admin.brcashypay.com Open in urlscan Pro
18.229.105.19 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://paydesk2.brcashypro.com/
Effective URL:
https://admin.brcashypay.com/
Submission: On December 05 via api (December 5th 2023, 1:38:12 am UTC) from US — Scanned from DE

Summary HTTP 7 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 7 HTTP transactions. The main IP is 18.229.105.19, located in São Paulo, Brazil and belongs to AMAZON-02, US. The main domain is admin.brcashypay.com.
TLS certificate: Issued by RapidSSL Global TLS RSA4096 SHA256 20... on January 5th 2023. Valid for: a year.

This is the only time admin.brcashypay.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	159.138.208.120 159.138.208.120	136907 (HWCLOUDS-...) (HWCLOUDS-AS-AP HUAWEI CLOUDS)
7	18.229.105.19 18.229.105.19	16509 (AMAZON-02) (AMAZON-02)
7	2

1 159.138.208.120 (São Paulo, Brazil) 1 redirects

ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK)
PTR: ecs-159-138-208-120.compute.hwclouds-dns.com

paydesk2.brcashypro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.229.105.19 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-229-105-19.sa-east-1.compute.amazonaws.com

admin.brcashypay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	brcashypay.com admin.brcashypay.com	2 MB
1	brcashypro.com 1 redirects paydesk2.brcashypro.com	299 B
7	2

	Domain	Requested by
7	admin.brcashypay.com	admin.brcashypay.com
1	paydesk2.brcashypro.com	1 redirects
7	2

This site contains no links.

Subject Issuer	Validity	Valid
*.brcashypay.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-01-05` - `2024-01-05`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://admin.brcashypay.com/
Frame ID: 72EA96BABCBAD30B3874B86CB1FBEF3A
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BrCashy

Page URL History Show full URLs

http://paydesk2.brcashypro.com/ HTTP 301
https://admin.brcashypay.com/ Page URL

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

1873 kB
Transfer

8586 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://paydesk2.brcashypro.com/ HTTP 301
https://admin.brcashypay.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
admin.brcashypay.com/
Redirect Chain

http://paydesk2.brcashypro.com/
https://admin.brcashypay.com/

15 KB
4 KB

2211ms
214ms

Document
text/html

18.229.105.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://admin.brcashypay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.229.105.19 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-229-105-19.sa-east-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8826deeb066653b0db738cfb3ab9485bef51f6d80283f9ea92358765ff09e02d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 05 Dec 2023 01:38:03 GMT
etag: W/"656d7b62-3d4e"
last-modified: Mon, 04 Dec 2023 07:10:26 GMT
server: nginx
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Tue, 05 Dec 2023 01:38:01 GMT
Location: https://admin.brcashypay.com/
Server: CloudWAF

GET
H2 200 chunk-elementUI.23b6d7151701673786782.js Show response
admin.brcashypay.com/static/js/ 2 MB
350 KB 426ms
425ms Script
application/javascript 18.229.105.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://admin.brcashypay.com/static/js/chunk-elementUI.23b6d7151701673786782.js
Requested by: Host: admin.brcashypay.com
URL: https://admin.brcashypay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.229.105.19 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-229-105-19.sa-east-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8ce49ecb38082f7fb65be57eb457b4fb0751140f27e0f5dc6fbc088c6658e832

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.brcashypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 01:38:03 GMT
content-encoding: gzip
last-modified: Mon, 04 Dec 2023 07:10:26 GMT
server: nginx
etag: W/"656d7b62-1ace57"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 chunk-libs.23b6d7151701673786782.js Show response
admin.brcashypay.com/static/js/ 3 MB
626 KB 638ms
637ms Script
application/javascript 18.229.105.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://admin.brcashypay.com/static/js/chunk-libs.23b6d7151701673786782.js
Requested by: Host: admin.brcashypay.com
URL: https://admin.brcashypay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.229.105.19 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-229-105-19.sa-east-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d24f6c0d2fb4ecdd06eb5a801f9c36c55c37242df66a245ea98286f8d8b08767

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.brcashypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 01:38:03 GMT
content-encoding: gzip
last-modified: Mon, 04 Dec 2023 07:10:26 GMT
server: nginx
etag: W/"656d7b62-2b4a44"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 app.23b6d7151701673786782.js Show response
admin.brcashypay.com/static/js/ 3 MB
376 KB 214ms
214ms Script
application/javascript 18.229.105.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://admin.brcashypay.com/static/js/app.23b6d7151701673786782.js
Requested by: Host: admin.brcashypay.com
URL: https://admin.brcashypay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.229.105.19 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-229-105-19.sa-east-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d56198e0c10dfc1f51f84a95e25007740e4d1cb150e36a501f872897981ae052

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.brcashypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 01:38:03 GMT
content-encoding: gzip
last-modified: Mon, 04 Dec 2023 07:10:26 GMT
server: nginx
etag: W/"656d7b62-378371"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 / Show response
admin.brcashypay.com/ 15 KB
4 KB 213ms
212ms Fetch
text/html 18.229.105.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://admin.brcashypay.com/
Requested by: Host:
URL: webpack:///./src/utils/updater.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.229.105.19 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-229-105-19.sa-east-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8826deeb066653b0db738cfb3ab9485bef51f6d80283f9ea92358765ff09e02d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.brcashypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 01:38:05 GMT
content-encoding: gzip
last-modified: Mon, 04 Dec 2023 07:10:26 GMT
server: nginx
etag: W/"656d7b62-3d4e"
vary: Accept-Encoding
content-type: text/html

GET
H2 200 login-background.f9f49138.jpg
admin.brcashypay.com/static/img/ 509 KB
510 KB 218ms
217ms Image
image/jpeg 18.229.105.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://admin.brcashypay.com/static/img/login-background.f9f49138.jpg
Requested by: Host: admin.brcashypay.com
URL: https://admin.brcashypay.com/login?redirect=%2Findex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.229.105.19 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-229-105-19.sa-east-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 3cdb3222af657c9a2fcbd716f46cf66d2efeffd25994c1b8997703e603575227

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.brcashypay.com/login?redirect=%2Findex
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 01:38:05 GMT
last-modified: Mon, 04 Dec 2023 07:10:26 GMT
server: nginx
accept-ranges: bytes
etag: "656d7b62-7f43b"
content-length: 521275
content-type: image/jpeg

GET
H2 200 captchaImage Show response
admin.brcashypay.com/prod-api/ 4 KB
3 KB 426ms
426ms XHR
application/json 18.229.105.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://admin.brcashypay.com/prod-api/captchaImage

Requested by

Host:
URL: webpack:///./node_modules/axios/lib/adapters/xhr.js?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.229.105.19 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-229-105-19.sa-east-1.compute.amazonaws.com

Software

nginx /

Resource Hash

26e1c63479edc6fdfadd5029a62e877baf11bdff2ca3561913ec424d1f5b26f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
isToken: false
Referer: https://admin.brcashypay.com/login?redirect=%2Findex
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 01:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
expires: 0

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc1c754e008aa34a263d3200d900b539124353d9711b20fd1e2612d184dd6272

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			paydesk2.brcashypro.com/	1969-12-31 23:59:59	Name: HWWAFSESID Value: 02c88b59cbcad695be
			paydesk2.brcashypro.com/	1969-12-31 23:59:59	Name: HWWAFSESTIME Value: 1701740280354

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admin.brcashypay.com
paydesk2.brcashypro.com
159.138.208.120
18.229.105.19
26e1c63479edc6fdfadd5029a62e877baf11bdff2ca3561913ec424d1f5b26f0
3cdb3222af657c9a2fcbd716f46cf66d2efeffd25994c1b8997703e603575227
8826deeb066653b0db738cfb3ab9485bef51f6d80283f9ea92358765ff09e02d
8ce49ecb38082f7fb65be57eb457b4fb0751140f27e0f5dc6fbc088c6658e832
d24f6c0d2fb4ecdd06eb5a801f9c36c55c37242df66a245ea98286f8d8b08767
d56198e0c10dfc1f51f84a95e25007740e4d1cb150e36a501f872897981ae052
fc1c754e008aa34a263d3200d900b539124353d9711b20fd1e2612d184dd6272

admin.brcashypay.com Open in urlscan Pro 18.229.105.19 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

7 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

1873 kBTransfer

8586 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

2 Cookies

Indicators

admin.brcashypay.com Open in urlscan Pro
18.229.105.19 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

1873 kB
Transfer

8586 kB
Size

2
Cookies

7 HTTP transactions
1 data transactions