pay01.dfg122df.cyou Open in urlscan Pro
2606:4700:3037::ac43:a101 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://pay01.dfg122df.cyou/
Effective URL:
https://pay01.dfg122df.cyou/
Submission: On December 14 via api (December 14th 2023, 3:48:40 am UTC) from US — Scanned from DE

Summary HTTP 27 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 27 HTTP transactions. The main IP is 2606:4700:3037::ac43:a101, located in United States and belongs to CLOUDFLARENET, US. The main domain is pay01.dfg122df.cyou.
TLS certificate: Issued by GTS CA 1P5 on December 11th 2023. Valid for: 3 months.

This is the only time pay01.dfg122df.cyou was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3037::6815:f0d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	2606:4700:303... 2606:4700:3037::ac43:a101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
27	5

1 2606:4700:3037::6815:f0d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

pay01.dfg122df.cyou	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2606:4700:3037::ac43:a101 (United States)

ASN13335 (CLOUDFLARENET, US)

pay01.dfg122df.cyou	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	dfg122df.cyou 1 redirects pay01.dfg122df.cyou	224 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6765	455 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	455 B
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	71 KB
27	5

	Domain	Requested by
24	pay01.dfg122df.cyou	1 redirects pay01.dfg122df.cyou
1	www.google.de	pay01.dfg122df.cyou
1	www.google.com	pay01.dfg122df.cyou
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	www.googletagmanager.com	pay01.dfg122df.cyou
27	5

This site contains links to these domains. Also see Links.

Domain
t.me

Subject Issuer	Validity	Valid
dfg122df.cyou GTS CA 1P5	`2023-12-11` - `2024-03-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://pay01.dfg122df.cyou/
Frame ID: BE08FCDCA24C02A01A3F1B2B564AA04C
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

云讯接码

Page URL History Show full URLs

http://pay01.dfg122df.cyou/ HTTP 301
https://pay01.dfg122df.cyou/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

100 %
HTTPS

100 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

297 kB
Transfer

998 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://t.me/kefu8999
Title: Telegram：@kefu8999

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://pay01.dfg122df.cyou/ HTTP 301
https://pay01.dfg122df.cyou/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
pay01.dfg122df.cyou/
Redirect Chain

http://pay01.dfg122df.cyou/
https://pay01.dfg122df.cyou/

6 KB
3 KB

566ms
481ms

Document
text/html

2606:4700:3037::ac43:a101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pay01.dfg122df.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8a2590595a75888bfc7d71cec2a1ab5a5a016d09e6d54d408f93288007c720e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 835378d47d6230ca-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 14 Dec 2023 03:48:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7hsjobks6Ohp%2FetOEUrVZrtgfQp%2BmQ%2FOF%2FimXBCHZpng7Mox5T9HXBPqd8xS%2Fd0GEdoC2IOZhW5WTyZA6jvwv4cwjGI4vfBmnaxhT4bC1NJ5KO%2Br8AmlxzDFkbL8WK6YQMdNoBkqhvV2ne6KMmpHL4P3"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-RAY: 835378d398d88ff4-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Thu, 14 Dec 2023 03:48:34 GMT
Expires: Thu, 14 Dec 2023 04:48:34 GMT
Location: https://pay01.dfg122df.cyou/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6pTsTTQ0NhWV4OTcld37P8aUVer7E%2FAoivltb43ZsKvlKeciTpT9XeDf6OuvNVq%2Br4NohIIyGGbnXb5Nf6SqUFNPw76BYNAAzjmGQQInb8K8YYvCwZc4eTtXDcTBwTi7PUjLk0XmHq4zZEufEuulfxyp"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.js Show response
pay01.dfg122df.cyou/static/sms/js/ 85 KB
31 KB 643ms
633ms Script
application/javascript 2606:4700:3037::ac43:a101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pay01.dfg122df.cyou/static/sms/js/jquery.js
Requested by: Host: pay01.dfg122df.cyou
URL: https://pay01.dfg122df.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39646863a414e0a84920b3a8639c0f3e8c94535e8dc051b42b485a068dc2902f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay01.dfg122df.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 03:48:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 25 Nov 2022 10:53:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63809e90-15282"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bc4wMue52QQadqBxn44ClzuI6t9cR9JEvtT6ZOushWuikt8l0YeZsMfCvpuDBCjV4IPE3R%2BMlHozEiWaHFi6y%2B%2F7KU98MsV1fYY3GkkJjYdJu7fA6xY4o%2F2HSsKdwxUwUpOf0svifuS64W9rOFXrwt9v"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 835378d79f0d30ca-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 14 Dec 2023 15:48:35 GMT

GET
H2 200 layui.js Show response
pay01.dfg122df.cyou/static/sms/js/ 284 KB
94 KB 1013ms
1004ms Script
application/javascript 2606:4700:3037::ac43:a101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pay01.dfg122df.cyou/static/sms/js/layui.js
Requested by: Host: pay01.dfg122df.cyou
URL: https://pay01.dfg122df.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58c4b9b02eb547ec78c6df1b8d7e3968b14946e2ff5cb4e47cc310275cfdfc38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay01.dfg122df.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 03:48:36 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 25 Nov 2022 11:07:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6380a1e4-471b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=raG5dzq52Vq4EpYB14uWFxF19IuBskbF9DQSAwn7F3mPvgnlAzuodiokgJ18lEYP0FxDXljE7g4X7rtbJdJNeeVARBgMMtFZwgJbaPpdktgn2FvppoiAygThyOSJ7FI%2Bm5s2gpwGUfkHxb3ukaP3PidO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 835378d79f0e30ca-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 14 Dec 2023 15:48:35 GMT

GET
H2 200 jquery.cookie.js Show response
pay01.dfg122df.cyou/static/sms/js/ 3 KB
2 KB 440ms
432ms Script
application/javascript 2606:4700:3037::ac43:a101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pay01.dfg122df.cyou/static/sms/js/jquery.cookie.js
Requested by: Host: pay01.dfg122df.cyou
URL: https://pay01.dfg122df.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6c71bcbfaab90e153dbedb09eba32fb495330d7b59d3f472ea5bebb8ee63469

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay01.dfg122df.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 03:48:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 25 Nov 2022 10:53:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63809e8e-ca4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GVXB%2FZXlk8p0Sj%2Ft8w9KApG1fv%2BCghy%2BB9Gq%2BXJ6cUT%2BbeZCYeV4sknZAZfFpLC%2Fe8HdCKbXLlJpGsLYco45Igf38Xp2TV0fCAuaAWwTFG4sC5iZ5JbZJngYWwbkNIucyL9wK0cboxPactsZmJTomQqo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 835378d79f0f30ca-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 14 Dec 2023 15:48:35 GMT

GET
H2 200 countries.js Show response
pay01.dfg122df.cyou/static/sms/js/ 26 KB
4 KB 437ms
429ms Script
application/javascript 2606:4700:3037::ac43:a101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pay01.dfg122df.cyou/static/sms/js/countries.js
Requested by: Host: pay01.dfg122df.cyou
URL: https://pay01.dfg122df.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 516e551c87b0833635ba521459dac21c027d522a6918077a60f9248667a47bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay01.dfg122df.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 03:48:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 23 Aug 2023 18:38:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64e65226-6887"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p1a8al6eZOU%2Fo0FxjG%2F58tjvm1jgA03aAlfF1weXs8n2Nxm7dYt5GQGgwHtZHopERRm3vuZ6BBK7%2FPc%2BDskYHWk7cIrLzY99t7yP2eV7qSl5%2FSIsmtVooquvHWJ4vW74X28c8A9r0ICtYgnLPfufin%2Bt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 835378d79f1030ca-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 14 Dec 2023 15:48:35 GMT

GET
H2 200 province.js Show response
pay01.dfg122df.cyou/static/sms/js/ 5 KB
803 B 439ms
431ms Script
application/javascript 2606:4700:3037::ac43:a101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pay01.dfg122df.cyou/static/sms/js/province.js
Requested by: Host: pay01.dfg122df.cyou
URL: https://pay01.dfg122df.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69c13b8a6f0e00e8d441d5ce0e87a91d9b674638179451d4bedf4de102855917

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay01.dfg122df.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 03:48:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 30 Apr 2023 02:33:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"644dd384-153f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WFX8TtxYJsKRfCuwTEdS%2Bfu77AxO%2BpkuhmeaHOvlsn8rmnEnmpggomGbqFyu9lNalTdsIMSTP%2F4eqOQVmH3i0Jn8jVl7Bmy%2FSlUw4Am%2BSJLs8eXIFCNcSpiVa5EgFUP%2FWIJy3nJxn0DNdnNGVnOa7z%2BH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 835378d79f1230ca-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 14 Dec 2023 15:48:35 GMT

GET
H2 200 appservice.js Show response
pay01.dfg122df.cyou/static/sms/js/ 73 KB
7 KB 439ms
431ms Script
application/javascript 2606:4700:3037::ac43:a101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pay01.dfg122df.cyou/static/sms/js/appservice.js?v=1.0003
Requested by: Host: pay01.dfg122df.cyou
URL: https://pay01.dfg122df.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee5fdf38ca2f00abb98f28382139c461b16fcce6fe3b94fa468838418cb6d82c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay01.dfg122df.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 03:48:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 09 Oct 2023 11:32:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6523e4d8-1259b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UjJayQxfOR92cxd%2FfOIBeuWTBk2pQ50FtSWDF4xcAJ8fV451lnTePdbN06c1DoPsLV5m6lcswfkENOt639wz1vk9V%2Btwlm0lP5riWzWewR8oUIs6Tf6060%2Fyr3fZWvITnIwN5aelm75HdM%2F00%2FNe7Hya"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 835378d79f1330ca-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 14 Dec 2023 15:48:35 GMT

GET
H2 200 common.js Show response
pay01.dfg122df.cyou/static/sms/js/ 5 KB
2 KB 438ms
430ms Script
application/javascript 2606:4700:3037::ac43:a101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pay01.dfg122df.cyou/static/sms/js/common.js
Requested by: Host: pay01.dfg122df.cyou
URL: https://pay01.dfg122df.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd3cbfc67eb9be11b463751fecf9bfb96c25277ad9875b73c95d8a9ee068e487

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay01.dfg122df.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 03:48:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 19 May 2023 01:52:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6466d650-1419"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JpZLkb8e2VMB19OA7sGLe1rlXCR%2FQ3tdpsNoe%2BOmMVAQ4vRpqQv8%2BF6FWO6zhnyAai1zjdjir%2B%2FChxFQaTYZVrtQTsk1B8Vq7YTAMjp9%2BomLuiZNMUX71HVC90tSFg4rn0L3%2F17dsxcBvin%2BiGnQPuLb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 835378d79f1530ca-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 14 Dec 2023 15:48:35 GMT

GET
H2 200 bootstrap.min.js Show response
pay01.dfg122df.cyou/static/sms/js/ 39 KB
11 KB 473ms
465ms Script
application/javascript 2606:4700:3037::ac43:a101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pay01.dfg122df.cyou/static/sms/js/bootstrap.min.js
Requested by: Host: pay01.dfg122df.cyou
URL: https://pay01.dfg122df.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a915d483b99af421f4813e6b60599b4e39faff120e54b5e9838386d4ae1a4c60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay01.dfg122df.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 03:48:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 25 Nov 2022 10:53:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63809e8c-9b05"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pd3qrl4k%2FCGajSHlptXK6myF0dbyB17nAlW5wuEjEXyDIyrDVf4Wbqkvbej45QnRc9fkrJl8xeU5nZ4SogdX5SCsiBd3X0G0NSvkFdMoG2BDH4O45%2FjXUOJsspOHyDUCABPJSthgrlJB6zZk1%2FPmioaa"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 835378d7df3e30ca-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 14 Dec 2023 15:48:35 GMT

GET
H2 200 bootstrap-select.js Show response
pay01.dfg122df.cyou/static/sms/js/ 109 KB
27 KB 663ms
656ms Script
application/javascript 2606:4700:3037::ac43:a101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pay01.dfg122df.cyou/static/sms/js/bootstrap-select.js
Requested by: Host: pay01.dfg122df.cyou
URL: https://pay01.dfg122df.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 186e4c2c470e3c1c76997b7a4dfd0f618b38311582e0578db05ccada6fd43c6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay01.dfg122df.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 03:48:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 25 Nov 2022 10:53:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63809e8c-1b35f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jIpNbA398f5RfDjADr3S1VQVIktyDfkwex1qMJsiS%2F0VTjFQHtPiAYPSHb2%2B4u4cpxgB2tapsKSd1EUEmqtgZWVqql7JzVCHxGi0JoiKZfSMOClFiMJiiCb%2FeaSIOH86vSmrDT5ElK6%2F%2Btvh8%2BLgUTRx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 835378d7df3f30ca-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 14 Dec 2023 15:48:35 GMT

GET
H2 200 defaults-zh_CN.js Show response
pay01.dfg122df.cyou/static/sms/js/ 511 B
694 B 474ms
468ms Script
application/javascript 2606:4700:3037::ac43:a101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pay01.dfg122df.cyou/static/sms/js/defaults-zh_CN.js
Requested by: Host: pay01.dfg122df.cyou
URL: https://pay01.dfg122df.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 190bb063cd87a7c80a444755040accdb842381d734dd00ee1273da22e0563376

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay01.dfg122df.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 03:48:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 25 Nov 2022 10:53:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63809e8e-1ff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qyMhhGbWQrVECuOzDBEKpiILwlrnnXZOZeVmAq4qkebPfhPdZFmr2xYPrLnk8ATWmRPw4cQzA%2BP%2BJMy%2BdnxkJk%2FOCMMM%2Fe%2BZQbOC%2FzisJmv9Nhxzx85hIS0QBbfmygjyc3ry0U09IaMIKxJRAwb5iBbI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 835378d7df4030ca-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 14 Dec 2023 15:48:35 GMT

GET
H2 200 api.js Show response
pay01.dfg122df.cyou/static/sms/js/ 651 B
649 B 476ms
470ms Script
application/javascript 2606:4700:3037::ac43:a101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pay01.dfg122df.cyou/static/sms/js/api.js
Requested by: Host: pay01.dfg122df.cyou
URL: https://pay01.dfg122df.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 554cdc20ef9bd4c6ab15bf459e5263b600498cfdfe48117404341f342d9c29c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay01.dfg122df.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 03:48:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 31 Dec 2022 01:40:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63af92f4-28b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DUzBV8yUFudK8mg8ZLjIptnw59JG4%2BvJHDWudCnM%2F3KgeMJt3czHxWDTxp3ZhWRZfjDv9NSZmQFJNHgKc11SHumHNu3AJUL4oYEAGlenupCGNjowEgHI3GKZfbSjt3T12eKi71UgciAkaSGsDKU9Wnbp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 835378d7df4130ca-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 14 Dec 2023 15:48:35 GMT

GET
H2 200 bootstrap.min.css
pay01.dfg122df.cyou/static/sms/css/ 119 KB
20 KB 627ms
621ms Stylesheet
text/css 2606:4700:3037::ac43:a101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pay01.dfg122df.cyou/static/sms/css/bootstrap.min.css
Requested by: Host: pay01.dfg122df.cyou
URL: https://pay01.dfg122df.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay01.dfg122df.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 03:48:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 25 Nov 2022 10:54:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63809ec8-1da71"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MZ%2Byl4ZT5Wd9drsnvJ1ji9UFr7wB3MKK37yRQrRdENeT1BT6wRiFLeNE4pAUMwtvk60hukwTQ1FP6z5v%2FqqGC9a34Yhjxmf85exlR3yWouL4y8pMs%2BtyvIgE12vNT3GWTe65WgPr3AQbhImcK0oMFzNq"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 835378d79f0a30ca-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 14 Dec 2023 15:48:35 GMT

GET
H2 200 common.css
pay01.dfg122df.cyou/static/sms/css/ 2 KB
1 KB 434ms
428ms Stylesheet
text/css 2606:4700:3037::ac43:a101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pay01.dfg122df.cyou/static/sms/css/common.css
Requested by: Host: pay01.dfg122df.cyou
URL: https://pay01.dfg122df.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0320f1de7f5e3e1f8ebe9247067625e2bb2b44bd3b8f9622e099ee3c3200ab82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay01.dfg122df.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 03:48:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 25 Nov 2022 10:54:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63809eca-949"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=78PI9qN%2BhJJ5a0SHwU5iT5sM%2BccklwMWJrD3yXccz1swjScHRZOgA5E3mOoL4L1hre2ivgC%2F6Z66MOGsh7IzldDK%2BtU%2BeSQAnqQw7%2B6llSzzLgala8Q4auQjKtGSRbbWWoTRo%2FUv0HqLgXVSazI5ag6A"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 835378d79f0b30ca-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 14 Dec 2023 15:48:35 GMT

GET
H2 200 bootstrap-select.min.css
pay01.dfg122df.cyou/static/sms/css/ 11 KB
2 KB 434ms
429ms Stylesheet
text/css 2606:4700:3037::ac43:a101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pay01.dfg122df.cyou/static/sms/css/bootstrap-select.min.css
Requested by: Host: pay01.dfg122df.cyou
URL: https://pay01.dfg122df.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69279bee49c5f3502f7a3f07358da1562cc0a10d57e8a56cfc0f8977d367c99f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay01.dfg122df.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 03:48:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 25 Nov 2022 10:54:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63809eca-2b70"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LaNESRBnyl3cC5Wj52zbc9HXLp48zAsX0W2tHaBjaQm%2FE8LGylknvMZygwIfm2QSKAgu98xvsgA7qiRfN4r9EP8UzVucD7sr2F6MEnn82kWySNQSQJNrV3z6xU%2FrgsrqJdqjmt0wRCIRSqGXPTMMb7%2BL"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 835378d79f0c30ca-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 14 Dec 2023 15:48:35 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 194 KB
71 KB 555ms
53ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11043260011

Requested by

Host: pay01.dfg122df.cyou
URL: https://pay01.dfg122df.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

886693f5602c6fbda623aead237c216a121f0e573698b62671db26faa27d90c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay01.dfg122df.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 03:48:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72477
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 14 Dec 2023 03:48:36 GMT

GET
H2 200 index.png
pay01.dfg122df.cyou/static/sms/img/ 2 KB
2 KB 474ms
469ms Image
image/png 2606:4700:3037::ac43:a101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pay01.dfg122df.cyou/static/sms/img/index.png
Requested by: Host: pay01.dfg122df.cyou
URL: https://pay01.dfg122df.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 938acb67f1a09d68775ece796a2902c2a38095de4cde83ed819b8e5901028f6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay01.dfg122df.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 03:48:35 GMT
cf-cache-status: MISS
last-modified: Fri, 25 Nov 2022 10:43:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63809c38-84d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2Bdii%2BGwhSJoThHlgWWS1bT8WRBAkBzZ9qOzP%2FK%2Fg9yQzYBkAwOrCuV84nSzkzYivKeEH4%2B%2BNVCSrdjipXtPMUHgS3GNFKdfcJEwMwd0djpbE6b%2B2qemvZ8VsFgM7xq8B6vK7zKI2O4xVc%2FfzvHfeJAJ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 835378d7df4230ca-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2125
expires: Sat, 13 Jan 2024 03:48:35 GMT

GET
H2 200 sms.png
pay01.dfg122df.cyou/static/sms/img/ 2 KB
2 KB 474ms
469ms Image
image/png 2606:4700:3037::ac43:a101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pay01.dfg122df.cyou/static/sms/img/sms.png
Requested by: Host: pay01.dfg122df.cyou
URL: https://pay01.dfg122df.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97f666783bb84500739c34b53699f5eddfd6a1eab0e0e4184ebb0c1ebd268310

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay01.dfg122df.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 03:48:35 GMT
cf-cache-status: MISS
last-modified: Fri, 25 Nov 2022 10:43:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63809c3a-656"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O9xVr6h7yKrjb%2BM6judbF%2BiuAA0JBDWj8pYQpX%2F7NwJpyvmsxwlXq3G7%2BZZ%2BZoAVmGOJCWWvlYWgjHkg7Yxs8uzFkiDmlIqApu2hp117TSY%2FynLTA%2FddZMZ%2BwqtWDQE%2BOyi7eLfO6%2Ba8BXTRkT6nPO6m"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 835378d7df4330ca-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1622
expires: Sat, 13 Jan 2024 03:48:35 GMT

GET
H3 200 phone.png
pay01.dfg122df.cyou/static/sms/img/ 2 KB
3 KB 431ms
430ms Image
image/png 2606:4700:3037::ac43:a101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pay01.dfg122df.cyou/static/sms/img/phone.png
Requested by: Host: pay01.dfg122df.cyou
URL: https://pay01.dfg122df.cyou/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:a101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bac264e28a9bf43e610f4eae91c28d2ead8162cfd39556acb54e200aa099261

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay01.dfg122df.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 03:48:35 GMT
cf-cache-status: MISS
last-modified: Fri, 25 Nov 2022 10:43:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63809c38-8a8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kz%2FdkjO%2B3G%2BR1aFaI%2F6apDuuRdVNASlKoG1oHtkOiCQDpJvFaLh5NMjis%2BiF5wnqs7HMw5keFrr%2BEUCdLkGHdJRzJKBkU6x%2FtxnoFLsfcxEh1ZvmgjT%2BWmb4UlNK0KGcPr3UiLpDS3aT7f0LnQ%2FmAljD"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 835378da8dcf1961-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2216
expires: Sat, 13 Jan 2024 03:48:35 GMT

GET
H3 200 administration.png
pay01.dfg122df.cyou/static/sms/img/ 2 KB
2 KB 431ms
431ms Image
image/png 2606:4700:3037::ac43:a101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pay01.dfg122df.cyou/static/sms/img/administration.png
Requested by: Host: pay01.dfg122df.cyou
URL: https://pay01.dfg122df.cyou/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:a101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b323a801dc5abc9045c16831a37ce19bc0a41469fccbbf0d74081e3365c502b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay01.dfg122df.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 03:48:35 GMT
cf-cache-status: MISS
last-modified: Fri, 25 Nov 2022 10:43:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63809c36-7e2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2BMmyhC35K%2B6uP9hFfPtpG%2FUtpHdgeg6U82CMsq2tlTH%2BvQsZSHPgeWWUwrdP7gHoQ63gFycEWxfD%2F%2FrYxE%2FZB5RGR3T3Hb9gZWxnlEfgO8MqdetIdn5ZEc%2FDnLkQkUwOm0O18RG2q5LvCPSOKDJBfCI"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 835378da8dd11961-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2018
expires: Sat, 13 Jan 2024 03:48:35 GMT

GET
H3 200 account.png
pay01.dfg122df.cyou/static/sms/img/ 2 KB
2 KB 429ms
428ms Image
image/png 2606:4700:3037::ac43:a101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pay01.dfg122df.cyou/static/sms/img/account.png
Requested by: Host: pay01.dfg122df.cyou
URL: https://pay01.dfg122df.cyou/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:a101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08d1b9babafe703ea63c7b0a973d316bd885608cb6a0c674daf82dc7fcf12f58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay01.dfg122df.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 03:48:36 GMT
cf-cache-status: MISS
last-modified: Fri, 25 Nov 2022 10:43:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63809c36-72e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IQ6EAocTKqNQ1zF350h5RDrll6nsugjIjAEElvf6sTr1pB%2BDywf0dasgR%2FsiW9zsZ%2BleeXCPf4iihi2HCCJW651Mz6%2BYNbekOm3wMm2UdgvLRKExRNN1uXIuA9skFCjc0avAQBhqA7s8u1TP5yNL1Ogn"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 835378dd3f7d1961-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1838
expires: Sat, 13 Jan 2024 03:48:36 GMT

GET
H3 200 laydate.css
pay01.dfg122df.cyou/static/sms/css/ 7 KB
2 KB 428ms
427ms Stylesheet
text/css 2606:4700:3037::ac43:a101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pay01.dfg122df.cyou/static/sms/css/laydate.css?v=5.3.1
Requested by: Host: pay01.dfg122df.cyou
URL: https://pay01.dfg122df.cyou/static/sms/js/layui.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:a101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab9dbdf922a26509951347fcfa83704d86afd2df855c827740c23df72fd8ab3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay01.dfg122df.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 03:48:36 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 25 Nov 2022 10:54:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63809ecc-1cc5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=03DhRKmUBBudvyt1m3kW%2F3ojW%2Fow1o%2B1OOSYNNF85%2FAHe0pNG9dzQRe%2BA0iuIZjOqFP6dW%2FxkkgFw4On%2FYod2ZdYZlhH0%2BcEwOjC5uVJMi3WFtUTNRfY0Gdu2N0bO65FCdryCKuS%2Btei7a0podgnwyta"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 835378ddf81a1961-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 14 Dec 2023 15:48:36 GMT

GET
H3 200 layer.css
pay01.dfg122df.cyou/static/sms/css/ 14 KB
3 KB 427ms
427ms Stylesheet
text/css 2606:4700:3037::ac43:a101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pay01.dfg122df.cyou/static/sms/css/layer.css?v=3.5.1
Requested by: Host: pay01.dfg122df.cyou
URL: https://pay01.dfg122df.cyou/static/sms/js/layui.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:a101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cdf3edb27b0c9f8e48918c486e9ae65a9e5beab806b64c4a7bc5bac53c0f540

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay01.dfg122df.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 03:48:36 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 25 Nov 2022 10:54:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63809ecc-37bf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s0%2Fc5ZsxeSieS%2BZkLHClaNr0e6XWpSg0JX58UahKyD5zYekmPYKE5cEAXAxYK7tcJDN9GQPm5SmzTKHpRn0gFXKieKtj9DDdt1nl7CL21npIZM5s5pdr5r8HCPBw7UR%2FIyzUp1DE3IobJ7nl5j5vVKhk"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 835378de081c1961-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 14 Dec 2023 15:48:36 GMT

GET
H3 200 code.css
pay01.dfg122df.cyou/static/sms/css/ 1 KB
933 B 426ms
425ms Stylesheet
text/css 2606:4700:3037::ac43:a101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pay01.dfg122df.cyou/static/sms/css/code.css?v=2
Requested by: Host: pay01.dfg122df.cyou
URL: https://pay01.dfg122df.cyou/static/sms/js/layui.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:a101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f27194c2e479212781a76f993b778d724ac9838e780b19472c0357cd3081431

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay01.dfg122df.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 03:48:36 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 25 Nov 2022 10:54:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63809eca-527"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tzz7d6MjBJuJSD30i8UC%2BdGbxvd2bzHCgAK92mHKxKCUnYD%2FZFWyuqm56nktSjlLsk9Mn7p6vZfyqPRH%2Bw3LUIB11Qven1kzo1ZHMC1HzV8L5UY%2BDbARlLuBgi6C6E46y7n%2FV8lSR0Q69EnVGlcUQlMJ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 835378de08221961-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 14 Dec 2023 15:48:36 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11043260011/ 3 KB
2 KB 236ms
149ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11043260011/?random=1702525716813&cv=11&fst=1702525716813&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fpay01.dfg122df.cyou%2F&hn=www.googleadservices.com&frm=0&tiba=%E4%BA%91%E8%AE%AF%E6%8E%A5%E7%A0%81&auid=373430095.1702525717&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11043260011

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9756acdaa9ab49c7c86b454916e162181fd0da8316f4eed19d937c89db4a958f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay01.dfg122df.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 03:48:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/11043260011/ 42 B
455 B 139ms
50ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11043260011/?random=1702525716813&cv=11&fst=1702522800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpay01.dfg122df.cyou%2F&frm=0&tiba=%E4%BA%91%E8%AE%AF%E6%8E%A5%E7%A0%81&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_AyJ1WWD9Cre0pNO0cM1AIon1B5rqCg&random=3110830892&rmt_tld=0&ipr=y

Requested by

Host: pay01.dfg122df.cyou
URL: https://pay01.dfg122df.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay01.dfg122df.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 03:48:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/11043260011/ 42 B
455 B 138ms
49ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11043260011/?random=1702525716813&cv=11&fst=1702522800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpay01.dfg122df.cyou%2F&frm=0&tiba=%E4%BA%91%E8%AE%AF%E6%8E%A5%E7%A0%81&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_AyJ1WWD9Cre0pNO0cM1AIon1B5rqCg&random=3110830892&rmt_tld=1&ipr=y

Requested by

Host: pay01.dfg122df.cyou
URL: https://pay01.dfg122df.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay01.dfg122df.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 03:48:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.dfg122df.cyou/	1970-01-20 19:05:01	Name: _gcl_au Value: 1.1.373430095.1702525717
			.doubleclick.net/	1970-01-20 16:55:26	Name: test_cookie Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

googleads.g.doubleclick.net
pay01.dfg122df.cyou
www.google.com
www.google.de
www.googletagmanager.com
2606:4700:3037::6815:f0d
2606:4700:3037::ac43:a101
2a00:1450:4001:808::2008
2a00:1450:4001:80e::2004
2a00:1450:4001:81c::2002
2a00:1450:4001:829::2003
0320f1de7f5e3e1f8ebe9247067625e2bb2b44bd3b8f9622e099ee3c3200ab82
08d1b9babafe703ea63c7b0a973d316bd885608cb6a0c674daf82dc7fcf12f58
186e4c2c470e3c1c76997b7a4dfd0f618b38311582e0578db05ccada6fd43c6c
190bb063cd87a7c80a444755040accdb842381d734dd00ee1273da22e0563376
39646863a414e0a84920b3a8639c0f3e8c94535e8dc051b42b485a068dc2902f
3f27194c2e479212781a76f993b778d724ac9838e780b19472c0357cd3081431
516e551c87b0833635ba521459dac21c027d522a6918077a60f9248667a47bb3
554cdc20ef9bd4c6ab15bf459e5263b600498cfdfe48117404341f342d9c29c7
58c4b9b02eb547ec78c6df1b8d7e3968b14946e2ff5cb4e47cc310275cfdfc38
5bac264e28a9bf43e610f4eae91c28d2ead8162cfd39556acb54e200aa099261
5cdf3edb27b0c9f8e48918c486e9ae65a9e5beab806b64c4a7bc5bac53c0f540
69279bee49c5f3502f7a3f07358da1562cc0a10d57e8a56cfc0f8977d367c99f
69c13b8a6f0e00e8d441d5ce0e87a91d9b674638179451d4bedf4de102855917
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
886693f5602c6fbda623aead237c216a121f0e573698b62671db26faa27d90c6
938acb67f1a09d68775ece796a2902c2a38095de4cde83ed819b8e5901028f6f
9756acdaa9ab49c7c86b454916e162181fd0da8316f4eed19d937c89db4a958f
97f666783bb84500739c34b53699f5eddfd6a1eab0e0e4184ebb0c1ebd268310
a6c71bcbfaab90e153dbedb09eba32fb495330d7b59d3f472ea5bebb8ee63469
a915d483b99af421f4813e6b60599b4e39faff120e54b5e9838386d4ae1a4c60
ab9dbdf922a26509951347fcfa83704d86afd2df855c827740c23df72fd8ab3f
b323a801dc5abc9045c16831a37ce19bc0a41469fccbbf0d74081e3365c502b5
bd3cbfc67eb9be11b463751fecf9bfb96c25277ad9875b73c95d8a9ee068e487
e8a2590595a75888bfc7d71cec2a1ab5a5a016d09e6d54d408f93288007c720e
ee5fdf38ca2f00abb98f28382139c461b16fcce6fe3b94fa468838418cb6d82c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

pay01.dfg122df.cyou Open in urlscan Pro 2606:4700:3037::ac43:a101 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

27 Requests

100 %HTTPS

100 %IPv6

5 Domains

5 Subdomains

5 IPs

2 Countries

297 kBTransfer

998 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

pay01.dfg122df.cyou Open in urlscan Pro
2606:4700:3037::ac43:a101 Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

100 %
HTTPS

100 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

297 kB
Transfer

998 kB
Size

2
Cookies

27 HTTP transactions
0 data transactions