k2-grow.work Open in urlscan Pro
3.113.15.107 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://k2-grow.work/upd/SBB/upp/
Submission Tags: 7628663
Submission: On July 27 via api (July 27th 2022, 3:42:48 pm UTC) from NL — Scanned from JP

Summary HTTP 50 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 50 HTTP transactions. The main IP is 3.113.15.107, located in Tokyo, Japan and belongs to AMAZON-02, US. The main domain is k2-grow.work.
TLS certificate: Issued by R3 on June 30th 2022. Valid for: 3 months.

This is the only time k2-grow.work was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Schweizerische Bundesbahnen (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
33	3.113.15.107 3.113.15.107	16509 (AMAZON-02) (AMAZON-02)
3	2607:f8b0:400... 2607:f8b0:400e:c09::5c	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4004:801::2003	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:810::200e	15169 (GOOGLE) (GOOGLE)
9	2404:6800:400... 2404:6800:4004:80a::200e	15169 (GOOGLE) (GOOGLE)
50	5

33 3.113.15.107 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-113-15-107.ap-northeast-1.compute.amazonaws.com

k2-grow.work	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:400e:c09::5c (The Dalles, United States)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:801::2003 (Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:810::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2404:6800:4004:80a::200e (Australia)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	k2-grow.work k2-grow.work	779 KB
12	google.com pay.google.com — Cisco Umbrella Rank: 3770 play.google.com — Cisco Umbrella Rank: 51	362 KB
4	gstatic.com www.gstatic.com	103 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	20 KB
50	4

	Domain	Requested by
33	k2-grow.work	k2-grow.work
9	play.google.com	www.gstatic.com
4	www.gstatic.com	pay.google.com www.gstatic.com
3	pay.google.com	k2-grow.work www.gstatic.com
1	www.google-analytics.com	www.gstatic.com
50	5

This site contains no links.

Subject Issuer	Validity	Valid
k2-grow.work R3	`2022-06-30` - `2022-09-28`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://k2-grow.work/upd/SBB/upp/
Frame ID: 6AE6B5F7EBD4B68D0815EC33947BACF0
Requests: 30 HTTP requests in this frame

Frame: https://k2-grow.work/upd/SBB/upp/index_files/payframe.html
Frame ID: 57E8F3C1845A69EDF4956B9A72380FCC
Requests: 3 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fk2-grow.work&mid=
Frame ID: 3ACA6745BF9751798511F51072999BA6
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

(CH) - SBB CFF FFSarrowcheckarrow_dropdowncrossalerticon_alert_16gridhelpicon_help_16listsecure

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

50
Requests

100 %
HTTPS

80 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

1265 kB
Transfer

2295 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
k2-grow.work/upd/SBB/upp/ 57 KB
57 KB 65ms
5ms Document
text/html 3.113.15.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k2-grow.work/upd/SBB/upp/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.15.107 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-15-107.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: 10c4229b44408cf06323e1cfbb5f87593b0131f867674898544e57565bf0e972

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Upgrade, Keep-Alive
Content-Length: 57941
Content-Type: text/html; charset=UTF-8
Date: Wed, 27 Jul 2022 15:43:17 GMT
ETag: "e255-5e4552e4d7f29"
Keep-Alive: timeout=5, max=100
Last-Modified: Thu, 21 Jul 2022 18:49:43 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
Upgrade: h2,h2c

GET
H/1.1 200
OK main.css
k2-grow.work/upd/SBB/upp/index_files/ 95 KB
95 KB 13ms
4ms Stylesheet
text/css 3.113.15.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k2-grow.work/upd/SBB/upp/index_files/main.css
Requested by: Host: k2-grow.work
URL: https://k2-grow.work/upd/SBB/upp/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.15.107 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-15-107.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: ff348aad63de60798efd89bfc3ed9ce9eca24346ca1d3336dfe05cd9803ec73d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://k2-grow.work/upd/SBB/upp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 15:43:17 GMT
Last-Modified: Thu, 21 Jul 2022 18:49:43 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
ETag: "17a71-5e4552e4d8ec9"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 96881

GET
H/1.1 200
OK fonts.css
k2-grow.work/upd/SBB/upp/index_files/ 589 B
913 B 18ms
3ms Stylesheet
text/css 3.113.15.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k2-grow.work/upd/SBB/upp/index_files/fonts.css
Requested by: Host: k2-grow.work
URL: https://k2-grow.work/upd/SBB/upp/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.15.107 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-15-107.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: 776e0574f432c075a6d6f12d685fc656c665daf92cd6652964560e38204ec1c4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://k2-grow.work/upd/SBB/upp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 15:43:17 GMT
Last-Modified: Thu, 21 Jul 2022 18:49:43 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
ETag: "24d-5e4552e4d9e69"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=5, max=100
Content-Length: 589

GET
H/1.1 200
OK wallets.css
k2-grow.work/upd/SBB/upp/index_files/ 1 KB
1 KB 19ms
5ms Stylesheet
text/css 3.113.15.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k2-grow.work/upd/SBB/upp/index_files/wallets.css
Requested by: Host: k2-grow.work
URL: https://k2-grow.work/upd/SBB/upp/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.15.107 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-15-107.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: ceefde0182d0738e1d68928665a102ce162860436f412d28ea930ee02cc17af8

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://k2-grow.work/upd/SBB/upp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 15:43:17 GMT
Last-Modified: Thu, 21 Jul 2022 18:49:43 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
ETag: "438-5e4552e4d7f29"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=5, max=100
Content-Length: 1080

GET
H/1.1 200
OK jquery.min.js Show response
k2-grow.work/upd/SBB/upp/index_files/ 87 KB
88 KB 21ms
5ms Script
application/javascript 3.113.15.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k2-grow.work/upd/SBB/upp/index_files/jquery.min.js
Requested by: Host: k2-grow.work
URL: https://k2-grow.work/upd/SBB/upp/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.15.107 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-15-107.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://k2-grow.work/upd/SBB/upp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 15:43:17 GMT
Last-Modified: Thu, 21 Jul 2022 18:49:43 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
ETag: "15d9d-5e4552e4d8ec9"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=5, max=100
Content-Length: 89501

GET
H/1.1 200
OK modernizr-2.8.3-custom.js Show response
k2-grow.work/upd/SBB/upp/index_files/ 7 KB
7 KB 25ms
4ms Script
application/javascript 3.113.15.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k2-grow.work/upd/SBB/upp/index_files/modernizr-2.8.3-custom.js
Requested by: Host: k2-grow.work
URL: https://k2-grow.work/upd/SBB/upp/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.15.107 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-15-107.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: 72b85af174e7a04c1efec3631e62b1aa107d73a45c9ac0966cf7ad9b995dc831

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://k2-grow.work/upd/SBB/upp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 15:43:17 GMT
Last-Modified: Thu, 21 Jul 2022 18:49:43 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
ETag: "1b78-5e4552e4d7f29"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 7032

GET
H/1.1 200
OK index.js Show response
k2-grow.work/upd/SBB/upp/index_files/ 45 KB
45 KB 26ms
5ms Script
application/javascript 3.113.15.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k2-grow.work/upd/SBB/upp/index_files/index.js
Requested by: Host: k2-grow.work
URL: https://k2-grow.work/upd/SBB/upp/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.15.107 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-15-107.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: 32523cb2a49fce91af3e1b6adf372d4b2798510704ff3be2d97069c8c1be1e69

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://k2-grow.work/upd/SBB/upp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 15:43:17 GMT
Last-Modified: Thu, 21 Jul 2022 18:49:43 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
ETag: "b4aa-5e4552e4d8ec9"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=5, max=100
Content-Length: 46250

GET
H/1.1 200
OK payment.js Show response
k2-grow.work/upd/SBB/upp/index_files/ 4 KB
5 KB 26ms
6ms Script
application/javascript 3.113.15.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k2-grow.work/upd/SBB/upp/index_files/payment.js
Requested by: Host: k2-grow.work
URL: https://k2-grow.work/upd/SBB/upp/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.15.107 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-15-107.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: 1118e63add8971f5033b05315aea37d3addd5ec70b5b68a8f53a1678eba2a7d8

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://k2-grow.work/upd/SBB/upp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 15:43:17 GMT
Last-Modified: Thu, 21 Jul 2022 18:49:43 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
ETag: "1118-5e4552e4d9e69"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=5, max=100
Content-Length: 4376

GET
H/1.1 200
OK jquery.mask.min.js Show response
k2-grow.work/upd/SBB/upp/index_files/ 8 KB
8 KB 24ms
4ms Script
application/javascript 3.113.15.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k2-grow.work/upd/SBB/upp/index_files/jquery.mask.min.js
Requested by: Host: k2-grow.work
URL: https://k2-grow.work/upd/SBB/upp/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.15.107 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-15-107.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: bbb318e841b96acb3c2614eec417a4d7caf9606ea996507dccba84e2f6724e7e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://k2-grow.work/upd/SBB/upp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 15:43:17 GMT
Last-Modified: Thu, 21 Jul 2022 18:49:43 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
ETag: "1ff9-5e4552e4d9e69"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 8185

GET
H/1.1 200
OK jquery.validate-1.19.0.min.js Show response
k2-grow.work/upd/SBB/upp/index_files/ 24 KB
24 KB 31ms
5ms Script
application/javascript 3.113.15.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k2-grow.work/upd/SBB/upp/index_files/jquery.validate-1.19.0.min.js
Requested by: Host: k2-grow.work
URL: https://k2-grow.work/upd/SBB/upp/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.15.107 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-15-107.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: 6eefc13f4d9832e74173dea423bca495ceb7f4cbb888a19434d71a9bc0f69cb7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://k2-grow.work/upd/SBB/upp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 15:43:17 GMT
Last-Modified: Thu, 21 Jul 2022 18:49:43 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
ETag: "5f30-5e4552e4d9e69"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 24368

GET
H/1.1 200
OK validation.js Show response
k2-grow.work/upd/SBB/upp/index_files/ 15 KB
15 KB 31ms
5ms Script
application/javascript 3.113.15.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k2-grow.work/upd/SBB/upp/index_files/validation.js
Requested by: Host: k2-grow.work
URL: https://k2-grow.work/upd/SBB/upp/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.15.107 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-15-107.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: d5b8ad129de7dce564a96bcc14e40b9ef025fb4c82673bd92fad497b59b1648c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://k2-grow.work/upd/SBB/upp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 15:43:17 GMT
Last-Modified: Thu, 21 Jul 2022 18:49:43 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
ETag: "3ad6-5e4552e4d9e69"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 15062

GET
H/1.1 200
OK DT2015.js Show response
k2-grow.work/upd/SBB/upp/index_files/ 45 KB
45 KB 28ms
3ms Script
application/javascript 3.113.15.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k2-grow.work/upd/SBB/upp/index_files/DT2015.js
Requested by: Host: k2-grow.work
URL: https://k2-grow.work/upd/SBB/upp/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.15.107 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-15-107.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: d3e2568a13867c999885b3883b17c5a54da5d619acd59ccd40ef3ae1877d5fcd

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://k2-grow.work/upd/SBB/upp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 15:43:17 GMT
Last-Modified: Thu, 21 Jul 2022 18:49:43 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
ETag: "b30e-5e4552e4d9e69"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 45838

GET
H/1.1 200
OK pay.js Show response
k2-grow.work/upd/SBB/upp/index_files/ 96 KB
96 KB 28ms
3ms Script
application/javascript 3.113.15.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k2-grow.work/upd/SBB/upp/index_files/pay.js
Requested by: Host: k2-grow.work
URL: https://k2-grow.work/upd/SBB/upp/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.15.107 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-15-107.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: ebf573e5426dc00d483878a4916d232ae9458f52ae356dccb007660ab7c2cd0d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://k2-grow.work/upd/SBB/upp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 15:43:17 GMT
Last-Modified: Thu, 21 Jul 2022 18:49:43 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
ETag: "17ea9-5e4552e4d9e69"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 97961

GET
H/1.1 200
OK googlepay.js Show response
k2-grow.work/upd/SBB/upp/index_files/ 5 KB
6 KB 35ms
4ms Script
application/javascript 3.113.15.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k2-grow.work/upd/SBB/upp/index_files/googlepay.js
Requested by: Host: k2-grow.work
URL: https://k2-grow.work/upd/SBB/upp/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.15.107 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-15-107.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: fa4dc17947d3f43249e35977a14db90b5a185278091c878c6b3b0fe5fb25aa69

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://k2-grow.work/upd/SBB/upp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 15:43:17 GMT
Last-Modified: Thu, 21 Jul 2022 18:49:43 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
ETag: "15d9-5e4552e4d9e69"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 5593

GET
H/1.1 200
OK datatrans-new.svg
k2-grow.work/upd/SBB/upp/index_files/ 14 KB
14 KB 3ms
3ms Image
image/svg+xml 3.113.15.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://k2-grow.work/upd/SBB/upp/index_files/datatrans-new.svg
Requested by: Host: k2-grow.work
URL: https://k2-grow.work/upd/SBB/upp/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.15.107 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-15-107.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: 74e890cc8b6f7c09f199ea7b129119e9c2f3243376c3226a9c7beb791b22a4cc

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://k2-grow.work/upd/SBB/upp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 15:43:17 GMT
Last-Modified: Thu, 21 Jul 2022 18:49:43 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
ETag: "38a7-5e4552e4d9e69"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 14503

GET
H/1.1 200
OK sbb.png
k2-grow.work/upd/SBB/upp/index_files/ 29 KB
30 KB 3ms
2ms Image
image/png 3.113.15.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://k2-grow.work/upd/SBB/upp/index_files/sbb.png
Requested by: Host: k2-grow.work
URL: https://k2-grow.work/upd/SBB/upp/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.15.107 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-15-107.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: 076f9e2689feeb74dea82966b9fc016d0380cccb56c3dcfb15e65acf96701705

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://k2-grow.work/upd/SBB/upp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 15:43:17 GMT
Last-Modified: Thu, 21 Jul 2022 18:49:43 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
ETag: "7531-5e4552e4d9e69"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 30001

GET
H/1.1 200
OK card_visa.svg
k2-grow.work/upd/SBB/upp/index_files/ 3 KB
3 KB 4ms
3ms Image
image/svg+xml 3.113.15.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://k2-grow.work/upd/SBB/upp/index_files/card_visa.svg
Requested by: Host: k2-grow.work
URL: https://k2-grow.work/upd/SBB/upp/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.15.107 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-15-107.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: 0b60fac67e6942f998230a8486d064a4975d934d08eb2079dff37641f310fd29

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://k2-grow.work/upd/SBB/upp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 15:43:17 GMT
Last-Modified: Thu, 21 Jul 2022 18:49:43 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
ETag: "b31-5e4552e4d7f29"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2865

GET
H/1.1 200
OK card_amex.svg
k2-grow.work/upd/SBB/upp/index_files/ 3 KB
3 KB 5ms
4ms Image
image/svg+xml 3.113.15.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://k2-grow.work/upd/SBB/upp/index_files/card_amex.svg
Requested by: Host: k2-grow.work
URL: https://k2-grow.work/upd/SBB/upp/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.15.107 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-15-107.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: 6b33cb6f29fd45e08fb891b973618127ed374f0aa8b789a6977e175c81dd3eaf

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://k2-grow.work/upd/SBB/upp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 15:43:17 GMT
Last-Modified: Thu, 21 Jul 2022 18:49:43 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
ETag: "c1c-5e4552e4d9e69"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 3100

GET
H/1.1 200
OK card_dinersclub.svg
k2-grow.work/upd/SBB/upp/index_files/ 2 KB
3 KB 4ms
3ms Image
image/svg+xml 3.113.15.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://k2-grow.work/upd/SBB/upp/index_files/card_dinersclub.svg
Requested by: Host: k2-grow.work
URL: https://k2-grow.work/upd/SBB/upp/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.15.107 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-15-107.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: c16e2ee3926208ab057a30d525e5f77eb3c20ea8bcc41b1c171bbded68f91daf

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://k2-grow.work/upd/SBB/upp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 15:43:17 GMT
Last-Modified: Thu, 21 Jul 2022 18:49:43 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
ETag: "992-5e4552e4d9e69"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 2450

GET
H/1.1 200
OK card_discover.svg
k2-grow.work/upd/SBB/upp/index_files/ 6 KB
7 KB 6ms
5ms Image
image/svg+xml 3.113.15.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://k2-grow.work/upd/SBB/upp/index_files/card_discover.svg
Requested by: Host: k2-grow.work
URL: https://k2-grow.work/upd/SBB/upp/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.15.107 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-15-107.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: 2c0d225aec359801171a9630e31b62e169b1d66c1a918dd5275b2d8f6963f960

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://k2-grow.work/upd/SBB/upp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 15:43:17 GMT
Last-Modified: Thu, 21 Jul 2022 18:49:43 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
ETag: "19e5-5e4552e4d7f29"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 6629

GET
H/1.1 200
OK card_google_pay.svg
k2-grow.work/upd/SBB/upp/index_files/ 4 KB
4 KB 5ms
5ms Image
image/svg+xml 3.113.15.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://k2-grow.work/upd/SBB/upp/index_files/card_google_pay.svg
Requested by: Host: k2-grow.work
URL: https://k2-grow.work/upd/SBB/upp/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.15.107 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-15-107.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: 0c0be3122612235a92745b91d80637239337ac1b234d832e61ddb08d152adb23

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://k2-grow.work/upd/SBB/upp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 15:43:17 GMT
Last-Modified: Thu, 21 Jul 2022 18:49:43 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
ETag: "f18-5e4552e4d8ec9"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3864

GET
H/1.1 200
OK symbols.svg
k2-grow.work/upd/SBB/upp/index_files/ 3 KB
3 KB 3ms
3ms Image
image/svg+xml 3.113.15.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://k2-grow.work/upd/SBB/upp/index_files/symbols.svg
Requested by: Host: k2-grow.work
URL: https://k2-grow.work/upd/SBB/upp/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.15.107 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-15-107.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: 1cd18ab2dfa7db0a4046394458a402165ca532755ab1694145b49151b3955a0e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://k2-grow.work/upd/SBB/upp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 15:43:17 GMT
Last-Modified: Thu, 21 Jul 2022 18:49:43 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
ETag: "c93-5e4552e4d8ec9"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 3219

GET
H/1.1 404
Not Found OpenSans-Regular-webfont.woff2
k2-grow.work/upd/SBB/upp/fonts/ 0
0 5ms
5ms Font
text/html 3.113.15.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k2-grow.work/upd/SBB/upp/fonts/OpenSans-Regular-webfont.woff2
Requested by: Host: k2-grow.work
URL: https://k2-grow.work/upd/SBB/upp/index_files/fonts.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.15.107 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-15-107.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips / PHP/7.2.34
Resource Hash

Request headers

Referer: https://k2-grow.work/upd/SBB/upp/index_files/fonts.css
Origin: https://k2-grow.work
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 15:43:17 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
Connection: Keep-Alive
X-Powered-By: PHP/7.2.34
Content-Length: 0
Keep-Alive: timeout=5, max=97
Content-Type: text/html;charset=utf-8

GET
H/1.1 404
Not Found symbols.svg
k2-grow.work/upd/SBB/upp/icons/ 0
0 7ms
6ms Other
text/html 3.113.15.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k2-grow.work/upd/SBB/upp/icons/symbols.svg
Requested by: Host: k2-grow.work
URL: https://k2-grow.work/upd/SBB/upp/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.15.107 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-15-107.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips / PHP/7.2.34
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://k2-grow.work/upd/SBB/upp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 15:43:17 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
Connection: Keep-Alive
X-Powered-By: PHP/7.2.34
Content-Length: 0
Keep-Alive: timeout=5, max=97
Content-Type: text/html;charset=utf-8

GET
H/1.1 404
Not Found OpenSans-Regular-webfont.woff
k2-grow.work/upd/SBB/upp/fonts/ 0
0 5ms
5ms Font
text/html 3.113.15.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k2-grow.work/upd/SBB/upp/fonts/OpenSans-Regular-webfont.woff
Requested by: Host: k2-grow.work
URL: https://k2-grow.work/upd/SBB/upp/index_files/fonts.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.15.107 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-15-107.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips / PHP/7.2.34
Resource Hash

Request headers

Referer: https://k2-grow.work/upd/SBB/upp/index_files/fonts.css
Origin: https://k2-grow.work
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 15:43:17 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
Connection: Keep-Alive
X-Powered-By: PHP/7.2.34
Content-Length: 0
Keep-Alive: timeout=5, max=95
Content-Type: text/html;charset=utf-8

GET
H/1.1 404
Not Found symbols.svg
k2-grow.work/upd/SBB/upp/icons/ 0
0 5ms
5ms Other
text/html 3.113.15.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k2-grow.work/upd/SBB/upp/icons/symbols.svg
Requested by: Host: k2-grow.work
URL: https://k2-grow.work/upd/SBB/upp/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.15.107 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-15-107.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips / PHP/7.2.34
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://k2-grow.work/upd/SBB/upp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 15:43:17 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
Connection: Keep-Alive
X-Powered-By: PHP/7.2.34
Content-Length: 0
Keep-Alive: timeout=5, max=94
Content-Type: text/html;charset=utf-8

GET
H/1.1 200
OK payframe.html Show response
k2-grow.work/upd/SBB/upp/index_files/ Frame 57E8 18 KB
18 KB 5ms
5ms Document
text/html 3.113.15.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k2-grow.work/upd/SBB/upp/index_files/payframe.html
Requested by: Host: k2-grow.work
URL: https://k2-grow.work/upd/SBB/upp/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.15.107 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-15-107.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: 1b06d4919eca2b60cd218921331d30e5f3ac344dd2108aaf3009da5064e00f55

Request headers

Referer: https://k2-grow.work/upd/SBB/upp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 18406
Content-Type: text/html; charset=UTF-8
Date: Wed, 27 Jul 2022 15:43:17 GMT
ETag: "47e6-5e4552e4d8ec9"
Keep-Alive: timeout=5, max=97
Last-Modified: Thu, 21 Jul 2022 18:49:43 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips

GET
H/1.1 404
Not Found OpenSans-Regular-webfont.ttf
k2-grow.work/upd/SBB/upp/fonts/ 0
0 7ms
6ms Font
text/html 3.113.15.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k2-grow.work/upd/SBB/upp/fonts/OpenSans-Regular-webfont.ttf
Requested by: Host: k2-grow.work
URL: https://k2-grow.work/upd/SBB/upp/index_files/fonts.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.15.107 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-15-107.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips / PHP/7.2.34
Resource Hash

Request headers

Referer: https://k2-grow.work/upd/SBB/upp/index_files/fonts.css
Origin: https://k2-grow.work
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 15:43:17 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
Connection: Keep-Alive
X-Powered-By: PHP/7.2.34
Content-Length: 0
Keep-Alive: timeout=5, max=96
Content-Type: text/html;charset=utf-8

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 3ACA 18 KB
8 KB 388ms
187ms Document
text/html 2607:f8b0:400e:c09::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fk2-grow.work&mid=

Requested by

Host: k2-grow.work
URL: https://k2-grow.work/upd/SBB/upp/index_files/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400e:c09::5c The Dalles, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

26e80c821e120d8a8cdeb5544e47d5bdc08d5456873d6c51dc6c45b5e9507d17

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Vlyn7ccUZeMYtrRwNaG7BQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-Vlyn7ccUZeMYtrRwNaG7BQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://k2-grow.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Vlyn7ccUZeMYtrRwNaG7BQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-Vlyn7ccUZeMYtrRwNaG7BQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Wed, 27 Jul 2022 15:42:44 GMT
expires: Wed, 27 Jul 2022 15:42:44 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H/1.1 404
Not Found OpenSans-Semibold-webfont.woff2
k2-grow.work/upd/SBB/upp/fonts/ 0
0 5ms
5ms Font
text/html 3.113.15.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k2-grow.work/upd/SBB/upp/fonts/OpenSans-Semibold-webfont.woff2
Requested by: Host: k2-grow.work
URL: https://k2-grow.work/upd/SBB/upp/index_files/fonts.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.15.107 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-15-107.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips / PHP/7.2.34
Resource Hash

Request headers

Referer: https://k2-grow.work/upd/SBB/upp/index_files/fonts.css
Origin: https://k2-grow.work
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 15:43:17 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
Connection: Keep-Alive
X-Powered-By: PHP/7.2.34
Content-Length: 0
Keep-Alive: timeout=5, max=93
Content-Type: text/html;charset=utf-8

GET
H/1.1 404
Not Found OpenSans-Semibold-webfont.woff
k2-grow.work/upd/SBB/upp/fonts/ 0
0 7ms
6ms Font
text/html 3.113.15.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k2-grow.work/upd/SBB/upp/fonts/OpenSans-Semibold-webfont.woff
Requested by: Host: k2-grow.work
URL: https://k2-grow.work/upd/SBB/upp/index_files/fonts.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.15.107 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-15-107.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips / PHP/7.2.34
Resource Hash

Request headers

Referer: https://k2-grow.work/upd/SBB/upp/index_files/fonts.css
Origin: https://k2-grow.work
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 15:43:17 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
Connection: Keep-Alive
X-Powered-By: PHP/7.2.34
Content-Length: 0
Keep-Alive: timeout=5, max=92
Content-Type: text/html;charset=utf-8

GET
H/1.1 200
OK analytics.js Show response
k2-grow.work/upd/SBB/upp/index_files/ Frame 57E8 49 KB
49 KB 5ms
4ms Script
application/javascript 3.113.15.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k2-grow.work/upd/SBB/upp/index_files/analytics.js
Requested by: Host: k2-grow.work
URL: https://k2-grow.work/upd/SBB/upp/index_files/payframe.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.15.107 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-15-107.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://k2-grow.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 15:43:17 GMT
Last-Modified: Thu, 21 Jul 2022 18:49:43 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
ETag: "c41d-5e4552e4d8ec9"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 50205

GET
H/1.1 200
OK m=_b,_tp,_r Show response
k2-grow.work/upd/SBB/upp/index_files/ Frame 57E8 151 KB
151 KB 5ms
5ms Script
text/plain 3.113.15.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k2-grow.work/upd/SBB/upp/index_files/m=_b,_tp,_r
Requested by: Host: k2-grow.work
URL: https://k2-grow.work/upd/SBB/upp/index_files/payframe.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.15.107 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-15-107.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: e3d4c656ac4d3b7a01e1df2a54cb6dc9d52e84ac6f0baadeb0b64842e0cac5de

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://k2-grow.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 15:43:17 GMT
Last-Modified: Thu, 21 Jul 2022 18:49:43 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
ETag: "25b44-5e4552e4d8ec9"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 154436

GET
H/1.1 404
Not Found OpenSans-Semibold-webfont.ttf
k2-grow.work/upd/SBB/upp/fonts/ 0
0 5ms
5ms Font
text/html 3.113.15.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k2-grow.work/upd/SBB/upp/fonts/OpenSans-Semibold-webfont.ttf
Requested by: Host: k2-grow.work
URL: https://k2-grow.work/upd/SBB/upp/index_files/fonts.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.15.107 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-15-107.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips / PHP/7.2.34
Resource Hash

Request headers

Referer: https://k2-grow.work/upd/SBB/upp/index_files/fonts.css
Origin: https://k2-grow.work
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 15:43:17 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
Connection: Keep-Alive
X-Powered-By: PHP/7.2.34
Content-Length: 0
Keep-Alive: timeout=5, max=94
Content-Type: text/html;charset=utf-8

POST
H2 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 3ACA 2 KB
2 KB 100ms
98ms Other
text/html 2607:f8b0:400e:c09::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: k2-grow.work
URL: https://k2-grow.work/upd/SBB/upp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400e:c09::5c The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fk2-grow.work&mid=
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 27 Jul 2022 15:42:44 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H2 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.HpGMm6E_VdQ.es5.O/am=BgAB/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfr... Frame 3ACA 151 KB
54 KB 93ms
3ms Script
text/javascript 2404:6800:4004:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.HpGMm6E_VdQ.es5.O/am=BgAB/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhPVJtwTWUGLHr6-l7kuTJAbt1DxA/m=_b,_tp,_r

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fk2-grow.work&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

526537ea5b888a89a6abfaf0e909485061a10bf7103d638e25a8976015cb57ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 16:58:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81840
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54147
x-xss-protection: 0
last-modified: Tue, 26 Jul 2022 10:23:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Jul 2023 16:58:45 GMT

GET
H2 200 m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.HpGMm6E_VdQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.3VM... Frame 3ACA 78 KB
29 KB 4ms
3ms Script
text/javascript 2404:6800:4004:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.HpGMm6E_VdQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.3VM3l7Y2JMI.L.B1.O/am=BgAB/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfriwz-l3eKKu3P_WizFDBRGiipb_YA/ee=zhDmcb:EEDORb;cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.HpGMm6E_VdQ.es5.O/am=BgAB/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhPVJtwTWUGLHr6-l7kuTJAbt1DxA/m=_b,_tp,_r

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c079d9b24247ee907686120a1cf51667765b52aa9fa7108f9aaf0fe978752a27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 16:58:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81840
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29110
x-xss-protection: 0
last-modified: Tue, 26 Jul 2022 02:25:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Jul 2023 16:58:45 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 3ACA 49 KB
20 KB 51ms
3ms Script
text/javascript 2404:6800:4004:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.HpGMm6E_VdQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.3VM3l7Y2JMI.L.B1.O/am=BgAB/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfriwz-l3eKKu3P_WizFDBRGiipb_YA/ee=zhDmcb:EEDORb;cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 217
date: Wed, 27 Jul 2022 15:39:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 27 Jul 2022 17:39:08 GMT

GET
H2 200 pay Show response
pay.google.com/gp/p/ui/ Frame 3ACA 1 MB
351 KB 159ms
159ms XHR
text/html 2607:f8b0:400e:c09::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.HpGMm6E_VdQ.es5.O/am=BgAB/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhPVJtwTWUGLHr6-l7kuTJAbt1DxA/m=_b,_tp,_r

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400e:c09::5c The Dalles, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

690d34f84aa812ac6b0273f2285e40e96649dd6250882fa956128f97c43eb33b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9W3vyWlK0vkCgqf_zeXMAw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-9W3vyWlK0vkCgqf_zeXMAw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge
server: ESF
cross-origin-opener-policy: unsafe-none
date: Wed, 27 Jul 2022 15:42:45 GMT
x-frame-options: DENY
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-9W3vyWlK0vkCgqf_zeXMAw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-9W3vyWlK0vkCgqf_zeXMAw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
expires: Wed, 27 Jul 2022 15:42:45 GMT

POST
H3 200 log Show response
play.google.com/ Frame 3ACA 131 B
152 B 94ms
56ms XHR
text/plain 2404:6800:4004:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.HpGMm6E_VdQ.es5.O/am=BgAB/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhPVJtwTWUGLHr6-l7kuTJAbt1DxA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 27 Jul 2022 15:42:45 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 114ms
37ms Preflight
text/plain 2404:6800:4004:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 27 Jul 2022 15:42:45 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 3ACA 131 B
152 B 100ms
59ms XHR
text/plain 2404:6800:4004:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.HpGMm6E_VdQ.es5.O/am=BgAB/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhPVJtwTWUGLHr6-l7kuTJAbt1DxA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 27 Jul 2022 15:42:45 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 105ms
35ms Preflight
text/plain 2404:6800:4004:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 27 Jul 2022 15:42:45 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 3ACA 131 B
152 B 96ms
57ms XHR
text/plain 2404:6800:4004:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.HpGMm6E_VdQ.es5.O/am=BgAB/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhPVJtwTWUGLHr6-l7kuTJAbt1DxA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 27 Jul 2022 15:42:45 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 103ms
38ms Preflight
text/plain 2404:6800:4004:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 27 Jul 2022 15:42:45 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 3ACA 131 B
152 B 101ms
62ms XHR
text/plain 2404:6800:4004:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.HpGMm6E_VdQ.es5.O/am=BgAB/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhPVJtwTWUGLHr6-l7kuTJAbt1DxA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 27 Jul 2022 15:42:45 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 98ms
38ms Preflight
text/plain 2404:6800:4004:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 27 Jul 2022 15:42:45 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.HpGMm6E_VdQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.3VM... Frame 3ACA 18 KB
7 KB 3ms
3ms Script
text/javascript 2404:6800:4004:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.HpGMm6E_VdQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.3VM3l7Y2JMI.L.B1.O/am=BgAB/d=1/exm=Das5Le,IZT63,PrPYRd,Ru0Pgb,ZyYHPb,_b,_r,_tp,hc6Ubd,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfriwz-l3eKKu3P_WizFDBRGiipb_YA/ee=zhDmcb:EEDORb;cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.HpGMm6E_VdQ.es5.O/am=BgAB/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhPVJtwTWUGLHr6-l7kuTJAbt1DxA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb72cee0c404378d67c5915d697f4dae6f568eab1e6f54747c114576d7d25d41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 16:58:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81835
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7482
x-xss-protection: 0
last-modified: Tue, 26 Jul 2022 02:25:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Jul 2023 16:58:50 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.HpGMm6E_VdQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.3VM... Frame 3ACA 37 KB
14 KB 3ms
3ms Script
text/javascript 2404:6800:4004:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.HpGMm6E_VdQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.3VM3l7Y2JMI.L.B1.O/am=BgAB/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,Ru0Pgb,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfriwz-l3eKKu3P_WizFDBRGiipb_YA/ee=zhDmcb:EEDORb;cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.HpGMm6E_VdQ.es5.O/am=BgAB/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhPVJtwTWUGLHr6-l7kuTJAbt1DxA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9764a85c5627043a123402b769913ea2e71e9e76e23c2db210e0a48eea35d560

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 16:58:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81835
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14174
x-xss-protection: 0
last-modified: Tue, 26 Jul 2022 02:25:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Jul 2023 16:58:50 GMT

POST
H2 200 log Show response
play.google.com/ Frame 3ACA 131 B
519 B 107ms
58ms XHR
text/plain 2404:6800:4004:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.HpGMm6E_VdQ.es5.O/am=BgAB/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhPVJtwTWUGLHr6-l7kuTJAbt1DxA/m=_b,_tp,_r

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 27 Jul 2022 15:42:45 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Schweizerische Bundesbahnen (Transportation)

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.google.com/	1970-01-20 09:12:27	Name: NID Value: 511=pPiXnDFbjvSc-Bxb2jpbg11FNS-hsbjqGe5fm64nAuHb6uuFwmmVup9Kdd9gFP_UOHEYuTk0A7PfibUF5gXVT2IasseexTGGlSZT6A1OIUWehAjAkkJEPEtdnoPs4gKDQPgmygjfyCVDcdIhJr7OgJ9DSBWFG_kUtdUpPDA29gQ

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://k2-grow.work/upd/SBB/upp/fonts/OpenSans-Regular-webfont.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://k2-grow.work/upd/SBB/upp/icons/symbols.svg#arrow Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://k2-grow.work/upd/SBB/upp/fonts/OpenSans-Regular-webfont.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://k2-grow.work/upd/SBB/upp/icons/symbols.svg#info Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://k2-grow.work/upd/SBB/upp/fonts/OpenSans-Regular-webfont.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://k2-grow.work/upd/SBB/upp/fonts/OpenSans-Semibold-webfont.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://k2-grow.work/upd/SBB/upp/fonts/OpenSans-Semibold-webfont.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://k2-grow.work/upd/SBB/upp/fonts/OpenSans-Semibold-webfont.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

k2-grow.work
pay.google.com
play.google.com
www.google-analytics.com
www.gstatic.com
2404:6800:4004:801::2003
2404:6800:4004:80a::200e
2404:6800:4004:810::200e
2607:f8b0:400e:c09::5c
3.113.15.107
076f9e2689feeb74dea82966b9fc016d0380cccb56c3dcfb15e65acf96701705
0b60fac67e6942f998230a8486d064a4975d934d08eb2079dff37641f310fd29
0c0be3122612235a92745b91d80637239337ac1b234d832e61ddb08d152adb23
10c4229b44408cf06323e1cfbb5f87593b0131f867674898544e57565bf0e972
1118e63add8971f5033b05315aea37d3addd5ec70b5b68a8f53a1678eba2a7d8
1b06d4919eca2b60cd218921331d30e5f3ac344dd2108aaf3009da5064e00f55
1cd18ab2dfa7db0a4046394458a402165ca532755ab1694145b49151b3955a0e
26e80c821e120d8a8cdeb5544e47d5bdc08d5456873d6c51dc6c45b5e9507d17
2c0d225aec359801171a9630e31b62e169b1d66c1a918dd5275b2d8f6963f960
32523cb2a49fce91af3e1b6adf372d4b2798510704ff3be2d97069c8c1be1e69
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
526537ea5b888a89a6abfaf0e909485061a10bf7103d638e25a8976015cb57ea
690d34f84aa812ac6b0273f2285e40e96649dd6250882fa956128f97c43eb33b
6b33cb6f29fd45e08fb891b973618127ed374f0aa8b789a6977e175c81dd3eaf
6eefc13f4d9832e74173dea423bca495ceb7f4cbb888a19434d71a9bc0f69cb7
72b85af174e7a04c1efec3631e62b1aa107d73a45c9ac0966cf7ad9b995dc831
74e890cc8b6f7c09f199ea7b129119e9c2f3243376c3226a9c7beb791b22a4cc
776e0574f432c075a6d6f12d685fc656c665daf92cd6652964560e38204ec1c4
9764a85c5627043a123402b769913ea2e71e9e76e23c2db210e0a48eea35d560
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
bbb318e841b96acb3c2614eec417a4d7caf9606ea996507dccba84e2f6724e7e
c079d9b24247ee907686120a1cf51667765b52aa9fa7108f9aaf0fe978752a27
c16e2ee3926208ab057a30d525e5f77eb3c20ea8bcc41b1c171bbded68f91daf
ceefde0182d0738e1d68928665a102ce162860436f412d28ea930ee02cc17af8
d3e2568a13867c999885b3883b17c5a54da5d619acd59ccd40ef3ae1877d5fcd
d5b8ad129de7dce564a96bcc14e40b9ef025fb4c82673bd92fad497b59b1648c
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
e3d4c656ac4d3b7a01e1df2a54cb6dc9d52e84ac6f0baadeb0b64842e0cac5de
eb72cee0c404378d67c5915d697f4dae6f568eab1e6f54747c114576d7d25d41
ebf573e5426dc00d483878a4916d232ae9458f52ae356dccb007660ab7c2cd0d
fa4dc17947d3f43249e35977a14db90b5a185278091c878c6b3b0fe5fb25aa69
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff348aad63de60798efd89bfc3ed9ce9eca24346ca1d3336dfe05cd9803ec73d

k2-grow.work Open in urlscan Pro 3.113.15.107 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

50 Requests

100 %HTTPS

80 %IPv6

4 Domains

5 Subdomains

5 IPs

3 Countries

1265 kBTransfer

2295 kBSize

1 Cookies

0 Outgoing links

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

k2-grow.work Open in urlscan Pro
3.113.15.107 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

100 %
HTTPS

80 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

1265 kB
Transfer

2295 kB
Size

1
Cookies

50 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!