urlscan.io logo urlscan.io
SecurityTrails logo

pay.witblox.com Open in urlscan Pro
2606:4700:3034::6815:b55  Public Scan

Go To Rescan Add Verdict Report
URL: https://pay.witblox.com/
Submission Tags: phishingrod
Submission: On May 09 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 9 domains to perform 24 HTTP transactions. The main IP is 2606:4700:3034::6815:b55, located in United States and belongs to CLOUDFLARENET, US. The main domain is pay.witblox.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 2nd 2022. Valid for: a year.
This is the only time pay.witblox.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

4    2606:4700:3034::6815:b55 (United States)

ASN13335 (CLOUDFLARENET, US)
pay.witblox.com
1    2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
4    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    3.7.210.71 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-7-210-71.ap-south-1.compute.amazonaws.com
checkout.razorpay.com
2    15.207.172.234 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-207-172-234.ap-south-1.compute.amazonaws.com
api.razorpay.com
2    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
firebase.googleapis.com
2    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
firebaseinstallations.googleapis.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    13.224.189.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-32.fra2.r.cloudfront.net
checkout-static-next.razorpay.com
1    2a04:4e42:400::729 (United States)

ASN54113 (FASTLY, US)
browser.sentry-cdn.com
1    34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o515678.ingest.sentry.io
Apex Domain
Subdomains		 Transfer
6 razorpay.com
checkout.razorpay.com — Cisco Umbrella Rank: 114488
api.razorpay.com — Cisco Umbrella Rank: 113904
checkout-static-next.razorpay.com — Cisco Umbrella Rank: 136113
749 KB
5 googleapis.com
firebase.googleapis.com — Cisco Umbrella Rank: 5985
firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 562
fonts.googleapis.com — Cisco Umbrella Rank: 37
2 KB
4 gstatic.com
www.gstatic.com
106 KB
4 witblox.com
pay.witblox.com
8 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
107 KB
1 sentry.io
o515678.ingest.sentry.io — Cisco Umbrella Rank: 131295
301 B
1 sentry-cdn.com
browser.sentry-cdn.com — Cisco Umbrella Rank: 3995
19 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2587
254 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 346
29 KB
24 9
Domain Requested by
4 www.gstatic.com pay.witblox.com
4 pay.witblox.com pay.witblox.com
3 checkout-static-next.razorpay.com api.razorpay.com
2 firebaseinstallations.googleapis.com www.gstatic.com
2 firebase.googleapis.com www.gstatic.com
2 www.googletagmanager.com www.gstatic.com
www.googletagmanager.com
2 api.razorpay.com 1 redirects checkout.razorpay.com
1 o515678.ingest.sentry.io browser.sentry-cdn.com
1 browser.sentry-cdn.com checkout-static-next.razorpay.com
1 fonts.googleapis.com api.razorpay.com
1 region1.google-analytics.com www.googletagmanager.com
1 checkout.razorpay.com pay.witblox.com
1 cdn.jsdelivr.net pay.witblox.com
24 13

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-07-02 -
2023-07-02		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
*.razorpay.com
Amazon RSA 2048 M02		 2023-02-08 -
2024-02-09		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-09-28 -
2023-10-30		 a year crt.sh
ingest.sentry.io
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-28 -
2023-08-28		 a year crt.sh

This page contains 2 frames:

Primary Page: https://pay.witblox.com/
Frame ID: 4D877173E53367A583BD837975CA6BE5
Requests: 15 HTTP requests in this frame

Frame: https://api.razorpay.com/v1/checkout/public?traffic_env=production&build=7183175a207677a79a62134bc5ed7b534541ac7c&modern=1&session_token=AE167B9F2501F13E634261811200097A8063AA57335028A87280B9468B6C72717EAB0C9848BB34191F91F0F6EC9C6E6AC5B254CED422474404ED1E61D3C58F16FA4B41E7B25883D12C4E5DD4837D1BC75EE20934627C234A2238699305DB3B99F6417C7A23FC66963F3F0E8B09CBB584938C0A817E8BEA9C8D0FA20D821B93278C47869E7FB2A398654EBC10837F625DC1E006
Frame ID: 5736268F3DC8FB000FCDAFD34011C24C
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Pay for WitBlox Order

Detected technologies

Overall confidence: 100%
Detected patterns
  • browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • <link[^>]+?href="[^"]+bulma(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

24
Requests

100 %
HTTPS

69 %
IPv6

9
Domains

13
Subdomains

13
IPs

3
Countries

1019 kB
Transfer

4182 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://api.razorpay.com/v1/checkout/public?traffic_env=production&build=7183175a207677a79a62134bc5ed7b534541ac7c&modern=1 HTTP 302
  • https://api.razorpay.com/v1/checkout/public?traffic_env=production&build=7183175a207677a79a62134bc5ed7b534541ac7c&modern=1&session_token=AE167B9F2501F13E634261811200097A8063AA57335028A87280B9468B6C72717EAB0C9848BB34191F91F0F6EC9C6E6AC5B254CED422474404ED1E61D3C58F16FA4B41E7B25883D12C4E5DD4837D1BC75EE20934627C234A2238699305DB3B99F6417C7A23FC66963F3F0E8B09CBB584938C0A817E8BEA9C8D0FA20D821B93278C47869E7FB2A398654EBC10837F625DC1E006

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
pay.witblox.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.witblox.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:b55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4f3113ebd391a52c85e0018476242d8179c5994d0607ff1eb9fd392e298eeff
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=3600
cf-cache-status
DYNAMIC
cf-ray
7c46fa143b77693a-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 09 May 2023 03:50:11 GMT
last-modified
Wed, 22 Feb 2023 13:15:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xt8qfnzYpqzqoxW2wPCMSa%2BGpEfioxKnxeCT8I8xjx5haEDjP%2F28BkfQuXohPFuM2MVpbUFK%2B%2FYyYkPQ2PtboVnorX2irVewv3q8%2BZt7NZVxb1MqVt6r75kBOBXVPCKCEmflFfshtFqhNk39cfQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31556926
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
x-cache-hits
1
x-served-by
cache-fra-eddf8230055-FRA
x-timer
S1683604212.898011,VS0,VE1
bulma.min.css
cdn.jsdelivr.net/npm/bulma@0.9.1/css/ 		199 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bulma@0.9.1/css/bulma.min.css
Requested by
Host: pay.witblox.com
URL: https://pay.witblox.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
58b28659220961ead137cb5b346b5759562750ce703094d70fc786e0db467033
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.witblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 09 May 2023 03:50:12 GMT
x-content-type-options
nosniff
content-encoding
br
age
1129947
x-jsd-version
0.9.1
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
29360
x-served-by
cache-fra-eddf8230118-FRA
x-jsd-version-type
version
etag
W/"31cfe-cxAuaoAAu03IvCnGZXCIyxkHKC0"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
index.css
pay.witblox.com/ 		116 B
497 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pay.witblox.com/index.css
Requested by
Host: pay.witblox.com
URL: https://pay.witblox.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:b55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cb4e7a975684c115a33615b9d446d7b75d197cf69174e959f1fe77784c22a7a
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.witblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 09 May 2023 03:50:11 GMT
strict-transport-security
max-age=31556926
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230084-FRA
last-modified
Wed, 22 Feb 2023 13:15:00 GMT
server
cloudflare
x-timer
S1683604212.953339,VS0,VE1
etag
W/"30b5e21e983829d0d40b0dd1b882afb56a364c14bc3e5c54167117d4231a7bc9"
vary
x-fh-requested-host, accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fcnORXoMDfInhoqzHLXijbvV9PodcxcB5OFY%2BgNJz0QL%2F1iFyagus4IC630xqNBPjNmem2AiF8NVvKloCKiWS0NFVJjb7gWCN2IGY314vQwm62X6y4YoU38Uag%2FIobQwNqZ8s1of358tliavWyo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=14400
cf-ray
7c46fa149bb5693a-FRA
x-cache-hits
1
rocket-loader.min.js
pay.witblox.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.witblox.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: pay.witblox.com
URL: https://pay.witblox.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:b55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.witblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 09 May 2023 03:50:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 28 Apr 2023 14:11:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"644bd41c-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gj2xxtD5Jesu0BYVonxGZuxgXJuuEb2de6444RRXK4ThcfxzhedyHAC3GXE9J6dcEGnIFLEF23RFqYkByLemE5pw%2FHC%2Bje%2FopXobsfZ8NxljeuBDEkPUovgQRfjXF6svEaOrtHjf%2BeTlVd%2BbQoc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7c46fa149bb7693a-FRA
expires
Thu, 11 May 2023 03:50:11 GMT
index.js
pay.witblox.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.witblox.com/index.js
Requested by
Host: pay.witblox.com
URL: https://pay.witblox.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:b55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da99281f583a308effc1339d7938a4451c7c2ec6946f7e8dd42dfd8aa7d7983c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.witblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 09 May 2023 03:50:12 GMT
strict-transport-security
max-age=31556926
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230028-FRA
last-modified
Wed, 22 Feb 2023 13:15:00 GMT
server
cloudflare
x-timer
S1683604212.083953,VS0,VE1
etag
W/"05a2bfd1a65f6e3ff3048d93671c4c60338d85a9744f5cdc0a4c6c4c3827bdd1"
vary
x-fh-requested-host, accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fZELFOyNW%2F5NMH2ohsDACbV24qPgrU38tSsKFy4JlxVm5RBro8ENUfPdCqslxyZiHxtTQ70pJB2InjkSxBzUpNZrHagci2LGIEyIh%2BT3dAkYVJd6Addm%2FEs3Sl9WbcdnN1LkhrYYjTwOLJdus00%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
7c46fa156b64928f-FRA
x-cache-hits
1
firebase-analytics.js
www.gstatic.com/firebasejs/8.2.3/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/8.2.3/firebase-analytics.js
Requested by
Host: pay.witblox.com
URL: https://pay.witblox.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2148022def76b9fb894dda29d0fe31651e0492d59a87b3de6fad4ec69ae0a9be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.witblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 15:52:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
215862
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10765
x-xss-protection
0
last-modified
Thu, 14 Jan 2021 23:25:56 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 05 May 2024 15:52:30 GMT
checkout.js
checkout.razorpay.com/v1/ 		224 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://checkout.razorpay.com/v1/checkout.js
Requested by
Host: pay.witblox.com
URL: https://pay.witblox.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.7.210.71 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-7-210-71.ap-south-1.compute.amazonaws.com
Software
/
Resource Hash
f744fc07c2839f89fafe15979ec8984342e16ff0f7d10f5bdc78873b66c3c3ef
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.witblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Tue, 09 May 2023 03:50:12 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=315360000; includeSubDomains
Last-Modified
Mon, 08 May 2023 07:34:11 GMT
Age
551
X-Cache-
HIT
Etag
W/"0d01696e12410315edd420a6ca2557e1"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=120
Connection
keep-alive
X-Xss-Protection
1; mode=block
firebase-functions.js
www.gstatic.com/firebasejs/8.2.3/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/8.2.3/firebase-functions.js
Requested by
Host: pay.witblox.com
URL: https://pay.witblox.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e5d4c46e7b13cb5f362940a09150193d81d150b7d9d7a5b3a0d70a6a943552a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.witblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 11:49:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
316825
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3804
x-xss-protection
0
last-modified
Thu, 14 Jan 2021 23:25:58 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 04 May 2024 11:49:47 GMT
firebase-firestore.js
www.gstatic.com/firebasejs/8.2.3/ 		296 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/8.2.3/firebase-firestore.js
Requested by
Host: pay.witblox.com
URL: https://pay.witblox.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9b1f58463d3b6c3fe1919ce1ab9b6d80832faa85e5becfa29ce10521ac7847f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.witblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 11:49:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
316828
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86874
x-xss-protection
0
last-modified
Thu, 14 Jan 2021 23:25:57 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 04 May 2024 11:49:44 GMT
firebase-app.js
www.gstatic.com/firebasejs/8.2.3/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/8.2.3/firebase-app.js
Requested by
Host: pay.witblox.com
URL: https://pay.witblox.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a9322fb0608b60a52f443cd1f045ce05b41ec233330dd1c46dde25befe72f36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.witblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 11:49:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
316828
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6547
x-xss-protection
0
last-modified
Thu, 14 Jan 2021 23:25:56 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 04 May 2024 11:49:44 GMT
public
api.razorpay.com/v1/checkout/ Frame 5736
Redirect Chain
  • https://api.razorpay.com/v1/checkout/public?traffic_env=production&build=7183175a207677a79a62134bc5ed7b534541ac7c&modern=1
  • https://api.razorpay.com/v1/checkout/public?traffic_env=production&build=7183175a207677a79a62134bc5ed7b534541ac7c&modern=1&session_token=AE167B9F2501F13E634261811200097A8063AA57335028A87280B9468B6C...
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api.razorpay.com/v1/checkout/public?traffic_env=production&build=7183175a207677a79a62134bc5ed7b534541ac7c&modern=1&session_token=AE167B9F2501F13E634261811200097A8063AA57335028A87280B9468B6C72717EAB0C9848BB34191F91F0F6EC9C6E6AC5B254CED422474404ED1E61D3C58F16FA4B41E7B25883D12C4E5DD4837D1BC75EE20934627C234A2238699305DB3B99F6417C7A23FC66963F3F0E8B09CBB584938C0A817E8BEA9C8D0FA20D821B93278C47869E7FB2A398654EBC10837F625DC1E006
Requested by
Host: checkout.razorpay.com
URL: https://checkout.razorpay.com/v1/checkout.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.207.172.234 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-207-172-234.ap-south-1.compute.amazonaws.com
Software
/
Resource Hash
1cb1fcddce6596a059156bc0bb308fe83aaf929505e81059557e23a23c519e30
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pay.witblox.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=60
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Tue, 09 May 2023 03:50:14 GMT
Strict-Transport-Security
max-age=315360000; includeSubDomains
Transfer-Encoding
chunked
Via
rws
X-Xss-Protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
110
Content-Type
text/html
Date
Tue, 09 May 2023 03:50:14 GMT
Location
https://api.razorpay.com/v1/checkout/public?traffic_env=production&build=7183175a207677a79a62134bc5ed7b534541ac7c&modern=1&session_token=AE167B9F2501F13E634261811200097A8063AA57335028A87280B9468B6C72717EAB0C9848BB34191F91F0F6EC9C6E6AC5B254CED422474404ED1E61D3C58F16FA4B41E7B25883D12C4E5DD4837D1BC75EE20934627C234A2238699305DB3B99F6417C7A23FC66963F3F0E8B09CBB584938C0A817E8BEA9C8D0FA20D821B93278C47869E7FB2A398654EBC10837F625DC1E006
Strict-Transport-Security
max-age=315360000; includeSubDomains
Via
rws
X-Xss-Protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		99 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?l=dataLayer
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/8.2.3/firebase-analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a1b5cafc15b9e593e29795026e415c298ae280a8fe1918b67e23d848a379b4b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.witblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 09 May 2023 03:50:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39479
x-xss-protection
0
last-modified
Tue, 09 May 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 09 May 2023 03:50:13 GMT
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:532604685774:web:a895ff5bd01df136edaf9f/ 		350 B
426 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebase.googleapis.com/v1alpha/projects/-/apps/1:532604685774:web:a895ff5bd01df136edaf9f/webConfig
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/8.2.3/firebase-analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
507ea73c17a82ca3545cc8d4614cdd1767caca6f02a14ce85345e27f1258c518
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept
application/json
Referer
https://pay.witblox.com/
x-goog-api-key
AIzaSyCQOZ2Re2ytVpz7KiKhqrQcV3GNG9r8pZk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 09 May 2023 03:50:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://pay.witblox.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
236
x-xss-protection
0
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:532604685774:web:a895ff5bd01df136edaf9f/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebase.googleapis.com/v1alpha/projects/-/apps/1:532604685774:web:a895ff5bd01df136edaf9f/webConfig
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-api-key
Access-Control-Request-Method
GET
Origin
https://pay.witblox.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-headers
x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://pay.witblox.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Tue, 09 May 2023 03:50:13 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
installations
firebaseinstallations.googleapis.com/v1/projects/witblox-5ae68/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/witblox-5ae68/installations
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key
Access-Control-Request-Method
POST
Origin
https://pay.witblox.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://pay.witblox.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Tue, 09 May 2023 03:50:13 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
installations
firebaseinstallations.googleapis.com/v1/projects/witblox-5ae68/ 		624 B
680 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/witblox-5ae68/installations
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/8.2.3/firebase-analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
40ebf9f294a94a23a15b97189fe2fc0053c687f762839ad6250f6a9a987bbfaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept
application/json
Referer
https://pay.witblox.com/
x-goog-api-key
AIzaSyCQOZ2Re2ytVpz7KiKhqrQcV3GNG9r8pZk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
content-type
application/json

Response headers

date
Tue, 09 May 2023 03:50:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://pay.witblox.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
490
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		184 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YKYYG1KZKB&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e747a46afbcbeadde3c3a3df0d46774f9126f8a0092ff2959bd846255ae2a6b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.witblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 09 May 2023 03:50:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
69281
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 09 May 2023 03:50:14 GMT
collect
region1.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-YKYYG1KZKB&gtm=45je3530&_p=1737556636&_fid=e33wEh-kl1KhQ43jSnPMgc&cid=1787722309.1683604214&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1683604214&sct=1&seg=0&dl=https%3A%2F%2Fpay.witblox.com%2F&dt=Pay%20for%20WitBlox%20Order&en=page_view&_fv=1&_nsi=1&_ss=2&_ee=1&ep.origin=firebase
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YKYYG1KZKB&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.witblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 03:50:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pay.witblox.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css2
fonts.googleapis.com/ Frame 5736 		16 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@200;300;400;500;600;700;800&display=swap
Requested by
Host: api.razorpay.com
URL: https://api.razorpay.com/v1/checkout/public?traffic_env=production&build=7183175a207677a79a62134bc5ed7b534541ac7c&modern=1&session_token=AE167B9F2501F13E634261811200097A8063AA57335028A87280B9468B6C72717EAB0C9848BB34191F91F0F6EC9C6E6AC5B254CED422474404ED1E61D3C58F16FA4B41E7B25883D12C4E5DD4837D1BC75EE20934627C234A2238699305DB3B99F6417C7A23FC66963F3F0E8B09CBB584938C0A817E8BEA9C8D0FA20D821B93278C47869E7FB2A398654EBC10837F625DC1E006
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
530687d16a091463212e4d379efa2ee9decac3a8fe6b8b53c43ee1e76d6a7704
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.razorpay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 09 May 2023 03:50:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 09 May 2023 02:46:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 09 May 2023 03:50:14 GMT
checkout-frame-standard-lite.js
checkout-static-next.razorpay.com/build/7183175a207677a79a62134bc5ed7b534541ac7c/ Frame 5736 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://checkout-static-next.razorpay.com/build/7183175a207677a79a62134bc5ed7b534541ac7c/checkout-frame-standard-lite.js
Requested by
Host: api.razorpay.com
URL: https://api.razorpay.com/v1/checkout/public?traffic_env=production&build=7183175a207677a79a62134bc5ed7b534541ac7c&modern=1&session_token=AE167B9F2501F13E634261811200097A8063AA57335028A87280B9468B6C72717EAB0C9848BB34191F91F0F6EC9C6E6AC5B254CED422474404ED1E61D3C58F16FA4B41E7B25883D12C4E5DD4837D1BC75EE20934627C234A2238699305DB3B99F6417C7A23FC66963F3F0E8B09CBB584938C0A817E8BEA9C8D0FA20D821B93278C47869E7FB2A398654EBC10837F625DC1E006
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-32.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f9f04fc798f08ee0016cfa0ab83b4c16bc7928edbc8dda08b88d31d38ef17234

Request headers

Referer
https://api.razorpay.com/
Origin
https://api.razorpay.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 07:34:30 GMT
content-encoding
br
via
1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
72945
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 08 May 2023 06:29:23 GMT
server
AmazonS3
etag
W/"75ca92fdf01c0870ebe5a45ee3d79840"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding,Origin
x-amz-cf-id
K8GfK-JSn5ByM5Qtlr3v73xzf40EOG8zxHnI_EQUo82fNZWSxCB3AQ==
checkout.css
checkout-static-next.razorpay.com/build/7183175a207677a79a62134bc5ed7b534541ac7c/css/ Frame 5736 		943 KB
128 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://checkout-static-next.razorpay.com/build/7183175a207677a79a62134bc5ed7b534541ac7c/css/checkout.css
Requested by
Host: api.razorpay.com
URL: https://api.razorpay.com/v1/checkout/public?traffic_env=production&build=7183175a207677a79a62134bc5ed7b534541ac7c&modern=1&session_token=AE167B9F2501F13E634261811200097A8063AA57335028A87280B9468B6C72717EAB0C9848BB34191F91F0F6EC9C6E6AC5B254CED422474404ED1E61D3C58F16FA4B41E7B25883D12C4E5DD4837D1BC75EE20934627C234A2238699305DB3B99F6417C7A23FC66963F3F0E8B09CBB584938C0A817E8BEA9C8D0FA20D821B93278C47869E7FB2A398654EBC10837F625DC1E006
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-32.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
74c86f501adc81193840318b1c73b15d75657e2f0d9d8b531443f7159d22520f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.razorpay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 07:34:25 GMT
content-encoding
br
via
1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
last-modified
Mon, 08 May 2023 06:29:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
72950
etag
W/"58c67070b1fd90f32394100b4ff9803c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public,max-age=31536000,immutable
x-amz-cf-id
sqJRyl8d1sYl2bZgIB0KWW_3nQGlDSnsFbmnb9wR6U9vG8MMZFx8qg==
checkout-frame.modern.js
checkout-static-next.razorpay.com/build/7183175a207677a79a62134bc5ed7b534541ac7c/ Frame 5736 		2 MB
540 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://checkout-static-next.razorpay.com/build/7183175a207677a79a62134bc5ed7b534541ac7c/checkout-frame.modern.js
Requested by
Host: api.razorpay.com
URL: https://api.razorpay.com/v1/checkout/public?traffic_env=production&build=7183175a207677a79a62134bc5ed7b534541ac7c&modern=1&session_token=AE167B9F2501F13E634261811200097A8063AA57335028A87280B9468B6C72717EAB0C9848BB34191F91F0F6EC9C6E6AC5B254CED422474404ED1E61D3C58F16FA4B41E7B25883D12C4E5DD4837D1BC75EE20934627C234A2238699305DB3B99F6417C7A23FC66963F3F0E8B09CBB584938C0A817E8BEA9C8D0FA20D821B93278C47869E7FB2A398654EBC10837F625DC1E006
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-32.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a04782e3e921d99acade9e43c37cffb7da3e43258b17881b728c2733edda9415

Request headers

Referer
https://api.razorpay.com/
Origin
https://api.razorpay.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 07:34:25 GMT
content-encoding
br
via
1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
72950
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 08 May 2023 06:29:23 GMT
server
AmazonS3
etag
W/"cf392da6127349eaa95a9caa613c8d48"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding,Origin
x-amz-cf-id
x2YXhfhvevmxucsfjS8m9Q3nvTgGxsagRnBH-9SHPXDl25HMhsg4kw==
bundle.min.js
browser.sentry-cdn.com/7.2.0/ Frame 5736 		54 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/7.2.0/bundle.min.js
Requested by
Host: checkout-static-next.razorpay.com
URL: https://checkout-static-next.razorpay.com/build/7183175a207677a79a62134bc5ed7b534541ac7c/checkout-frame.modern.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
7b21f9ff4a4240a7ae03f4e1aff607248d19a2c417a3fea8f1ea2574daf69dc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://api.razorpay.com/
Origin
https://api.razorpay.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 09 May 2023 03:50:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 17 Jun 2022 12:03:22 GMT
server
Fastly
age
3509573
etag
"1fb6086ecc88a89672d27ae09d5e022c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
18853
expires
Thu, 28 Mar 2024 12:57:21 GMT
/
o515678.ingest.sentry.io/api/4503925471707136/envelope/ Frame 5736 		2 B
301 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o515678.ingest.sentry.io/api/4503925471707136/envelope/?sentry_key=faa87b9121f2449cb849f27e4d737f35&sentry_version=7
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.2.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://api.razorpay.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 09 May 2023 03:50:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| __cfQR object| firebase object| regeneratorRuntime function| Razorpay boolean| __cfRLUnblockHandlers object| firebaseConfig object| db object| functions string| orderId object| dataLayer function| gtag object| google_tag_manager object| google_tag_data object| gaGlobal

2 Cookies

Domain/Path Name / Value
.witblox.com/ Name: _ga_YKYYG1KZKB
Value: GS1.1.1683604214.1.0.1683604214.0.0.0
.witblox.com/ Name: _ga
Value: GA1.1.1787722309.1683604214

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556926

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.razorpay.com
browser.sentry-cdn.com
cdn.jsdelivr.net
checkout-static-next.razorpay.com
checkout.razorpay.com
firebase.googleapis.com
firebaseinstallations.googleapis.com
fonts.googleapis.com
o515678.ingest.sentry.io
pay.witblox.com
region1.google-analytics.com
www.googletagmanager.com
www.gstatic.com
13.224.189.32
15.207.172.234
2001:4860:4802:32::36
2606:4700:3034::6815:b55
2a00:1450:4001:803::200a
2a00:1450:4001:813::2008
2a00:1450:4001:813::200a
2a00:1450:4001:827::200a
2a00:1450:4001:830::2003
2a04:4e42:400::485
2a04:4e42:400::729
3.7.210.71
34.120.195.249
1a9322fb0608b60a52f443cd1f045ce05b41ec233330dd1c46dde25befe72f36
1cb1fcddce6596a059156bc0bb308fe83aaf929505e81059557e23a23c519e30
2148022def76b9fb894dda29d0fe31651e0492d59a87b3de6fad4ec69ae0a9be
40ebf9f294a94a23a15b97189fe2fc0053c687f762839ad6250f6a9a987bbfaa
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
507ea73c17a82ca3545cc8d4614cdd1767caca6f02a14ce85345e27f1258c518
530687d16a091463212e4d379efa2ee9decac3a8fe6b8b53c43ee1e76d6a7704
58b28659220961ead137cb5b346b5759562750ce703094d70fc786e0db467033
74c86f501adc81193840318b1c73b15d75657e2f0d9d8b531443f7159d22520f
7b21f9ff4a4240a7ae03f4e1aff607248d19a2c417a3fea8f1ea2574daf69dc3
8cb4e7a975684c115a33615b9d446d7b75d197cf69174e959f1fe77784c22a7a
9e5d4c46e7b13cb5f362940a09150193d81d150b7d9d7a5b3a0d70a6a943552a
a04782e3e921d99acade9e43c37cffb7da3e43258b17881b728c2733edda9415
a1b5cafc15b9e593e29795026e415c298ae280a8fe1918b67e23d848a379b4b2
a4f3113ebd391a52c85e0018476242d8179c5994d0607ff1eb9fd392e298eeff
b9b1f58463d3b6c3fe1919ce1ab9b6d80832faa85e5becfa29ce10521ac7847f
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
da99281f583a308effc1339d7938a4451c7c2ec6946f7e8dd42dfd8aa7d7983c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e747a46afbcbeadde3c3a3df0d46774f9126f8a0092ff2959bd846255ae2a6b6
f744fc07c2839f89fafe15979ec8984342e16ff0f7d10f5bdc78873b66c3c3ef
f9f04fc798f08ee0016cfa0ab83b4c16bc7928edbc8dda08b88d31d38ef17234