Submitted URL: http://www.chdd-org.com.hk/go.aspx?url=http%3A%2F%2Fcatcut.net%2FzqtN?10011811119295
Effective URL: https://paymentgateway.club/clicks/
Submission: On August 04 via manual from IN

Summary

This website contacted 3 IPs in 5 countries across 7 domains to perform 18 HTTP transactions. The main IP is 2606:4700:3032::ac43:8cc0, located in United States and belongs to CLOUDFLARENET, US. The main domain is paymentgateway.club.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 26th 2020. Valid for: a year.
This is the only time paymentgateway.club was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 210.209.123.236 17444 (NWT-AS-AP...)
1 1 185.26.97.103 44066 (DE-FIRSTC...)
1 1 190.115.19.218 262254 (DDOS-GUAR...)
1 1 185.178.211.138 49612 (COGNITIVE...)
1 1 185.178.211.140 49612 (COGNITIVE...)
1 14 2606:4700:303... 13335 (CLOUDFLAR...)
4 5.254.23.195 3223 (VOXILITY)
1 5.254.23.67 3223 (VOXILITY)
18 3
Apex Domain
Subdomains
Transfer
14 paymentgateway.club
paymentgateway.club
224 KB
5 cdnvideo.ru
m-build.cdnvideo.ru
m-files.cdnvideo.ru
51 KB
1 ac-cpay.top
ac-cpay.top
585 B
1 keyclick.icu
keyclick.icu
211 B
1 serviceday.name
serviceday.name
228 B
1 catcut.net
catcut.net
246 B
1 chdd-org.com.hk
www.chdd-org.com.hk
324 B
18 7
Domain Requested by
14 paymentgateway.club 1 redirects paymentgateway.club
4 m-build.cdnvideo.ru paymentgateway.club
1 m-files.cdnvideo.ru
1 ac-cpay.top 1 redirects
1 keyclick.icu 1 redirects
1 serviceday.name 1 redirects
1 catcut.net 1 redirects
1 www.chdd-org.com.hk 1 redirects
18 8

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-07-26 -
2021-07-26
a year crt.sh
*.cdnvideo.ru
Go Daddy Secure Certificate Authority - G2
2020-05-26 -
2022-06-26
2 years crt.sh

This page contains 1 frames:

Primary Page: https://paymentgateway.club/clicks/
Frame ID: C0CF557F746527B24C57A57D21951EC8
Requests: 18 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://www.chdd-org.com.hk/go.aspx?url=http%3A%2F%2Fcatcut.net%2FzqtN?10011811119295 HTTP 302
    http://catcut.net/zqtN?10011811119295 HTTP 302
    https://serviceday.name/tds/p2b7 HTTP 302
    http://keyclick.icu/tds/98931 HTTP 302
    https://ac-cpay.top/tds/98931 HTTP 307
    https://paymentgateway.club/clicks HTTP 301
    http://paymentgateway.club/clicks/ HTTP 307
    https://paymentgateway.club/clicks/ Page URL

Detected technologies

Overall confidence: 50%
Detected patterns
  • url /\.aspx?(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • url /\.aspx?(?:$|\?)/i

Overall confidence: 50%
Detected patterns
  • url /\.aspx?(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

18
Requests

100 %
HTTPS

13 %
IPv6

7
Domains

8
Subdomains

3
IPs

5
Countries

275 kB
Transfer

915 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.chdd-org.com.hk/go.aspx?url=http%3A%2F%2Fcatcut.net%2FzqtN?10011811119295 HTTP 302
    http://catcut.net/zqtN?10011811119295 HTTP 302
    https://serviceday.name/tds/p2b7 HTTP 302
    http://keyclick.icu/tds/98931 HTTP 302
    https://ac-cpay.top/tds/98931 HTTP 307
    https://paymentgateway.club/clicks HTTP 301
    http://paymentgateway.club/clicks/ HTTP 307
    https://paymentgateway.club/clicks/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
paymentgateway.club/clicks/
Redirect Chain
  • http://www.chdd-org.com.hk/go.aspx?url=http%3A%2F%2Fcatcut.net%2FzqtN?10011811119295
  • http://catcut.net/zqtN?10011811119295
  • https://serviceday.name/tds/p2b7
  • http://keyclick.icu/tds/98931
  • https://ac-cpay.top/tds/98931
  • https://paymentgateway.club/clicks
  • http://paymentgateway.club/clicks/
  • https://paymentgateway.club/clicks/
27 KB
6 KB
Document
General
Full URL
https://paymentgateway.club/clicks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:8cc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69555ee515bf2bf59a06846887afa89e64932762dd8005c091f475eaf052f3ea
Security Headers
Name Value
Strict-Transport-Security max-age=12960000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
paymentgateway.club
:scheme
https
:path
/clicks/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d8723602a5094c8535664a3ac2271ec1f1596525002; __ddg1=a1SBQ9ViklMmw9q8UBkD
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Tue, 04 Aug 2020 07:10:03 GMT
content-type
text/html
strict-transport-security
max-age=12960000; includeSubDomains
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
0459e7582d0000d6d99cbb0200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options
nosniff
server
cloudflare
cf-ray
5bd674d37fb6d6d9-FRA
content-encoding
br

Redirect headers

Location
https://paymentgateway.club/clicks/
Non-Authoritative-Reason
HSTS
bootstrap.min1a35.css
paymentgateway.club/clicks/images/
123 KB
19 KB
Stylesheet
General
Full URL
https://paymentgateway.club/clicks/images/bootstrap.min1a35.css?v=1558417032
Requested by
Host: paymentgateway.club
URL: https://paymentgateway.club/clicks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:8cc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ab9e8fac8dceaab6777424236d68f63ee3a8f2f4b0b67d5edd97f8216dd1636
Security Headers
Name Value
Strict-Transport-Security max-age=12960000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://paymentgateway.club/clicks/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 04 Aug 2020 07:10:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
287
status
200
vary
Accept-Encoding
cf-request-id
0459e759f70000d6d99cbdb200000001
last-modified
Sun, 26 Jul 2020 10:00:10 GMT
server
cloudflare
etag
W/"5f1d542a-1edf7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=12960000; includeSubDomains
content-type
text/css
cache-control
max-age=14400
cf-ray
5bd674d65e8dd6d9-FRA
publisheddedd.css
paymentgateway.club/clicks/images/
64 KB
11 KB
Stylesheet
General
Full URL
https://paymentgateway.club/clicks/images/publisheddedd.css?v=1588660435
Requested by
Host: paymentgateway.club
URL: https://paymentgateway.club/clicks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:8cc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d6731fa1df16ddfb1efa14cfc5cca9121d7f2578050c23a01edda085fa3388c
Security Headers
Name Value
Strict-Transport-Security max-age=12960000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://paymentgateway.club/clicks/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 04 Aug 2020 07:10:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
287
status
200
vary
Accept-Encoding
cf-request-id
0459e759f80000d6d99cbdc200000001
last-modified
Sun, 26 Jul 2020 10:00:25 GMT
server
cloudflare
etag
W/"5f1d5439-10079"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=12960000; includeSubDomains
content-type
text/css
cache-control
max-age=14400
cf-ray
5bd674d65e8fd6d9-FRA
sites8478.css
paymentgateway.club/clicks/images/
135 KB
32 KB
Stylesheet
General
Full URL
https://paymentgateway.club/clicks/images/sites8478.css?v=1588660436
Requested by
Host: paymentgateway.club
URL: https://paymentgateway.club/clicks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:8cc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fbeb5bae56f6e25a74130957a297c3c90437740c07e8b7cac84987d5b140cf7
Security Headers
Name Value
Strict-Transport-Security max-age=12960000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://paymentgateway.club/clicks/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 04 Aug 2020 07:10:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
287
status
200
vary
Accept-Encoding
cf-request-id
0459e759f80000d6d99cbdd200000001
last-modified
Sun, 26 Jul 2020 10:00:28 GMT
server
cloudflare
etag
W/"5f1d543c-21d18"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=12960000; includeSubDomains
content-type
text/css
cache-control
max-age=14400
cf-ray
5bd674d65e91d6d9-FRA
slick2969.css
paymentgateway.club/clicks/images/
3 KB
1 KB
Stylesheet
General
Full URL
https://paymentgateway.club/clicks/images/slick2969.css?ts=1588660387
Requested by
Host: paymentgateway.club
URL: https://paymentgateway.club/clicks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:8cc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71ea51cb37c717f75425a2fdd4e562ba7183cf803cadf0dc477282a937e75b09
Security Headers
Name Value
Strict-Transport-Security max-age=12960000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://paymentgateway.club/clicks/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 04 Aug 2020 07:10:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Sun, 26 Jul 2020 10:00:32 GMT
server
cloudflare
etag
W/"5f1d5440-d81"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
strict-transport-security
max-age=12960000; includeSubDomains
cf-ray
5bd674d65e92d6d9-FRA
cf-request-id
0459e759f80000d6d99cbde200000001
f:Open_Sans_Light
m-build.cdnvideo.ru/pages/get_font/
283 B
650 B
Stylesheet
General
Full URL
https://m-build.cdnvideo.ru/pages/get_font/f:Open_Sans_Light?2
Requested by
Host: paymentgateway.club
URL: https://paymentgateway.club/clicks/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.254.23.195 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software
nginx /
Resource Hash
fa09a3967f19134c7112c578f7ea845eae53260f012a0d48cce86bba8d4d9670

Request headers

Referer
https://paymentgateway.club/clicks/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 04 Aug 2020 07:10:03 GMT
accept-charset
utf-8
server
nginx
etag
"7cd11bb6c39f3b563232ab2450a9937e"
x-node-blk
n11
status
200
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
x-app
static10
content-length
283
expires
Mon, 03 Aug 2020 16:22:55 GMT
f:Open_Sans_Normal
m-build.cdnvideo.ru/pages/get_font/
285 B
651 B
Stylesheet
General
Full URL
https://m-build.cdnvideo.ru/pages/get_font/f:Open_Sans_Normal?2
Requested by
Host: paymentgateway.club
URL: https://paymentgateway.club/clicks/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.254.23.195 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software
nginx /
Resource Hash
d000c5a338e6df53d4a564a8cfd5587aca05b1d76f2e05996c11215e8af106fc

Request headers

Referer
https://paymentgateway.club/clicks/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 04 Aug 2020 07:10:03 GMT
accept-charset
utf-8
server
nginx
etag
"1efbd221e2ab4f96674c7aae1666a39e"
x-node-blk
n11
status
200
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
x-app
static11
content-length
285
expires
Sat, 08 Aug 2020 07:19:58 GMT
f:Scada_Normal
m-build.cdnvideo.ru/pages/get_font/
265 B
630 B
Stylesheet
General
Full URL
https://m-build.cdnvideo.ru/pages/get_font/f:Scada_Normal?2
Requested by
Host: paymentgateway.club
URL: https://paymentgateway.club/clicks/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.254.23.195 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software
nginx /
Resource Hash
5746e3478919ce46e159e8361679744b5a9910f15530ebc69c6abd9279104e7c

Request headers

Referer
https://paymentgateway.club/clicks/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 04 Aug 2020 07:10:03 GMT
accept-charset
utf-8
server
nginx
etag
"343ac2193447c3a7f13e825c08c157db"
x-node-blk
n11
status
200
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
x-app
static10
content-length
265
expires
Tue, 04 Aug 2020 17:07:25 GMT
file.png
paymentgateway.club/clicks/images/
1 KB
1 KB
Image
General
Full URL
https://paymentgateway.club/clicks/images/file.png
Requested by
Host: paymentgateway.club
URL: https://paymentgateway.club/clicks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:8cc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05c4c51118cd81d18795835140fcf302adb153138884bd883a3efee621d22ac6
Security Headers
Name Value
Strict-Transport-Security max-age=12960000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://paymentgateway.club/clicks/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 04 Aug 2020 07:10:03 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
288
status
200
vary
Accept-Encoding
content-length
1049
cf-request-id
0459e759fc0000d6d99cbe7200000001
last-modified
Sun, 26 Jul 2020 10:00:14 GMT
server
cloudflare
etag
"5f1d542e-419"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=12960000; includeSubDomains
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5bd674d66ea9d6d9-FRA
jquery09c8.js
paymentgateway.club/clicks/images/
97 KB
33 KB
Script
General
Full URL
https://paymentgateway.club/clicks/images/jquery09c8.js?v=1588660367
Requested by
Host: paymentgateway.club
URL: https://paymentgateway.club/clicks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:8cc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f72bc20aeb2757ca5793babfe6bf4706f07823bece2cfd40fc95946668d8faa1
Security Headers
Name Value
Strict-Transport-Security max-age=12960000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://paymentgateway.club/clicks/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 04 Aug 2020 07:10:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
288
status
200
vary
Accept-Encoding
cf-request-id
0459e759f90000d6d99cbdf200000001
last-modified
Sun, 26 Jul 2020 10:00:19 GMT
server
cloudflare
etag
W/"5f1d5433-18553"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=12960000; includeSubDomains
content-type
application/javascript
cache-control
max-age=14400
cf-ray
5bd674d65e96d6d9-FRA
jquery-sites622a.js
paymentgateway.club/clicks/images/
112 KB
32 KB
Script
General
Full URL
https://paymentgateway.club/clicks/images/jquery-sites622a.js?v=1588660369
Requested by
Host: paymentgateway.club
URL: https://paymentgateway.club/clicks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:8cc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba563372ea25f5da46d04f4dd1b4f579068060427335e731f5b5c84cb107bf34
Security Headers
Name Value
Strict-Transport-Security max-age=12960000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://paymentgateway.club/clicks/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 04 Aug 2020 07:10:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
287
status
200
vary
Accept-Encoding
cf-request-id
0459e759f90000d6d99cbe0200000001
last-modified
Sun, 26 Jul 2020 10:00:17 GMT
server
cloudflare
etag
W/"5f1d5431-1be13"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=12960000; includeSubDomains
content-type
application/javascript
cache-control
max-age=14400
cf-ray
5bd674d65e98d6d9-FRA
bootstrap.min1a35.js
paymentgateway.club/clicks/images/
27 KB
7 KB
Script
General
Full URL
https://paymentgateway.club/clicks/images/bootstrap.min1a35.js?v=1558417032
Requested by
Host: paymentgateway.club
URL: https://paymentgateway.club/clicks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:8cc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cd8debe293dc57c3d848beb133fb2d041035a388c5435696ab25ce91a079e03
Security Headers
Name Value
Strict-Transport-Security max-age=12960000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://paymentgateway.club/clicks/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 04 Aug 2020 07:10:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
287
status
200
vary
Accept-Encoding
cf-request-id
0459e759f90000d6d99cbe1200000001
last-modified
Sun, 26 Jul 2020 10:00:11 GMT
server
cloudflare
etag
W/"5f1d542b-6aa4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=12960000; includeSubDomains
content-type
application/javascript
cache-control
max-age=14400
cf-ray
5bd674d65e9bd6d9-FRA
published45d7.js
paymentgateway.club/clicks/images/
231 KB
70 KB
Script
General
Full URL
https://paymentgateway.club/clicks/images/published45d7.js?v=1588660405
Requested by
Host: paymentgateway.club
URL: https://paymentgateway.club/clicks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:8cc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afc174ffb4636299575689ba81207f9ee830ea617355a5f5d1cfd96186760c2e
Security Headers
Name Value
Strict-Transport-Security max-age=12960000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://paymentgateway.club/clicks/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 04 Aug 2020 07:10:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
287
status
200
vary
Accept-Encoding
cf-request-id
0459e759f90000d6d99cbe2200000001
last-modified
Sun, 26 Jul 2020 10:00:24 GMT
server
cloudflare
etag
W/"5f1d5438-39bd2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=12960000; includeSubDomains
content-type
application/javascript
cache-control
max-age=14400
cf-ray
5bd674d65e9dd6d9-FRA
slick09c8.js
paymentgateway.club/clicks/images/
40 KB
10 KB
Script
General
Full URL
https://paymentgateway.club/clicks/images/slick09c8.js?v=1588660367
Requested by
Host: paymentgateway.club
URL: https://paymentgateway.club/clicks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:8cc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33674760ec872899a4db42afce2386593a48089477ceaa3bb86ef34b3077bd98
Security Headers
Name Value
Strict-Transport-Security max-age=12960000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://paymentgateway.club/clicks/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 04 Aug 2020 07:10:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Sun, 26 Jul 2020 10:00:31 GMT
server
cloudflare
etag
W/"5f1d543f-a16e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
strict-transport-security
max-age=12960000; includeSubDomains
cf-ray
5bd674d65e9fd6d9-FRA
cf-request-id
0459e759fb0000d6d99cbe3200000001
direct.js
paymentgateway.club/clicks/
5 KB
922 B
Script
General
Full URL
https://paymentgateway.club/clicks/direct.js
Requested by
Host: paymentgateway.club
URL: https://paymentgateway.club/clicks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:8cc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f33447a88bc20be1aba2b32939192e8aaf979be85f83d0cba74c81b3652f4dcd
Security Headers
Name Value
Strict-Transport-Security max-age=12960000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://paymentgateway.club/clicks/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 04 Aug 2020 07:10:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
288
status
200
vary
Accept-Encoding
cf-request-id
0459e759fb0000d6d99cbe4200000001
last-modified
Sun, 26 Jul 2020 09:59:53 GMT
server
cloudflare
etag
W/"5f1d5419-1392"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=12960000; includeSubDomains
content-type
application/javascript
cache-control
max-age=14400
cf-ray
5bd674d65ea1d6d9-FRA
proccess_domain.js
paymentgateway.club/
0
0
Script
General
Full URL
https://paymentgateway.club/proccess_domain.js
Requested by
Host: paymentgateway.club
URL: https://paymentgateway.club/clicks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:8cc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=12960000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://paymentgateway.club/clicks/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 04 Aug 2020 07:10:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
status
404
cache-control
max-age=14400
strict-transport-security
max-age=12960000; includeSubDomains
cf-ray
5bd674d66ea7d6d9-FRA
cf-request-id
0459e759fc0000d6d99cbe6200000001
scada_normal.woff
m-build.cdnvideo.ru/web/user/fonts/scada/
32 KB
32 KB
Font
General
Full URL
https://m-build.cdnvideo.ru/web/user/fonts/scada/scada_normal.woff
Requested by
Host: paymentgateway.club
URL: https://paymentgateway.club/clicks/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.254.23.195 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software
nginx /
Resource Hash
cc5136bec394df4de2dc8c870a4f2cfc9da7b5baca88869fa45dc1a89eadc45a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://m-build.cdnvideo.ru/pages/get_font/f:Scada_Normal?2
Origin
https://paymentgateway.club

Response headers

date
Tue, 04 Aug 2020 07:10:03 GMT
last-modified
Sun, 27 Oct 2019 17:27:12 GMT
server
nginx
etag
"5db5d370-7fb8"
x-node-blk
n6
status
200
content-type
font/woff
access-control-allow-origin
*
access-control-expose-headers
Etag,Last-Modified,X-Backend-Timestamp,X-Timestamp,Date
cache-control
max-age=2592000
x-app
static11
accept-ranges
bytes
content-length
32696
expires
Thu, 20 Aug 2020 12:25:17 GMT
file.png
m-files.cdnvideo.ru/lpfile/6/f/b/6fbea6455a3e93c4ed59c81a22824f8e/-/scale/x1/-/crop/0x0x715x156/-/resize/353/-/quality/95/
17 KB
17 KB
Image
General
Full URL
https://m-files.cdnvideo.ru/lpfile/6/f/b/6fbea6455a3e93c4ed59c81a22824f8e/-/scale/x1/-/crop/0x0x715x156/-/resize/353/-/quality/95/file.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.254.23.67 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software
nginx /
Resource Hash
185e6c7050bd7ad4b2707dc9951988d2bc431899ebdda0210f4d37d9f34838b4

Request headers

Referer
https://paymentgateway.club/clicks/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Tue, 04 Aug 2020 07:10:03 GMT
last-modified
Mon, 03 Aug 2020 13:22:40 GMT
server
nginx
x-location
f1
status
200
content-type
image/png
access-control-allow-origin
*
expires
Tue, 04 Aug 2020 13:22:40 GMT
cache-control
public
x-src
ROOT/tmp/6fbea6455a3e93c4ed59c81a22824f8e.png
x-app
static11
access-control-allow-credentials
true
x-origin
local
x-mods
scale,crop,resize,quality

Verdicts & Comments Add Verdict or Comment

238 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| protocol string| baseDomain boolean| dbgMode boolean| isHttps string| siteId string| trueSiteId string| pageVariantId object| serverCurDate string| baseUrl string| previewBase string| buildScriptsUrl string| mottorUiSvgSpritePath number| marginVersion function| $ function| jQuery function| FE_F object| LpmBase64 function| Inputmask object| FE object| jQuery191005467628963674587 boolean| speedUpVideoLoadIsEnabled function| isIos function| getIosVersion function| _eC function| each function| getWindowSize function| rnd function| random function| irand function| cwarn function| genPass function| extendClass function| htmlentities function| htmlspecialchars function| htmlspecialchars_decode function| setcookie function| _initCookies function| getCookie function| setCookie function| generateUUID function| fileUploaded function| fileUploadFail function| makeBtnDisabled function| toggleDropdown function| setStateCookie function| ColorLuminance function| convertToHex function| rgb2hex function| hex2rgb function| rgba2parts function| escapeRus function| getUrlVars function| hasInFileList function| ajaxForUploadFileToLead function| splitRequestByFile function| checkRequiredFieldsContainFiles function| showCloudPaymentsWidget function| jAlert function| jConfirm function| showDoneBox function| goTo function| getUrl function| if_var_val function| plural function| strtr function| number_format function| formatFileSize function| reachGoal function| reachGoalByAttr function| popoverForm function| initSlick function| hideSectionPopup function| clickButtonLink function| insertJavaScript function| btnPopupWnd function| showExpiredWind function| ExpiredWindbeforeSend function| truncate function| arrayRemoveByName function| arrayInsertBeforeItem function| arrayInsertAfterItem function| arrayInsertItemUniq function| arrayMoveItemBefore function| arrayMoveItemAfter function| arraySubset function| ajaxLoad function| runRequestToAjaxAction function| onQueryAjaxError function| scrollTop function| cancelEvent function| helpSlider function| helpSliderRoll function| initImgSlider function| imgSliderSetTimer function| imgSliderKillTimer function| imgSliderChange function| mxSetup function| mxt function| mxGetSourceLink function| getURLParam function| getURLParam2 function| insertPixel function| stVisit function| stVisitPropagate function| stLpcidPropagate function| stVisImgRemove function| stVisImgLoaded function| stVis function| animInit function| createFrame function| gaSpread function| analyticSendEvent function| funnelEvent function| var_dump function| lockScreen function| unlockScreen function| processingBlockInCells function| reInitVideoIFrame function| toggleBtnLocker function| initFileFields function| includeFiles function| initAnchors function| sendSlackMessage function| slackDebug function| slackErrorDump function| mottorLogError function| checkProtocolInUrl function| inputUrlProcessing function| formatMoney function| ucfirst function| lcfirst function| convertUnderScoreToStudlyCaps function| convertUnderScoreToCamelCase function| convertDateFromDbToIsoFormat function| getSvgIconPath function| getUserIdFromUrl function| F_wind function| showWind function| shakeWnd function| FanimManager function| ModuleButtonUp string| _ua object| browser object| escapeHtmlEntityMap function| MsJsObject number| rnd_seed function| trim function| ge function| geByTag function| geByTag1 function| geByClass function| geByClass1 function| ce function| re function| se function| rs function| insertBefore function| insertAfter function| domEL function| domNS function| domPS function| domFC function| domLC function| domPN function| show function| hide function| convertKebabCaseToCamelCase function| isVisible function| toggle function| isFunction function| isArray function| intval function| floatval function| extend function| hasClass function| addClass function| removeClass function| toggleClass function| getClassList function| getClosestOrSameElement function| closest function| getStyle function| setStyle function| getElementAttributes function| attr function| replaceAll function| escapeRegExp function| escapeHtml function| consoleDbg function| getRandomInt function| isset function| clone function| initDropdown function| guid function| initTabs object| _lpcid_hosts function| userHasTag function| userAddTag function| stopAutoPlayVideo function| playVideo function| showSectionPopup function| registerPopup function| sliderEditorExtend object| __lpmExtensions function| preloadSvgIconPack function| isVueDataObject function| getEnvironment function| loadAsyncImages object| quizMobileView number| _wind_cnt string| fotoramaVersion object| ImgListLoader object| animManager object| yandexMaps object| bgMediumStyle object| MsBaseJsObject object| MsJsPublishedManager function| msJsWrapper function| msEval function| msEventsEval number| socLockerAppId number| siteWidth function| set_cookie function| get_cookie string| s string| st object| current_date number| cookie_year number| cookie_month number| cookie_day object| chk object| curDropDown object| sitesMan object| hybridData object| adapterManager object| ymis_manager number| maxPostSize object| r330

2 Cookies

Domain/Path Name / Value
.paymentgateway.club/ Name: __ddg1
Value: a1SBQ9ViklMmw9q8UBkD
.paymentgateway.club/ Name: __cfduid
Value: d8723602a5094c8535664a3ac2271ec1f1596525002

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=12960000; includeSubDomains
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ac-cpay.top
catcut.net
keyclick.icu
m-build.cdnvideo.ru
m-files.cdnvideo.ru
paymentgateway.club
serviceday.name
www.chdd-org.com.hk
185.178.211.138
185.178.211.140
185.26.97.103
190.115.19.218
210.209.123.236
2606:4700:3032::ac43:8cc0
5.254.23.195
5.254.23.67
05c4c51118cd81d18795835140fcf302adb153138884bd883a3efee621d22ac6
0ab9e8fac8dceaab6777424236d68f63ee3a8f2f4b0b67d5edd97f8216dd1636
185e6c7050bd7ad4b2707dc9951988d2bc431899ebdda0210f4d37d9f34838b4
2fbeb5bae56f6e25a74130957a297c3c90437740c07e8b7cac84987d5b140cf7
33674760ec872899a4db42afce2386593a48089477ceaa3bb86ef34b3077bd98
4d6731fa1df16ddfb1efa14cfc5cca9121d7f2578050c23a01edda085fa3388c
5746e3478919ce46e159e8361679744b5a9910f15530ebc69c6abd9279104e7c
69555ee515bf2bf59a06846887afa89e64932762dd8005c091f475eaf052f3ea
71ea51cb37c717f75425a2fdd4e562ba7183cf803cadf0dc477282a937e75b09
9cd8debe293dc57c3d848beb133fb2d041035a388c5435696ab25ce91a079e03
afc174ffb4636299575689ba81207f9ee830ea617355a5f5d1cfd96186760c2e
ba563372ea25f5da46d04f4dd1b4f579068060427335e731f5b5c84cb107bf34
cc5136bec394df4de2dc8c870a4f2cfc9da7b5baca88869fa45dc1a89eadc45a
d000c5a338e6df53d4a564a8cfd5587aca05b1d76f2e05996c11215e8af106fc
f33447a88bc20be1aba2b32939192e8aaf979be85f83d0cba74c81b3652f4dcd
f72bc20aeb2757ca5793babfe6bf4706f07823bece2cfd40fc95946668d8faa1
fa09a3967f19134c7112c578f7ea845eae53260f012a0d48cce86bba8d4d9670