mobile-app-payment-widget.ffsw.online Open in urlscan Pro
185.68.208.131  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response mobile-app-payment-widget.ffsw.online/	3 KB 2 KB	181ms 44ms	Document text/html	185.68.208.131 ASTREC-DATA
General Check archive.org Show headers Download Go to Full URL https://mobile-app-payment-widget.ffsw.online/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.68.208.131 Tallinn, Estonia, ASN201601 (ASTREC-DATA, EE), Reverse DNS Software / Resource Hash 9470d8a0638548cc6ef393dd0a82370948e8aa2de6a68d9eba69bb5e8bf83a76 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes cache-control max-age=604800, no-transform, must-revalidate content-encoding gzip content-length 1705 content-type text/html date Thu, 16 Feb 2023 09:58:43 GMT etag "042dd17b958d81:0" expires 0 last-modified Mon, 25 Apr 2022 15:28:20 GMT pragma public,must-revalidate server strict-transport-security max-age=31536000 vary Accept-Encoding x-content-type-options nosniff x-powered-by x-xss-protection 1; mode=block
GET H2	200	css2 fonts.googleapis.com/	26 KB 2 KB	131ms 47ms	Stylesheet text/css	2a00:1450:4001:830::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap Requested by Host: mobile-app-payment-widget.ffsw.online URL: https://mobile-app-payment-widget.ffsw.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash cc140ef1e7c5d527ebb4e2e73107909cd646fd0bbdb10ebad305166c8c1b5204 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://mobile-app-payment-widget.ffsw.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 16 Feb 2023 09:58:46 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 16 Feb 2023 08:56:36 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 16 Feb 2023 09:58:46 GMT
GET H2	200	finflowcheckout.js Show response checkout.ffsw.online/script/v2/	200 KB 69 KB	896ms 860ms	Script application/javascript	185.68.208.131 ASTREC-DATA
General Check archive.org Show headers Download Go to Full URL https://checkout.ffsw.online/script/v2/finflowcheckout.js Requested by Host: mobile-app-payment-widget.ffsw.online URL: https://mobile-app-payment-widget.ffsw.online/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.68.208.131 Tallinn, Estonia, ASN201601 (ASTREC-DATA, EE), Reverse DNS Software / Resource Hash 5e8abdab6f38af133f3b853872ca9339f1a020239b83a837139faf29c9138e4e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://mobile-app-payment-widget.ffsw.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma public,must-revalidate strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff date Thu, 16 Feb 2023 09:58:43 GMT last-modified Thu, 26 Jan 2023 13:33:38 GMT server etag "4ccc60cc8a31d91:0" x-powered-by vary Accept-Encoding content-type application/javascript cache-control max-age=604800, no-transform, must-revalidate accept-ranges bytes x-xss-protection 1; mode=block expires 0
GET H2	200	pay.js Show response pay.google.com/gp/p/js/	114 KB 35 KB	131ms 66ms	Script application/javascript	2a00:1450:4013:c07::5c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pay.google.com/gp/p/js/pay.js Requested by Host: mobile-app-payment-widget.ffsw.online URL: https://mobile-app-payment-widget.ffsw.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4013:c07::5c Groningen, Netherlands, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 57d091616da24bf19468596545549a29a3117caa1f6adfd61622105cdc514c5d Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-98tcd-UMUbAIpfH4Fhlxmw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://mobile-app-payment-widget.ffsw.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Thu, 16 Feb 2023 09:58:46 GMT strict-transport-security max-age=31536000 content-encoding gzip content-security-policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-98tcd-UMUbAIpfH4Fhlxmw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist x-content-type-options nosniff p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control private, max-age=600 permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=* expires Thu, 16 Feb 2023 09:58:46 GMT
GET H/1.1	200 OK	apple-pay-sdk.js Show response applepay.cdn-apple.com/jsapi/v1/	107 KB 38 KB	81ms 6ms	Script application/javascript	2a01:b740:a30:f100::206 APPLE-AUSTIN
General Check archive.org Show headers Download Go to Full URL https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js Requested by Host: mobile-app-payment-widget.ffsw.online URL: https://mobile-app-payment-widget.ffsw.online/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a01:b740:a30:f100::206 Frankfurt am Main, Germany, ASN6185 (APPLE-AUSTIN, US), Reverse DNS Software Apple / Resource Hash 7dc2ed883fb76ebd14dd1a960b9f9babcb204ea25020842069116fe50f583f1f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://mobile-app-payment-widget.ffsw.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers x-apple-jingle-correlation-key RYQ2QTMVFD2O4XOZR3PE4VU4EY Date Thu, 16 Feb 2023 00:16:18 GMT Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff Content-Encoding gzip x-b3-traceid 8e21a84d9528f4ee5dd98ede4e569c26 Via http/1.1 defra1-edge-lx-003.ts.apple.com (acdn/59.14204), http/1.1 defra1-edge-bx-020.ts.apple.com (acdn/59.14204) Age 34948 X-Cache hit-fresh, hit-fresh CDNUUID 6e62f6b2-b40a-4e38-8a85-cf1227c9e02e-13475032580 b3 8e21a84d9528f4ee5dd98ede4e569c26-7e13037f42eba0f8 Connection keep-alive Content-Length 37704 X-XSS-Protection 1; mode=block apple-tk false Server Apple apple-seq 0 Last-Modified Mon, 30 Jan 2023 20:59:19 GMT Etag "9e4ea12e9386013cd3c5128b58a9f200--gzip" apple-originating-system payment-client-service-PROD Vary Accept-Encoding X-Frame-Options SAMEORIGIN Content-Type application/javascript Access-Control-Allow-Origin * x-apple-request-uuid 8e21a84d-9528-f4ee-5dd9-8ede4e569c26 x-b3-spanid 7e13037f42eba0f8 Access-Control-Allow-Credentials false Cache-Control public, max-age=86400, stale-while-revalidate=86400
GET H2	200	2.5d962b29.chunk.css mobile-app-payment-widget.ffsw.online/static/css/	547 B 446 B	78ms 77ms	Stylesheet text/css	185.68.208.131 ASTREC-DATA
General Check archive.org Show headers Download Go to Full URL https://mobile-app-payment-widget.ffsw.online/static/css/2.5d962b29.chunk.css Requested by Host: mobile-app-payment-widget.ffsw.online URL: https://mobile-app-payment-widget.ffsw.online/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.68.208.131 Tallinn, Estonia, ASN201601 (ASTREC-DATA, EE), Reverse DNS Software / Resource Hash 2c051cb1d24591dd2eee67448e936f6ff39b7a343d712cb2a2be65293ed9c700 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://mobile-app-payment-widget.ffsw.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff date Thu, 16 Feb 2023 09:58:43 GMT x-powered-by content-length 391 x-xss-protection 1; mode=block pragma public,must-revalidate last-modified Mon, 25 Apr 2022 15:28:20 GMT server etag "042dd17b958d81:0" vary Accept-Encoding content-type text/css cache-control max-age=604800, no-transform, must-revalidate accept-ranges bytes expires 0
GET H2	200	main.7044423a.chunk.css mobile-app-payment-widget.ffsw.online/static/css/	13 KB 4 KB	82ms 82ms	Stylesheet text/css	185.68.208.131 ASTREC-DATA
General Check archive.org Show headers Download Go to Full URL https://mobile-app-payment-widget.ffsw.online/static/css/main.7044423a.chunk.css Requested by Host: mobile-app-payment-widget.ffsw.online URL: https://mobile-app-payment-widget.ffsw.online/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.68.208.131 Tallinn, Estonia, ASN201601 (ASTREC-DATA, EE), Reverse DNS Software / Resource Hash 62a8cc5992c02b9b3e880284641d66a1119443ae44b86c639a7b269dde5b7b37 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://mobile-app-payment-widget.ffsw.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff date Thu, 16 Feb 2023 09:58:43 GMT x-powered-by content-length 4358 x-xss-protection 1; mode=block pragma public,must-revalidate last-modified Mon, 25 Apr 2022 15:28:20 GMT server etag "042dd17b958d81:0" vary Accept-Encoding content-type text/css cache-control max-age=604800, no-transform, must-revalidate accept-ranges bytes expires 0
GET H2	200	2.b4f32261.chunk.js Show response mobile-app-payment-widget.ffsw.online/static/js/	804 KB 296 KB	237ms 236ms	Script application/javascript	185.68.208.131 ASTREC-DATA
General Check archive.org Show headers Download Go to Full URL https://mobile-app-payment-widget.ffsw.online/static/js/2.b4f32261.chunk.js Requested by Host: mobile-app-payment-widget.ffsw.online URL: https://mobile-app-payment-widget.ffsw.online/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.68.208.131 Tallinn, Estonia, ASN201601 (ASTREC-DATA, EE), Reverse DNS Software / Resource Hash 0409537182c8aa50189fd88c1bcdbbe8fe59d8a62261f24f2e4942937f81fb1a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://mobile-app-payment-widget.ffsw.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma public,must-revalidate strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff date Thu, 16 Feb 2023 09:58:43 GMT last-modified Mon, 25 Apr 2022 15:28:20 GMT server etag "042dd17b958d81:0" x-powered-by vary Accept-Encoding content-type application/javascript cache-control max-age=604800, no-transform, must-revalidate accept-ranges bytes x-xss-protection 1; mode=block expires 0
GET H2	200	main.204e9555.chunk.js Show response mobile-app-payment-widget.ffsw.online/static/js/	6 MB 4 MB	122ms 121ms	Script application/javascript	185.68.208.131 ASTREC-DATA
General Check archive.org Show headers Download Go to Full URL https://mobile-app-payment-widget.ffsw.online/static/js/main.204e9555.chunk.js Requested by Host: mobile-app-payment-widget.ffsw.online URL: https://mobile-app-payment-widget.ffsw.online/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.68.208.131 Tallinn, Estonia, ASN201601 (ASTREC-DATA, EE), Reverse DNS Software / Resource Hash e571c646a0cb9f10350c8a5e1f9ecdd15ff44789469f808641239f8d2be5c730 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://mobile-app-payment-widget.ffsw.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma public,must-revalidate strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff date Thu, 16 Feb 2023 09:58:43 GMT last-modified Mon, 25 Apr 2022 15:28:20 GMT server etag "042dd17b958d81:0" x-powered-by vary Accept-Encoding content-type application/javascript cache-control max-age=604800, no-transform, must-revalidate accept-ranges bytes x-xss-protection 1; mode=block expires 0
GET H2	200	3.f90c7692.chunk.js Show response mobile-app-payment-widget.ffsw.online/static/js/	3 KB 2 KB	59ms 58ms	Script application/javascript	185.68.208.131 ASTREC-DATA
General Check archive.org Show headers Download Go to Full URL https://mobile-app-payment-widget.ffsw.online/static/js/3.f90c7692.chunk.js Requested by Host: mobile-app-payment-widget.ffsw.online URL: https://mobile-app-payment-widget.ffsw.online/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.68.208.131 Tallinn, Estonia, ASN201601 (ASTREC-DATA, EE), Reverse DNS Software / Resource Hash 69c8ff6c6e70d0d29e0a0859f57bd84f2e8a46dfc7bfea42392fc9ca9084ff3d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://mobile-app-payment-widget.ffsw.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff date Thu, 16 Feb 2023 09:58:46 GMT x-powered-by content-length 1783 x-xss-protection 1; mode=block pragma public,must-revalidate last-modified Mon, 25 Apr 2022 15:28:20 GMT server etag "042dd17b958d81:0" vary Accept-Encoding content-type application/javascript cache-control max-age=604800, no-transform, must-revalidate accept-ranges bytes expires 0
GET H2	200	pci-dss.svg mobile-app-payment-widget.ffsw.online/img/footer/	9 KB 9 KB	76ms 76ms	Image image/svg+xml	185.68.208.131 ASTREC-DATA
General Check archive.org Show headers Download Go to Show image Full URL https://mobile-app-payment-widget.ffsw.online/img/footer/pci-dss.svg Requested by Host: mobile-app-payment-widget.ffsw.online URL: https://mobile-app-payment-widget.ffsw.online/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.68.208.131 Tallinn, Estonia, ASN201601 (ASTREC-DATA, EE), Reverse DNS Software / Resource Hash c39357f068aed47101d4b9457804fe66779e8a109dfcb77867d03f09dcc25318 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://mobile-app-payment-widget.ffsw.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma public,must-revalidate strict-transport-security max-age=31536000 date Thu, 16 Feb 2023 09:58:46 GMT x-content-type-options nosniff last-modified Mon, 25 Apr 2022 15:25:42 GMT server etag "05fb0b9b858d81:0" x-powered-by content-type image/svg+xml cache-control max-age=604800, no-transform, must-revalidate accept-ranges bytes content-length 9535 x-xss-protection 1; mode=block expires 0
GET H2	200	mastercard-secure-code.svg mobile-app-payment-widget.ffsw.online/img/footer/	14 KB 14 KB	74ms 73ms	Image image/svg+xml	185.68.208.131 ASTREC-DATA
General Check archive.org Show headers Download Go to Show image Full URL https://mobile-app-payment-widget.ffsw.online/img/footer/mastercard-secure-code.svg Requested by Host: mobile-app-payment-widget.ffsw.online URL: https://mobile-app-payment-widget.ffsw.online/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.68.208.131 Tallinn, Estonia, ASN201601 (ASTREC-DATA, EE), Reverse DNS Software / Resource Hash da846b7978d6581c48d554f5064455ee212d69ddb0b33f40bd4323a7acc46ed3 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://mobile-app-payment-widget.ffsw.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma public,must-revalidate strict-transport-security max-age=31536000 date Thu, 16 Feb 2023 09:58:46 GMT x-content-type-options nosniff last-modified Mon, 25 Apr 2022 15:25:42 GMT server etag "05fb0b9b858d81:0" x-powered-by content-type image/svg+xml cache-control max-age=604800, no-transform, must-revalidate accept-ranges bytes content-length 14396 x-xss-protection 1; mode=block expires 0
GET H2	200	verfivied-visa.svg mobile-app-payment-widget.ffsw.online/img/footer/	5 KB 5 KB	75ms 75ms	Image image/svg+xml	185.68.208.131 ASTREC-DATA
General Check archive.org Show headers Download Go to Show image Full URL https://mobile-app-payment-widget.ffsw.online/img/footer/verfivied-visa.svg Requested by Host: mobile-app-payment-widget.ffsw.online URL: https://mobile-app-payment-widget.ffsw.online/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.68.208.131 Tallinn, Estonia, ASN201601 (ASTREC-DATA, EE), Reverse DNS Software / Resource Hash 3663071c1b14b77b987ae1229fe55454d6e9094362562c3d3dcf5ea4871f9b2e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://mobile-app-payment-widget.ffsw.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma public,must-revalidate strict-transport-security max-age=31536000 date Thu, 16 Feb 2023 09:58:46 GMT x-content-type-options nosniff last-modified Mon, 25 Apr 2022 15:25:42 GMT server etag "05fb0b9b858d81:0" x-powered-by content-type image/svg+xml cache-control max-age=604800, no-transform, must-revalidate accept-ranges bytes content-length 5501 x-xss-protection 1; mode=block expires 0
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	118ms 36ms	Font font/woff2	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://mobile-app-payment-widget.ffsw.online accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Tue, 14 Feb 2023 06:52:22 GMT x-content-type-options nosniff age 183988 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 14 Feb 2024 06:52:22 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 15 KB	127ms 47ms	Font font/woff2	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://mobile-app-payment-widget.ffsw.online accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Thu, 09 Feb 2023 14:05:36 GMT x-content-type-options nosniff age 589994 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 09 Feb 2024 14:05:36 GMT
GET H2	200	KFOmCnqEu92Fr1Mu5mxKOzY.woff2 fonts.gstatic.com/s/roboto/v30/	9 KB 9 KB	153ms 74ms	Font font/woff2	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://mobile-app-payment-widget.ffsw.online accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 15 Feb 2023 16:23:53 GMT x-content-type-options nosniff age 63297 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9628 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 15 Feb 2024 16:23:53 GMT
GET H2	200	visa.svg mobile-app-payment-widget.ffsw.online/img/cards/	1 KB 1 KB	68ms 68ms	Image image/svg+xml	185.68.208.131 ASTREC-DATA
General Check archive.org Show headers Download Go to Show image Full URL https://mobile-app-payment-widget.ffsw.online/img/cards/visa.svg Requested by Host: mobile-app-payment-widget.ffsw.online URL: https://mobile-app-payment-widget.ffsw.online/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.68.208.131 Tallinn, Estonia, ASN201601 (ASTREC-DATA, EE), Reverse DNS Software / Resource Hash 97c8d993de7b8477fc3f1dbf395453ae0fb7b442f700803a29867489791d6e3c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://mobile-app-payment-widget.ffsw.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma public,must-revalidate strict-transport-security max-age=31536000 date Thu, 16 Feb 2023 09:58:46 GMT x-content-type-options nosniff last-modified Mon, 25 Apr 2022 15:25:42 GMT server etag "05fb0b9b858d81:0" x-powered-by content-type image/svg+xml cache-control max-age=604800, no-transform, must-revalidate accept-ranges bytes content-length 1294 x-xss-protection 1; mode=block expires 0
GET H2	200	mastercard.svg mobile-app-payment-widget.ffsw.online/img/cards/	2 KB 2 KB	74ms 73ms	Image image/svg+xml	185.68.208.131 ASTREC-DATA
General Check archive.org Show headers Download Go to Show image Full URL https://mobile-app-payment-widget.ffsw.online/img/cards/mastercard.svg Requested by Host: mobile-app-payment-widget.ffsw.online URL: https://mobile-app-payment-widget.ffsw.online/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.68.208.131 Tallinn, Estonia, ASN201601 (ASTREC-DATA, EE), Reverse DNS Software / Resource Hash e1795d93b90cbfd02a54127b0780b62820cd876707c39c542fa5273b63328fef Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://mobile-app-payment-widget.ffsw.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers pragma public,must-revalidate strict-transport-security max-age=31536000 date Thu, 16 Feb 2023 09:58:46 GMT x-content-type-options nosniff last-modified Mon, 25 Apr 2022 15:25:42 GMT server etag "05fb0b9b858d81:0" x-powered-by content-type image/svg+xml cache-control max-age=604800, no-transform, must-revalidate accept-ranges bytes content-length 1670 x-xss-protection 1; mode=block expires 0
GET H2	200	payframe Show response pay.google.com/gp/p/ui/ Frame 0A37	18 KB 8 KB	198ms 196ms	Document text/html	2a00:1450:4013:c07::5c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fmobile-app-payment-widget.ffsw.online&mid= Requested by Host: pay.google.com URL: https://pay.google.com/gp/p/js/pay.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4013:c07::5c Groningen, Netherlands, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 8fdf70291ac965927c62893a9085b961721541658cbed73b2081cc795a6ed0ec Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-UhIP8oB-aTNXiaXWVw7Y7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://mobile-app-payment-widget.ffsw.online/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=3600 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-UhIP8oB-aTNXiaXWVw7Y7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport content-type text/html; charset=utf-8 cross-origin-opener-policy same-origin cross-origin-resource-policy same-site date Thu, 16 Feb 2023 09:58:50 GMT expires Thu, 16 Feb 2023 09:58:50 GMT permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=* server ESF strict-transport-security max-age=31536000 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-content-type-options nosniff x-ua-compatible IE=edge x-xss-protection 0
POST H3	404	cspreport pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 0A37	2 KB 2 KB	118ms 117ms	Other text/html	2a00:1450:4013:c07::5c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Requested by Host: mobile-app-payment-widget.ffsw.online URL: https://mobile-app-payment-widget.ffsw.online/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4013:c07::5c Groningen, Netherlands, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101 Request headers Referer https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fmobile-app-payment-widget.ffsw.online&mid= accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Content-Type application/csp-report Response headers date Thu, 16 Feb 2023 09:58:50 GMT referrer-policy no-referrer alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1608 content-type text/html; charset=UTF-8
GET H2	200	m=_b,_tp,_r Show response www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.tZk0uMy0zpU.es5.O/am=mAFA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfr... Frame 0A37	155 KB 55 KB	129ms 39ms	Script text/javascript	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.tZk0uMy0zpU.es5.O/am=mAFA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgNx5Kn9B29v-OohZZswlWGRmAupA/m=_b,_tp,_r Requested by Host: pay.google.com URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fmobile-app-payment-widget.ffsw.online&mid= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2b3711641327099e12e310292a2ff0a243518974b8545562d223b035fec9bd59 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 15 Feb 2023 17:13:33 GMT content-encoding gzip x-content-type-options nosniff age 60317 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 55825 x-xss-protection 0 last-modified Wed, 15 Feb 2023 08:26:37 GMT server sffe cross-origin-opener-policy same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers" vary Accept-Encoding, Origin report-to {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Thu, 15 Feb 2024 17:13:33 GMT
GET H2	200	m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le Show response www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.tZk0uMy0zpU.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.G4S... Frame 0A37	69 KB 26 KB	43ms 43ms	Script text/javascript	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.tZk0uMy0zpU.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.G4S1w8cg4zM.L.B1.O/am=mAFA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfriv44Fe9mtplrGwGEqg9TWNGphfmA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.tZk0uMy0zpU.es5.O/am=mAFA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgNx5Kn9B29v-OohZZswlWGRmAupA/m=_b,_tp,_r Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b9b08369d3a70b7ee263b0c01e1c522251c634408b138b49a727d7ba07472386 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 15 Feb 2023 17:15:07 GMT content-encoding gzip x-content-type-options nosniff age 60223 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 26133 x-xss-protection 0 last-modified Tue, 14 Feb 2023 13:27:25 GMT server sffe cross-origin-opener-policy same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers" vary Accept-Encoding, Origin report-to {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Thu, 15 Feb 2024 17:15:07 GMT
GET H3	200	pay Show response pay.google.com/gp/p/ui/ Frame 0A37	1 MB 358 KB	66ms 66ms	XHR text/html	2a00:1450:4013:c07::5c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pay.google.com/gp/p/ui/pay Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.tZk0uMy0zpU.es5.O/am=mAFA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgNx5Kn9B29v-OohZZswlWGRmAupA/m=_b,_tp,_r Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4013:c07::5c Groningen, Netherlands, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f066011cdda7c146966704abcd89d6335e574f18fd85af85cc790a2d726b97ed Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-GhBDAOQgU8Qv52cNNyWA9Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Thu, 16 Feb 2023 09:58:50 GMT strict-transport-security max-age=31536000 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-GhBDAOQgU8Qv52cNNyWA9Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport x-content-type-options nosniff cross-origin-resource-policy same-site alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 x-ua-compatible IE=edge accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy unsafe-none server ESF x-frame-options DENY vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site content-type text/html; charset=utf-8 cache-control private, max-age=3600 permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=* expires Thu, 16 Feb 2023 09:58:50 GMT
GET H2	200	m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.tZk0uMy0zpU.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.G4S... Frame 0A37	23 KB 9 KB	39ms 39ms	Script text/javascript	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.tZk0uMy0zpU.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.G4S1w8cg4zM.L.B1.O/am=mAFA/d=1/exm=Das5Le,IZT63,PrPYRd,ZyYHPb,_b,_r,_tp,hc6Ubd,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfriv44Fe9mtplrGwGEqg9TWNGphfmA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.tZk0uMy0zpU.es5.O/am=mAFA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgNx5Kn9B29v-OohZZswlWGRmAupA/m=_b,_tp,_r Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash da64b5b0a8a83d9dbe76ddbaeda31c1fb0e087d5a7fca4098ee4d3dced8906b9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 15 Feb 2023 17:15:07 GMT content-encoding gzip x-content-type-options nosniff age 60223 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9253 x-xss-protection 0 last-modified Tue, 14 Feb 2023 13:27:25 GMT server sffe cross-origin-opener-policy same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers" vary Accept-Encoding, Origin report-to {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Thu, 15 Feb 2024 17:15:07 GMT
GET H2	200	m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.tZk0uMy0zpU.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.G4S... Frame 0A37	35 KB 13 KB	42ms 42ms	Script text/javascript	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.tZk0uMy0zpU.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.G4S1w8cg4zM.L.B1.O/am=mAFA/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfriv44Fe9mtplrGwGEqg9TWNGphfmA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.tZk0uMy0zpU.es5.O/am=mAFA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgNx5Kn9B29v-OohZZswlWGRmAupA/m=_b,_tp,_r Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash aa0555470858c60eacc4161a1b3b4f79809f9ef82948e41442e6a2218abe836f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Wed, 15 Feb 2023 17:15:07 GMT content-encoding gzip x-content-type-options nosniff age 60223 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13390 x-xss-protection 0 last-modified Tue, 14 Feb 2023 13:27:25 GMT server sffe cross-origin-opener-policy same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers" vary Accept-Encoding, Origin report-to {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Thu, 15 Feb 2024 17:15:07 GMT
POST H2	200	log Show response play.google.com/ Frame 0A37	131 B 273 B	81ms 80ms	XHR text/plain	2a00:1450:400d:803::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.tZk0uMy0zpU.es5.O/am=mAFA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgNx5Kn9B29v-OohZZswlWGRmAupA/m=_b,_tp,_r Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pay.google.com/ X-Goog-AuthUser 0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Thu, 16 Feb 2023 09:58:50 GMT content-encoding gzip server Playlog x-frame-options SAMEORIGIN content-type text/plain; charset=UTF-8 access-control-allow-origin https://pay.google.com p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers X-Playlog-Web content-length 131 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 16 Feb 2023 09:58:50 GMT
OPTIONS H2	200	log play.google.com/ Frame	0 0	192ms 78ms	Preflight text/plain	2a00:1450:400d:803::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers x-goog-authuser Access-Control-Request-Method POST Origin https://pay.google.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers X-Playlog-Web,authorization,origin,x-goog-authuser access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://pay.google.com access-control-max-age 86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/plain; charset=UTF-8 date Thu, 16 Feb 2023 09:58:50 GMT expires Thu, 16 Feb 2023 09:58:50 GMT p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." server Playlog x-frame-options SAMEORIGIN x-xss-protection 0
POST H2	200	log Show response play.google.com/ Frame 0A37	131 B 273 B	95ms 95ms	XHR text/plain	2a00:1450:400d:803::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.tZk0uMy0zpU.es5.O/am=mAFA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgNx5Kn9B29v-OohZZswlWGRmAupA/m=_b,_tp,_r Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pay.google.com/ X-Goog-AuthUser 0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Thu, 16 Feb 2023 09:58:50 GMT content-encoding gzip server Playlog x-frame-options SAMEORIGIN content-type text/plain; charset=UTF-8 access-control-allow-origin https://pay.google.com p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers X-Playlog-Web content-length 131 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 16 Feb 2023 09:58:50 GMT
OPTIONS H2	200	log play.google.com/ Frame	0 0	191ms 79ms	Preflight text/plain	2a00:1450:400d:803::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers x-goog-authuser Access-Control-Request-Method POST Origin https://pay.google.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers X-Playlog-Web,authorization,origin,x-goog-authuser access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://pay.google.com access-control-max-age 86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/plain; charset=UTF-8 date Thu, 16 Feb 2023 09:58:50 GMT expires Thu, 16 Feb 2023 09:58:50 GMT p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." server Playlog x-frame-options SAMEORIGIN x-xss-protection 0
POST H2	200	log Show response play.google.com/ Frame 0A37	131 B 273 B	99ms 99ms	XHR text/plain	2a00:1450:400d:803::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.tZk0uMy0zpU.es5.O/am=mAFA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgNx5Kn9B29v-OohZZswlWGRmAupA/m=_b,_tp,_r Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pay.google.com/ X-Goog-AuthUser 0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Thu, 16 Feb 2023 09:58:50 GMT content-encoding gzip server Playlog x-frame-options SAMEORIGIN content-type text/plain; charset=UTF-8 access-control-allow-origin https://pay.google.com p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers X-Playlog-Web content-length 131 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 16 Feb 2023 09:58:50 GMT
OPTIONS H2	200	log play.google.com/ Frame	0 0	190ms 78ms	Preflight text/plain	2a00:1450:400d:803::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers x-goog-authuser Access-Control-Request-Method POST Origin https://pay.google.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers X-Playlog-Web,authorization,origin,x-goog-authuser access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://pay.google.com access-control-max-age 86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/plain; charset=UTF-8 date Thu, 16 Feb 2023 09:58:50 GMT expires Thu, 16 Feb 2023 09:58:50 GMT p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." server Playlog x-frame-options SAMEORIGIN x-xss-protection 0
POST H2	200	log Show response play.google.com/ Frame 0A37	131 B 578 B	194ms 80ms	XHR text/plain	2a00:1450:400d:803::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.tZk0uMy0zpU.es5.O/am=mAFA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgNx5Kn9B29v-OohZZswlWGRmAupA/m=_b,_tp,_r Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pay.google.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Thu, 16 Feb 2023 09:58:50 GMT content-encoding gzip server Playlog x-frame-options SAMEORIGIN content-type text/plain; charset=UTF-8 access-control-allow-origin https://pay.google.com p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers X-Playlog-Web content-length 131 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 16 Feb 2023 09:58:50 GMT

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| oncontentvisibilityautostatechange object| webpackJsonpfinflow-pay-form function| FFCheckout object| regeneratorRuntime object| scCGSHMRCache object| denylistedDomainsHashedValueListForGpayButtonWithCardInfo object| whitelistedDomainsHashedValueListForGpayButtonWithCardInfo object| denylistedMerchentIdsHashedValueListForGpayButtonWithCardInfo object| google object| webpackJsonp boolean| WEBVIEW function| ApplePayMerchandising

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.google.com/	1970-01-20 14:05:52	Name: NID Value: 511=h0mcycR9N3oTf-mcDlXCD8f-OQOhxM0LfYmtUiLiqq9K8UU0ACDZw7rsT0tuwIuWvdPsE734Gnyyg8Zw_BQxlv1LSFMnuATTQAwQo5iXx9Gmnt_W0tTJYVD2h44y0T1uvCBUEm3XnXS1Bttr_hTiBcHVUM4TbqYNyRh8WvVLT6A

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

applepay.cdn-apple.com
checkout.ffsw.online
fonts.googleapis.com
fonts.gstatic.com
mobile-app-payment-widget.ffsw.online
pay.google.com
play.google.com
www.gstatic.com
185.68.208.131
2a00:1450:4001:808::2003
2a00:1450:4001:80b::2003
2a00:1450:4001:830::200a
2a00:1450:400d:803::200e
2a00:1450:4013:c07::5c
2a01:b740:a30:f100::206
0409537182c8aa50189fd88c1bcdbbe8fe59d8a62261f24f2e4942937f81fb1a
2b3711641327099e12e310292a2ff0a243518974b8545562d223b035fec9bd59
2c051cb1d24591dd2eee67448e936f6ff39b7a343d712cb2a2be65293ed9c700
3663071c1b14b77b987ae1229fe55454d6e9094362562c3d3dcf5ea4871f9b2e
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
57d091616da24bf19468596545549a29a3117caa1f6adfd61622105cdc514c5d
5e8abdab6f38af133f3b853872ca9339f1a020239b83a837139faf29c9138e4e
62a8cc5992c02b9b3e880284641d66a1119443ae44b86c639a7b269dde5b7b37
69c8ff6c6e70d0d29e0a0859f57bd84f2e8a46dfc7bfea42392fc9ca9084ff3d
7dc2ed883fb76ebd14dd1a960b9f9babcb204ea25020842069116fe50f583f1f
8fdf70291ac965927c62893a9085b961721541658cbed73b2081cc795a6ed0ec
9470d8a0638548cc6ef393dd0a82370948e8aa2de6a68d9eba69bb5e8bf83a76
97c8d993de7b8477fc3f1dbf395453ae0fb7b442f700803a29867489791d6e3c
aa0555470858c60eacc4161a1b3b4f79809f9ef82948e41442e6a2218abe836f
b9b08369d3a70b7ee263b0c01e1c522251c634408b138b49a727d7ba07472386
c39357f068aed47101d4b9457804fe66779e8a109dfcb77867d03f09dcc25318
cc140ef1e7c5d527ebb4e2e73107909cd646fd0bbdb10ebad305166c8c1b5204
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
da64b5b0a8a83d9dbe76ddbaeda31c1fb0e087d5a7fca4098ee4d3dced8906b9
da846b7978d6581c48d554f5064455ee212d69ddb0b33f40bd4323a7acc46ed3
e1795d93b90cbfd02a54127b0780b62820cd876707c39c542fa5273b63328fef
e571c646a0cb9f10350c8a5e1f9ecdd15ff44789469f808641239f8d2be5c730
f066011cdda7c146966704abcd89d6335e574f18fd85af85cc790a2d726b97ed
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615