kassa-mini-kzt-app.aitupay.kz Open in urlscan Pro
188.72.127.153 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://kassa-mini-kzt-app.aitupay.kz/
Submission: On April 16 via api (April 16th 2024, 1:21:21 pm UTC) from US — Scanned from DE

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 17 HTTP transactions. The main IP is 188.72.127.153, located in Kazakhstan and belongs to SMARTCITIES-AS, KZ. The main domain is kassa-mini-kzt-app.aitupay.kz.
TLS certificate: Issued by R3 on February 9th 2024. Valid for: 3 months.

This is the only time kassa-mini-kzt-app.aitupay.kz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	188.72.127.153 188.72.127.153	208356 (SMARTCITI...) (SMARTCITIES-AS)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
3	34.218.167.212 34.218.167.212	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
17	4

11 188.72.127.153 (Kazakhstan)

ASN208356 (SMARTCITIES-AS, KZ)

kassa-mini-kzt-app.aitupay.kz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sentry.aitupay.kz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.218.167.212 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-218-167-212.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	aitupay.kz kassa-mini-kzt-app.aitupay.kz sentry.aitupay.kz	747 KB
3	amplitude.com api.amplitude.com — Cisco Umbrella Rank: 2193	454 B
2	gstatic.com fonts.gstatic.com	63 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
17	4

	Domain	Requested by
10	kassa-mini-kzt-app.aitupay.kz	kassa-mini-kzt-app.aitupay.kz
3	api.amplitude.com	kassa-mini-kzt-app.aitupay.kz
2	fonts.gstatic.com	fonts.googleapis.com
1	sentry.aitupay.kz	kassa-mini-kzt-app.aitupay.kz
1	fonts.googleapis.com	kassa-mini-kzt-app.aitupay.kz
17	5

This site contains no links.

Subject Issuer	Validity	Valid
*.aitupay.kz R3	`2024-02-09` - `2024-05-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2024-01-31` - `2025-03-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://kassa-mini-kzt-app.aitupay.kz/
Frame ID: 94D5D00077B54D750BA765AD79713FA4
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

AituPay

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

17
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

4
IPs

3
Countries

812 kB
Transfer

2768 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
kassa-mini-kzt-app.aitupay.kz/ 4 KB
2 KB 380ms
122ms Document
text/html 188.72.127.153
SMARTCITIES-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://kassa-mini-kzt-app.aitupay.kz/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

188.72.127.153 , Kazakhstan, ASN208356 (SMARTCITIES-AS, KZ),

Reverse DNS

Software

nginx /

Resource Hash

f720c7287d3b3bba7bf74a0ffff3e5bfd8ce1b16726e0051816a4f00ea208cf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Tue, 16 Apr 2024 13:21:15 GMT
etag: W/"65e712c5-108d"
last-modified: Tue, 05 Mar 2024 12:40:37 GMT
referrer-policy: strict-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains;
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 css2
fonts.googleapis.com/ 12 KB
1 KB 157ms
63ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap

Requested by

Host: kassa-mini-kzt-app.aitupay.kz
URL: https://kassa-mini-kzt-app.aitupay.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

00008d2a6bb44551ff155148e5fedbcc0fdf8d710d908581fdf04dd96dfb31ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://kassa-mini-kzt-app.aitupay.kz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Tue, 16 Apr 2024 13:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 16 Apr 2024 13:10:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Apr 2024 13:21:15 GMT

GET
H2 200 indexKazakhTelecom-CTGGlOa8.js Show response
kassa-mini-kzt-app.aitupay.kz/assets/ 2 MB
491 KB 248ms
246ms Script
application/javascript 188.72.127.153
SMARTCITIES-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://kassa-mini-kzt-app.aitupay.kz/assets/indexKazakhTelecom-CTGGlOa8.js

Requested by

Host: kassa-mini-kzt-app.aitupay.kz
URL: https://kassa-mini-kzt-app.aitupay.kz/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

188.72.127.153 , Kazakhstan, ASN208356 (SMARTCITIES-AS, KZ),

Reverse DNS

Software

nginx /

Resource Hash

751e4ef7137b5d02eee0bc54c3e3bd1fa8978390b41847568a8a2664fec360f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://kassa-mini-kzt-app.aitupay.kz/
Origin: https://kassa-mini-kzt-app.aitupay.kz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 13:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin
last-modified: Tue, 05 Mar 2024 08:03:37 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains;
etag: W/"65e6d1d9-1d6dee"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=864000, public, no-transform
x-xss-protection: 1; mode=block
expires: Fri, 26 Apr 2024 13:21:15 GMT

GET
H2 200 effector-BBistAwT.js Show response
kassa-mini-kzt-app.aitupay.kz/assets/ 78 KB
29 KB 367ms
364ms Script
application/javascript 188.72.127.153
SMARTCITIES-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://kassa-mini-kzt-app.aitupay.kz/assets/effector-BBistAwT.js

Requested by

Host: kassa-mini-kzt-app.aitupay.kz
URL: https://kassa-mini-kzt-app.aitupay.kz/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

188.72.127.153 , Kazakhstan, ASN208356 (SMARTCITIES-AS, KZ),

Reverse DNS

Software

nginx /

Resource Hash

f906477b726fba808c1b5300541f5ff3a45e97632ea00b153bdf4a6fc5f2e79f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://kassa-mini-kzt-app.aitupay.kz/
Origin: https://kassa-mini-kzt-app.aitupay.kz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 13:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin
last-modified: Tue, 05 Mar 2024 08:03:37 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains;
etag: W/"65e6d1d9-139f3"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=864000, public, no-transform
x-xss-protection: 1; mode=block
expires: Fri, 26 Apr 2024 13:21:15 GMT

GET
H2 200 mobx-P1AG1W0b.js Show response
kassa-mini-kzt-app.aitupay.kz/assets/ 181 KB
57 KB 366ms
364ms Script
application/javascript 188.72.127.153
SMARTCITIES-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://kassa-mini-kzt-app.aitupay.kz/assets/mobx-P1AG1W0b.js

Requested by

Host: kassa-mini-kzt-app.aitupay.kz
URL: https://kassa-mini-kzt-app.aitupay.kz/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

188.72.127.153 , Kazakhstan, ASN208356 (SMARTCITIES-AS, KZ),

Reverse DNS

Software

nginx /

Resource Hash

a66a56303a051b0a34a6684d88f43f16f0cadd8462fb5fce43cd3894e63f7a50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://kassa-mini-kzt-app.aitupay.kz/
Origin: https://kassa-mini-kzt-app.aitupay.kz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 13:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin
last-modified: Tue, 05 Mar 2024 08:03:37 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains;
etag: W/"65e6d1d9-2d216"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=864000, public, no-transform
x-xss-protection: 1; mode=block
expires: Fri, 26 Apr 2024 13:21:15 GMT

GET
H2 200 react-D_XpJD9b.js Show response
kassa-mini-kzt-app.aitupay.kz/assets/ 417 KB
121 KB 367ms
365ms Script
application/javascript 188.72.127.153
SMARTCITIES-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://kassa-mini-kzt-app.aitupay.kz/assets/react-D_XpJD9b.js

Requested by

Host: kassa-mini-kzt-app.aitupay.kz
URL: https://kassa-mini-kzt-app.aitupay.kz/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

188.72.127.153 , Kazakhstan, ASN208356 (SMARTCITIES-AS, KZ),

Reverse DNS

Software

nginx /

Resource Hash

f9cfe50f39089c2ba05e6aedceb1578b667e2c01d047cf3d042143bc96494caf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://kassa-mini-kzt-app.aitupay.kz/
Origin: https://kassa-mini-kzt-app.aitupay.kz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 13:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin
last-modified: Tue, 05 Mar 2024 08:03:37 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains;
etag: W/"65e6d1d9-68597"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=864000, public, no-transform
x-xss-protection: 1; mode=block
expires: Fri, 26 Apr 2024 13:21:15 GMT

GET
H2 200 pay-DB_VCn_p.js Show response
kassa-mini-kzt-app.aitupay.kz/assets/ 21 KB
8 KB 128ms
126ms Script
application/javascript 188.72.127.153
SMARTCITIES-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://kassa-mini-kzt-app.aitupay.kz/assets/pay-DB_VCn_p.js

Requested by

Host: kassa-mini-kzt-app.aitupay.kz
URL: https://kassa-mini-kzt-app.aitupay.kz/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

188.72.127.153 , Kazakhstan, ASN208356 (SMARTCITIES-AS, KZ),

Reverse DNS

Software

nginx /

Resource Hash

597375f1ef445da97737db0bbabe7b4ba4300fa29071d3beb2d9ffede3e66f51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://kassa-mini-kzt-app.aitupay.kz/
Origin: https://kassa-mini-kzt-app.aitupay.kz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 13:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin
last-modified: Tue, 05 Mar 2024 08:03:37 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains;
etag: W/"65e6d1d9-5326"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=864000, public, no-transform
x-xss-protection: 1; mode=block
expires: Fri, 26 Apr 2024 13:21:15 GMT

GET
H2 200 fp-CI2ljez-.js Show response
kassa-mini-kzt-app.aitupay.kz/assets/ 39 KB
11 KB 366ms
365ms Script
application/javascript 188.72.127.153
SMARTCITIES-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://kassa-mini-kzt-app.aitupay.kz/assets/fp-CI2ljez-.js

Requested by

Host: kassa-mini-kzt-app.aitupay.kz
URL: https://kassa-mini-kzt-app.aitupay.kz/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

188.72.127.153 , Kazakhstan, ASN208356 (SMARTCITIES-AS, KZ),

Reverse DNS

Software

nginx /

Resource Hash

03d7f56a1ba94fd86f1cbe49fb5e81b39052ec305dd00d14e5b8c8cbcafab987

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://kassa-mini-kzt-app.aitupay.kz/
Origin: https://kassa-mini-kzt-app.aitupay.kz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 13:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin
last-modified: Tue, 05 Mar 2024 08:03:37 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains;
etag: W/"65e6d1d9-9c7c"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=864000, public, no-transform
x-xss-protection: 1; mode=block
expires: Fri, 26 Apr 2024 13:21:15 GMT

GET
H2 200 sentry-BW0Q15dd.js Show response
kassa-mini-kzt-app.aitupay.kz/assets/ 65 KB
22 KB 366ms
365ms Script
application/javascript 188.72.127.153
SMARTCITIES-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://kassa-mini-kzt-app.aitupay.kz/assets/sentry-BW0Q15dd.js

Requested by

Host: kassa-mini-kzt-app.aitupay.kz
URL: https://kassa-mini-kzt-app.aitupay.kz/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

188.72.127.153 , Kazakhstan, ASN208356 (SMARTCITIES-AS, KZ),

Reverse DNS

Software

nginx /

Resource Hash

f23e912aab29cf0c0aac69bfb794de0a7ae17748bb878ec24b5345b9297c3333

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://kassa-mini-kzt-app.aitupay.kz/
Origin: https://kassa-mini-kzt-app.aitupay.kz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 13:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin
last-modified: Tue, 05 Mar 2024 08:03:37 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains;
etag: W/"65e6d1d9-104bb"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=864000, public, no-transform
x-xss-protection: 1; mode=block
expires: Fri, 26 Apr 2024 13:21:15 GMT

GET
H2 200 indexKazakhTelecom-DdXMvYOi.css
kassa-mini-kzt-app.aitupay.kz/assets/ 1 KB
1 KB 125ms
124ms Stylesheet
text/css 188.72.127.153
SMARTCITIES-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://kassa-mini-kzt-app.aitupay.kz/assets/indexKazakhTelecom-DdXMvYOi.css

Requested by

Host: kassa-mini-kzt-app.aitupay.kz
URL: https://kassa-mini-kzt-app.aitupay.kz/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

188.72.127.153 , Kazakhstan, ASN208356 (SMARTCITIES-AS, KZ),

Reverse DNS

Software

nginx /

Resource Hash

8c3535312cda6767c3521641c4f10cad721c6d24d2f61f08661893dd56d53d45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://kassa-mini-kzt-app.aitupay.kz/
Origin: https://kassa-mini-kzt-app.aitupay.kz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 13:21:15 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
referrer-policy: strict-origin
last-modified: Tue, 05 Mar 2024 08:03:37 GMT
server: nginx
etag: "65e6d1d9-446"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=864000, public, no-transform
accept-ranges: bytes
content-length: 1094
x-xss-protection: 1; mode=block
expires: Fri, 26 Apr 2024 13:21:15 GMT

POST
H2 200 / Show response
sentry.aitupay.kz/api/5/envelope/ 2 B
383 B 489ms
132ms Fetch
application/json 188.72.127.153
SMARTCITIES-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.aitupay.kz/api/5/envelope/?sentry_key=caf206aa7412db47a7844b1899031c78&sentry_version=7&sentry_client=sentry.javascript.react%2F7.53.1

Requested by

Host: kassa-mini-kzt-app.aitupay.kz
URL: https://kassa-mini-kzt-app.aitupay.kz/assets/sentry-BW0Q15dd.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

188.72.127.153 , Kazakhstan, ASN208356 (SMARTCITIES-AS, KZ),

Reverse DNS

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://kassa-mini-kzt-app.aitupay.kz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 16 Apr 2024 13:21:16 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
referrer-policy: strict-origin
server: nginx
vary: origin, access-control-request-method, access-control-request-headers
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
content-length: 2
x-xss-protection: 1; mode=block

OPTIONS
H2 200 /
api.amplitude.com/ 0
0 664ms
210ms Preflight 34.218.167.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.218.167.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-218-167-212.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: cross-origin-resource-policy
Access-Control-Request-Method: POST
Origin: https://kassa-mini-kzt-app.aitupay.kz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: cross-origin-resource-policy
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
date: Tue, 16 Apr 2024 13:21:17 GMT
strict-transport-security: max-age=15768000

POST
H2 200 / Show response
api.amplitude.com/ 7 B
227 B 243ms
242ms XHR
text/html 34.218.167.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: kassa-mini-kzt-app.aitupay.kz
URL: https://kassa-mini-kzt-app.aitupay.kz/assets/sentry-BW0Q15dd.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.218.167.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-218-167-212.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://kassa-mini-kzt-app.aitupay.kz/
Cross-Origin-Resource-Policy: cross-origin
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 13:21:17 GMT
strict-transport-security: max-age=15768000
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8
access-control-allow-origin: *
trace-id: Root=1-661e7b4d-355c53fd74e049b93a78fb4d
content-length: 7

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 131ms
39ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://kassa-mini-kzt-app.aitupay.kz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 15:53:06 GMT
x-content-type-options: nosniff
age: 250090
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Apr 2025 15:53:06 GMT

GET
H2 200 favicon.ico
kassa-mini-kzt-app.aitupay.kz/ 3 KB
3 KB 125ms
125ms Other
image/x-icon 188.72.127.153
SMARTCITIES-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://kassa-mini-kzt-app.aitupay.kz/favicon.ico

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

188.72.127.153 , Kazakhstan, ASN208356 (SMARTCITIES-AS, KZ),

Reverse DNS

Software

nginx /

Resource Hash

ffc65885a2121141440d345ef5927c4c2917d95b5b2913b7fa8467c95e15120b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;, max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://kassa-mini-kzt-app.aitupay.kz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 13:21:16 GMT
strict-transport-security: max-age=31536000; includeSubdomains;, max-age=31536000; includeSubdomains;
x-content-type-options: nosniff, nosniff
referrer-policy: strict-origin, strict-origin
last-modified: Tue, 05 Mar 2024 08:02:01 GMT
server: nginx
content-encoding: gzip
etag: W/"65e6d179-c4e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/x-icon
x-xss-protection: 1; mode=block, 1; mode=block

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa0ZL7SUc.woff2
fonts.gstatic.com/s/inter/v13/ 17 KB
17 KB 168ms
81ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa0ZL7SUc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eba9487840439a0fa53c9be0541c524bb84b590a7af8c86573ceb1fe19c4bda9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://kassa-mini-kzt-app.aitupay.kz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 21:56:48 GMT
x-content-type-options: nosniff
age: 314668
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17600
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:48:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Apr 2025 21:56:48 GMT

POST
H2 200 / Show response
api.amplitude.com/ 7 B
227 B 235ms
234ms XHR
text/html 34.218.167.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: kassa-mini-kzt-app.aitupay.kz
URL: https://kassa-mini-kzt-app.aitupay.kz/assets/sentry-BW0Q15dd.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.218.167.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-218-167-212.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://kassa-mini-kzt-app.aitupay.kz/
Cross-Origin-Resource-Policy: cross-origin
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 13:21:17 GMT
strict-transport-security: max-age=15768000
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8
access-control-allow-origin: *
trace-id: Root=1-661e7b4d-4f7f57a16422509b74d85a76
content-length: 7

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.aitupay.kz/	1970-01-21 04:40:09	Name: amp_7d0c31 Value: _HZKZXPdYWTnzjJXNLChpm...1hrjh38og.1hrjh38pq.5.1.6

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.amplitude.com
fonts.googleapis.com
fonts.gstatic.com
kassa-mini-kzt-app.aitupay.kz
sentry.aitupay.kz
188.72.127.153
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2003
34.218.167.212
00008d2a6bb44551ff155148e5fedbcc0fdf8d710d908581fdf04dd96dfb31ca
03d7f56a1ba94fd86f1cbe49fb5e81b39052ec305dd00d14e5b8c8cbcafab987
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
597375f1ef445da97737db0bbabe7b4ba4300fa29071d3beb2d9ffede3e66f51
751e4ef7137b5d02eee0bc54c3e3bd1fa8978390b41847568a8a2664fec360f7
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8c3535312cda6767c3521641c4f10cad721c6d24d2f61f08661893dd56d53d45
a66a56303a051b0a34a6684d88f43f16f0cadd8462fb5fce43cd3894e63f7a50
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
eba9487840439a0fa53c9be0541c524bb84b590a7af8c86573ceb1fe19c4bda9
f23e912aab29cf0c0aac69bfb794de0a7ae17748bb878ec24b5345b9297c3333
f720c7287d3b3bba7bf74a0ffff3e5bfd8ce1b16726e0051816a4f00ea208cf3
f906477b726fba808c1b5300541f5ff3a45e97632ea00b153bdf4a6fc5f2e79f
f9cfe50f39089c2ba05e6aedceb1578b667e2c01d047cf3d042143bc96494caf
ffc65885a2121141440d345ef5927c4c2917d95b5b2913b7fa8467c95e15120b

kassa-mini-kzt-app.aitupay.kz Open in urlscan Pro 188.72.127.153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

17 Requests

100 %HTTPS

50 %IPv6

4 Domains

5 Subdomains

4 IPs

3 Countries

812 kBTransfer

2768 kBSize

1 Cookies

0 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

kassa-mini-kzt-app.aitupay.kz Open in urlscan Pro
188.72.127.153 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

4
IPs

3
Countries

812 kB
Transfer

2768 kB
Size

1
Cookies

17 HTTP transactions
0 data transactions