Submitted URL: https://notifications.google.com/g/p/APNL1ThAmP43l_5MdlNZHqgYkIfLdzZCP1AhA-lXuiES77PmUYtqvJd0wXOWFtU1ijRg2DJ1mw5ZFQ30DT0URAwe0Mi4...
Effective URL: https://payments.google.com/payments/onlineclicktoaccept?hl=en-US&ocatk=AH6S4TTAEGVR8rmDzwyjPhLptvdRghjAqxUh29kbyLozSz-vaLj8...
Submission: On July 12 via manual from GB — Scanned from GB

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 8 HTTP transactions. The main IP is 2a00:1450:400c:c08::5c, located in Brussels, Belgium and belongs to GOOGLE, US. The main domain is payments.google.com. The Cisco Umbrella rank of the primary domain is 10168.
TLS certificate: Issued by GTS CA 1C3 on June 27th 2022. Valid for: 3 months.
This is the only time payments.google.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
6 gstatic.com
www.gstatic.com
406 KB
2 google.com
notifications.google.com — Cisco Umbrella Rank: 34418
payments.google.com — Cisco Umbrella Rank: 10168
5 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 81
893 B
8 3
Domain Requested by
6 www.gstatic.com payments.google.com
www.gstatic.com
1 fonts.googleapis.com payments.google.com
1 payments.google.com
1 notifications.google.com 1 redirects
8 4

This site contains links to these domains. Also see Links.

Domain
policies.google.com
support.google.com
Subject Issuer Validity Valid
*.google.com
GTS CA 1C3
2022-06-27 -
2022-09-19
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh

This page contains 1 frames:

Primary Page: https://payments.google.com/payments/onlineclicktoaccept?hl=en-US&ocatk=AH6S4TTAEGVR8rmDzwyjPhLptvdRghjAqxUh29kbyLozSz-vaLj8bgLC04kxrcplCq0MWAZ85eGN4nCv7wRLhi01EdkBJuUIATWMUodiM1PMVyMG4a5lWQbGshzT4YySn_Y9NbSoqhMokZRBfbkkLAOQlAzD0g%3D%3D&style=:md
Frame ID: F852D958424BF72C5EDBC65D88049FEF
Requests: 8 HTTP requests in this frame

Screenshot

Page Title

Online Click to Accept

Page URL History Show full URLs

  1. https://notifications.google.com/g/p/APNL1ThAmP43l_5MdlNZHqgYkIfLdzZCP1AhA-lXuiES77PmUYtqvJd0wXOWFtU1ijRg2DJ1... HTTP 302
    https://payments.google.com/payments/onlineclicktoaccept?hl=en-US&ocatk=AH6S4TTAEGVR8rmDzwyjPhLptvdRghjA... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

8
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

4
Subdomains

3
IPs

3
Countries

411 kB
Transfer

1508 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://notifications.google.com/g/p/APNL1ThAmP43l_5MdlNZHqgYkIfLdzZCP1AhA-lXuiES77PmUYtqvJd0wXOWFtU1ijRg2DJ1mw5ZFQ30DT0URAwe0Mi4Hz150i85mtPrIFUjd1VaMiIY-oOYird67jLJ7g9vR22n6TZoc1XXX7Bn5-ZOSftLmfeALyJy7088JNNFmL5kaswQZXCQJffL-A67EPK3YBZt6z_IMqLDfOs-dWPtzRYfVOaWYJE7poi_gLCJZVI6YPSPADXe-L0lS2Pvcf3Q-eeoprOm_vDcs2rg_ecxkUdve70ujOan33D1UppMKa_tF7DNzLyXe6AXHePJSqOO6CzWnyCbwsn4x3RYXUH8nUc6aLXZdoeMRbNktCc1E93wN6fjbuOzhAK5WUg4 HTTP 302
    https://payments.google.com/payments/onlineclicktoaccept?hl=en-US&ocatk=AH6S4TTAEGVR8rmDzwyjPhLptvdRghjAqxUh29kbyLozSz-vaLj8bgLC04kxrcplCq0MWAZ85eGN4nCv7wRLhi01EdkBJuUIATWMUodiM1PMVyMG4a5lWQbGshzT4YySn_Y9NbSoqhMokZRBfbkkLAOQlAzD0g%3D%3D&style=:md Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request onlineclicktoaccept
payments.google.com/payments/
Redirect Chain
  • https://notifications.google.com/g/p/APNL1ThAmP43l_5MdlNZHqgYkIfLdzZCP1AhA-lXuiES77PmUYtqvJd0wXOWFtU1ijRg2DJ1mw5ZFQ30DT0URAwe0Mi4Hz150i85mtPrIFUjd1VaMiIY-oOYird67jLJ7g9vR22n6TZoc1XXX7Bn5-ZOSftLmfeA...
  • https://payments.google.com/payments/onlineclicktoaccept?hl=en-US&ocatk=AH6S4TTAEGVR8rmDzwyjPhLptvdRghjAqxUh29kbyLozSz-vaLj8bgLC04kxrcplCq0MWAZ85eGN4nCv7wRLhi01EdkBJuUIATWMUodiM1PMVyMG4a5lWQbGshzT4...
17 KB
5 KB
Document
General
Full URL
https://payments.google.com/payments/onlineclicktoaccept?hl=en-US&ocatk=AH6S4TTAEGVR8rmDzwyjPhLptvdRghjAqxUh29kbyLozSz-vaLj8bgLC04kxrcplCq0MWAZ85eGN4nCv7wRLhi01EdkBJuUIATWMUodiM1PMVyMG4a5lWQbGshzT4YySn_Y9NbSoqhMokZRBfbkkLAOQlAzD0g%3D%3D&style=:md
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
89f9be5c27794bcce5d856dc88209543bb56c273eeaf3a8b3bd8d71ba3739047
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' base-uri 'self';object-src clients2.google.com/gr/GrDataFetcher.swf;report-uri /payments/cspreport;script-src 'report-sample' 'nonce-vYL_kJ2vSWZhGN5pnHCXvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
frame-ancestors 'self' base-uri 'self';object-src clients2.google.com/gr/GrDataFetcher.swf;report-uri /payments/cspreport;script-src 'report-sample' 'nonce-vYL_kJ2vSWZhGN5pnHCXvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_2a36ru"
date
Tue, 12 Jul 2022 13:40:41 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma
no-cache
report-to
{"group":"coop_gse_2a36ru","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_2a36ru"}]}
server
GSE
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-security-policy-report-only
script-src 'report-sample' 'nonce-o5OQ7zcNoS7a9jVFPY3W6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/gamma
content-type
text/plain;charset=utf-8
date
Tue, 12 Jul 2022 13:40:40 GMT
location
https://payments.google.com/payments/onlineclicktoaccept?hl=en-US&ocatk=AH6S4TTAEGVR8rmDzwyjPhLptvdRghjAqxUh29kbyLozSz-vaLj8bgLC04kxrcplCq0MWAZ85eGN4nCv7wRLhi01EdkBJuUIATWMUodiM1PMVyMG4a5lWQbGshzT4YySn_Y9NbSoqhMokZRBfbkkLAOQlAzD0g%3D%3D&style=:md
server
Google Frontend
x-cloud-trace-context
b1029cce40a65aba0da0e0de5327448e
m=d,moca,sf,emm
www.gstatic.com/_/billing/_/js/k=billing.pcilms.en_US.m_fJnjovXCM.O/am=LJLIZeq-IgCo8R8dXKCKCK8L/d=1/rs=AChpKPDlrWqAu7mHv2rZU0-VItIXo-AHaA/
873 KB
279 KB
Script
General
Full URL
https://www.gstatic.com/_/billing/_/js/k=billing.pcilms.en_US.m_fJnjovXCM.O/am=LJLIZeq-IgCo8R8dXKCKCK8L/d=1/rs=AChpKPDlrWqAu7mHv2rZU0-VItIXo-AHaA/m=d,moca,sf,emm
Requested by
Host: payments.google.com
URL: https://payments.google.com/payments/onlineclicktoaccept?hl=en-US&ocatk=AH6S4TTAEGVR8rmDzwyjPhLptvdRghjAqxUh29kbyLozSz-vaLj8bgLC04kxrcplCq0MWAZ85eGN4nCv7wRLhi01EdkBJuUIATWMUodiM1PMVyMG4a5lWQbGshzT4YySn_Y9NbSoqhMokZRBfbkkLAOQlAzD0g%3D%3D&style=:md
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90835e9b8e8e3a09496b23ec1b436a1b4a45eb8c1b8184bf44394d0034d10ef6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://payments.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 13:40:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/billing-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
285062
x-xss-protection
0
last-modified
Tue, 12 Jul 2022 10:03:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="billing-ui"
vary
Accept-Encoding, Origin
report-to
{"group":"billing-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/billing-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 12 Jul 2023 13:40:42 GMT
m=d,moca,sf,emm
www.gstatic.com/_/billing/_/ss/k=billing.pcilms.kEitAyNdK58.L.W.O/am=LJLIZeq-IgCo8R8dXKCKCK8L/d=1/rs=AChpKPC6ffCR-Qij0Nad5TP4-PkNJUnaVw/
284 KB
38 KB
Stylesheet
General
Full URL
https://www.gstatic.com/_/billing/_/ss/k=billing.pcilms.kEitAyNdK58.L.W.O/am=LJLIZeq-IgCo8R8dXKCKCK8L/d=1/rs=AChpKPC6ffCR-Qij0Nad5TP4-PkNJUnaVw/m=d,moca,sf,emm
Requested by
Host: payments.google.com
URL: https://payments.google.com/payments/onlineclicktoaccept?hl=en-US&ocatk=AH6S4TTAEGVR8rmDzwyjPhLptvdRghjAqxUh29kbyLozSz-vaLj8bgLC04kxrcplCq0MWAZ85eGN4nCv7wRLhi01EdkBJuUIATWMUodiM1PMVyMG4a5lWQbGshzT4YySn_Y9NbSoqhMokZRBfbkkLAOQlAzD0g%3D%3D&style=:md
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ace1b1197b73f8fca8be64588c167945755626a5ccc62e3cbf52c2f65af62ea3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://payments.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:55:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85534
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/billing-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38267
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 10:06:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="billing-ui"
vary
Accept-Encoding
report-to
{"group":"billing-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/billing-ui"}]}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 11 Jul 2023 13:55:08 GMT
icon
fonts.googleapis.com/
616 B
893 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons+Extended
Requested by
Host: payments.google.com
URL: https://payments.google.com/payments/onlineclicktoaccept?hl=en-US&ocatk=AH6S4TTAEGVR8rmDzwyjPhLptvdRghjAqxUh29kbyLozSz-vaLj8bgLC04kxrcplCq0MWAZ85eGN4nCv7wRLhi01EdkBJuUIATWMUodiM1PMVyMG4a5lWQbGshzT4YySn_Y9NbSoqhMokZRBfbkkLAOQlAzD0g%3D%3D&style=:md
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4014:80b::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8b402756766c1b4f2d210202083cbb762fd825b822c45b66a2206f4485cf90fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://payments.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 12 Jul 2022 13:40:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 12 Jul 2022 13:40:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 12 Jul 2022 13:40:42 GMT
googlelogo_light_color_48x16dp.png
www.gstatic.com/images/branding/googlelogo/2x/
1 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/images/branding/googlelogo/2x/googlelogo_light_color_48x16dp.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/billing/_/ss/k=billing.pcilms.kEitAyNdK58.L.W.O/am=LJLIZeq-IgCo8R8dXKCKCK8L/d=1/rs=AChpKPC6ffCR-Qij0Nad5TP4-PkNJUnaVw/m=d,moca,sf,emm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e6a36cdd0e1c02d0800e0ba3113bdb8aba4898465d61c685d859e23ae93b87f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.gstatic.com/_/billing/_/ss/k=billing.pcilms.kEitAyNdK58.L.W.O/am=LJLIZeq-IgCo8R8dXKCKCK8L/d=1/rs=AChpKPC6ffCR-Qij0Nad5TP4-PkNJUnaVw/m=d,moca,sf,emm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 06:59:47 GMT
x-content-type-options
nosniff
age
456055
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1366
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 07 Jul 2023 06:59:47 GMT
lazy.min.js
www.gstatic.com/feedback/js/help/prod/service/
92 KB
33 KB
Script
General
Full URL
https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/billing/_/js/k=billing.pcilms.en_US.m_fJnjovXCM.O/am=LJLIZeq-IgCo8R8dXKCKCK8L/d=1/rs=AChpKPDlrWqAu7mHv2rZU0-VItIXo-AHaA/m=d,moca,sf,emm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3eb3f9026bf67c2ab19e5de0a190a1fb7e7a6f5ad8863cd63026ec2ec38c1444
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://payments.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 13:16:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1482
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33373
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 22:55:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="product-feedback-gathering"
vary
Accept-Encoding, Origin
report-to
{"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Tue, 12 Jul 2022 14:06:00 GMT
m=pns
www.gstatic.com/_/billing/_/js/k=billing.pcilms.en_US.m_fJnjovXCM.O/am=LJLIZeq-IgCo8R8dXKCKCK8L/d=0/rs=AChpKPDlrWqAu7mHv2rZU0-VItIXo-AHaA/
241 KB
55 KB
XHR
General
Full URL
https://www.gstatic.com/_/billing/_/js/k=billing.pcilms.en_US.m_fJnjovXCM.O/am=LJLIZeq-IgCo8R8dXKCKCK8L/d=0/rs=AChpKPDlrWqAu7mHv2rZU0-VItIXo-AHaA/m=pns
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/billing/_/js/k=billing.pcilms.en_US.m_fJnjovXCM.O/am=LJLIZeq-IgCo8R8dXKCKCK8L/d=1/rs=AChpKPDlrWqAu7mHv2rZU0-VItIXo-AHaA/m=d,moca,sf,emm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
311c275e461670ce9e2f86ce9dbbf299f60fd05a356afac31ef65491b46c7c68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://payments.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 12:56:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2678
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/billing-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55796
x-xss-protection
0
last-modified
Tue, 12 Jul 2022 10:03:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="billing-ui"
vary
Accept-Encoding, Origin
report-to
{"group":"billing-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/billing-ui"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://payments.google.com
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 12 Jul 2023 12:56:04 GMT
m=claw
www.gstatic.com/_/billing/_/js/k=billing.pcilms.en_US.m_fJnjovXCM.O/am=LJLIZeq-IgCo8R8dXKCKCK8L/d=0/rs=AChpKPDlrWqAu7mHv2rZU0-VItIXo-AHaA/
694 B
466 B
XHR
General
Full URL
https://www.gstatic.com/_/billing/_/js/k=billing.pcilms.en_US.m_fJnjovXCM.O/am=LJLIZeq-IgCo8R8dXKCKCK8L/d=0/rs=AChpKPDlrWqAu7mHv2rZU0-VItIXo-AHaA/m=claw
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/billing/_/js/k=billing.pcilms.en_US.m_fJnjovXCM.O/am=LJLIZeq-IgCo8R8dXKCKCK8L/d=1/rs=AChpKPDlrWqAu7mHv2rZU0-VItIXo-AHaA/m=d,moca,sf,emm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5db1e6aa8bde4375d2e8d5be48946f637a1b9c20ea0724d33cc1312f08273600
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://payments.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 12:56:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2678
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/billing-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
439
x-xss-protection
0
last-modified
Tue, 12 Jul 2022 10:03:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="billing-ui"
vary
Accept-Encoding, Origin
report-to
{"group":"billing-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/billing-ui"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://payments.google.com
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 12 Jul 2023 12:56:04 GMT

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| _$P function| o object| closure_lm_641839 boolean| __$pr object| payments object| userfeedback function| MI12 function| _DumpException function| _B_err object| help object| hgb

2 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 511=iFdVc6WkAVD5ihSsgmnxqHFqr5LtWA0Nle97rUWN-wKc3B6GAz650dplSXitwVVbzPW_4_xZBbqAESXYv-0GOUQKOCUVvnnjwy0gRXgIIiLTNCoztGfx3gHEFnzXrfxOUuyC620-csQJsGkHoxl7WdAcL63ng97zHf_R-_ewPVM
.google.com/ Name: S
Value: billing-ui-v3=RrkMamKRvlYAEOi-Nq06W9c2PyvBsHbg:billing-ui-v3-efe=RrkMamKRvlYAEOi-Nq06W9c2PyvBsHbg

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' base-uri 'self';object-src clients2.google.com/gr/GrDataFetcher.swf;report-uri /payments/cspreport;script-src 'report-sample' 'nonce-vYL_kJ2vSWZhGN5pnHCXvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block