pay.uzumcheckout.uz Open in urlscan Pro
77.95.130.198 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pay.uzumcheckout.uz/?orderId=01bbb4ad-90d0-4729-bcff-cc636020fc2d
Submission: On February 22 via api (February 22nd 2024, 4:31:21 pm UTC) from US — Scanned from DE

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 18 HTTP transactions. The main IP is 77.95.130.198, located in Russian Federation and belongs to SAFEDATA Uplinks, RU. The main domain is pay.uzumcheckout.uz.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on September 21st 2023. Valid for: a year.

This is the only time pay.uzumcheckout.uz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
18	77.95.130.198 77.95.130.198		43226 (SAFEDATA ...) (SAFEDATA Uplinks)
18	1

18 77.95.130.198 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)

pay.uzumcheckout.uz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	uzumcheckout.uz pay.uzumcheckout.uz	350 KB
18	1

	Domain	Requested by
18	pay.uzumcheckout.uz	pay.uzumcheckout.uz
18	1

This site contains no links.

Subject Issuer	Validity	Valid
*.uzumcheckout.uz AlphaSSL CA - SHA256 - G4	`2023-09-21` - `2024-10-22`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://pay.uzumcheckout.uz/?orderId=01bbb4ad-90d0-4729-bcff-cc636020fc2d
Frame ID: 30019A9720D32E8620F56807DAF14764
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Uzumpay

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

350 kB
Transfer

829 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
pay.uzumcheckout.uz/ 3 KB
3 KB 379ms
168ms Document
text/html 77.95.130.198
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.uzumcheckout.uz/?orderId=01bbb4ad-90d0-4729-bcff-cc636020fc2d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.95.130.198 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

9c591fc121f30aea9a03f5cf8582c5683450c4400d66abd18adcb8764acaf1db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; max-age=31536000;
X-Content-Type-Options	nosniff nosniff
X-Xss-Protection	1; mode=block
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: br
Content-Length: 1428
Content-Security-Policy-Report-Only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
Content-Type: text/html; charset=utf-8
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: cross-origin
Date: Thu, 22 Feb 2024 16:31:16 GMT
Feature-Policy: geolocation none;midi none;notifications none;push none;sync-xhr none;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;
Keep-Alive: timeout=20
Origin-Agent-Cluster: ?1
Permissions-Policy: geolocation=(),midi=(),notifications=(),push=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),speaker=(),vibrate=(),fullscreen=()
Referrer-Policy: no-referrer no-referrer-when-downgrade
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload max-age=31536000; max-age=31536000;
X-Content-Type-Options: nosniff nosniff
X-Dns-Prefetch-Control: off
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block
X-Xss-Protection: 0

GET
H/1.1 200
OK index-f9ef2793.js Show response
pay.uzumcheckout.uz/assets/ 64 KB
25 KB 93ms
92ms Script
text/javascript 77.95.130.198
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.uzumcheckout.uz/assets/index-f9ef2793.js

Requested by

Host: pay.uzumcheckout.uz
URL: https://pay.uzumcheckout.uz/?orderId=01bbb4ad-90d0-4729-bcff-cc636020fc2d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.95.130.198 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

0892707d8dfa5dcb5b986ef1c48424c6c1110a96d03b9a2cd0bb1ac8044267c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000;, max-age=31536000;
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	0, 1; mode=block

Request headers

Referer: https://pay.uzumcheckout.uz/?orderId=01bbb4ad-90d0-4729-bcff-cc636020fc2d
Origin: https://pay.uzumcheckout.uz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date: Thu, 22 Feb 2024 16:31:16 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff, nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000;, max-age=31536000;
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Transfer-Encoding: chunked
X-Dns-Prefetch-Control: off
Content-Security-Policy-Report-Only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-Xss-Protection: 0, 1; mode=block
Referrer-Policy: no-referrer, no-referrer-when-downgrade
Server: nginx
Cross-Origin-Opener-Policy: same-origin
X-Download-Options: noopen
Content-Type: text/javascript
Origin-Agent-Cluster: ?1
Cache-Control: public, max-age=2592000
Feature-Policy: geolocation none;midi none;notifications none;push none;sync-xhr none;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;
Permissions-Policy: geolocation=(),midi=(),notifications=(),push=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),speaker=(),vibrate=(),fullscreen=()
Keep-Alive: timeout=20

GET
H/1.1 200
OK exports-5944e5aa.js Show response
pay.uzumcheckout.uz/assets/ 26 KB
11 KB 126ms
47ms Script
text/javascript 77.95.130.198
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.uzumcheckout.uz/assets/exports-5944e5aa.js

Requested by

Host: pay.uzumcheckout.uz
URL: https://pay.uzumcheckout.uz/?orderId=01bbb4ad-90d0-4729-bcff-cc636020fc2d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.95.130.198 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

591483667d64d74d92df9fcc0870d07bb3eebbce9d868f15af163f7fe654256f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000;, max-age=31536000;
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	0, 1; mode=block

Request headers

Referer: https://pay.uzumcheckout.uz/?orderId=01bbb4ad-90d0-4729-bcff-cc636020fc2d
Origin: https://pay.uzumcheckout.uz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date: Thu, 22 Feb 2024 16:31:16 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff, nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000;, max-age=31536000;
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Transfer-Encoding: chunked
X-Dns-Prefetch-Control: off
Content-Security-Policy-Report-Only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-Xss-Protection: 0, 1; mode=block
Referrer-Policy: no-referrer, no-referrer-when-downgrade
Server: nginx
Cross-Origin-Opener-Policy: same-origin
X-Download-Options: noopen
Content-Type: text/javascript
Origin-Agent-Cluster: ?1
Cache-Control: public, max-age=2592000
Feature-Policy: geolocation none;midi none;notifications none;push none;sync-xhr none;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;
Permissions-Policy: geolocation=(),midi=(),notifications=(),push=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),speaker=(),vibrate=(),fullscreen=()
Keep-Alive: timeout=20

GET
H/1.1 200
OK runtime-core.esm-bundler-939012aa.js Show response
pay.uzumcheckout.uz/assets/ 51 KB
23 KB 169ms
90ms Script
text/javascript 77.95.130.198
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.uzumcheckout.uz/assets/runtime-core.esm-bundler-939012aa.js

Requested by

Host: pay.uzumcheckout.uz
URL: https://pay.uzumcheckout.uz/?orderId=01bbb4ad-90d0-4729-bcff-cc636020fc2d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.95.130.198 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

d66546201c52b5a08b5357a5e6c82b841d6afb11f936f5c17e66c7b545a77c3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000;, max-age=31536000;
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	0, 1; mode=block

Request headers

Referer: https://pay.uzumcheckout.uz/?orderId=01bbb4ad-90d0-4729-bcff-cc636020fc2d
Origin: https://pay.uzumcheckout.uz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date: Thu, 22 Feb 2024 16:31:16 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff, nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000;, max-age=31536000;
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Transfer-Encoding: chunked
X-Dns-Prefetch-Control: off
Content-Security-Policy-Report-Only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-Xss-Protection: 0, 1; mode=block
Referrer-Policy: no-referrer, no-referrer-when-downgrade
Server: nginx
Cross-Origin-Opener-Policy: same-origin
X-Download-Options: noopen
Content-Type: text/javascript
Origin-Agent-Cluster: ?1
Cache-Control: public, max-age=2592000
Feature-Policy: geolocation none;midi none;notifications none;push none;sync-xhr none;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;
Permissions-Policy: geolocation=(),midi=(),notifications=(),push=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),speaker=(),vibrate=(),fullscreen=()
Keep-Alive: timeout=20

GET
H/1.1 200
OK consts-a62d906a.js Show response
pay.uzumcheckout.uz/assets/ 247 KB
89 KB 168ms
89ms Script
text/javascript 77.95.130.198
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.uzumcheckout.uz/assets/consts-a62d906a.js

Requested by

Host: pay.uzumcheckout.uz
URL: https://pay.uzumcheckout.uz/?orderId=01bbb4ad-90d0-4729-bcff-cc636020fc2d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.95.130.198 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

05753e672c35c5bcad7393dc81ac83504f383c3ed218f8c9ee84c7d4960ebcf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000;, max-age=31536000;
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	0, 1; mode=block

Request headers

Referer: https://pay.uzumcheckout.uz/?orderId=01bbb4ad-90d0-4729-bcff-cc636020fc2d
Origin: https://pay.uzumcheckout.uz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date: Thu, 22 Feb 2024 16:31:16 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff, nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000;, max-age=31536000;
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Transfer-Encoding: chunked
X-Dns-Prefetch-Control: off
Content-Security-Policy-Report-Only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-Xss-Protection: 0, 1; mode=block
Referrer-Policy: no-referrer, no-referrer-when-downgrade
Server: nginx
Cross-Origin-Opener-Policy: same-origin
X-Download-Options: noopen
Content-Type: text/javascript
Origin-Agent-Cluster: ?1
Cache-Control: public, max-age=2592000
Feature-Policy: geolocation none;midi none;notifications none;push none;sync-xhr none;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;
Permissions-Policy: geolocation=(),midi=(),notifications=(),push=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),speaker=(),vibrate=(),fullscreen=()
Keep-Alive: timeout=20

GET
H/1.1 200
OK style-2f600963.css
pay.uzumcheckout.uz/assets/ 19 KB
7 KB 125ms
47ms Stylesheet
text/css 77.95.130.198
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.uzumcheckout.uz/assets/style-2f600963.css

Requested by

Host: pay.uzumcheckout.uz
URL: https://pay.uzumcheckout.uz/?orderId=01bbb4ad-90d0-4729-bcff-cc636020fc2d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.95.130.198 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

2f600963bdad2fcde1c6e5e659b01d57b892dd1ca704eb1e6cdb886e4161eaa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000;, max-age=31536000;
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	0, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.uzumcheckout.uz/?orderId=01bbb4ad-90d0-4729-bcff-cc636020fc2d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date: Thu, 22 Feb 2024 16:31:16 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff, nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000;, max-age=31536000;
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Transfer-Encoding: chunked
X-Dns-Prefetch-Control: off
Content-Security-Policy-Report-Only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-Xss-Protection: 0, 1; mode=block
Referrer-Policy: no-referrer, no-referrer-when-downgrade
Server: nginx
Cross-Origin-Opener-Policy: same-origin
X-Download-Options: noopen
Content-Type: text/css
Origin-Agent-Cluster: ?1
Cache-Control: public, max-age=2592000
Feature-Policy: geolocation none;midi none;notifications none;push none;sync-xhr none;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;
Permissions-Policy: geolocation=(),midi=(),notifications=(),push=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),speaker=(),vibrate=(),fullscreen=()
Keep-Alive: timeout=20

POST
H/1.1 200
OK / Show response
pay.uzumcheckout.uz/service/wa/decide/ 367 B
2 KB 116ms
115ms XHR
application/json 77.95.130.198
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.uzumcheckout.uz/service/wa/decide/?v=3&ip=1&_=1708619476539&ver=1.81.0

Requested by

Host: pay.uzumcheckout.uz
URL: https://pay.uzumcheckout.uz/assets/index-f9ef2793.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.95.130.198 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

97f90720c66a188ddeeaf129911194855c0df9ce4d853d8385c1bb542267e122

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000;, max-age=31536000;
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pay.uzumcheckout.uz/?orderId=01bbb4ad-90d0-4729-bcff-cc636020fc2d
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Thu, 22 Feb 2024 16:31:16 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000;, max-age=31536000;
Content-Security-Policy-Report-Only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000
Content-Length: 244
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin, no-referrer-when-downgrade
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://pay.uzumcheckout.uz
Access-Control-Allow-Credentials: true
Feature-Policy: geolocation none;midi none;notifications none;push none;sync-xhr none;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;
Permissions-Policy: geolocation=(),midi=(),notifications=(),push=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),speaker=(),vibrate=(),fullscreen=()
Keep-Alive: timeout=20
Access-Control-Allow-Headers: X-Requested-With,Content-Type

POST
H/1.1 200
OK / Show response
pay.uzumcheckout.uz/service/wa/e/ 13 B
1 KB 276ms
276ms XHR
application/json 77.95.130.198
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.uzumcheckout.uz/service/wa/e/?ip=1&_=1708619476542&ver=1.81.0

Requested by

Host: pay.uzumcheckout.uz
URL: https://pay.uzumcheckout.uz/assets/index-f9ef2793.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.95.130.198 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000;, max-age=31536000;
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pay.uzumcheckout.uz/?orderId=01bbb4ad-90d0-4729-bcff-cc636020fc2d
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Thu, 22 Feb 2024 16:31:16 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000;, max-age=31536000;
Content-Security-Policy-Report-Only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000
Content-Length: 33
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin, no-referrer-when-downgrade
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://pay.uzumcheckout.uz
Access-Control-Allow-Credentials: true
Feature-Policy: geolocation none;midi none;notifications none;push none;sync-xhr none;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;
Permissions-Policy: geolocation=(),midi=(),notifications=(),push=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),speaker=(),vibrate=(),fullscreen=()
Keep-Alive: timeout=20
Access-Control-Allow-Headers: X-Requested-With,Content-Type

GET
H/1.1 200
OK CardSelection-7529cd0a.js Show response
pay.uzumcheckout.uz/assets/ 333 KB
98 KB 52ms
52ms Script
text/javascript 77.95.130.198
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.uzumcheckout.uz/assets/CardSelection-7529cd0a.js

Requested by

Host: pay.uzumcheckout.uz
URL: https://pay.uzumcheckout.uz/assets/consts-a62d906a.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.95.130.198 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

6f2c2854e41cd266e62fd3809843a8c6dcd6950b74ae235bc021fb7b0e5fa5a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000;, max-age=31536000;
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	0, 1; mode=block

Request headers

Referer
Origin: https://pay.uzumcheckout.uz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date: Thu, 22 Feb 2024 16:31:16 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff, nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000;, max-age=31536000;
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Transfer-Encoding: chunked
X-Dns-Prefetch-Control: off
Content-Security-Policy-Report-Only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-Xss-Protection: 0, 1; mode=block
Referrer-Policy: no-referrer, no-referrer-when-downgrade
Server: nginx
Cross-Origin-Opener-Policy: same-origin
X-Download-Options: noopen
Content-Type: text/javascript
Origin-Agent-Cluster: ?1
Cache-Control: public, max-age=2592000
Feature-Policy: geolocation none;midi none;notifications none;push none;sync-xhr none;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;
Permissions-Policy: geolocation=(),midi=(),notifications=(),push=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),speaker=(),vibrate=(),fullscreen=()
Keep-Alive: timeout=20

GET
H/1.1 200
OK MainButton-9b1f1542.js Show response
pay.uzumcheckout.uz/assets/ 2 KB
2 KB 46ms
46ms Script
text/javascript 77.95.130.198
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.uzumcheckout.uz/assets/MainButton-9b1f1542.js

Requested by

Host: pay.uzumcheckout.uz
URL: https://pay.uzumcheckout.uz/assets/consts-a62d906a.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.95.130.198 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

49c7155f3defbc131008466864518cabf3175dcfa4e078bd50544e1d52776c4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000;, max-age=31536000;
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	0, 1; mode=block

Request headers

Referer
Origin: https://pay.uzumcheckout.uz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date: Thu, 22 Feb 2024 16:31:16 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff, nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000;, max-age=31536000;
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Transfer-Encoding: chunked
X-Dns-Prefetch-Control: off
Content-Security-Policy-Report-Only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-Xss-Protection: 0, 1; mode=block
Referrer-Policy: no-referrer, no-referrer-when-downgrade
Server: nginx
Cross-Origin-Opener-Policy: same-origin
X-Download-Options: noopen
Content-Type: text/javascript
Origin-Agent-Cluster: ?1
Cache-Control: public, max-age=2592000
Feature-Policy: geolocation none;midi none;notifications none;push none;sync-xhr none;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;
Permissions-Policy: geolocation=(),midi=(),notifications=(),push=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),speaker=(),vibrate=(),fullscreen=()
Keep-Alive: timeout=20

GET
H/1.1 200
OK _plugin-vue_export-helper-c27b6911.js Show response
pay.uzumcheckout.uz/assets/ 91 B
1 KB 69ms
68ms Script
text/javascript 77.95.130.198
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.uzumcheckout.uz/assets/_plugin-vue_export-helper-c27b6911.js

Requested by

Host: pay.uzumcheckout.uz
URL: https://pay.uzumcheckout.uz/assets/consts-a62d906a.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.95.130.198 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

cb85b0f263dbe24e857338301c0627076592e9f1f1a5662929f86d2c126444aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000;, max-age=31536000;
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	0, 1; mode=block

Request headers

Referer
Origin: https://pay.uzumcheckout.uz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date: Thu, 22 Feb 2024 16:31:16 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff, nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000;, max-age=31536000;
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Transfer-Encoding: chunked
X-Dns-Prefetch-Control: off
Content-Security-Policy-Report-Only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-Xss-Protection: 0, 1; mode=block
Referrer-Policy: no-referrer, no-referrer-when-downgrade
Server: nginx
Cross-Origin-Opener-Policy: same-origin
X-Download-Options: noopen
Content-Type: text/javascript
Origin-Agent-Cluster: ?1
Cache-Control: public, max-age=2592000
Feature-Policy: geolocation none;midi none;notifications none;push none;sync-xhr none;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;
Permissions-Policy: geolocation=(),midi=(),notifications=(),push=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),speaker=(),vibrate=(),fullscreen=()
Keep-Alive: timeout=20

GET
H/1.1 200
OK LightText-7476174d.js Show response
pay.uzumcheckout.uz/assets/ 6 KB
4 KB 91ms
44ms Script
text/javascript 77.95.130.198
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.uzumcheckout.uz/assets/LightText-7476174d.js

Requested by

Host: pay.uzumcheckout.uz
URL: https://pay.uzumcheckout.uz/assets/consts-a62d906a.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.95.130.198 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f1332725ab11129985d16b8c4abef4d90b6377bdb8f5248496ecf50450dee45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000;, max-age=31536000;
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	0, 1; mode=block

Request headers

Referer
Origin: https://pay.uzumcheckout.uz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date: Thu, 22 Feb 2024 16:31:16 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff, nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000;, max-age=31536000;
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Transfer-Encoding: chunked
X-Dns-Prefetch-Control: off
Content-Security-Policy-Report-Only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-Xss-Protection: 0, 1; mode=block
Referrer-Policy: no-referrer, no-referrer-when-downgrade
Server: nginx
Cross-Origin-Opener-Policy: same-origin
X-Download-Options: noopen
Content-Type: text/javascript
Origin-Agent-Cluster: ?1
Cache-Control: public, max-age=2592000
Feature-Policy: geolocation none;midi none;notifications none;push none;sync-xhr none;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;
Permissions-Policy: geolocation=(),midi=(),notifications=(),push=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),speaker=(),vibrate=(),fullscreen=()
Keep-Alive: timeout=20

GET
H/1.1 200
OK PreloaderPage-3f564bc7.js Show response
pay.uzumcheckout.uz/assets/ 2 KB
2 KB 115ms
45ms Script
text/javascript 77.95.130.198
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.uzumcheckout.uz/assets/PreloaderPage-3f564bc7.js

Requested by

Host: pay.uzumcheckout.uz
URL: https://pay.uzumcheckout.uz/assets/consts-a62d906a.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.95.130.198 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

2f97da3fa98e04c6a8a2c571ab45cc9b2bf61bf03a2038520b2880286d3f870f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000;, max-age=31536000;
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	0, 1; mode=block

Request headers

Referer
Origin: https://pay.uzumcheckout.uz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date: Thu, 22 Feb 2024 16:31:16 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff, nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000;, max-age=31536000;
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Transfer-Encoding: chunked
X-Dns-Prefetch-Control: off
Content-Security-Policy-Report-Only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-Xss-Protection: 0, 1; mode=block
Referrer-Policy: no-referrer, no-referrer-when-downgrade
Server: nginx
Cross-Origin-Opener-Policy: same-origin
X-Download-Options: noopen
Content-Type: text/javascript
Origin-Agent-Cluster: ?1
Cache-Control: public, max-age=2592000
Feature-Policy: geolocation none;midi none;notifications none;push none;sync-xhr none;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;
Permissions-Policy: geolocation=(),midi=(),notifications=(),push=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),speaker=(),vibrate=(),fullscreen=()
Keep-Alive: timeout=20

POST
H/1.1 200
OK / Show response
pay.uzumcheckout.uz/service/wa/decide/ 367 B
2 KB 108ms
107ms XHR
application/json 77.95.130.198
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.uzumcheckout.uz/service/wa/decide/?v=3&ip=1&_=1708619476663&ver=1.81.0

Requested by

Host: pay.uzumcheckout.uz
URL: https://pay.uzumcheckout.uz/assets/index-f9ef2793.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.95.130.198 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

97f90720c66a188ddeeaf129911194855c0df9ce4d853d8385c1bb542267e122

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000;, max-age=31536000;
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pay.uzumcheckout.uz/?orderId=01bbb4ad-90d0-4729-bcff-cc636020fc2d
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Thu, 22 Feb 2024 16:31:16 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000;, max-age=31536000;
Content-Security-Policy-Report-Only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000
Content-Length: 244
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin, no-referrer-when-downgrade
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://pay.uzumcheckout.uz
Access-Control-Allow-Credentials: true
Feature-Policy: geolocation none;midi none;notifications none;push none;sync-xhr none;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;
Permissions-Policy: geolocation=(),midi=(),notifications=(),push=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),speaker=(),vibrate=(),fullscreen=()
Keep-Alive: timeout=20
Access-Control-Allow-Headers: X-Requested-With,Content-Type

GET
H/1.1 200
OK ru-flag-5224e89e.svg
pay.uzumcheckout.uz/assets/ 287 B
2 KB 44ms
44ms Image
image/svg+xml 77.95.130.198
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pay.uzumcheckout.uz/assets/ru-flag-5224e89e.svg

Requested by

Host: pay.uzumcheckout.uz
URL: https://pay.uzumcheckout.uz/assets/style-2f600963.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.95.130.198 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

5224e89e23b68de5bbd17ad7c5b7dee8aab10c6042f07af077761d25bd6eeade

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000;, max-age=31536000;
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	0, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.uzumcheckout.uz/assets/style-2f600963.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date: Thu, 22 Feb 2024 16:31:16 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff, nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000;, max-age=31536000;
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Transfer-Encoding: chunked
X-Dns-Prefetch-Control: off
Content-Security-Policy-Report-Only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-Xss-Protection: 0, 1; mode=block
Referrer-Policy: no-referrer, no-referrer-when-downgrade
Server: nginx
Cross-Origin-Opener-Policy: same-origin
X-Download-Options: noopen
Content-Type: image/svg+xml
Origin-Agent-Cluster: ?1
Cache-Control: public, max-age=2592000
Feature-Policy: geolocation none;midi none;notifications none;push none;sync-xhr none;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;
Permissions-Policy: geolocation=(),midi=(),notifications=(),push=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),speaker=(),vibrate=(),fullscreen=()
Keep-Alive: timeout=20

GET
H/1.1 200
OK TT_Uzum_Bold-8fa3cc98.woff2
pay.uzumcheckout.uz/assets/ 38 KB
39 KB 47ms
47ms Font
font/woff2 77.95.130.198
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.uzumcheckout.uz/assets/TT_Uzum_Bold-8fa3cc98.woff2

Requested by

Host: pay.uzumcheckout.uz
URL: https://pay.uzumcheckout.uz/assets/style-2f600963.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.95.130.198 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8fa3cc988de83f30b69ff9b1cfb1fe2c2ab85b78125f4c612dbf329f3d1de2d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000;, max-age=31536000;
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	0, 1; mode=block

Request headers

Referer: https://pay.uzumcheckout.uz/assets/style-2f600963.css
Origin: https://pay.uzumcheckout.uz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date: Thu, 22 Feb 2024 16:31:16 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff, nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000;, max-age=31536000;
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Transfer-Encoding: chunked
X-Dns-Prefetch-Control: off
Content-Security-Policy-Report-Only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-Xss-Protection: 0, 1; mode=block
Referrer-Policy: no-referrer, no-referrer-when-downgrade
Server: nginx
Cross-Origin-Opener-Policy: same-origin
X-Download-Options: noopen
Content-Type: font/woff2
Origin-Agent-Cluster: ?1
Cache-Control: public, max-age=2592000
Feature-Policy: geolocation none;midi none;notifications none;push none;sync-xhr none;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;
Permissions-Policy: geolocation=(),midi=(),notifications=(),push=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),speaker=(),vibrate=(),fullscreen=()
Keep-Alive: timeout=20

GET
H/1.1 200
OK TT_Uzum_Medium-ef0e5a0f.woff2
pay.uzumcheckout.uz/assets/ 38 KB
39 KB 85ms
84ms Font
font/woff2 77.95.130.198
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.uzumcheckout.uz/assets/TT_Uzum_Medium-ef0e5a0f.woff2

Requested by

Host: pay.uzumcheckout.uz
URL: https://pay.uzumcheckout.uz/assets/style-2f600963.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.95.130.198 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

ef0e5a0f674aee611aa9abc98a21419c46cc1d66196a3ec21ae16c1c7fb3d50a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000;, max-age=31536000;
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	0, 1; mode=block

Request headers

Referer: https://pay.uzumcheckout.uz/assets/style-2f600963.css
Origin: https://pay.uzumcheckout.uz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date: Thu, 22 Feb 2024 16:31:16 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff, nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000;, max-age=31536000;
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Transfer-Encoding: chunked
X-Dns-Prefetch-Control: off
Content-Security-Policy-Report-Only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-Xss-Protection: 0, 1; mode=block
Referrer-Policy: no-referrer, no-referrer-when-downgrade
Server: nginx
Cross-Origin-Opener-Policy: same-origin
X-Download-Options: noopen
Content-Type: font/woff2
Origin-Agent-Cluster: ?1
Cache-Control: public, max-age=2592000
Feature-Policy: geolocation none;midi none;notifications none;push none;sync-xhr none;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;
Permissions-Policy: geolocation=(),midi=(),notifications=(),push=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),speaker=(),vibrate=(),fullscreen=()
Keep-Alive: timeout=20

POST
H/1.1 200
OK / Show response
pay.uzumcheckout.uz/service/wa/e/ 13 B
1 KB 275ms
275ms XHR
application/json 77.95.130.198
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.uzumcheckout.uz/service/wa/e/?compression=gzip-js&ip=1&_=1708619479551&ver=1.81.0

Requested by

Host: pay.uzumcheckout.uz
URL: https://pay.uzumcheckout.uz/assets/index-f9ef2793.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.95.130.198 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000;, max-age=31536000;
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pay.uzumcheckout.uz/?orderId=01bbb4ad-90d0-4729-bcff-cc636020fc2d
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 22 Feb 2024 16:31:19 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000;, max-age=31536000;
Content-Security-Policy-Report-Only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000
Content-Length: 33
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin, no-referrer-when-downgrade
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://pay.uzumcheckout.uz
Access-Control-Allow-Credentials: true
Feature-Policy: geolocation none;midi none;notifications none;push none;sync-xhr none;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;
Permissions-Policy: geolocation=(),midi=(),notifications=(),push=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),speaker=(),vibrate=(),fullscreen=()
Keep-Alive: timeout=20
Access-Control-Allow-Headers: X-Requested-With,Content-Type

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

17 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Feature-Policy header: Unrecognized origin: 'none'.
security	warning	Message: Error with Feature-Policy header: Unrecognized origin: 'none'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'notifications'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'push'.
security	warning	Message: Error with Feature-Policy header: Unrecognized origin: 'none'.
security	warning	Message: Error with Feature-Policy header: Unrecognized origin: 'none'.
security	warning	Message: Error with Feature-Policy header: Unrecognized origin: 'none'.
security	warning	Message: Error with Feature-Policy header: Unrecognized origin: 'none'.
security	warning	Message: Error with Feature-Policy header: Unrecognized origin: 'none'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'speaker'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'vibrate'.
security	warning	Message: Error with Feature-Policy header: Unrecognized origin: 'self'.
security	warning	Message: Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: geolocation, midi, sync-xhr, microphone, camera, magnetometer, gyroscope, fullscreen. Values defined in Permissions-Policy header will be used.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'notifications'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'push'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'speaker'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'vibrate'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; max-age=31536000;
X-Content-Type-Options	nosniff nosniff
X-Xss-Protection	1; mode=block
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

pay.uzumcheckout.uz
77.95.130.198
05753e672c35c5bcad7393dc81ac83504f383c3ed218f8c9ee84c7d4960ebcf3
0892707d8dfa5dcb5b986ef1c48424c6c1110a96d03b9a2cd0bb1ac8044267c1
2f600963bdad2fcde1c6e5e659b01d57b892dd1ca704eb1e6cdb886e4161eaa6
2f97da3fa98e04c6a8a2c571ab45cc9b2bf61bf03a2038520b2880286d3f870f
49c7155f3defbc131008466864518cabf3175dcfa4e078bd50544e1d52776c4b
5224e89e23b68de5bbd17ad7c5b7dee8aab10c6042f07af077761d25bd6eeade
591483667d64d74d92df9fcc0870d07bb3eebbce9d868f15af163f7fe654256f
6f2c2854e41cd266e62fd3809843a8c6dcd6950b74ae235bc021fb7b0e5fa5a7
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
8f1332725ab11129985d16b8c4abef4d90b6377bdb8f5248496ecf50450dee45
8fa3cc988de83f30b69ff9b1cfb1fe2c2ab85b78125f4c612dbf329f3d1de2d0
97f90720c66a188ddeeaf129911194855c0df9ce4d853d8385c1bb542267e122
9c591fc121f30aea9a03f5cf8582c5683450c4400d66abd18adcb8764acaf1db
cb85b0f263dbe24e857338301c0627076592e9f1f1a5662929f86d2c126444aa
d66546201c52b5a08b5357a5e6c82b841d6afb11f936f5c17e66c7b545a77c3a
ef0e5a0f674aee611aa9abc98a21419c46cc1d66196a3ec21ae16c1c7fb3d50a

pay.uzumcheckout.uz Open in urlscan Pro 77.95.130.198 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

18 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

350 kBTransfer

829 kBSize

0 Cookies

0 Outgoing links

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

0 Cookies

17 Console Messages

Security Headers

Indicators

pay.uzumcheckout.uz Open in urlscan Pro
77.95.130.198 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

350 kB
Transfer

829 kB
Size

0
Cookies

18 HTTP transactions
0 data transactions