urlscan.io logo urlscan.io
SecurityTrails logo

pay.cortex.fun Open in urlscan Pro
172.67.205.17  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://pay.cortex.fun/
Effective URL: https://pay.cortex.fun/pay
Submission: On April 18 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 2 domains to perform 8 HTTP transactions. The main IP is 172.67.205.17, located in United States and belongs to CLOUDFLARENET, US. The main domain is pay.cortex.fun.
TLS certificate: Issued by GTS CA 1P5 on March 24th 2024. Valid for: 3 months.
This is the only time pay.cortex.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 7 172.67.205.17 13335 (CLOUDFLAR...)
1 104.18.16.24 13335 (CLOUDFLAR...)
1 104.18.17.24 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
8 4
Apex Domain
Subdomains		 Transfer
8 cortex.fun
pay.cortex.fun
cortex.fun
336 KB
2 paytr.com
www.paytr.com — Cisco Umbrella Rank: 605276
7 KB
8 2
Domain Requested by
7 pay.cortex.fun 2 redirects pay.cortex.fun
2 www.paytr.com pay.cortex.fun
1 cortex.fun
8 3

This site contains no links.

Subject Issuer Validity Valid
cortex.fun
GTS CA 1P5		 2024-03-24 -
2024-06-22		 3 months crt.sh
paytr.com
Thawte TLS RSA CA G1		 2024-02-27 -
2025-02-26		 a year crt.sh

This page contains 3 frames:

Primary Page: https://pay.cortex.fun/pay
Frame ID: 5A7505653088375908D4C8D931492753
Requests: 4 HTTP requests in this frame

Frame: https://www.paytr.com/odeme/guvenli/3ae0fcbad3e44358bb9ac1f13bb65318952f47ba17a6dde32f01d34496d8a326-449321082
Frame ID: 1A737E1EEF00D6F0233669069F622559
Requests: 1 HTTP requests in this frame

Frame: https://pay.cortex.fun/cdn-cgi/challenge-platform/h/g/scripts/jsd/54ea73d52131/main.js
Frame ID: 34E6B5BC3A89E5ACB3C8471BF716A36F
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CortexPay | Güvenli Ödeme

Page URL History Show full URLs

  1. http://pay.cortex.fun/ HTTP 307
    https://pay.cortex.fun/ HTTP 302
    https://pay.cortex.fun/pay Page URL

Page Statistics

8
Requests

88 %
HTTPS

25 %
IPv6

2
Domains

3
Subdomains

4
IPs

2
Countries

342 kB
Transfer

370 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://pay.cortex.fun/ HTTP 307
    https://pay.cortex.fun/ HTTP 302
    https://pay.cortex.fun/pay Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://pay.cortex.fun/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://pay.cortex.fun/cdn-cgi/challenge-platform/h/g/scripts/jsd/54ea73d52131/main.js

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request pay
pay.cortex.fun/
Redirect Chain
  • http://pay.cortex.fun/
  • https://pay.cortex.fun/
  • https://pay.cortex.fun/pay
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.cortex.fun/pay
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.205.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
bc7811aa5ec9e253dd1b94fb1ae1cb0a4bcbebc48772439cfcbab852b9fd688b

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87670c3ca9be2bb6-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 18 Apr 2024 19:26:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LXxCvba6U1I%2FjMW8Ia2urQWbrM3f6HaGdT5wt4dzGqSeVRT4WLi3QT8Ozo9xanY7vtoxHceJHrTTxPQhjMAR%2FXHPJjwVzlrNtaHh7BMVsgJbtMJ3ih4xQoXfRlWqJkd9UQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87670c3a2ea92bb6-FRA
content-type
text/html; charset=utf-8
date
Thu, 18 Apr 2024 19:26:40 GMT
location
/pay
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3cJJEVQXpulPEsPTv%2FkEHb%2ByGNbEuguUg2xQHlksUfLUK0gE0nOoe16hngL7o2dWgTeL%2F8b3dL2RAS5EHYlIM4iN3pD%2Fmfp%2FVZzsUiNhaE26BDgWXfKoUI8vTO31TkWG1g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept
x-powered-by
Express
rocket-loader.min.js
pay.cortex.fun/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.cortex.fun/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: pay.cortex.fun
URL: https://pay.cortex.fun/pay
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.205.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pay.cortex.fun/pay
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 19:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 15 Apr 2024 08:31:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"661ce5e6-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VJHQLvAEdkUdKeAZyYNE3RP3chju5ZY%2Bv8sDWfHiEZY4gmR%2Be8Ow1VAaVf34qySD1eCyC73lwqNsSWZIwvyE6hhnY%2BbJK%2BiBToyHAzBBIkTU%2FVwbS1A2eLQlGfG2Gb06hw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
87670c42584d2bb6-FRA
expires
Sat, 20 Apr 2024 19:26:41 GMT
3ae0fcbad3e44358bb9ac1f13bb65318952f47ba17a6dde32f01d34496d8a326-449321082
www.paytr.com/odeme/guvenli/ Frame 1A73 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paytr.com/odeme/guvenli/3ae0fcbad3e44358bb9ac1f13bb65318952f47ba17a6dde32f01d34496d8a326-449321082
Requested by
Host: pay.cortex.fun
URL: https://pay.cortex.fun/pay
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://pay.cortex.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
must-revalidate
cf-cache-status
DYNAMIC
cf-ray
87670c42c896bb35-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 18 Apr 2024 19:26:41 GMT
expires
0
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000; includeSubdomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block
iframeResizer.min.js
www.paytr.com/js/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paytr.com/js/iframeResizer.min.js
Requested by
Host: pay.cortex.fun
URL: https://pay.cortex.fun/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1053087451355c02fb3fff7ee5de78ca5a3706b148bd9c5c8a9081cfc8b8ec3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pay.cortex.fun/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 19:26:41 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Mon, 06 Jun 2022 10:26:01 GMT
server
cloudflare
age
1239
etag
W/"62df-5e0c4e6105e14-gzip"
vary
Accept-Encoding
content-type
application/javascript
content-encoding
br
cache-control
public, max-age=14400
cf-ray
87670c42dd7f3619-FRA
x-xss-protection
1; mode=block
expires
Thu, 18 Apr 2024 23:26:41 GMT
main.js
pay.cortex.fun/cdn-cgi/challenge-platform/h/g/scripts/jsd/54ea73d52131/ Frame 34E6
Redirect Chain
  • https://pay.cortex.fun/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://pay.cortex.fun/cdn-cgi/challenge-platform/h/g/scripts/jsd/54ea73d52131/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.cortex.fun/cdn-cgi/challenge-platform/h/g/scripts/jsd/54ea73d52131/main.js
Requested by
Host: pay.cortex.fun
URL: https://pay.cortex.fun/pay
Protocol
H3
Server
172.67.205.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc708ea027518bd065a98fe71a1aa3f6969ad351dbd7a16dc8e885722371985a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Apr 2024 19:26:41 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k5uWNto%2Bhv8fV4o2Z%2FowMNq%2BEm9Xru0K%2FOw2avMgNlQO1DDsJxJPdLKH8pT0NfvcRSdZCIcDqPheoZ5Jgdfgd4s7Bo4TodJ4mjAVWfV3D56qcfEg9ofW4Xn2DUmjBC%2FsLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
87670c42b8c52bb6-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 18 Apr 2024 19:26:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LJCuwPJEDjPF2BxwFw0oFHJF7TJ%2FgE%2FvlDxBY5D7FfIPoLlBQaJQkuJoNYg8cO7SEBHayyKqeUi4VrZLm9FDKK%2BJsr3CgXbaCVee9IIJqwClBhGlyoRgXCPYkxDk6i14Yg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/54ea73d52131/main.js
cache-control
max-age=300, public
cf-ray
87670c42888f2bb6-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
87670c3ca9be2bb6
pay.cortex.fun/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 34E6 		0
586 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.cortex.fun/cdn-cgi/challenge-platform/h/g/jsd/r/87670c3ca9be2bb6
Requested by
Host: pay.cortex.fun
URL: https://pay.cortex.fun/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.205.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 18 Apr 2024 19:26:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=66LPwF%2Buu0qBzG%2FPlKMH9V4fwmZ9efJ%2BZw7dpoVQ3Nn9EaVzOTzeFopreNpRZjrVfKwCnJL1oOqpCYmybLT55t6eFLwbL1QA0pRbnhWbqtzIoQKuLB%2FBmfvwx%2BnSVuUNmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
87670c4339562bb6-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
87670c3ca9be2bb6
pay.cortex.fun/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 34E6 		0
581 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.cortex.fun/cdn-cgi/challenge-platform/h/g/jsd/r/87670c3ca9be2bb6
Requested by
Host: pay.cortex.fun
URL: https://pay.cortex.fun/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.205.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 18 Apr 2024 19:26:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kuwo38ynub45Asa3VPd2mvKyhvrbE0UxTTFt%2Bt6OBkpkh6pXVpfTawndsyEPIYpqg6vMoJ6SKr7MpE0nqvaNVUs4sxBHN6HRAt%2FDCWjIKx9gL0dnW915%2FJ%2FdAYF0ut%2Bypw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
87670c461d1c2bb6-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
cortexdaire.png
cortex.fun/images/ 		323 KB
324 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cortex.fun/images/cortexdaire.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:cd11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
9ae313ff95a309b61344217ecec1151287c1a03ca2607984cecac19d6d26cec4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pay.cortex.fun/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 19:26:42 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
content-length
330922
last-modified
Sat, 04 Jul 2020 20:50:25 GMT
server
cloudflare
etag
W/"50caa-1731b982e68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j9ewKbHz3Mk9SxGVJmmN%2BUbIWNJOc6hO8hH2VQe7eVgw%2BO%2F9KyoJfBRoOo%2FnY0uizB81ZCV49%2FFPJlagWyAn5ydKOqdjSjKu2NgBDmqNcSPgLFq2AlmaP7nuCsXgx9jNdglsep%2FWF0Gj"}],"group":"cf-nel","max_age":604800}
content-type
image/png
x-timestamp
1713453549008
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
87670c4689749bbc-FRA

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| __cfQR function| iFrameResize boolean| __cfRLUnblockHandlers

3 Cookies

Domain/Path Name / Value
pay.cortex.fun/ Name: connect.sid
Value: s%3A00w00REkZLlsP7lwH-A5ZVGizopDZKoI.29B3gGpc%2FF4rGVkg%2B0ZqioYrW6ZYOp%2FbnTMVqdU%2BJFg
.cortex.fun/ Name: cf_clearance
Value: 316m4gE1tPVa36ZuJawdZYPYk.ZnxVPn_NDF9ZYV7x8-1713468401-1.0.1.1-npF8ugBS5cbGTJekEt4miOF9OnicWjI8wmimGo9h0dwOeAKetThl_ZWcSdRv94Stb9wJoE_MdOSwBq78Hs12aQ
.paytr.com/ Name: cf_clearance
Value: 0FhC60X52dVpOaqeLxo5md.Uo7upOIVUgBqCXMB1QSc-1713468401-1.0.1.1-vZqLBIVV6yecXzF.xkCrVNS4UgYv4O3qX9Gy93A1dhwf_YVMWrcxgKPFZkdtQyDlAG8fKOZGHSrBWN1neygxSw

1 Console Messages

Source Level URL
Text
other warning URL: https://pay.cortex.fun/pay
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.