urlscan.io logo urlscan.io
SecurityTrails logo

pay-domain.me Open in urlscan Pro
190.115.19.150  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://redirect.cash/b/ae54h
Effective URL: https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
Submission: On August 21 via api from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 6 domains to perform 32 HTTP transactions. The main IP is 190.115.19.150, located in Belize and belongs to DANCOM LTD, BZ. The main domain is pay-domain.me.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 20th 2018. Valid for: 3 months.
This is the only time pay-domain.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 190.115.19.218 262254 (DANCOM LTD)
1 1 190.115.19.178 262254 (DANCOM LTD)
22 190.115.19.150 262254 (DANCOM LTD)
8 2a00:1450:400... 15169 (GOOGLE)
1 190.115.19.162 262254 (DANCOM LTD)
1 2a00:1450:400... 15169 (GOOGLE)
32 4
1    190.115.19.218 (Belize)

ASN262254 (DANCOM LTD, BZ)
redirect.cash
1    190.115.19.178 (Belize)

ASN262254 (DANCOM LTD, BZ)
zzzzzzzz.info
22    190.115.19.150 (Belize)

ASN262254 (DANCOM LTD, BZ)
pay-domain.me
8    2a00:1450:4001:806::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.gstatic.com
fonts.gstatic.com
1    190.115.19.162 (Belize)

ASN262254 (DANCOM LTD, BZ)
e-pay.click
1    2a00:1450:400e:806::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
Domain Requested by
22 pay-domain.me pay-domain.me
7 fonts.gstatic.com pay-domain.me
1 fonts.googleapis.com pay-domain.me
1 e-pay.click pay-domain.me
1 www.gstatic.com pay-domain.me
1 zzzzzzzz.info 1 redirects
1 redirect.cash 1 redirects
32 7

This site contains links to these domains. Also see Links.

Domain
p.support-desk.ru
Subject Issuer Validity Valid
pay-domain.me
Let's Encrypt Authority X3		 2018-08-20 -
2018-11-18		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2018-08-07 -
2018-10-16		 2 months crt.sh
e-pay.click
Let's Encrypt Authority X3		 2018-08-21 -
2018-11-19		 3 months crt.sh
*.googleapis.com
Google Internet Authority G3		 2018-08-07 -
2018-10-16		 2 months crt.sh

This page contains 1 frames:

Primary Page: https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
Frame ID: 720A6B1D897C0236B13B10F5EF046667
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://redirect.cash/b/ae54h HTTP 302
    http://zzzzzzzz.info/b/ae54h?init=1 HTTP 302
    https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /firebase.*\.js/i
Overall confidence: 100%
Detected patterns
  • env /^(?:SoundManager|BaconPlayer)$/i
Overall confidence: 100%
Detected patterns
  • script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

32
Requests

100 %
HTTPS

33 %
IPv6

6
Domains

7
Subdomains

4
IPs

2
Countries

904 kB
Transfer

1368 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://redirect.cash/b/ae54h HTTP 302
    http://zzzzzzzz.info/b/ae54h?init=1 HTTP 302
    https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ae54h
pay-domain.me/b/
Redirect Chain
  • http://redirect.cash/b/ae54h
  • http://zzzzzzzz.info/b/ae54h?init=1
  • https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
68 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.19.150 , Belize, ASN262254 (DANCOM LTD, BZ),
Reverse DNS
Software
ngjit /
Resource Hash
73b8e8747ff9ee9221db0035b6fedb2032b750965aa2cedde30b3da48757a131
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
pay-domain.me
:scheme
https
:path
/b/ae54h?order_id=49335674&order_idNew=49335674
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
720A6B1D897C0236B13B10F5EF046667

Response headers

status
200
server
ngjit
set-cookie
__ddg_=87471; path=/; Expires=Wed, 01 Jan 2020 00:00:00 GMT PHPSESSID=tt7ebabm1brtjjjqmr995g84q1; path=/
date
Tue, 21 Aug 2018 22:27:40 GMT
content-type
text/html; charset=utf-8
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
strict-transport-security
max-age=15768000; includeSubdomains; preload
x-content-type-options
nosniff
content-encoding
gzip

Redirect headers

Server
ngjit
Connection
keep-alive
Keep-Alive
timeout=60
Set-Cookie
__ddg_=91313; path=/; Expires=Wed, 01 Jan 2020 00:00:00 GMT PHPSESSID=snbj4uug7l3ib8a4nj9ea7rqq1; path=/
Date
Tue, 21 Aug 2018 22:27:40 GMT
Content-Type
text/html; charset=utf-8
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Location
https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
Content-Encoding
gzip
Vary
Accept-Encoding
Transfer-Encoding
chunked
jquery-2.1.0.min.js
pay-domain.me/form/frm23/js/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay-domain.me/form/frm23/js/jquery-2.1.0.min.js
Requested by
Host: pay-domain.me
URL: https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.19.150 , Belize, ASN262254 (DANCOM LTD, BZ),
Reverse DNS
Software
ngjit /
Resource Hash
f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/form/frm23/js/jquery-2.1.0.min.js
pragma
no-cache
cookie
__ddg_=87471; PHPSESSID=tt7ebabm1brtjjjqmr995g84q1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
pay-domain.me
referer
https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
:scheme
https
:method
GET
Referer
https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 21 Aug 2018 03:00:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 21 May 2014 10:24:28 GMT
server
ngjit
age
14966
etag
W/"537c7edc-1469f"
strict-transport-security
max-age=15768000; includeSubdomains; preload
content-type
application/javascript
status
200
accept-ranges
bytes
vary
Accept-Encoding
classie.js
pay-domain.me/form/frm23/js/ 		2 KB
777 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pay-domain.me/form/frm23/js/classie.js
Requested by
Host: pay-domain.me
URL: https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.19.150 , Belize, ASN262254 (DANCOM LTD, BZ),
Reverse DNS
Software
ngjit /
Resource Hash
717ad22aa426d024f6c9942949b49d9a20f4239b94dfee34f94c96d8778f2144
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/form/frm23/js/classie.js
pragma
no-cache
cookie
__ddg_=87471; PHPSESSID=tt7ebabm1brtjjjqmr995g84q1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
pay-domain.me
referer
https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
:scheme
https
:method
GET
Referer
https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 21 Aug 2018 02:01:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 16 Mar 2015 13:47:18 GMT
server
ngjit
age
33020
etag
W/"5506dee6-72b"
strict-transport-security
max-age=15768000; includeSubdomains; preload
content-type
application/javascript
status
200
accept-ranges
bytes
vary
Accept-Encoding
style.css
pay-domain.me/form/frm23/css/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pay-domain.me/form/frm23/css/style.css
Requested by
Host: pay-domain.me
URL: https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.19.150 , Belize, ASN262254 (DANCOM LTD, BZ),
Reverse DNS
Software
ngjit /
Resource Hash
692acede3e9922b0fcf5223f21986e346bc5f06f5acb8864369ec472723e3182
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/form/frm23/css/style.css
pragma
no-cache
cookie
__ddg_=87471; PHPSESSID=tt7ebabm1brtjjjqmr995g84q1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
pay-domain.me
referer
https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
:scheme
https
:method
GET
Referer
https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 21 Aug 2018 02:17:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 18 Jan 2018 20:27:55 GMT
server
ngjit
age
14965
etag
"5a61034b-2626"
strict-transport-security
max-age=15768000; includeSubdomains; preload
content-type
text/css
status
200
firebase.js
www.gstatic.com/firebasejs/3.6.8/ 		294 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/3.6.8/firebase.js
Requested by
Host: pay-domain.me
URL: https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ca61695b1a98fdb8cbea99e37de798d43723408c4ced92b6a34725f8958d1074
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 17 Aug 2018 19:54:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 31 Jan 2017 23:21:35 GMT
server
sffe
age
354812
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
98841
x-xss-protection
1; mode=block
expires
Sat, 17 Aug 2019 19:54:08 GMT
app.js
e-pay.click/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e-pay.click/app.js
Requested by
Host: pay-domain.me
URL: https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.19.162 , Belize, ASN262254 (DANCOM LTD, BZ),
Reverse DNS
Software
ngjit /
Resource Hash
ff09db66cbf5e82d31545f2930a08435fc39209a49e7c0e8d6bc42425e76cbe7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 21 Aug 2018 22:27:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 10 Jun 2017 13:46:53 GMT
server
ngjit
age
531
etag
W/"593bf84d-9e9"
strict-transport-security
max-age=15768000; includeSubdomains; preload
content-type
application/javascript
status
200
accept-ranges
bytes
vary
Accept-Encoding
soundmanager2.js
pay-domain.me/form/audio/ 		160 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay-domain.me/form/audio/soundmanager2.js
Requested by
Host: pay-domain.me
URL: https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.19.150 , Belize, ASN262254 (DANCOM LTD, BZ),
Reverse DNS
Software
ngjit /
Resource Hash
2b755aa6f9bafb054a732eb552ed55dc66f5d945cd412b9b21528c4ebdc90089
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/form/audio/soundmanager2.js
pragma
no-cache
cookie
__ddg_=87471; PHPSESSID=tt7ebabm1brtjjjqmr995g84q1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
pay-domain.me
referer
https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
:scheme
https
:method
GET
Referer
https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 21 Aug 2018 02:01:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 10 Dec 2015 11:50:06 GMT
server
ngjit
age
33018
etag
W/"566966ee-27f84"
strict-transport-security
max-age=15768000; includeSubdomains; preload
content-type
application/javascript
status
200
accept-ranges
bytes
vary
Accept-Encoding
logo.png
pay-domain.me/form/frm23/img/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay-domain.me/form/frm23/img/logo.png
Requested by
Host: pay-domain.me
URL: https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.19.150 , Belize, ASN262254 (DANCOM LTD, BZ),
Reverse DNS
Software
ngjit /
Resource Hash
db7e076cfb3ab8c05094baeedfb937117e29ab959ce7e45916c98b01c448812a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/form/frm23/img/logo.png
pragma
no-cache
cookie
__ddg_=87471; PHPSESSID=tt7ebabm1brtjjjqmr995g84q1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
pay-domain.me
referer
https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
:scheme
https
:method
GET
Referer
https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 Aug 2018 13:57:33 GMT
x-content-type-options
nosniff
last-modified
Thu, 19 Oct 2017 08:08:52 GMT
server
ngjit
age
46665
etag
"59e85d94-4432"
strict-transport-security
max-age=15768000; includeSubdomains; preload
content-type
image/png
status
200
accept-ranges
bytes
content-length
17458
38844.jpg
pay-domain.me/i/product/crop/388/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay-domain.me/i/product/crop/388/38844.jpg
Requested by
Host: pay-domain.me
URL: https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.19.150 , Belize, ASN262254 (DANCOM LTD, BZ),
Reverse DNS
Software
ngjit /
Resource Hash
e3d90b7efb0193510d6cf40b7f3084ff445621351685032ea537b766012d4e17
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/i/product/crop/388/38844.jpg
pragma
no-cache
cookie
__ddg_=87471; PHPSESSID=tt7ebabm1brtjjjqmr995g84q1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
pay-domain.me
referer
https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
:scheme
https
:method
GET
Referer
https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 21 Aug 2018 22:27:40 GMT
x-content-type-options
nosniff
last-modified
Tue, 21 Mar 2017 07:12:43 GMT
server
ngjit
age
13647
etag
"58d0d26b-978f"
strict-transport-security
max-age=15768000; includeSubdomains; preload
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
38799
card_11.png
pay-domain.me/form/frm23/img/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay-domain.me/form/frm23/img/card_11.png
Requested by
Host: pay-domain.me
URL: https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.19.150 , Belize, ASN262254 (DANCOM LTD, BZ),
Reverse DNS
Software
ngjit /
Resource Hash
6bf154497b198fcffe6c8c70ce4723fd8e678bc4b0dd3e9ae8fe8287efdcbe5f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/form/frm23/img/card_11.png
pragma
no-cache
cookie
__ddg_=87471; PHPSESSID=tt7ebabm1brtjjjqmr995g84q1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
pay-domain.me
referer
https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
:scheme
https
:method
GET
Referer
https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 Aug 2018 13:57:35 GMT
x-content-type-options
nosniff
last-modified
Thu, 27 Apr 2017 18:44:57 GMT
server
ngjit
age
117005
etag
"59023c29-4d5a"
strict-transport-security
max-age=15768000; includeSubdomains; preload
content-type
image/png
status
200
accept-ranges
bytes
content-length
19802
card_01.png
pay-domain.me/form/frm23/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay-domain.me/form/frm23/img/card_01.png
Requested by
Host: pay-domain.me
URL: https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.19.150 , Belize, ASN262254 (DANCOM LTD, BZ),
Reverse DNS
Software
ngjit /
Resource Hash
8395f67ddcb6b794ea2fb414b54d65e58f5b6a209859e010949dfa0310bb0f7c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/form/frm23/img/card_01.png
pragma
no-cache
cookie
__ddg_=87471; PHPSESSID=tt7ebabm1brtjjjqmr995g84q1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
pay-domain.me
referer
https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
:scheme
https
:method
GET
Referer
https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 Aug 2018 13:57:34 GMT
x-content-type-options
nosniff
last-modified
Thu, 27 Apr 2017 14:30:25 GMT
server
ngjit
age
117006
etag
"59020081-e92"
strict-transport-security
max-age=15768000; includeSubdomains; preload
content-type
image/png
status
200
accept-ranges
bytes
content-length
3730
yandex.png
pay-domain.me/form/frm23/img/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay-domain.me/form/frm23/img/yandex.png
Requested by
Host: pay-domain.me
URL: https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.19.150 , Belize, ASN262254 (DANCOM LTD, BZ),
Reverse DNS
Software
ngjit /
Resource Hash
1dbc2c977e44b5dcc5c23922f47d2845a764de35b687e7b8f3963f7df179cc4a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/form/frm23/img/yandex.png
pragma
no-cache
cookie
__ddg_=87471; PHPSESSID=tt7ebabm1brtjjjqmr995g84q1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
pay-domain.me
referer
https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
:scheme
https
:method
GET
Referer
https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 21 Aug 2018 22:27:45 GMT
x-content-type-options
nosniff
last-modified
Thu, 27 Apr 2017 18:08:03 GMT
server
ngjit
age
13623
etag
"59023383-5b06"
strict-transport-security
max-age=15768000; includeSubdomains; preload
content-type
image/png
status
200
accept-ranges
bytes
content-length
23302
card_06.png
pay-domain.me/form/frm23/img/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay-domain.me/form/frm23/img/card_06.png
Requested by
Host: pay-domain.me
URL: https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.19.150 , Belize, ASN262254 (DANCOM LTD, BZ),
Reverse DNS
Software
ngjit /
Resource Hash
86a50322356eb3b8d14ffbe6573b79c2dde2c61e5d4c915cc8fc089d530448f6
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/form/frm23/img/card_06.png
pragma
no-cache
cookie
__ddg_=87471; PHPSESSID=tt7ebabm1brtjjjqmr995g84q1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
pay-domain.me
referer
https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
:scheme
https
:method
GET
Referer
https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 21 Aug 2018 22:27:44 GMT
x-content-type-options
nosniff
last-modified
Thu, 27 Apr 2017 14:35:01 GMT
server
ngjit
age
13639
etag
"59020195-2acd"
strict-transport-security
max-age=15768000; includeSubdomains; preload
content-type
image/png
status
200
accept-ranges
bytes
content-length
10957
bitcoin%20(2).png
pay-domain.me/form/frm23/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay-domain.me/form/frm23/img/bitcoin%20(2).png
Requested by
Host: pay-domain.me
URL: https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.19.150 , Belize, ASN262254 (DANCOM LTD, BZ),
Reverse DNS
Software
ngjit /
Resource Hash
1b2fb0152461fd00edc3014b738571123a96fd2cb57094606751214861440c24
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/form/frm23/img/bitcoin%20(2).png
pragma
no-cache
cookie
__ddg_=87471; PHPSESSID=tt7ebabm1brtjjjqmr995g84q1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
pay-domain.me
referer
https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
:scheme
https
:method
GET
Referer
https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 Aug 2018 14:17:52 GMT
x-content-type-options
nosniff
last-modified
Fri, 19 Jan 2018 17:50:47 GMT
server
ngjit
age
28583
etag
"5a622ff7-1d97"
strict-transport-security
max-age=15768000; includeSubdomains; preload
content-type
image/png
status
200
accept-ranges
bytes
content-length
7575
input_img_01.png
pay-domain.me/form/frm23/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay-domain.me/form/frm23/img/input_img_01.png
Requested by
Host: pay-domain.me
URL: https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.19.150 , Belize, ASN262254 (DANCOM LTD, BZ),
Reverse DNS
Software
ngjit /
Resource Hash
ee978bf551c78e7d62455f4668a7a914c9fc3e4019bc10938a2a938ee3691321
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/form/frm23/img/input_img_01.png
pragma
no-cache
cookie
__ddg_=87471; PHPSESSID=tt7ebabm1brtjjjqmr995g84q1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
pay-domain.me
referer
https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
:scheme
https
:method
GET
Referer
https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 21 Aug 2018 22:27:43 GMT
x-content-type-options
nosniff
last-modified
Thu, 27 Apr 2017 15:20:04 GMT
server
ngjit
age
13642
etag
"59020c24-55e"
strict-transport-security
max-age=15768000; includeSubdomains; preload
content-type
image/png
status
200
accept-ranges
bytes
content-length
1374
input_img_02.png
pay-domain.me/form/frm23/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay-domain.me/form/frm23/img/input_img_02.png
Requested by
Host: pay-domain.me
URL: https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.19.150 , Belize, ASN262254 (DANCOM LTD, BZ),
Reverse DNS
Software
ngjit /
Resource Hash
07561423efac53a5678cfa278d9a0713bbac44a3642e0a836cf69ec6303413af
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/form/frm23/img/input_img_02.png
pragma
no-cache
cookie
__ddg_=87471; PHPSESSID=tt7ebabm1brtjjjqmr995g84q1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
pay-domain.me
referer
https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
:scheme
https
:method
GET
Referer
https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 21 Aug 2018 22:27:40 GMT
x-content-type-options
nosniff
last-modified
Thu, 27 Apr 2017 15:20:48 GMT
server
ngjit
age
13767
etag
"59020c50-595"
strict-transport-security
max-age=15768000; includeSubdomains; preload
content-type
image/png
status
200
accept-ranges
bytes
content-length
1429
input_img_03.png
pay-domain.me/form/frm23/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay-domain.me/form/frm23/img/input_img_03.png
Requested by
Host: pay-domain.me
URL: https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.19.150 , Belize, ASN262254 (DANCOM LTD, BZ),
Reverse DNS
Software
ngjit /
Resource Hash
d0721b5cf16be93d7e62bcbce55385265f4b1c4985eea043abaf4b4727a528e2
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/form/frm23/img/input_img_03.png
pragma
no-cache
cookie
__ddg_=87471; PHPSESSID=tt7ebabm1brtjjjqmr995g84q1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
pay-domain.me
referer
https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
:scheme
https
:method
GET
Referer
https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 21 Aug 2018 22:27:41 GMT
x-content-type-options
nosniff
last-modified
Thu, 27 Apr 2017 15:21:50 GMT
server
ngjit
age
13618
etag
"59020c8e-4b4"
strict-transport-security
max-age=15768000; includeSubdomains; preload
content-type
image/png
status
200
accept-ranges
bytes
content-length
1204
jquery.fancybox.css
pay-domain.me/form/first/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pay-domain.me/form/first/css/jquery.fancybox.css
Requested by
Host: pay-domain.me
URL: https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.19.150 , Belize, ASN262254 (DANCOM LTD, BZ),
Reverse DNS
Software
ngjit /
Resource Hash
47bfc4ddf64fef67649b548097bb52a20971dec4122d64d105f3011d23a7f256
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/form/first/css/jquery.fancybox.css
pragma
no-cache
cookie
__ddg_=87471; PHPSESSID=tt7ebabm1brtjjjqmr995g84q1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
pay-domain.me
referer
https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
:scheme
https
:method
GET
Referer
https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 21 Aug 2018 22:27:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 07 Dec 2017 14:06:20 GMT
server
ngjit
age
0
etag
"5a294adc-14c5"
strict-transport-security
max-age=15768000; includeSubdomains; preload
content-type
text/css
status
200
jquery.fancybox.js
pay-domain.me/form/frm26/js/ 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay-domain.me/form/frm26/js/jquery.fancybox.js
Requested by
Host: pay-domain.me
URL: https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.19.150 , Belize, ASN262254 (DANCOM LTD, BZ),
Reverse DNS
Software
ngjit /
Resource Hash
9ad8bda85bc2fba8ce934b7aa30a3e2a8b9350abadb6aac7ecb282f78bf4294a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/form/frm26/js/jquery.fancybox.js
pragma
no-cache
cookie
__ddg_=87471; PHPSESSID=tt7ebabm1brtjjjqmr995g84q1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
pay-domain.me
referer
https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
:scheme
https
:method
GET
Referer
https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 Aug 2018 16:00:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 28 Feb 2017 04:46:20 GMT
server
ngjit
age
14964
etag
W/"58b5009c-be83"
strict-transport-security
max-age=15768000; includeSubdomains; preload
content-type
application/javascript
status
200
accept-ranges
bytes
vary
Accept-Encoding
push.js
pay-domain.me/buy/ 		0
99 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pay-domain.me/buy/push.js
Requested by
Host: pay-domain.me
URL: https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.19.150 , Belize, ASN262254 (DANCOM LTD, BZ),
Reverse DNS
Software
ngjit /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/buy/push.js
pragma
no-cache
cookie
__ddg_=87471; PHPSESSID=tt7ebabm1brtjjjqmr995g84q1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
pay-domain.me
referer
https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
:scheme
https
:method
GET
Referer
https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 21 Aug 2018 22:27:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 07 Jan 2018 09:24:05 GMT
server
ngjit
age
0
etag
W/"5a51e735-0"
strict-transport-security
max-age=15768000; includeSubdomains; preload
content-type
application/javascript
status
200
accept-ranges
bytes
vary
Accept-Encoding
css
fonts.googleapis.com/ 		5 KB
712 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Exo+2:300,400,600i,600,700&subset=cyrillic
Requested by
Host: pay-domain.me
URL: https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:400e:806::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
a1c39975b749beca681a0440680c5b6551b23d2e505a89a746bd32c915aa081d
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=3600
content-encoding
gzip
last-modified
Tue, 21 Aug 2018 22:27:40 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Tue, 21 Aug 2018 22:27:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection
1; mode=block
expires
Tue, 21 Aug 2018 22:27:40 GMT
checkout_button.png
pay-domain.me/form/frm23/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay-domain.me/form/frm23/img/checkout_button.png
Requested by
Host: pay-domain.me
URL: https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.19.150 , Belize, ASN262254 (DANCOM LTD, BZ),
Reverse DNS
Software
ngjit /
Resource Hash
09eeb1b45aa627c93c00cf11add936426ce03780a0248219f47b8ca9cdd3087c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/form/frm23/img/checkout_button.png
pragma
no-cache
cookie
__ddg_=87471; PHPSESSID=tt7ebabm1brtjjjqmr995g84q1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
pay-domain.me
referer
https://pay-domain.me/form/frm23/css/style.css
:scheme
https
:method
GET
Referer
https://pay-domain.me/form/frm23/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 Aug 2018 13:57:37 GMT
x-content-type-options
nosniff
last-modified
Thu, 27 Apr 2017 13:46:26 GMT
server
ngjit
age
64653
etag
"5901f632-623"
strict-transport-security
max-age=15768000; includeSubdomains; preload
content-type
image/png
status
200
accept-ranges
bytes
content-length
1571
7cHtv4okm5zmbtYtEzM48H0JmBUhfrE.woff2
fonts.gstatic.com/s/exo2/v4/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/exo2/v4/7cHtv4okm5zmbtYtEzM48H0JmBUhfrE.woff2
Requested by
Host: pay-domain.me
URL: https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
774753b8e44b4fd5f8c2079d6e5d561a022ae7b9b9472e22753c8866e612e9a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Exo+2:300,400,600i,600,700&subset=cyrillic
Origin
https://pay-domain.me

Response headers

date
Fri, 17 Aug 2018 15:00:41 GMT
x-content-type-options
nosniff
last-modified
Tue, 10 Oct 2017 23:05:02 GMT
server
sffe
age
372419
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
14608
x-xss-protection
1; mode=block
expires
Sat, 17 Aug 2019 15:00:41 GMT
7cHmv4okm5zmbtYoK-4W4nIp.woff2
fonts.gstatic.com/s/exo2/v4/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/exo2/v4/7cHmv4okm5zmbtYoK-4W4nIp.woff2
Requested by
Host: pay-domain.me
URL: https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
044c6cd662c6a482c1a1e1720600aedd554ce9562fe450e3694df29562317f79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Exo+2:300,400,600i,600,700&subset=cyrillic
Origin
https://pay-domain.me

Response headers

date
Tue, 21 Aug 2018 12:05:32 GMT
x-content-type-options
nosniff
last-modified
Tue, 10 Oct 2017 23:05:29 GMT
server
sffe
age
37328
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
13248
x-xss-protection
1; mode=block
expires
Wed, 21 Aug 2019 12:05:32 GMT
7cHrv4okm5zmbt73D_s_wH8DnzcjTrA.woff2
fonts.gstatic.com/s/exo2/v4/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/exo2/v4/7cHrv4okm5zmbt73D_s_wH8DnzcjTrA.woff2
Requested by
Host: pay-domain.me
URL: https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
9bd7a3a2d49a07c34b1bb83767baee22922fe793efc76cc052c196d0d7167e9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Exo+2:300,400,600i,600,700&subset=cyrillic
Origin
https://pay-domain.me

Response headers

date
Fri, 17 Aug 2018 12:21:04 GMT
x-content-type-options
nosniff
last-modified
Tue, 10 Oct 2017 23:05:14 GMT
server
sffe
age
381996
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
6956
x-xss-protection
1; mode=block
expires
Sat, 17 Aug 2019 12:21:04 GMT
7cHrv4okm5zmbt6DCfs_wH8DnzcjTrA.woff2
fonts.gstatic.com/s/exo2/v4/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/exo2/v4/7cHrv4okm5zmbt6DCfs_wH8DnzcjTrA.woff2
Requested by
Host: pay-domain.me
URL: https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
6dae86b63af2d296b7b05835fcf811dbf4a58af3e6675025f12063c669a8215f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Exo+2:300,400,600i,600,700&subset=cyrillic
Origin
https://pay-domain.me

Response headers

date
Fri, 17 Aug 2018 18:57:56 GMT
x-content-type-options
nosniff
last-modified
Tue, 10 Oct 2017 23:04:52 GMT
server
sffe
age
358184
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
6956
x-xss-protection
1; mode=block
expires
Sat, 17 Aug 2019 18:57:56 GMT
arrow.png
pay-domain.me/form/frm23/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay-domain.me/form/frm23/img/arrow.png
Requested by
Host: pay-domain.me
URL: https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.19.150 , Belize, ASN262254 (DANCOM LTD, BZ),
Reverse DNS
Software
ngjit /
Resource Hash
be72c4e6d21d16dd40b9302cfabd18f2269d6ec234a1ed5fec9c60a20cc7c6c9
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/form/frm23/img/arrow.png
pragma
no-cache
cookie
__ddg_=87471; PHPSESSID=tt7ebabm1brtjjjqmr995g84q1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
pay-domain.me
referer
https://pay-domain.me/form/frm23/css/style.css
:scheme
https
:method
GET
Referer
https://pay-domain.me/form/frm23/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 21 Aug 2018 02:01:15 GMT
x-content-type-options
nosniff
last-modified
Thu, 27 Apr 2017 14:38:55 GMT
server
ngjit
age
51015
etag
"5902027f-4ed"
strict-transport-security
max-age=15768000; includeSubdomains; preload
content-type
image/png
status
200
accept-ranges
bytes
content-length
1261
input.png
pay-domain.me/form/frm23/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay-domain.me/form/frm23/img/input.png
Requested by
Host: pay-domain.me
URL: https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.19.150 , Belize, ASN262254 (DANCOM LTD, BZ),
Reverse DNS
Software
ngjit /
Resource Hash
4f24b7cdf5bd604759dcb15568d7234073e06cb98b47805ca9ba09b7a59fff07
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/form/frm23/img/input.png
pragma
no-cache
cookie
__ddg_=87471; PHPSESSID=tt7ebabm1brtjjjqmr995g84q1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
pay-domain.me
referer
https://pay-domain.me/form/frm23/css/style.css
:scheme
https
:method
GET
Referer
https://pay-domain.me/form/frm23/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 21 Aug 2018 02:00:51 GMT
x-content-type-options
nosniff
last-modified
Thu, 27 Apr 2017 15:16:19 GMT
server
ngjit
age
51016
etag
"59020b43-48f"
strict-transport-security
max-age=15768000; includeSubdomains; preload
content-type
image/png
status
200
accept-ranges
bytes
content-length
1167
7cHmv4okm5zmbtYsK-4W4nIppT4.woff2
fonts.gstatic.com/s/exo2/v4/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/exo2/v4/7cHmv4okm5zmbtYsK-4W4nIppT4.woff2
Requested by
Host: pay-domain.me
URL: https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
d2f840e5eb4a4db62a14fce41b2c4b1567e26bdd37a6aa5963fd3f0424afdd14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Exo+2:300,400,600i,600,700&subset=cyrillic
Origin
https://pay-domain.me

Response headers

date
Fri, 17 Aug 2018 16:09:22 GMT
x-content-type-options
nosniff
last-modified
Tue, 10 Oct 2017 23:05:08 GMT
server
sffe
age
368298
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
6924
x-xss-protection
1; mode=block
expires
Sat, 17 Aug 2019 16:09:22 GMT
7cHrv4okm5zmbt73D_s7wH8Dnzcj.woff2
fonts.gstatic.com/s/exo2/v4/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/exo2/v4/7cHrv4okm5zmbt73D_s7wH8Dnzcj.woff2
Requested by
Host: pay-domain.me
URL: https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a23be90785260dcfffa0b0d13ad4c6ccc71d4426e364007ad0a59d10ae28dfd5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Exo+2:300,400,600i,600,700&subset=cyrillic
Origin
https://pay-domain.me

Response headers

date
Fri, 17 Aug 2018 14:14:41 GMT
x-content-type-options
nosniff
last-modified
Tue, 10 Oct 2017 23:05:37 GMT
server
sffe
age
375179
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
13504
x-xss-protection
1; mode=block
expires
Sat, 17 Aug 2019 14:14:41 GMT
7cHrv4okm5zmbt6DCfs7wH8Dnzcj.woff2
fonts.gstatic.com/s/exo2/v4/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/exo2/v4/7cHrv4okm5zmbt6DCfs7wH8Dnzcj.woff2
Requested by
Host: pay-domain.me
URL: https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
8808d81ee381bbed92406999cfddaf79f959a79ef0bd2451a30bf52538853499
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Exo+2:300,400,600i,600,700&subset=cyrillic
Origin
https://pay-domain.me

Response headers

date
Fri, 17 Aug 2018 18:49:22 GMT
x-content-type-options
nosniff
last-modified
Tue, 10 Oct 2017 23:04:57 GMT
server
sffe
age
358698
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
13148
x-xss-protection
1; mode=block
expires
Sat, 17 Aug 2019 18:49:22 GMT
10.mp3
pay-domain.me/form/audio/ 		493 KB
494 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://pay-domain.me/form/audio/10.mp3
Requested by
Host: pay-domain.me
URL: https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.19.150 , Belize, ASN262254 (DANCOM LTD, BZ),
Reverse DNS
Software
ngjit /
Resource Hash
8e5e1588752cfd74151e1f32fdd8ff78611759578a215e6150afdafc51558fba
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/form/audio/10.mp3
pragma
no-cache
accept-encoding
identity;q=1, *;q=0
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
chrome-proxy
frfr
accept
*/*
cache-control
no-cache
:authority
pay-domain.me
referer
https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
:scheme
https
range
bytes=0-
:method
GET
Referer
https://pay-domain.me/b/ae54h?order_id=49335674&order_idNew=49335674
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Range
bytes=0-
chrome-proxy
frfr

Response headers

date
Tue, 21 Aug 2018 22:27:46 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Dec 2015 11:50:06 GMT
server
ngjit
age
0
status
206
etag
"566966ee-7b5cd"
strict-transport-security
max-age=15768000; includeSubdomains; preload
content-type
audio/mpeg
Content-Range
bytes 0-505292/505293
set-cookie
__ddg_=53840; path=/; Expires=Wed, 01 Jan 2020 00:00:00 GMT
accept-ranges
bytes
Content-Length
505293

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| classie string| order_id object| firebase function| __extends function| __decorate function| __metadata function| __param function| __awaiter object| messaging function| send function| sendTokenToServer function| isTokenSentToServer function| setTokenSentToServer function| SoundManager object| soundManager function| rRI number| play object| someSound

0 Cookies

16 Console Messages

Source Level URL
Text
console-api info URL: https://pay-domain.me/form/audio/soundmanager2.js(Line 1293)
Message:
SoundManager 2: No Flash detected. Trying HTML5-only mode.
console-api info URL: https://pay-domain.me/form/audio/soundmanager2.js(Line 1293)
Message:
SoundManager V2.97a.20150601 (HTML5-only mode)
console-api info URL: https://pay-domain.me/form/audio/soundmanager2.js(Line 1293)
Message:
SoundManager 2 HTML5 support: mp3 = true, mp4 = true, ogg = true, opus = true, wav = true
console-api info URL: https://pay-domain.me/form/audio/soundmanager2.js(Line 1293)
Message:
SoundManager 2: Ready. ✓
console-api info URL: https://pay-domain.me/form/audio/soundmanager2.js(Line 1293)
Message:
soundManager.createSound(): sound0 (/form/audio/10.mp3)
console-api log URL: https://pay-domain.me/form/audio/soundmanager2.js(Line 1291)
Message:
sound0: Merged options:
console-api log URL: https://pay-domain.me/form/audio/soundmanager2.js(Line 1295)
Message:
sound0: load (/form/audio/10.mp3)
console-api log URL: https://pay-domain.me/form/audio/soundmanager2.js(Line 1295)
Message:
sound0: loadstart
console-api log URL: https://pay-domain.me/form/audio/soundmanager2.js(Line 1295)
Message:
sound0: stalled
console-api log URL: https://pay-domain.me/form/audio/soundmanager2.js(Line 1295)
Message:
sound0: durationchange (15503.688)
console-api log URL: https://pay-domain.me/form/audio/soundmanager2.js(Line 1295)
Message:
sound0: loadedmetadata
console-api log URL: https://pay-domain.me/form/audio/soundmanager2.js(Line 1295)
Message:
sound0: loadeddata
console-api log URL: https://pay-domain.me/form/audio/soundmanager2.js(Line 1295)
Message:
sound0: canplay
console-api info URL: https://pay-domain.me/form/audio/soundmanager2.js(Line 1293)
Message:
sound0: onload()
console-api log URL: https://pay-domain.me/form/audio/soundmanager2.js(Line 1295)
Message:
sound0: progress, 100% loaded
console-api log URL: https://pay-domain.me/form/audio/soundmanager2.js(Line 1295)
Message:
sound0: suspend

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

e-pay.click
fonts.googleapis.com
fonts.gstatic.com
pay-domain.me
redirect.cash
www.gstatic.com
zzzzzzzz.info
190.115.19.150
190.115.19.162
190.115.19.178
190.115.19.218
2a00:1450:4001:806::2003
2a00:1450:400e:806::200a
044c6cd662c6a482c1a1e1720600aedd554ce9562fe450e3694df29562317f79
07561423efac53a5678cfa278d9a0713bbac44a3642e0a836cf69ec6303413af
09eeb1b45aa627c93c00cf11add936426ce03780a0248219f47b8ca9cdd3087c
1b2fb0152461fd00edc3014b738571123a96fd2cb57094606751214861440c24
1dbc2c977e44b5dcc5c23922f47d2845a764de35b687e7b8f3963f7df179cc4a
2b755aa6f9bafb054a732eb552ed55dc66f5d945cd412b9b21528c4ebdc90089
47bfc4ddf64fef67649b548097bb52a20971dec4122d64d105f3011d23a7f256
4f24b7cdf5bd604759dcb15568d7234073e06cb98b47805ca9ba09b7a59fff07
692acede3e9922b0fcf5223f21986e346bc5f06f5acb8864369ec472723e3182
6bf154497b198fcffe6c8c70ce4723fd8e678bc4b0dd3e9ae8fe8287efdcbe5f
6dae86b63af2d296b7b05835fcf811dbf4a58af3e6675025f12063c669a8215f
717ad22aa426d024f6c9942949b49d9a20f4239b94dfee34f94c96d8778f2144
73b8e8747ff9ee9221db0035b6fedb2032b750965aa2cedde30b3da48757a131
774753b8e44b4fd5f8c2079d6e5d561a022ae7b9b9472e22753c8866e612e9a2
8395f67ddcb6b794ea2fb414b54d65e58f5b6a209859e010949dfa0310bb0f7c
86a50322356eb3b8d14ffbe6573b79c2dde2c61e5d4c915cc8fc089d530448f6
8808d81ee381bbed92406999cfddaf79f959a79ef0bd2451a30bf52538853499
8e5e1588752cfd74151e1f32fdd8ff78611759578a215e6150afdafc51558fba
9ad8bda85bc2fba8ce934b7aa30a3e2a8b9350abadb6aac7ecb282f78bf4294a
9bd7a3a2d49a07c34b1bb83767baee22922fe793efc76cc052c196d0d7167e9f
a1c39975b749beca681a0440680c5b6551b23d2e505a89a746bd32c915aa081d
a23be90785260dcfffa0b0d13ad4c6ccc71d4426e364007ad0a59d10ae28dfd5
be72c4e6d21d16dd40b9302cfabd18f2269d6ec234a1ed5fec9c60a20cc7c6c9
ca61695b1a98fdb8cbea99e37de798d43723408c4ced92b6a34725f8958d1074
d0721b5cf16be93d7e62bcbce55385265f4b1c4985eea043abaf4b4727a528e2
d2f840e5eb4a4db62a14fce41b2c4b1567e26bdd37a6aa5963fd3f0424afdd14
db7e076cfb3ab8c05094baeedfb937117e29ab959ce7e45916c98b01c448812a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d90b7efb0193510d6cf40b7f3084ff445621351685032ea537b766012d4e17
ee978bf551c78e7d62455f4668a7a914c9fc3e4019bc10938a2a938ee3691321
f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d
ff09db66cbf5e82d31545f2930a08435fc39209a49e7c0e8d6bc42425e76cbe7