www.ua-pay-support.site Open in urlscan Pro
45.130.41.28 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.ua-pay-support.site/
Submission: On February 13 via automatic, source certstream-suspicious (February 13th 2022, 8:51:57 pm UTC) — Scanned from DE

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 16 HTTP transactions. The main IP is 45.130.41.28, located in Russian Federation and belongs to BEGET-AS, RU. The main domain is www.ua-pay-support.site.
TLS certificate: Issued by R3 on February 13th 2022. Valid for: 3 months.

This is the only time www.ua-pay-support.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	45.130.41.28 45.130.41.28	198610 (BEGET-AS) (BEGET-AS)
10	2606:4700:303... 2606:4700:3035::6815:35eb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3035::ac43:c906	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.57.66.220 52.57.66.220	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
16	6

1 45.130.41.28 (Russian Federation)

ASN198610 (BEGET-AS, RU)
PTR: ssl.ikarus2.beget.com

www.ua-pay-support.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:3035::6815:35eb (United States)

ASN13335 (CLOUDFLARENET, US)

cardlink.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:c906 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnwbstts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.66.220 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-66-220.eu-central-1.compute.amazonaws.com

wchat.eu.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	cardlink.link cardlink.link	101 KB
2	gstatic.com fonts.gstatic.com	38 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
1	freshchat.com wchat.eu.freshchat.com — Cisco Umbrella Rank: 46731	2 KB
1	cdnwbstts.com cdnwbstts.com	129 KB
1	ua-pay-support.site www.ua-pay-support.site	4 KB
16	6

	Domain	Requested by
10	cardlink.link	www.ua-pay-support.site
2	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	cardlink.link
1	wchat.eu.freshchat.com	www.ua-pay-support.site
1	cdnwbstts.com	www.ua-pay-support.site
1	www.ua-pay-support.site
16	6

This site contains no links.

Subject Issuer	Validity	Valid
ua-pay-support.site R3	`2022-02-13` - `2022-05-14`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-10-05` - `2022-10-04`	a year	crt.sh
*.freshchat.com Amazon	`2021-03-17` - `2022-04-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.ua-pay-support.site/
Frame ID: ADC6E5476137EE83DAC9313B909F0F18
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

element-shop

Detected technologies

Livewire (Web frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]{1,512}\bwire:

Alpine.js (JavaScript frameworks) Expand

Overall confidence: 75%
Detected patterns

<[^>]+[^\w-]x-data[^\w-][^<]+

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>

Page Statistics

16
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

275 kB
Transfer

840 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.ua-pay-support.site/ 16 KB
4 KB 160ms
55ms Document
text/html 45.130.41.28
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ua-pay-support.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.28 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.ikarus2.beget.com
Software: nginx-reuseport/1.21.1 / PHP/5.6.40
Resource Hash: bf27337ea77ac7d7bbff084a9cf93289119a8c5b6c1b78fcaf92b9cfcd887eab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx-reuseport/1.21.1
date: Sun, 13 Feb 2022 20:51:52 GMT
content-type: text/html
vary: Accept-Encoding
x-powered-by: PHP/5.6.40
content-encoding: gzip

GET
H2 200 cardlink.css
cardlink.link/css/ 104 KB
20 KB 400ms
184ms Stylesheet
text/css 2606:4700:3035::6815:35eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cardlink.link/css/cardlink.css?id=a3372fa74badbb3013cb

Requested by

Host: www.ua-pay-support.site
URL: https://www.ua-pay-support.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:35eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

edbefa185f06b5929cf325ee321a1579d996e52d6012a9085d94b241ed8e9dd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ua-pay-support.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 20:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 20 Jan 2022 13:06:37 GMT
server: cloudflare
etag: W/"61e95e5d-1a153"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l5y3KXUr7G22m%2BTpAXvxBhvjBmmkLK3Fcw8MsOJfSSrbubXtsjPy6GW8theSuetaSuN0CZE94eiqS%2BHPhfXUZIA6EMi4H6RThk8uiCdiB1zM0LbLJo54rfT1%2BgXkgjGEhpVe2E5tyR4APGqE"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 6dd0efee8e4d4c1a-AMS

GET
H2 200 cardlink.js Show response
cardlink.link/js/ 246 KB
67 KB 262ms
46ms Script
application/javascript 2606:4700:3035::6815:35eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cardlink.link/js/cardlink.js?id=1980fb73193f5d134c72

Requested by

Host: www.ua-pay-support.site
URL: https://www.ua-pay-support.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:35eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0aa6cdc89538b9079d9e03e10b18c125ef44a2a1d3e14462a19ca238a01fb99e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ua-pay-support.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 20:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5891
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Dec 2021 14:14:10 GMT
server: cloudflare
etag: W/"61cc6d32-3d7b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fkrmFaUhvxLP8ASJEVC7pwEPa%2F7zTLwlA8JqyEJiGhAJHgUjqejUFV%2F6IPtBnKfkmTj0aYyKhb51yLslSEfZgaiqbhGaRivJH6OKjBcUlHluyoi%2BNbrQKh2AGUic6VgI%2FVZ58EsubaxUyxcH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 6dd0efee8e534c1a-AMS

GET
H2 200 lib.js Show response
cdnwbstts.com/js/ 386 KB
129 KB 284ms
58ms Script
application/javascript 2606:4700:3035::ac43:c906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnwbstts.com/js/lib.js

Requested by

Host: www.ua-pay-support.site
URL: https://www.ua-pay-support.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:c906 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bd161cdb29523e59357b0b736af0285e54df9b758ab3299c3b67dbfac61d3f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ua-pay-support.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 20:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2158
cf-polished: origSize=394957
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 17 Nov 2021 16:10:54 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"6195298e-606cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TfOteQP9bxWw5TaKcxF0lTC%2F9kjedNWwU%2BmsMQlwwfd3QYlVNxYxn%2FbSWvQ7czQl6BN8%2FsxfrRKTlxIgoWXWhMJ0m2LFcEW%2Fl1jtUnF41XI5ovdK3jkcUYKTCyJcFhimNSnpDr5UViQ%2FXNmA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 6dd0efeead930030-WAW
cf-bgj: minify

GET
H/1.1 200
OK widget.css
wchat.eu.freshchat.com/css/ 7 KB
2 KB 41ms
11ms Stylesheet
text/css 52.57.66.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.eu.freshchat.com/css/widget.css?t=1642455719904

Requested by

Host: www.ua-pay-support.site
URL: https://www.ua-pay-support.site/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.66.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-66-220.eu-central-1.compute.amazonaws.com

Software

fwe /

Resource Hash

d6999d7c9851d2686eb5ac16623f1c94a1a3c0d67fed5f8320d0c25ba26c3a7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ua-pay-support.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 13 Feb 2022 20:51:52 GMT
content-encoding: gzip
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: 4bc74e48-ff0e-4b9d-871f-af922522f11b
x-trace-id: 00-0be48095b88a2af58574ba4d49895a78-5b939f63e5e8645c-00
served-by: 9438
last-modified: Thu, 10 Feb 2022 10:49:58 GMT
server: fwe
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: false
cache-control: max-age=31536000,no-cache, no-store, must-revalidate, pre-check=0, post-check=0,public
x-server: 9438
Content-Type: text/css
expires: Mon, 13 Feb 2023 20:51:52 GMT

GET
H2 200 visa.png
cardlink.link/images/cardlink/ 2 KB
2 KB 327ms
113ms Image
image/png 2606:4700:3035::6815:35eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cardlink.link/images/cardlink/visa.png?id=5b51fc4a30559c932b12

Requested by

Host: www.ua-pay-support.site
URL: https://www.ua-pay-support.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:35eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97304105fd0010df01084f16b96471af7c5ef2abbe55389cad0e8c643f6bacb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ua-pay-support.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 20:51:52 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2046
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Dec 2021 06:31:36 GMT
server: cloudflare
etag: "61adae48-7fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SPJxYXdhx6tusjOJ5bSlShXDrysOU9M9D8M%2BjV5UIplty1qWu6ImjaZvHJEfLKm2kkzSGPBkQeIbMS3hSNrYn6spR5UEVe8W%2Bt8fmorADNAGKEb4iAVYmLftaqs7ijTHi45ND3Kd7lcrDHjV"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6dd0efee8e5c4c1a-AMS

GET
H2 200 mir.svg
cardlink.link/images/cardlink/ 1 KB
1 KB 331ms
117ms Image
image/svg+xml 2606:4700:3035::6815:35eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cardlink.link/images/cardlink/mir.svg?id=94b1d3528e68940298e0

Requested by

Host: www.ua-pay-support.site
URL: https://www.ua-pay-support.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:35eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

990fafebfd52e15bcfdde01ae1d66d5681ab4d7470c8ed6573bf412679557151

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ua-pay-support.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 20:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Dec 2021 06:31:36 GMT
server: cloudflare
etag: W/"61adae48-5ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RO2Ns44p2z%2FldJXXYtLxj76O4OOinOpSSXC81zew%2BqNVYhfhxYe40yqfHntufD43NO3IAtB%2FugUJl1SMynyufyoeynBKrqq4n%2FMk7sPw6tRV6BIL8tqq%2Bdj%2Bun59C5BLOP5hgkWQ6w66ZwPU"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 6dd0efee8e5a4c1a-AMS

GET
H2 200 master-card.png
cardlink.link/images/cardlink/ 1 KB
2 KB 307ms
93ms Image
image/png 2606:4700:3035::6815:35eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cardlink.link/images/cardlink/master-card.png?id=05e8842090125c986592

Requested by

Host: www.ua-pay-support.site
URL: https://www.ua-pay-support.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:35eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f154ae616ac675163cd30403d18d00e7c206beb34c2d69408e2e1d0f45b7a667

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ua-pay-support.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 20:51:52 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1445
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Dec 2021 06:31:36 GMT
server: cloudflare
etag: "61adae48-5a5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PgQFqwnHcEbfRBqwEw%2F9ta8Ixhdb2b%2BopX1lz%2FrsTKXA2Li1RJPnaiKOwaFPONwVvKwMsd%2FhJmbXyaVwaR%2FCRWiZPpC8%2BiE%2FODm6SexlOAUVo0P2azL9b3O5wczeoKgQKy%2FjxSd13pxJ8X%2BU"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6dd0efee8e564c1a-AMS

GET
H2 200 warn.png
cardlink.link/images/cardlink/ 1 KB
1 KB 317ms
103ms Image
image/png 2606:4700:3035::6815:35eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cardlink.link/images/cardlink/warn.png?id=929376d64709a88c221c

Requested by

Host: www.ua-pay-support.site
URL: https://www.ua-pay-support.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:35eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7b29086ae7f35e6bd108a06aa54f1c0d03052be8ac033cd6474fbb72a710aad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ua-pay-support.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 20:51:52 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1024
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Dec 2021 06:31:36 GMT
server: cloudflare
etag: "61adae48-400"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1UQ92pczTsRfRII%2FRpkekoiTNedJ36mZZzqHDDKyL%2FTJJO25kUj8I7yp4nGbOi7eHueNPx20ur9SLeBjwDPRuCXBaB9IDRPCr4OCTCF2%2F59TDnYmkGHu1EcfeILSxDjcqXoZJmArPr3DLN6H"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6dd0efee8e5e4c1a-AMS

GET
H2 200 shield.svg
cardlink.link/images/cardlink/ 6 KB
2 KB 97ms
95ms Image
image/svg+xml 2606:4700:3035::6815:35eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cardlink.link/images/cardlink/shield.svg?id=2a52c8304626726dce37

Requested by

Host: www.ua-pay-support.site
URL: https://www.ua-pay-support.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:35eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d02378c81519e4d35c81819a9ef869a33dc4924382e40d05ee4d1b7a99ec3fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ua-pay-support.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 20:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Dec 2021 06:31:36 GMT
server: cloudflare
etag: W/"61adae48-16f3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aim%2BcSNvGlCfxvq8RqGGHoFn6geqH4q4k1qsz%2FRoYozK8%2Fd7%2B0XrejXQek6mJX%2BLgZnJ29ydnPRJVvneJTYa67Em0Q0ZG5HtIE%2FSn8ndr2cX1hmzPNiS6nB6ydNxWQ1KyyWKmLRJ%2F6AXB1Iw"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 6dd0efef0f334c1a-AMS

GET
H2 200 lock.svg
cardlink.link/images/cardlink/ 8 KB
2 KB 90ms
88ms Image
image/svg+xml 2606:4700:3035::6815:35eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cardlink.link/images/cardlink/lock.svg?id=bbe89dcea2cad8f4b90c

Requested by

Host: www.ua-pay-support.site
URL: https://www.ua-pay-support.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:35eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ee7f917e042360876d423aa5a844e778ebaa009429ecfab526204f28467fa5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ua-pay-support.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 20:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Dec 2021 06:31:36 GMT
server: cloudflare
etag: W/"61adae48-204d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HI%2F%2BH%2FG6w%2BXBXaVEeImPhZp1mfx%2BxwYl63WlYJZnSbf0lyp4JF%2FcBKYME2R%2FNzviPdEqO12o%2FoHO2oJStp5%2By3qD91YVUJGX4lUgqf3er8qypfuDrwP94ZVNrhlvfFEYDzqCiJodLioyc8tZ"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 6dd0efef0f354c1a-AMS

GET
H2 200 thunder.svg
cardlink.link/images/cardlink/ 6 KB
2 KB 106ms
104ms Image
image/svg+xml 2606:4700:3035::6815:35eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cardlink.link/images/cardlink/thunder.svg?id=5cf8c5d942a3e009b272

Requested by

Host: www.ua-pay-support.site
URL: https://www.ua-pay-support.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:35eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a7f71a285d1afdc7620a5a23cba9c18ac534e264a7e5844b61aab770fcbe686

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ua-pay-support.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 20:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Dec 2021 06:31:36 GMT
server: cloudflare
etag: W/"61adae48-18e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VLsyJYtTqMEFpTFAeKkPTONRDQba7TlCrqZhrGst88SAWyzaC2KzGUZHP77f7RhK3m4Ck3Y7DN9C0%2BVkN6hZfsOTVglxCw%2FLWWGbCZyWELCoqNleuGQ9EHTPi%2BblmV%2B7lpYJcCI3%2BvHQxCRO"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 6dd0efef0f364c1a-AMS

GET
H2 200 lock-2.svg
cardlink.link/images/cardlink/ 8 KB
2 KB 131ms
129ms Image
image/svg+xml 2606:4700:3035::6815:35eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cardlink.link/images/cardlink/lock-2.svg?id=4830f08c9596a0d8f4ca

Requested by

Host: www.ua-pay-support.site
URL: https://www.ua-pay-support.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:35eb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a60b6c5844fc5877d1e9eda3123507a24a0396c3f942be0c40b50fec7732a44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ua-pay-support.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 20:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Dec 2021 06:31:36 GMT
server: cloudflare
etag: W/"61adae48-1f01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h4KZwE2lx3yACb7qh0VkKa4qawqzaEPUPfD3h8OGa3MzRkud798aYrBdgBVl50XLleqaFX0az4451sGmQsCfDcUmzadlteOGDyqcQvX3oOQumXc29WaNlgNoYWmgFbwu972vam5492uOSYob"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 6dd0efef0f374c1a-AMS

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 38ms
15ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Manrope:wght@300;400;500;600;700&display=swap

Requested by

Host: cardlink.link
URL: https://cardlink.link/css/cardlink.css?id=a3372fa74badbb3013cb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

883e01e89c4233de22a39a438728613a004d748b03324c9b7dad164f55f09321

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cardlink.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 13 Feb 2022 20:42:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 13 Feb 2022 20:51:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 13 Feb 2022 20:51:52 GMT

GET
H2 200 xn7gYHE41ni1AdIRggexSg.woff2
fonts.gstatic.com/s/manrope/v11/ 24 KB
24 KB 31ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/manrope/v11/xn7gYHE41ni1AdIRggexSg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Manrope:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dc8923fc00490445ececc0094581e4ce7238371b2ecff7a573497c934608e9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ua-pay-support.site
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 06:09:25 GMT
x-content-type-options: nosniff
age: 484947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24356
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:28:38 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Feb 2023 06:09:25 GMT

GET
H2 200 xn7gYHE41ni1AdIRggOxSuXd.woff2
fonts.gstatic.com/s/manrope/v11/ 14 KB
14 KB 37ms
14ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/manrope/v11/xn7gYHE41ni1AdIRggOxSuXd.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Manrope:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9eca8b935898551d3cd64f173a00fb336c31d97b2dddf59051b09f6a7e871d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ua-pay-support.site
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 07:11:12 GMT
x-content-type-options: nosniff
age: 394840
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14200
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:28:01 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Feb 2023 07:11:12 GMT

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cardlink.link
cdnwbstts.com
fonts.googleapis.com
fonts.gstatic.com
wchat.eu.freshchat.com
www.ua-pay-support.site
2606:4700:3035::6815:35eb
2606:4700:3035::ac43:c906
2a00:1450:4001:803::2003
2a00:1450:4001:82b::200a
45.130.41.28
52.57.66.220
0aa6cdc89538b9079d9e03e10b18c125ef44a2a1d3e14462a19ca238a01fb99e
5ee7f917e042360876d423aa5a844e778ebaa009429ecfab526204f28467fa5d
6a60b6c5844fc5877d1e9eda3123507a24a0396c3f942be0c40b50fec7732a44
6d02378c81519e4d35c81819a9ef869a33dc4924382e40d05ee4d1b7a99ec3fc
7a7f71a285d1afdc7620a5a23cba9c18ac534e264a7e5844b61aab770fcbe686
7bd161cdb29523e59357b0b736af0285e54df9b758ab3299c3b67dbfac61d3f5
883e01e89c4233de22a39a438728613a004d748b03324c9b7dad164f55f09321
8dc8923fc00490445ececc0094581e4ce7238371b2ecff7a573497c934608e9f
97304105fd0010df01084f16b96471af7c5ef2abbe55389cad0e8c643f6bacb7
990fafebfd52e15bcfdde01ae1d66d5681ab4d7470c8ed6573bf412679557151
a9eca8b935898551d3cd64f173a00fb336c31d97b2dddf59051b09f6a7e871d6
bf27337ea77ac7d7bbff084a9cf93289119a8c5b6c1b78fcaf92b9cfcd887eab
c7b29086ae7f35e6bd108a06aa54f1c0d03052be8ac033cd6474fbb72a710aad
d6999d7c9851d2686eb5ac16623f1c94a1a3c0d67fed5f8320d0c25ba26c3a7c
edbefa185f06b5929cf325ee321a1579d996e52d6012a9085d94b241ed8e9dd3
f154ae616ac675163cd30403d18d00e7c206beb34c2d69408e2e1d0f45b7a667

www.ua-pay-support.site Open in urlscan Pro 45.130.41.28 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

67 %IPv6

6 Domains

6 Subdomains

6 IPs

3 Countries

275 kBTransfer

840 kBSize

0 Cookies

0 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

0 Cookies

Indicators

www.ua-pay-support.site Open in urlscan Pro
45.130.41.28 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

275 kB
Transfer

840 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions