urlscan.io logo urlscan.io
SecurityTrails logo

secure.payu.in Open in urlscan Pro
15.197.187.164  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://paymnt.ml/pay?7000=XYp
Effective URL: https://secure.payu.in/pay
Submission: On April 29 via manual from IN — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 4 domains to perform 12 HTTP transactions. The main IP is 15.197.187.164, located in United States and belongs to AMAZON-02, US. The main domain is secure.payu.in. The Cisco Umbrella rank of the primary domain is 627245.
TLS certificate: Issued by GeoTrust EV RSA CA 2018 on December 5th 2022. Valid for: a year.
This is the only time secure.payu.in was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 75.2.84.82 16509 (AMAZON-02)
1 3.33.219.3 16509 (AMAZON-02)
1 15.197.187.164 16509 (AMAZON-02)
1 65.9.95.87 16509 (AMAZON-02)
12 6
8    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
paymnt.ml
1    75.2.84.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: ac1d89ac9d1fb8f3d.awsglobalaccelerator.com
aps1.fptls.com
1    3.33.219.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: a42e3a3bc5d7c0f11.awsglobalaccelerator.com
ap.api.fpjs.io
1    15.197.187.164 (United States)

ASN16509 (AMAZON-02, US)
PTR: aba4b8ad73c35f2a7.awsglobalaccelerator.com
secure.payu.in
1    65.9.95.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-87.prg50.r.cloudfront.net
newstatic.payu.in
Apex Domain
Subdomains		 Transfer
8 paymnt.ml
paymnt.ml
177 KB
2 payu.in
secure.payu.in — Cisco Umbrella Rank: 627245
newstatic.payu.in
payu.in Failed
7 KB
1 fpjs.io
ap.api.fpjs.io
894 B
1 fptls.com
aps1.fptls.com
335 B
12 4
Domain Requested by
8 paymnt.ml 1 redirects paymnt.ml
1 newstatic.payu.in secure.payu.in
1 secure.payu.in paymnt.ml
1 ap.api.fpjs.io paymnt.ml
1 aps1.fptls.com paymnt.ml
0 payu.in Failed secure.payu.in
12 6

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-08 -
2023-06-07		 a year crt.sh
aps1.fptls.com
R3		 2023-04-27 -
2023-07-26		 3 months crt.sh
ap.api.fpjs.io
Amazon RSA 2048 M01		 2023-02-07 -
2023-12-15		 10 months crt.sh
secure.payu.in
GeoTrust EV RSA CA 2018		 2022-12-05 -
2024-01-05		 a year crt.sh
*.payu.in
GeoTrust RSA CA 2018		 2022-11-29 -
2023-12-30		 a year crt.sh

This page contains 2 frames:

Primary Page: https://secure.payu.in/pay
Frame ID: 2127CBEC1029A3E62959FC965B8A908C
Requests: 10 HTTP requests in this frame

Frame: https://paymnt.ml/cdn-cgi/challenge-platform/h/g/scripts/jsd/b5e45436/invisible.js
Frame ID: 91CE1B77F7AC2C4219E9F70018D592E1
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Transaction Error

Page URL History Show full URLs

  1. https://paymnt.ml/pay?7000=XYp Page URL
  2. https://secure.payu.in/pay Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

83 %
HTTPS

20 %
IPv6

4
Domains

6
Subdomains

6
IPs

1
Countries

185 kB
Transfer

659 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://paymnt.ml/pay?7000=XYp Page URL
  2. https://secure.payu.in/pay Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://paymnt.ml/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
  • https://paymnt.ml/cdn-cgi/challenge-platform/h/g/scripts/jsd/b5e45436/invisible.js
Request Chain 11
  • https://secure.payu.in/js/libs/jquery-custom.min.js HTTP 302
  • https://www.payu.in/error HTTP 301
  • https://payu.in/error

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
pay
paymnt.ml/ 		72 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://paymnt.ml/pay?7000=XYp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a0822e973bd7fc17a1e096b26fbf8d91e0476fb79a77302eded1641f74efa37
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, max-age=0, no-cache
cf-cache-status
DYNAMIC
cf-ray
7bf5f456c9f0426c-AMS
content-encoding
br
content-security-policy
frame-ancestors 'self';
content-type
text/html; charset=UTF-8
date
Sat, 29 Apr 2023 07:50:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xvFX%2BE%2FejH2wSJMDfDL8rJ0lSWuT%2FE1XH3YHqvWzvQAxK84mD5VeA93YfKM56rnAo64a%2B1QS6jQeqM%2FD8483EOpJJo4fnEjGXTeBxhzntRAmviLfqlAtVp9dCriPe8nlUGk89QUq5VE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
Jquery-3.js
paymnt.ml/assets/js/custom/ 		296 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paymnt.ml/assets/js/custom/Jquery-3.js
Requested by
Host: paymnt.ml
URL: https://paymnt.ml/pay?7000=XYp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd37072cbc414ee739aa9b462336e42c94c6a0bbe9e5850b8934e6606744543d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://paymnt.ml/pay?7000=XYp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 07:50:31 GMT
content-security-policy
frame-ancestors 'self';
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0; includeSubDomains
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 06 Apr 2023 08:23:01 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jSB1sV%2BLL9uXdZxz40%2FDbPhrqrjjCMzGgVmr%2BSzGRSMTfhUQ8G7yyjgyBmq9mO56uuftehaoHBAPwlgBX6wgKOuJM3ZRcKECCiGFdEmMTnvebBXbLjYNyJpabvRJIdErK9nCjAv72Jg%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
7bf5f4596b3f426c-AMS
print.js
paymnt.ml/assets/js/custom/ 		251 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paymnt.ml/assets/js/custom/print.js
Requested by
Host: paymnt.ml
URL: https://paymnt.ml/pay?7000=XYp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0d21c467fafaecbd18b81fd805409fdd44a0b435cd20ea8ae651ba0a55ed1f3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://paymnt.ml/pay?7000=XYp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 07:50:32 GMT
content-security-policy
frame-ancestors 'self';
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0; includeSubDomains
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 25 Apr 2023 12:22:49 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZIKiJ7LXGhInWLN2lzDK%2BKGt9AbqohVhUuTAq5wy3R2r03Je%2FSBVxpxqGwG23L55mfnqu7UNfn6JAo8yc79eOIN153sHCpa8AlSw54jdwKtfoJX5H6XAQQfinZSpiqRRF%2BWtP44nS5Y%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
7bf5f4596b3e426c-AMS
truncated
/ 		155 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7808605ddd1f0eaa454aa444293d2f0260943e51e53838fca46506e6a69fe521

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
/
aps1.fptls.com/ 		208 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aps1.fptls.com/
Requested by
Host: paymnt.ml
URL: https://paymnt.ml/assets/js/custom/print.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
75.2.84.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ac1d89ac9d1fb8f3d.awsglobalaccelerator.com
Software
/
Resource Hash
40d71fe99993807619a79596aa5fecd053184a50f281a890b738ae29aceaa970
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://paymnt.ml/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=63072000; includeSubDomains
cache-control
max-age=2592000, immutable, private
date
Sat, 29 Apr 2023 07:50:32 GMT
content-length
208
content-type
text/plain; charset=utf-8
invisible.js
paymnt.ml/cdn-cgi/challenge-platform/h/g/scripts/jsd/b5e45436/ Frame 91CE
Redirect Chain
  • https://paymnt.ml/cdn-cgi/challenge-platform/scripts/invisible.js
  • https://paymnt.ml/cdn-cgi/challenge-platform/h/g/scripts/jsd/b5e45436/invisible.js
26 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paymnt.ml/cdn-cgi/challenge-platform/h/g/scripts/jsd/b5e45436/invisible.js
Protocol
H3
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1039c8235afc15e4438b7e9cf74cb0b68a776977b1e5c139b1406b03d1fbbf0e
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 07:50:32 GMT
strict-transport-security
max-age=0; includeSubDomains
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BLIdGZHx%2FmGX3C2G%2Fey%2FW7i0LXBO3OFVr8sed0JpbpXQyj5SwuuwK2vwP0Xvp1Ea2Cug4K5SOIyd0JIWxmE9yKDrUBluBYyd5JUG0sz3VrD8D%2FS9P2XLkudLR%2B2pn1AiX0772d777Nw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7bf5f4633efbb909-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Sat, 29 Apr 2023 07:50:32 GMT
strict-transport-security
max-age=0; includeSubDomains
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LMastJKf1dbcb1F1kj4AMLsY9PKKQvyA3zeNTs10HZ0ICIRd7huzuOfSBMcYGN4raz0iHexvMMjm5m2HWG1Eauja4VMuZvgTwbFkGV%2FbIcNA2BYhWHxDPcTLStEitFaNl0iveTdoHR8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/b5e45436/invisible.js
cache-control
max-age=300, public
cf-ray
7bf5f462fed1b909-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pica.js
paymnt.ml/cdn-cgi/challenge-platform/h/g/scripts/ Frame 91CE 		6 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://paymnt.ml/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a07773d0d74cb2160cd148d92f608ae1af222d9229c21a239be9e32718c2830
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 07:50:32 GMT
strict-transport-security
max-age=0; includeSubDomains
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YgnoIZ4a4%2BkRGfrmwD3kvXFnbOktJlRmjs2TCD%2FziwQvLvtcxgmlcIslCpAxc94gQtEZSGurK9Jv3lPSgtZLD0TRuditbEBlaL7JOfBvnXexONTTvnL5dMGPEOxu5cuOhfAchZQucz8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7bf5f463dfbbb909-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
7bf5f456c9f0426c
paymnt.ml/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 91CE 		2 B
653 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://paymnt.ml/cdn-cgi/challenge-platform/h/g/cv/result/7bf5f456c9f0426c
Requested by
Host: paymnt.ml
URL: https://paymnt.ml/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 29 Apr 2023 07:50:32 GMT
strict-transport-security
max-age=0; includeSubDomains
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7GC6Xwo4dKttzXmYRrjyOv%2F4AJ3La4X3ua6FlbZz1%2Fn2MnvjDBY8TLKTPkDCBVm0IXIcATGNjP%2BwukgEisIYL2ZrpXNPFDAgTIlIKG7BPpuieh4WdjxSSRPUw2vxRx73l7ijnYqnkbo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7bf5f46559c5b909-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
ap.api.fpjs.io/ 		404 B
894 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.api.fpjs.io/?ci=js/3.8.11
Requested by
Host: paymnt.ml
URL: https://paymnt.ml/assets/js/custom/print.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.33.219.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a42e3a3bc5d7c0f11.awsglobalaccelerator.com
Software
nginx/1.22.1 /
Resource Hash
9a412d1ff822e741b688280b48f9bf7b7af7b63f175c0d34c6aa6aba12697d01
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://paymnt.ml/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 29 Apr 2023 07:50:33 GMT
content-security-policy
default-src 'none'; frame-ancestors 'none'
referrer-policy
no-referrer
strict-transport-security
max-age=63072000
server
nginx/1.22.1
x-content-type-options
nosniff
vary
Origin
x-frame-options
DENY
content-type
text/plain
access-control-allow-origin
https://paymnt.ml
access-control-expose-headers
Retry-After
access-control-allow-credentials
true
content-length
404
data
paymnt.ml/request/ 		0
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://paymnt.ml/request/data
Requested by
Host: paymnt.ml
URL: https://paymnt.ml/assets/js/custom/Jquery-3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://paymnt.ml/pay?7000=XYp
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 29 Apr 2023 07:50:33 GMT
content-security-policy
frame-ancestors 'self';
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains
content-encoding
br
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8VX9dTykSfb1aD9nlTWwHucv%2FoZP3LctJoqoQ3UNHMDxnnbbRlV0w6cpdKC6Q%2Fe685Tyy9gUMCiEQJF0Na%2FjAASY40cSU0gfcKRTDr8f4yxUVvB2E6aWhJFfck0oc4NZAEpWhC0QCEY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-store, max-age=0, no-cache
cf-ray
7bf5f46a1f32b909-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Primary Request pay
secure.payu.in/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.payu.in/pay
Requested by
Host: paymnt.ml
URL: https://paymnt.ml/pay?7000=XYp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.187.164 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aba4b8ad73c35f2a7.awsglobalaccelerator.com
Software
Apache /
Resource Hash
bd54e1820df0d934b8e3fd7d11b1d1553eb05d76ead7811b060e69a4181b92f4
Security Headers
Name Value
Content-Security-Policy object-src 'none'; img-src https: data: *.payubiz.in *.payu.in *.google.com www.googletagmanager.com www.google-analytics.com googleads.g.doubleclick.net www.googleadservices.com *.payumoney.com www.premiermiles.co.in www.goibibo.com secure.skype.com *.facebook.com
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin allow-from https://www.payumoney.com; https://www.goibibobusiness.com; https://www.premiermiles.co.in; https://goibibo.com; https://secure.skype.com; https://www.facebook.com; https://api.payu.in
X-Xss-Protection 1; mode=block

Request headers

Referer
https://paymnt.ml/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-origin
https://api.payu.in
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
1001
content-security-policy
object-src 'none'; img-src https: data: *.payubiz.in *.payu.in *.google.com www.googletagmanager.com www.google-analytics.com googleads.g.doubleclick.net www.googleadservices.com *.payumoney.com www.premiermiles.co.in www.goibibo.com secure.skype.com *.facebook.com
content-type
text/html; charset=UTF-8
date
Sat, 29 Apr 2023 07:50:34 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000;includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
sameorigin allow-from https://www.payumoney.com; https://www.goibibobusiness.com; https://www.premiermiles.co.in; https://goibibo.com; https://secure.skype.com; https://www.facebook.com; https://api.payu.in
x-xss-protection
1; mode=block
payu_logo.png
newstatic.payu.in/web/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newstatic.payu.in/web/images/payu_logo.png
Requested by
Host: secure.payu.in
URL: https://secure.payu.in/pay
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-87.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7d358da5af4381cead67f62c9508f1dbc0c00eb4a50ad655c99006ca3b80f1f9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://secure.payu.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 04:50:10 GMT
x-amz-version-id
GrcV353uoyG1MY15FNG.rNb9429_.XWi
via
1.1 0c8bf5614b4bcc3e76982cb7ff9a7662.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
10825
x-amz-server-side-encryption
aws:kms
x-cache
Hit from cloudfront
content-length
4537
last-modified
Fri, 14 Apr 2023 08:11:01 GMT
server
AmazonS3
x-amz-server-side-encryption-aws-kms-key-id
arn:aws:kms:ap-south-1:531341628109:key/a4e3b780-4d29-488c-83e8-eb19c512ee6b
etag
"40c931087753666eaa2cdc090483e955"
vary
Origin
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
jJi-lFxx0thSzbClD0VJvWvXTaaRJSwfWU-kaP1_KaMLl41jOwoVKA==
x-amz-server-side-encryption-bucket-key-enabled
true
error
payu.in/
Redirect Chain
  • https://secure.payu.in/js/libs/jquery-custom.min.js
  • https://www.payu.in/error
  • https://payu.in/error
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
payu.in
URL
https://payu.in/error

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

4 Cookies

Domain/Path Name / Value
.paymnt.ml/ Name: __cf_bm
Value: _KSdhoCcfJSFupdsuP7_xnOxQL6hjlJ1K7afnAvwc1o-1682754632-0-AXrBrRDsFKYg9nI+9V7TBg9rJL3x1912Nbugp2aZzRWRsXSO4A3u9f6tk2fdk9NAv7vUt8X6zdo9mDiPKl+W6g26Tv5AHBSdnLM83jasP56S
.fpjs.io/ Name: _iidt
Value: TPxHk8QGbkb/gW9XRdqmbS2Ct/52Con3hLmbC8fiUq7EKpYIpHIGXTpZFKfCWenMkkw6RSlGfvyu4g==
.paymnt.ml/ Name: _vid_t
Value: PyqR/tPmT/MNhas2P8PWhl6tcCWoBK937tK4p14wYR1NuoYcDfXeX6LM1vA8f9+iLI5wOdyC95sYlg==
.payu.in/ Name: PHPSESSID
Value: shpga93t8bfl361tqbfufatade

1 Console Messages

Source Level URL
Text
network error URL: https://payu.in/error
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN