accounts.paytm.com - urlscan.io

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 7 HTTP transactions. The main IP is 184.25.115.235, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is accounts.paytm.com.
TLS certificate: Issued by GeoTrust RSA CA 2018 on January 28th 2021. Valid for: a year.

This is the only time accounts.paytm.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a02:26f0:6c0... 2a02:26f0:6c00:2ac::26f8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	184.25.115.235 184.25.115.235	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba10	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
7	4

1 2a02:26f0:6c00:2ac::26f8 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

ap.p-y.tm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.25.115.235 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-115-235.deploy.static.akamaitechnologies.com

accounts.paytm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba10 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

webappsstatic.paytm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	paytm.com accounts.paytm.com webappsstatic.paytm.com	69 KB
1	googleapis.com fonts.googleapis.com	691 B
1	p-y.tm 1 redirects ap.p-y.tm	241 B
7	3

	Domain	Requested by
3	accounts.paytm.com	accounts.paytm.com
1	fonts.googleapis.com	accounts.paytm.com
1	webappsstatic.paytm.com	accounts.paytm.com
1	ap.p-y.tm	1 redirects
7	4

This site contains no links.

Subject Issuer	Validity	Valid
secure.paytm.com GeoTrust RSA CA 2018	`2021-01-28` - `2022-02-28`	a year	crt.sh
testcdn.paytm.com R3	`2021-05-18` - `2021-08-16`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-28` - `2021-09-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://accounts.paytm.com/report/fraud?code=644c19d6-b751-516b-802a-3315e6de916a
Frame ID: B215E2E22650E3FA16610B1BBD71FF55
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://ap.p-y.tm/doLi5F HTTP 302
https://accounts.paytm.com/report/fraud?code=644c19d6-b751-516b-802a-3315e6de916a Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

7
Requests

71 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

4
IPs

1
Countries

69 kB
Transfer

93 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ap.p-y.tm/doLi5F HTTP 302
https://accounts.paytm.com/report/fraud?code=644c19d6-b751-516b-802a-3315e6de916a Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request fraud Show response
accounts.paytm.com/report/
Redirect Chain

https://ap.p-y.tm/doLi5F
https://accounts.paytm.com/report/fraud?code=644c19d6-b751-516b-802a-3315e6de916a

3 KB
3 KB

488ms
405ms

Document
text/html

184.25.115.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.paytm.com/report/fraud?code=644c19d6-b751-516b-802a-3315e6de916a

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

184.25.115.235 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-25-115-235.deploy.static.akamaitechnologies.com

Software

Load Balancer /

Resource Hash

c15bcd5dc5dab05c44d8c57dbdd13c4e6bcf67e320985d00899169fabb89f79d

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' .paytm.com .google.com .hotjar.com cdn.ravenjs.com .youtube.com .gstatic.com .googleadservices.com .doubleclick.net u.heatmap.it cdn.trackjs.com .googletagmanager.com .googleapis.com https://www.google-analytics.com www.google-analytics.com cdnjs.cloudflare.com bintray.com .bintray.com assets.zendesk.com connect.facebook.net cdn.branch.io app.link bid.g cdn.ampproject.org dev.visualwebsiteoptimizer.com .insider.in .akamaihd.net https://js-agent.newrelic.com https://bam.nr-data.net https://seal.verisign.com blob:; frame-src 'self' .paytm.com .insider.in .youtube.com assets.zendesk.com .facebook.com .google.com .hotjar.com cdn.ravenjs.com s-static.ak.facebook.com tautt.zendesk.com .doubleclick.net; object-src 'self' .paytm.com; img-src 'self' data: .paytm.com .akamaihd.net https://www.google-analytics.com www.google-analytics.com .googletagmanager.com .google.co.in .google.com https://insurance-webappsstatic-staging.s3.ap-south-1.amazonaws.com .doubleclick.net .gstatic.com https://bam.nr-data.net; connect-src 'self' wss://.paytm.com https://.paytm.com https://www.google-analytics.com www.google-analytics.com .doubleclick.net *.akamaihd.net https://ajax.googleapis.com https://bam.nr-data.net; report-uri https://csp-report.mypaytm.com/reportcspviolations.php; report-to accounts-report-uri;
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: accounts.paytm.com
:scheme: https
:path: /report/fraud?code=644c19d6-b751-516b-802a-3315e6de916a
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html;charset=ISO-8859-1
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=300; includeSubDomains
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' *.paytm.com *.google.com *.hotjar.com cdn.ravenjs.com *.youtube.com *.gstatic.com *.googleadservices.com *.doubleclick.net u.heatmap.it cdn.trackjs.com *.googletagmanager.com *.googleapis.com https://www.google-analytics.com www.google-analytics.com cdnjs.cloudflare.com bintray.com *.bintray.com assets.zendesk.com connect.facebook.net cdn.branch.io app.link bid.g cdn.ampproject.org dev.visualwebsiteoptimizer.com *.insider.in *.akamaihd.net https://js-agent.newrelic.com https://bam.nr-data.net https://seal.verisign.com blob:; frame-src 'self' *.paytm.com *.insider.in *.youtube.com assets.zendesk.com *.facebook.com *.google.com *.hotjar.com cdn.ravenjs.com s-static.ak.facebook.com tautt.zendesk.com *.doubleclick.net; object-src 'self' *.paytm.com; img-src 'self' data: *.paytm.com *.akamaihd.net https://www.google-analytics.com www.google-analytics.com *.googletagmanager.com *.google.co.in *.google.com https://insurance-webappsstatic-staging.s3.ap-south-1.amazonaws.com *.doubleclick.net *.gstatic.com https://bam.nr-data.net; connect-src 'self' wss://*.paytm.com https://*.paytm.com https://www.google-analytics.com www.google-analytics.com *.doubleclick.net *.akamaihd.net https://ajax.googleapis.com https://bam.nr-data.net; report-uri https://csp-report.mypaytm.com/reportcspviolations.php; report-to accounts-report-uri;
report-to: { "group":"accounts-report-uri","max_age": 10886400, "endpoints": [{ "url": "https://csp-report.mypaytm.com/reportcspviolations.php" }]}
content-language: en-US
server: Load Balancer
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,X-CSRF-Token
content-encoding: gzip
content-length: 1458
vary: Accept-Encoding
date: Mon, 19 Jul 2021 21:16:10 GMT
set-cookie: JSESSIONID=0B8D37167AA4C9E3A706ACF96A2B9221;path=/;Secure;HttpOnly; SameSite=none
x-akamai-paytm-debug-origin: akamai-accounts-plus.paytm.com

Redirect headers

server: nginx
content-length: 0
location: https://accounts.paytm.com/report/fraud?code=644c19d6-b751-516b-802a-3315e6de916a
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,X-CSRF-Token
date: Mon, 19 Jul 2021 21:16:09 GMT

GET
H2 200 config-2.2.0.min.js Show response
webappsstatic.paytm.com/signalsdk-web/v1/ 57 KB
58 KB 55ms
15ms Script
application/javascript 2a02:26f0:6c00::210:ba10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://webappsstatic.paytm.com/signalsdk-web/v1/config-2.2.0.min.js
Requested by: Host: accounts.paytm.com
URL: https://accounts.paytm.com/report/fraud?code=644c19d6-b751-516b-802a-3315e6de916a
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 99c781060f3083f91ff18b26404f66c80f2d9fea607243a00d58c2146d0c7fee

Request headers

Referer: https://accounts.paytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: CTPeNRzCwPx_GBbzYKpjhD_vC1IzElAq
etag: "9e650e3008b5d6673a33fba3707c14be"
x-amz-request-id: NTTR5436QRV7T0Z0
cdn-origin-protocol: HTTP
akamai-mon-iucid-del: 1111230
x-forward-proto: http
content-length: 58368
x-amz-id-2: hmqO1OD7PWFbsfhBwi4PYeBLtv6AM3ssBf1KBrnCuusMPtwb1n6X1sYcPYLmGMRKUvyYwekrMcI=
last-modified: Tue, 30 Mar 2021 10:06:49 GMT
server: AmazonS3
date: Mon, 19 Jul 2021 21:16:10 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=84798
access-control-allow-credentials: true
access-control-allow-headers: *

GET
H3-29 200 css2
fonts.googleapis.com/ 7 KB
691 B 29ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&display=swap

Requested by

Host: accounts.paytm.com
URL: https://accounts.paytm.com/report/fraud?code=644c19d6-b751-516b-802a-3315e6de916a

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab4fcf5bb46fb4d81f740b652eabadcaf18e4c9c732e011bd5ca17183e3c6f95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accounts.paytm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 19 Jul 2021 19:49:42 GMT
server: ESF
date: Mon, 19 Jul 2021 21:16:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Jul 2021 21:16:10 GMT

GET 2.953c9d74_UI.chunk.css
accounts.paytm.com/pages/themesv2/react-modules/fraud-link/static/css/ 0
0

GET
H2 200 main.953c9d74_UI.chunk.css
accounts.paytm.com/pages/themesv2/react-modules/fraud-link/static/css/ 10 KB
3 KB 101ms
100ms Stylesheet
text/css 184.25.115.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.paytm.com/pages/themesv2/react-modules/fraud-link/static/css/main.953c9d74_UI.chunk.css

Requested by

Host: accounts.paytm.com
URL: https://accounts.paytm.com/report/fraud?code=644c19d6-b751-516b-802a-3315e6de916a

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

184.25.115.235 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-25-115-235.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

c5eed7d5728f4048b06cc5bfcd4ddc1a9e170d92d1f1377d0f50737fe9778963

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' .paytm.com .google.com .hotjar.com cdn.ravenjs.com .youtube.com .gstatic.com .googleadservices.com .doubleclick.net u.heatmap.it cdn.trackjs.com .googletagmanager.com .googleapis.com https://www.google-analytics.com www.google-analytics.com cdnjs.cloudflare.com bintray.com .bintray.com assets.zendesk.com connect.facebook.net cdn.branch.io app.link bid.g cdn.ampproject.org dev.visualwebsiteoptimizer.com .insider.in .akamaihd.net https://js-agent.newrelic.com https://bam.nr-data.net https://seal.verisign.com blob:; frame-src 'self' .paytm.com .insider.in .youtube.com assets.zendesk.com .facebook.com .google.com .hotjar.com cdn.ravenjs.com s-static.ak.facebook.com tautt.zendesk.com .doubleclick.net; object-src 'self' .paytm.com; img-src 'self' data: .paytm.com .akamaihd.net https://www.google-analytics.com www.google-analytics.com .googletagmanager.com .google.co.in .google.com https://insurance-webappsstatic-staging.s3.ap-south-1.amazonaws.com .doubleclick.net .gstatic.com https://bam.nr-data.net; connect-src 'self' wss://.paytm.com https://.paytm.com https://www.google-analytics.com www.google-analytics.com .doubleclick.net *.akamaihd.net https://ajax.googleapis.com https://bam.nr-data.net; report-uri https://csp-report.mypaytm.com/reportcspviolations.php; report-to accounts-report-uri;
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /pages/themesv2/react-modules/fraud-link/static/css/main.953c9d74_UI.chunk.css
pragma: no-cache
cookie: JSESSIONID=0B8D37167AA4C9E3A706ACF96A2B9221
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: accounts.paytm.com
referer: https://accounts.paytm.com/report/fraud?code=644c19d6-b751-516b-802a-3315e6de916a
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://accounts.paytm.com/report/fraud?code=644c19d6-b751-516b-802a-3315e6de916a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' *.paytm.com *.google.com *.hotjar.com cdn.ravenjs.com *.youtube.com *.gstatic.com *.googleadservices.com *.doubleclick.net u.heatmap.it cdn.trackjs.com *.googletagmanager.com *.googleapis.com https://www.google-analytics.com www.google-analytics.com cdnjs.cloudflare.com bintray.com *.bintray.com assets.zendesk.com connect.facebook.net cdn.branch.io app.link bid.g cdn.ampproject.org dev.visualwebsiteoptimizer.com *.insider.in *.akamaihd.net https://js-agent.newrelic.com https://bam.nr-data.net https://seal.verisign.com blob:; frame-src 'self' *.paytm.com *.insider.in *.youtube.com assets.zendesk.com *.facebook.com *.google.com *.hotjar.com cdn.ravenjs.com s-static.ak.facebook.com tautt.zendesk.com *.doubleclick.net; object-src 'self' *.paytm.com; img-src 'self' data: *.paytm.com *.akamaihd.net https://www.google-analytics.com www.google-analytics.com *.googletagmanager.com *.google.co.in *.google.com https://insurance-webappsstatic-staging.s3.ap-south-1.amazonaws.com *.doubleclick.net *.gstatic.com https://bam.nr-data.net; connect-src 'self' wss://*.paytm.com https://*.paytm.com https://www.google-analytics.com www.google-analytics.com *.doubleclick.net *.akamaihd.net https://ajax.googleapis.com https://bam.nr-data.net; report-uri https://csp-report.mypaytm.com/reportcspviolations.php; report-to accounts-report-uri;
content-encoding: br
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 1254
x-xss-protection: 1; mode=block
x-akamai-paytm-debug-origin: akamai-accounts-plus.paytm.com akamai-accounts-plus.paytm.com
last-modified: Mon, 12 Jul 2021 23:12:18 GMT
server: Akamai Resource Optimizer
x-frame-options: DENY
date: Mon, 19 Jul 2021 21:16:10 GMT
strict-transport-security: max-age=300; includeSubDomains
report-to: { "group":"accounts-report-uri","max_age": 10886400, "endpoints": [{ "url": "https://csp-report.mypaytm.com/reportcspviolations.php" }]}
content-type: text/css
etag: W/"10047-1623950240000"
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,X-CSRF-Token

GET 2.953c9d74_UI.chunk.js
accounts.paytm.com/pages/themesv2/react-modules/fraud-link/static/js/ 0
0

GET
H2 200 main.953c9d74_UI.chunk.js Show response
accounts.paytm.com/pages/themesv2/react-modules/fraud-link/static/js/ 16 KB
5 KB 112ms
111ms Script
application/javascript 184.25.115.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.paytm.com/pages/themesv2/react-modules/fraud-link/static/js/main.953c9d74_UI.chunk.js

Requested by

Host: accounts.paytm.com
URL: https://accounts.paytm.com/report/fraud?code=644c19d6-b751-516b-802a-3315e6de916a

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

184.25.115.235 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-25-115-235.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

255e07e0a4906b161f1bdd442c00d54265e05a0833dabb89eafdf12a4a0616d3

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' .paytm.com .google.com .hotjar.com cdn.ravenjs.com .youtube.com .gstatic.com .googleadservices.com .doubleclick.net u.heatmap.it cdn.trackjs.com .googletagmanager.com .googleapis.com https://www.google-analytics.com www.google-analytics.com cdnjs.cloudflare.com bintray.com .bintray.com assets.zendesk.com connect.facebook.net cdn.branch.io app.link bid.g cdn.ampproject.org dev.visualwebsiteoptimizer.com .insider.in .akamaihd.net https://js-agent.newrelic.com https://bam.nr-data.net https://seal.verisign.com blob:; frame-src 'self' .paytm.com .insider.in .youtube.com assets.zendesk.com .facebook.com .google.com .hotjar.com cdn.ravenjs.com s-static.ak.facebook.com tautt.zendesk.com .doubleclick.net; object-src 'self' .paytm.com; img-src 'self' data: .paytm.com .akamaihd.net https://www.google-analytics.com www.google-analytics.com .googletagmanager.com .google.co.in .google.com https://insurance-webappsstatic-staging.s3.ap-south-1.amazonaws.com .doubleclick.net .gstatic.com https://bam.nr-data.net; connect-src 'self' wss://.paytm.com https://.paytm.com https://www.google-analytics.com www.google-analytics.com .doubleclick.net *.akamaihd.net https://ajax.googleapis.com https://bam.nr-data.net; report-uri https://csp-report.mypaytm.com/reportcspviolations.php; report-to accounts-report-uri;
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /pages/themesv2/react-modules/fraud-link/static/js/main.953c9d74_UI.chunk.js
pragma: no-cache
cookie: JSESSIONID=0B8D37167AA4C9E3A706ACF96A2B9221
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: accounts.paytm.com
referer: https://accounts.paytm.com/report/fraud?code=644c19d6-b751-516b-802a-3315e6de916a
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://accounts.paytm.com/report/fraud?code=644c19d6-b751-516b-802a-3315e6de916a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' *.paytm.com *.google.com *.hotjar.com cdn.ravenjs.com *.youtube.com *.gstatic.com *.googleadservices.com *.doubleclick.net u.heatmap.it cdn.trackjs.com *.googletagmanager.com *.googleapis.com https://www.google-analytics.com www.google-analytics.com cdnjs.cloudflare.com bintray.com *.bintray.com assets.zendesk.com connect.facebook.net cdn.branch.io app.link bid.g cdn.ampproject.org dev.visualwebsiteoptimizer.com *.insider.in *.akamaihd.net https://js-agent.newrelic.com https://bam.nr-data.net https://seal.verisign.com blob:; frame-src 'self' *.paytm.com *.insider.in *.youtube.com assets.zendesk.com *.facebook.com *.google.com *.hotjar.com cdn.ravenjs.com s-static.ak.facebook.com tautt.zendesk.com *.doubleclick.net; object-src 'self' *.paytm.com; img-src 'self' data: *.paytm.com *.akamaihd.net https://www.google-analytics.com www.google-analytics.com *.googletagmanager.com *.google.co.in *.google.com https://insurance-webappsstatic-staging.s3.ap-south-1.amazonaws.com *.doubleclick.net *.gstatic.com https://bam.nr-data.net; connect-src 'self' wss://*.paytm.com https://*.paytm.com https://www.google-analytics.com www.google-analytics.com *.doubleclick.net *.akamaihd.net https://ajax.googleapis.com https://bam.nr-data.net; report-uri https://csp-report.mypaytm.com/reportcspviolations.php; report-to accounts-report-uri;
content-encoding: br
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 3763
x-xss-protection: 1; mode=block
x-akamai-paytm-debug-origin: akamai-accounts-plus.paytm.com akamai-accounts-plus.paytm.com
last-modified: Thu, 08 Jul 2021 00:58:19 GMT
server: Akamai Resource Optimizer
x-frame-options: DENY
date: Mon, 19 Jul 2021 21:16:10 GMT
strict-transport-security: max-age=300; includeSubDomains
report-to: { "group":"accounts-report-uri","max_age": 10886400, "endpoints": [{ "url": "https://csp-report.mypaytm.com/reportcspviolations.php" }]}
content-type: application/javascript
etag: W/"16702-1623950240000"
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,X-CSRF-Token

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: accounts.paytm.com
URL: https://accounts.paytm.com/pages/themesv2/react-modules/fraud-link/static/css/2.953c9d74_UI.chunk.css

Domain: accounts.paytm.com
URL: https://accounts.paytm.com/pages/themesv2/react-modules/fraud-link/static/js/2.953c9d74_UI.chunk.js

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://webappsstatic.paytm.com/signalsdk-web/v1/config-2.2.0.min.js(Line 2) Message: Bot Detected: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' .paytm.com .google.com .hotjar.com cdn.ravenjs.com .youtube.com .gstatic.com .googleadservices.com .doubleclick.net u.heatmap.it cdn.trackjs.com .googletagmanager.com .googleapis.com https://www.google-analytics.com www.google-analytics.com cdnjs.cloudflare.com bintray.com .bintray.com assets.zendesk.com connect.facebook.net cdn.branch.io app.link bid.g cdn.ampproject.org dev.visualwebsiteoptimizer.com .insider.in .akamaihd.net https://js-agent.newrelic.com https://bam.nr-data.net https://seal.verisign.com blob:; frame-src 'self' .paytm.com .insider.in .youtube.com assets.zendesk.com .facebook.com .google.com .hotjar.com cdn.ravenjs.com s-static.ak.facebook.com tautt.zendesk.com .doubleclick.net; object-src 'self' .paytm.com; img-src 'self' data: .paytm.com .akamaihd.net https://www.google-analytics.com www.google-analytics.com .googletagmanager.com .google.co.in .google.com https://insurance-webappsstatic-staging.s3.ap-south-1.amazonaws.com .doubleclick.net .gstatic.com https://bam.nr-data.net; connect-src 'self' wss://.paytm.com https://.paytm.com https://www.google-analytics.com www.google-analytics.com .doubleclick.net *.akamaihd.net https://ajax.googleapis.com https://bam.nr-data.net; report-uri https://csp-report.mypaytm.com/reportcspviolations.php; report-to accounts-report-uri;
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.paytm.com
ap.p-y.tm
fonts.googleapis.com
webappsstatic.paytm.com
accounts.paytm.com
184.25.115.235
2a00:1450:4001:831::200a
2a02:26f0:6c00:2ac::26f8
2a02:26f0:6c00::210:ba10
255e07e0a4906b161f1bdd442c00d54265e05a0833dabb89eafdf12a4a0616d3
99c781060f3083f91ff18b26404f66c80f2d9fea607243a00d58c2146d0c7fee
ab4fcf5bb46fb4d81f740b652eabadcaf18e4c9c732e011bd5ca17183e3c6f95
c15bcd5dc5dab05c44d8c57dbdd13c4e6bcf67e320985d00899169fabb89f79d
c5eed7d5728f4048b06cc5bfcd4ddc1a9e170d92d1f1377d0f50737fe9778963

accounts.paytm.com Open in urlscan Pro 184.25.115.235 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

7 Requests

71 %HTTPS

75 %IPv6

3 Domains

4 Subdomains

4 IPs

1 Countries

69 kBTransfer

93 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

accounts.paytm.com Open in urlscan Pro
184.25.115.235 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

71 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

4
IPs

1
Countries

69 kB
Transfer

93 kB
Size

0
Cookies

7 HTTP transactions
0 data transactions