559F3D0DEACDB2
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=65451A9C5512AB37C7D3355466609A03?org_id=dubkxo24&session_id=bc_checkout_001035dht&nonce=c49ac9e5c5969fd9
Frame ID: 747CFCAF3F48D42CDA1A3DCFB6B3D7CB
Requests: 2 HTTP requests in this frame

Frame: https://xmt.paze.com/fp/top_fp.html;CIS3SID=65451A9C5512AB37C7D3355466609A03?org_id=dubkxo24&session_id=bc_checkout_001035dht&nonce=c49ac9e5c5969fd9
Frame ID: 5B9E69B2635164A38F3CEDBD5E1650ED
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcdO24hAAAAABf5vhNrKlG7hX8gF_wM8xdtIiee&co=aHR0cHM6Ly9jZG4ucG95bnQubmV0OjQ0Mw..&hl=nl&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&cb=ii0i6osshxx2
Frame ID: F2880DF155EC0AA7705A5481B5D20DBA
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Minal J Patel DMD - Online Payment Form

Page URL History Show full URLs

https://www.payment.minal.dental/ HTTP 302
https://patient.moolah.cc/paymentPage/minalpateldmd Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Alpine.js (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

/alpine(?:\.min)?\.js

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/npm/sweetalert2@([\d.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

146
Requests

98 %
HTTPS

52 %
IPv6

14
Domains

24
Subdomains

20
IPs

4
Countries

3598 kB
Transfer

11446 kB
Size

14
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.moolah.cc/
Title: Moolah

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.payment.minal.dental/ HTTP 302
https://patient.moolah.cc/paymentPage/minalpateldmd Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 301
https://img1.wsimg.com/signals/js/clients/tccl/tccl.min.js

Request Chain 112

https://h.online-metrix.net/fp/clear.png?org_id=dubkxo24&session_id=bc_checkout_001035dht&nonce=c49ac9e5c5969fd9&gttl=155520000 HTTP 302
https://h.online-metrix.net/fp/clear.png?org_id=dubkxo24&session_id=bc_checkout_001035dht&nonce=c49ac9e5c5969fd9&k=2

Request Chain 122

https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 301
https://img1.wsimg.com/signals/js/clients/tccl/tccl.min.js

146 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request minalpateldmd Show response
patient.moolah.cc/paymentPage/
Redirect Chain

https://www.payment.minal.dental/
https://patient.moolah.cc/paymentPage/minalpateldmd

36 KB
13 KB

600ms
137ms

Document
text/html

104.43.254.102
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://patient.moolah.cc/paymentPage/minalpateldmd

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.43.254.102 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

b5890500c45d0a1db25227b5de2ea0e02ef2da1d6da0dd1088d70177380260e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-cache, no-store
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Sun, 28 Jan 2024 02:18:41 GMT
Pragma: no-cache
Request-Context: appId=cid-v1:6623279e-9fef-469c-8835-4b8f24be3c2c
Server: Microsoft-IIS/10.0
Strict-Transport-Security: max-age=2592000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET

Redirect headers

cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 84c5bf0b3cd765ab-FRA
date: Sun, 28 Jan 2024 02:18:41 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
location: https://patient.moolah.cc/paymentPage/minalpateldmd
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=29RGpOPp3zkslHbSHdlIaXFH3RHFfj9UJw%2FwbdkdkH8juRW8%2BNB%2B8Tz4lTuj52Xkvcw5f3ggjn6Mj85tO7L5f2wtGr%2FPopzLlRcNNO0oq67tcuqXFRWnjtk6houSc37IST08S%2F6%2BlPwFFF14%2B517KAMoqdlK4eU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/ 190 KB
29 KB 71ms
31ms Stylesheet
text/css 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/bootstrap.min.css

Requested by

Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://patient.moolah.cc/
Origin: https://patient.moolah.cc
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:18:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6558450
x-jsd-version: 5.2.3
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230081-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"2f955-d5HdHzFzoNYsw5wh0q1x/I2tDnI"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jqWfZAoyrXdqk2m8V3ijeJqDPIKqrYeLWZqe7FOQ8WkAM2U5PL4CNuT0K0DIO4pmHt2ERpFajOilO6VFmKvRvzsnMUZZrumrGDvKsu%2FdE9GbgV%2FhSZM%2BmpCf4BMIWvlUCSXPyc1udtHLiLaC2ww%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 84c5bf0f6e9d18c7-FRA

GET
H2 200 0a5a7cf123.js Show response
kit.fontawesome.com/ 12 KB
5 KB 205ms
158ms Script
text/javascript 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/0a5a7cf123.js
Requested by: Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efbe97f39eaec4c6adb8c62042e36241e14eded1837964b0991b13a03373a4ec

Request headers

Referer: https://patient.moolah.cc/
Origin: https://patient.moolah.cc
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:18:42 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 84c5bf0f79762c79-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F65hVBPGK1a0-LQ6M6AB

GET
H2 200 bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/ 64 KB
9 KB 68ms
28ms Stylesheet
text/css 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.css

Requested by

Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c325075337b768950583012228055ae392e384688d77ec5235e6ca88dcec6ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://patient.moolah.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:18:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5093385
x-jsd-version: 1.5.0
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230094-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"100a0-GGXd3Lt7Z9zvQlDlkMyalXSrpnM"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5bph%2F3Vzg6hX65fywpUIWYGM%2FYj%2FfMfcak5ug45%2BwCC5CpavHERDOzRwSoCxuPQWx7QDj%2BYf6b62EJJ%2FiiaAfkSaO9nLBZlbSQOb2qzlZeTDy2kmnNXL9vSWQr3dfDzGpY%2B7VrlLYclnlGzLVk0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 84c5bf0f6e9a18e7-FRA

GET
H2 200 0a5a7cf123.css
kit.fontawesome.com/ 502 B
274 B 516ms
469ms Stylesheet
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/0a5a7cf123.css
Requested by: Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 809ab3efb71547b840817152b6f6420044d674175c04f591d3d03f14f340c98a

Request headers

Referer: https://patient.moolah.cc/
Origin: https://patient.moolah.cc
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:18:42 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/css
cache-control: max-age=300, public, stale-while-revalidate=30
cf-ray: 84c5bf0f79742c79-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F65hVCZXDT1nxPW0TBYB

GET
H/1.1 200
OK jquery.min.js Show response
patient.moolah.cc/lib/jquery/dist/ 87 KB
39 KB 130ms
129ms Script
application/javascript 104.43.254.102
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://patient.moolah.cc/lib/jquery/dist/jquery.min.js

Requested by

Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.43.254.102 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://patient.moolah.cc/paymentPage/minalpateldmd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 02:18:41 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2592000
Last-Modified: Thu, 18 Jan 2024 22:26:48 GMT
Server: Microsoft-IIS/10.0
ETag: "1da4a5d6ce09986"
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Request-Context: appId=cid-v1:6623279e-9fef-469c-8835-4b8f24be3c2c

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/js/ 79 KB
24 KB 66ms
27ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/js/bootstrap.bundle.min.js

Requested by

Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9520018fa5d81f4e4dc9d06afb576f90cbbaba209cfcc6cb60e1464647f7890b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://patient.moolah.cc/
Origin: https://patient.moolah.cc
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:18:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5099906
x-jsd-version: 5.2.3
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230039-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"13a24-kNFQNu9I/LM2oTW66BK0VmnxkEQ"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Lep%2BM%2Br9FGy1mKbBZsb%2FANGaYSec4Su8hmy9GniVh426GmiIKHqSfUCM2b3Yy6xzqrtQX9GPZ5EgIZ9ydVXBdIzGvYkeCAM013v24Qpn0T8HlYP0GwsxQDBNnbabmXOoqDWFLMgUH%2FLwIXvNZU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 84c5bf0f6e9e18c7-FRA

GET
H/1.1 200
OK transparency-min.js Show response
patient.moolah.cc/lib/transparency/ 14 KB
5 KB 384ms
129ms Script
application/javascript 104.43.254.102
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://patient.moolah.cc/lib/transparency/transparency-min.js

Requested by

Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.43.254.102 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

4cda6bb8a89c326eebeed0502e3232d8bbb8c7404a923b47dd304bbd9e34d4a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://patient.moolah.cc/paymentPage/minalpateldmd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 02:18:41 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2592000
Last-Modified: Thu, 18 Jan 2024 22:26:48 GMT
Server: Microsoft-IIS/10.0
ETag: "1da4a5d6ce1f39a"
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Request-Context: appId=cid-v1:6623279e-9fef-469c-8835-4b8f24be3c2c

GET
H/1.1 200
OK signaturepad.js Show response
patient.moolah.cc/lib/signaturepad/ 9 KB
4 KB 508ms
128ms Script
application/javascript 104.43.254.102
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://patient.moolah.cc/lib/signaturepad/signaturepad.js

Requested by

Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.43.254.102 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

543775e5a94db5a6de359227d7a77d096aa627aabff43bbaab728dd08c628ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://patient.moolah.cc/paymentPage/minalpateldmd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 02:18:41 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2592000
Last-Modified: Thu, 18 Jan 2024 22:26:48 GMT
Server: Microsoft-IIS/10.0
ETag: "1da4a5d6ce1e0a5"
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Request-Context: appId=cid-v1:6623279e-9fef-469c-8835-4b8f24be3c2c

GET
H/1.1 200
OK alpine.js Show response
patient.moolah.cc/lib/alpine/ 41 KB
18 KB 128ms
127ms Script
application/javascript 104.43.254.102
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://patient.moolah.cc/lib/alpine/alpine.js

Requested by

Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.43.254.102 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

2c01d0b57063d9f32c96ed1a18f7590b596a4084213f551e1f6e03ab6b38792c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://patient.moolah.cc/paymentPage/minalpateldmd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 02:18:42 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2592000
Last-Modified: Thu, 18 Jan 2024 22:26:48 GMT
Server: Microsoft-IIS/10.0
ETag: "1da4a5d6ce1668d"
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Request-Context: appId=cid-v1:6623279e-9fef-469c-8835-4b8f24be3c2c

GET
H/1.1 200
OK autonumeric.js Show response
patient.moolah.cc/lib/autonumeric/ 673 KB
181 KB 129ms
129ms Script
application/javascript 104.43.254.102
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://patient.moolah.cc/lib/autonumeric/autonumeric.js

Requested by

Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.43.254.102 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

1f4e21feed5736f48ba31de512e65b3c0a0e472b04e930940d9656e0f691017a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://patient.moolah.cc/paymentPage/minalpateldmd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 02:18:42 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2592000
Last-Modified: Thu, 18 Jan 2024 22:26:48 GMT
Server: Microsoft-IIS/10.0
ETag: "1da4a5d6ceb4193"
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Request-Context: appId=cid-v1:6623279e-9fef-469c-8835-4b8f24be3c2c

GET
H/1.1 200
OK jquery-input-mask-phone-number.min.js Show response
patient.moolah.cc/lib/jquery-input-mask-phone-number/ 5 KB
2 KB 129ms
128ms Script
application/javascript 104.43.254.102
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://patient.moolah.cc/lib/jquery-input-mask-phone-number/jquery-input-mask-phone-number.min.js

Requested by

Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.43.254.102 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

81405856ecdd7a56958515d7a90de46c8cf39e8fa097ed2cb305c79183b5cb9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://patient.moolah.cc/paymentPage/minalpateldmd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 02:18:42 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2592000
Last-Modified: Thu, 18 Jan 2024 22:26:48 GMT
Server: Microsoft-IIS/10.0
ETag: "1da4a5d6ce1d6d2"
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Request-Context: appId=cid-v1:6623279e-9fef-469c-8835-4b8f24be3c2c

GET
H2 200 sweetalert2@10 Show response
cdn.jsdelivr.net/npm/ 71 KB
20 KB 68ms
29ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/sweetalert2@10

Requested by

Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d5fa531e30ac3debad673003128f1ca9ad3c964ef17b547377e7ed09bd4504f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://patient.moolah.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:18:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 13924
x-jsd-version: 10.16.11
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230120-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"11dc8-k2jefS6LDTNa26qxcRQ+MH7V+1Q"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fgZjuK8qZuOEbGT7uWB5Z%2FaX26Xd418LEWua7dltxfJw3Csr79qKPfo1YYSBVzWgzW30Ht9p%2FBjTcYb%2Bj9X1Bj0xxWLRWpwYWRz9L2fAXvZzMRUbyPPKP5a1TQHBItk5PazAXj1BD7GNCwpRbF0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 84c5bf0f6e9b18e7-FRA

GET
H/1.1 200
OK site.js Show response
patient.moolah.cc/js/ 680 B
1001 B 507ms
126ms Script
application/javascript 104.43.254.102
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://patient.moolah.cc/js/site.js?v=A_rYjnAAXK8wydTBICCNAYk-BbQRUDjtuO3XuqjsPhc

Requested by

Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.43.254.102 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

2068c1b1d70c20a53aef9e1817610fefb9e67648d2966aaa2164f42c722ec124

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://patient.moolah.cc/paymentPage/minalpateldmd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 02:18:41 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2592000
Last-Modified: Thu, 18 Jan 2024 22:26:48 GMT
Server: Microsoft-IIS/10.0
ETag: "1da4a5d6ce1c6a8"
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Request-Context: appId=cid-v1:6623279e-9fef-469c-8835-4b8f24be3c2c

GET
H/1.1 200
OK getImage
patient.moolah.cc/system/ 81 KB
81 KB 518ms
137ms Image
image/png 104.43.254.102
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://patient.moolah.cc/system/getImage?guid=9a6ecf41-da93-44e9-dfb2-08da929558a8&c=b33ce1d3-a02b-49d0-b935-90eff7502936

Requested by

Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.43.254.102 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

fcbc3c5f0c4a62e0cd9aabcfbe09d6ca01dd627e029ad1eb888745b832c405b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://patient.moolah.cc/paymentPage/minalpateldmd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png
Date: Sun, 28 Jan 2024 02:18:41 GMT
Strict-Transport-Security: max-age=2592000
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Length: 82620
Request-Context: appId=cid-v1:6623279e-9fef-469c-8835-4b8f24be3c2c

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 165ms
120ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LdDd38gAAAAAFCGTIJxNy4d28zq6AU-xtr1WgYS

Requested by

Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b42124a164af25f9e61f966af54a159daa25d750d786af251c318caf5d4066a2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://patient.moolah.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:18:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sun, 28 Jan 2024 02:18:42 GMT

GET
H2 200 lock-shield-protection.svg
www.moolah.cc/email/ 1 KB
1 KB 301ms
227ms Image
image/svg+xml 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.moolah.cc/email/lock-shield-protection.svg
Requested by: Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 459a26d5e3a70e69dfdcd34f204baf0b4dbeafb3f36930fb2224a8be475dda5e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://patient.moolah.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:18:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 10 Jul 2023 07:59:00 GMT
server: cloudflare
etag: W/"64abba44-4db"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 84c5bf10bde89191-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 pro.min.css Show response
ka-p.fontawesome.com/releases/v6.5.1/css/ 669 KB
117 KB 709ms
692ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/css/pro.min.css?token=0a5a7cf123
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/0a5a7cf123.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c368e74321d2180806d6982ab26271a765594390c0d50a2e4fe452e901778d5e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://patient.moolah.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:18:43 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 30 Nov 2023 17:25:52 GMT
server: cloudflare
etag: "6568c5a0-1d52d"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 84c5bf1099ff2c79-FRA
content-length: 120109

GET
H2 200 pro-v4-shims.min.css Show response
ka-p.fontawesome.com/releases/v6.5.1/css/ 27 KB
4 KB 489ms
472ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/css/pro-v4-shims.min.css?token=0a5a7cf123
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/0a5a7cf123.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b3cf99ce39e5fc49169454f5639b5341dba747f16e3d01a5b9ebf50792e9a1c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://patient.moolah.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:18:43 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 30 Nov 2023 17:25:51 GMT
server: cloudflare
etag: "6568c59f-10e7"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 84c5bf1099f62c79-FRA
content-length: 4327

GET
H2 200 pro-v5-font-face.min.css Show response
ka-p.fontawesome.com/releases/v6.5.1/css/ 50 KB
7 KB 488ms
471ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/css/pro-v5-font-face.min.css?token=0a5a7cf123
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/0a5a7cf123.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4946b36e5208a0a01e69ac05696229353e101faece5c1572e2a6177742bf7b5c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://patient.moolah.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:18:43 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 30 Nov 2023 17:25:52 GMT
server: cloudflare
etag: "6568c5a0-1c12"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 84c5bf1099f92c79-FRA
content-length: 7186

GET
H2 200 pro-v4-font-face.min.css Show response
ka-p.fontawesome.com/releases/v6.5.1/css/ 7 KB
2 KB 490ms
474ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/css/pro-v4-font-face.min.css?token=0a5a7cf123
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/0a5a7cf123.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58f2ed3e8753b14d9456de59f7a58f5089c81d1ce6691d80bbd4e58f145ffd2c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://patient.moolah.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:18:43 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 30 Nov 2023 17:25:51 GMT
server: cloudflare
etag: "6568c59f-6c5"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 84c5bf1099fb2c79-FRA
content-length: 1733

GET
H2 200 custom-icons.css Show response
ka-p.fontawesome.com/assets/0a5a7cf123/47345454/ 5 KB
4 KB 581ms
565ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/assets/0a5a7cf123/47345454/custom-icons.css?token=0a5a7cf123
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/0a5a7cf123.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0a7121d883b013b1878e2b35aa86739d9ff85a3b9801bea0764f37f6c10b0c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://patient.moolah.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:18:43 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 16 Aug 2023 00:42:46 GMT
server: cloudflare
etag: W/"32deefaa419a16411c3a9b117a931063"
x-cache-status: MISS
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-ray: 84c5bf1099fd2c79-FRA

GET
H2 200 pro.min.css
ka-p.fontawesome.com/releases/v6.5.1/css/ 669 KB
117 KB 937ms
899ms Stylesheet
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/css/pro.min.css?token=0a5a7cf123
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/0a5a7cf123.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c368e74321d2180806d6982ab26271a765594390c0d50a2e4fe452e901778d5e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kit.fontawesome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:18:43 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 30 Nov 2023 17:25:52 GMT
server: cloudflare
etag: "6568c5a0-1d52d"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 84c5bf12ab279b67-FRA
content-length: 120109

GET
H2 200 pro-v4-shims.min.css
ka-p.fontawesome.com/releases/v6.5.1/css/ 27 KB
4 KB 517ms
479ms Stylesheet
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/css/pro-v4-shims.min.css?token=0a5a7cf123
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/0a5a7cf123.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b3cf99ce39e5fc49169454f5639b5341dba747f16e3d01a5b9ebf50792e9a1c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kit.fontawesome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:18:43 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 30 Nov 2023 17:25:51 GMT
server: cloudflare
etag: "6568c59f-10e7"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 84c5bf12ab289b67-FRA
content-length: 4327

GET
H2 200 pro-v5-font-face.min.css
ka-p.fontawesome.com/releases/v6.5.1/css/ 50 KB
7 KB 516ms
478ms Stylesheet
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/css/pro-v5-font-face.min.css?token=0a5a7cf123
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/0a5a7cf123.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4946b36e5208a0a01e69ac05696229353e101faece5c1572e2a6177742bf7b5c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kit.fontawesome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:18:43 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 30 Nov 2023 17:25:52 GMT
server: cloudflare
etag: "6568c5a0-1c12"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 84c5bf12ab2b9b67-FRA
content-length: 7186

GET
H2 200 pro-v4-font-face.min.css
ka-p.fontawesome.com/releases/v6.5.1/css/ 7 KB
2 KB 509ms
471ms Stylesheet
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/css/pro-v4-font-face.min.css?token=0a5a7cf123
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/0a5a7cf123.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58f2ed3e8753b14d9456de59f7a58f5089c81d1ce6691d80bbd4e58f145ffd2c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kit.fontawesome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:18:43 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 30 Nov 2023 17:25:51 GMT
server: cloudflare
etag: "6568c59f-6c5"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 84c5bf12ab2a9b67-FRA
content-length: 1733

GET
H2 200 custom-icons.css
ka-p.fontawesome.com/assets/0a5a7cf123/47345454/ 5 KB
4 KB 647ms
609ms Stylesheet
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/assets/0a5a7cf123/47345454/custom-icons.css?token=0a5a7cf123
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/0a5a7cf123.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe78e21552bee8237a91924c072cc6ac69915a95cbf4bcd1f78c3612a277ddda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kit.fontawesome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:18:43 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 16 Aug 2023 00:42:46 GMT
server: cloudflare
etag: W/"32deefaa419a16411c3a9b117a931063"
x-cache-status: MISS
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 84c5bf12ab299b67-FRA

GET
H2 200 ai.2.min.js Show response
js.monitor.azure.com/scripts/b/ 120 KB
56 KB 169ms
55ms Script
text/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Requested by: Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 6c14d731b13bcdec4325028eb0d8d2cb0190b3b1e65e0fcb52907fe6f55c2707

Request headers

Referer: https://patient.moolah.cc/
Origin: https://patient.moolah.cc
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:18:44 GMT
content-encoding: br
last-modified: Wed, 20 Sep 2023 16:12:29 GMT
x-ms-meta-aijssdkver: 2.8.16
vary: Accept-Encoding
x-azure-ref: 20240128T021844Z-5gtmrrfakd6v5dgf37sh3e2wrg00000001a000000000cw5z
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 4678daf5-701e-0045-55dd-4dcc90000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdksrc,x-ms-meta-aijssdkver,x-ms-meta-lastmodified,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable, no-transform
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.2.8.16.min.js
x-fd-int-roxy-purgeid: 0

GET
H2 200 recaptcha__nl.js Show response
www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/ 483 KB
194 KB 64ms
19ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__nl.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdDd38gAAAAAFCGTIJxNy4d28zq6AU-xtr1WgYS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bedf519e70e6c9c28f6cbe85ab9d3bde27c54831d3b1eaf1c0c08d5d83a12a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://patient.moolah.cc/
Origin: https://patient.moolah.cc
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:43:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 354944
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 197938
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 05:28:49 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Jan 2025 23:43:00 GMT

GET
H/1.1 200
OK collect.js Show response
cdn.poynt.net/ 328 KB
67 KB 158ms
38ms Script
application/x-javascript 65.9.95.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.poynt.net/collect.js
Requested by: Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-49.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b171fe05b9b61912cc25454c52153d374b2b434144833f4396f5fd40138da15

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://patient.moolah.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: X_euGqT2NqN_m_59DTirI9VIAgKhcqdV
Content-Encoding: gzip
Via: 1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
Date: Sat, 27 Jan 2024 04:24:03 GMT
X-Amz-Cf-Pop: PRG50-C1
Age: 78882
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Last-Modified: Tue, 09 Jan 2024 17:06:24 GMT
Server: AmazonS3
ETag: W/"e2da51fbf119e1d064b41740e1185dce"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Amz-Cf-Id: LUCgXeHm-nmAsiNcy8EuZpg4bskneb8C00HdGpS6pj28v8on2aoExw==

GET
H3 200 sf-pro-text-regular.woff
www.moolah.cc/email/ 37 KB
37 KB 558ms
534ms Font
font/woff 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moolah.cc/email/sf-pro-text-regular.woff
Requested by: Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cf757e2a28dc52d28c78a37806db55bc037ebbf5849bd8b95e5ed77f3a85bef

Request headers

Referer: https://patient.moolah.cc/
Origin: https://patient.moolah.cc
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:18:44 GMT
cf-cache-status: MISS
last-modified: Mon, 10 Jul 2023 07:59:01 GMT
server: cloudflare
etag: "64abba45-9284"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84c5bf18ff52bb85-FRA
alt-svc: h3=":443"; ma=86400
content-length: 37508

GET
H3 200 sf-pro-text-bold.woff
www.moolah.cc/email/ 42 KB
42 KB 233ms
210ms Font
font/woff 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moolah.cc/email/sf-pro-text-bold.woff
Requested by: Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7d7d349a66170e207f7c717f260828716a1f2c296e8aafeb474fdc61237afd4

Request headers

Referer: https://patient.moolah.cc/
Origin: https://patient.moolah.cc
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:18:44 GMT
cf-cache-status: MISS
last-modified: Mon, 10 Jul 2023 07:59:00 GMT
server: cloudflare
etag: "64abba44-a634"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84c5bf18ff55bb85-FRA
alt-svc: h3=":443"; ma=86400
content-length: 42548

GET
H3 200 sf-pro-text-medium.woff
www.moolah.cc/email/ 43 KB
44 KB 213ms
191ms Font
font/woff 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.moolah.cc/email/sf-pro-text-medium.woff
Requested by: Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88a7829f6e1acbb3def39f71753973f7a7c630709d05334e26c6d33b5befd825

Request headers

Referer: https://patient.moolah.cc/
Origin: https://patient.moolah.cc
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:18:44 GMT
cf-cache-status: MISS
last-modified: Mon, 10 Jul 2023 07:59:01 GMT
server: cloudflare
etag: "64abba45-ac94"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84c5bf18ff57bb85-FRA
alt-svc: h3=":443"; ma=86400
content-length: 44180

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 3B3B 45 KB
28 KB 60ms
60ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdDd38gAAAAAFCGTIJxNy4d28zq6AU-xtr1WgYS&co=aHR0cHM6Ly9wYXRpZW50Lm1vb2xhaC5jYzo0NDM.&hl=nl&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&cb=97qemn52ft9n

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__nl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

45112e618714965037c5e26e83b00b9a72cc1e81cb9d0a1816947f9f9d608f8a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-a39kWSy6QUUj9VpcxABPPw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://patient.moolah.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-a39kWSy6QUUj9VpcxABPPw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 28 Jan 2024 02:18:44 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ 119 KB
36 KB 113ms
68ms Script
application/javascript 2a00:1450:400c:c02::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: cdn.poynt.net
URL: https://cdn.poynt.net/collect.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

02e9fa9849847f3860d9c3eed7bec7dc3a8c47c74fed75e636fcd78a599d2cf1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CBVm0eZEIJQlskYmk98qRQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://patient.moolah.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:18:44 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-CBVm0eZEIJQlskYmk98qRQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendHttp/web-reports?context=eJzjqtHikmLw05BiWFYqxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3b8XTO--vGTi-fqSSQKINYB4h48Hi5jPdNY34dNZuSKms8bVTWfNA2K-ddNZdddPZ22JnsE6BYid0mewBgGxEDdHy-dra9kEDrRcLQUAsWU3PA"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Sun, 28 Jan 2024 02:18:44 GMT

GET
H2 200 digitalwallet-sdk.js Show response
checkout.paze.com/web/resources/js/ 87 KB
25 KB 470ms
398ms Script
application/javascript 104.18.1.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://checkout.paze.com/web/resources/js/digitalwallet-sdk.js?id=BZTSGJ5554C9KTTUNQCK21_3-pBQgEwsJ0IPORgO-zUhsv1UA

Requested by

Host: cdn.poynt.net
URL: https://cdn.poynt.net/collect.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.217 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04574b3686c0de47d5dc44d44981d016ee54f267c260fab83cfc67494be63164

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' .visa.com .googleapis.com .google-analytics.com; default-src 'self' .visa.com; font-src 'self'; frame-ancestors 'none'; frame-src https: data: 'self' .visa.com; img-src https: data: 'self' .visa.com; media-src 'none'; object-src 'none'; script-src https: 'self' .visa.com 'unsafe-eval'; script-src-elem https: 'self' .visa.com 'unsafe-inline' 'unsafe-eval'; style-src https: 'self' .visa.com 'unsafe-inline'; style-src-elem https: 'self' .visa.com 'unsafe-inline';
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://patient.moolah.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:18:44 GMT
x-correlation-id: 1_1706408324_576_b2k8l7354457b98p_IWA_CHECKOUT_WIDGET
x-content-type-options: nosniff
content-security-policy: base-uri 'none'; connect-src 'self' *.visa.com *.googleapis.com *.google-analytics.com; default-src 'self' *.visa.com; font-src 'self'; frame-ancestors 'none'; frame-src https: data: 'self' *.visa.com; img-src https: data: 'self' *.visa.com; media-src 'none'; object-src 'none'; script-src https: 'self' *.visa.com 'unsafe-eval'; script-src-elem https: 'self' *.visa.com 'unsafe-inline' 'unsafe-eval'; style-src https: 'self' *.visa.com 'unsafe-inline'; style-src-elem https: 'self' *.visa.com 'unsafe-inline';
content-encoding: br
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: MISS
x-served-by: b2k8l7354457b98p
last-modified: Thu, 30 Nov 2023 23:26:21 GMT
server: cloudflare
etag: W/"15d82-18c228e04a8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 84c5bf1a882c3674-FRA
expires: Sun, 28 Jan 2024 06:18:44 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/ Frame 3B3B 55 KB
24 KB 58ms
19ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdDd38gAAAAAFCGTIJxNy4d28zq6AU-xtr1WgYS&co=aHR0cHM6Ly9wYXRpZW50Lm1vb2xhaC5jYzo0NDM.&hl=nl&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&cb=97qemn52ft9n

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:11:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 415
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 05:28:49 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Jan 2025 02:11:49 GMT

GET
H3 200 recaptcha__nl.js Show response
www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/ Frame 3B3B 483 KB
193 KB 67ms
29ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__nl.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bedf519e70e6c9c28f6cbe85ab9d3bde27c54831d3b1eaf1c0c08d5d83a12a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:43:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 354944
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 197938
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 05:28:49 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Jan 2025 23:43:00 GMT

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 6498 19 KB
8 KB 206ms
206ms Document
text/html 2a00:1450:400c:c02::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fpatient.moolah.cc&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d2c5073d657e8b8120d36f03df784a2ab5741ca11e7a8d228606051a76074068

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-b889PRHo7U0f0NWt-BRt_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://patient.moolah.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-b889PRHo7U0f0NWt-BRt_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Sun, 28 Jan 2024 02:18:44 GMT
expires: Sun, 28 Jan 2024 02:18:44 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendBuyflowPayframeUi/web-reports?context=eJzjqtHikmLw05BiWFYqxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3b8XTO--vGTi-fqSSQKINYB4h48Hi5jPdNY34dNZuSKms8bVTWfNA2K-ddNZdddPZ22JnsE6BYid0mewBgGxEA9Hy-dra9kEbnw__pIRAOuxOC8"
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H/1.1 200
OK index.html Show response
cdn.poynt.net/collect/ Frame 061B 742 B
1 KB 32ms
32ms Document
text/html 65.9.95.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.poynt.net/collect/index.html?paymentMethods%5B0%5D=apple_pay&paymentMethods%5B1%5D=google_pay&paymentMethods%5B2%5D=paze&businessId=b86fd1dc-12ba-412f-b933-191cff33a977&applicationId=urn%3Aaid%3Adf5ae5f0-6360-4024-819f-b7a17b92d5c7&sessionId=2fb532a6-2fd4-4668-bd7d-9127b15e26cd&enableReCaptcha=false&enableCardOnFile=false
Requested by: Host: cdn.poynt.net
URL: https://cdn.poynt.net/collect.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-49.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7df2bb71378a86f7de113d17a1766e50aae7b679c1fa25adc8aa23c153f89e27

Request headers

Referer: https://patient.moolah.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Age: 63238
Connection: keep-alive
Content-Length: 742
Content-Type: text/html
Date: Sat, 27 Jan 2024 08:44:47 GMT
ETag: "34ec6f6eeadfb689dab02af4443ffcac"
Last-Modified: Tue, 09 Jan 2024 17:06:25 GMT
Server: AmazonS3
Vary: Accept-Encoding
Via: 1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
X-Amz-Cf-Id: PE5kIUSQUWk_6dBmGJvlaC4SmfRo6LuWNdYEXRQ47PfFdkp1IqTMVg==
X-Amz-Cf-Pop: PRG50-C1
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: tSYxw13QEIpreYtDHun_ZI.ClRHXeGtG

GET
H3 200 MxL-5nwwlOXLnw48P5Qma8MW4lQG7Q2rhXcL3r2wtjE.js Show response
www.google.com/js/bg/ Frame 3B3B 17 KB
7 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/MxL-5nwwlOXLnw48P5Qma8MW4lQG7Q2rhXcL3r2wtjE.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__nl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3312fee67c3094e5cb9f0e3c3f94266bc316e25406ed0dab85770bdebdb0b631

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdDd38gAAAAAFCGTIJxNy4d28zq6AU-xtr1WgYS&co=aHR0cHM6Ly9wYXRpZW50Lm1vb2xhaC5jYzo0NDM.&hl=nl&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&cb=97qemn52ft9n
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 06:13:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72341
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6929
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 26 Jan 2025 06:13:03 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 3B3B 2 KB
2 KB 19ms
19ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 19:56:54 GMT
x-content-type-options: nosniff
age: 454910
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 29 Jan 2024 19:56:54 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3B3B 15 KB
16 KB 96ms
29ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 05:31:50 GMT
x-content-type-options: nosniff
age: 506814
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Jan 2025 05:31:50 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3B3B 15 KB
15 KB 97ms
30ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 09:09:14 GMT
x-content-type-options: nosniff
age: 407370
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 09:09:14 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 3B3B 102 B
135 B 28ms
28ms Other
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=nl&v=QUpyTKFkX5CIV6EF8TFSWEif

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e8595d4c6e0bd33129c56a7d081de2e5cf93687b14ccf24ca27d8dabe35b6390

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdDd38gAAAAAFCGTIJxNy4d28zq6AU-xtr1WgYS&co=aHR0cHM6Ly9wYXRpZW50Lm1vb2xhaC5jYzo0NDM.&hl=nl&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&cb=97qemn52ft9n
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:18:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sun, 28 Jan 2024 02:18:44 GMT

GET
H/1.1 200
OK main.baaf5f56.js Show response
cdn.poynt.net/collect/static/js/ Frame 061B 502 KB
158 KB 41ms
40ms Script
application/x-javascript 65.9.95.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.poynt.net/collect/static/js/main.baaf5f56.js
Requested by: Host: cdn.poynt.net
URL: https://cdn.poynt.net/collect/index.html?paymentMethods%5B0%5D=apple_pay&paymentMethods%5B1%5D=google_pay&paymentMethods%5B2%5D=paze&businessId=b86fd1dc-12ba-412f-b933-191cff33a977&applicationId=urn%3Aaid%3Adf5ae5f0-6360-4024-819f-b7a17b92d5c7&sessionId=2fb532a6-2fd4-4668-bd7d-9127b15e26cd&enableReCaptcha=false&enableCardOnFile=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-49.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e83d497a0603364e9586a8a3521a761f48858e1e7de748eb4e469766c500c71e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.poynt.net/collect/index.html?paymentMethods%5B0%5D=apple_pay&paymentMethods%5B1%5D=google_pay&paymentMethods%5B2%5D=paze&businessId=b86fd1dc-12ba-412f-b933-191cff33a977&applicationId=urn%3Aaid%3Adf5ae5f0-6360-4024-819f-b7a17b92d5c7&sessionId=2fb532a6-2fd4-4668-bd7d-9127b15e26cd&enableReCaptcha=false&enableCardOnFile=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: RjxNpQuXFCNB7_IZ3lQtGpDCbnwbcfGk
Content-Encoding: gzip
Via: 1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
Date: Sat, 27 Jan 2024 15:02:47 GMT
X-Amz-Cf-Pop: PRG50-C1
Age: 40558
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Last-Modified: Tue, 09 Jan 2024 17:06:25 GMT
Server: AmazonS3
ETag: W/"5d2625e6351777f666faebee7af6bb2e"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Amz-Cf-Id: ZGKQNvzL23CjMcSWMBBLkj6tpHLbIftUlPU0ZYyqQWU-k1iALYqv2A==

GET
H/1.1 200
OK main.7f7ece38.css
cdn.poynt.net/collect/static/css/ Frame 061B 9 KB
3 KB 98ms
33ms Stylesheet
text/css 65.9.95.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.poynt.net/collect/static/css/main.7f7ece38.css
Requested by: Host: cdn.poynt.net
URL: https://cdn.poynt.net/collect/index.html?paymentMethods%5B0%5D=apple_pay&paymentMethods%5B1%5D=google_pay&paymentMethods%5B2%5D=paze&businessId=b86fd1dc-12ba-412f-b933-191cff33a977&applicationId=urn%3Aaid%3Adf5ae5f0-6360-4024-819f-b7a17b92d5c7&sessionId=2fb532a6-2fd4-4668-bd7d-9127b15e26cd&enableReCaptcha=false&enableCardOnFile=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-49.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c9fe096d933b4cc05ec5d18f284c5e75f84b4c6b4b4c3a21fbe70602d1bd8cde

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.poynt.net/collect/index.html?paymentMethods%5B0%5D=apple_pay&paymentMethods%5B1%5D=google_pay&paymentMethods%5B2%5D=paze&businessId=b86fd1dc-12ba-412f-b933-191cff33a977&applicationId=urn%3Aaid%3Adf5ae5f0-6360-4024-819f-b7a17b92d5c7&sessionId=2fb532a6-2fd4-4668-bd7d-9127b15e26cd&enableReCaptcha=false&enableCardOnFile=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: UZzRUaNMW9q0ocXZ5m8RpwUVxDpaZlQR
Content-Encoding: gzip
Via: 1.1 df0aa1ee2f3a5b8f1aa2a31aa4b7db86.cloudfront.net (CloudFront)
Date: Sat, 27 Jan 2024 06:35:23 GMT
X-Amz-Cf-Pop: PRG50-C1
Age: 71002
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Last-Modified: Tue, 09 Jan 2024 17:06:25 GMT
Server: AmazonS3
ETag: W/"93492fd5625e828aab0ed373d20bb5a3"
Vary: Accept-Encoding
Content-Type: text/css
X-Amz-Cf-Id: 64tsJ_TPkithN9kheqFLQ81jgKMZ7YltPDW05F9isca25jI1bxx-kQ==

GET
H2

200

tccl.min.js Show response
img1.wsimg.com/signals/js/clients/tccl/ Frame 061B
Redirect Chain

https://img1.wsimg.com/traffic-assets/js/tccl.min.js
https://img1.wsimg.com/signals/js/clients/tccl/tccl.min.js

46 KB
13 KB

20ms
20ms

Script
text/javascript

23.53.42.160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/signals/js/clients/tccl/tccl.min.js
Requested by: Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd
Protocol: H2
Server: 23.53.42.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-42-160.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 53861a013923acea8c682704f3fbcaf994d38a0d2c857e9ba45ae77483b5baf0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.poynt.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: CxfOTvM4.aC7Uz8TppF8SLs_Z6HB3PMp
content-encoding: gzip
date: Sun, 28 Jan 2024 02:18:44 GMT
x-amz-request-id: 04MS4NEJ43VKP1AH
x-amz-server-side-encryption: AES256
x-amz-meta-version: 2.0.2
content-length: 13404
x-amz-id-2: 1TUBv93eY/GzUa7nL8zLwuhJlPwHMfDX34ePaoFPGtEn2etCTtC52iadfEIetUsWzKoG4adADKCvFeV1kd0AOA==
last-modified: Wed, 18 Oct 2023 16:44:03 GMT
etag: "8e70743bdf9b3d3adbb26471c84a006c"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jan 2024 02:48:44 GMT

Redirect headers

location: https://img1.wsimg.com/signals/js/clients/tccl/tccl.min.js
access-control-allow-origin: *
date: Sun, 28 Jan 2024 02:18:44 GMT
cache-control: max-age=31536000
timing-allow-origin: *
content-length: 0
expires: Mon, 27 Jan 2025 02:18:44 GMT

POST
H/1.1 200 validate Show response
services.poynt.net/businesses/b86fd1dc-12ba-412f-b933-191cff33a977/google-pay/ Frame 061B 287 B
757 B 104ms
104ms XHR
application/json 18.232.46.218
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://services.poynt.net/businesses/b86fd1dc-12ba-412f-b933-191cff33a977/google-pay/validate
Requested by: Host: cdn.poynt.net
URL: https://cdn.poynt.net/collect/static/js/main.baaf5f56.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.232.46.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-232-46-218.compute-1.amazonaws.com
Software: /
Resource Hash: 78085c37aa06e7b9d636b24dc08c60777eec406b66dfc43ae4859afddc56d98a

Request headers

accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Poynt-Session-Id: 2fb532a6-2fd4-4668-bd7d-9127b15e26cd
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://cdn.poynt.net/
Poynt-Request-Id: ade9519d-ed9c-43d4-8bff-90cad775a215
Poynt-Collect-Version: v2.0.41

Response headers

Date: Sun, 28 Jan 2024 02:18:44 GMT
Transfer-Encoding: chunked
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://cdn.poynt.net
Instance-Id: poynt-fargate/d82e86a023f645d6b7551208cf1f197a
Poynt-Request-Id: ade9519d-ed9c-43d4-8bff-90cad775a215
Connection: keep-alive
Poynt-Build-Info: 1.4.155-2024-01-24T19:05:07Z

OPTIONS
H/1.1 200 validate
services.poynt.net/businesses/b86fd1dc-12ba-412f-b933-191cff33a977/google-pay/ Frame 0
0 441ms
103ms Preflight 18.232.46.218
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://services.poynt.net/businesses/b86fd1dc-12ba-412f-b933-191cff33a977/google-pay/validate
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.232.46.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-232-46-218.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,poynt-collect-version,poynt-request-id,poynt-session-id
Access-Control-Request-Method: POST
Origin: https://cdn.poynt.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type, poynt-collect-version, poynt-request-id, poynt-session-id
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://cdn.poynt.net
Access-Control-Max-Age: 1800
Allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
Connection: keep-alive
Content-Length: 0
Date: Sun, 28 Jan 2024 02:18:44 GMT
Instance-Id: poynt-fargate/5222acdddb7d48749a27bf6199d02f39
Poynt-Build-Info: 1.4.155-2024-01-24T19:05:07Z
Poynt-Request-Id: 419fd881-20f9-4f75-8d0c-fb5290eb1d98
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H3 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.nl.V3nYs7lHLcw.es5.O/am=gCEM/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame 6498 158 KB
56 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.nl.V3nYs7lHLcw.es5.O/am=gCEM/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrg4uila8e3w05MATBRN13AEaR6ejQ/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fpatient.moolah.cc&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0dcc504298a9e83e8d99d38f602cb46ea396fe95be1a050ccb58a4e91870484

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 20:55:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105770
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57378
x-xss-protection: 0
last-modified: Fri, 26 Jan 2024 08:06:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Jan 2025 20:55:54 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 6498 2 KB
2 KB 123ms
123ms Other
text/html 2a00:1450:400c:c02::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c02::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 28 Jan 2024 02:18:44 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H3 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.nl.V3nYs7lHLcw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ufbaBS... Frame 6498 74 KB
27 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.nl.V3nYs7lHLcw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ufbaBSu4aqg.L.B1.O/am=gCEM/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrgeXPCUiCMhU6rOAucHANYfDSjLrQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.nl.V3nYs7lHLcw.es5.O/am=gCEM/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrg4uila8e3w05MATBRN13AEaR6ejQ/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16f96507cbfcd3bdc592c46956ebc4d640a7be89d670ab80c2ec2574715069d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 20:55:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27581
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 07:38:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Jan 2025 20:55:59 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 6498 1 MB
379 KB 71ms
71ms XHR
text/html 2a00:1450:400c:c02::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c02::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

356e561a00bb48a832e4e242115c91551869da59554b5cd970f77eeab4640beb

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-NY1MUT0ZPnR0h36De5v1Ng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:18:44 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-NY1MUT0ZPnR0h36De5v1Ng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendBuyflowPayUi/web-reports?context=eJzjqtHikmLw05BiWFYqxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3b8XTO--vGTi-fqSSQKINYB4h48Hi5jPdNY34dNZuSKms8bVTWfNA2K-ddNZdddPZ22JnsE6BYid0mewBgGxEA9Hy-dra9kEFuxYv5YJAOjeN2U"
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Sun, 28 Jan 2024 02:18:44 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.nl.V3nYs7lHLcw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ufbaBS... Frame 6498 9 KB
4 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.nl.V3nYs7lHLcw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ufbaBSu4aqg.L.B1.O/am=gCEM/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrgeXPCUiCMhU6rOAucHANYfDSjLrQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

960d553d2f0b3fd8cd270479b28fe8c5d719d12da58adc1f8ae44ddb5fcbec69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 20:55:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3735
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 07:38:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Jan 2025 20:55:59 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.nl.V3nYs7lHLcw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ufbaBS... Frame 6498 37 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.nl.V3nYs7lHLcw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ufbaBSu4aqg.L.B1.O/am=gCEM/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrgeXPCUiCMhU6rOAucHANYfDSjLrQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c5e7918b79cb4921c660dffa5ecb2dca8ad69b5806e0108e3213e660cc04951

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 20:55:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14305
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 07:38:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Jan 2025 20:55:59 GMT

POST
H3 200 log Show response
play.google.com/ Frame 6498 131 B
156 B 84ms
45ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 28 Jan 2024 02:18:44 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 28 Jan 2024 02:18:44 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 72ms
26ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 28 Jan 2024 02:18:44 GMT
expires: Sun, 28 Jan 2024 02:18:44 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 6498 131 B
156 B 86ms
47ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 28 Jan 2024 02:18:44 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 28 Jan 2024 02:18:44 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 72ms
26ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 28 Jan 2024 02:18:44 GMT
expires: Sun, 28 Jan 2024 02:18:44 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 6498 131 B
156 B 85ms
46ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 28 Jan 2024 02:18:44 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 28 Jan 2024 02:18:44 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 71ms
26ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 28 Jan 2024 02:18:44 GMT
expires: Sun, 28 Jan 2024 02:18:44 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 event Show response
events.api.secureserver.net/t/1/tl/ Frame 061B 43 B
280 B 183ms
112ms Fetch
image/gif 2a02:26f0:1700:11::b856:678c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://events.api.secureserver.net/t/1/tl/event?cts=1706408324632&dh=cdn.poynt.net&dr=https%3A%2F%2Fpatient.moolah.cc%2F&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36&vci=1344572245&cv=2.0.2&z=1599448498&vg=8b6db515-c759-55d2-ab46-5993b5cf951a&vtg=8b6db515-c759-55d2-ab46-5993b5cf951a&dp=%2Fcollect%2Findex.html&ap=PoyntCollect&trfd=%7B%22ap%22%3A%22PoyntCollect%22%7D&hit_id=edde47bb-5063-5586-aaf8-0d3168535a21&ht=pageview

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:1700:11::b856:678c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.poynt.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
date: Sun, 28 Jan 2024 02:18:44 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/gif
access-control-allow-origin: https://cdn.poynt.net
cache-control: private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 43
x-xss-protection: 1; mode=block

GET
H2 200 event Show response
events.api.secureserver.net/t/1/tl/ Frame 061B 43 B
280 B 185ms
118ms Fetch
image/gif 2a02:26f0:1700:11::b856:678c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://events.api.secureserver.net/t/1/tl/event?cts=1706408324637&dh=cdn.poynt.net&dr=https%3A%2F%2Fpatient.moolah.cc%2F&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36&vci=1344572245&cv=2.0.2&z=633150049&vg=5a1e8834-22a8-5f36-90e4-8cce6dcadc4f&vtg=5a1e8834-22a8-5f36-90e4-8cce6dcadc4f&dp=%2Fcollect%2Findex.html&ap=PoyntCollect&trfd=%7B%22ap%22%3A%22PoyntCollect%22%7D&hit_id=48d4e998-cbd1-53f8-a08b-58e4b084aae4&ht=perf&tce=1706408324324&tcs=1706408324324&tdc=1706408324500&tdclee=1706408324500&tdcles=1706408324500&tdi=1706408324485&tdl=1706408324361&tdle=1706408324324&tdls=1706408324324&tfs=1706408324324&tns=1706408324324&trqs=1706408324324&tre=1706408324357&trps=1706408324356&tles=1706408324500&tlee=1706408324500&nt=navigate&nav_type=hard

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:1700:11::b856:678c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.poynt.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
date: Sun, 28 Jan 2024 02:18:44 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/gif
access-control-allow-origin: https://cdn.poynt.net
cache-control: private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 43
x-xss-protection: 1; mode=block

GET
H2 200 communicator Show response
checkout.paze.com/web/ Frame 5183 2 KB
1 KB 403ms
402ms Document
text/html 104.18.1.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706408324_732_b2k8l7354457b98p_IWA_CHECKOUT_WIDGET

Requested by

Host: checkout.paze.com
URL: https://checkout.paze.com/web/resources/js/digitalwallet-sdk.js?id=BZTSGJ5554C9KTTUNQCK21_3-pBQgEwsJ0IPORgO-zUhsv1UA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.217 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bea98833ee3d809de89c3997c437cd14064ed4fc0031e77096144d145e52cdb0

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' .visa.com .googleapis.com .google-analytics.com; default-src 'self' .visa.com; font-src 'self'; frame-src https: data: 'self' .visa.com; img-src https: data: 'self' .visa.com; media-src 'none'; object-src 'none'; script-src https: 'self' .visa.com 'unsafe-eval'; script-src-elem https: 'self' .visa.com 'unsafe-inline' 'unsafe-eval'; style-src https: 'self' .visa.com 'unsafe-inline'; style-src-elem https: 'self' .visa.com 'unsafe-inline';
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://patient.moolah.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 84c5bf1da9373674-FRA
content-encoding: br
content-security-policy: base-uri 'none'; connect-src 'self' *.visa.com *.googleapis.com *.google-analytics.com; default-src 'self' *.visa.com; font-src 'self'; frame-src https: data: 'self' *.visa.com; img-src https: data: 'self' *.visa.com; media-src 'none'; object-src 'none'; script-src https: 'self' *.visa.com 'unsafe-eval'; script-src-elem https: 'self' *.visa.com 'unsafe-inline' 'unsafe-eval'; style-src https: 'self' *.visa.com 'unsafe-inline'; style-src-elem https: 'self' *.visa.com 'unsafe-inline';
content-type: text/html; charset=utf-8
date: Sun, 28 Jan 2024 02:18:45 GMT
etag: W/"p5yuc9fatf1q5"
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-correlation-id: 1_1706408324_732_b2k8l7354457b98p_IWA_CHECKOUT_WIDGET
x-served-by: b2k8l7354457b987m7

POST
H3 200 log Show response
play.google.com/ Frame 6498 131 B
155 B 29ms
28ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 28 Jan 2024 02:18:45 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 28 Jan 2024 02:18:45 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 26ms
26ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 28 Jan 2024 02:18:45 GMT
expires: Sun, 28 Jan 2024 02:18:45 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 6498 131 B
155 B 30ms
29ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 28 Jan 2024 02:18:45 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 28 Jan 2024 02:18:45 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 26ms
26ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 28 Jan 2024 02:18:45 GMT
expires: Sun, 28 Jan 2024 02:18:45 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 26ms
26ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 28 Jan 2024 02:18:45 GMT
expires: Sun, 28 Jan 2024 02:18:45 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 6498 131 B
155 B 29ms
28ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 28 Jan 2024 02:18:45 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 28 Jan 2024 02:18:45 GMT

GET
H2 200 69a5ce675a541060-s.p.woff2
checkout.paze.com/web/_next/static/media/ Frame 5183 36 KB
36 KB 40ms
40ms Font
font/woff2 104.18.1.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://checkout.paze.com/web/_next/static/media/69a5ce675a541060-s.p.woff2

Requested by

Host: checkout.paze.com
URL: https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706408324_732_b2k8l7354457b98p_IWA_CHECKOUT_WIDGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.217 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6af08ac316a08e4311e44f7ccb5196f43389dda40ab5a2566871c7a0efe33894

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706408324_732_b2k8l7354457b98p_IWA_CHECKOUT_WIDGET
Origin: https://checkout.paze.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:18:45 GMT
x-correlation-id: 1_1701153980_567_b2k8l73777b48c67q_IWA_CHECKOUT_WIDGET
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
age: 5254345
content-length: 36380
x-served-by: b2k8l73777b48c67q
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: cloudflare
etag: W/"8e1c-3e8"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84c5bf203a4e3674-FRA
expires: Mon, 27 Jan 2025 02:18:45 GMT

GET
H2 200 8017a9285af7ff8f-s.p.woff2
checkout.paze.com/web/_next/static/media/ Frame 5183 36 KB
36 KB 59ms
59ms Font
font/woff2 104.18.1.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://checkout.paze.com/web/_next/static/media/8017a9285af7ff8f-s.p.woff2

Requested by

Host: checkout.paze.com
URL: https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706408324_732_b2k8l7354457b98p_IWA_CHECKOUT_WIDGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.217 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d84875fea8da82503a6a562dfd4b9951f39c3931246a0302206949ad69399042

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706408324_732_b2k8l7354457b98p_IWA_CHECKOUT_WIDGET
Origin: https://checkout.paze.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:18:45 GMT
x-correlation-id: 2_1701121411_000_b2k8l555855996495r_IWA_CHECKOUT_WIDGET
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
age: 5084925
content-length: 36616
x-served-by: b2k8l555855996495r
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: cloudflare
etag: W/"8f08-3e8"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84c5bf203a4f3674-FRA
expires: Mon, 27 Jan 2025 02:18:45 GMT

GET
H2 200 f6f9069615fac772-s.p.woff2
checkout.paze.com/web/_next/static/media/ Frame 5183 36 KB
36 KB 42ms
42ms Font
font/woff2 104.18.1.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://checkout.paze.com/web/_next/static/media/f6f9069615fac772-s.p.woff2

Requested by

Host: checkout.paze.com
URL: https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706408324_732_b2k8l7354457b98p_IWA_CHECKOUT_WIDGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.217 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8087a9d7bf1aca68d19ada4a7e83e7750e3bf6c67573370e8b486051b9ea0d8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706408324_732_b2k8l7354457b98p_IWA_CHECKOUT_WIDGET
Origin: https://checkout.paze.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:18:45 GMT
x-correlation-id: 2_1699182850_855_b2k8l5558559964954w5_IWA_CHECKOUT_WIDGET
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
age: 6549324
content-length: 36772
x-served-by: b2k8l5558559964954w5
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: cloudflare
etag: W/"8fa4-3e8"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84c5bf203a503674-FRA
expires: Mon, 27 Jan 2025 02:18:45 GMT

GET
H2 200 a2ed6284e782df84.css
checkout.paze.com/web/_next/static/css/ Frame 5183 25 KB
6 KB 58ms
58ms Stylesheet
text/css 104.18.1.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://checkout.paze.com/web/_next/static/css/a2ed6284e782df84.css

Requested by

Host: checkout.paze.com
URL: https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706408324_732_b2k8l7354457b98p_IWA_CHECKOUT_WIDGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.217 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5066f729303a405249469775a90c2a4cee6d523cd413a65813c5082537ca19c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706408324_732_b2k8l7354457b98p_IWA_CHECKOUT_WIDGET
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:18:45 GMT
x-correlation-id: 1_1699367599_574_b2k8l73777b48c67q_IWA_CHECKOUT_WIDGET
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
age: 6649076
content-encoding: br
x-served-by: b2k8l73777b48c67q
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: cloudflare
etag: W/"63ff-3e8"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 84c5bf203a4d3674-FRA
expires: Mon, 27 Jan 2025 02:18:45 GMT

GET
H2 200 366-ca62b210402d0901.js Show response
checkout.paze.com/web/_next/static/chunks/ Frame 5183 33 KB
12 KB 58ms
57ms Script
application/javascript 104.18.1.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://checkout.paze.com/web/_next/static/chunks/366-ca62b210402d0901.js

Requested by

Host: checkout.paze.com
URL: https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706408324_732_b2k8l7354457b98p_IWA_CHECKOUT_WIDGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.217 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a95ae34eadc3618039d66982956ad1a20c56f1ec57489562d42d4ba01c5f722

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706408324_732_b2k8l7354457b98p_IWA_CHECKOUT_WIDGET
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:18:45 GMT
x-correlation-id: 2_1701132546_496_b2k8l555855996495t8k8_IWA_CHECKOUT_WIDGET
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
age: 5182134
content-encoding: br
x-served-by: b2k8l555855996495t8k8
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: cloudflare
etag: W/"85d8-3e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 84c5bf203a523674-FRA
expires: Mon, 27 Jan 2025 02:18:45 GMT

GET
H2 200 166-93cb71aa09d8d929.js Show response
checkout.paze.com/web/_next/static/chunks/ Frame 5183 39 KB
11 KB 58ms
57ms Script
application/javascript 104.18.1.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://checkout.paze.com/web/_next/static/chunks/166-93cb71aa09d8d929.js

Requested by

Host: checkout.paze.com
URL: https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706408324_732_b2k8l7354457b98p_IWA_CHECKOUT_WIDGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.217 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95c64e2a5edc5cf2f7e4f9f99dde4e772666088edf6c27b6846c5c27421db965

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706408324_732_b2k8l7354457b98p_IWA_CHECKOUT_WIDGET
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:18:45 GMT
x-correlation-id: 2_1701382774_030_b2k8l5575c589c47z2_IWA_CHECKOUT_WIDGET
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
age: 5024700
content-encoding: br
x-served-by: b2k8l5575c589c47z2
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: cloudflare
etag: W/"9db3-3e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 84c5bf203a533674-FRA
expires: Mon, 27 Jan 2025 02:18:45 GMT

GET
H2 200 770.c2079d2f07697879.js Show response
checkout.paze.com/web/_next/static/chunks/ Frame 5183 219 B
319 B 58ms
57ms Script
application/javascript 104.18.1.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://checkout.paze.com/web/_next/static/chunks/770.c2079d2f07697879.js

Requested by

Host: checkout.paze.com
URL: https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706408324_732_b2k8l7354457b98p_IWA_CHECKOUT_WIDGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.217 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a85f1f79a1e5eb0253b9d7fb0b81304d1532f062a4505d5d6e26040b699c669c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706408324_732_b2k8l7354457b98p_IWA_CHECKOUT_WIDGET
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:18:45 GMT
x-correlation-id: 2_1700900632_367_b2k8l5558559964955h7j_IWA_CHECKOUT_WIDGET
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
age: 5178954
content-encoding: br
x-served-by: b2k8l5558559964955h7j
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: cloudflare
etag: W/"db-3e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 84c5bf203a543674-FRA
expires: Mon, 27 Jan 2025 02:18:45 GMT

GET
H2 200 webpack-5039b9e58f3206d7.js Show response
checkout.paze.com/web/_next/static/chunks/ Frame 5183 3 KB
2 KB 36ms
35ms Script
application/javascript 104.18.1.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://checkout.paze.com/web/_next/static/chunks/webpack-5039b9e58f3206d7.js

Requested by

Host: checkout.paze.com
URL: https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706408324_732_b2k8l7354457b98p_IWA_CHECKOUT_WIDGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.217 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f1a84e11f04dcb79a2f1c939c2d527b892f531ae0e2884a6635b707343eb184

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706408324_732_b2k8l7354457b98p_IWA_CHECKOUT_WIDGET
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:18:45 GMT
x-correlation-id: 2_1701382792_768_b2k8l5575c589c47z2_IWA_CHECKOUT_WIDGET
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
age: 5025519
content-encoding: br
x-served-by: b2k8l5575c589c47z2
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: cloudflare
etag: W/"dd8-3e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 84c5bf203a563674-FRA
expires: Mon, 27 Jan 2025 02:18:45 GMT

GET
H2 200 framework-63157d71ad419e09.js Show response
checkout.paze.com/web/_next/static/chunks/ Frame 5183 138 KB
45 KB 59ms
58ms Script
application/javascript 104.18.1.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://checkout.paze.com/web/_next/static/chunks/framework-63157d71ad419e09.js

Requested by

Host: checkout.paze.com
URL: https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706408324_732_b2k8l7354457b98p_IWA_CHECKOUT_WIDGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.217 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a67c791841e3e122c4961cbe8bac2ffbf8ccac274d6475ac4bf8597eede4379

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706408324_732_b2k8l7354457b98p_IWA_CHECKOUT_WIDGET
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:18:45 GMT
x-correlation-id: 1_1701395127_598_b2k8l7354457b98r_IWA_CHECKOUT_WIDGET
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
age: 5013198
content-encoding: br
x-served-by: b2k8l7354457b98r
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: cloudflare
etag: W/"226d8-3e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 84c5bf203a573674-FRA
expires: Mon, 27 Jan 2025 02:18:45 GMT

GET
H2 200 main-c094492bcfee1c54.js Show response
checkout.paze.com/web/_next/static/chunks/ Frame 5183 103 KB
30 KB 58ms
57ms Script
application/javascript 104.18.1.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://checkout.paze.com/web/_next/static/chunks/main-c094492bcfee1c54.js

Requested by

Host: checkout.paze.com
URL: https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706408324_732_b2k8l7354457b98p_IWA_CHECKOUT_WIDGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.217 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7a89d474401a5b366d5914dbe46dd043dd9a9209c6df0cbc6bd1c6d3cbfcde7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706408324_732_b2k8l7354457b98p_IWA_CHECKOUT_WIDGET
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:18:45 GMT
x-correlation-id: 2_1698793801_319_b2k8l555855996495t8k8_IWA_CHECKOUT_WIDGET
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
age: 7605329
content-encoding: br
x-served-by: b2k8l555855996495t8k8
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: cloudflare
etag: W/"19a18-3e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 84c5bf203a583674-FRA
expires: Mon, 27 Jan 2025 02:18:45 GMT

GET
H2 200 _app-4fb1d2d0e6ec6ec5.js Show response
checkout.paze.com/web/_next/static/chunks/pages/ Frame 5183 88 KB
26 KB 67ms
66ms Script
application/javascript 104.18.1.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://checkout.paze.com/web/_next/static/chunks/pages/_app-4fb1d2d0e6ec6ec5.js

Requested by

Host: checkout.paze.com
URL: https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706408324_732_b2k8l7354457b98p_IWA_CHECKOUT_WIDGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.217 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a2d69b63163919542fbb8c2d64a9ebd81db9efebb7d10b968d458c0dd4c9abe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706408324_732_b2k8l7354457b98p_IWA_CHECKOUT_WIDGET
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:18:45 GMT
x-correlation-id: 2_1701628613_938_b2k8l5575c589c47b_IWA_CHECKOUT_WIDGET
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
age: 4779711
content-encoding: br
x-served-by: b2k8l5575c589c47b
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: cloudflare
etag: W/"15ea9-3e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 84c5bf205a663674-FRA
expires: Mon, 27 Jan 2025 02:18:45 GMT

GET
H2 200 communicator-760f56849712beb0.js Show response
checkout.paze.com/web/_next/static/chunks/pages/ Frame 5183 1 KB
881 B 58ms
57ms Script
application/javascript 104.18.1.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://checkout.paze.com/web/_next/static/chunks/pages/communicator-760f56849712beb0.js

Requested by

Host: checkout.paze.com
URL: https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706408324_732_b2k8l7354457b98p_IWA_CHECKOUT_WIDGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.217 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43d8ce764edece404b6fa936be8a8430f8bce9db358669edd967052ff08616e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706408324_732_b2k8l7354457b98p_IWA_CHECKOUT_WIDGET
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:18:45 GMT
x-correlation-id: 1_1701394681_280_b2k8l7354457b98g8_IWA_CHECKOUT_WIDGET
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
age: 5013644
content-encoding: br
x-served-by: b2k8l7354457b98g8
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: cloudflare
etag: W/"56e-3e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 84c5bf205a693674-FRA
expires: Mon, 27 Jan 2025 02:18:45 GMT

GET
H2 200 _buildManifest.js Show response
checkout.paze.com/web/_next/static/_Oid0uLYBUa1hBgaz5wKk/ Frame 5183 2 KB
1018 B 65ms
64ms Script
application/javascript 104.18.1.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://checkout.paze.com/web/_next/static/_Oid0uLYBUa1hBgaz5wKk/_buildManifest.js

Requested by

Host: checkout.paze.com
URL: https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706408324_732_b2k8l7354457b98p_IWA_CHECKOUT_WIDGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.217 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e436bb99f7b3d50bf6451b9eacd965eafff9f05b3edee7455ae83c8d28957d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706408324_732_b2k8l7354457b98p_IWA_CHECKOUT_WIDGET
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:18:45 GMT
x-correlation-id: 2_1701382790_720_b2k8l5575c589c47k_IWA_CHECKOUT_WIDGET
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
age: 5025513
content-encoding: br
x-served-by: b2k8l5575c589c47k
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: cloudflare
etag: W/"917-3e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 84c5bf205a6b3674-FRA
expires: Mon, 27 Jan 2025 02:18:45 GMT

GET
H2 200 _ssgManifest.js Show response
checkout.paze.com/web/_next/static/_Oid0uLYBUa1hBgaz5wKk/ Frame 5183 348 B
409 B 64ms
63ms Script
application/javascript 104.18.1.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://checkout.paze.com/web/_next/static/_Oid0uLYBUa1hBgaz5wKk/_ssgManifest.js

Requested by

Host: checkout.paze.com
URL: https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706408324_732_b2k8l7354457b98p_IWA_CHECKOUT_WIDGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.217 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4283e11439e7b626f568defa9d3a9be24fcf25af1d7f747cc6f42b5a208fdcfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706408324_732_b2k8l7354457b98p_IWA_CHECKOUT_WIDGET
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:18:45 GMT
x-correlation-id: 2_1701571192_234_b2k8l5575c589c47w54h_IWA_CHECKOUT_WIDGET
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
age: 4779711
content-encoding: br
x-served-by: b2k8l5575c589c47w54h
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: cloudflare
etag: W/"15c-3e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 84c5bf205a6d3674-FRA
expires: Mon, 27 Jan 2025 02:18:45 GMT

GET
H2 200 communicator.js Show response
checkout.paze.com/web/resources/js/ Frame 5183 71 KB
24 KB 505ms
504ms Script
application/javascript 104.18.1.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://checkout.paze.com/web/resources/js/communicator.js

Requested by

Host: checkout.paze.com
URL: https://checkout.paze.com/web/_next/static/chunks/main-c094492bcfee1c54.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.217 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a7d4b21b3012f18da0be075ac6b66086b242de02dbdcf8514f1d12e57799dc6

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' .visa.com .googleapis.com .google-analytics.com; default-src 'self' .visa.com; font-src 'self'; frame-ancestors 'none'; frame-src https: data: 'self' .visa.com; img-src https: data: 'self' .visa.com; media-src 'none'; object-src 'none'; script-src https: 'self' .visa.com 'unsafe-eval'; script-src-elem https: 'self' .visa.com 'unsafe-inline' 'unsafe-eval'; style-src https: 'self' .visa.com 'unsafe-inline'; style-src-elem https: 'self' .visa.com 'unsafe-inline';
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706408324_732_b2k8l7354457b98p_IWA_CHECKOUT_WIDGET
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:18:45 GMT
x-correlation-id: 1_1706408325_588_b2k8l7354457b98g8_IWA_CHECKOUT_WIDGET
x-content-type-options: nosniff
content-security-policy: base-uri 'none'; connect-src 'self' *.visa.com *.googleapis.com *.google-analytics.com; default-src 'self' *.visa.com; font-src 'self'; frame-ancestors 'none'; frame-src https: data: 'self' *.visa.com; img-src https: data: 'self' *.visa.com; media-src 'none'; object-src 'none'; script-src https: 'self' *.visa.com 'unsafe-eval'; script-src-elem https: 'self' *.visa.com 'unsafe-inline' 'unsafe-eval'; style-src https: 'self' *.visa.com 'unsafe-inline'; style-src-elem https: 'self' *.visa.com 'unsafe-inline';
content-encoding: br
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: MISS
x-served-by: b2k8l7354457b98g8
last-modified: Thu, 30 Nov 2023 23:24:22 GMT
server: cloudflare
etag: W/"11db4-18c228c31da"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 84c5bf20cad03674-FRA
expires: Sun, 28 Jan 2024 06:18:45 GMT

GET
H2 200 vba-3.1.2.min.js Show response
checkout.paze.com/web/resources/js/ Frame 5183 239 KB
85 KB 655ms
655ms Script
application/javascript 104.18.1.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://checkout.paze.com/web/resources/js/vba-3.1.2.min.js

Requested by

Host: checkout.paze.com
URL: https://checkout.paze.com/web/_next/static/chunks/main-c094492bcfee1c54.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.217 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19e90ebccf9d2ff6c5e30b8127c754591d24adf28002986833aa34ba126587d4

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' .visa.com .googleapis.com .google-analytics.com; default-src 'self' .visa.com; font-src 'self'; frame-ancestors 'none'; frame-src https: data: 'self' .visa.com; img-src https: data: 'self' .visa.com; media-src 'none'; object-src 'none'; script-src https: 'self' .visa.com 'unsafe-eval'; script-src-elem https: 'self' .visa.com 'unsafe-inline' 'unsafe-eval'; style-src https: 'self' .visa.com 'unsafe-inline'; style-src-elem https: 'self' .visa.com 'unsafe-inline';
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706408324_732_b2k8l7354457b98p_IWA_CHECKOUT_WIDGET
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:18:45 GMT
x-correlation-id: 1_1706408325_573_b2k8l7354457b98p_IWA_CHECKOUT_WIDGET
x-content-type-options: nosniff
content-security-policy: base-uri 'none'; connect-src 'self' *.visa.com *.googleapis.com *.google-analytics.com; default-src 'self' *.visa.com; font-src 'self'; frame-ancestors 'none'; frame-src https: data: 'self' *.visa.com; img-src https: data: 'self' *.visa.com; media-src 'none'; object-src 'none'; script-src https: 'self' *.visa.com 'unsafe-eval'; script-src-elem https: 'self' *.visa.com 'unsafe-inline' 'unsafe-eval'; style-src https: 'self' *.visa.com 'unsafe-inline'; style-src-elem https: 'self' *.visa.com 'unsafe-inline';
content-encoding: br
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: MISS
x-served-by: b2k8l7354457b98p
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: cloudflare
etag: W/"3ba7c-3e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 84c5bf20cad23674-FRA
expires: Sun, 28 Jan 2024 06:18:45 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 5183 191 KB
66 KB 78ms
33ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NZT7WDR

Requested by

Host: patient.moolah.cc
URL: https://patient.moolah.cc/paymentPage/minalpateldmd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d054246b4656c96c04b2ce0bccd1ce5e9d665ada7774c2b22a1ab6aca1bb7e2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://checkout.paze.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:18:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67480
x-xss-protection: 0
last-modified: Sun, 28 Jan 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 28 Jan 2024 02:18:45 GMT

OPTIONS
H2 204 track
centralus-2.in.applicationinsights.azure.com//v2/ Frame 0
0 722ms
245ms Preflight 20.118.198.33
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://centralus-2.in.applicationinsights.azure.com//v2/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.118.198.33 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://patient.moolah.cc
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
date: Sun, 28 Jan 2024 02:18:45 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000

POST
H2 200 track Show response
centralus-2.in.applicationinsights.azure.com//v2/ 49 B
157 B 124ms
123ms XHR
application/json 20.118.198.33
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://centralus-2.in.applicationinsights.azure.com//v2/track

Requested by

Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.118.198.33 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

2f06451e2da9bcec5593f0e5f8be5aaf93a584def5560838666f6ddcc0f90a19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://patient.moolah.cc/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000
date: Sun, 28 Jan 2024 02:18:45 GMT
x-content-type-options: nosniff
server: Microsoft-HTTPAPI/2.0
content-length: 49
content-type: application/json; charset=utf-8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 5183 271 KB
90 KB 37ms
36ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-F37RS8EP44&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZT7WDR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

33dbcac269488134aa2b5afb0a5ce77c4820e17251558cd84dfba36abbfef851

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://checkout.paze.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:18:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92365
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 28 Jan 2024 02:18:45 GMT

GET
H/1.1 200
OK tags Show response
thm.visa.com/fp/ Frame 5314 685 B
1 KB 68ms
13ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://thm.visa.com/fp/tags?org_id=ge4f5xfn&session_id=bc_checkout_001d9ehhh

Requested by

Host: checkout.paze.com
URL: https://checkout.paze.com/web/resources/js/communicator.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

dff02993608c5a23de9c8915efcb98ee2555e4f6dbf42e23ad20e1b449c3d9cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://checkout.paze.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Language: nl-NL
Content-Length: 360
Content-Type: text/html;charset=UTF-8
Date: Sun, 28 Jan 2024 02:18:45 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
P3P: CP=IVAa PSAa
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-UA-Compatible: IE=Edge
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK tags Show response
xmt.paze.com/fp/ Frame CF0C 685 B
1 KB 59ms
13ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://xmt.paze.com/fp/tags?org_id=dubkxo24&session_id=bc_checkout_001035dht

Requested by

Host: checkout.paze.com
URL: https://checkout.paze.com/web/resources/js/communicator.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

161d71a08a7a3926ac154358d7ed02d851040ecae624154001ae8e2980c75190

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://checkout.paze.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Language: nl-NL
Content-Length: 360
Content-Type: text/html;charset=UTF-8
Date: Sun, 28 Jan 2024 02:18:45 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
P3P: CP=IVAa PSAa
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-UA-Compatible: IE=Edge
X-XSS-Protection: 1; mode=block

GET
H2 200 merchant Show response
checkout.paze.com/api/v1/iwa/ Frame 5183 2 B
1 KB 166ms
166ms Fetch
application/json 104.18.1.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://checkout.paze.com/api/v1/iwa/merchant?api_key=BZTSGJ5554C9KTTUNQCK21_3-pBQgEwsJ0IPORgO-zUhsv1UA&profileId=GoDaddyMerchantA

Requested by

Host: checkout.paze.com
URL: https://checkout.paze.com/web/resources/js/communicator.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.217 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-CORRELATION-ID: 1_1706408324_732_b2k8l7354457b98p_IWA_CHECKOUT_WIDGET
accept-language: nl-NL,nl;q=0.9
Authorization: Basic QlpUU0dKNTU1NEM5S1RUVU5RQ0syMV8zLXBCUWdFd3NKMElQT1JnTy16VWhzdjFVQQ==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json
Accept: application/json
API_KEY: BZTSGJ5554C9KTTUNQCK21_3-pBQgEwsJ0IPORgO-zUhsv1UA
Referer: https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706408324_732_b2k8l7354457b98p_IWA_CHECKOUT_WIDGET

Response headers

date: Sun, 28 Jan 2024 02:18:45 GMT
x-correlation-id: 1_1706408324_732_b2k8l7354457b98p_IWA_CHECKOUT_WIDGET
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-content-security-policy-report-only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
content-security-policy-report-only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
x-cnection: close
content-length: 2
x-xss-protection: 0
x-served-by: b2k8l73-69d9c4c7t99t5, b2k8l73-65b97d8-2b9t
pragma: no-cache
server: cloudflare
x-webkit-csp-report-only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
x-app-status: 200
cf-ray: 84c5bf240d2a3674-FRA
expires: -1

POST
H2 201 token Show response
checkout.paze.com/apn/iwa-web/oauth2/ Frame 5183 1 KB
2 KB 433ms
432ms Fetch
application/json 104.18.1.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://checkout.paze.com/apn/iwa-web/oauth2/token

Requested by

Host: checkout.paze.com
URL: https://checkout.paze.com/web/resources/js/communicator.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.217 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7d48ad78cc6b3670afc00190f19541b3a9380c19340c91e350727ad08327e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json
X-CORRELATION-ID: 1_1706408324_732_b2k8l7354457b98p_IWA_CHECKOUT_WIDGET
Referer: https://checkout.paze.com/web/communicator?parentUrl=https%3A%2F%2Fpatient.moolah.cc&correlationId=1_1706408324_732_b2k8l7354457b98p_IWA_CHECKOUT_WIDGET
accept-language: nl-NL,nl;q=0.9
Authorization: Basic QlpUU0dKNTU1NEM5S1RUVU5RQ0syMV8zLXBCUWdFd3NKMElQT1JnTy16VWhzdjFVQQ==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 28 Jan 2024 02:18:46 GMT
x-correlation-id: 1_1706408324_732_b2k8l7354457b98p_IWA_CHECKOUT_WIDGET
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-content-security-policy-report-only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
content-security-policy-report-only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
x-cnection: close
content-length: 1241
x-xss-protection: 0
x-served-by: b2k8l73-69d9c4c7p9, b2k8l73-66b8f65768-75p6
pragma: no-cache
server: cloudflare
x-webkit-csp-report-only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
x-app-status: 201
cache-control: no-cache, no-store, must-revalidate
cf-ray: 84c5bf240d2b3674-FRA
x-via-hint_dca: 1_hMSG_w
expires: -1

GET
H/1.1 200
OK clear.png
xmt.paze.com/fp/ Frame CF0C 81 B
474 B 12ms
12ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xmt.paze.com/fp/clear.png?org_id=dubkxo24&session_id=bc_checkout_001035dht&nonce=c49ac9e5c5969fd9&ck=0&m=2

Requested by

Host: xmt.paze.com
URL: https://xmt.paze.com/fp/tags?org_id=dubkxo24&session_id=bc_checkout_001035dht

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xmt.paze.com/fp/tags?org_id=dubkxo24&session_id=bc_checkout_001035dht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Jan 2024 02:18:45 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK check.js;CIS3SID=65451A9C5512AB37C7D3355466609A03 Show response
xmt.paze.com/fp/ Frame CF0C 487 KB
92 KB 34ms
21ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://xmt.paze.com/fp/check.js;CIS3SID=65451A9C5512AB37C7D3355466609A03?org_id=dubkxo24&session_id=bc_checkout_001035dht&nonce=c49ac9e5c5969fd9

Requested by

Host: xmt.paze.com
URL: https://xmt.paze.com/fp/tags?org_id=dubkxo24&session_id=bc_checkout_001035dht

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

8f33c1f4ed7631615668ab4bd6bed28df325b7f0afd6edf389cfe470b923a0cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xmt.paze.com/fp/tags?org_id=dubkxo24&session_id=bc_checkout_001035dht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 02:18:45 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
tmx-nonce: c49ac9e5c5969fd9
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=98
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
thm.visa.com/fp/ Frame 5314 81 B
474 B 12ms
12ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thm.visa.com/fp/clear.png?org_id=ge4f5xfn&session_id=bc_checkout_001d9ehhh&nonce=3ad572257c26fc3c&ck=0&m=2

Requested by

Host: thm.visa.com
URL: https://thm.visa.com/fp/tags?org_id=ge4f5xfn&session_id=bc_checkout_001d9ehhh

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thm.visa.com/fp/tags?org_id=ge4f5xfn&session_id=bc_checkout_001d9ehhh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Jan 2024 02:18:45 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK check.js;CIS3SID=2BFB97CDF76E39F2B277913019B54499 Show response
thm.visa.com/fp/ Frame 5314 295 KB
51 KB 34ms
21ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://thm.visa.com/fp/check.js;CIS3SID=2BFB97CDF76E39F2B277913019B54499?org_id=ge4f5xfn&session_id=bc_checkout_001d9ehhh&nonce=3ad572257c26fc3c

Requested by

Host: thm.visa.com
URL: https://thm.visa.com/fp/tags?org_id=ge4f5xfn&session_id=bc_checkout_001d9ehhh

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

430bcd811b79391342b1c9a3d23ce768461cb1c59713014f9315aa50c61961e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thm.visa.com/fp/tags?org_id=ge4f5xfn&session_id=bc_checkout_001d9ehhh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 02:18:45 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
tmx-nonce: 3ad572257c26fc3c
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=98
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
thm.visa.com/fp/ Frame 5314 81 B
475 B 32ms
12ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thm.visa.com/fp/clear.png?org_id=ge4f5xfn&session_id=bc_checkout_001d9ehhh&nonce=3ad572257c26fc3c&w=3ad572257c26fc3c&ck=0&m=1

Requested by

Host: thm.visa.com
URL: https://thm.visa.com/fp/tags?org_id=ge4f5xfn&session_id=bc_checkout_001d9ehhh

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thm.visa.com/fp/tags?org_id=ge4f5xfn&session_id=bc_checkout_001d9ehhh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Jan 2024 02:18:45 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
xmt.paze.com/fp/ Frame CF0C 81 B
475 B 25ms
12ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xmt.paze.com/fp/clear.png?org_id=dubkxo24&session_id=bc_checkout_001035dht&nonce=c49ac9e5c5969fd9&w=c49ac9e5c5969fd9&ck=0&m=1

Requested by

Host: xmt.paze.com
URL: https://xmt.paze.com/fp/tags?org_id=dubkxo24&session_id=bc_checkout_001035dht

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xmt.paze.com/fp/tags?org_id=dubkxo24&session_id=bc_checkout_001035dht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Jan 2024 02:18:45 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK index.html Show response
cdn.poynt.net/collect/ Frame B14E 742 B
1 KB 32ms
32ms Document
text/html 65.9.95.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.poynt.net/collect/index.html?iFrame%5Bwidth%5D=100%25&iFrame%5Bheight%5D=165px&iFrame%5Bborder%5D=0px&iFrame%5BframeBorder%5D=0px&style%5Btheme%5D=customer&displayComponents%5BfirstName%5D=false&displayComponents%5BlastName%5D=false&displayComponents%5BemailAddress%5D=false&displayComponents%5BsubmitButton%5D=false&displayComponents%5BshowEndingPage%5D=false&displayComponents%5Blabels%5D=true&displayComponents%5BzipCode%5D=true&buttonOptions%5Btype%5D=plain&buttonOptions%5Bwidth%5D=400&buttonOptions%5Bheight%5D=50&businessId=b86fd1dc-12ba-412f-b933-191cff33a977&applicationId=urn%3Aaid%3Adf5ae5f0-6360-4024-819f-b7a17b92d5c7&sessionId=2fb532a6-2fd4-4668-bd7d-9127b15e26cd&enableReCaptcha=false&enableCardOnFile=false
Requested by: Host: cdn.poynt.net
URL: https://cdn.poynt.net/collect.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-49.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7df2bb71378a86f7de113d17a1766e50aae7b679c1fa25adc8aa23c153f89e27

Request headers

Referer: https://patient.moolah.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Age: 63240
Connection: keep-alive
Content-Length: 742
Content-Type: text/html
Date: Sat, 27 Jan 2024 08:44:47 GMT
ETag: "34ec6f6eeadfb689dab02af4443ffcac"
Last-Modified: Tue, 09 Jan 2024 17:06:25 GMT
Server: AmazonS3
Vary: Accept-Encoding
Via: 1.1 df0aa1ee2f3a5b8f1aa2a31aa4b7db86.cloudfront.net (CloudFront)
X-Amz-Cf-Id: wn2Hfg-LpxgKDVJFoVuRdA_P5NFRmEPm75ZmhM-vEowlfJY7rAmAMA==
X-Amz-Cf-Pop: PRG50-C1
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: tSYxw13QEIpreYtDHun_ZI.ClRHXeGtG

GET
H/1.1 200
OK main.baaf5f56.js Show response
cdn.poynt.net/collect/static/js/ Frame B14E 502 KB
158 KB 38ms
37ms Script
application/x-javascript 65.9.95.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.poynt.net/collect/static/js/main.baaf5f56.js
Requested by: Host: cdn.poynt.net
URL: https://cdn.poynt.net/collect/index.html?iFrame%5Bwidth%5D=100%25&iFrame%5Bheight%5D=165px&iFrame%5Bborder%5D=0px&iFrame%5BframeBorder%5D=0px&style%5Btheme%5D=customer&displayComponents%5BfirstName%5D=false&displayComponents%5BlastName%5D=false&displayComponents%5BemailAddress%5D=false&displayComponents%5BsubmitButton%5D=false&displayComponents%5BshowEndingPage%5D=false&displayComponents%5Blabels%5D=true&displayComponents%5BzipCode%5D=true&buttonOptions%5Btype%5D=plain&buttonOptions%5Bwidth%5D=400&buttonOptions%5Bheight%5D=50&businessId=b86fd1dc-12ba-412f-b933-191cff33a977&applicationId=urn%3Aaid%3Adf5ae5f0-6360-4024-819f-b7a17b92d5c7&sessionId=2fb532a6-2fd4-4668-bd7d-9127b15e26cd&enableReCaptcha=false&enableCardOnFile=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-49.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e83d497a0603364e9586a8a3521a761f48858e1e7de748eb4e469766c500c71e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.poynt.net/collect/index.html?iFrame%5Bwidth%5D=100%25&iFrame%5Bheight%5D=165px&iFrame%5Bborder%5D=0px&iFrame%5BframeBorder%5D=0px&style%5Btheme%5D=customer&displayComponents%5BfirstName%5D=false&displayComponents%5BlastName%5D=false&displayComponents%5BemailAddress%5D=false&displayComponents%5BsubmitButton%5D=false&displayComponents%5BshowEndingPage%5D=false&displayComponents%5Blabels%5D=true&displayComponents%5BzipCode%5D=true&buttonOptions%5Btype%5D=plain&buttonOptions%5Bwidth%5D=400&buttonOptions%5Bheight%5D=50&businessId=b86fd1dc-12ba-412f-b933-191cff33a977&applicationId=urn%3Aaid%3Adf5ae5f0-6360-4024-819f-b7a17b92d5c7&sessionId=2fb532a6-2fd4-4668-bd7d-9127b15e26cd&enableReCaptcha=false&enableCardOnFile=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: RjxNpQuXFCNB7_IZ3lQtGpDCbnwbcfGk
Content-Encoding: gzip
Via: 1.1 df0aa1ee2f3a5b8f1aa2a31aa4b7db86.cloudfront.net (CloudFront)
Date: Sat, 27 Jan 2024 15:02:47 GMT
X-Amz-Cf-Pop: PRG50-C1
Age: 40560
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Last-Modified: Tue, 09 Jan 2024 17:06:25 GMT
Server: AmazonS3
ETag: W/"5d2625e6351777f666faebee7af6bb2e"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Amz-Cf-Id: 3vxW5T_wzzQ60Ovbd-Po9xd9AMZweCXufd1Kws-FI--kxcO64jHXDw==

GET
H/1.1 200
OK main.7f7ece38.css
cdn.poynt.net/collect/static/css/ Frame B14E 9 KB
3 KB 33ms
32ms Stylesheet
text/css 65.9.95.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.poynt.net/collect/static/css/main.7f7ece38.css
Requested by: Host: cdn.poynt.net
URL: https://cdn.poynt.net/collect/index.html?iFrame%5Bwidth%5D=100%25&iFrame%5Bheight%5D=165px&iFrame%5Bborder%5D=0px&iFrame%5BframeBorder%5D=0px&style%5Btheme%5D=customer&displayComponents%5BfirstName%5D=false&displayComponents%5BlastName%5D=false&displayComponents%5BemailAddress%5D=false&displayComponents%5BsubmitButton%5D=false&displayComponents%5BshowEndingPage%5D=false&displayComponents%5Blabels%5D=true&displayComponents%5BzipCode%5D=true&buttonOptions%5Btype%5D=plain&buttonOptions%5Bwidth%5D=400&buttonOptions%5Bheight%5D=50&businessId=b86fd1dc-12ba-412f-b933-191cff33a977&applicationId=urn%3Aaid%3Adf5ae5f0-6360-4024-819f-b7a17b92d5c7&sessionId=2fb532a6-2fd4-4668-bd7d-9127b15e26cd&enableReCaptcha=false&enableCardOnFile=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-49.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c9fe096d933b4cc05ec5d18f284c5e75f84b4c6b4b4c3a21fbe70602d1bd8cde

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.poynt.net/collect/index.html?iFrame%5Bwidth%5D=100%25&iFrame%5Bheight%5D=165px&iFrame%5Bborder%5D=0px&iFrame%5BframeBorder%5D=0px&style%5Btheme%5D=customer&displayComponents%5BfirstName%5D=false&displayComponents%5BlastName%5D=false&displayComponents%5BemailAddress%5D=false&displayComponents%5BsubmitButton%5D=false&displayComponents%5BshowEndingPage%5D=false&displayComponents%5Blabels%5D=true&displayComponents%5BzipCode%5D=true&buttonOptions%5Btype%5D=plain&buttonOptions%5Bwidth%5D=400&buttonOptions%5Bheight%5D=50&businessId=b86fd1dc-12ba-412f-b933-191cff33a977&applicationId=urn%3Aaid%3Adf5ae5f0-6360-4024-819f-b7a17b92d5c7&sessionId=2fb532a6-2fd4-4668-bd7d-9127b15e26cd&enableReCaptcha=false&enableCardOnFile=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: UZzRUaNMW9q0ocXZ5m8RpwUVxDpaZlQR
Content-Encoding: gzip
Via: 1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
Date: Sat, 27 Jan 2024 06:35:23 GMT
X-Amz-Cf-Pop: PRG50-C1
Age: 71004
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Last-Modified: Tue, 09 Jan 2024 17:06:25 GMT
Server: AmazonS3
ETag: W/"93492fd5625e828aab0ed373d20bb5a3"
Vary: Accept-Encoding
Content-Type: text/css
X-Amz-Cf-Id: 5MvijHfhRZqYSQtJADf9xFWoGEVWUxGQeTcz7KFHxVSDqRkyNZ8A-w==

GET
H/1.1 200
OK clear.png Show response
thm.visa.com/fp/ Frame 5314 81 B
476 B 12ms
12ms XHR
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://thm.visa.com/fp/clear.png

Requested by

Host: thm.visa.com
URL: https://thm.visa.com/fp/check.js;CIS3SID=2BFB97CDF76E39F2B277913019B54499?org_id=ge4f5xfn&session_id=bc_checkout_001d9ehhh&nonce=3ad572257c26fc3c

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, ge4f5xfn/3ad572257c26fc3cbc_checkout_001d9ehhh
Referer: https://thm.visa.com/fp/tags?org_id=ge4f5xfn&session_id=bc_checkout_001d9ehhh
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 02:18:46 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Sun, 28 Jan 2024 02:18:46 GMT
Server: Apache
Etag: a29b50485c33411fbecd8f5d2f203f2e
Content-Type: image/png
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
Content-Length: 81
Expires: Fri, 26 Jan 2029 02:18:46 GMT

GET
H/1.1 200
OK ls_fp.html;CIS3SID=2BFB97CDF76E39F2B277913019B54499 Show response
thm.visa.com/fp/ Frame D1EC 90 KB
13 KB 15ms
15ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://thm.visa.com/fp/ls_fp.html;CIS3SID=2BFB97CDF76E39F2B277913019B54499?org_id=ge4f5xfn&session_id=bc_checkout_001d9ehhh&nonce=3ad572257c26fc3c

Requested by

Host: thm.visa.com
URL: https://thm.visa.com/fp/check.js;CIS3SID=2BFB97CDF76E39F2B277913019B54499?org_id=ge4f5xfn&session_id=bc_checkout_001d9ehhh&nonce=3ad572257c26fc3c

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

a124e5c311a88ecdac0857b813792b8fc2378e45912b3d4c5ceb39a9dd00fa66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thm.visa.com/fp/tags?org_id=ge4f5xfn&session_id=bc_checkout_001d9ehhh
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Sun, 28 Jan 2024 02:18:46 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
No Content clear.png Show response
thm.visa.com/fp/ Frame 5314 0
388 B 14ms
12ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://thm.visa.com/fp/clear.png?org_id=ge4f5xfn&session_id=bc_checkout_001d9ehhh&nonce=3ad572257c26fc3c&jb=31342c6e7b613f3d3361373b6538623639393f3c3b313032643e35616b6b316332383834623036

Requested by

Host: thm.visa.com
URL: https://thm.visa.com/fp/check.js;CIS3SID=2BFB97CDF76E39F2B277913019B54499?org_id=ge4f5xfn&session_id=bc_checkout_001d9ehhh&nonce=3ad572257c26fc3c

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thm.visa.com/fp/tags?org_id=ge4f5xfn&session_id=bc_checkout_001d9ehhh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Jan 2024 02:18:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sid_fp.html;CIS3SID=2BFB97CDF76E39F2B277913019B54499 Show response
h.online-metrix.net/fp/ Frame 5D49 103 KB
15 KB 60ms
16ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=2BFB97CDF76E39F2B277913019B54499?org_id=ge4f5xfn&session_id=bc_checkout_001d9ehhh&nonce=3ad572257c26fc3c

Requested by

Host: thm.visa.com
URL: https://thm.visa.com/fp/check.js;CIS3SID=2BFB97CDF76E39F2B277913019B54499?org_id=ge4f5xfn&session_id=bc_checkout_001d9ehhh&nonce=3ad572257c26fc3c

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

8393fe351bf56b377573ccff95956a0654bb276987d64f979383768002cd87f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thm.visa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Sun, 28 Jan 2024 02:18:46 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK top_fp.html;CIS3SID=2BFB97CDF76E39F2B277913019B54499 Show response
thm.visa.com/fp/ Frame 2D8A 89 KB
13 KB 15ms
15ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://thm.visa.com/fp/top_fp.html;CIS3SID=2BFB97CDF76E39F2B277913019B54499?org_id=ge4f5xfn&session_id=bc_checkout_001d9ehhh&nonce=3ad572257c26fc3c

Requested by

Host: thm.visa.com
URL: https://thm.visa.com/fp/check.js;CIS3SID=2BFB97CDF76E39F2B277913019B54499?org_id=ge4f5xfn&session_id=bc_checkout_001d9ehhh&nonce=3ad572257c26fc3c

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

0407d0916e78508e459622b4e5c5d71cec71fd3ac89248479e8794faa626f89e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thm.visa.com/fp/tags?org_id=ge4f5xfn&session_id=bc_checkout_001d9ehhh
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Sun, 28 Jan 2024 02:18:46 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
204 clear.png Show response
thm.visa.com/fp/ Frame 5314 0
218 B 14ms
14ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://thm.visa.com/fp/clear.png?org_id=ge4f5xfn&session_id=bc_checkout_001d9ehhh&nonce=3ad572257c26fc3c&ja=333a3c362e2661373c3026703d3630266e3d393e38327a3b303830246b6c3d313c303078313a30382e7b7a7b37327030246e7a723d3b2c313630382c393a38322e3b3438302e3b383030263330302c393538243934323a2e3932323a26302c3a266d743d6938303a6960616e613f37666e6c6466336561383439313c3f38346033633f612467643d342c7363643d3a342e64603f6a7e76787327394b25324c25324674606d267e6171632461676d27384c66702f324674616f732d3b4e6d706d5d616427394e67653e6635786666253a3e7b6771796b676e5d636e25334e62635f6360656b636777765532383166336f68686226706c3d3b26786035353a6c303061633c68636668653131336a373b303f63673a663b6266683864342c68683d353139693f3c36333c633c333b3b38623138613039613a31306c696135323569266879653d57636e646f777b253a3839332460716a3d4162786f6d6f253230313a302e627b6d773755616e66657d7326607362753d4b687a67656724646a6b3d362c64646d3738266e6d7c7035382e76786e3f4d7570657a65253846416d737c657a6c696f2467637c6870373e303039643163326a656b383a673469613d36323a3232616e3135353438316e6c3c373a32333c31663c6f616138346463393c616e6a6c353039333b313b3c6b2664783d68747478732d3b4927304c273a4661626f636b6575742e70697a6d266b6d6f2f304e2672377a6c756d696e5f6664617b602d37476c636473672b7a6c756d696e5f77616e6c677f715d67676c6963557a6c6173657225354d6669647b67237a6e7d676b645561646562655f616b72676a6976273f476e616e796f2170667567696e57717d616b6976636f6d25374f6c616c796521706c7d67616657716a65616377637c6f25354f66616c736d2178647d656b645d7a6563667a6c6173657225354d6669647b67237a6e7d676b6455766c695f706c6171657a2d3d47646b6e7b65237a667567636e5f64657e61647e7a27374f64696c716f2b706c7f67696e5f7b766f577e6b677d677a25374f6c616c796521706c7d6761665768637c632d35476c6b6c736f26676c5f6b3d7f6d6a656e5d676a474e2f3830312430253230204f786d66454e2f303845512f38303224302532304b687a67656b77672b5f65604d4625323a474c534c2d32384d5b27303a33263027383a284f7a656e474c2d32384d5b27303a4544534e2f383045592532303126302d3a38416a786d65697767235765684b6974576d6243617c27303a556d6245464b4e4746455f696e7b7469666b676655637a72637379253348253230455054576a64676c6e5d65696c676b782539422532304d585c576b6d6e65705762776c6c65725568616c665766646769762739402d32324f52545f6c6c6f61745762646d66662739402d32324f52545f6c7261675f6c65787c60273148273a3047525e5f73626164657257746d707c77706f5d646f662f394225383045585457746d707c77706f5d6b6f6f7a78657379696f6e5f6a707c6b2d31402f3038455a5e5574657274757265576367657870677971616f6c5578677469253342253a304d505c5d766f7a7c75706f556669667465725f696e617b6776706572616327394825323a4558545f7b524f4a2d31402f30384f475955656c6f6d656e745769666c6d7a5d7f6b667427394825323a4f45535f6e6267577a676c6e677a5f6f637a6d617a253342253a30474d5b5d717e63666463786e5f646f726976617c697e6d7b273148273a304d4f595f746f787475726d5f6e646763762f314a25303a45455355746578747d726d576e6e6d6b76576c6b646f61722f33422532384f4d5b57766772767d72675562616c6c5f666c6f69742d3b4a27303a4d4d535d7e6f78747f72655f68696c6e576e6e6d6b76576c6b646f61722f33422532384f4d5b57746778766d785d6b787261735f6f626a6d637c2d3b402738325f45404d465f63656c6f725f6a756e6e6d705d6c6e6761762f39422538305745424f4c576b676f7278677b73676e557465727475726557617b7c6b273148273a30554f48474c55636f6d707a657b7b6d665d7e67707477786f5f657e632533422d32385f4d4045465d6b6f6f7a7865737965645f746d787c7d7a675d6f766b3127394825323a57454247445f6b676572706f717b6566557e65787e7572655f7b337c6b2d31402f30385747484d4c5f696f6d70726d737b6d6c5d766f7a7c75706f5573337e635f73726f622d3b4a27303a554d4245465564656875675f726d6e6c6d7a6770556b66666d2f39422538305745424f4c576c6d7276625d7c657a7e7f72652f3342253238574d4a4f4e5d6e7069775d687f66666f727325334a253a385f47404d4e576c6d796f5f63656e7465787c253b4a2d30325d474a474e5567756c7e695f64726977393e2e656e556a3533646c3f64666c343734306c646b3c3835673c306a65326f3d3464383535343639303c6c3c303733247f676e7c37496e7e656c25323849666b2624756d6e7a3d4b647e656c2f3230497261732d3a384d726f6c4f4c27383a456e6d696e65266b636c3538&jb=33373f2464713f47657a69666c6125324e3526382d30322255616e66657d732538304e54253a30393826322739402d32325d636e363e253342253a30703e3c2b273832497072666f5765684b6974253a463d3b3f2c313c273a302a4142544d46253243253a30646163672738324f6561616529253830436872676d6d2d3a4433383226302c3c3a393924323234253a305b696e637063273a4637393d2e333c

Requested by

Host: thm.visa.com
URL: https://thm.visa.com/fp/check.js;CIS3SID=2BFB97CDF76E39F2B277913019B54499?org_id=ge4f5xfn&session_id=bc_checkout_001d9ehhh&nonce=3ad572257c26fc3c

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thm.visa.com/fp/tags?org_id=ge4f5xfn&session_id=bc_checkout_001d9ehhh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 02:18:46 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK clear.png
ge4f5xfnbegazpkdt6yuqw7ptjsamt455mtqb7o53ad572257c26fc3cam1.e.aa.online-metrix.net/fp/ Frame 5314 81 B
438 B 66ms
12ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ge4f5xfnbegazpkdt6yuqw7ptjsamt455mtqb7o53ad572257c26fc3cam1.e.aa.online-metrix.net/fp/clear.png?org_id=ge4f5xfn&session_id=bc_checkout_001d9ehhh&nonce=3ad572257c26fc3c&di=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thm.visa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Jan 2024 02:18:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK HP Show response
xmt.paze.com/fp/ Frame A960 19 KB
6 KB 14ms
13ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://xmt.paze.com/fp/HP?session_id=bc_checkout_001035dht&org_id=dubkxo24&nonce=c49ac9e5c5969fd9&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx

Requested by

Host: xmt.paze.com
URL: https://xmt.paze.com/fp/check.js;CIS3SID=65451A9C5512AB37C7D3355466609A03?org_id=dubkxo24&session_id=bc_checkout_001035dht&nonce=c49ac9e5c5969fd9

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

999815cfdcaecefdb23b41f2be728360f85064cac75815da9aa484f851432bf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xmt.paze.com/fp/tags?org_id=dubkxo24&session_id=bc_checkout_001035dht
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Language: nl-NL
Content-Length: 5769
Content-Type: text/html;charset=UTF-8
Date: Sun, 28 Jan 2024 02:18:46 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=97
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=Edge
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK clear.png Show response
xmt.paze.com/fp/ Frame CF0C 81 B
476 B 12ms
12ms XHR
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://xmt.paze.com/fp/clear.png

Requested by

Host: xmt.paze.com
URL: https://xmt.paze.com/fp/check.js;CIS3SID=65451A9C5512AB37C7D3355466609A03?org_id=dubkxo24&session_id=bc_checkout_001035dht&nonce=c49ac9e5c5969fd9

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, dubkxo24/c49ac9e5c5969fd9bc_checkout_001035dht
Referer: https://xmt.paze.com/fp/tags?org_id=dubkxo24&session_id=bc_checkout_001035dht
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 02:18:46 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Sun, 28 Jan 2024 02:18:46 GMT
Server: Apache
Etag: 5fd72939dd824a1398064885931f8314
Content-Type: image/png
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Length: 81
Expires: Fri, 26 Jan 2029 02:18:46 GMT

GET
H/1.1

204
No Content

clear.png Show response
h.online-metrix.net/fp/ Frame CF0C
Redirect Chain

https://h.online-metrix.net/fp/clear.png?org_id=dubkxo24&session_id=bc_checkout_001035dht&nonce=c49ac9e5c5969fd9&gttl=155520000
https://h.online-metrix.net/fp/clear.png?org_id=dubkxo24&session_id=bc_checkout_001035dht&nonce=c49ac9e5c5969fd9&k=2

0
387 B

12ms
12ms

Script
text/javascript

91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/clear.png?org_id=dubkxo24&session_id=bc_checkout_001035dht&nonce=c49ac9e5c5969fd9&k=2

Protocol

HTTP/1.1

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xmt.paze.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Jan 2024 02:18:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Sun, 28 Jan 2024 02:18:46 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
P3P: CP=IVAa PSAa
Location: https://h.online-metrix.net/fp/clear.png?org_id=dubkxo24&session_id=bc_checkout_001035dht&nonce=c49ac9e5c5969fd9&k=2
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 0

GET
H/1.1 200
OK ls_fp.html;CIS3SID=65451A9C5512AB37C7D3355466609A03 Show response
xmt.paze.com/fp/ Frame B3FB 90 KB
13 KB 15ms
15ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://xmt.paze.com/fp/ls_fp.html;CIS3SID=65451A9C5512AB37C7D3355466609A03?org_id=dubkxo24&session_id=bc_checkout_001035dht&nonce=c49ac9e5c5969fd9

Requested by

Host: xmt.paze.com
URL: https://xmt.paze.com/fp/check.js;CIS3SID=65451A9C5512AB37C7D3355466609A03?org_id=dubkxo24&session_id=bc_checkout_001035dht&nonce=c49ac9e5c5969fd9

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

b8b3fb186dde5911483d78748d8d162080cf5c270c30afd025f2f093c07f0c9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xmt.paze.com/fp/tags?org_id=dubkxo24&session_id=bc_checkout_001035dht
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Sun, 28 Jan 2024 02:18:46 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
No Content clear.png Show response
xmt.paze.com/fp/ Frame CF0C 0
387 B 12ms
12ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://xmt.paze.com/fp/clear.png?org_id=dubkxo24&session_id=bc_checkout_001035dht&nonce=c49ac9e5c5969fd9&jb=31342c6e7b613f336b663233376561333131663c62613132666e36606c6930303b376561393665

Requested by

Host: xmt.paze.com
URL: https://xmt.paze.com/fp/check.js;CIS3SID=65451A9C5512AB37C7D3355466609A03?org_id=dubkxo24&session_id=bc_checkout_001035dht&nonce=c49ac9e5c5969fd9

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xmt.paze.com/fp/tags?org_id=dubkxo24&session_id=bc_checkout_001035dht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Jan 2024 02:18:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=96
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sid_fp.html;CIS3SID=65451A9C5512AB37C7D3355466609A03 Show response
h.online-metrix.net/fp/ Frame 747C 103 KB
15 KB 24ms
15ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=65451A9C5512AB37C7D3355466609A03?org_id=dubkxo24&session_id=bc_checkout_001035dht&nonce=c49ac9e5c5969fd9

Requested by

Host: xmt.paze.com
URL: https://xmt.paze.com/fp/check.js;CIS3SID=65451A9C5512AB37C7D3355466609A03?org_id=dubkxo24&session_id=bc_checkout_001035dht&nonce=c49ac9e5c5969fd9

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

699b5b01dc3b499d73e0b3c26011fe365b5e343889dd807d43e5f0bd4b8d1d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xmt.paze.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Sun, 28 Jan 2024 02:18:46 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK top_fp.html;CIS3SID=65451A9C5512AB37C7D3355466609A03 Show response
xmt.paze.com/fp/ Frame 5B9E 89 KB
13 KB 15ms
15ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://xmt.paze.com/fp/top_fp.html;CIS3SID=65451A9C5512AB37C7D3355466609A03?org_id=dubkxo24&session_id=bc_checkout_001035dht&nonce=c49ac9e5c5969fd9

Requested by

Host: xmt.paze.com
URL: https://xmt.paze.com/fp/check.js;CIS3SID=65451A9C5512AB37C7D3355466609A03?org_id=dubkxo24&session_id=bc_checkout_001035dht&nonce=c49ac9e5c5969fd9

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e0bd8f8f9753c5c0dbf6ced2dc4701a27462b1284ff9b56186f2a733fb0207fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xmt.paze.com/fp/tags?org_id=dubkxo24&session_id=bc_checkout_001035dht
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Sun, 28 Jan 2024 02:18:46 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
204 clear.png Show response
xmt.paze.com/fp/ Frame CF0C 0
218 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://xmt.paze.com/fp/clear.png?org_id=dubkxo24&session_id=bc_checkout_001035dht&nonce=c49ac9e5c5969fd9&ja=333a3c362e2661373c3026703d363026643d313e30327a3b303830246b6c3d313c303078313030302e737a7b37327030246e7a723d3b2c313630322c313a30322e3b3438302e3b383030263330302c333530243134323a2e3932323a26302c3a266d743d6338383a6160616e613f37666e6c646633656138343331343f30346033633f612467643d342c7363643d30342664683f6a7e76787327394b25324c253246786f742e786178672461676d27384c66702f324674616573253b466d706d5d616427394e6475686b786f323625323e736771796b676e5d636e25334e62635f636a6563636f77765532383132393f64687e26706c3d312670603d353a6c303061633c6863666865313133603733303763673a663b6266683864342c68683d636030356c653a363a3b3b303b3c6e656169303765373b326631323a3639326e266879653d57636e646f777125323831332460716a3d4162786f6d6f2532303130302662736d773755616e66657d7326607362753d416872676d6724646a6b3d362c64646d3738266e6d76703d382676786e3f4d7570657a65253846416d737665726c616f2467637c6870373e303039643163326065633832673469613d36323a3232616e313535343231666c34373a32333c31663c6f616138346463393661666a64353039333b313b3c6b2664783d6874747273253b4127304c273a4661626f636b6575742e70637a6526636d6f2f304e2672377a6c756d696e5f666e6173602537476c636473672b7a6c756d696e5f776b6e646777715d67676c6963557a6c617365722535476661647367237a6e7d676b645561646562655f6161726f6a6176273f476e616e796f2170667567696e5d717561636976636f6d25374f6c616c796521706c776769665f716a65616377637c6f25354f66616c736721706475656b645d7a6563667a6c617365722535476661647367237a6e7d676b6455766c695f706c617b65722d3547646b6e7b65237a667567636e5f646574616c7e7227374f64696c716f2b706c7f67696e5f71766757766b677d677a25374f6c616c796521706c776769665f68637c632d35476c6b6c736f26676c5f613d776d62656e5d676a474e2f38303124302532302a4f706d6e454e2f303845512f3830322430253230416872676d6b77672b5f65604d4625323a474c534c2732304d5327303a33263027383a284f7a656e474c2732304d5327303a4544534e2f38304559253230312c30253a30416a786d65697767235765684b69745767624b617427303a556d6245464b4e4746455f696e7174616663676655637a72637379253348253230455a545f6a6c676c6e5d65696c676b7825394225323047585457636d6e65705762776c6c65725568616c665d666c6761762739402d32324f52545f6c6c6f61745d626c6d6e662739402d32324f52545f6c7261675f6665707c68273148273a3047525e5f7362616465725d7465707477706f5d646f662f39422538304558545d7465707477706f5d6b6f6f7a78657379696f6e5f6070746b2531402f3038455a5e55746572747572655d636f657070677971616f6c55786774692533422530304550545d766f7a7c75706f556669667465725f636e697b6f76706572616327394825323a4558545f7152474a2531402f30384f475955656c6f6d656e745d696e6c657a5d7f6b667427394825323a4f45535f64626f5772676c6e677a5f6f637a6d617a2533422530304f4d535d717e63666463786e5f646f726976617669766d73273148273a304d4f595f746f78747572675f66646f63762f314a25303a454553557465787477726557666e6d6b76576c6b646f61722f33422532324f455b5f766772767d72675562616c6c5f666c6f6374253b4227303a4d4d535d7e6f78747f72655f68636c6657666e6d6b76576c6b646f61722f33422532324f455b5f746778766d785d6b787261735f6f626a6763742d33402738325f45404d465f63656c6f725f6075666e65705d6c6e6761762f3942253830574542454c5f6b6f6f7278677b73676e55746572747572655d61737c63273148273a30554f48474c55636f6d707065737b65665d7e67707477786f5f657e632533422732305f454045465d6b6f6f7a7865737965645f746778747d72675d6f766b3127394825323a574542474e5f63676d72706f717b6566557e65787e7572655f7133746b2531402f30385747484d4c5f696f6d70726773736d645d766f7a7c75706f5573337e635f73726562253b4227303a554d4245465564656875675f72676e646d726770556b66666d2f3942253830574542454c5f6c657276625d7c657a7e7f72652f334225323257454a474e5d6e7069775d687f66666f72732533402532385747404d4e576c6d796f5f63656e7465787625334a2530325d474a474e5567756c7e695f64726377313e26656e556a3533646c3f64666c343734306664633c3035673c306a65326f3d346438353534363330346c34303733247f676e7c37496e7e656c253232496e6b2e24756d6e7a3d4b647e656c2f323049726b73253a304d726f6c4f4c27383a456e6d696e65266163643530&jb=33373f2464713f47657a69666c61253244352e382530322255616e66657d732538304e5425303031382e322739402d32325d636e363e253342253030783e342b273832497072666f5765684b6974253046353b372c313c273a302a4142544d462532432530306c616b672738324f65616165292538304368726d6d652d324433383226302c3c3a393924323234253030536966637063273a4637393d2e333c

Requested by

Host: xmt.paze.com
URL: https://xmt.paze.com/fp/check.js;CIS3SID=65451A9C5512AB37C7D3355466609A03?org_id=dubkxo24&session_id=bc_checkout_001035dht&nonce=c49ac9e5c5969fd9

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xmt.paze.com/fp/tags?org_id=dubkxo24&session_id=bc_checkout_001035dht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 02:18:46 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=95
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK clear.png
dubkxo246o4fpdz2sdlqyw3d7pdcbfqw4cixh3afc49ac9e5c5969fd9am1.e.aa.online-metrix.net/fp/ Frame CF0C 81 B
438 B 80ms
12ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dubkxo246o4fpdz2sdlqyw3d7pdcbfqw4cixh3afc49ac9e5c5969fd9am1.e.aa.online-metrix.net/fp/clear.png?org_id=dubkxo24&session_id=bc_checkout_001035dht&nonce=c49ac9e5c5969fd9&di=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xmt.paze.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Jan 2024 02:18:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK check.js Show response
xmt.paze.com/fp/ Frame A960 208 KB
29 KB 18ms
18ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://xmt.paze.com/fp/check.js?&pageid=99998&session_id=bc_checkout_001035dht&org_id=dubkxo24&nonce=c49ac9e5c5969fd9

Requested by

Host: xmt.paze.com
URL: https://xmt.paze.com/fp/HP?session_id=bc_checkout_001035dht&org_id=dubkxo24&nonce=c49ac9e5c5969fd9&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

bae1fc5cc184a0072a81fda4eef9e557e089258627caaa2bdd19fdd2c6985ab5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xmt.paze.com/fp/HP?session_id=bc_checkout_001035dht&org_id=dubkxo24&nonce=c49ac9e5c5969fd9&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 02:18:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
tmx-nonce: c49ac9e5c5969fd9
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=97
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
thm.visa.com/fp/ Frame D1EC 0
387 B 12ms
12ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://thm.visa.com/fp/clear.png?org_id=ge4f5xfn&session_id=bc_checkout_001d9ehhh&nonce=3ad572257c26fc3c&jf=31342c6e7b623f3d3361373b6538623639393f3c3b313032643e35616b6b316332383834623036

Requested by

Host: thm.visa.com
URL: https://thm.visa.com/fp/ls_fp.html;CIS3SID=2BFB97CDF76E39F2B277913019B54499?org_id=ge4f5xfn&session_id=bc_checkout_001d9ehhh&nonce=3ad572257c26fc3c

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thm.visa.com/fp/ls_fp.html;CIS3SID=2BFB97CDF76E39F2B277913019B54499?org_id=ge4f5xfn&session_id=bc_checkout_001d9ehhh&nonce=3ad572257c26fc3c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Jan 2024 02:18:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
xmt.paze.com/fp/ Frame B3FB 0
387 B 12ms
12ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://xmt.paze.com/fp/clear.png?org_id=dubkxo24&session_id=bc_checkout_001035dht&nonce=c49ac9e5c5969fd9&jf=31342c6e7b623f336b663233376561333131663c62613132666e36606c6930303b376561393665

Requested by

Host: xmt.paze.com
URL: https://xmt.paze.com/fp/ls_fp.html;CIS3SID=65451A9C5512AB37C7D3355466609A03?org_id=dubkxo24&session_id=bc_checkout_001035dht&nonce=c49ac9e5c5969fd9

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xmt.paze.com/fp/ls_fp.html;CIS3SID=65451A9C5512AB37C7D3355466609A03?org_id=dubkxo24&session_id=bc_checkout_001035dht&nonce=c49ac9e5c5969fd9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Jan 2024 02:18:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=96
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

tccl.min.js Show response
img1.wsimg.com/signals/js/clients/tccl/ Frame B14E
Redirect Chain

https://img1.wsimg.com/traffic-assets/js/tccl.min.js
https://img1.wsimg.com/signals/js/clients/tccl/tccl.min.js

46 KB
13 KB

20ms
20ms

Script
text/javascript

23.53.42.160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/signals/js/clients/tccl/tccl.min.js
Protocol: H2
Server: 23.53.42.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-42-160.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 53861a013923acea8c682704f3fbcaf994d38a0d2c857e9ba45ae77483b5baf0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.poynt.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: CxfOTvM4.aC7Uz8TppF8SLs_Z6HB3PMp
content-encoding: gzip
date: Sun, 28 Jan 2024 02:18:46 GMT
x-amz-request-id: 04MS4NEJ43VKP1AH
x-amz-server-side-encryption: AES256
x-amz-meta-version: 2.0.2
content-length: 13404
x-amz-id-2: 1TUBv93eY/GzUa7nL8zLwuhJlPwHMfDX34ePaoFPGtEn2etCTtC52iadfEIetUsWzKoG4adADKCvFeV1kd0AOA==
last-modified: Wed, 18 Oct 2023 16:44:03 GMT
etag: "8e70743bdf9b3d3adbb26471c84a006c"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jan 2024 02:48:46 GMT

Redirect headers

location: https://img1.wsimg.com/signals/js/clients/tccl/tccl.min.js
access-control-allow-origin: *
date: Sun, 28 Jan 2024 02:18:46 GMT
cache-control: max-age=31536000
timing-allow-origin: *
content-length: 0
expires: Mon, 27 Jan 2025 02:18:46 GMT

GET
H3 200 enterprise.js Show response
www.google.com/recaptcha/ Frame B14E 1 KB
915 B 30ms
30ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=6LcdO24hAAAAABf5vhNrKlG7hX8gF_wM8xdtIiee

Requested by

Host: cdn.poynt.net
URL: https://cdn.poynt.net/collect/static/js/main.baaf5f56.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8f762fae318f63852f4371fed398621c7ee8eb13265eab5ec03cc59ea04c4a2e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.poynt.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:18:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sun, 28 Jan 2024 02:18:46 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=2BFB97CDF76E39F2B277913019B54499
thm.visa.com/fp/ Frame 5314 0
400 B 16ms
16ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thm.visa.com/fp/clear1.png;CIS3SID=2BFB97CDF76E39F2B277913019B54499?org_id=ge4f5xfn&session_id=bc_checkout_001d9ehhh&nonce=3ad572257c26fc3c&jf=363332247b696655786e64377464725f51725278596556447061683a40654e552c7369645f6c617c6d3533353a343c303a393836267969645f7471706d357f676030676b64716b2c73696e5f6b65793533383d3131323b313836323d3861383c343863653b64383a3833323c32303263323c343869653364303b3039383f32313e303830323e6e35633f346635366b356d306d353a6f646d6130683b6636393864666339636b3c303a353c603f33616c3d35363e663165336b376c3c6d376038323b33353b39396233616534373d633a303163306f663839676c6864343b646136323037306a6d36366e333d64676969643932356233363b376b383a64633b3a3d663b3f6b62267969645f736167353b3836343a303a31323a333239683365336169356d696a63313a363b633b326b65643b6239363769396e3839643669636d61333f3c383838366531393e63383b3930363e343c32323332303238313030643f366b6d3c3b633c323138616b326430693231613169623f693e376469306d3867683b39313d623337666e386d393f30303e3b3b65336e6b343839656130302e73616e7a3f32

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thm.visa.com/fp/tags?org_id=ge4f5xfn&session_id=bc_checkout_001d9ehhh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Jan 2024 02:18:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=96
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=65451A9C5512AB37C7D3355466609A03
xmt.paze.com/fp/ Frame CF0C 0
400 B 16ms
16ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xmt.paze.com/fp/clear1.png;CIS3SID=65451A9C5512AB37C7D3355466609A03?org_id=dubkxo24&session_id=bc_checkout_001035dht&nonce=c49ac9e5c5969fd9&jf=36333c247b696655786e64377464725f587859626946497d567c4e57326e7a422c7369645f6661746d3d33353a343c303a393836267969645f747b70653577676030676b64716b2c73696e5f6b65793f33303d3931323b313836323d3861383c343863653164303a3033323c32303263323c34386965336430313031383732313e303830323e3f65333a666335663664613c35373238643e31613c6c37373b33326139606163313832363e346b39316f3234626c656236623465646932643b32306938306c3c663538353034636661653d6130633e673c3060683a33656c636136663261393066673a6e306939306b32333238646164306636336d3030333c613e63373d3b36267969645f736b673d3b3036373a303a30376b6f313633393963353761353d6630666f356b6137323836353f363766326633616e64353633633b39346b6f35326b616364306038663d66323b3c313f38343a3832313a303835386338396a6363376f67313561683a383069333031623530343d633b633c3230333b6c6f63316c323633663633626961643439363b35333e3e616668613126736b66723530

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xmt.paze.com/fp/tags?org_id=dubkxo24&session_id=bc_checkout_001035dht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Jan 2024 02:18:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=95
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=BFFD47FFF5241FEF0199B61B71C077F2
h.online-metrix.net/fp/ Frame 747C 0
400 B 16ms
16ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear1.png;CIS3SID=BFFD47FFF5241FEF0199B61B71C077F2?org_id=dubkxo24&session_id=bc_checkout_001035dht&nonce=c49ac9e5c5969fd9&jf=36333c247b696655786e64377464725f6942524251454a38615048654d5362712c7369645f6661746d3d33353a343c303a393836267969645f747b70653577676030676b64716b2c73696e5f6b65793f33303d3931323b313836323d3861383c343863653164303a3033323c32303263323c34386965336430313031383732313e303830323e32323633303261363b3131386332643c373a33673a3333373b343036333233343c3461333f303b65306c3b66343934336237303065396537373a3a3e353b3f6c36613e64393938616332693661366f613d61643d3963326e306237386661336d6160346861316231693a39613e613430303b3031313137353b633d34373c3d38267969645f736b673d3b3036373a303a30353e3a39376c38636430663961693235343e376c313b6b3b336368323333656730626e6532676c673e34356f6e313639613031633138656b343732333b3862323a3832313a306438386664653c35313b3c323030366c3e32623c64333538666538693660673a63693130333f646539333336373a64376a3632613f633f323b6c3231636f393126736b66723531

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=65451A9C5512AB37C7D3355466609A03?org_id=dubkxo24&session_id=bc_checkout_001035dht&nonce=c49ac9e5c5969fd9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Jan 2024 02:18:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=F8E6F1F0F5BC53F7967BC1F12CDA6BE7
h.online-metrix.net/fp/ Frame 5D49 0
400 B 15ms
15ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear1.png;CIS3SID=F8E6F1F0F5BC53F7967BC1F12CDA6BE7?org_id=ge4f5xfn&session_id=bc_checkout_001d9ehhh&nonce=3ad572257c26fc3c&jf=363332247b696655786e64377464725f5b6d674050556738657e4b604b3859672c7369645f6c617c6d3533353a343c303a393836267969645f7471706d357f676030676b64716b2c73696e5f6b65793533383d3131323b313836323d3861383c343863653b64383a3833323c32303263323c343869653364303b3039383f32313e303830323e38356139613436653a65383f3866326c3139363b6f6866323b633563336e303e3c3f313433373837343f3f64616e666662666c626a3a3a3a6132603c323b6e3e623039623438643b626b3d3866346e333e36663a3d663838643364343a663c6c3f366139343837353f33373333373566376e64313c6a3a606b373a3635693a63267969645f736167353b3836343a303a31323a6e39326c616465383c333e3830303a39673863663d6835343a646662373b37396c3e32366b663831353d6f65373b646238616e623d3e31643b38336930666b3e303238313030626a64396e31323a6c353b6335393c313269343435366964396d6e60373a34306232323a373469346534656b663d6e3f673a38343b38336f3e666369663836652e73616e7a3f33

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=2BFB97CDF76E39F2B277913019B54499?org_id=ge4f5xfn&session_id=bc_checkout_001d9ehhh&nonce=3ad572257c26fc3c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Jan 2024 02:18:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 recaptcha__nl.js Show response
www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/ Frame B14E 483 KB
193 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__nl.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6LcdO24hAAAAABf5vhNrKlG7hX8gF_wM8xdtIiee

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bedf519e70e6c9c28f6cbe85ab9d3bde27c54831d3b1eaf1c0c08d5d83a12a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.poynt.net/
Origin: https://cdn.poynt.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:43:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 354946
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 197938
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 05:28:49 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Jan 2025 23:43:00 GMT

GET
H2 200 event Show response
events.api.secureserver.net/t/1/tl/ Frame B14E 43 B
280 B 231ms
231ms Fetch
image/gif 2a02:26f0:1700:11::b856:678c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://events.api.secureserver.net/t/1/tl/event?cts=1706408326453&dh=cdn.poynt.net&dr=https%3A%2F%2Fpatient.moolah.cc%2F&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36&vci=1025571796&cv=2.0.2&z=946136085&vg=27bbf99b-a862-5543-acb8-3e54557de875&vtg=27bbf99b-a862-5543-acb8-3e54557de875&dp=%2Fcollect%2Findex.html&ap=PoyntCollect&trfd=%7B%22ap%22%3A%22PoyntCollect%22%7D&hit_id=477dab9c-15a4-5aeb-8c56-bab2956075bb&ht=pageview

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:1700:11::b856:678c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.poynt.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
date: Sun, 28 Jan 2024 02:18:46 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/gif
access-control-allow-origin: https://cdn.poynt.net
cache-control: private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 43
x-xss-protection: 1; mode=block

GET
H2 200 event Show response
events.api.secureserver.net/t/1/tl/ Frame B14E 43 B
280 B 111ms
111ms Fetch
image/gif 2a02:26f0:1700:11::b856:678c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://events.api.secureserver.net/t/1/tl/event?cts=1706408326454&dh=cdn.poynt.net&dr=https%3A%2F%2Fpatient.moolah.cc%2F&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36&vci=1025571796&cv=2.0.2&z=1003326668&vg=7afa2bdd-0318-543f-9d04-a7d28bfc0ce7&vtg=7afa2bdd-0318-543f-9d04-a7d28bfc0ce7&dp=%2Fcollect%2Findex.html&ap=PoyntCollect&trfd=%7B%22ap%22%3A%22PoyntCollect%22%7D&hit_id=338b96ef-8a26-5175-ab00-43de587b65c1&ht=perf&tce=1706408326085&tcs=1706408326085&tdc=1706408326398&tdclee=1706408326398&tdcles=1706408326398&tdi=1706408326392&tdl=1706408326142&tdle=1706408326085&tdls=1706408326085&tfs=1706408326085&tns=1706408326084&trqs=1706408326086&tre=1706408326118&trps=1706408326117&tles=1706408326398&tlee=1706408326398&nt=navigate&nav_type=hard

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:1700:11::b856:678c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.poynt.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
date: Sun, 28 Jan 2024 02:18:46 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/gif
access-control-allow-origin: https://cdn.poynt.net
cache-control: private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 43
x-xss-protection: 1; mode=block

GET
H/1.1 204
204 clear3.png;CIS3SID=65451A9C5512AB37C7D3355466609A03 Show response
xmt.paze.com/fp/ Frame CF0C 0
218 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://xmt.paze.com/fp/clear3.png;CIS3SID=65451A9C5512AB37C7D3355466609A03?org_id=dubkxo24&session_id=bc_checkout_001035dht&nonce=c49ac9e5c5969fd9&je=34342c24626161373b26626273626b3d2735422d3540273830522530382f32433a253243313530363c303a3138343a30302f3f44253f4426626871626b57696c666f7a3530

Requested by

Host: xmt.paze.com
URL: https://xmt.paze.com/fp/check.js;CIS3SID=65451A9C5512AB37C7D3355466609A03?org_id=dubkxo24&session_id=bc_checkout_001035dht&nonce=c49ac9e5c5969fd9

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xmt.paze.com/fp/tags?org_id=dubkxo24&session_id=bc_checkout_001035dht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 02:18:46 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=94
Content-Type: text/javascript;charset=UTF-8

GET
H3 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame F288 45 KB
28 KB 42ms
42ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcdO24hAAAAABf5vhNrKlG7hX8gF_wM8xdtIiee&co=aHR0cHM6Ly9jZG4ucG95bnQubmV0OjQ0Mw..&hl=nl&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&cb=ii0i6osshxx2

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__nl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0173006c689cdf840d09b62b806e341e52c36facfc5829a8340cce1f035243cf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wRTLI03Kei4EAupAs6mpIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.poynt.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-wRTLI03Kei4EAupAs6mpIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 28 Jan 2024 02:18:46 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/ Frame F288 55 KB
24 KB 19ms
19ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcdO24hAAAAABf5vhNrKlG7hX8gF_wM8xdtIiee&co=aHR0cHM6Ly9jZG4ucG95bnQubmV0OjQ0Mw..&hl=nl&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&cb=ii0i6osshxx2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:11:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 417
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 05:28:49 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Jan 2025 02:11:49 GMT

GET
H3 200 recaptcha__nl.js Show response
www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/ Frame F288 483 KB
193 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__nl.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bedf519e70e6c9c28f6cbe85ab9d3bde27c54831d3b1eaf1c0c08d5d83a12a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:43:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 354946
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 197938
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 05:28:49 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Jan 2025 23:43:00 GMT

GET
H3 200 MxL-5nwwlOXLnw48P5Qma8MW4lQG7Q2rhXcL3r2wtjE.js Show response
www.google.com/js/bg/ Frame F288 17 KB
7 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/MxL-5nwwlOXLnw48P5Qma8MW4lQG7Q2rhXcL3r2wtjE.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__nl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3312fee67c3094e5cb9f0e3c3f94266bc316e25406ed0dab85770bdebdb0b631

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcdO24hAAAAABf5vhNrKlG7hX8gF_wM8xdtIiee&co=aHR0cHM6Ly9jZG4ucG95bnQubmV0OjQ0Mw..&hl=nl&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&cb=ii0i6osshxx2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 06:13:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72343
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6929
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 26 Jan 2025 06:13:03 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame F288 2 KB
2 KB 19ms
19ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 19:56:54 GMT
x-content-type-options: nosniff
age: 454912
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 29 Jan 2024 19:56:54 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F288 15 KB
15 KB 20ms
19ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 05:31:50 GMT
x-content-type-options: nosniff
age: 506816
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Jan 2025 05:31:50 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F288 15 KB
15 KB 23ms
22ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 09:09:14 GMT
x-content-type-options: nosniff
age: 407372
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 09:09:14 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame F288 102 B
135 B 28ms
28ms Other
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=nl&v=QUpyTKFkX5CIV6EF8TFSWEif

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e8595d4c6e0bd33129c56a7d081de2e5cf93687b14ccf24ca27d8dabe35b6390

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcdO24hAAAAABf5vhNrKlG7hX8gF_wM8xdtIiee&co=aHR0cHM6Ly9jZG4ucG95bnQubmV0OjQ0Mw..&hl=nl&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&cb=ii0i6osshxx2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 02:18:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sun, 28 Jan 2024 02:18:46 GMT

GET
H/1.1 200
OK ARF;CIS3SID=728D4802EE80F13E044681AAD1757536 Show response
xmt.paze.com/fp/ Frame A960 35 B
557 B 14ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://xmt.paze.com/fp/ARF;CIS3SID=728D4802EE80F13E044681AAD1757536?org_id=dubkxo24&session_id=bc_checkout_001035dht&nonce=c49ac9e5c5969fd9&pageid=99998&sera_parametere=BUQEBwJfUQ1SUQkODgVcC1EFW1kHWlNQVFMJDg5TAlhRBAtXAAtVVwJTABBKFVlQDURMFRAcVnFGAnsTDiJBC1NeSgQPXAhQDUFKEwoiQQ4hBBxWJxxXBQtaSkJKQ1d9RgN7RFR9Q1EKCAtQDgdSDVcGWAQGDFIAVw1YUwlRUQtWAA9TVAgGUwAFDQUNVVIKAVYfDwxXBlBeVg0PWAVdXFZXDFhVAANRWhNTRQRWHFpSV18EB11WVgJXCQYMVQVcBgRdVlsIBFBTVggHWlZUCwIND1YADVMTAlwEBwtUUw1FXVBcTghDRQoIAA8AX1wfC18ERwEEJl0RWlRTHwQSBFIGCUcBVhYINFxXUlYRFx8AVgQVB0M6VgJZVVRYBQ8fBkAEU1U%3D&count=0&max=0

Requested by

Host: xmt.paze.com
URL: https://xmt.paze.com/fp/check.js?&pageid=99998&session_id=bc_checkout_001035dht&org_id=dubkxo24&nonce=c49ac9e5c5969fd9

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

4d3901f77cf33fe6a328fe95f1c3c5def57190c82abb958316b9db54e8a413a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xmt.paze.com/fp/HP?session_id=bc_checkout_001035dht&org_id=dubkxo24&nonce=c49ac9e5c5969fd9&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Jan 2024 02:18:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=93
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
thm.visa.com/fp/ Frame 5314 0
387 B 12ms
12ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://thm.visa.com/fp/clear.png?org_id=ge4f5xfn&session_id=bc_checkout_001d9ehhh&nonce=3ad572257c26fc3c&jac=1&je=373a39242e6a64643733266066683d393136393f3964606c3b3f33356f39363768613735346a623b316a613638613026686c7e6e3d3a3a32373a3b267f6d613f313d2c3c382c333e2e333c26706d3d666f2e6a6976717e3f2d37402f38326c6f76656c253a322d3b49332c3a322d32412f3832737e617475732d323a2d3b432738306b6863786d696e6d253232253f442e697d666a3761693760336f36653c3831636369633e6e3a6335693331323b393c33343c623563333937313e6a366632666c343a3c3a3033326665346638336e6b6c3a363f3b2e657a3937633139633465303d396d303966323d356e33646e683064323837613930343c6930606769316b33602c7f616837253742253a32697a6b6a6b7e676b7477786f253238253341253a322d3a3a273049273a3260637e6e6579732532322d33492d3a302738302d32412f38326278616e64732d323a2d3b43273f402d35462f384325383266756c64566d7a7b6b6d644e6173762f38322539412535422d354c2d3a41273830656f606366652538322533416e61647b6d273049273a326f656e656c2f3232253349253a3a2d30302f304b2530387a6c617e666f726d2d323a2d3b432738302d32302f3843253832706c617c66677a6554677871616f6c2f38322539412532322d323a2d3a412738307f6f753c3e25323825334166696c7b6d2d35462c77696c3f2f3d4225383262726166647b2d3a302739432d35402f3f44253843253232656f6a6164672738302d33436c6b6c736f253243253a3278646976646570652530382f33412f323225323a253f4c

Requested by

Host: thm.visa.com
URL: https://thm.visa.com/fp/check.js;CIS3SID=2BFB97CDF76E39F2B277913019B54499?org_id=ge4f5xfn&session_id=bc_checkout_001d9ehhh&nonce=3ad572257c26fc3c

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thm.visa.com/fp/tags?org_id=ge4f5xfn&session_id=bc_checkout_001d9ehhh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Jan 2024 02:18:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=95
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
xmt.paze.com/fp/ Frame CF0C 0
387 B 12ms
12ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://xmt.paze.com/fp/clear.png?org_id=dubkxo24&session_id=bc_checkout_001035dht&nonce=c49ac9e5c5969fd9&jac=1&je=373a39242e6a64643733266066683d393b36313f3164606c3b3f33356f39363768613735346062333162613638613026686c7e6e3d3a3a31323a3126776d693f313d2c3c382c333e2e333c26706d3d6c6f266a6176717e3f2d37402f38326c6f76656c253032253b41332c3a322d32412f3832737e617475732732322d33432738306b6863786d696e6d253232253544266975666a3761693760336f36653c383163636363366e326335693331323b393c33343c623563333337393e62366632666c343a3c3a303332666534663233666b643a363f3b2e657a393763313963346530373965303166323d356e33646e68306432383761393a34346938606769316b33602c7f616837253742253032617a636a6b7e676b7477786f253238253341253032253a32273049273a3260637e6e6579732532322733412d32302738302d32412f38326278616e64732732322d3343273f402d35462f384325383266756c6e56657a736b6d644e6173762f38322539412535422735442d3241273830656f6063666525383225334164616c7b65273049273a326f656e656c2f323225334325323a2530302f304b2530387a6c617e666f726d2732322d33432738302d32302f3843253832706c6176666f7a6d54677871616f6c2f38322539412532322732322d32412738307f6f753c3e25323825334166636c736d2535462c77696c3f2f3d422538326272616c64732d32302739432d35402f3f442538432532326f6f62616c672738302d33436c6b6c736f25324325303270646176646570652530382f33412f323225323025374c

Requested by

Host: xmt.paze.com
URL: https://xmt.paze.com/fp/check.js;CIS3SID=65451A9C5512AB37C7D3355466609A03?org_id=dubkxo24&session_id=bc_checkout_001035dht&nonce=c49ac9e5c5969fd9

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xmt.paze.com/fp/tags?org_id=dubkxo24&session_id=bc_checkout_001035dht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Jan 2024 02:18:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=92
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear3.png;CIS3SID=65451A9C5512AB37C7D3355466609A03 Show response
xmt.paze.com/fp/ Frame CF0C 0
218 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://xmt.paze.com/fp/clear3.png;CIS3SID=65451A9C5512AB37C7D3355466609A03?org_id=dubkxo24&session_id=bc_checkout_001035dht&nonce=c49ac9e5c5969fd9&jac=1&je=303239242e626a797e706e37253742253032322d3230273943392530492f32323e253232253141312d32412738303f2530382f334139253243253032392d3230273943392530492f32323b302532322733413936273049273a32333b2f32322f334131253043253a3233302f303a25314b3b253249253232313725323a2531433b273a4327383832342f323225334332253a43273038313b2530382f33413b253243253032333e2530302f314931273849253238373225323025334931273049273a323a322f32322f334131253544

Requested by

Host: xmt.paze.com
URL: https://xmt.paze.com/fp/check.js;CIS3SID=65451A9C5512AB37C7D3355466609A03?org_id=dubkxo24&session_id=bc_checkout_001035dht&nonce=c49ac9e5c5969fd9

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xmt.paze.com/fp/tags?org_id=dubkxo24&session_id=bc_checkout_001035dht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 02:18:46 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 204
204 clear3.png;CIS3SID=65451A9C5512AB37C7D3355466609A03 Show response
xmt.paze.com/fp/ Frame CF0C 0
218 B 13ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://xmt.paze.com/fp/clear3.png;CIS3SID=65451A9C5512AB37C7D3355466609A03?org_id=dubkxo24&session_id=bc_checkout_001035dht&nonce=c49ac9e5c5969fd9&je=37352c24626161373b26626273626b3d2735422d35402738304f2530382f32433b303038253043312d3546273f462e626a79686b5f636e6465783f31

Requested by

Host: xmt.paze.com
URL: https://xmt.paze.com/fp/check.js;CIS3SID=65451A9C5512AB37C7D3355466609A03?org_id=dubkxo24&session_id=bc_checkout_001035dht&nonce=c49ac9e5c5969fd9

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xmt.paze.com/fp/tags?org_id=dubkxo24&session_id=bc_checkout_001035dht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 02:18:47 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
Content-Type: text/javascript;charset=UTF-8

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
patient.moolah.cc/	1969-12-31 23:59:59	Name: .AspNetCore.Antiforgery.9fXoN5jHCXs Value: CfDJ8Bce-BDY_WFOvvXv45nInWZbzyKwu5Hjh2YmsTBSd1lAiLWiM3fBAUVcjxWUF723dhR8rir6m2XGKwMtKJOsxYQH9y38xcOBLaCuCJgzRf3I4wGvbhEscaO3AyvrFBAHnJ_QY_w8TImMyoZV17qSF8s
.patient.moolah.cc/	1969-12-31 23:59:59	Name: ARRAffinity Value: 65f8186d9c84064d1cd01131f7eb9bcb94b8cc785e23815e98353abc1486973e
.patient.moolah.cc/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 65f8186d9c84064d1cd01131f7eb9bcb94b8cc785e23815e98353abc1486973e
.www.moolah.cc/	1970-01-20 18:00:10	Name: __cf_bm Value: MF8uVrrfGZl2mDEnbEm2_iDsHVz.MmXhAQfEYgHAFFc-1706408322-1-AaPD8y5CVEIntITUziDS1qH73BS0G0Rjojc9Nm1X8sUONKioMEIkpaTU/UZPzTZm94h0yf85N/h3yBg0U2jhYmA=
patient.moolah.cc/	1970-01-21 02:45:44	Name: mp_b3053c0785212011971a15669b094404_mixpanel Value: %7B%22distinct_id%22%3A%20%22%24device%3A18d4ddcac46a9d-0bdd906517dd37-6b305750-1d4c00-18d4ddcac46a9d%22%2C%22%24device_id%22%3A%20%2218d4ddcac46a9d-0bdd906517dd37-6b305750-1d4c00-18d4ddcac46a9d%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
patient.moolah.cc/	1970-01-21 02:45:44	Name: ai_user Value: KJ0A5H5He4GXlsPriqcMUt\|2024-01-28T02:18:44.174Z
.checkout.paze.com/	1970-01-20 18:00:10	Name: __cf_bm Value: kvevk6xrQ0g6hHolw9W6751ffX_9.vGmf5J3YhjpRAQ-1706408324-1-ATbUVML7wnpuDy5WXgavnSnccTYwvT6y282QomY8odD1BYP1iUpSAS0JTIzbYJ05nsmDT5PdRDqc0VatRqnudoU=
.checkout.paze.com/	1969-12-31 23:59:59	Name: __cfruid Value: c0d5d9a336d6374ceb07c312d49a9eeb5b53fcfd-1706408324
.google.com/	1970-01-20 22:23:39	Name: NID Value: 511=MMxJK2QTteEwaZssaVIOTkD7Km61uu1cYpFEu7X_Ho-Zye5AZwPc25XV1E0sGPWjD3RZaC6UfB0E-qdA8yqTYLVkGoSnVLxqYSmTZBe11JTqJfBG7QzdVpF-ykYwbfcB7JhM9H-neEiDmO9SGkse5sNdfXLal48VVsOESaoppqI
patient.moolah.cc/	1970-01-20 18:00:10	Name: ai_session Value: 8AQfGka7aXmUUdQlopvpnV\|1706408325307\|1706408325307
xmt.paze.com/	1970-01-21 03:36:08	Name: thx_guid Value: 7998ebfb715d195d250ee7829baee70c
thm.visa.com/	1970-01-21 03:36:08	Name: thx_guid Value: 2f85d4a391f0b2b863678f04718d95e6
.paze.com/	1970-01-20 18:00:08	Name: x-via-hint Value: D9D9F7D820693030312E762E303030BF0058567B3030317D3A414149335164354D774F557962556E6F434E615343523470666967744C46377668704D7A556C72736C54646C5036446859334F6F6D4C33724173745A4D6A73376B486C546553676F44544A73386B303DFF
h.online-metrix.net/	1970-01-21 03:36:08	Name: thx_global_guid Value: 828cce2571b84ff88ca8e5ca14e73ada

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdn.poynt.net
centralus-2.in.applicationinsights.azure.com
checkout.paze.com
dubkxo246o4fpdz2sdlqyw3d7pdcbfqw4cixh3afc49ac9e5c5969fd9am1.e.aa.online-metrix.net
events.api.secureserver.net
fonts.gstatic.com
ge4f5xfnbegazpkdt6yuqw7ptjsamt455mtqb7o53ad572257c26fc3cam1.e.aa.online-metrix.net
h.online-metrix.net
img1.wsimg.com
js.monitor.azure.com
ka-p.fontawesome.com
kit.fontawesome.com
patient.moolah.cc
pay.google.com
play.google.com
services.poynt.net
thm.visa.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.moolah.cc
www.payment.minal.dental
xmt.paze.com
104.18.1.217
104.43.254.102
141.193.213.20
18.232.46.218
20.118.198.33
23.53.42.160
2606:4700:4400::ac40:93bc
2606:4700::6810:5814
2620:1ec:bdf::45
2a00:1450:4001:80b::200e
2a00:1450:4001:811::2008
2a00:1450:4001:828::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2003
2a00:1450:400c:c02::5c
2a02:26f0:1700:11::b856:678c
2a06:98c1:3121::3
65.9.95.49
91.235.132.130
91.235.133.67
91.235.134.131
0173006c689cdf840d09b62b806e341e52c36facfc5829a8340cce1f035243cf
02e9fa9849847f3860d9c3eed7bec7dc3a8c47c74fed75e636fcd78a599d2cf1
0407d0916e78508e459622b4e5c5d71cec71fd3ac89248479e8794faa626f89e
04574b3686c0de47d5dc44d44981d016ee54f267c260fab83cfc67494be63164
161d71a08a7a3926ac154358d7ed02d851040ecae624154001ae8e2980c75190
16f96507cbfcd3bdc592c46956ebc4d640a7be89d670ab80c2ec2574715069d5
19e90ebccf9d2ff6c5e30b8127c754591d24adf28002986833aa34ba126587d4
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1f4e21feed5736f48ba31de512e65b3c0a0e472b04e930940d9656e0f691017a
2068c1b1d70c20a53aef9e1817610fefb9e67648d2966aaa2164f42c722ec124
2a2d69b63163919542fbb8c2d64a9ebd81db9efebb7d10b968d458c0dd4c9abe
2b3cf99ce39e5fc49169454f5639b5341dba747f16e3d01a5b9ebf50792e9a1c
2c01d0b57063d9f32c96ed1a18f7590b596a4084213f551e1f6e03ab6b38792c
2d5fa531e30ac3debad673003128f1ca9ad3c964ef17b547377e7ed09bd4504f
2f06451e2da9bcec5593f0e5f8be5aaf93a584def5560838666f6ddcc0f90a19
3312fee67c3094e5cb9f0e3c3f94266bc316e25406ed0dab85770bdebdb0b631
33dbcac269488134aa2b5afb0a5ce77c4820e17251558cd84dfba36abbfef851
356e561a00bb48a832e4e242115c91551869da59554b5cd970f77eeab4640beb
3a95ae34eadc3618039d66982956ad1a20c56f1ec57489562d42d4ba01c5f722
3c325075337b768950583012228055ae392e384688d77ec5235e6ca88dcec6ef
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4283e11439e7b626f568defa9d3a9be24fcf25af1d7f747cc6f42b5a208fdcfd
430bcd811b79391342b1c9a3d23ce768461cb1c59713014f9315aa50c61961e6
43d8ce764edece404b6fa936be8a8430f8bce9db358669edd967052ff08616e8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45112e618714965037c5e26e83b00b9a72cc1e81cb9d0a1816947f9f9d608f8a
459a26d5e3a70e69dfdcd34f204baf0b4dbeafb3f36930fb2224a8be475dda5e
4946b36e5208a0a01e69ac05696229353e101faece5c1572e2a6177742bf7b5c
4a7d4b21b3012f18da0be075ac6b66086b242de02dbdcf8514f1d12e57799dc6
4cda6bb8a89c326eebeed0502e3232d8bbb8c7404a923b47dd304bbd9e34d4a3
4d3901f77cf33fe6a328fe95f1c3c5def57190c82abb958316b9db54e8a413a0
4e0a7121d883b013b1878e2b35aa86739d9ff85a3b9801bea0764f37f6c10b0c
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5066f729303a405249469775a90c2a4cee6d523cd413a65813c5082537ca19c4
53861a013923acea8c682704f3fbcaf994d38a0d2c857e9ba45ae77483b5baf0
543775e5a94db5a6de359227d7a77d096aa627aabff43bbaab728dd08c628ce4
58f2ed3e8753b14d9456de59f7a58f5089c81d1ce6691d80bbd4e58f145ffd2c
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5cf757e2a28dc52d28c78a37806db55bc037ebbf5849bd8b95e5ed77f3a85bef
699b5b01dc3b499d73e0b3c26011fe365b5e343889dd807d43e5f0bd4b8d1d36
6af08ac316a08e4311e44f7ccb5196f43389dda40ab5a2566871c7a0efe33894
6bedf519e70e6c9c28f6cbe85ab9d3bde27c54831d3b1eaf1c0c08d5d83a12a3
6c14d731b13bcdec4325028eb0d8d2cb0190b3b1e65e0fcb52907fe6f55c2707
78085c37aa06e7b9d636b24dc08c60777eec406b66dfc43ae4859afddc56d98a
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7b171fe05b9b61912cc25454c52153d374b2b434144833f4396f5fd40138da15
7df2bb71378a86f7de113d17a1766e50aae7b679c1fa25adc8aa23c153f89e27
7e436bb99f7b3d50bf6451b9eacd965eafff9f05b3edee7455ae83c8d28957d7
8087a9d7bf1aca68d19ada4a7e83e7750e3bf6c67573370e8b486051b9ea0d8d
809ab3efb71547b840817152b6f6420044d674175c04f591d3d03f14f340c98a
81405856ecdd7a56958515d7a90de46c8cf39e8fa097ed2cb305c79183b5cb9e
8393fe351bf56b377573ccff95956a0654bb276987d64f979383768002cd87f0
88a7829f6e1acbb3def39f71753973f7a7c630709d05334e26c6d33b5befd825
8f1a84e11f04dcb79a2f1c939c2d527b892f531ae0e2884a6635b707343eb184
8f33c1f4ed7631615668ab4bd6bed28df325b7f0afd6edf389cfe470b923a0cd
8f762fae318f63852f4371fed398621c7ee8eb13265eab5ec03cc59ea04c4a2e
9520018fa5d81f4e4dc9d06afb576f90cbbaba209cfcc6cb60e1464647f7890b
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
95c64e2a5edc5cf2f7e4f9f99dde4e772666088edf6c27b6846c5c27421db965
960d553d2f0b3fd8cd270479b28fe8c5d719d12da58adc1f8ae44ddb5fcbec69
999815cfdcaecefdb23b41f2be728360f85064cac75815da9aa484f851432bf0
9a67c791841e3e122c4961cbe8bac2ffbf8ccac274d6475ac4bf8597eede4379
9c5e7918b79cb4921c660dffa5ecb2dca8ad69b5806e0108e3213e660cc04951
a124e5c311a88ecdac0857b813792b8fc2378e45912b3d4c5ceb39a9dd00fa66
a85f1f79a1e5eb0253b9d7fb0b81304d1532f062a4505d5d6e26040b699c669c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42124a164af25f9e61f966af54a159daa25d750d786af251c318caf5d4066a2
b5890500c45d0a1db25227b5de2ea0e02ef2da1d6da0dd1088d70177380260e6
b8b3fb186dde5911483d78748d8d162080cf5c270c30afd025f2f093c07f0c9e
bae1fc5cc184a0072a81fda4eef9e557e089258627caaa2bdd19fdd2c6985ab5
bea98833ee3d809de89c3997c437cd14064ed4fc0031e77096144d145e52cdb0
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
c0dcc504298a9e83e8d99d38f602cb46ea396fe95be1a050ccb58a4e91870484
c368e74321d2180806d6982ab26271a765594390c0d50a2e4fe452e901778d5e
c7a89d474401a5b366d5914dbe46dd043dd9a9209c6df0cbc6bd1c6d3cbfcde7
c9fe096d933b4cc05ec5d18f284c5e75f84b4c6b4b4c3a21fbe70602d1bd8cde
d054246b4656c96c04b2ce0bccd1ce5e9d665ada7774c2b22a1ab6aca1bb7e2b
d2c5073d657e8b8120d36f03df784a2ab5741ca11e7a8d228606051a76074068
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d84875fea8da82503a6a562dfd4b9951f39c3931246a0302206949ad69399042
db7d48ad78cc6b3670afc00190f19541b3a9380c19340c91e350727ad08327e1
dff02993608c5a23de9c8915efcb98ee2555e4f6dbf42e23ad20e1b449c3d9cc
e0bd8f8f9753c5c0dbf6ced2dc4701a27462b1284ff9b56186f2a733fb0207fb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7d7d349a66170e207f7c717f260828716a1f2c296e8aafeb474fdc61237afd4
e83d497a0603364e9586a8a3521a761f48858e1e7de748eb4e469766c500c71e
e8595d4c6e0bd33129c56a7d081de2e5cf93687b14ccf24ca27d8dabe35b6390
efbe97f39eaec4c6adb8c62042e36241e14eded1837964b0991b13a03373a4ec
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
fcbc3c5f0c4a62e0cd9aabcfbe09d6ca01dd627e029ad1eb888745b832c405b3
fe78e21552bee8237a91924c072cc6ac69915a95cbf4bcd1f78c3612a277ddda

patient.moolah.cc Open in urlscan Pro 104.43.254.102 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

146 Requests

98 %HTTPS

52 %IPv6

14 Domains

24 Subdomains

20 IPs

4 Countries

3598 kBTransfer

11446 kBSize

14 Cookies

1 Outgoing links

Page URL History

Redirected requests

146 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

patient.moolah.cc Open in urlscan Pro
104.43.254.102 Public Scan

Screenshot
Live screenshot

Full Image

146
Requests

98 %
HTTPS

52 %
IPv6

14
Domains

24
Subdomains

20
IPs

4
Countries

3598 kB
Transfer

11446 kB
Size

14
Cookies

146 HTTP transactions
0 data transactions