URL: https://paytm.fastivalbigdays.xyz/
Submission: On October 31 via manual from IN — Scanned from DE

Summary

This website contacted 8 IPs in 4 countries across 5 domains to perform 24 HTTP transactions. The main IP is 68.178.147.69, located in Mumbai, India and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is paytm.fastivalbigdays.xyz.
TLS certificate: Issued by R3 on October 31st 2023. Valid for: 3 months.
This is the only time paytm.fastivalbigdays.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 68.178.147.69 26496 (AS-26496-...)
10 139.45.240.92 57304 (RUBY-AS)
2 2620:1ec:46::45 8075 (MICROSOFT...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 54.39.128.162 16276 (OVH)
2 20.231.53.73 8075 (MICROSOFT...)
1 2 68.219.88.97 ()
1 1 2620:1ec:c11:... ()
24 8
Apex Domain
Subdomains
Transfer
10 notix.io
notix.io — Cisco Umbrella Rank: 17058
45 KB
7 fastivalbigdays.xyz
paytm.fastivalbigdays.xyz
16 MB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 827
q.clarity.ms — Cisco Umbrella Rank: 7495
c.clarity.ms
27 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 14333
s4.histats.com — Cisco Umbrella Rank: 14235
5 KB
1 bing.com
c.bing.com
765 B
24 5
Domain Requested by
10 notix.io paytm.fastivalbigdays.xyz
notix.io
7 paytm.fastivalbigdays.xyz paytm.fastivalbigdays.xyz
2 c.clarity.ms 1 redirects
2 q.clarity.ms www.clarity.ms
2 www.clarity.ms paytm.fastivalbigdays.xyz
www.clarity.ms
1 c.bing.com 1 redirects
1 s4.histats.com s10.histats.com
1 s10.histats.com paytm.fastivalbigdays.xyz
24 8

This site contains no links.

Subject Issuer Validity Valid
paytm.fastivalbigdays.xyz
R3
2023-10-31 -
2024-01-29
3 months crt.sh
notix.io
R3
2023-09-15 -
2023-12-14
3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2023-08-29 -
2024-08-29
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-13 -
2024-05-11
a year crt.sh
histats.com
R3
2023-08-29 -
2023-11-27
3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06
2023-02-13 -
2024-02-08
a year crt.sh

This page contains 1 frames:

Primary Page: https://paytm.fastivalbigdays.xyz/
Frame ID: 73AC29D5D4E62F9F8184896CA48BCC42
Requests: 22 HTTP requests in this frame

Screenshot

Page Title

Lucky Cashback Point

Page Statistics

24
Requests

96 %
HTTPS

38 %
IPv6

5
Domains

8
Subdomains

8
IPs

4
Countries

16303 kB
Transfer

16511 kB
Size

17
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=87B0B13890344831B6B551F789900BA8&RedC=c.clarity.ms&MXFR=388EEB0353416DFC0B01F8B8574163AF HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=87B0B13890344831B6B551F789900BA8&MUID=20CBB4518CCB6DD12A68A7EA8DCB6CD3

24 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
paytm.fastivalbigdays.xyz/
42 KB
28 KB
Document
General
Full URL
https://paytm.fastivalbigdays.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.178.147.69 Mumbai, India, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
69.147.178.68.host.secureserver.net
Software
Apache / PHP/7.4.33
Resource Hash
baf2329785b40d4721016636668795056542ecff3f74a7dc1b665e101976ef2f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
br
content-length
28900
content-type
text/html; charset=UTF-8
date
Tue, 31 Oct 2023 23:07:22 GMT
server
Apache
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
clarity.js.download
paytm.fastivalbigdays.xyz/index_files/
59 KB
20 KB
Script
General
Full URL
https://paytm.fastivalbigdays.xyz/index_files/clarity.js.download
Requested by
Host: paytm.fastivalbigdays.xyz
URL: https://paytm.fastivalbigdays.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.178.147.69 Mumbai, India, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
69.147.178.68.host.secureserver.net
Software
Apache /
Resource Hash
74e69ccf2f5cb32c175e328707c515fc9116ddd5cb3c92882d9bd53d3a742d63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytm.fastivalbigdays.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 23:07:22 GMT
content-encoding
br
last-modified
Mon, 30 Oct 2023 13:48:36 GMT
server
Apache
etag
"17c0a55-ead5-608ef4b6e7500-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
20285
jhai3ikgc4
paytm.fastivalbigdays.xyz/index_files/
513 B
343 B
Script
General
Full URL
https://paytm.fastivalbigdays.xyz/index_files/jhai3ikgc4
Requested by
Host: paytm.fastivalbigdays.xyz
URL: https://paytm.fastivalbigdays.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.178.147.69 Mumbai, India, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
69.147.178.68.host.secureserver.net
Software
Apache /
Resource Hash
cdbfdf8137f111bccf30d12c5692264d6fe10259f7e6bdb8c61261604ac3da5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytm.fastivalbigdays.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 23:07:22 GMT
content-encoding
br
last-modified
Mon, 30 Oct 2023 13:48:36 GMT
server
Apache
etag
"17c0a56-201-608ef4b6e7500-br"
vary
Accept-Encoding
accept-ranges
bytes
content-length
287
style.css
paytm.fastivalbigdays.xyz/index_files/
2 KB
593 B
Stylesheet
General
Full URL
https://paytm.fastivalbigdays.xyz/index_files/style.css
Requested by
Host: paytm.fastivalbigdays.xyz
URL: https://paytm.fastivalbigdays.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.178.147.69 Mumbai, India, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
69.147.178.68.host.secureserver.net
Software
Apache /
Resource Hash
2f11004b5e7ded5174cc1a4c1d49b6ea46b783963235ef6f9bca4b65139057fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytm.fastivalbigdays.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 23:07:22 GMT
content-encoding
br
last-modified
Mon, 30 Oct 2023 13:48:36 GMT
server
Apache
etag
"17c0a59-725-608ef4b6e7500-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
528
Head.gif
paytm.fastivalbigdays.xyz/index_files/
5 MB
5 MB
Image
General
Full URL
https://paytm.fastivalbigdays.xyz/index_files/Head.gif
Requested by
Host: paytm.fastivalbigdays.xyz
URL: https://paytm.fastivalbigdays.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.178.147.69 Mumbai, India, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
69.147.178.68.host.secureserver.net
Software
Apache /
Resource Hash
13f1d80b4fae633be4e1d9628fbcd5aeba0b149deae429873a898da8030804d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytm.fastivalbigdays.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 23:07:22 GMT
last-modified
Mon, 30 Oct 2023 13:48:36 GMT
server
Apache
accept-ranges
bytes
etag
"17c0a5a-489532-608ef4b6e7500"
content-length
4756786
content-type
image/gif
scr.gif
paytm.fastivalbigdays.xyz/index_files/
9 MB
9 MB
Image
General
Full URL
https://paytm.fastivalbigdays.xyz/index_files/scr.gif
Requested by
Host: paytm.fastivalbigdays.xyz
URL: https://paytm.fastivalbigdays.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.178.147.69 Mumbai, India, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
69.147.178.68.host.secureserver.net
Software
Apache /
Resource Hash
c012fc2bd1cf53d8beb3f77f1018c7bd9c294d04e8d07217b73f851c3b5b33ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytm.fastivalbigdays.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 23:07:22 GMT
last-modified
Mon, 30 Oct 2023 13:48:36 GMT
server
Apache
accept-ranges
bytes
etag
"17c0a58-8e562f-608ef4b6e7500"
content-length
9328175
content-type
image/gif
Foot.gif
paytm.fastivalbigdays.xyz/index_files/
2 MB
2 MB
Image
General
Full URL
https://paytm.fastivalbigdays.xyz/index_files/Foot.gif
Requested by
Host: paytm.fastivalbigdays.xyz
URL: https://paytm.fastivalbigdays.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.178.147.69 Mumbai, India, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
69.147.178.68.host.secureserver.net
Software
Apache /
Resource Hash
dbbba58f418c25f52d0298d9365c45aa487773755b9432d7ddae50830274671e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytm.fastivalbigdays.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 23:07:23 GMT
last-modified
Mon, 30 Oct 2023 13:48:36 GMT
server
Apache
accept-ranges
bytes
etag
"17c0a57-25b4d8-608ef4b6e7500"
content-length
2471128
content-type
image/gif
enot.min.js
notix.io/ent/current/
143 KB
44 KB
Script
General
Full URL
https://notix.io/ent/current/enot.min.js
Requested by
Host: paytm.fastivalbigdays.xyz
URL: https://paytm.fastivalbigdays.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
1ceee454085623288eda229e1763fb8cce4be4a3cc9b21d4e2677f47b1f5b790

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytm.fastivalbigdays.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 23:07:21 GMT
content-encoding
gzip
last-modified
Thu, 26 Oct 2023 07:02:07 GMT
server
nginx
etag
W/"653a0eef-23bf6"
content-type
application/javascript
cache-control
no-cache
access-control-allow-credentials
true
jhai3ikgc4
www.clarity.ms/tag/
650 B
1014 B
Script
General
Full URL
https://www.clarity.ms/tag/jhai3ikgc4
Requested by
Host: paytm.fastivalbigdays.xyz
URL: https://paytm.fastivalbigdays.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
32f1100fb650675e8e962b74b0aa01591988adbb9947f2919d20501a230ca939

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytm.fastivalbigdays.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires
-1
date
Tue, 31 Oct 2023 23:07:23 GMT
x-azure-ref
20231031T230723Z-394wbaudqx1kvd71b9rzqdcc2c00000000k000000000c2r8
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
650
request-context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
truncated
/
23 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3981ce8ce8573703ddf2a9a76942158a5b758810efe8482f3c18362d20ff8b1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d195b2bdfffd3e66d1b80920a94ebad44b309472388034cb7e374c0c82fde23b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
js15_as.js
s10.histats.com/
11 KB
5 KB
Script
General
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: paytm.fastivalbigdays.xyz
URL: https://paytm.fastivalbigdays.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:81f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytm.fastivalbigdays.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 23:07:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
25603
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
81ef8dccff049be6-FRA
content-length
4547
0.php
s4.histats.com/stats/
52 B
186 B
Script
General
Full URL
https://s4.histats.com/stats/0.php?4810273&@f16&@g1&@h1&@i1&@j1698793643055&@k0&@l1&@mLucky%20Cashback%20Point&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-199363422&@b3:1698793643&@b4:js15_as.js&@b5:60&@a-_0.2.1&@vhttps%3A%2F%2Fpaytm.fastivalbigdays.xyz%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.128.162 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns562109.ip-54-39-128.net
Software
/
Resource Hash
7ae45ead27aac3eb528a9d28183bc4be92b4e6eaf1df3a8bc70a57005c370b63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytm.fastivalbigdays.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Tue, 31 Oct 2023 23:07:14 GMT
Connection
close
Content-Length
52
Content-Type
text/html;charset=UTF-8
settings
notix.io/
71 B
331 B
Fetch
General
Full URL
https://notix.io/settings?appId=1004519506145c4ac6dbe6b2e035357&ver=0.15.13
Requested by
Host: notix.io
URL: https://notix.io/ent/current/enot.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
9d8bee16e4690fbe5b837e064a117136ca4108a50a39d10d3a4b0e5cc77a75dc
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytm.fastivalbigdays.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 23:07:21 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://paytm.fastivalbigdays.xyz
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
71
event
notix.io/
15 B
275 B
Ping
General
Full URL
https://notix.io/event
Requested by
Host: notix.io
URL: https://notix.io/ent/current/enot.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://paytm.fastivalbigdays.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 31 Oct 2023 23:07:21 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://paytm.fastivalbigdays.xyz
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
15
event
notix.io/
0
0
Preflight
General
Full URL
https://notix.io/event
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://paytm.fastivalbigdays.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://paytm.fastivalbigdays.xyz
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Tue, 31 Oct 2023 23:07:21 GMT
server
nginx
event
notix.io/
15 B
275 B
Ping
General
Full URL
https://notix.io/event
Requested by
Host: notix.io
URL: https://notix.io/ent/current/enot.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://paytm.fastivalbigdays.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 31 Oct 2023 23:07:21 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://paytm.fastivalbigdays.xyz
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
15
event
notix.io/
0
0
Preflight
General
Full URL
https://notix.io/event
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://paytm.fastivalbigdays.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://paytm.fastivalbigdays.xyz
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Tue, 31 Oct 2023 23:07:21 GMT
server
nginx
event
notix.io/
15 B
275 B
Ping
General
Full URL
https://notix.io/event
Requested by
Host: notix.io
URL: https://notix.io/ent/current/enot.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://paytm.fastivalbigdays.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 31 Oct 2023 23:07:21 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://paytm.fastivalbigdays.xyz
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
15
event
notix.io/
0
0
Preflight
General
Full URL
https://notix.io/event
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://paytm.fastivalbigdays.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://paytm.fastivalbigdays.xyz
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Tue, 31 Oct 2023 23:07:21 GMT
server
nginx
event
notix.io/
0
0
Preflight
General
Full URL
https://notix.io/event
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://paytm.fastivalbigdays.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://paytm.fastivalbigdays.xyz
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Tue, 31 Oct 2023 23:07:21 GMT
server
nginx
event
notix.io/
15 B
275 B
Ping
General
Full URL
https://notix.io/event
Requested by
Host: notix.io
URL: https://notix.io/ent/current/enot.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://paytm.fastivalbigdays.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 31 Oct 2023 23:07:21 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://paytm.fastivalbigdays.xyz
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
15
clarity.js
www.clarity.ms/s/0.7.13/
59 KB
25 KB
Script
General
Full URL
https://www.clarity.ms/s/0.7.13/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/jhai3ikgc4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
74e69ccf2f5cb32c175e328707c515fc9116ddd5cb3c92882d9bd53d3a742d63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytm.fastivalbigdays.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 23:07:23 GMT
content-encoding
br
last-modified
Tue, 17 Oct 2023 11:58:02 GMT
etag
W/"0x8DBCF0850CC9F3D"
vary
Accept-Encoding
x-azure-ref
20231031T230723Z-394wbaudqx1kvd71b9rzqdcc2c00000000k000000000c2rv
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
86331786-201e-007e-2b9a-0bbe9c000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
collect
q.clarity.ms/
0
305 B
XHR
General
Full URL
https://q.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.13/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://paytm.fastivalbigdays.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://paytm.fastivalbigdays.xyz
Date
Tue, 31 Oct 2023 23:07:23 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=87B0B13890344831B6B551F789900BA8&RedC=c.clarity.ms&MXFR=388EEB0353416DFC0B01F8B8574163AF
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=87B0B13890344831B6B551F789900BA8&MUID=20CBB4518CCB6DD12A68A7EA8DCB6CD3
42 B
468 B
Image
General
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=87B0B13890344831B6B551F789900BA8&MUID=20CBB4518CCB6DD12A68A7EA8DCB6CD3
Protocol
H2
Server
68.219.88.97 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytm.fastivalbigdays.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 23:07:28 GMT
last-modified
Wed, 30 Aug 2023 19:01:41 GMT
server
Microsoft-IIS/10.0
etag
"8d59566974dbd91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 31 Oct 2023 23:07:28 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 57B79D1FD86A4EFC94EB77881848748F Ref B: FRAEDGE1811 Ref C: 2023-10-31T23:07:29Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=87B0B13890344831B6B551F789900BA8&MUID=20CBB4518CCB6DD12A68A7EA8DCB6CD3
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
collect
q.clarity.ms/
0
305 B
XHR
General
Full URL
https://q.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.13/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://paytm.fastivalbigdays.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://paytm.fastivalbigdays.xyz
Date
Tue, 31 Oct 2023 23:07:30 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| s function| clarity object| _Hasync function| chfh function| chfh2 string| _HST_cntval object| Histats object| a0_0x592a function| a0_0x3541 object| _HistatsCounterGraphics_0_setValues

17 Cookies

Domain/Path Name / Value
paytm.fastivalbigdays.xyz/ Name: HstCfa4810273
Value: 1698793643055
paytm.fastivalbigdays.xyz/ Name: HstCla4810273
Value: 1698793643055
paytm.fastivalbigdays.xyz/ Name: HstCmu4810273
Value: 1698793643055
paytm.fastivalbigdays.xyz/ Name: HstPn4810273
Value: 1
paytm.fastivalbigdays.xyz/ Name: HstPt4810273
Value: 1
paytm.fastivalbigdays.xyz/ Name: HstCnv4810273
Value: 1
paytm.fastivalbigdays.xyz/ Name: HstCns4810273
Value: 1
www.clarity.ms/ Name: CLID
Value: 8cb31bd8c7934aafb445e27a22b992a9.20231031.20241030
.fastivalbigdays.xyz/ Name: _clck
Value: poiuno|2|fgb|0|1399
.fastivalbigdays.xyz/ Name: _clsk
Value: 6n34nx|1698793643873|1|1|q.clarity.ms/collect
.bing.com/ Name: MUID
Value: 20CBB4518CCB6DD12A68A7EA8DCB6CD3
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 20CBB4518CCB6DD12A68A7EA8DCB6CD3
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 20CBB4518CCB6DD12A68A7EA8DCB6CD3
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bing.com
c.clarity.ms
notix.io
paytm.fastivalbigdays.xyz
q.clarity.ms
s10.histats.com
s4.histats.com
www.clarity.ms
139.45.240.92
20.231.53.73
2606:4700:10::6814:81f
2620:1ec:46::45
2620:1ec:c11::200
54.39.128.162
68.178.147.69
68.219.88.97
13f1d80b4fae633be4e1d9628fbcd5aeba0b149deae429873a898da8030804d1
1ceee454085623288eda229e1763fb8cce4be4a3cc9b21d4e2677f47b1f5b790
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2f11004b5e7ded5174cc1a4c1d49b6ea46b783963235ef6f9bca4b65139057fd
32f1100fb650675e8e962b74b0aa01591988adbb9947f2919d20501a230ca939
3981ce8ce8573703ddf2a9a76942158a5b758810efe8482f3c18362d20ff8b1a
74e69ccf2f5cb32c175e328707c515fc9116ddd5cb3c92882d9bd53d3a742d63
7ae45ead27aac3eb528a9d28183bc4be92b4e6eaf1df3a8bc70a57005c370b63
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d8bee16e4690fbe5b837e064a117136ca4108a50a39d10d3a4b0e5cc77a75dc
baf2329785b40d4721016636668795056542ecff3f74a7dc1b665e101976ef2f
c012fc2bd1cf53d8beb3f77f1018c7bd9c294d04e8d07217b73f851c3b5b33ff
cdbfdf8137f111bccf30d12c5692264d6fe10259f7e6bdb8c61261604ac3da5a
d195b2bdfffd3e66d1b80920a94ebad44b309472388034cb7e374c0c82fde23b
dbbba58f418c25f52d0298d9365c45aa487773755b9432d7ddae50830274671e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b