urlscan.io logo urlscan.io
SecurityTrails logo

pay.google.com Open in urlscan Pro
2a00:1450:400c:c07::5c  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://gpay.app.goo.gl/KdnDek
Effective URL: https://pay.google.com/spot/9162333723047961797?shareActionId=1a312b32-d1bf-45ca-a3be-83f082ba6ba0&authenticationToken=...
Submission: On April 18 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 5 domains to perform 21 HTTP transactions. The main IP is 2a00:1450:400c:c07::5c, located in Brussels, Belgium and belongs to GOOGLE, US. The main domain is pay.google.com. The Cisco Umbrella rank of the primary domain is 2903.
TLS certificate: Issued by GTS CA 1C3 on March 4th 2024. Valid for: 3 months.
This is the only time pay.google.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gpay.app.goo.gl
2    2a00:1450:400c:c07::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
pay.google.com
4    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gpayproxy-pa.googleapis.com
5    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
3    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net
www.gstatic.com
1    142.250.186.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net
play.google.com
1    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
play.google.com
1    142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
11 gstatic.com
www.gstatic.com
fonts.gstatic.com
259 KB
5 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 45
158 KB
4 google.com
pay.google.com — Cisco Umbrella Rank: 2903
play.google.com — Cisco Umbrella Rank: 35
26 KB
1 googleapis.com
gpayproxy-pa.googleapis.com
106 KB
1 goo.gl
gpay.app.goo.gl
1 KB
21 5
Domain Requested by
7 www.gstatic.com pay.google.com
www.gstatic.com
5 lh3.googleusercontent.com pay.google.com
4 fonts.gstatic.com pay.google.com
2 play.google.com www.gstatic.com
2 pay.google.com www.gstatic.com
1 gpayproxy-pa.googleapis.com pay.google.com
1 gpay.app.goo.gl 1 redirects
21 7

This site contains no links.

Subject Issuer Validity Valid
*.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://pay.google.com/spot/9162333723047961797?shareActionId=1a312b32-d1bf-45ca-a3be-83f082ba6ba0&authenticationToken=VidrMiw-Li2IbviRseyGqw%3D%3D
Frame ID: 5851499BAA59FA9EC27757814DAF800D
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Google Pay

Page URL History Show full URLs

  1. https://gpay.app.goo.gl/KdnDek HTTP 302
    https://pay.google.com/spot/9162333723047961797?shareActionId=1a312b32-d1bf-45ca-a3be-83f082ba6ba0&... Page URL

Page Statistics

21
Requests

100 %
HTTPS

70 %
IPv6

5
Domains

7
Subdomains

10
IPs

3
Countries

549 kB
Transfer

945 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://gpay.app.goo.gl/KdnDek HTTP 302
    https://pay.google.com/spot/9162333723047961797?shareActionId=1a312b32-d1bf-45ca-a3be-83f082ba6ba0&authenticationToken=VidrMiw-Li2IbviRseyGqw%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 9162333723047961797
pay.google.com/spot/
Redirect Chain
  • https://gpay.app.goo.gl/KdnDek
  • https://pay.google.com/spot/9162333723047961797?shareActionId=1a312b32-d1bf-45ca-a3be-83f082ba6ba0&authenticationToken=VidrMiw-Li2IbviRseyGqw%3D%3D
126 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/spot/9162333723047961797?shareActionId=1a312b32-d1bf-45ca-a3be-83f082ba6ba0&authenticationToken=VidrMiw-Li2IbviRseyGqw%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b2cecd2aaa4caccacc0f6ef3f8e3d577c5db7313c359973c69da318b6c1cec0c
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /spot/_/GPayMicroappsLandingPageUi/cspreport script-src 'report-sample' 'nonce-th-14S9rPAkMIIOx2a0BtQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /spot/_/GPayMicroappsLandingPageUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /spot/_/GPayMicroappsLandingPageUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /spot/_/GPayMicroappsLandingPageUi/cspreport script-src 'report-sample' 'nonce-th-14S9rPAkMIIOx2a0BtQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /spot/_/GPayMicroappsLandingPageUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /spot/_/GPayMicroappsLandingPageUi/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Thu, 18 Apr 2024 15:08:24 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
reporting-endpoints
default="/spot/_/GPayMicroappsLandingPageUi/web-reports?context=eJzjMtDikmJw0JBikPj6kkkNiJ3SZ7AGALFP_QzWKCBuvXmOdTIQJ_07z1oAxEI8HC_etWxkE5jQuqGZEQDNzRj3"
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=edge
x-xss-protection
0

Redirect headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-security-policy
script-src 'report-sample' 'nonce-eNWa23dmmEF4KukphR_MvQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport
content-type
application/binary
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
same-site
date
Thu, 18 Apr 2024 15:08:23 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://pay.google.com/spot/9162333723047961797?shareActionId=1a312b32-d1bf-45ca-a3be-83f082ba6ba0&authenticationToken=VidrMiw-Li2IbviRseyGqw%3D%3D
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
m=_b,_tp
www.gstatic.com/_/mss/boq-nbu-paisa/_/js/k=boq-nbu-paisa.GPayMicroappsLandingPageUi.de.iqdtosU9tqw.es5.O/am=gEFnAQ/d=1/excm=_b,_tp,homeview/ed=1/dg=0/wt=2/ujg=1/rs=ABIkfdlksvE0qSgHYASe7inOfCwSU9ZwkA/ 		173 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-nbu-paisa/_/js/k=boq-nbu-paisa.GPayMicroappsLandingPageUi.de.iqdtosU9tqw.es5.O/am=gEFnAQ/d=1/excm=_b,_tp,homeview/ed=1/dg=0/wt=2/ujg=1/rs=ABIkfdlksvE0qSgHYASe7inOfCwSU9ZwkA/m=_b,_tp
Requested by
Host: pay.google.com
URL: https://pay.google.com/spot/9162333723047961797?shareActionId=1a312b32-d1bf-45ca-a3be-83f082ba6ba0&authenticationToken=VidrMiw-Li2IbviRseyGqw%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1727f8ef6bc63a8ce40c7b86ca93fa109c1fbec41d51dba2adc80797d7458984
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"124.0.6367.60"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://pay.google.com/
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.60", "Google Chrome";v="124.0.6367.60", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-wow64
?0
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 15:08:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/nbu-paisa-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62679
x-xss-protection
0
last-modified
Sun, 14 Apr 2024 07:49:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/nbu-paisa-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/nbu-paisa-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/nbu-paisa-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 18 Apr 2025 15:08:24 GMT
image
gpayproxy-pa.googleapis.com/v1/media/ 		106 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gpayproxy-pa.googleapis.com/v1/media/image?token=CgtDbVdlM0FBQUFBQQ%3D%3D
Requested by
Host: pay.google.com
URL: https://pay.google.com/spot/9162333723047961797?shareActionId=1a312b32-d1bf-45ca-a3be-83f082ba6ba0&authenticationToken=VidrMiw-Li2IbviRseyGqw%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
52958852a18c9b58ebed2f4eb0cb098581ba8ccc0dc301daae344ca4900ce9a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"124.0.6367.60"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://pay.google.com/
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.60", "Google Chrome";v="124.0.6367.60", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-wow64
?0
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 15:08:25 GMT
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
image/png
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
108074
x-xss-protection
0
pixel3.png
www.gstatic.com/nbupayments/microapps/landing_page/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/nbupayments/microapps/landing_page/pixel3.png
Requested by
Host: pay.google.com
URL: https://pay.google.com/spot/9162333723047961797?shareActionId=1a312b32-d1bf-45ca-a3be-83f082ba6ba0&authenticationToken=VidrMiw-Li2IbviRseyGqw%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b1fb6df768ab896d45247ed3b983621bf798fa46551d5cb00cbd270b1b1b6c5
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/nbu-paisa-scs
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"124.0.6367.60"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://pay.google.com/
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.60", "Google Chrome";v="124.0.6367.60", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-wow64
?0
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/nbu-paisa-scs
date
Fri, 12 Apr 2024 17:16:15 GMT
x-content-type-options
nosniff
age
510729
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27312
x-xss-protection
0
last-modified
Tue, 07 Apr 2020 06:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="nbu-paisa-scs"
report-to
{"group":"nbu-paisa-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/nbu-paisa-scs"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 12 Apr 2025 17:16:15 GMT
iBgWAC0-QxPTl3h88QE1lSrG7b75vhQRs6dvssqWS0NtbNyTDyrADpiKo806VV-ijLMg6k3qR9hg3BrYB_zrrVEMaluRc9mjdfZr_wA=ft-rj-ng-sm
lh3.googleusercontent.com/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/iBgWAC0-QxPTl3h88QE1lSrG7b75vhQRs6dvssqWS0NtbNyTDyrADpiKo806VV-ijLMg6k3qR9hg3BrYB_zrrVEMaluRc9mjdfZr_wA=ft-rj-ng-sm
Requested by
Host: pay.google.com
URL: https://pay.google.com/spot/9162333723047961797?shareActionId=1a312b32-d1bf-45ca-a3be-83f082ba6ba0&authenticationToken=VidrMiw-Li2IbviRseyGqw%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
6661414fee3e869c9dd1fb50649830a44f07ae4c8f6d060edb79596587cc0322
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"124.0.6367.60"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://pay.google.com/
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.60", "Google Chrome";v="124.0.6367.60", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-wow64
?0
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 15:08:24 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29108
x-xss-protection
0
expires
Fri, 19 Apr 2024 15:08:24 GMT
r0sc8eSwm0C866KGC53a8BBy8kTGbQ-0y-45VZagcDYULL5_fRVHLFltXZ-gJNJzh3z0JMJE9lcixqH4SJeZ51V69H2zUyRf9W5xdEA=ft-rj-ng-sm
lh3.googleusercontent.com/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/r0sc8eSwm0C866KGC53a8BBy8kTGbQ-0y-45VZagcDYULL5_fRVHLFltXZ-gJNJzh3z0JMJE9lcixqH4SJeZ51V69H2zUyRf9W5xdEA=ft-rj-ng-sm
Requested by
Host: pay.google.com
URL: https://pay.google.com/spot/9162333723047961797?shareActionId=1a312b32-d1bf-45ca-a3be-83f082ba6ba0&authenticationToken=VidrMiw-Li2IbviRseyGqw%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
16dcd61a62de5c39f8f953276ff870cb5ee69883be4287b8bbf95ef7b5db7f11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"124.0.6367.60"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://pay.google.com/
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.60", "Google Chrome";v="124.0.6367.60", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-wow64
?0
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 15:08:24 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42310
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 19 Apr 2024 15:08:24 GMT
zBRJoXJFfDCm9jwseG2JNbHy9DZ-58hlngRA2bcHrzV4bEX3UuXASkgukooNpMoiRu6wQCe6Of14ke8fG5x95ot_h06FWLxUAWTb66ekLA=ft-rj-ng-sm
lh3.googleusercontent.com/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/zBRJoXJFfDCm9jwseG2JNbHy9DZ-58hlngRA2bcHrzV4bEX3UuXASkgukooNpMoiRu6wQCe6Of14ke8fG5x95ot_h06FWLxUAWTb66ekLA=ft-rj-ng-sm
Requested by
Host: pay.google.com
URL: https://pay.google.com/spot/9162333723047961797?shareActionId=1a312b32-d1bf-45ca-a3be-83f082ba6ba0&authenticationToken=VidrMiw-Li2IbviRseyGqw%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
1daae00e463155d9492afa1f7eee16fa24ae8840154ed3ff55991f215a5b6e2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"124.0.6367.60"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://pay.google.com/
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.60", "Google Chrome";v="124.0.6367.60", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-wow64
?0
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 15:08:24 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36047
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 19 Apr 2024 15:08:24 GMT
vCMVThSQdEufInWtw6HA5ZTIT-ZQkZkrkUghjqBGd6VyiXVvtu3ixaMDYjuLd3H75uUSnbvdPk5NxBY9Mb6VUAEwHlWh54J_Fgnulq0e=ft-rj-ng-sm
lh3.googleusercontent.com/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/vCMVThSQdEufInWtw6HA5ZTIT-ZQkZkrkUghjqBGd6VyiXVvtu3ixaMDYjuLd3H75uUSnbvdPk5NxBY9Mb6VUAEwHlWh54J_Fgnulq0e=ft-rj-ng-sm
Requested by
Host: pay.google.com
URL: https://pay.google.com/spot/9162333723047961797?shareActionId=1a312b32-d1bf-45ca-a3be-83f082ba6ba0&authenticationToken=VidrMiw-Li2IbviRseyGqw%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
3bf943e4b3f12df81deff027ce7824fff2ca79a806d372628bdc0139d2d8d6ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"124.0.6367.60"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://pay.google.com/
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.60", "Google Chrome";v="124.0.6367.60", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-wow64
?0
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 15:08:24 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28848
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 19 Apr 2024 15:08:24 GMT
truncated
/ 		256 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c3a9b7839f45fc409b15b9004f8b4c0b3674e93758faef4c8d26cdc19cb54f78

Request headers

Referer
Origin
https://pay.google.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
ImQftLyrsXvORIh5oftHfpGrbBqb4a7oVoyz0_97uVdbvKnEnsuIo3cUYrh8viyHm-VNMmHQZttM3gVXn5Xkp-Nb_sqOHQI1QT9C4Gw9vQ=ft-rj-ng-sm
lh3.googleusercontent.com/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/ImQftLyrsXvORIh5oftHfpGrbBqb4a7oVoyz0_97uVdbvKnEnsuIo3cUYrh8viyHm-VNMmHQZttM3gVXn5Xkp-Nb_sqOHQI1QT9C4Gw9vQ=ft-rj-ng-sm
Requested by
Host: pay.google.com
URL: https://pay.google.com/spot/9162333723047961797?shareActionId=1a312b32-d1bf-45ca-a3be-83f082ba6ba0&authenticationToken=VidrMiw-Li2IbviRseyGqw%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
83bccce794839bed0d71833d77c423350beb23adf146b8a8f8890ccc05b5e7bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"124.0.6367.60"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://pay.google.com/
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.60", "Google Chrome";v="124.0.6367.60", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-wow64
?0
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 15:08:24 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24578
x-xss-protection
0
expires
Fri, 19 Apr 2024 15:08:24 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: pay.google.com
URL: https://pay.google.com/spot/9162333723047961797?shareActionId=1a312b32-d1bf-45ca-a3be-83f082ba6ba0&authenticationToken=VidrMiw-Li2IbviRseyGqw%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Origin
https://pay.google.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"124.0.6367.60"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://pay.google.com/
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.60", "Google Chrome";v="124.0.6367.60", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-wow64
?0
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 03:48:43 GMT
x-content-type-options
nosniff
age
472781
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Apr 2025 03:48:43 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: pay.google.com
URL: https://pay.google.com/spot/9162333723047961797?shareActionId=1a312b32-d1bf-45ca-a3be-83f082ba6ba0&authenticationToken=VidrMiw-Li2IbviRseyGqw%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eca8ffa764a66cd084800e2e71c4176ef089ebd805515664a6cb8d4fb3b598bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Origin
https://pay.google.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"124.0.6367.60"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://pay.google.com/
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.60", "Google Chrome";v="124.0.6367.60", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-wow64
?0
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 18:50:16 GMT
x-content-type-options
nosniff
age
73088
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15440
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Apr 2025 18:50:16 GMT
KFOkCnqEu92Fr1MmgVxIIzI.woff2
fonts.gstatic.com/s/roboto/v18/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOkCnqEu92Fr1MmgVxIIzI.woff2
Requested by
Host: pay.google.com
URL: https://pay.google.com/spot/9162333723047961797?shareActionId=1a312b32-d1bf-45ca-a3be-83f082ba6ba0&authenticationToken=VidrMiw-Li2IbviRseyGqw%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6309b0265edb8a409b1a120036a651230824b326e26a5f24eca1b9f544e2a42f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Origin
https://pay.google.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"124.0.6367.60"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://pay.google.com/
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.60", "Google Chrome";v="124.0.6367.60", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-wow64
?0
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 20:14:43 GMT
x-content-type-options
nosniff
age
68021
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15316
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Apr 2025 20:14:43 GMT
m=ws9Tlc,n73qwf,GkRiKb,e5qFLc,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,P6qVyb,ogX9Ed,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,lazG7b,XV...
www.gstatic.com/_/mss/boq-nbu-paisa/_/js/k=boq-nbu-paisa.GPayMicroappsLandingPageUi.de.iqdtosU9tqw.es5.O/ck=boq-nbu-paisa.GPayMicroappsLandingPageUi.B3bhrWlzpOI.L.B1.O/am=gEFnAQ/d=1/exm=_b,_tp/excm... 		254 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-nbu-paisa/_/js/k=boq-nbu-paisa.GPayMicroappsLandingPageUi.de.iqdtosU9tqw.es5.O/ck=boq-nbu-paisa.GPayMicroappsLandingPageUi.B3bhrWlzpOI.L.B1.O/am=gEFnAQ/d=1/exm=_b,_tp/excm=_b,_tp,homeview/ed=1/wt=2/ujg=1/rs=ABIkfdmOg5FwfiFYU5yNrFeElgvtshWXrg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:GkRiKb/m=ws9Tlc,n73qwf,GkRiKb,e5qFLc,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,P6qVyb,ogX9Ed,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,lazG7b,XVMNvd,L1AAkb,KUM7Z,Mlhmy,hc6Ubd,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,mdR7q,xQtZb,Z5uLle,JNoxi,kWgXee,MI6k7c,kjKdXe,BVgquf,BBI74,ovKuLd,hKSk3e,yDVVkb,MdUzUe,KG2eXe,zbML3c,zr1jrb,VwDzFe,Uas9Hd,A7fCU,pjICDe
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-nbu-paisa/_/js/k=boq-nbu-paisa.GPayMicroappsLandingPageUi.de.iqdtosU9tqw.es5.O/am=gEFnAQ/d=1/excm=_b,_tp,homeview/ed=1/dg=0/wt=2/ujg=1/rs=ABIkfdlksvE0qSgHYASe7inOfCwSU9ZwkA/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c7823712ee513f750b3811b4d51cc526541151a23ec13b6cb58afb4db2288f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"124.0.6367.60"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://pay.google.com/
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.60", "Google Chrome";v="124.0.6367.60", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-wow64
?0
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 15:08:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/nbu-paisa-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
93203
x-xss-protection
0
last-modified
Sun, 14 Apr 2024 07:49:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/nbu-paisa-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/nbu-paisa-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/nbu-paisa-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 18 Apr 2025 15:08:24 GMT
m=UMu52b
www.gstatic.com/_/mss/boq-nbu-paisa/_/js/k=boq-nbu-paisa.GPayMicroappsLandingPageUi.de.iqdtosU9tqw.es5.O/ck=boq-nbu-paisa.GPayMicroappsLandingPageUi.B3bhrWlzpOI.L.B1.O/am=gEFnAQ/d=1/exm=A7fCU,BBI74... 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-nbu-paisa/_/js/k=boq-nbu-paisa.GPayMicroappsLandingPageUi.de.iqdtosU9tqw.es5.O/ck=boq-nbu-paisa.GPayMicroappsLandingPageUi.B3bhrWlzpOI.L.B1.O/am=gEFnAQ/d=1/exm=A7fCU,BBI74,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,P6qVyb,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,fKUV3e,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ogX9Ed,ovKuLd,pjICDe,vfuNJf,w9hDv,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,homeview/ed=1/wt=2/ujg=1/rs=ABIkfdmOg5FwfiFYU5yNrFeElgvtshWXrg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:GkRiKb/m=UMu52b
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-nbu-paisa/_/js/k=boq-nbu-paisa.GPayMicroappsLandingPageUi.de.iqdtosU9tqw.es5.O/am=gEFnAQ/d=1/excm=_b,_tp,homeview/ed=1/dg=0/wt=2/ujg=1/rs=ABIkfdlksvE0qSgHYASe7inOfCwSU9ZwkA/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64a6f8ef7c831f0c507e2ee1c40a665c62e5e093b874003648716bd854695983
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"124.0.6367.60"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://pay.google.com/
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.60", "Google Chrome";v="124.0.6367.60", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-wow64
?0
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 15:08:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/nbu-paisa-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5658
x-xss-protection
0
last-modified
Sun, 14 Apr 2024 07:49:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/nbu-paisa-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/nbu-paisa-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/nbu-paisa-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 18 Apr 2025 15:08:24 GMT
m=RqjULd
www.gstatic.com/_/mss/boq-nbu-paisa/_/js/k=boq-nbu-paisa.GPayMicroappsLandingPageUi.de.iqdtosU9tqw.es5.O/ck=boq-nbu-paisa.GPayMicroappsLandingPageUi.B3bhrWlzpOI.L.B1.O/am=gEFnAQ/d=1/exm=A7fCU,BBI74... 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-nbu-paisa/_/js/k=boq-nbu-paisa.GPayMicroappsLandingPageUi.de.iqdtosU9tqw.es5.O/ck=boq-nbu-paisa.GPayMicroappsLandingPageUi.B3bhrWlzpOI.L.B1.O/am=gEFnAQ/d=1/exm=A7fCU,BBI74,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,P6qVyb,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UMu52b,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,fKUV3e,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ogX9Ed,ovKuLd,pjICDe,vfuNJf,w9hDv,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,homeview/ed=1/wt=2/ujg=1/rs=ABIkfdmOg5FwfiFYU5yNrFeElgvtshWXrg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:GkRiKb/m=RqjULd
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-nbu-paisa/_/js/k=boq-nbu-paisa.GPayMicroappsLandingPageUi.de.iqdtosU9tqw.es5.O/am=gEFnAQ/d=1/excm=_b,_tp,homeview/ed=1/dg=0/wt=2/ujg=1/rs=ABIkfdlksvE0qSgHYASe7inOfCwSU9ZwkA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
sffe /
Resource Hash
96011587f82437a391834b0f91ff9ed710b4aef4f466284e112cbb0aaf352814
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"124.0.6367.60"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://pay.google.com/
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.60", "Google Chrome";v="124.0.6367.60", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-wow64
?0
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 15:08:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/nbu-paisa-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6415
x-xss-protection
0
last-modified
Sun, 14 Apr 2024 07:49:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/nbu-paisa-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/nbu-paisa-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/nbu-paisa-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 18 Apr 2025 15:08:24 GMT
m=bm51tf
www.gstatic.com/_/mss/boq-nbu-paisa/_/js/k=boq-nbu-paisa.GPayMicroappsLandingPageUi.de.iqdtosU9tqw.es5.O/ck=boq-nbu-paisa.GPayMicroappsLandingPageUi.B3bhrWlzpOI.L.B1.O/am=gEFnAQ/d=1/exm=A7fCU,BBI74... 		1 KB
775 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-nbu-paisa/_/js/k=boq-nbu-paisa.GPayMicroappsLandingPageUi.de.iqdtosU9tqw.es5.O/ck=boq-nbu-paisa.GPayMicroappsLandingPageUi.B3bhrWlzpOI.L.B1.O/am=gEFnAQ/d=1/exm=A7fCU,BBI74,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,P6qVyb,PrPYRd,RMhBfe,RqjULd,SdcwHb,SpsfSb,U0aPgd,UMu52b,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,fKUV3e,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ogX9Ed,ovKuLd,pjICDe,vfuNJf,w9hDv,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,homeview/ed=1/wt=2/ujg=1/rs=ABIkfdmOg5FwfiFYU5yNrFeElgvtshWXrg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:GkRiKb/m=bm51tf
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-nbu-paisa/_/js/k=boq-nbu-paisa.GPayMicroappsLandingPageUi.de.iqdtosU9tqw.es5.O/am=gEFnAQ/d=1/excm=_b,_tp,homeview/ed=1/dg=0/wt=2/ujg=1/rs=ABIkfdlksvE0qSgHYASe7inOfCwSU9ZwkA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
sffe /
Resource Hash
77e785b5a39769da9658c54ae0cd4969b420af765471fc33279cbea0b4ae22b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"124.0.6367.60"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://pay.google.com/
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.60", "Google Chrome";v="124.0.6367.60", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-wow64
?0
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 15:08:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/nbu-paisa-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
750
x-xss-protection
0
last-modified
Sun, 14 Apr 2024 07:49:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/nbu-paisa-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/nbu-paisa-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/nbu-paisa-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 18 Apr 2025 15:08:24 GMT
log
play.google.com/ 		131 B
155 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-nbu-paisa/_/js/k=boq-nbu-paisa.GPayMicroappsLandingPageUi.de.iqdtosU9tqw.es5.O/ck=boq-nbu-paisa.GPayMicroappsLandingPageUi.B3bhrWlzpOI.L.B1.O/am=gEFnAQ/d=1/exm=_b,_tp/excm=_b,_tp,homeview/ed=1/wt=2/ujg=1/rs=ABIkfdmOg5FwfiFYU5yNrFeElgvtshWXrg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:GkRiKb/m=ws9Tlc,n73qwf,GkRiKb,e5qFLc,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,P6qVyb,ogX9Ed,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,lazG7b,XVMNvd,L1AAkb,KUM7Z,Mlhmy,hc6Ubd,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,mdR7q,xQtZb,Z5uLle,JNoxi,kWgXee,MI6k7c,kjKdXe,BVgquf,BBI74,ovKuLd,hKSk3e,yDVVkb,MdUzUe,KG2eXe,zbML3c,zr1jrb,VwDzFe,Uas9Hd,A7fCU,pjICDe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
Content-Type
text/plain;charset=UTF-8
sec-ch-ua-full-version
"124.0.6367.60"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://pay.google.com/
X-Goog-AuthUser
0
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.60", "Google Chrome";v="124.0.6367.60", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-wow64
?0
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 15:08:24 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 18 Apr 2024 15:08:24 GMT
log
play.google.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 18 Apr 2024 15:08:24 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-nbu-paisa/_/js/k=boq-nbu-paisa.GPayMicroappsLandingPageUi.de.iqdtosU9tqw.es5.O/ck=boq-nbu-paisa.GPayMicroappsLandingPageUi.B3bhrWlzpOI.L.B1.O/am=gEFnAQ/d=1/exm=A7fCU,BBI74... 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-nbu-paisa/_/js/k=boq-nbu-paisa.GPayMicroappsLandingPageUi.de.iqdtosU9tqw.es5.O/ck=boq-nbu-paisa.GPayMicroappsLandingPageUi.B3bhrWlzpOI.L.B1.O/am=gEFnAQ/d=1/exm=A7fCU,BBI74,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,P6qVyb,PrPYRd,RMhBfe,RqjULd,SdcwHb,SpsfSb,U0aPgd,UMu52b,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,bm51tf,byfTOb,e5qFLc,fKUV3e,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ogX9Ed,ovKuLd,pjICDe,vfuNJf,w9hDv,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,homeview/ed=1/wt=2/ujg=1/rs=ABIkfdmOg5FwfiFYU5yNrFeElgvtshWXrg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:GkRiKb/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-nbu-paisa/_/js/k=boq-nbu-paisa.GPayMicroappsLandingPageUi.de.iqdtosU9tqw.es5.O/am=gEFnAQ/d=1/excm=_b,_tp,homeview/ed=1/dg=0/wt=2/ujg=1/rs=ABIkfdlksvE0qSgHYASe7inOfCwSU9ZwkA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
sffe /
Resource Hash
b2311af89b5396403dc39c2e2d42b22ea879447e6b04332f081997fcfdd3dc09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"124.0.6367.60"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://pay.google.com/
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.60", "Google Chrome";v="124.0.6367.60", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-wow64
?0
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 15:08:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/nbu-paisa-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1655
x-xss-protection
0
last-modified
Sun, 14 Apr 2024 07:49:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/nbu-paisa-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/nbu-paisa-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/nbu-paisa-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 18 Apr 2025 15:08:25 GMT
logo_googleg_color_1x_web_32dp.png
fonts.gstatic.com/s/i/productlogos/googleg/v2/web-32dp/ 		747 B
772 B 		Other
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/i/productlogos/googleg/v2/web-32dp/logo_googleg_color_1x_web_32dp.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
c254ce89978a0e088176f928f20d2873135fbefddc70f5a383cac7743bf4c1e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"124.0.6367.60"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://pay.google.com/
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.60", "Google Chrome";v="124.0.6367.60", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-wow64
?0
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 21:22:22 GMT
x-content-type-options
nosniff
age
495963
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
747
x-xss-protection
0
last-modified
Wed, 06 May 2020 11:04:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 12 Apr 2025 21:22:22 GMT
browserinfo
pay.google.com/spot/_/GPayMicroappsLandingPageUi/ 		92 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/spot/_/GPayMicroappsLandingPageUi/browserinfo?f.sid=93639358789721098&bl=boq_nbu-paisa-microapps-web_20240415.09_p1&hl=de&soc-app=1&soc-platform=1&soc-device=1&_reqid=61708&rt=j
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-nbu-paisa/_/js/k=boq-nbu-paisa.GPayMicroappsLandingPageUi.de.iqdtosU9tqw.es5.O/am=gEFnAQ/d=1/excm=_b,_tp,homeview/ed=1/dg=0/wt=2/ujg=1/rs=ABIkfdlksvE0qSgHYASe7inOfCwSU9ZwkA/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
abd29b556014a99ad02985b32662eac94eb945ffda9a2c84845e94bc4d2b300e
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /spot/_/GPayMicroappsLandingPageUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-Same-Domain
1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
Content-Type
application/x-www-form-urlencoded;charset=UTF-8
sec-ch-ua-full-version
"124.0.6367.60"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://pay.google.com/
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.60", "Google Chrome";v="124.0.6367.60", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-wow64
?0
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 15:08:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /spot/_/GPayMicroappsLandingPageUi/cspreport
content-encoding
gzip
cross-origin-resource-policy
same-site
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| WIZ_global_data number| cc_latency_start_time function| onaft function| _isLazyImage string| cc_aid number| iml_start number| css_size object| cc_latency function| ccTick function| onJsLoad function| onCssLoad function| _isVisible function| _recordImlEl number| prt function| wiz_tick string| _F_cssRowKey string| _F_combinedSignature function| _DumpException object| BOQ_wizbind object| AF_initDataKeys object| AF_dataServiceRequests object| AF_initDataChunkQueue function| AF_initDataCallback undefined| AF_initDataInitializeCallback object| aft_counter function| initAft object| IJ_values object| _wjdd object| default_GPayMicroappsLandingPageUi object| _F_toggles boolean| BOQ_loadedInitialJS function| _F_installCss function| _B_err object| closure_lm_129689 function| wiz_progress function| _F_getIjData object| _mxNDff number| closure_uid_220114132 boolean| ly11Pc

2 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 513=Fczlu2WSGuT93PeODExFhUv0AZELRQbvv5zeGsX4yps9dGD45vS63zuk_xOgljAiRBdRXG67YryxytXQzZs4tPKOCIc94iIMdrSvUqdReFpKiItQiqKPkg5CagAJ3B0Z7TT6re1pDVcRIHF-vjWppcI5r2WTIFquvW0T7m09nps
pay.google.com/ Name: OTZ
Value: 7519148_48_52_123900_48_436380

1 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /spot/_/GPayMicroappsLandingPageUi/cspreport script-src 'report-sample' 'nonce-th-14S9rPAkMIIOx2a0BtQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /spot/_/GPayMicroappsLandingPageUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /spot/_/GPayMicroappsLandingPageUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
gpay.app.goo.gl
gpayproxy-pa.googleapis.com
lh3.googleusercontent.com
pay.google.com
play.google.com
www.gstatic.com
142.250.184.195
142.250.185.131
142.250.186.78
2a00:1450:4001:803::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2001
2a00:1450:4001:811::200e
2a00:1450:4001:81d::2003
2a00:1450:4001:82a::200a
2a00:1450:400c:c07::5c
0c7823712ee513f750b3811b4d51cc526541151a23ec13b6cb58afb4db2288f9
16dcd61a62de5c39f8f953276ff870cb5ee69883be4287b8bbf95ef7b5db7f11
1727f8ef6bc63a8ce40c7b86ca93fa109c1fbec41d51dba2adc80797d7458984
1daae00e463155d9492afa1f7eee16fa24ae8840154ed3ff55991f215a5b6e2a
3b1fb6df768ab896d45247ed3b983621bf798fa46551d5cb00cbd270b1b1b6c5
3bf943e4b3f12df81deff027ce7824fff2ca79a806d372628bdc0139d2d8d6ed
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
52958852a18c9b58ebed2f4eb0cb098581ba8ccc0dc301daae344ca4900ce9a4
6309b0265edb8a409b1a120036a651230824b326e26a5f24eca1b9f544e2a42f
64a6f8ef7c831f0c507e2ee1c40a665c62e5e093b874003648716bd854695983
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6661414fee3e869c9dd1fb50649830a44f07ae4c8f6d060edb79596587cc0322
77e785b5a39769da9658c54ae0cd4969b420af765471fc33279cbea0b4ae22b4
83bccce794839bed0d71833d77c423350beb23adf146b8a8f8890ccc05b5e7bc
96011587f82437a391834b0f91ff9ed710b4aef4f466284e112cbb0aaf352814
abd29b556014a99ad02985b32662eac94eb945ffda9a2c84845e94bc4d2b300e
b2311af89b5396403dc39c2e2d42b22ea879447e6b04332f081997fcfdd3dc09
b2cecd2aaa4caccacc0f6ef3f8e3d577c5db7313c359973c69da318b6c1cec0c
c254ce89978a0e088176f928f20d2873135fbefddc70f5a383cac7743bf4c1e4
c3a9b7839f45fc409b15b9004f8b4c0b3674e93758faef4c8d26cdc19cb54f78
eca8ffa764a66cd084800e2e71c4176ef089ebd805515664a6cb8d4fb3b598bf