www.payment.ekshop.live Open in urlscan Pro
43.204.117.186 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.payment.ekshop.live/
Submission: On February 10 via automatic, source certstream-suspicious (February 10th 2023, 6:13:31 pm UTC) — Scanned from DE

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 5 countries across 7 domains to perform 14 HTTP transactions. The main IP is 43.204.117.186, located in Mumbai, India and belongs to AMAZON-02, US. The main domain is www.payment.ekshop.live.
TLS certificate: Issued by R3 on December 12th 2022. Valid for: 3 months.

This is the only time www.payment.ekshop.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	43.204.117.186 43.204.117.186	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	103.163.72.21 103.163.72.21	138408 (NUSRATECH...) (NUSRATECHPTELTD-AS-AP Gotipath)
1	218.12.76.170 218.12.76.170	4837 (CHINA169-...) (CHINA169-BACKBONE CHINA UNICOM China169 Backbone)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
14	7

3 43.204.117.186 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-43-204-117-186.ap-south-1.compute.amazonaws.com

www.payment.ekshop.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.163.72.21 (Bangladesh)

ASN138408 (NUSRATECHPTELTD-AS-AP Gotipath, BD)

ekshop.gov.bd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 218.12.76.170 (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)

cdn.bootcss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 196	135 KB
3	ekshop.live www.payment.ekshop.live	7 MB
2	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2329	36 KB
1	gstatic.com fonts.gstatic.com	11 KB
1	bootcss.com cdn.bootcss.com — Cisco Umbrella Rank: 64256	2 KB
1	ekshop.gov.bd ekshop.gov.bd	56 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 32	946 B
14	7

	Domain	Requested by
5	cdnjs.cloudflare.com	www.payment.ekshop.live cdnjs.cloudflare.com
3	www.payment.ekshop.live	www.payment.ekshop.live
2	stackpath.bootstrapcdn.com	www.payment.ekshop.live
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn.bootcss.com	www.payment.ekshop.live
1	ekshop.gov.bd	www.payment.ekshop.live
1	fonts.googleapis.com	www.payment.ekshop.live
14	7

This site contains no links.

Subject Issuer	Validity	Valid
payment.ekshop.live R3	`2022-12-12` - `2023-03-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
ekshop.gov.bd R3	`2022-11-16` - `2023-02-14`	3 months	crt.sh
*.bootcss.com R3	`2023-01-27` - `2023-04-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.payment.ekshop.live/
Frame ID: 8D9E829AFDA4A0A9BD131A4A06A61A87
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ekShop payment

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<script [^>]*src="[^"]*/popper\.js/([0-9.]+)
/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

100 %
HTTPS

57 %
IPv6

7
Domains

7
Subdomains

7
IPs

5
Countries

7182 kB
Transfer

7501 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.payment.ekshop.live/ 18 KB
5 KB 867ms
175ms Document
text/html 43.204.117.186
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.payment.ekshop.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 43.204.117.186 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-43-204-117-186.ap-south-1.compute.amazonaws.com
Software: LiteSpeed /
Resource Hash: 762ea1eb7c178e193ec889fe3840a154ac36975808703d4e3733212fec8caa6a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 10 Feb 2023 18:13:17 GMT
server: LiteSpeed
vary: Accept-Encoding

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
946 B 100ms
30ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Oswald:wght@500&display=swap

Requested by

Host: www.payment.ekshop.live
URL: https://www.payment.ekshop.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5d25ebca6d247e36ac46d719f20216312f6a7a34833ac5cbfd96a4da7446071d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.payment.ekshop.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Feb 2023 18:13:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Feb 2023 17:20:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Feb 2023 18:13:17 GMT

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/ 138 KB
22 KB 101ms
32ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css

Requested by

Host: www.payment.ekshop.live
URL: https://www.payment.ekshop.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.payment.ekshop.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 18:13:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 601
age: 831582
cdn-cachedat: 12/11/2021 23:51:22
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: c9ba0667fd3d644c723d151f47c89433
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7976d1635ea237d1-FRA
cdn-requestpullsuccess: True

GET
H2 200 font-awesome.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 37 KB
6 KB 98ms
53ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css

Requested by

Host: www.payment.ekshop.live
URL: https://www.payment.ekshop.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.payment.ekshop.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 18:13:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3254873
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5884
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-9226"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Znxx6WvathDa%2BYO%2FHsYGQ99UAze7%2B93OhCuLVqAGAO7dR0ykFy%2FwfeqAdlwUh3HGEC2nGgai%2FhgYTtAZcEPE8XgWSdcV%2BF7iLAadoHCiQ288HwnIWh5Rwj9FxTXaU9tB%2FFvaWRMB5dW7%2FOhzHsg1dlOs"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7976d16328e22c2b-FRA
expires: Wed, 31 Jan 2024 18:13:17 GMT

GET
H2 200 toastr.min.css
www.payment.ekshop.live/css/ 7 KB
3 KB 154ms
150ms Stylesheet
text/css 43.204.117.186
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.payment.ekshop.live/css/toastr.min.css
Requested by: Host: www.payment.ekshop.live
URL: https://www.payment.ekshop.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 43.204.117.186 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-43-204-117-186.ap-south-1.compute.amazonaws.com
Software: LiteSpeed /
Resource Hash: b7d3642c509bc76b73f5220dc334c99182fab651b8f3ae0cadbcaadb86593b84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.payment.ekshop.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 18:13:17 GMT
content-encoding: br
last-modified: Wed, 19 Oct 2022 15:19:59 GMT
server: LiteSpeed
etag: "1b29-6350159f-269944;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 2646
expires: Fri, 17 Feb 2023 18:13:17 GMT

GET
H/1.1 200
OK logo.ce7612e1.png
ekshop.gov.bd/static/media/ 56 KB
56 KB 1223ms
268ms Image
image/png 103.163.72.21
NUSRATECHPTELTD-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ekshop.gov.bd/static/media/logo.ce7612e1.png
Requested by: Host: www.payment.ekshop.live
URL: https://www.payment.ekshop.live/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.163.72.21 , Bangladesh, ASN138408 (NUSRATECHPTELTD-AS-AP Gotipath, BD),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips /
Resource Hash: 6e6f633be39a8373c1f989240d65ab34b230725c6b173c8a29f363c5eddf74f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.payment.ekshop.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 18:13:19 GMT
Last-Modified: Sun, 01 Jan 2023 02:24:41 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
ETag: "e072-5f12a897f22b0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 57458

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 87 KB
28 KB 54ms
26ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: www.payment.ekshop.live
URL: https://www.payment.ekshop.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.payment.ekshop.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 18:13:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 93661
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27938
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "603e8adc-15d9d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XuK8xFOFQlzzVZzCbeJw0bUy1Jl6PboI%2BuvF9NRyjy6G2AqLXfSIiLKmbQco%2BxAwFftaiOxo%2B37AG0pH0ShuIpD1amu0TcJafnM7XuG4wjp69l75NAgzQBUgkJgscz76cSBWBaoaXiIGjWiU6EwAPdGc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7976d16328e62c2b-FRA
expires: Wed, 31 Jan 2024 18:13:17 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.1/js/ 50 KB
14 KB 85ms
35ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.1/js/bootstrap.min.js

Requested by

Host: www.payment.ekshop.live
URL: https://www.payment.ekshop.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.payment.ekshop.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 18:13:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 601
age: 831707
cdn-cachedat: 08/04/2021 06:22:15
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:05 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: d5d9fd415dbbd50110e311c4f452996d
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7976d1635ea437d1-FRA
cdn-requestpullsuccess: True

GET
H2 200 bootstrap.bundle.min.js Show response
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.0/js/ 69 KB
18 KB 59ms
32ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.0/js/bootstrap.bundle.min.js

Requested by

Host: www.payment.ekshop.live
URL: https://www.payment.ekshop.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efcad26419c1257989e551ae58bf2692e9ef872f7883df51c39ddbb2c8c74949

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.payment.ekshop.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 18:13:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2987635
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18136
last-modified: Mon, 04 May 2020 16:17:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04010-11498"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XJwdTSB2fioMbvpBBGyqgQ2ciqeC12uqCjPsSFI3jiJCNEMH4ClTBxkfPAd01Ag9TXdsVa7H0II5nObFKErT8euSmHxyQw1pvLqIJz35G0wDVv61AYz30A%2FXvlbcGHjnbcAyptKAmEE0KvbJ0cJBoqBO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7976d16328eb2c2b-FRA
expires: Wed, 31 Jan 2024 18:13:17 GMT

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/ 20 KB
7 KB 74ms
48ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js

Requested by

Host: www.payment.ekshop.live
URL: https://www.payment.ekshop.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.payment.ekshop.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 18:13:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3116915
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6451
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-4f71"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=57jUPa5Wi6OHfSpy6aoO%2FjF2KG3TKoFlh4g8qsSt%2BqVTuehxRTjFDIjGWfXAzmq0zfP%2BaAl3KnTRSuoJn9FnBp%2BI12ro%2BBfVRT7hoa3KjFuu%2BMjjYeC15s08iSDMbQh4Ttytg4YV51pgJED9vih3Hhos"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7976d16328e92c2b-FRA
expires: Wed, 31 Jan 2024 18:13:17 GMT

GET
H2 200 toastr.min.js Show response
cdn.bootcss.com/toastr.js/latest/js/ 4 KB
2 KB 3904ms
201ms Script
application/javascript 218.12.76.170
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bootcss.com/toastr.js/latest/js/toastr.min.js
Requested by: Host: www.payment.ekshop.live
URL: https://www.payment.ekshop.live/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 218.12.76.170 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: openresty /
Resource Hash: c2f590f4e7466db007f89ef513c5f3d3fdae717cac28c82ba1f8e565c4296840

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.payment.ekshop.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

ohc-file-size: 1668
x-log: X-Log
date: Fri, 10 Feb 2023 18:13:21 GMT
content-encoding: gzip
via: CHN-HEshijiazhuang-AREACUCC1-CACHE35[3],CHN-HEshijiazhuang-AREACUCC1-CACHE41[0,TCP_HIT,0],CHN-TJ-GLOBAL1-CACHE114[20],CHN-TJ-GLOBAL1-CACHE41[0,TCP_HIT,18]
x-ccdn-cachettl: 31536000
x-svr: IO
age: 22470664
x-reqid: ojwAAAAa0vuHKt0W
nginx-hit: 1
content-transfer-encoding: binary
content-disposition: inline; filename="toastr.min.js"; filename*=utf-8''toastr.min.js
nginx-vary: Accept-Encoding
content-length: 1668
ohc-cache-hit: tj4ct54 [2], hsctcache54 [4], bdix169 [4]
last-modified: Tue, 16 Feb 2016 07:51:18 GMT
server: openresty
etag: "FsSLPH9YhnAoYBfAZbp5COX44kC0.gz"
access-control-max-age: 2592000
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-Log, X-Reqid
cache-control: public, max-age=31536000
x-ccdn-expires: 9065400
accept-ranges: bytes
timing-allow-origin: *
x-hcs-proxy-type: 1

GET
H2 206 pexels-mikhail-nilov-6898023.mp4
www.payment.ekshop.live/images/ 7 MB
7 MB 151ms
151ms Media
video/mp4 43.204.117.186
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.payment.ekshop.live/images/pexels-mikhail-nilov-6898023.mp4
Requested by: Host: www.payment.ekshop.live
URL: https://www.payment.ekshop.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 43.204.117.186 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-43-204-117-186.ap-south-1.compute.amazonaws.com
Software: LiteSpeed /
Resource Hash: 59bf247778a11e6f299ba6d2abf2fe420ac4a4f4939e5b54c328c98034467ff5

Request headers

Referer: https://www.payment.ekshop.live/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 10 Feb 2023 18:13:17 GMT
last-modified: Wed, 19 Oct 2022 15:19:59 GMT
server: LiteSpeed
etag: "6c44cf-6350159f-26994c;;;"
content-type: video/mp4
Content-Range: bytes 0-7095502/7095503
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
Content-Length: 7095503

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs18NvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v49/ 10 KB
11 KB 72ms
21ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs18NvsUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oswald:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f8cb94dc31befeebeb9b93a9ab4194e8b839edd9985d973b23514f7a6c52a0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.payment.ekshop.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 09:26:14 GMT
x-content-type-options: nosniff
age: 550024
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10260
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:12:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Feb 2024 09:26:14 GMT

GET
H3 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 56ms
32ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
Origin: https://www.payment.ekshop.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 18:13:18 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 86764
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kDjwLUyd95tYMAbzPwgx%2BTRQK4n8q%2FLSa26KbR2NmCPENfE5vfGeN3hO4De82tE1pm8QYmxQeicT4b3zMkf4yg8aVnqX6IsPMuhRDViZ7pXYbuFX6tsvHZnKZ2NWdD35z%2BPtRasFly4yDmdcaCTtHc0w"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7976d1641c6d3821-FRA
expires: Wed, 31 Jan 2024 18:13:18 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.payment.ekshop.live/	1970-01-20 09:34:19	Name: XSRF-TOKEN Value: eyJpdiI6InVWYklINnVzNXNRQmFneFFTUHV6OEE9PSIsInZhbHVlIjoiSlVFQnFjcUI4ZmpxRFRzNGtHVEVQdUZlQ0NQeXFEQjROb2M2ejNadmgxQmhLSldRL2twZzBYVS9PQ2xuQXRrNFF6dVhKNndMaU5PUnFWdzlKbndwOWxwNDA5UXNKUEt4WFFKM3kvWWJORk1aTHRPcWRPN0dDNVlZMXJwWTZ5NjMiLCJtYWMiOiI4ZDRiMGYzNDU3ZjFmZWY1NzdmNWJlNTNhNWRkYWFiZDljYjc5ZWM0YTllOWNiMTdlYTY1ZDAwYTIzNWNmOWM0IiwidGFnIjoiIn0%3D
			www.payment.ekshop.live/	1970-01-20 09:34:19	Name: laravel_session Value: eyJpdiI6Iit1TU5NVENuQnhtL1o5aUVTS29zdnc9PSIsInZhbHVlIjoiL2tRVHBDcGI3a0g2UnNoSTBxbVRUcHQ2UjZwWkVOdE0rdW0zRnhuZzN1UjdxNGJJUlp2TVpvYlJOOFBWazl4RnhwYU8zbUJBU0x3Q0ZjMEczN0NIbk9XK0t2RDJObVlMY3IycjhsWEFhVGNUbXo3SWtoVklZamVXOVphcVhsd1giLCJtYWMiOiI1ZGY0YjgwZDU1MDBkYzg2MzBmYzVjZTRkMDFkYTZiN2VjOTY3ZGIwMjAzNWJmNzQ3MWQzZTgxY2FkNDg4ZDg1IiwidGFnIjoiIn0%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.bootcss.com
cdnjs.cloudflare.com
ekshop.gov.bd
fonts.googleapis.com
fonts.gstatic.com
stackpath.bootstrapcdn.com
www.payment.ekshop.live
103.163.72.21
218.12.76.170
2606:4700::6811:180e
2606:4700::6812:acf
2a00:1450:4001:810::2003
2a00:1450:4001:830::200a
43.204.117.186
1f8cb94dc31befeebeb9b93a9ab4194e8b839edd9985d973b23514f7a6c52a0c
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
59bf247778a11e6f299ba6d2abf2fe420ac4a4f4939e5b54c328c98034467ff5
5d25ebca6d247e36ac46d719f20216312f6a7a34833ac5cbfd96a4da7446071d
6e6f633be39a8373c1f989240d65ab34b230725c6b173c8a29f363c5eddf74f2
762ea1eb7c178e193ec889fe3840a154ac36975808703d4e3733212fec8caa6a
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
b7d3642c509bc76b73f5220dc334c99182fab651b8f3ae0cadbcaadb86593b84
c2f590f4e7466db007f89ef513c5f3d3fdae717cac28c82ba1f8e565c4296840
c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
efcad26419c1257989e551ae58bf2692e9ef872f7883df51c39ddbb2c8c74949
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.payment.ekshop.live Open in urlscan Pro 43.204.117.186 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

57 %IPv6

7 Domains

7 Subdomains

7 IPs

5 Countries

7182 kBTransfer

7501 kBSize

2 Cookies

0 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

2 Cookies

Indicators

www.payment.ekshop.live Open in urlscan Pro
43.204.117.186 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

57 %
IPv6

7
Domains

7
Subdomains

7
IPs

5
Countries

7182 kB
Transfer

7501 kB
Size

2
Cookies

14 HTTP transactions
0 data transactions