urlscan.io logo urlscan.io
SecurityTrails logo

pubg-uc.top Open in urlscan Pro
2606:4700:3033::6815:1282  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://businessrupay.su/olb/qliyv7udmpn4p2l/mrandapay/?order_id=52196656&action=initPay
Effective URL: https://pubg-uc.top/ru/successful-payment/?id=146773&u=
Submission: On March 10 via manual from RU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 8 domains to perform 18 HTTP transactions. The main IP is 2606:4700:3033::6815:1282, located in United States and belongs to CLOUDFLARENET, US. The main domain is pubg-uc.top.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 16th 2021. Valid for: a year.
This is the only time pubg-uc.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 7 2606:4700:303... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
3 7 2a02:6b8::1:119 208722 (YNDX)
6 2606:4700::68... 13335 (CLOUDFLAR...)
18 6
1    2606:4700:3035::6815:294f (United States)

ASN13335 (CLOUDFLARENET, US)
businessrupay.su
1    2606:4700:3037::6815:271e (United States)

ASN13335 (CLOUDFLARENET, US)
marshrutizatorpartner24.net.ru
2    2606:4700:3033::ac43:c45c (United States)

ASN13335 (CLOUDFLARENET, US)
payment-3ds2.ru
7    2606:4700:3033::6815:1282 (United States)

ASN13335 (CLOUDFLARENET, US)
pubg-uc.top
1    2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
7    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
mc.yandex.ru
mc.yandex.com
6    2606:4700::6812:1d5b (United States)

ASN13335 (CLOUDFLARENET, US)
client.crisp.chat
Apex Domain
Subdomains		 Transfer
7 pubg-uc.top
pubg-uc.top
57 KB
6 crisp.chat
client.crisp.chat — Cisco Umbrella Rank: 19254
137 KB
5 yandex.com
mc.yandex.com
2 KB
2 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 2926
69 KB
2 payment-3ds2.ru
payment-3ds2.ru
938 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 588
30 KB
1 net.ru
marshrutizatorpartner24.net.ru
884 B
1 businessrupay.su
businessrupay.su
675 B
18 8
Domain Requested by
7 pubg-uc.top 1 redirects pubg-uc.top
6 client.crisp.chat pubg-uc.top
client.crisp.chat
5 mc.yandex.com 2 redirects
2 mc.yandex.ru 1 redirects pubg-uc.top
2 payment-3ds2.ru 2 redirects
1 code.jquery.com pubg-uc.top
1 marshrutizatorpartner24.net.ru
1 businessrupay.su 1 redirects
18 8

This site contains no links.

Subject Issuer Validity Valid
*.marshrutizatorpartner24.net.ru
E1		 2022-03-08 -
2022-06-06		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-16 -
2022-07-15		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
mc.yandex.ru
Yandex CA		 2021-12-22 -
2022-06-03		 5 months crt.sh
crisp.chat
Cloudflare Inc ECC CA-3		 2021-07-08 -
2022-07-07		 a year crt.sh

This page contains 1 frames:

Primary Page: https://pubg-uc.top/ru/successful-payment/?id=146773&u=
Frame ID: F34825553AC8538A81D95A73DD7DC56E
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Successful payment - PUBG UC Купить UC дешевле: Мидас бай

Page URL History Show full URLs

  1. https://businessrupay.su/olb/qliyv7udmpn4p2l/mrandapay/?order_id=52196656&action=initPay HTTP 302
    https://marshrutizatorpartner24.net.ru/?account=52196656 Page URL
  2. https://payment-3ds2.ru/gates/7/result.php HTTP 302
    https://payment-3ds2.ru/success?id=146773&u= HTTP 302
    https://pubg-uc.top/successful-payment/?id=146773&u= HTTP 302
    https://pubg-uc.top/ru/successful-payment/?id=146773&u= Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

89 %
HTTPS

100 %
IPv6

8
Domains

8
Subdomains

6
IPs

3
Countries

293 kB
Transfer

1127 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://businessrupay.su/olb/qliyv7udmpn4p2l/mrandapay/?order_id=52196656&action=initPay HTTP 302
    https://marshrutizatorpartner24.net.ru/?account=52196656 Page URL
  2. https://payment-3ds2.ru/gates/7/result.php HTTP 302
    https://payment-3ds2.ru/success?id=146773&u= HTTP 302
    https://pubg-uc.top/successful-payment/?id=146773&u= HTTP 302
    https://pubg-uc.top/ru/successful-payment/?id=146773&u= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://businessrupay.su/olb/qliyv7udmpn4p2l/mrandapay/?order_id=52196656&action=initPay HTTP 302
  • https://marshrutizatorpartner24.net.ru/?account=52196656
Request Chain 12
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9573.0JGmCDPwKWNPGDs-y7HFvDkKdHnIm_WchP65qiyOSrSIwaJZRKopwQhssUl2ERMc.usDL4G05YE7eUpQ7sQCXaOC1EnA%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9573.1vO_txM4h1NspPUQpkCy81Ic_AIFIrUrkihtLuz-qbQWBaujPZBQOVvyC6Jfx_OagOIKBUulwRQHNbMpG7RZxA%2C%2C.l2RcFnrIquQq-WAgHp1QvdpYu9Q%2C
Request Chain 15
  • https://mc.yandex.com/watch/82349023?wmode=7&page-url=https%3A%2F%2Fpubg-uc.top%2Fru%2Fsuccessful-payment%2F%3Fid%3D146773%26u%3D&page-ref=https%3A%2F%2Fmarshrutizatorpartner24.net.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afp%3A1319%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A1335645282791%3Ahid%3A912767411%3Az%3A0%3Ai%3A20220310084444%3Aet%3A1646901884%3Ac%3A1%3Arn%3A1002870908%3Arqn%3A1%3Au%3A1646901884661360853%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1646901879325%3Ads%3A0%2C21%2C641%2C15%2C578%2C0%2C%2C37%2C0%2C1417%2C1417%2C0%2C1340%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1646901884%3At%3ASuccessful%20payment%20-%20PUBG%20UC%20%D0%9A%D1%83%D0%BF%D0%B8%D1%82%D1%8C%20UC%20%D0%B4%D0%B5%D1%88%D0%B5%D0%B2%D0%BB%D0%B5%3A%20%D0%9C%D0%B8%D0%B4%D0%B0%D1%81%20%D0%B1%D0%B0%D0%B9&t=gdpr(14)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/82349023/1?wmode=7&page-url=https%3A%2F%2Fpubg-uc.top%2Fru%2Fsuccessful-payment%2F%3Fid%3D146773%26u%3D&page-ref=https%3A%2F%2Fmarshrutizatorpartner24.net.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afp%3A1319%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A1335645282791%3Ahid%3A912767411%3Az%3A0%3Ai%3A20220310084444%3Aet%3A1646901884%3Ac%3A1%3Arn%3A1002870908%3Arqn%3A1%3Au%3A1646901884661360853%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1646901879325%3Ads%3A0%2C21%2C641%2C15%2C578%2C0%2C%2C37%2C0%2C1417%2C1417%2C0%2C1340%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1646901884%3At%3ASuccessful%20payment%20-%20PUBG%20UC%20%D0%9A%D1%83%D0%BF%D0%B8%D1%82%D1%8C%20UC%20%D0%B4%D0%B5%D1%88%D0%B5%D0%B2%D0%BB%D0%B5%3A%20%D0%9C%D0%B8%D0%B4%D0%B0%D1%81%20%D0%B1%D0%B0%D0%B9&t=gdpr%2814%29aw%281%29ti%282%29

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
marshrutizatorpartner24.net.ru/
Redirect Chain
  • https://businessrupay.su/olb/qliyv7udmpn4p2l/mrandapay/?order_id=52196656&action=initPay
  • https://marshrutizatorpartner24.net.ru/?account=52196656
414 B
884 B 		Document
General
Check archive.org
Download Go to
Full URL
https://marshrutizatorpartner24.net.ru/?account=52196656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:271e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 10 Mar 2022 08:44:39 GMT
content-type
text/html; charset=utf-8
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MJ%2Fyd2hsM6RJ886rAE61ELL2DRvaCbakTdhGNATDgCIzyKJsNe%2FM%2BoAOhmPOzDfPWxvE1k1Jc1U92Emu%2BTZ0cbqWALqCkG6trszk7kT%2Bmt0Pxi%2FJCgacmg4%2BaMeUW2D6UVEDXbq8zafy9qnxCyyDT%2FrRHNUTV6eFOs4xTqg%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6e9ac50838fa917d-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Thu, 10 Mar 2022 08:44:38 GMT
content-type
text/html; charset=utf-8
location
https://marshrutizatorpartner24.net.ru/?account=52196656
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y131wMqBYspwyuI1OW72psyIBIxYhpMTD6x8KNa%2FtKIO%2BQnNBl7tXaT5mxDM8GRtrsoCA6io3ZuhzOoVCdXVy9PgZq%2B5VjpEpFM8UsNQnqWWzZnnFxOz57cFqootHZUSKpP17QqN4aKpw1iGNdmZ"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6e9ac5057ca59b9a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Primary Request /
pubg-uc.top/ru/successful-payment/
Redirect Chain
  • https://payment-3ds2.ru/gates/7/result.php
  • https://payment-3ds2.ru/success?id=146773&u=
  • https://pubg-uc.top/successful-payment/?id=146773&u=
  • https://pubg-uc.top/ru/successful-payment/?id=146773&u=
79 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pubg-uc.top/ru/successful-payment/?id=146773&u=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:1282 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.28
Resource Hash
ca9907798d450a977983893efc1c70d16290c09c743c5963a76efdfc01a4f63b

Request headers

Upgrade-Insecure-Requests
1
Origin
https://marshrutizatorpartner24.net.ru
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://marshrutizatorpartner24.net.ru/

Response headers

date
Thu, 10 Mar 2022 08:44:40 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4.28
link
<https://pubg-uc.top/ru/wp-json/>; rel="https://api.w.org/", <https://pubg-uc.top/ru/wp-json/wp/v2/pages/683>; rel="alternate"; type="application/json", <https://pubg-uc.top/ru/?p=683>; rel=shortlink
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2FAGehbByXD8a9H1x3PkfvSW7c54axW9CMCJdDpq3UIgrksq%2BdArLrZ4%2FfqdqzvQAddIB%2BQPkrGllGYeP%2BTug%2BijvsFRUM1qxOzF9CMuFU6ZM5JZC06OlWXNkpyAyZ4cNlB7sz4ygwemVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6e9ac50d89e79978-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Thu, 10 Mar 2022 08:44:39 GMT
content-type
text/html; charset=UTF-8
location
https://pubg-uc.top/ru/successful-payment/?id=146773&u=
x-powered-by
PHP/7.4.28
x-redirect-by
WordPress
expires
Wed, 11 Jan 1984 05:00:00 GMT
cache-control
no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u1RTVuL3ByvVZDKf7AUOAkdDq3%2BkVa2qVQMK97KNZ%2BWgZj7V3QnZQuOv99UxoB1T7ps2uubIsZVkROMjHRGbLqXlaKceMbOrv35nh9UhJZU%2F7TfbpU14DNoaQB3N1B%2FuBQZea5Cxsi72Zg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6e9ac50bde96929b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: pubg-uc.top
URL: https://pubg-uc.top/ru/successful-payment/?id=146773&u=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer
https://pubg-uc.top/
Origin
https://pubg-uc.top
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 10 Mar 2022 08:44:40 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15d9d"
vary
Accept-Encoding
x-hw
1646901880.dop122.am5.t,1646901880.cds224.am5.hn,1646901880.cds007.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
pubg_PNG58.png.webp
pubg-uc.top/wp-content/uploads/2020/10/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubg-uc.top/wp-content/uploads/2020/10/pubg_PNG58.png.webp
Requested by
Host: pubg-uc.top
URL: https://pubg-uc.top/ru/successful-payment/?id=146773&u=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:1282 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7f75334d44a1a2a6e4a518dec015448ff8150ff1bb6206cff88aafbc27ff91a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pubg-uc.top/ru/successful-payment/?id=146773&u=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 10 Mar 2022 08:44:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1214
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3020
last-modified
Tue, 29 Jun 2021 16:47:02 GMT
server
cloudflare
etag
"bcc-5c5ea5af3d650"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2Bt8qvT1rl2AA9JLZR63qWZwyRrkAn4wIGATiQhx6vIM8cnl7zRmLEgCo1MEJHDuWfrmjcAXKQFyLrkzC1Q%2Fk%2FZsPXPRZ49RP6AoWK5akuhDYE%2BF65NpKqfo1kiuJYuib%2Flv38AHJcpF7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6e9ac511a8219978-FRA
successful-icon-10-150x150.png.webp
pubg-uc.top/wp-content/uploads/2020/06/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubg-uc.top/wp-content/uploads/2020/06/successful-icon-10-150x150.png.webp
Requested by
Host: pubg-uc.top
URL: https://pubg-uc.top/ru/successful-payment/?id=146773&u=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:1282 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
204e8e71a5f889410b8e3bef9c327033f2f85c2e1c2c858449267258a4a85047

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pubg-uc.top/ru/successful-payment/?id=146773&u=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 10 Mar 2022 08:44:40 GMT
cf-cache-status
MISS
last-modified
Tue, 29 Jun 2021 16:47:01 GMT
server
cloudflare
etag
"cda-5c5ea5add876e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u0J2k%2BtptBUdZGJ6IQdlNbYHdmalqxEugXhth3QYXSBlpESx9zzK24A8iQumx%2Fjnl0vU5IWqgXdBjUr5%2Fvou5ZVC4P4Aq4XVjmeFmfDROa6YyOeXBghuPmpwMUpPJZWYq0vlztQCzDuV7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6e9ac511b82e9978-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3290
payment12.png.webp
pubg-uc.top/wp-content/uploads/2020/10/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubg-uc.top/wp-content/uploads/2020/10/payment12.png.webp
Requested by
Host: pubg-uc.top
URL: https://pubg-uc.top/ru/successful-payment/?id=146773&u=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:1282 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b3f399e0f3663ccb95d66b72531d134281ffc86d9e15077592e9d8bbdf17346

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pubg-uc.top/ru/successful-payment/?id=146773&u=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 10 Mar 2022 08:44:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1214
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1700
last-modified
Tue, 29 Jun 2021 16:47:02 GMT
server
cloudflare
etag
"6a4-5c5ea5af41ca0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MoGZlXDnUqwnPktWZy7hGEQAaErrGzA9wWt95CK7AP7aABWmYKyPXdALiIh9eqmJwKpSIixoVV%2FDfPr8G4bVcbK%2BboxwvdUHCH1NFunu2BAIG3%2FPj54038a%2BNEvf6m6d1lOHYEfHejpO1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6e9ac511b8319978-FRA
autoptimize_4e67ac50f667c2435285b6b15db1087b.js
pubg-uc.top/wp-content/cache/autoptimize/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pubg-uc.top/wp-content/cache/autoptimize/js/autoptimize_4e67ac50f667c2435285b6b15db1087b.js
Requested by
Host: pubg-uc.top
URL: https://pubg-uc.top/ru/successful-payment/?id=146773&u=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:1282 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd0b7091f071d42a223c4492d8ad5be179430024e31bd8d2df3fd7cd58dda7c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pubg-uc.top/ru/successful-payment/?id=146773&u=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 10 Mar 2022 08:44:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1101477
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 24 Feb 2022 16:28:24 GMT
server
cloudflare
etag
W/"6217b228-1891"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jc%2BJrlCiuxKZs%2B2FUHWx28hE3eViJVx8dM4piO9XYXP9%2B07JpLJUc%2BBvpQTp7XOsadP%2BuGLbJCNENWHlLq%2BCEJujO0qiFQQbKCHzIX7s07qXkwdX3T2CIEhix1COCuMqc1ACpBZ9PgiEWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=15552000
cf-ray
6e9ac511b8339978-FRA
expires
Wed, 24 Aug 2022 14:46:41 GMT
truncated
/ 		123 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f80cf07a16232db71901a60aee87bd82a695eb5f55b139806c55b712c3ed4a87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
font4.woff2
pubg-uc.top/wp-content/themes/pubg-mobile/assets/fonts/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://pubg-uc.top/wp-content/themes/pubg-mobile/assets/fonts/font4.woff2
Requested by
Host: pubg-uc.top
URL: https://pubg-uc.top/ru/successful-payment/?id=146773&u=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:1282 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca0b35aa0f48d8359e7fce9feec83f90ed60c0b857cdf29784f0803b70de4e55

Request headers

Referer
https://pubg-uc.top/ru/successful-payment/?id=146773&u=
Origin
https://pubg-uc.top
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 10 Mar 2022 08:44:40 GMT
cf-cache-status
HIT
last-modified
Tue, 29 Jun 2021 16:47:06 GMT
server
cloudflare
age
1214
etag
"52fc-5c5ea5b378647"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q0Q5jpw%2FQ7u5R7JsY8%2FfXDz9tb%2BK4E50WWKT3OIyu1xbifQ9aEGgdglU6IkneEoEfoI4kEXz1yP21AORpCtVhx2%2FT%2BThAlHGZGS6qW57%2F5mNJTBbzdzcWNXgw0TwNYNxvBrt3ceIpri0Hg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6e9ac511c8539978-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21244
tag.js
mc.yandex.ru/metrika/ 		199 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: pubg-uc.top
URL: https://pubg-uc.top/wp-content/cache/autoptimize/js/autoptimize_4e67ac50f667c2435285b6b15db1087b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
3f220f3495c96b51b282b05e390230202c948611867f2841cdf8ac30f7fdd427
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pubg-uc.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 10 Mar 2022 08:44:44 GMT
content-encoding
br
last-modified
Fri, 18 Feb 2022 11:36:57 GMT
etag
"620f5aa9-10fdc"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
69596
expires
Thu, 10 Mar 2022 09:44:44 GMT
l.js
client.crisp.chat/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/l.js
Requested by
Host: pubg-uc.top
URL: https://pubg-uc.top/wp-content/cache/autoptimize/js/autoptimize_4e67ac50f667c2435285b6b15db1087b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e71d08f626e0c80269671eb376ca9d6741dd81ca6caa5451063f0f2bc9b5c82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pubg-uc.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 10 Mar 2022 08:44:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
59368
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 18 Jan 2022 08:47:47 GMT
server
cloudflare
etag
W/"61e67eb3-1ebe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=86400
access-control-allow-credentials
false
cf-ray
6e9ac52838e49bec-FRA
access-control-allow-headers
Content-Type, Origin
expires
Fri, 11 Mar 2022 08:44:44 GMT
client.js
client.crisp.chat/static/javascripts/ 		381 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/static/javascripts/client.js?14441ec
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/l.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1d5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13c49ce264224a16b8e2b5daad1b593e25479cc6724b5f7e312d532e898b239f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pubg-uc.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 10 Mar 2022 08:44:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
81789
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 18 Jan 2022 08:47:47 GMT
server
cloudflare
etag
W/"61e67eb3-5f54e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=315360000
access-control-allow-credentials
false
cf-ray
6e9ac5287d06901e-FRA
access-control-allow-headers
Content-Type, Origin
expires
Sun, 07 Mar 2032 08:44:44 GMT
client_default.css
client.crisp.chat/static/stylesheets/ 		328 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/static/stylesheets/client_default.css?14441ec
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/l.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1d5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7561e680878d5b0ead8704c157156c65b315bae88ba04b914aee6535f4de00c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pubg-uc.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 10 Mar 2022 08:44:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
82962
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 18 Jan 2022 08:47:47 GMT
server
cloudflare
etag
W/"61e67eb3-521ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=315360000
access-control-allow-credentials
false
cf-ray
6e9ac5287d03901e-FRA
access-control-allow-headers
Content-Type, Origin
expires
Sun, 07 Mar 2032 08:44:44 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9573.0JGmCDPwKWNPGDs-y7HFvDkKdHnIm_WchP65qiyOSrSIwaJZRKopwQhssUl2ERMc.usDL4G05YE7eUpQ7sQCXaOC1EnA%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9573.1vO_txM4h1NspPUQpkCy81Ic_AIFIrUrkihtLuz-qbQWBaujPZBQOVvyC6Jfx_OagOIKBUulwRQHNbMpG7RZxA%2C%2C.l2RcFnrIquQq-WAgHp1QvdpYu9Q%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9573.1vO_txM4h1NspPUQpkCy81Ic_AIFIrUrkihtLuz-qbQWBaujPZBQOVvyC6Jfx_OagOIKBUulwRQHNbMpG7RZxA%2C%2C.l2RcFnrIquQq-WAgHp1QvdpYu9Q%2C
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pubg-uc.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 10 Mar 2022 08:44:44 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9573.1vO_txM4h1NspPUQpkCy81Ic_AIFIrUrkihtLuz-qbQWBaujPZBQOVvyC6Jfx_OagOIKBUulwRQHNbMpG7RZxA%2C%2C.l2RcFnrIquQq-WAgHp1QvdpYu9Q%2C
date
Thu, 10 Mar 2022 08:44:44 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pubg-uc.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 10 Mar 2022 08:44:44 GMT
last-modified
Fri, 18 Feb 2022 11:36:57 GMT
etag
"620f5aa9-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Thu, 10 Mar 2022 09:44:44 GMT
/
client.crisp.chat/settings/website/3de10432-351e-4122-9275-38b00ddf9f57/prelude/ 		78 B
511 B 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/settings/website/3de10432-351e-4122-9275-38b00ddf9f57/prelude/?callback=window.%24crisp.__spool.website_handler&2022-2-10-8-44
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?14441ec
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1d5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05ae74ef903a8fef90cdc71bbf4dad23233efbda14e05261d5125994416e85e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pubg-uc.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 10 Mar 2022 08:44:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 10 Mar 2022 08:44:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=14400
access-control-allow-credentials
false
cf-ray
6e9ac529bf16901e-FRA
access-control-allow-headers
Content-Type, Origin
expires
Thu, 10 Mar 2022 12:44:44 GMT
1
mc.yandex.com/watch/82349023/
Redirect Chain
  • https://mc.yandex.com/watch/82349023?wmode=7&page-url=https%3A%2F%2Fpubg-uc.top%2Fru%2Fsuccessful-payment%2F%3Fid%3D146773%26u%3D&page-ref=https%3A%2F%2Fmarshrutizatorpartner24.net.ru%2F&charset=ut...
  • https://mc.yandex.com/watch/82349023/1?wmode=7&page-url=https%3A%2F%2Fpubg-uc.top%2Fru%2Fsuccessful-payment%2F%3Fid%3D146773%26u%3D&page-ref=https%3A%2F%2Fmarshrutizatorpartner24.net.ru%2F&charset=...
338 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/82349023/1?wmode=7&page-url=https%3A%2F%2Fpubg-uc.top%2Fru%2Fsuccessful-payment%2F%3Fid%3D146773%26u%3D&page-ref=https%3A%2F%2Fmarshrutizatorpartner24.net.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afp%3A1319%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A1335645282791%3Ahid%3A912767411%3Az%3A0%3Ai%3A20220310084444%3Aet%3A1646901884%3Ac%3A1%3Arn%3A1002870908%3Arqn%3A1%3Au%3A1646901884661360853%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1646901879325%3Ads%3A0%2C21%2C641%2C15%2C578%2C0%2C%2C37%2C0%2C1417%2C1417%2C0%2C1340%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1646901884%3At%3ASuccessful%20payment%20-%20PUBG%20UC%20%D0%9A%D1%83%D0%BF%D0%B8%D1%82%D1%8C%20UC%20%D0%B4%D0%B5%D1%88%D0%B5%D0%B2%D0%BB%D0%B5%3A%20%D0%9C%D0%B8%D0%B4%D0%B0%D1%81%20%D0%B1%D0%B0%D0%B9&t=gdpr%2814%29aw%281%29ti%282%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
ee62c3d8d366edd30d308467efaa23cfa14f0c22ab81309cfa694c0733b4ffa1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pubg-uc.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Mar 2022 08:44:44 GMT
x-content-type-options
nosniff
last-modified
Thu, 10-Mar-2022 08:44:44 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pubg-uc.top
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
338
x-xss-protection
1; mode=block
expires
Thu, 10-Mar-2022 08:44:44 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Mar 2022 08:44:44 GMT
last-modified
Thu, 10-Mar-2022 08:44:44 GMT
location
/watch/82349023/1?wmode=7&page-url=https%3A%2F%2Fpubg-uc.top%2Fru%2Fsuccessful-payment%2F%3Fid%3D146773%26u%3D&page-ref=https%3A%2F%2Fmarshrutizatorpartner24.net.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afp%3A1319%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A1335645282791%3Ahid%3A912767411%3Az%3A0%3Ai%3A20220310084444%3Aet%3A1646901884%3Ac%3A1%3Arn%3A1002870908%3Arqn%3A1%3Au%3A1646901884661360853%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1646901879325%3Ads%3A0%2C21%2C641%2C15%2C578%2C0%2C%2C37%2C0%2C1417%2C1417%2C0%2C1340%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1646901884%3At%3ASuccessful%20payment%20-%20PUBG%20UC%20%D0%9A%D1%83%D0%BF%D0%B8%D1%82%D1%8C%20UC%20%D0%B4%D0%B5%D1%88%D0%B5%D0%B2%D0%BB%D0%B5%3A%20%D0%9C%D0%B8%D0%B4%D0%B0%D1%81%20%D0%B1%D0%B0%D0%B9&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://pubg-uc.top
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Thu, 10-Mar-2022 08:44:44 GMT
/
client.crisp.chat/settings/website/3de10432-351e-4122-9275-38b00ddf9f57/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/settings/website/3de10432-351e-4122-9275-38b00ddf9f57/?callback=window.%24crisp.__spool.website_handler&1626207321851
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?14441ec
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1d5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af5d805e67342bf3af76c7cd76091ab3644810fbbb94acf26d481bbf420e0314
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pubg-uc.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 10 Mar 2022 08:44:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
816
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 10 Mar 2022 08:31:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=14400
access-control-allow-credentials
false
cf-ray
6e9ac52bb9c4901e-FRA
access-control-allow-headers
Content-Type, Origin
expires
Thu, 10 Mar 2022 12:44:44 GMT
en.js
client.crisp.chat/static/javascripts/locales/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/static/javascripts/locales/en.js?14441ec
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?14441ec
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1d5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ae91dd76ffe339d4668fe648aea2624d7d348c5164d296ccd5edd32d655711e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pubg-uc.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 10 Mar 2022 08:44:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
82914
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 18 Jan 2022 08:47:47 GMT
server
cloudflare
etag
W/"61e67eb3-1822"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=315360000
access-control-allow-credentials
false
cf-ray
6e9ac52c2a7d901e-FRA
access-control-allow-headers
Content-Type, Origin
expires
Sun, 07 Mar 2032 08:44:44 GMT
truncated
/ 		881 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c8faba32cf813d34a373a7528d2446d0f2b061f8dd6900391af20ac718f69bd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| $ function| jQuery number| sec number| min function| mymenuFunction function| refresh string| time number| inter function| ym object| $crisp string| CRISP_WEBSITE_ID object| d object| s

4 Cookies

Domain/Path Name / Value
businessrupay.su/ Name: PHPSESSID
Value: gtfv63svq1g80ir6vpq1ps8ha3
marshrutizatorpartner24.net.ru/ Name: PHPSESSID
Value: im3ib8qeaj3ga0cigp8qfrev70
payment-3ds2.ru/ Name: PHPSESSID
Value: qe9hdjn74m1ojupp0b599465g3
pubg-uc.top/ Name: qtrans_front_language
Value: ru

1 Console Messages

Source Level URL
Text
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9573.1vO_txM4h1NspPUQpkCy81Ic_AIFIrUrkihtLuz-qbQWBaujPZBQOVvyC6Jfx_OagOIKBUulwRQHNbMpG7RZxA%2C%2C.l2RcFnrIquQq-WAgHp1QvdpYu9Q%2C
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

businessrupay.su
client.crisp.chat
code.jquery.com
marshrutizatorpartner24.net.ru
mc.yandex.com
mc.yandex.ru
payment-3ds2.ru
pubg-uc.top
2001:4de0:ac18::1:a:3a
2606:4700:3033::6815:1282
2606:4700:3033::ac43:c45c
2606:4700:3035::6815:294f
2606:4700:3037::6815:271e
2606:4700::6812:1d5b
2a02:6b8::1:119
05ae74ef903a8fef90cdc71bbf4dad23233efbda14e05261d5125994416e85e9
13c49ce264224a16b8e2b5daad1b593e25479cc6724b5f7e312d532e898b239f
204e8e71a5f889410b8e3bef9c327033f2f85c2e1c2c858449267258a4a85047
3f220f3495c96b51b282b05e390230202c948611867f2841cdf8ac30f7fdd427
4ae91dd76ffe339d4668fe648aea2624d7d348c5164d296ccd5edd32d655711e
4b3f399e0f3663ccb95d66b72531d134281ffc86d9e15077592e9d8bbdf17346
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5e71d08f626e0c80269671eb376ca9d6741dd81ca6caa5451063f0f2bc9b5c82
7561e680878d5b0ead8704c157156c65b315bae88ba04b914aee6535f4de00c1
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
9c8faba32cf813d34a373a7528d2446d0f2b061f8dd6900391af20ac718f69bd
af5d805e67342bf3af76c7cd76091ab3644810fbbb94acf26d481bbf420e0314
b7f75334d44a1a2a6e4a518dec015448ff8150ff1bb6206cff88aafbc27ff91a
ca0b35aa0f48d8359e7fce9feec83f90ed60c0b857cdf29784f0803b70de4e55
ca9907798d450a977983893efc1c70d16290c09c743c5963a76efdfc01a4f63b
dd0b7091f071d42a223c4492d8ad5be179430024e31bd8d2df3fd7cd58dda7c5
ee62c3d8d366edd30d308467efaa23cfa14f0c22ab81309cfa694c0733b4ffa1
f80cf07a16232db71901a60aee87bd82a695eb5f55b139806c55b712c3ed4a87
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e