urlscan.io logo urlscan.io
SecurityTrails logo

todaypaysgate.com Open in urlscan Pro
172.67.152.9  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://u15247554.ct.sendgrid.net/ls/click?upn=HPuRLkmGmlft3P9jEzG30qR7TqgDc2m9c7Kgw9vINKL85hXdQ5RMwdH-2FnxXZX-2BwoFAe-2F7xzlvW70Y...
Effective URL: https://todaypaysgate.com/?gra=f1a680f0&transaction_id=6501782d553f660349ba5ffa&info1=584_166215&fb=&firstname=&lastname=&...
Submission: On September 13 via manual from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 8 domains to perform 7 HTTP transactions. The main IP is 172.67.152.9, located in and belongs to . The main domain is todaypaysgate.com.
TLS certificate: Issued by E1 on August 11th 2023. Valid for: 3 months.
This is the only time todaypaysgate.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.115.121 11377 (SENDGRID)
1 5.23.51.195 9123 (TIMEWEB-AS)
1 1 162.214.194.204 ()
1 1 45.141.159.22 ()
1 1 35.241.7.124 ()
1 172.67.152.9 ()
7 3
1    167.89.115.121 (Herndon, United States)

ASN11377 (SENDGRID, US)
PTR: o16789115x121.outbound-mail.sendgrid.net
u15247554.ct.sendgrid.net
1    5.23.51.195 (St Petersburg, Russian Federation)

ASN9123 (TIMEWEB-AS, RU)
PTR: vh354.timeweb.ru
kaliningrad-ekskursii.ru
1    162.214.194.204 (None, )

ASN- ()
livusinc.com.br
1    45.141.159.22 (None, )

ASN- ()
track.emldmonly.com
1    35.241.7.124 (None, )

ASN- ()
trk.back-trak.com
1    172.67.152.9 (None, )

ASN- ()
todaypaysgate.com
Domain Requested by
1 todaypaysgate.com todaypaysgate.com
1 trk.back-trak.com 1 redirects
1 track.emldmonly.com 1 redirects
1 livusinc.com.br 1 redirects
1 kaliningrad-ekskursii.ru
1 u15247554.ct.sendgrid.net 1 redirects
0 pushworld2.xyz Failed todaypaysgate.com
0 ajax.googleapis.com Failed todaypaysgate.com
7 8

This site contains no links.

Subject Issuer Validity Valid
kaliningrad-ekskursii.ru
R3		 2023-07-11 -
2023-10-09		 3 months crt.sh
todaypaysgate.com
E1		 2023-08-11 -
2023-11-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://todaypaysgate.com/?gra=f1a680f0&transaction_id=6501782d553f660349ba5ffa&info1=584_166215&fb=&firstname=&lastname=&address=&postcode=&city=&email=&telephone=&event=sale
Frame ID: EA911700BD524077F806BC20A409F65B
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://u15247554.ct.sendgrid.net/ls/click?upn=HPuRLkmGmlft3P9jEzG30qR7TqgDc2m9c7Kgw9vINKL85hXdQ5RMwdH-2FnxXZX... HTTP 302
    https://kaliningrad-ekskursii.ru/fre.html Page URL
  2. https://livusinc.com.br/Demo/ HTTP 302
    http://track.emldmonly.com/?a=166215&c=346715&co=215770&mt=3 HTTP 302
    https://trk.back-trak.com/t/NTg0XzQ1MTI/?p1=e491b4224cb64ec29e853ce0074a57ac21abe&source=166215&p3= HTTP 302
    https://todaypaysgate.com/?gra=f1a680f0&transaction_id=6501782d553f660349ba5ffa&info1=584_166215&fb=&f... Page URL

Page Statistics

7
Requests

29 %
HTTPS

0 %
IPv6

8
Domains

8
Subdomains

3
IPs

2
Countries

0 kB
Transfer

9 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://u15247554.ct.sendgrid.net/ls/click?upn=HPuRLkmGmlft3P9jEzG30qR7TqgDc2m9c7Kgw9vINKL85hXdQ5RMwdH-2FnxXZX-2BwoFAe-2F7xzlvW70Yx-2BePxphwA-3D-3DUC3x_L83k1N5f3b01Eif3-2Fat0CfFa8cmywHMZRUWdefKfi9lhOdiJ6DVtRER1FTkH5NJj62nkleBQCZyy1Jah7EWoKUGSpLycoYVmcsp3zhRIdXWqllQ7OZxpc7MIbAYxRe7bdsML7cyJTW4nNW-2BJNkn0s2OUAR0E-2FBKoLsTqYXTlAYSUp9k97WSfo3lzYX2v6zBnX3aft-2BJjVZ2BkoDQuNBkyg-3D-3D HTTP 302
    https://kaliningrad-ekskursii.ru/fre.html Page URL
  2. https://livusinc.com.br/Demo/ HTTP 302
    http://track.emldmonly.com/?a=166215&c=346715&co=215770&mt=3 HTTP 302
    https://trk.back-trak.com/t/NTg0XzQ1MTI/?p1=e491b4224cb64ec29e853ce0074a57ac21abe&source=166215&p3= HTTP 302
    https://todaypaysgate.com/?gra=f1a680f0&transaction_id=6501782d553f660349ba5ffa&info1=584_166215&fb=&firstname=&lastname=&address=&postcode=&city=&email=&telephone=&event=sale Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://u15247554.ct.sendgrid.net/ls/click?upn=HPuRLkmGmlft3P9jEzG30qR7TqgDc2m9c7Kgw9vINKL85hXdQ5RMwdH-2FnxXZX-2BwoFAe-2F7xzlvW70Yx-2BePxphwA-3D-3DUC3x_L83k1N5f3b01Eif3-2Fat0CfFa8cmywHMZRUWdefKfi9lhOdiJ6DVtRER1FTkH5NJj62nkleBQCZyy1Jah7EWoKUGSpLycoYVmcsp3zhRIdXWqllQ7OZxpc7MIbAYxRe7bdsML7cyJTW4nNW-2BJNkn0s2OUAR0E-2FBKoLsTqYXTlAYSUp9k97WSfo3lzYX2v6zBnX3aft-2BJjVZ2BkoDQuNBkyg-3D-3D HTTP 302
  • https://kaliningrad-ekskursii.ru/fre.html

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
fre.html
kaliningrad-ekskursii.ru/
Redirect Chain
  • https://u15247554.ct.sendgrid.net/ls/click?upn=HPuRLkmGmlft3P9jEzG30qR7TqgDc2m9c7Kgw9vINKL85hXdQ5RMwdH-2FnxXZX-2BwoFAe-2F7xzlvW70Yx-2BePxphwA-3D-3DUC3x_L83k1N5f3b01Eif3-2Fat0CfFa8cmywHMZRUWdefKfi9l...
  • https://kaliningrad-ekskursii.ru/fre.html
78 B
227 B 		Document
General
Check archive.org
Download Go to
Full URL
https://kaliningrad-ekskursii.ru/fre.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.23.51.195 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
vh354.timeweb.ru
Software
nginx/1.22.1 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

accept-ranges
bytes
content-length
78
content-type
text/html; charset=utf-8
date
Wed, 13 Sep 2023 08:51:47 GMT
etag
"4e-60539560978c0"
last-modified
Wed, 13 Sep 2023 08:27:55 GMT
server
nginx/1.22.1

Redirect headers

Connection
keep-alive
Content-Length
64
Content-Type
text/html; charset=utf-8
Date
Wed, 13 Sep 2023 08:51:40 GMT
Location
https://kaliningrad-ekskursii.ru/fre.html
Server
nginx
X-Robots-Tag
noindex, nofollow
Primary Request /
todaypaysgate.com/
Redirect Chain
  • https://livusinc.com.br/Demo/
  • http://track.emldmonly.com/?a=166215&c=346715&co=215770&mt=3
  • https://trk.back-trak.com/t/NTg0XzQ1MTI/?p1=e491b4224cb64ec29e853ce0074a57ac21abe&source=166215&p3=
  • https://todaypaysgate.com/?gra=f1a680f0&transaction_id=6501782d553f660349ba5ffa&info1=584_166215&fb=&firstname=&lastname=&address=&postcode=&city=&email=&telephone=&event=sale
9 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://todaypaysgate.com/?gra=f1a680f0&transaction_id=6501782d553f660349ba5ffa&info1=584_166215&fb=&firstname=&lastname=&address=&postcode=&city=&email=&telephone=&event=sale
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.152.9 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://kaliningrad-ekskursii.ru/fre.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
805f26c1ab3ebaa3-MXP
content-encoding
br
content-type
text/html;charset=UTF-8
date
Wed, 13 Sep 2023 08:51:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dun9E3FSK4p15mgqkeiUvvmhDa4quU54qf%2BznCW3o1CBqn9WI6X%2Fi94cfbSx%2BMnh9I4jC2yVcEdianFI6rSoAsMIVloEm58AoRjs00GOIPLsVv3nLmuEsVybAMaKjjOR5lWIqg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Model
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 13 Sep 2023 08:51:57 GMT
location
https://todaypaysgate.com/?gra=f1a680f0&transaction_id=6501782d553f660349ba5ffa&info1=584_166215&fb=&firstname=&lastname=&address=&postcode=&city=&email=&telephone=&event=sale
server
nginx
via
1.1 google
x-rt
0
payment.css
todaypaysgate.com/css/ 		0
0
cc_blank.css
todaypaysgate.com/css/ 		0
0
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ 		0
0
ace-push.js
pushworld2.xyz/ 		0
0
paycards.png
todaypaysgate.com/images/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
todaypaysgate.com
URL
https://todaypaysgate.com/css/payment.css
Domain
todaypaysgate.com
URL
https://todaypaysgate.com/css/cc_blank.css
Domain
ajax.googleapis.com
URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
Domain
pushworld2.xyz
URL
https://pushworld2.xyz/ace-push.js
Domain
todaypaysgate.com
URL
https://todaypaysgate.com/images/paycards.png

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
kaliningrad-ekskursii.ru
livusinc.com.br
pushworld2.xyz
todaypaysgate.com
track.emldmonly.com
trk.back-trak.com
u15247554.ct.sendgrid.net
ajax.googleapis.com
pushworld2.xyz
todaypaysgate.com
162.214.194.204
167.89.115.121
172.67.152.9
35.241.7.124
45.141.159.22
5.23.51.195