urlscan.io logo urlscan.io
SecurityTrails logo

payments.google.com Open in urlscan Pro
2a00:1450:400c:c07::5c  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://notifications.google.com/g/p/ACnX6LZSROBwm0rVzL6oIevzxLbt7VdwUEB0EO2Ok3v_tMXeSKj7Zzcpcs93lZVw4fM9xuJVVxhZ3fnN7Mkl_N411AFF...
Effective URL: https://payments.google.com/payments/onlineclicktoaccept?hl=en-US&ocatk=AN-w8zAU7wULGhhTkUsCNx3QUCC4P7MAsB-rXNlo-pTe3MaAKWE8...
Submission: On December 05 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 8 HTTP transactions. The main IP is 2a00:1450:400c:c07::5c, located in Brussels, Belgium and belongs to GOOGLE, US. The main domain is payments.google.com. The Cisco Umbrella rank of the primary domain is 10849.
TLS certificate: Issued by GTS CA 1C3 on November 2nd 2022. Valid for: 3 months.
This is the only time payments.google.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains		 Transfer
6 gstatic.com
www.gstatic.com
409 KB
2 google.com
notifications.google.com — Cisco Umbrella Rank: 39504
payments.google.com — Cisco Umbrella Rank: 10849
6 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 51
892 B
8 3
Domain Requested by
6 www.gstatic.com payments.google.com
www.gstatic.com
1 fonts.googleapis.com payments.google.com
1 payments.google.com
1 notifications.google.com 1 redirects
8 4

This site contains links to these domains. Also see Links.

Domain
policies.google.com
support.google.com
Subject Issuer Validity Valid
*.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://payments.google.com/payments/onlineclicktoaccept?hl=en-US&ocatk=AN-w8zAU7wULGhhTkUsCNx3QUCC4P7MAsB-rXNlo-pTe3MaAKWE85ZoGNSZm1YT_bOP-kO3js_XwOWy9k_qihfCriGoBSVzf8bx-eekSyLs3iwY_XVidCw81LxzFjccNMsODe325PUCmGWeCLNNI0sg8O21HvnYHerxa4w5jz_MosXs9oLJJYnj-O8yiN3LOi8HzqQwHEF26A9uh693VYiGeq_GsxPBOICknvvemfLMu&style=:md
Frame ID: 7AE6F92D6807E91982453A7A1EBB24FE
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Online Click to Accept

Page URL History Show full URLs

  1. https://notifications.google.com/g/p/ACnX6LZSROBwm0rVzL6oIevzxLbt7VdwUEB0EO2Ok3v_tMXeSKj7Zzcpcs93lZVw4fM9xuJV... HTTP 302
    https://payments.google.com/payments/onlineclicktoaccept?hl=en-US&ocatk=AN-w8zAU7wULGhhTkUsCNx3QUCC4P7MA... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

8
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

415 kB
Transfer

1528 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://notifications.google.com/g/p/ACnX6LZSROBwm0rVzL6oIevzxLbt7VdwUEB0EO2Ok3v_tMXeSKj7Zzcpcs93lZVw4fM9xuJVVxhZ3fnN7Mkl_N411AFF1fKDMF83oOEM_HaYFkO6u4tbvCU3qskHLyYln6_MBpFns3Z73vTdDis-KJ46SZGdoEDCMpdhh3vNGVeJ7428dju5CXHfiS6xClluk6i_xMrulsmMb07n_5vd6VGqMtwPmjhuw28xxXx5jG2MICc2HjrDmuhTaeEoH8LGXoWNJT4aF6gI1QauITYBCml7lM_Hhr61ZVF7CvJNpYPw4r_Nbs8ljah8dIr57o-ze2_G-ZQTBKtA9IkLQ1UASU7d3GvHa0N6pCGxJfsgjxrFMSVV49dUyp6dX60dUemiAq_Ve43fesS5xvjjk4shGkiuLz0nlN5NkUG-t081dXPRooU5sQ90h-admPCE26L4Kq1jqDPkfbah1Lcx94v0w4tKuuKBvkFMGS6e5OO5MK4 HTTP 302
    https://payments.google.com/payments/onlineclicktoaccept?hl=en-US&ocatk=AN-w8zAU7wULGhhTkUsCNx3QUCC4P7MAsB-rXNlo-pTe3MaAKWE85ZoGNSZm1YT_bOP-kO3js_XwOWy9k_qihfCriGoBSVzf8bx-eekSyLs3iwY_XVidCw81LxzFjccNMsODe325PUCmGWeCLNNI0sg8O21HvnYHerxa4w5jz_MosXs9oLJJYnj-O8yiN3LOi8HzqQwHEF26A9uh693VYiGeq_GsxPBOICknvvemfLMu&style=:md Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request onlineclicktoaccept
payments.google.com/payments/
Redirect Chain
  • https://notifications.google.com/g/p/ACnX6LZSROBwm0rVzL6oIevzxLbt7VdwUEB0EO2Ok3v_tMXeSKj7Zzcpcs93lZVw4fM9xuJVVxhZ3fnN7Mkl_N411AFF1fKDMF83oOEM_HaYFkO6u4tbvCU3qskHLyYln6_MBpFns3Z73vTdDis-KJ46SZGdoEDC...
  • https://payments.google.com/payments/onlineclicktoaccept?hl=en-US&ocatk=AN-w8zAU7wULGhhTkUsCNx3QUCC4P7MAsB-rXNlo-pTe3MaAKWE85ZoGNSZm1YT_bOP-kO3js_XwOWy9k_qihfCriGoBSVzf8bx-eekSyLs3iwY_XVidCw81LxzFj...
27 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://payments.google.com/payments/onlineclicktoaccept?hl=en-US&ocatk=AN-w8zAU7wULGhhTkUsCNx3QUCC4P7MAsB-rXNlo-pTe3MaAKWE85ZoGNSZm1YT_bOP-kO3js_XwOWy9k_qihfCriGoBSVzf8bx-eekSyLs3iwY_XVidCw81LxzFjccNMsODe325PUCmGWeCLNNI0sg8O21HvnYHerxa4w5jz_MosXs9oLJJYnj-O8yiN3LOi8HzqQwHEF26A9uh693VYiGeq_GsxPBOICknvvemfLMu&style=:md
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a8b14df0c1b0882a4deec5942d9a4a7392c6ed845f1aecc5f3e6074f99519bdc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' base-uri 'self';object-src clients2.google.com/gr/GrDataFetcher.swf;report-uri /payments/cspreport;script-src 'report-sample' 'nonce-DuTVPoSUGKbNFLj2u3hN5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
frame-ancestors 'self' base-uri 'self';object-src clients2.google.com/gr/GrDataFetcher.swf;report-uri /payments/cspreport;script-src 'report-sample' 'nonce-DuTVPoSUGKbNFLj2u3hN5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 05 Dec 2022 18:30:27 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma
no-cache
server
GSE
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-security-policy-report-only
script-src 'report-sample' 'nonce-aSfJsPSoJJhUDEgYjkCijg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/gamma
content-type
text/plain;charset=utf-8
date
Mon, 05 Dec 2022 18:30:26 GMT
location
https://payments.google.com/payments/onlineclicktoaccept?hl=en-US&ocatk=AN-w8zAU7wULGhhTkUsCNx3QUCC4P7MAsB-rXNlo-pTe3MaAKWE85ZoGNSZm1YT_bOP-kO3js_XwOWy9k_qihfCriGoBSVzf8bx-eekSyLs3iwY_XVidCw81LxzFjccNMsODe325PUCmGWeCLNNI0sg8O21HvnYHerxa4w5jz_MosXs9oLJJYnj-O8yiN3LOi8HzqQwHEF26A9uh693VYiGeq_GsxPBOICknvvemfLMu&style=:md
server
Google Frontend
x-cloud-trace-context
4d02f38d677133786b1d549370e3c643
m=d,moca,sf,emm
www.gstatic.com/_/billing/_/js/k=billing.pcilms.en_US.ZFEr1A3ctXw.O/am=LJLId5p6XxEAnB3_0cEFqojwug/d=1/rs=AChpKPAtxrwmsR1n0J_SGhbLU3uWUQ_PEQ/ 		881 KB
281 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/billing/_/js/k=billing.pcilms.en_US.ZFEr1A3ctXw.O/am=LJLId5p6XxEAnB3_0cEFqojwug/d=1/rs=AChpKPAtxrwmsR1n0J_SGhbLU3uWUQ_PEQ/m=d,moca,sf,emm
Requested by
Host: payments.google.com
URL: https://payments.google.com/payments/onlineclicktoaccept?hl=en-US&ocatk=AN-w8zAU7wULGhhTkUsCNx3QUCC4P7MAsB-rXNlo-pTe3MaAKWE85ZoGNSZm1YT_bOP-kO3js_XwOWy9k_qihfCriGoBSVzf8bx-eekSyLs3iwY_XVidCw81LxzFjccNMsODe325PUCmGWeCLNNI0sg8O21HvnYHerxa4w5jz_MosXs9oLJJYnj-O8yiN3LOi8HzqQwHEF26A9uh693VYiGeq_GsxPBOICknvvemfLMu&style=:md
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dda8db07afde5df5e41cf3d9606d7dc497e23dd88592e1ac4b43694538338f85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 17:02:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5257
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/billing-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
287935
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 10:05:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="billing-ui"
vary
Accept-Encoding, Origin
report-to
{"group":"billing-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/billing-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 05 Dec 2023 17:02:50 GMT
m=d,moca,sf,emm
www.gstatic.com/_/billing/_/ss/k=billing.pcilms.bjg3Jn5kVVo.L.W.O/am=LJLId5p6XxEAnB3_0cEFqojwug/d=1/rs=AChpKPBusQLwIoV8hq5pU4OtdX3ijimAzQ/ 		284 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/billing/_/ss/k=billing.pcilms.bjg3Jn5kVVo.L.W.O/am=LJLId5p6XxEAnB3_0cEFqojwug/d=1/rs=AChpKPBusQLwIoV8hq5pU4OtdX3ijimAzQ/m=d,moca,sf,emm
Requested by
Host: payments.google.com
URL: https://payments.google.com/payments/onlineclicktoaccept?hl=en-US&ocatk=AN-w8zAU7wULGhhTkUsCNx3QUCC4P7MAsB-rXNlo-pTe3MaAKWE85ZoGNSZm1YT_bOP-kO3js_XwOWy9k_qihfCriGoBSVzf8bx-eekSyLs3iwY_XVidCw81LxzFjccNMsODe325PUCmGWeCLNNI0sg8O21HvnYHerxa4w5jz_MosXs9oLJJYnj-O8yiN3LOi8HzqQwHEF26A9uh693VYiGeq_GsxPBOICknvvemfLMu&style=:md
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce028553948008aebaaa4b23a5bf5e8ca8acf25385a0b8598f2c51afb7f25abf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 06:09:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
303637
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/billing-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38344
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 18:04:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="billing-ui"
vary
Accept-Encoding
report-to
{"group":"billing-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/billing-ui"}]}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Dec 2023 06:09:50 GMT
icon
fonts.googleapis.com/ 		616 B
892 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons+Extended
Requested by
Host: payments.google.com
URL: https://payments.google.com/payments/onlineclicktoaccept?hl=en-US&ocatk=AN-w8zAU7wULGhhTkUsCNx3QUCC4P7MAsB-rXNlo-pTe3MaAKWE85ZoGNSZm1YT_bOP-kO3js_XwOWy9k_qihfCriGoBSVzf8bx-eekSyLs3iwY_XVidCw81LxzFjccNMsODe325PUCmGWeCLNNI0sg8O21HvnYHerxa4w5jz_MosXs9oLJJYnj-O8yiN3LOi8HzqQwHEF26A9uh693VYiGeq_GsxPBOICknvvemfLMu&style=:md
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0c116c74efa19439bd2e6ad056ee930d82c0c8ac55330bbc5a9f63885601dec6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 05 Dec 2022 18:30:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 18:30:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 05 Dec 2022 18:30:27 GMT
googlelogo_light_color_48x16dp.png
www.gstatic.com/images/branding/googlelogo/2x/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/googlelogo/2x/googlelogo_light_color_48x16dp.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/billing/_/ss/k=billing.pcilms.bjg3Jn5kVVo.L.W.O/am=LJLId5p6XxEAnB3_0cEFqojwug/d=1/rs=AChpKPBusQLwIoV8hq5pU4OtdX3ijimAzQ/m=d,moca,sf,emm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e6a36cdd0e1c02d0800e0ba3113bdb8aba4898465d61c685d859e23ae93b87f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/_/billing/_/ss/k=billing.pcilms.bjg3Jn5kVVo.L.W.O/am=LJLId5p6XxEAnB3_0cEFqojwug/d=1/rs=AChpKPBusQLwIoV8hq5pU4OtdX3ijimAzQ/m=d,moca,sf,emm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 20:05:13 GMT
x-content-type-options
nosniff
age
512714
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1366
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 29 Nov 2023 20:05:13 GMT
lazy.min.js
www.gstatic.com/feedback/js/help/prod/service/ 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/billing/_/js/k=billing.pcilms.en_US.ZFEr1A3ctXw.O/am=LJLId5p6XxEAnB3_0cEFqojwug/d=1/rs=AChpKPAtxrwmsR1n0J_SGhbLU3uWUQ_PEQ/m=d,moca,sf,emm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5992e78ca3ce1b9be202bbcdef3a32d9ebd6a3609bf039a21b379b5f77076f7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 18:09:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1230
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33616
x-xss-protection
0
last-modified
Fri, 02 Dec 2022 19:11:44 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="product-feedback-gathering"
vary
Accept-Encoding, Origin
report-to
{"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Mon, 05 Dec 2022 18:59:57 GMT
m=pns
www.gstatic.com/_/billing/_/js/k=billing.pcilms.en_US.ZFEr1A3ctXw.O/am=LJLId5p6XxEAnB3_0cEFqojwug/d=0/rs=AChpKPAtxrwmsR1n0J_SGhbLU3uWUQ_PEQ/ 		241 KB
55 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/billing/_/js/k=billing.pcilms.en_US.ZFEr1A3ctXw.O/am=LJLId5p6XxEAnB3_0cEFqojwug/d=0/rs=AChpKPAtxrwmsR1n0J_SGhbLU3uWUQ_PEQ/m=pns
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/billing/_/js/k=billing.pcilms.en_US.ZFEr1A3ctXw.O/am=LJLId5p6XxEAnB3_0cEFqojwug/d=1/rs=AChpKPAtxrwmsR1n0J_SGhbLU3uWUQ_PEQ/m=d,moca,sf,emm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5806d6b0803d3f8feaf7678129c250b5c7b2b8e9b93d32ff44a15b0d8baedbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 16:07:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8595
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/billing-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55928
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 10:05:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="billing-ui"
vary
Accept-Encoding, Origin
report-to
{"group":"billing-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/billing-ui"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://payments.google.com
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 05 Dec 2023 16:07:12 GMT
m=claw
www.gstatic.com/_/billing/_/js/k=billing.pcilms.en_US.ZFEr1A3ctXw.O/am=LJLId5p6XxEAnB3_0cEFqojwug/d=0/rs=AChpKPAtxrwmsR1n0J_SGhbLU3uWUQ_PEQ/ 		691 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/billing/_/js/k=billing.pcilms.en_US.ZFEr1A3ctXw.O/am=LJLId5p6XxEAnB3_0cEFqojwug/d=0/rs=AChpKPAtxrwmsR1n0J_SGhbLU3uWUQ_PEQ/m=claw
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/billing/_/js/k=billing.pcilms.en_US.ZFEr1A3ctXw.O/am=LJLId5p6XxEAnB3_0cEFqojwug/d=1/rs=AChpKPAtxrwmsR1n0J_SGhbLU3uWUQ_PEQ/m=d,moca,sf,emm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
772599bc6977b0654e8fb0fef8b501db9391c5f70273a889d8f324bdc809e23a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 16:07:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8595
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/billing-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
435
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 10:05:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="billing-ui"
vary
Accept-Encoding, Origin
report-to
{"group":"billing-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/billing-ui"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://payments.google.com
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 05 Dec 2023 16:07:12 GMT

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| _$P function| o object| closure_lm_667594 boolean| __$pr object| payments object| userfeedback function| MI12 function| _DumpException function| _B_err object| help object| hgb

2 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 511=sal-B9akk5pdpxyo8N-rJH70EfDZXIIxrJbJrbfF7rozfoVZX8AC4p6eTTOHrN_HI7IiI-XLG9Y1g_ddyqJzkDJIpzELUzcQgIy6KIRVUXwzu1zledZbQBXCSh5QnVEGL9-xkJSODrwULnyjWevFStwB3_RGNhdpSXOKRWs6I2E
.google.com/ Name: S
Value: billing-ui-v3=7Te2mYgexJzEvb_g9e4hdxF5z0PljK8E:billing-ui-v3-efe=7Te2mYgexJzEvb_g9e4hdxF5z0PljK8E

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' base-uri 'self';object-src clients2.google.com/gr/GrDataFetcher.swf;report-uri /payments/cspreport;script-src 'report-sample' 'nonce-DuTVPoSUGKbNFLj2u3hN5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block