urlscan.io logo urlscan.io
SecurityTrails logo

securegw.paytm.in Open in urlscan Pro
2a02:26f0:6c00:29e::26f8  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.paytm.grocbay.com/
Effective URL: https://securegw.paytm.in/order/process
Submission: On December 17 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 3 HTTP transactions. The main IP is 2a02:26f0:6c00:29e::26f8, located in Ascension Island and belongs to AKAMAI-ASN1, EU. The main domain is securegw.paytm.in.
TLS certificate: Issued by GeoTrust RSA CA 2018 on September 21st 2020. Valid for: 7 months.
This is the only time securegw.paytm.in was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 95.168.187.200 205544 (LEASEWEB-...)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 2
Apex Domain
Subdomains		 Transfer
2 paytm.in
securegw.paytm.in
staticgw1.paytm.in
101 KB
1 grocbay.com
www.paytm.grocbay.com
778 B
3 2
Domain Requested by
1 staticgw1.paytm.in securegw.paytm.in
1 securegw.paytm.in
1 www.paytm.grocbay.com
3 3

This site contains links to these domains. Also see Links.

Domain
www.paytm.com
Subject Issuer Validity Valid
paytm.grocbay.com
Let's Encrypt Authority X3		 2020-10-17 -
2021-01-15		 3 months crt.sh
secure.paytm.in
GeoTrust RSA CA 2018		 2020-09-21 -
2021-04-29		 7 months crt.sh

This page contains 1 frames:

Primary Page: https://securegw.paytm.in/order/process
Frame ID: E4BEC68F082945C3D987B8BC7DBCCB3E
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.paytm.grocbay.com/ Page URL
  2. https://securegw.paytm.in/order/process Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

3
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

3
Subdomains

2
IPs

2
Countries

102 kB
Transfer

395 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.paytm.grocbay.com/ Page URL
  2. https://securegw.paytm.in/order/process Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.paytm.grocbay.com/ 		980 B
778 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paytm.grocbay.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.168.187.200 London, United Kingdom, ASN205544 (LEASEWEB-UK-LON-11, GB),
Reverse DNS
srvcl.crypracks.com
Software
nginx /
Resource Hash
263a74400961248bab5cdd4e15b590d9dbb15278d2c16251315b15d77837ec1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.paytm.grocbay.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx
date
Thu, 17 Dec 2020 10:36:31 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
pragma
no-cache
cache-control
no-cache
expires
0
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-nginx-upstream-cache-status
MISS
x-server-powered-by
Engintron
content-encoding
gzip
Primary Request process
securegw.paytm.in/order/ 		391 KB
98 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://securegw.paytm.in/order/process
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:29e::26f8 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
APPSRV /
Resource Hash
1d78eafd5b759a1c452c3943482f7093189c6f3b88c9b04964249ef7aa52db6f

Request headers

:method
POST
:authority
securegw.paytm.in
:scheme
https
:path
/order/process
content-length
304
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://www.paytm.grocbay.com
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://www.paytm.grocbay.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
Origin
https://www.paytm.grocbay.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.paytm.grocbay.com/

Response headers

content-type
text/html;charset=ISO-8859-1
content-language
en-US
server
APPSRV
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type
vary
Accept-Encoding
content-encoding
gzip
date
Thu, 17 Dec 2020 10:36:33 GMT
set-cookie
ak_bmsc=5081CEB3079906967FC351669D7715540210BA8D80340000B034DB5FEF978012~plpLu+Njigucb8eprFGOzoRFWPXRRfNSZndpLG5YreeR5HwU1uiB5eMCyNZiY8kjuecidClnTB7ZK7eyypjinj+vut5uLwgJytcMQZKdBZnRjUBBU0jgM6W1OBdkasYRtOEY7luyK0tJQKLV629jsiil13CmWQFBoKDL4KHQ6WUUu5/35eotYeKYYpU/FE+EgQN2UCmsdtaYTWjbFvnlpbjUKrVpCoM+UQpUipCh/uHfQ=; expires=Thu, 17 Dec 2020 12:36:32 GMT; max-age=7200; path=/; domain=.paytm.in; HttpOnly
paytm_logo.png
staticgw1.paytm.in/33.1.1/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staticgw1.paytm.in/33.1.1/images/paytm_logo.png
Requested by
Host: securegw.paytm.in
URL: https://securegw.paytm.in/order/process
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:29e::26f8 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
cdn.paytm /
Resource Hash
1ec3d6f88f6bd2f42fc759109302c6ebfacb2c8f5a99c4cc21cad2940330996d

Request headers

Referer
https://securegw.paytm.in/order/process
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Dec 2020 10:36:49 GMT
last-modified
Wed, 20 May 2020 15:32:05 GMT
server
cdn.paytm
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=561970
accept-ranges
bytes
access-control-allow-headers
accept, origin, x-requested-with, content-type, x-transmission-session-id
content-length
2730

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| backButtonOverride function| backButtonOverrideBody object| bodymovin object| animationData object| params object| anim

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block