URL: https://mypays.org/b/t53oa?order_id=48156940&order_idNew=48156999
Submission: On August 20 via automatic, source phishtank

Summary

This website contacted 7 IPs in 4 countries across 6 domains to perform 31 HTTP transactions. The main IP is 190.115.19.178, located in Belize and belongs to DANCOM LTD, BZ. The main domain is mypays.org.
TLS certificate: Issued by Let's Encrypt Authority X3 on June 8th 2018. Valid for: 3 months.
This is the only time mypays.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 19 190.115.19.178 262254 (DANCOM LTD)
1 2a00:1450:400... 15169 (GOOGLE)
1 190.115.19.162 262254 (DANCOM LTD)
1 1 185.129.100.99 57724 (DDOS-GUARD)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 54.77.252.137 16509 (AMAZON-02)
5 108.161.189.48 54104 (AS-STACKPATH)
31 7
Domain Requested by
19 mypays.org 2 redirects mypays.org
5 static.siteheart.com widget.siteheart.com
static.siteheart.com
mypays.org
5 fonts.gstatic.com mypays.org
1 widget.siteheart.com mypays.org
1 fonts.googleapis.com mypays.org
1 ddgu.ddos-guard.net 1 redirects
1 e-pay.click mypays.org
1 www.gstatic.com mypays.org
31 8

This site contains links to these domains. Also see Links.

Domain
p.support-desk.ru
Subject Issuer Validity Valid
mypays.org
Let's Encrypt Authority X3
2018-06-08 -
2018-09-06
3 months crt.sh
*.google.com
Google Internet Authority G3
2018-08-07 -
2018-10-16
2 months crt.sh
e-pay.click
Let's Encrypt Authority X3
2018-05-31 -
2018-08-29
3 months crt.sh
*.googleapis.com
Google Internet Authority G3
2018-08-07 -
2018-10-16
2 months crt.sh
*.siteheart.com
RapidSSL SHA256 CA
2017-08-16 -
2018-10-15
a year crt.sh
static.siteheart.com
RapidSSL SHA256 CA
2017-08-16 -
2018-10-15
a year crt.sh

This page contains 2 frames:

Primary Page: https://mypays.org/b/t53oa?order_id=48156940&order_idNew=48156999
Frame ID: AFB692E1366D97E7805BD7BD7453B65D
Requests: 30 HTTP requests in this frame

Frame: https://static.siteheart.com/widget/sh/20180127070749/html/a.html?s=mypays.org
Frame ID: ADC7DB9512CCCC97823D3C4FFDD1A3CD
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • script /firebase.*\.js/i

Overall confidence: 100%
Detected patterns
  • script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

31
Requests

100 %
HTTPS

38 %
IPv6

6
Domains

8
Subdomains

7
IPs

4
Countries

311 kB
Transfer

735 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://mypays.org/form/frm39/img/card_01.png HTTP 302
  • https://ddgu.ddos-guard.net/ddgu/?h=aHR0cHM6Ly9teXBheXMub3Jn&u=L2Zvcm0vZnJtMzkvaW1nL2NhcmRfMDEucG5n HTTP 301
  • https://mypays.org/ddgu_JQ9Xi8A/?u=L2Zvcm0vZnJtMzkvaW1nL2NhcmRfMDEucG5n&i=YmVjNmRiNGM1ZWU0NDE3NGRkNDUxMzEyMjE2N2JiNzEuNDc1Njg3MjM1&s=GxhNuOroRn5qne3GAcAnmEH9H6c HTTP 301
  • https://mypays.org/form/frm39/img/card_01.png

31 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request t53oa
mypays.org/b/
71 KB
21 KB
Document
General
Full URL
https://mypays.org/b/t53oa?order_id=48156940&order_idNew=48156999
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.19.178 , Belize, ASN262254 (DANCOM LTD, BZ),
Reverse DNS
Software
ngjit /
Resource Hash
f6801658e0ff533afbdbb10d396016b31b60f91690579e9124ed70646a6dd7f0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
mypays.org
:scheme
https
:path
/b/t53oa?order_id=48156940&order_idNew=48156999
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
AFB692E1366D97E7805BD7BD7453B65D

Response headers

status
200
server
ngjit
set-cookie
__ddg_=59788; path=/; Expires=Wed, 01 Jan 2020 00:00:00 GMT PHPSESSID=a4kntvf19kabib3rv9nqiehcc4; path=/
date
Mon, 20 Aug 2018 16:13:46 GMT
content-type
text/html; charset=utf-8
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
strict-transport-security
max-age=15768000; includeSubdomains; preload
x-content-type-options
nosniff
content-encoding
gzip
style.css
mypays.org/form/frm39/css/
7 KB
2 KB
Stylesheet
General
Full URL
https://mypays.org/form/frm39/css/style.css
Requested by
Host: mypays.org
URL: https://mypays.org/b/t53oa?order_id=48156940&order_idNew=48156999
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.19.178 , Belize, ASN262254 (DANCOM LTD, BZ),
Reverse DNS
Software
ngjit /
Resource Hash
07f4b913ba0f64deb84b571186413418151dbb44833b7b587ab832c49ac08fde
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/form/frm39/css/style.css
pragma
no-cache
cookie
__ddg_=59788; PHPSESSID=a4kntvf19kabib3rv9nqiehcc4
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
mypays.org
referer
https://mypays.org/b/t53oa?order_id=48156940&order_idNew=48156999
:scheme
https
:method
GET
Referer
https://mypays.org/b/t53oa?order_id=48156940&order_idNew=48156999
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 Aug 2018 15:23:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 14 Aug 2018 11:56:38 GMT
server
ngjit
age
2994
etag
W/"5b72c376-1d1b"
strict-transport-security
max-age=15768000; includeSubdomains; preload
content-type
text/css
status
200
jquery-3.2.1.min.js
mypays.org/form/frm39/js/
85 KB
30 KB
Script
General
Full URL
https://mypays.org/form/frm39/js/jquery-3.2.1.min.js
Requested by
Host: mypays.org
URL: https://mypays.org/b/t53oa?order_id=48156940&order_idNew=48156999
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.19.178 , Belize, ASN262254 (DANCOM LTD, BZ),
Reverse DNS
Software
ngjit /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/form/frm39/js/jquery-3.2.1.min.js
pragma
no-cache
cookie
__ddg_=59788; PHPSESSID=a4kntvf19kabib3rv9nqiehcc4
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
mypays.org
referer
https://mypays.org/b/t53oa?order_id=48156940&order_idNew=48156999
:scheme
https
:method
GET
Referer
https://mypays.org/b/t53oa?order_id=48156940&order_idNew=48156999
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 Aug 2018 16:13:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 27 Nov 2017 16:13:29 GMT
server
ngjit
age
6125
etag
W/"5a1c39a9-15283"
strict-transport-security
max-age=15768000; includeSubdomains; preload
content-type
application/javascript
status
200
accept-ranges
bytes
vary
Accept-Encoding
classie.js
mypays.org/form/frm39/js/
0
0
Script
General
Full URL
https://mypays.org/form/frm39/js/classie.js
Requested by
Host: mypays.org
URL: https://mypays.org/b/t53oa?order_id=48156940&order_idNew=48156999
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.19.178 , Belize, ASN262254 (DANCOM LTD, BZ),
Reverse DNS
Software
ngjit /
Resource Hash

Request headers

:path
/form/frm39/js/classie.js
pragma
no-cache
cookie
__ddg_=59788; PHPSESSID=a4kntvf19kabib3rv9nqiehcc4
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
mypays.org
referer
https://mypays.org/b/t53oa?order_id=48156940&order_idNew=48156999
:scheme
https
:method
GET
Referer
https://mypays.org/b/t53oa?order_id=48156940&order_idNew=48156999
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
503
date
Mon, 20 Aug 2018 16:13:46 GMT
content-encoding
gzip
server
ngjit
vary
Accept-Encoding
content-type
text/html
firebase.js
www.gstatic.com/firebasejs/3.6.8/
294 KB
97 KB
Script
General
Full URL
https://www.gstatic.com/firebasejs/3.6.8/firebase.js
Requested by
Host: mypays.org
URL: https://mypays.org/b/t53oa?order_id=48156940&order_idNew=48156999
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81e::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ca61695b1a98fdb8cbea99e37de798d43723408c4ced92b6a34725f8958d1074
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mypays.org/b/t53oa?order_id=48156940&order_idNew=48156999
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 17 Aug 2018 14:13:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 31 Jan 2017 23:21:35 GMT
server
sffe
age
266419
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
98841
x-xss-protection
1; mode=block
expires
Sat, 17 Aug 2019 14:13:27 GMT
app.js
e-pay.click/
2 KB
1 KB
Script
General
Full URL
https://e-pay.click/app.js
Requested by
Host: mypays.org
URL: https://mypays.org/b/t53oa?order_id=48156940&order_idNew=48156999
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.19.162 , Belize, ASN262254 (DANCOM LTD, BZ),
Reverse DNS
Software
ngjit /
Resource Hash
ff09db66cbf5e82d31545f2930a08435fc39209a49e7c0e8d6bc42425e76cbe7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://mypays.org/b/t53oa?order_id=48156940&order_idNew=48156999
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 Aug 2018 16:13:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 10 Jun 2017 13:46:53 GMT
server
ngjit
age
0
etag
W/"593bf84d-9e9"
strict-transport-security
max-age=15768000; includeSubdomains; preload
content-type
application/javascript
status
200
accept-ranges
bytes
vary
Accept-Encoding
card_01.png
mypays.org/form/frm39/img/
Redirect Chain
  • https://mypays.org/form/frm39/img/card_01.png
  • https://ddgu.ddos-guard.net/ddgu/?h=aHR0cHM6Ly9teXBheXMub3Jn&u=L2Zvcm0vZnJtMzkvaW1nL2NhcmRfMDEucG5n
  • https://mypays.org/ddgu_JQ9Xi8A/?u=L2Zvcm0vZnJtMzkvaW1nL2NhcmRfMDEucG5n&i=YmVjNmRiNGM1ZWU0NDE3NGRkNDUxMzEyMjE2N2JiNzEuNDc1Njg3MjM1&s=GxhNuOroRn5qne3GAcAnmEH9H6c
  • https://mypays.org/form/frm39/img/card_01.png
3 KB
3 KB
Image
General
Full URL
https://mypays.org/form/frm39/img/card_01.png
Requested by
Host: mypays.org
URL: https://mypays.org/b/t53oa?order_id=48156940&order_idNew=48156999
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.19.178 , Belize, ASN262254 (DANCOM LTD, BZ),
Reverse DNS
Software
ngjit /
Resource Hash
9060a811e8555cadf2c386255485c2092b0a469bb5253467cd09c0e59366ca63
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/form/frm39/img/card_01.png
pragma
no-cache
cookie
__ddg_=59788; PHPSESSID=a4kntvf19kabib3rv9nqiehcc4; __ddgu=bec6db4c5ee44174dd4513122167bb71.475687235
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
mypays.org
referer
https://mypays.org/b/t53oa?order_id=48156940&order_idNew=48156999
:scheme
https
:method
GET
Referer
https://mypays.org/b/t53oa?order_id=48156940&order_idNew=48156999
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 Aug 2018 16:13:51 GMT
x-content-type-options
nosniff
last-modified
Mon, 13 Aug 2018 16:33:32 GMT
server
ngjit
age
0
etag
"5b71b2dc-a60"
strict-transport-security
max-age=15768000; includeSubdomains; preload
content-type
image/png
status
200
accept-ranges
bytes
content-length
2656

Redirect headers

date
Mon, 20 Aug 2018 16:13:46 GMT
content-encoding
gzip
status
301
server
ngjit
location
https://mypays.org/form/frm39/img/card_01.png
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
https://mypays.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
set-cookie
__ddgu=bec6db4c5ee44174dd4513122167bb71.475687235; expires=Tue, 20-Aug-19 16:13:46 GMT; path=/; domain=mypays.org
card_15.png
mypays.org/form/frm39/img/
13 KB
13 KB
Image
General
Full URL
https://mypays.org/form/frm39/img/card_15.png
Requested by
Host: mypays.org
URL: https://mypays.org/b/t53oa?order_id=48156940&order_idNew=48156999
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.19.178 , Belize, ASN262254 (DANCOM LTD, BZ),
Reverse DNS
Software
ngjit /
Resource Hash
14aed77616ace574b64270dd3169446e31edb65d9ebc09b13474bff220431fb7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/form/frm39/img/card_15.png
pragma
no-cache
cookie
__ddg_=59788; PHPSESSID=a4kntvf19kabib3rv9nqiehcc4
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
mypays.org
referer
https://mypays.org/b/t53oa?order_id=48156940&order_idNew=48156999
:scheme
https
:method
GET
Referer
https://mypays.org/b/t53oa?order_id=48156940&order_idNew=48156999
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 Aug 2018 15:24:49 GMT
x-content-type-options
nosniff
last-modified
Tue, 14 Aug 2018 11:35:17 GMT
server
ngjit
age
2939
etag
"5b72be75-3529"
strict-transport-security
max-age=15768000; includeSubdomains; preload
content-type
image/png
status
200
accept-ranges
bytes
content-length
13609
card_02.png
mypays.org/form/frm39/img/
727 B
824 B
Image
General
Full URL
https://mypays.org/form/frm39/img/card_02.png
Requested by
Host: mypays.org
URL: https://mypays.org/b/t53oa?order_id=48156940&order_idNew=48156999
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.19.178 , Belize, ASN262254 (DANCOM LTD, BZ),
Reverse DNS
Software
ngjit /
Resource Hash
0f7132551ebb5b95907bda967d462d92e8c6f463daa3783c3980417c19a11cc0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/form/frm39/img/card_02.png
pragma
no-cache
cookie
__ddg_=59788; PHPSESSID=a4kntvf19kabib3rv9nqiehcc4
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
mypays.org
referer
https://mypays.org/b/t53oa?order_id=48156940&order_idNew=48156999
:scheme
https
:method
GET
Referer
https://mypays.org/b/t53oa?order_id=48156940&order_idNew=48156999
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 Aug 2018 16:13:49 GMT
x-content-type-options
nosniff
last-modified
Mon, 13 Aug 2018 16:33:54 GMT
server
ngjit
age
52
etag
"5b71b2f2-2d7"
strict-transport-security
max-age=15768000; includeSubdomains; preload
content-type
image/png
status
200
accept-ranges
bytes
content-length
727
card_03.png
mypays.org/form/frm39/img/
908 B
1006 B
Image
General
Full URL
https://mypays.org/form/frm39/img/card_03.png
Requested by
Host: mypays.org
URL: https://mypays.org/b/t53oa?order_id=48156940&order_idNew=48156999
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.19.178 , Belize, ASN262254 (DANCOM LTD, BZ),
Reverse DNS
Software
ngjit /
Resource Hash
42b4bd895f0aa9c05809d5f8c043fcbf42c2a87f57f586b8b469d44a0ecd535f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/form/frm39/img/card_03.png
pragma
no-cache
cookie
__ddg_=59788; PHPSESSID=a4kntvf19kabib3rv9nqiehcc4
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
mypays.org
referer
https://mypays.org/b/t53oa?order_id=48156940&order_idNew=48156999
:scheme
https
:method
GET
Referer
https://mypays.org/b/t53oa?order_id=48156940&order_idNew=48156999
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 Aug 2018 15:58:43 GMT
x-content-type-options
nosniff
last-modified
Mon, 13 Aug 2018 16:34:06 GMT
server
ngjit
age
903
etag
"5b71b2fe-38c"
strict-transport-security
max-age=15768000; includeSubdomains; preload
content-type
image/png
status
200
accept-ranges
bytes
content-length
908
card_04.png
mypays.org/form/frm39/img/
2 KB
2 KB
Image
General
Full URL
https://mypays.org/form/frm39/img/card_04.png
Requested by
Host: mypays.org
URL: https://mypays.org/b/t53oa?order_id=48156940&order_idNew=48156999
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.19.178 , Belize, ASN262254 (DANCOM LTD, BZ),
Reverse DNS
Software
ngjit /
Resource Hash
0db5e98af688e015c00437e72198b0074eb061730c0257f4c063af0621bc839e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/form/frm39/img/card_04.png
pragma
no-cache
cookie
__ddg_=59788; PHPSESSID=a4kntvf19kabib3rv9nqiehcc4
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
mypays.org
referer
https://mypays.org/b/t53oa?order_id=48156940&order_idNew=48156999
:scheme
https
:method
GET
Referer
https://mypays.org/b/t53oa?order_id=48156940&order_idNew=48156999
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 Aug 2018 16:13:46 GMT
x-content-type-options
nosniff
last-modified
Mon, 13 Aug 2018 16:33:42 GMT
server
ngjit
age
0
etag
"5b71b2e6-918"
strict-transport-security
max-age=15768000; includeSubdomains; preload
content-type
image/png
status
200
accept-ranges
bytes
content-length
2328
card_06.png
mypays.org/form/frm39/img/
2 KB
2 KB
Image
General
Full URL
https://mypays.org/form/frm39/img/card_06.png
Requested by
Host: mypays.org
URL: https://mypays.org/b/t53oa?order_id=48156940&order_idNew=48156999
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.19.178 , Belize, ASN262254 (DANCOM LTD, BZ),
Reverse DNS
Software
ngjit /
Resource Hash
1fea7886af75596952bbf8940be7b6512bae4e41213aa114be81922fc561a012
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/form/frm39/img/card_06.png
pragma
no-cache
cookie
__ddg_=59788; PHPSESSID=a4kntvf19kabib3rv9nqiehcc4
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
mypays.org
referer
https://mypays.org/b/t53oa?order_id=48156940&order_idNew=48156999
:scheme
https
:method
GET
Referer
https://mypays.org/b/t53oa?order_id=48156940&order_idNew=48156999
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 Aug 2018 16:13:50 GMT
x-content-type-options
nosniff
last-modified
Mon, 13 Aug 2018 16:34:26 GMT
server
ngjit
age
42
etag
"5b71b312-729"
strict-transport-security
max-age=15768000; includeSubdomains; preload
content-type
image/png
status
200
accept-ranges
bytes
content-length
1833
jquery.fancybox.css
mypays.org/form/first/css/
5 KB
2 KB
Stylesheet
General
Full URL
https://mypays.org/form/first/css/jquery.fancybox.css
Requested by
Host: mypays.org
URL: https://mypays.org/b/t53oa?order_id=48156940&order_idNew=48156999
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.19.178 , Belize, ASN262254 (DANCOM LTD, BZ),
Reverse DNS
Software
ngjit /
Resource Hash
47bfc4ddf64fef67649b548097bb52a20971dec4122d64d105f3011d23a7f256
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/form/first/css/jquery.fancybox.css
pragma
no-cache
cookie
__ddg_=59788; PHPSESSID=a4kntvf19kabib3rv9nqiehcc4
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
mypays.org
referer
https://mypays.org/b/t53oa?order_id=48156940&order_idNew=48156999
:scheme
https
:method
GET
Referer
https://mypays.org/b/t53oa?order_id=48156940&order_idNew=48156999
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 Aug 2018 16:13:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 07 Dec 2017 14:06:20 GMT
server
ngjit
age
0
etag
"5a294adc-14c5"
strict-transport-security
max-age=15768000; includeSubdomains; preload
content-type
text/css
status
200
jquery.fancybox.js
mypays.org/form/frm26/js/
0
0
Script
General
Full URL
https://mypays.org/form/frm26/js/jquery.fancybox.js
Requested by
Host: mypays.org
URL: https://mypays.org/b/t53oa?order_id=48156940&order_idNew=48156999
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.19.178 , Belize, ASN262254 (DANCOM LTD, BZ),
Reverse DNS
Software
ngjit /
Resource Hash

Request headers

:path
/form/frm26/js/jquery.fancybox.js
pragma
no-cache
cookie
__ddg_=59788; PHPSESSID=a4kntvf19kabib3rv9nqiehcc4
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
mypays.org
referer
https://mypays.org/b/t53oa?order_id=48156940&order_idNew=48156999
:scheme
https
:method
GET
Referer
https://mypays.org/b/t53oa?order_id=48156940&order_idNew=48156999
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
503
date
Mon, 20 Aug 2018 16:13:46 GMT
content-encoding
gzip
server
ngjit
vary
Accept-Encoding
content-type
text/html
push.js
mypays.org/buy/
0
85 B
Script
General
Full URL
https://mypays.org/buy/push.js
Requested by
Host: mypays.org
URL: https://mypays.org/b/t53oa?order_id=48156940&order_idNew=48156999
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.19.178 , Belize, ASN262254 (DANCOM LTD, BZ),
Reverse DNS
Software
ngjit /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/buy/push.js
pragma
no-cache
cookie
__ddg_=59788; PHPSESSID=a4kntvf19kabib3rv9nqiehcc4
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
mypays.org
referer
https://mypays.org/b/t53oa?order_id=48156940&order_idNew=48156999
:scheme
https
:method
GET
Referer
https://mypays.org/b/t53oa?order_id=48156940&order_idNew=48156999
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 Aug 2018 16:13:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 07 Jan 2018 09:24:05 GMT
server
ngjit
age
0
etag
"5a51e735-0"
vary
Accept-Encoding
content-type
application/javascript
status
200
strict-transport-security
max-age=15768000; includeSubdomains; preload
accept-ranges
bytes
css
fonts.googleapis.com/
6 KB
750 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Ubuntu:400,500,700&subset=cyrillic
Requested by
Host: mypays.org
URL: https://mypays.org/b/t53oa?order_id=48156940&order_idNew=48156999
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
ff83775f99d1f67cf5a5b3defcd5505d5195a5e554f3a7972d11c17a29e0d953
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mypays.org/b/t53oa?order_id=48156940&order_idNew=48156999
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=3600
content-encoding
gzip
last-modified
Mon, 20 Aug 2018 16:13:46 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Mon, 20 Aug 2018 16:13:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection
1; mode=block
expires
Mon, 20 Aug 2018 16:13:46 GMT
classie.js
mypays.org/form/frm39/js/
2 KB
821 B
Script
General
Full URL
https://mypays.org/form/frm39/js/classie.js
Requested by
Host: mypays.org
URL: https://mypays.org/b/t53oa?order_id=48156940&amp;order_idNew=48156999
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.19.178 , Belize, ASN262254 (DANCOM LTD, BZ),
Reverse DNS
Software
ngjit /
Resource Hash
717ad22aa426d024f6c9942949b49d9a20f4239b94dfee34f94c96d8778f2144
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/form/frm39/js/classie.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
mypays.org
referer
https://mypays.org/b/t53oa?order_id=48156940&amp;order_idNew=48156999
:scheme
https
:method
GET
Referer
https://mypays.org/b/t53oa?order_id=48156940&amp;order_idNew=48156999
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 Aug 2018 16:13:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 16 Mar 2015 13:47:18 GMT
server
ngjit
age
0
etag
W/"5506dee6-72b"
strict-transport-security
max-age=15768000; includeSubdomains; preload
content-type
application/javascript
status
200
set-cookie
__ddg_=69093; path=/; Expires=Wed, 01 Jan 2020 00:00:00 GMT
accept-ranges
bytes
vary
Accept-Encoding
mobile.png
mypays.org/form/frm39/img/
13 KB
14 KB
Image
General
Full URL
https://mypays.org/form/frm39/img/mobile.png
Requested by
Host: mypays.org
URL: https://mypays.org/b/t53oa?order_id=48156940&amp;order_idNew=48156999
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.19.178 , Belize, ASN262254 (DANCOM LTD, BZ),
Reverse DNS
Software
ngjit /
Resource Hash
42a25fc01fbe401d95c880a456787a025e90ce38f4e18b061e7df0941a6d82f2
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/form/frm39/img/mobile.png
pragma
no-cache
cookie
__ddg_=69093
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
mypays.org
referer
https://mypays.org/form/frm39/css/style.css
:scheme
https
:method
GET
Referer
https://mypays.org/form/frm39/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 Aug 2018 16:13:54 GMT
x-content-type-options
nosniff
last-modified
Tue, 14 Aug 2018 09:45:36 GMT
server
ngjit
age
0
etag
"5b72a4c0-35f8"
strict-transport-security
max-age=15768000; includeSubdomains; preload
content-type
image/png
status
200
accept-ranges
bytes
content-length
13816
4iCs6KVjbNBYlgoKew72nU6AF7xm.woff2
fonts.gstatic.com/s/ubuntu/v12/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ubuntu/v12/4iCs6KVjbNBYlgoKew72nU6AF7xm.woff2
Requested by
Host: mypays.org
URL: https://mypays.org/b/t53oa?order_id=48156940&amp;order_idNew=48156999
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
925e403d59ea3e89cf998b801db15a40177e4a30374a307a1846753863c1b429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Ubuntu:400,500,700&subset=cyrillic
Origin
https://mypays.org

Response headers

date
Fri, 17 Aug 2018 12:38:16 GMT
x-content-type-options
nosniff
last-modified
Wed, 01 Aug 2018 17:28:38 GMT
server
sffe
age
272136
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
8128
x-xss-protection
1; mode=block
expires
Sat, 17 Aug 2019 12:38:16 GMT
4iCv6KVjbNBYlgoCjC3jsGyNPYZvgw.woff2
fonts.gstatic.com/s/ubuntu/v12/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ubuntu/v12/4iCv6KVjbNBYlgoCjC3jsGyNPYZvgw.woff2
Requested by
Host: mypays.org
URL: https://mypays.org/b/t53oa?order_id=48156940&amp;order_idNew=48156999
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e25d65f020f2bb10f8aa86568b527bba648a17396d239331e7e45a0139879ecc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Ubuntu:400,500,700&subset=cyrillic
Origin
https://mypays.org

Response headers

date
Fri, 17 Aug 2018 18:06:05 GMT
x-content-type-options
nosniff
last-modified
Wed, 01 Aug 2018 17:29:34 GMT
server
sffe
age
252467
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
13848
x-xss-protection
1; mode=block
expires
Sat, 17 Aug 2019 18:06:05 GMT
4iCv6KVjbNBYlgoCxCvjsGyNPYZvgw.woff2
fonts.gstatic.com/s/ubuntu/v12/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ubuntu/v12/4iCv6KVjbNBYlgoCxCvjsGyNPYZvgw.woff2
Requested by
Host: mypays.org
URL: https://mypays.org/b/t53oa?order_id=48156940&amp;order_idNew=48156999
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
251e8e864140d9a7ceacce3371ff692595dd0a455ad000de4041d8a313618bd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Ubuntu:400,500,700&subset=cyrillic
Origin
https://mypays.org

Response headers

date
Fri, 17 Aug 2018 16:16:21 GMT
x-content-type-options
nosniff
last-modified
Wed, 01 Aug 2018 17:28:28 GMT
server
sffe
age
259051
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
14096
x-xss-protection
1; mode=block
expires
Sat, 17 Aug 2019 16:16:21 GMT
ok.png
mypays.org/form/frm39/img/
260 B
357 B
Image
General
Full URL
https://mypays.org/form/frm39/img/ok.png
Requested by
Host: mypays.org
URL: https://mypays.org/b/t53oa?order_id=48156940&amp;order_idNew=48156999
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.19.178 , Belize, ASN262254 (DANCOM LTD, BZ),
Reverse DNS
Software
ngjit /
Resource Hash
40633bbd3c5065dc9658b04ce1ab6a231301f048f3cecc90d779dd2b8b653b9c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/form/frm39/img/ok.png
pragma
no-cache
cookie
__ddg_=69093
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
mypays.org
referer
https://mypays.org/form/frm39/css/style.css
:scheme
https
:method
GET
Referer
https://mypays.org/form/frm39/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 Aug 2018 16:13:53 GMT
x-content-type-options
nosniff
last-modified
Mon, 13 Aug 2018 16:31:40 GMT
server
ngjit
age
4057
etag
"5b71b26c-104"
strict-transport-security
max-age=15768000; includeSubdomains; preload
content-type
image/png
status
200
accept-ranges
bytes
content-length
260
4iCs6KVjbNBYlgoKfw72nU6AFw.woff2
fonts.gstatic.com/s/ubuntu/v12/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ubuntu/v12/4iCs6KVjbNBYlgoKfw72nU6AFw.woff2
Requested by
Host: mypays.org
URL: https://mypays.org/b/t53oa?order_id=48156940&amp;order_idNew=48156999
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
943a150e9577247cc5e8e493065795ca77a35485b4169f33a4d6f570c209b010
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Ubuntu:400,500,700&subset=cyrillic
Origin
https://mypays.org

Response headers

date
Wed, 01 Aug 2018 18:57:47 GMT
x-content-type-options
nosniff
last-modified
Wed, 01 Aug 2018 17:29:07 GMT
server
sffe
age
1631765
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
13720
x-xss-protection
1; mode=block
expires
Thu, 01 Aug 2019 18:57:47 GMT
4iCv6KVjbNBYlgoCjC3jtGyNPYZvg7UI.woff2
fonts.gstatic.com/s/ubuntu/v12/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ubuntu/v12/4iCv6KVjbNBYlgoCjC3jtGyNPYZvg7UI.woff2
Requested by
Host: mypays.org
URL: https://mypays.org/b/t53oa?order_id=48156940&amp;order_idNew=48156999
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ae184cd595b89f965d824a9e8748f6ec8f8d3a76ce836e054162207ccb69c251
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Ubuntu:400,500,700&subset=cyrillic
Origin
https://mypays.org

Response headers

date
Fri, 17 Aug 2018 18:07:59 GMT
x-content-type-options
nosniff
last-modified
Wed, 01 Aug 2018 17:29:00 GMT
server
sffe
age
252353
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
8024
x-xss-protection
1; mode=block
expires
Sat, 17 Aug 2019 18:07:59 GMT
widget.js
widget.siteheart.com/widget/sh/887070/en/
399 B
714 B
Script
General
Full URL
https://widget.siteheart.com/widget/sh/887070/en/widget.js
Requested by
Host: mypays.org
URL: https://mypays.org/b/t53oa?order_id=48156940&amp;order_idNew=48156999
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.252.137 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-77-252-137.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
53842ef4cdc93f16a5ffcb192a5c1e898fa9c54f20fc6e7871fc7bcb75528fd5

Request headers

Referer
https://mypays.org/b/t53oa?order_id=48156940&amp;order_idNew=48156999
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 Aug 2018 16:13:52 GMT
Server
nginx
Content-Type
text/javascript; charset=UTF-8
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
399
Expires
Sun, 23 Sep 2012 03:52:54 GMT
jquery.fancybox.js
mypays.org/form/frm26/js/
48 KB
14 KB
Script
General
Full URL
https://mypays.org/form/frm26/js/jquery.fancybox.js
Requested by
Host: mypays.org
URL: https://mypays.org/b/t53oa?order_id=48156940&amp;order_idNew=48156999
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.19.178 , Belize, ASN262254 (DANCOM LTD, BZ),
Reverse DNS
Software
ngjit /
Resource Hash
9ad8bda85bc2fba8ce934b7aa30a3e2a8b9350abadb6aac7ecb282f78bf4294a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/form/frm26/js/jquery.fancybox.js
pragma
no-cache
cookie
__ddg_=69093
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
mypays.org
referer
https://mypays.org/b/t53oa?order_id=48156940&amp;order_idNew=48156999
:scheme
https
:method
GET
Referer
https://mypays.org/b/t53oa?order_id=48156940&amp;order_idNew=48156999
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 Aug 2018 16:13:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 28 Feb 2017 04:46:20 GMT
server
ngjit
age
0
etag
W/"58b5009c-be83"
strict-transport-security
max-age=15768000; includeSubdomains; preload
content-type
application/javascript
status
200
accept-ranges
bytes
vary
Accept-Encoding
widget.js
static.siteheart.com/widget/shembed/887070/en/20180127070749/20180127070749/
94 KB
35 KB
Script
General
Full URL
https://static.siteheart.com/widget/shembed/887070/en/20180127070749/20180127070749/widget.js
Requested by
Host: widget.siteheart.com
URL: https://widget.siteheart.com/widget/sh/887070/en/widget.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.189.48 Los Angeles, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
5622f17a70ff0b7d7d67930704acf4658d1f94097aa07813e5405bb34cf87195

Request headers

Referer
https://mypays.org/b/t53oa?order_id=48156940&amp;order_idNew=48156999
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 Aug 2018 16:13:52 GMT
content-encoding
gzip
server
NetDNA-cache/2.2
x-cache
HIT
content-type
text/javascript; charset=UTF-8
status
200
cache-control
max-age=2592000
expires
Thu, 13 Sep 2018 12:55:17 GMT
green.css
static.siteheart.com/widget/sh/20180127070749/css/
21 KB
5 KB
Stylesheet
General
Full URL
https://static.siteheart.com/widget/sh/20180127070749/css/green.css
Requested by
Host: static.siteheart.com
URL: https://static.siteheart.com/widget/shembed/887070/en/20180127070749/20180127070749/widget.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.189.48 Los Angeles, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
1f61653379555a7bcd60b777a623025b2d04380ff6a0649878530f8d9a7e27e7

Request headers

Referer
https://mypays.org/b/t53oa?order_id=48156940&amp;order_idNew=48156999
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 Aug 2018 16:13:52 GMT
content-encoding
gzip
last-modified
Fri, 03 Nov 2017 15:10:35 GMT
server
NetDNA-cache/2.2
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
status
200
cache-control
max-age=2592000
expires
Thu, 13 Sep 2018 11:11:17 GMT
logo.png
static.siteheart.com/widget/sh/20180127070749/img/
515 B
708 B
Image
General
Full URL
https://static.siteheart.com/widget/sh/20180127070749/img/logo.png
Requested by
Host: mypays.org
URL: https://mypays.org/b/t53oa?order_id=48156940&amp;order_idNew=48156999
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.189.48 Los Angeles, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
ea603a489536144c970bce4e6b027a9972f00826bf15e1e2ee48ca5bc274db4a

Request headers

Referer
https://mypays.org/b/t53oa?order_id=48156940&amp;order_idNew=48156999
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 Aug 2018 16:13:52 GMT
last-modified
Fri, 03 Nov 2017 15:10:36 GMT
server
NetDNA-cache/2.2
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
status
200
cache-control
max-age=2592000
content-length
515
expires
Thu, 13 Sep 2018 11:11:17 GMT
sound.message.ogg
static.siteheart.com/widget/sh/20180127070749/audio/
8 KB
8 KB
Media
General
Full URL
https://static.siteheart.com/widget/sh/20180127070749/audio/sound.message.ogg
Requested by
Host: mypays.org
URL: https://mypays.org/b/t53oa?order_id=48156940&amp;order_idNew=48156999
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.189.48 Los Angeles, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
9db2edeab4bd44282d6b35cba567f18a67a6782d50c2cac3e5a1b61843b02e41

Request headers

Referer
https://mypays.org/b/t53oa?order_id=48156940&amp;order_idNew=48156999
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Range
bytes=0-
chrome-proxy
frfr

Response headers

date
Mon, 20 Aug 2018 16:13:52 GMT
last-modified
Fri, 03 Nov 2017 15:10:35 GMT
server
NetDNA-cache/2.2
vary
Accept-Encoding
x-cache
HIT
content-type
audio/ogg
status
200
cache-control
max-age=2592000
content-length
7984
expires
Thu, 13 Sep 2018 11:13:16 GMT
a.html
static.siteheart.com/widget/sh/20180127070749/html/ Frame ADC7
0
0
Document
General
Full URL
https://static.siteheart.com/widget/sh/20180127070749/html/a.html?s=mypays.org
Requested by
Host: static.siteheart.com
URL: https://static.siteheart.com/widget/shembed/887070/en/20180127070749/20180127070749/widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.189.48 Los Angeles, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash

Request headers

:method
GET
:authority
static.siteheart.com
:scheme
https
:path
/widget/sh/20180127070749/html/a.html?s=mypays.org
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://mypays.org/b/t53oa?order_id=48156940&amp;order_idNew=48156999
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
AFB692E1366D97E7805BD7BD7453B65D
Referer
https://mypays.org/b/t53oa?order_id=48156940&amp;order_idNew=48156999

Response headers

status
200
date
Mon, 20 Aug 2018 16:13:53 GMT
content-type
text/html; charset=utf-8
cache-control
max-age=2592000
expires
Thu, 13 Sep 2018 10:40:06 GMT
last-modified
Fri, 03 Nov 2017 15:10:35 GMT
vary
Accept-Encoding
server
NetDNA-cache/2.2
x-cache
HIT
content-encoding
gzip

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| classie function| moscowTime string| order_id object| firebase function| __extends function| __decorate function| __metadata function| __param function| __awaiter object| messaging function| send function| sendTokenToServer function| isTokenSentToServer function| setTokenSentToServer object| _shcp boolean| SH_GP_ONLINE function| jSH object| SHClass object| SHtmpl function| SHAudioFX function| SH

3 Cookies

Domain/Path Name / Value
.siteheart.com/ Name: _gid
Value: GA1.2.754616515.1534781634
.siteheart.com/ Name: _gat
Value: 1
.siteheart.com/ Name: _ga
Value: GA1.2.1327064156.1534781634

2 Console Messages

Source Level URL
Text
console-api error URL: https://static.siteheart.com/widget/shembed/887070/en/20180127070749/20180127070749/widget.js(Line 2)
Message:
TypeError: Cannot read property 'setItem' of null
console-api warning URL: https://mypays.org/form/frm39/js/jquery-3.2.1.min.js(Line 2)
Message:
jQuery.Deferred exception: subscribe is not defined

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ddgu.ddos-guard.net
e-pay.click
fonts.googleapis.com
fonts.gstatic.com
mypays.org
static.siteheart.com
widget.siteheart.com
www.gstatic.com
108.161.189.48
185.129.100.99
190.115.19.162
190.115.19.178
2a00:1450:4001:81e::2003
2a00:1450:4001:821::2003
2a00:1450:4001:821::200a
54.77.252.137
07f4b913ba0f64deb84b571186413418151dbb44833b7b587ab832c49ac08fde
0db5e98af688e015c00437e72198b0074eb061730c0257f4c063af0621bc839e
0f7132551ebb5b95907bda967d462d92e8c6f463daa3783c3980417c19a11cc0
14aed77616ace574b64270dd3169446e31edb65d9ebc09b13474bff220431fb7
1f61653379555a7bcd60b777a623025b2d04380ff6a0649878530f8d9a7e27e7
1fea7886af75596952bbf8940be7b6512bae4e41213aa114be81922fc561a012
251e8e864140d9a7ceacce3371ff692595dd0a455ad000de4041d8a313618bd7
40633bbd3c5065dc9658b04ce1ab6a231301f048f3cecc90d779dd2b8b653b9c
42a25fc01fbe401d95c880a456787a025e90ce38f4e18b061e7df0941a6d82f2
42b4bd895f0aa9c05809d5f8c043fcbf42c2a87f57f586b8b469d44a0ecd535f
47bfc4ddf64fef67649b548097bb52a20971dec4122d64d105f3011d23a7f256
53842ef4cdc93f16a5ffcb192a5c1e898fa9c54f20fc6e7871fc7bcb75528fd5
5622f17a70ff0b7d7d67930704acf4658d1f94097aa07813e5405bb34cf87195
717ad22aa426d024f6c9942949b49d9a20f4239b94dfee34f94c96d8778f2144
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
9060a811e8555cadf2c386255485c2092b0a469bb5253467cd09c0e59366ca63
925e403d59ea3e89cf998b801db15a40177e4a30374a307a1846753863c1b429
943a150e9577247cc5e8e493065795ca77a35485b4169f33a4d6f570c209b010
9ad8bda85bc2fba8ce934b7aa30a3e2a8b9350abadb6aac7ecb282f78bf4294a
9db2edeab4bd44282d6b35cba567f18a67a6782d50c2cac3e5a1b61843b02e41
ae184cd595b89f965d824a9e8748f6ec8f8d3a76ce836e054162207ccb69c251
ca61695b1a98fdb8cbea99e37de798d43723408c4ced92b6a34725f8958d1074
e25d65f020f2bb10f8aa86568b527bba648a17396d239331e7e45a0139879ecc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea603a489536144c970bce4e6b027a9972f00826bf15e1e2ee48ca5bc274db4a
f6801658e0ff533afbdbb10d396016b31b60f91690579e9124ed70646a6dd7f0
ff09db66cbf5e82d31545f2930a08435fc39209a49e7c0e8d6bc42425e76cbe7
ff83775f99d1f67cf5a5b3defcd5505d5195a5e554f3a7972d11c17a29e0d953