urlscan.io logo urlscan.io
SecurityTrails logo

s3.419031.world Open in urlscan Pro
172.67.158.4  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://s3.419031.world/pay/28871490/
Effective URL: https://s3.419031.world/pay/28871490/
Submission: On December 07 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 29 HTTP transactions. The main IP is 172.67.158.4, located in United States and belongs to CLOUDFLARENET, US. The main domain is s3.419031.world.
TLS certificate: Issued by WE1 on December 6th 2024. Valid for: 3 months.
This is the only time s3.419031.world was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Volksbank (Banking)

Domain & IP information

IP Address AS Autonomous System
20 172.67.158.4 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 104.17.25.14 13335 (CLOUDFLAR...)
2 2a04:4e42:600... 54113 (FASTLY)
1 2607:f8b0:400... 15169 (GOOGLE)
1 172.253.63.94 15169 (GOOGLE)
29 8
20    172.67.158.4 (United States)

ASN13335 (CLOUDFLARENET, US)
s3.419031.world
2    2606:4700::6812:bb1f (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2606:4700::6811:f5cb (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    2607:f8b0:4004:c17::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    172.253.63.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f94.1e100.net
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
20 419031.world
s3.419031.world
474 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 847
31 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
12 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 318
54 KB
1 gstatic.com
fonts.gstatic.com
15 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
1 unpkg.com
unpkg.com — Cisco Umbrella Rank: 740
3 KB
29 7
Domain Requested by
20 s3.419031.world s3.419031.world
cdnjs.cloudflare.com
2 code.jquery.com s3.419031.world
2 cdnjs.cloudflare.com s3.419031.world
2 cdn.jsdelivr.net s3.419031.world
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com s3.419031.world
1 unpkg.com s3.419031.world
29 7

This site contains no links.

Subject Issuer Validity Valid
419031.world
WE1		 2024-12-06 -
2025-03-06		 3 months crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA		 2024-05-04 -
2025-05-04		 a year crt.sh
unpkg.com
WE1		 2024-11-23 -
2025-02-21		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-11-26 -
2025-02-24		 3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://s3.419031.world/pay/28871490/
Frame ID: 7BA3C62ACFCE085B40122603D281DF31
Requests: 23 HTTP requests in this frame

Frame: https://s3.419031.world/supportChatFrame/28871490/1733612101.530968
Frame ID: BBB1291A98B155F20720125AC32EC7FA
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Online banking

Page URL History Show full URLs

  1. http://s3.419031.world/pay/28871490/ HTTP 307
    https://s3.419031.world/pay/28871490/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

29
Requests

100 %
HTTPS

57 %
IPv6

7
Domains

7
Subdomains

8
IPs

2
Countries

613 kB
Transfer

1105 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://s3.419031.world/pay/28871490/ HTTP 307
    https://s3.419031.world/pay/28871490/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
s3.419031.world/pay/28871490/
Redirect Chain
  • http://s3.419031.world/pay/28871490/
  • https://s3.419031.world/pay/28871490/
17 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s3.419031.world/pay/28871490/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.158.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3a9f3bbc97f3ebbd0bb957c4a340626b7087ff4bb7d579db9c2b9bbf0487c48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ee819cf4831a56c-MIA
content-encoding
zstd
content-type
text/html; charset=utf-8
date
Sat, 07 Dec 2024 22:55:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nA642C4bQS9O41XXW7DaRgi98ZjMX6%2FtRSjQ6N7KhPpm%2F%2BvA4McYx3VQVgTffzTMoQu5TrsDvseRXLuHgtxmvCyCLsZg%2F4FJ%2BkZIjadwAfbDFJwbxEo9d5%2BzBTUQz9dfCXY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=30613&min_rtt=30254&rtt_var=5071&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4141&recv_bytes=4497&delivery_rate=505&cwnd=12000&unsent_bytes=0&cid=5e6521aaede5175b&ts=1163&x=1" cfExtPri cfHdrFlush;dur=0
vary
accept-encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Location
https://s3.419031.world/pay/28871490/
Non-Authoritative-Reason
HttpsUpgrades
fonts.css
s3.419031.world/fonts/personal/ 		96 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.419031.world/fonts/personal/fonts.css
Requested by
Host: s3.419031.world
URL: https://s3.419031.world/pay/28871490/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.158.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4040cd31dd2b3873be1c96ee030c6182cd608043ae96dea12c879a53b2903c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://s3.419031.world/pay/28871490/

Response headers

content-encoding
zstd
cf-cache-status
BYPASS
etag
W/"3177d3539e61a47d9a862a667f945546"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZGceuAbYtJnB3ahQZm9AxemOLpGu7QRsm7TJO%2BRUvVreM8icg3n6LiLI5fnPqoT4C7cl%2F2xsPpRJvahHu3hrMUXX9oInl8amfT3fsX3dvHJReTye4qx09p8DTnwES31t7pU%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33017&min_rtt=30254&rtt_var=4823&sent=34&recv=23&lost=0&retrans=0&sent_bytes=26917&recv_bytes=7680&delivery_rate=12519&cwnd=12000&unsent_bytes=0&cid=5e6521aaede5175b&ts=1717&x=1", cfExtPri, cfHdrFlush;dur=2
date
Sat, 07 Dec 2024 22:55:02 GMT
content-type
text/css; charset=utf-8
last-modified
Tue, 26 Dec 2023 14:32:46 GMT
vary
Accept-Encoding
priority
u=0,i=?0
x-frame-options
SAMEORIGIN
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ee819d6bccfa56c-MIA
x-xss-protection
1; mode=block
server
cloudflare
style.css
s3.419031.world/css/card/ 		15 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.419031.world/css/card/style.css
Requested by
Host: s3.419031.world
URL: https://s3.419031.world/pay/28871490/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.158.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fc1ea9f3660f6d419341d0ca22991a8b8333bd5c88617da83a29b631913e64c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://s3.419031.world/pay/28871490/

Response headers

content-encoding
zstd
cf-cache-status
BYPASS
etag
W/"f7410f097a68617351bc680dfdc0bd5a"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gif8vprb9%2BHYEkb6VUDenDwZeYb2PwI11VynwW6uanQ4JeKOdQva4WMjBe2A3e%2FfgQ%2B8DudyG%2BCwRSN7wJ6T0invZ3jC3T16yxxRLaTBkMoFGcf8868wyND8GHXxSRgOYTM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33017&min_rtt=30254&rtt_var=4823&sent=34&recv=23&lost=0&retrans=0&sent_bytes=26917&recv_bytes=7680&delivery_rate=12519&cwnd=12000&unsent_bytes=0&cid=5e6521aaede5175b&ts=1716&x=1", cfExtPri, cfHdrFlush;dur=3
date
Sat, 07 Dec 2024 22:55:02 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 26 Aug 2024 09:58:58 GMT
vary
Accept-Encoding
priority
u=0,i=?0
x-frame-options
SAMEORIGIN
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ee819d6bcd5a56c-MIA
x-xss-protection
1; mode=block
server
cloudflare
vv_style.css
s3.419031.world/css/card/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.419031.world/css/card/vv_style.css
Requested by
Host: s3.419031.world
URL: https://s3.419031.world/pay/28871490/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.158.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01debc8c5816b2c2aae3f38120d8fa7f4bd871b09a77da71cb1b67cc5a8bdce2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://s3.419031.world/pay/28871490/

Response headers

content-encoding
zstd
cf-cache-status
BYPASS
etag
W/"c14b46b157babab1731a191fc07b6a77"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U07ivMKZGHPB0qu7w%2B6XN2nOOBjtbPJRnCqQZ6ZbkGQwXQgX7yT8wLm%2BK54yZoTA9essvuLKkcFpdhAkkmajH%2FGGIfmvFj0TecEMNlTjR19P7i2DjczYIsLjDogiBYvJntc%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31073&min_rtt=30254&rtt_var=2853&sent=19&recv=20&lost=0&retrans=0&sent_bytes=10208&recv_bytes=7550&delivery_rate=183243&cwnd=12000&unsent_bytes=0&cid=5e6521aaede5175b&ts=1573&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 07 Dec 2024 22:55:02 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 26 Aug 2024 09:58:46 GMT
vary
Accept-Encoding
priority
u=0,i=?0
x-frame-options
SAMEORIGIN
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ee819d6bcd8a56c-MIA
x-xss-protection
1; mode=block
server
cloudflare
logo.png
s3.419031.world/img/services/etsyverify/ 		85 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.419031.world/img/services/etsyverify/logo.png
Requested by
Host: s3.419031.world
URL: https://s3.419031.world/pay/28871490/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.158.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a34011a9a4159b488e8a9103e90fed27e36981c4cdbe90c6aed15b06d5d37f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://s3.419031.world/pay/28871490/

Response headers

cf-cache-status
BYPASS
etag
"8c45856dce35ff9f484366e1c235ed91"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MKjUMMNaXYPl8yN2ne0%2Fg3oFN%2BmUs98vzNzifk6yeLi9w5brGsQ7FH9sRsY1pj2wvWCH7qkFXClNz3jt37g5UBwD47zAkwUDzRBtGR%2FUzvx28ydUKBswR%2F1Esqi5YAh5tbY%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31977&min_rtt=30254&rtt_var=2291&sent=55&recv=28&lost=0&retrans=0&sent_bytes=50890&recv_bytes=7895&delivery_rate=390309&cwnd=24000&unsent_bytes=0&cid=5e6521aaede5175b&ts=1722&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 07 Dec 2024 22:55:02 GMT
content-type
image/png
last-modified
Wed, 01 Nov 2023 22:55:40 GMT
vary
Accept-Encoding
priority
u=2,i
x-frame-options
SAMEORIGIN
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ee819d6bcdba56c-MIA
accept-ranges
bytes
content-length
87274
x-xss-protection
1; mode=block
server
cloudflare
visa.png
s3.419031.world/img/card/ 		154 KB
155 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.419031.world/img/card/visa.png
Requested by
Host: s3.419031.world
URL: https://s3.419031.world/pay/28871490/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.158.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d31d939b531897ebbc04c86a7e1971888f15acb32abc657e7baf7eec130a5187
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://s3.419031.world/pay/28871490/

Response headers

cf-cache-status
BYPASS
etag
"a597d4eaf32fcf71ca7c0f7cf1e959a7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nZDAu8WFLk1nqvSIBNFjArgU1oFDk9jMcUFvPiZfJAUpH%2BXAtx688MWFT2osIbXtjR2MF10VEnG%2FRsKy35ApSwjSeagiso%2FYdOffaovBourf0RrNVS3JGP1eOIKZ4RCfUEc%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33017&min_rtt=30254&rtt_var=4823&sent=24&recv=23&lost=0&retrans=0&sent_bytes=14917&recv_bytes=7680&delivery_rate=12519&cwnd=12000&unsent_bytes=0&cid=5e6521aaede5175b&ts=1688&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 07 Dec 2024 22:55:02 GMT
content-type
image/png
last-modified
Mon, 02 Oct 2023 19:59:04 GMT
vary
Accept-Encoding
priority
u=2,i
x-frame-options
SAMEORIGIN
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ee819d6bcdea56c-MIA
accept-ranges
bytes
content-length
158196
x-xss-protection
1; mode=block
server
cloudflare
mastercard.png
s3.419031.world/img/card/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.419031.world/img/card/mastercard.png
Requested by
Host: s3.419031.world
URL: https://s3.419031.world/pay/28871490/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.158.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
750ac8d2bd2d0168a404a67733239d84262902c0dc2f231fff66182436a6e0c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://s3.419031.world/pay/28871490/

Response headers

cf-cache-status
BYPASS
etag
"2d16f17580a2836bb81f50f6e6ee7ecf"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FvSkh%2B6UMERvIAIfQf5eKKdLwrUw66wCvJ9AWtUyTTLzwmCwyY8dUjGH52BVsIQUH5YjUZK0bxtjWrsNuZyEKWLKgpdQpYuPkljxoy1HVZBXWTskTy54OaNPrYOLtYJsuVs%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33017&min_rtt=30254&rtt_var=4823&sent=34&recv=23&lost=0&retrans=0&sent_bytes=26917&recv_bytes=7680&delivery_rate=12519&cwnd=12000&unsent_bytes=0&cid=5e6521aaede5175b&ts=1714&x=1", cfExtPri, cfHdrFlush;dur=5
date
Sat, 07 Dec 2024 22:55:02 GMT
content-type
image/png
last-modified
Mon, 02 Oct 2023 19:59:24 GMT
vary
Accept-Encoding
priority
u=2,i
x-frame-options
SAMEORIGIN
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ee819d6dd1ba56c-MIA
accept-ranges
bytes
content-length
38193
x-xss-protection
1; mode=block
server
cloudflare
vue@2
cdn.jsdelivr.net/npm/ 		105 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vue@2
Requested by
Host: s3.419031.world
URL: https://s3.419031.world/pay/28871490/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c1d4b0c549e8de9d4a9bafb12ab70b6a1ac747d07293b98c5b25b6632999afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://s3.419031.world/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"1a49f-RSXL0WfJYyQBbqolhHA+ICToXJA"
age
8236
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dsWlwUke2jOGPcjTLLXFI02g2ecmMMIlSIwO%2FrCsjVlhEicXHkpQJFfDNKqLQilivPXRVbrpsslAoQh577kIEYiZN%2FHNbJc8ze0Q6KsRdtm%2BXroEjwhv454bIJiGtfsleptR4fPaBsESzNOQtng%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443"; ma=86400
x-cache
HIT, HIT
date
Sat, 07 Dec 2024 22:55:02 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220124-FRA, cache-lga21971-LGA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8ee819d74a544976-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
40342
server
cloudflare
x-jsd-version
2.7.16
vue-the-mask.js
unpkg.com/vue-the-mask@0.11.1/dist/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/vue-the-mask@0.11.1/dist/vue-the-mask.js
Requested by
Host: s3.419031.world
URL: https://s3.419031.world/pay/28871490/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f5cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ef6dd0c1dbd61b792f7791c989d68b3939263c502269643f8e96c28f7e49a15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://s3.419031.world
Referer
https://s3.419031.world/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"1281-ojkEKEJwDFSwzNnN7s8unltOATY"
age
20254830
x-content-type-options
nosniff
date
Sat, 07 Dec 2024 22:55:02 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 10 Oct 2017 17:43:56 GMT
fly-request-id
01HVP0TBAV78H2CCVFF9C9QN14-mia
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8ee819d759b97464-MIA
access-control-allow-origin
*
server
cloudflare
vue-swal.min.js
cdn.jsdelivr.net/npm/vue-swal@1.0.0/dist/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vue-swal@1.0.0/dist/vue-swal.min.js
Requested by
Host: s3.419031.world
URL: https://s3.419031.world/pay/28871490/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24ac91354b1008448f70e4f329ea1675d3dfe80a795e88a1bf9a4b87749c6f21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://s3.419031.world
Referer
https://s3.419031.world/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"b57f-rKU+nHPyf/Wl1f5V4AXSsZoGTmw"
age
9970266
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5JqTg1BCYnO1D81kaB4f6nktUEEOhCUD67vA9jKuvNIaMuh67MEeoWBpa9gw9JU%2BIg7x2U94FUpAMKnKRHg5mQFrhAgEh7i2fmEVlJ1HcRDbdMSdsFk0%2FJhdaikf5cp8Jgng3mffXGtOI%2Fv%2BTPM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443"; ma=86400
x-cache
HIT, HIT
date
Sat, 07 Dec 2024 22:55:02 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220025-FRA, cache-lga21963-LGA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8ee819d74fcded32-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
12918
server
cloudflare
x-jsd-version
1.0.0
axios.min.js
cdnjs.cloudflare.com/ajax/libs/axios/0.21.1/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/axios/0.21.1/axios.min.js
Requested by
Host: s3.419031.world
URL: https://s3.419031.world/pay/28871490/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24b9a49d375465e659dbaecb3fda81fbf0d3eedbf138e29cb5229e502d8a4fa1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://s3.419031.world
Referer
https://s3.419031.world/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5fe182ae-3813"
age
105114
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5VpuNXWm5o%2Bo4zB43CTIc0DKIMlTEOUoGDNwR5lYMsuKR6iNm7USgF9pxeA8hBnSPD0D5p8XW2RGT92s9c1j1o%2BJqxYUvht5S9JRSdprdGRi3ySsZq6mb6yTKBXSM3P0t8g3pZmR"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 27 Nov 2025 22:55:02 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 07 Dec 2024 22:55:02 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 22 Dec 2020 05:22:54 GMT
vary
Accept-Encoding
priority
u=2,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8ee819d71b1c7477-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
4420
server
cloudflare
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: s3.419031.world
URL: https://s3.419031.world/pay/28871490/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://s3.419031.world
Referer
https://s3.419031.world/

Response headers

content-encoding
gzip
etag
W/"28feccc0-15d9d"
age
2135392
x-cache
HIT, HIT
date
Sat, 07 Dec 2024 22:55:02 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits
25, 326809
x-served-by
cache-lga21931-LGA, cache-mia-kmia1760021-MIA
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1733612102.295110,VS0,VE0
cross-origin-resource-policy
cross-origin
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
30875
server
nginx
support_parent.css
s3.419031.world/css/support/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.419031.world/css/support/support_parent.css
Requested by
Host: s3.419031.world
URL: https://s3.419031.world/pay/28871490/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.158.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9487b5dfbb3f27a3c0de48bb115464b4f4e85dbdce56cfc7591a89ca1a984c4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://s3.419031.world/pay/28871490/

Response headers

content-encoding
zstd
cf-cache-status
BYPASS
etag
W/"86863907497a3905911921e9b25cabd6"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WW%2Bi%2BWDyi8Fq5CBIqf82HVt1Bqar70sInSXARwqIcFWDIkUg93fj0aZ6zZTF5HrrdUdXUQYedtcsQuYl6GewfNsBY%2FaIkDqRoBzkWd7d8eboL5XYkD52s%2FLZX%2BiqNwAXhYU%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31073&min_rtt=30254&rtt_var=2853&sent=22&recv=20&lost=0&retrans=0&sent_bytes=13121&recv_bytes=7550&delivery_rate=183243&cwnd=12000&unsent_bytes=0&cid=5e6521aaede5175b&ts=1582&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 07 Dec 2024 22:55:02 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 01 Jul 2024 17:02:54 GMT
vary
Accept-Encoding
priority
u=2,i=?0
x-frame-options
SAMEORIGIN
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ee819d6dd20a56c-MIA
x-xss-protection
1; mode=block
server
cloudflare
css
fonts.googleapis.com/ 		18 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Code+Pro:400,500,600,700|Source+Sans+Pro:400,600,700&display=swap
Requested by
Host: s3.419031.world
URL: https://s3.419031.world/css/card/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e9859ee0ec5c5dcca40928a7963af2f711d4f6c837eb41dd24306176605a88f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://s3.419031.world/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 07 Dec 2024 22:55:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 07 Dec 2024 22:55:02 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sat, 07 Dec 2024 22:55:02 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
bg.jpg
s3.419031.world/img/banks/ 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.419031.world/img/banks/bg.jpg
Requested by
Host: s3.419031.world
URL: https://s3.419031.world/css/card/vv_style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.158.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c0937cc0311f1d7bcdb688ee99c9813e7ef146788d0e6c245c41648486db099
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://s3.419031.world/css/card/vv_style.css

Response headers

cf-cache-status
BYPASS
etag
"f032bfa2a59dde4df7085245da56526c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UgLssqEkrIaKrYFrAFwnjna1FXD9rUxERbX5%2FZvhQnfytrihjwcfaae%2B1C2JPYOULUt2FNlhOq9ZZQFveY6MUPEyA3rOG30Cz%2BxPeyhQ4UyikT9aCR7QmJcoGeC8I%2FBLXOY%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30957&min_rtt=30216&rtt_var=481&sent=322&recv=93&lost=0&retrans=0&sent_bytes=355900&recv_bytes=12414&delivery_rate=49425&cwnd=98700&unsent_bytes=0&cid=5e6521aaede5175b&ts=2443&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 07 Dec 2024 22:55:03 GMT
content-type
image/jpeg
last-modified
Sun, 11 Jun 2023 19:02:04 GMT
vary
Accept-Encoding
priority
u=3,i
x-frame-options
SAMEORIGIN
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ee819db3cc7a56c-MIA
accept-ranges
bytes
content-length
50249
x-xss-protection
1; mode=block
server
cloudflare
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Code+Pro:400,500,600,700|Source+Sans+Pro:400,600,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://s3.419031.world
Referer
https://fonts.googleapis.com/

Response headers

age
4462
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 07 Dec 2025 21:40:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 07 Dec 2024 21:40:41 GMT
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
14892
x-xss-protection
0
server
sffe
truncated
/ 		426 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1d00c6f0cc689179cfc4dab54f10163635df53e0472ec87fb40790a74f4dbce2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
14be4114dcfde74652f19f9ffae8c9bb50707e9e88bd2b1fcd86fb50224109e7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://s3.419031.world
Referer

Response headers

Content-Type
font/woff2
1733612101.530968
s3.419031.world/supportChatFrame/28871490/ Frame BBB1 		56 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s3.419031.world/supportChatFrame/28871490/1733612101.530968
Requested by
Host: s3.419031.world
URL: https://s3.419031.world/pay/28871490/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.158.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f09be4c528f3360dd78ce80170f7ee2ef5aac1dd86dbac756977da0442632ce3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://s3.419031.world/pay/28871490/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ee819dc1e7ea56c-MIA
content-encoding
zstd
content-type
text/html; charset=utf-8
date
Sat, 07 Dec 2024 22:55:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LkBxArLASErqVBAJWL92g%2BkraYFV9%2FUQjvnTjDioGH%2Bz9SYdjKmv5MHkzISnMNzyXv0O7dyGnYZ7Q39b%2FRFFQpg%2BrXXnwuOaMdjQjqY6Z%2Bo2dwFBehl5gvKJMDa33wjvByc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=31044&min_rtt=30216&rtt_var=592&sent=306&recv=90&lost=0&retrans=0&sent_bytes=339029&recv_bytes=11900&delivery_rate=2061967&cwnd=98700&unsent_bytes=0&cid=5e6521aaede5175b&ts=2345&x=1" cfExtPri cfHdrFlush;dur=0
vary
accept-encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
supportIcon.svg
s3.419031.world/img/support/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.419031.world/img/support/supportIcon.svg
Requested by
Host: s3.419031.world
URL: https://s3.419031.world/css/support/support_parent.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.158.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
389f75ee3689c5ed8c0edf80ca4fb1462f7bb53d156cca6ac5ef36fbd838593a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://s3.419031.world/css/support/support_parent.css

Response headers

content-encoding
zstd
cf-cache-status
BYPASS
etag
W/"3e742f0aec86a9284d3549652864b9fc"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RT3Hh5CkcBihmz0gtEnqKgNtBdeiKO2Fb0CU65wHtHC85hAVFiN8WQIrMnObySnhCjSTustA4Ksv1djJArw15%2Fw%2F%2Bo1kPARdpVC7IaXqdDVYWpSubWKC3%2FN1uqfZn%2FX7nLo%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30957&min_rtt=30216&rtt_var=481&sent=319&recv=93&lost=0&retrans=0&sent_bytes=353445&recv_bytes=12414&delivery_rate=49425&cwnd=98700&unsent_bytes=0&cid=5e6521aaede5175b&ts=2408&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 07 Dec 2024 22:55:03 GMT
content-type
image/svg+xml
last-modified
Tue, 26 Dec 2023 14:32:46 GMT
vary
Accept-Encoding
priority
u=3,i
x-frame-options
SAMEORIGIN
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ee819dc1e84a56c-MIA
x-xss-protection
1; mode=block
server
cloudflare
support_chat.css
s3.419031.world/css/support/ Frame BBB1 		101 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.419031.world/css/support/support_chat.css
Requested by
Host: s3.419031.world
URL: https://s3.419031.world/supportChatFrame/28871490/1733612101.530968
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.158.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed69b7fcf9c1b62f34c197144823d4872872f5a441babf46faacd707fb4e03ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://s3.419031.world/supportChatFrame/28871490/1733612101.530968

Response headers

content-encoding
zstd
cf-cache-status
BYPASS
etag
W/"5a4e84c3f646c1b728e081340e89ed32"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5vRuN5M7oBSVpPHc%2BoRR%2B34dpE%2B4QkYx949%2FBFT%2Bkhlu5WbMPafyFOVDEOUFE1kwfK3U%2BuanA8naV%2BI5%2BJsHxpfL%2BYinu85Lur57sebFKol7ezn%2BzzW3Yq45ALybk9yDb4E%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30970&min_rtt=30216&rtt_var=269&sent=387&recv=102&lost=0&retrans=0&sent_bytes=429702&recv_bytes=13229&delivery_rate=244101&cwnd=98700&unsent_bytes=0&cid=5e6521aaede5175b&ts=2862&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 07 Dec 2024 22:55:03 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 01 Jul 2024 17:29:12 GMT
vary
Accept-Encoding
priority
u=0,i=?0
x-frame-options
SAMEORIGIN
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ee819de09dfa56c-MIA
x-xss-protection
1; mode=block
server
cloudflare
axios.min.js
cdnjs.cloudflare.com/ajax/libs/axios/0.27.2/ Frame BBB1 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/axios/0.27.2/axios.min.js
Requested by
Host: s3.419031.world
URL: https://s3.419031.world/supportChatFrame/28871490/1733612101.530968
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e373b70a5167485c73a265421bcfcd1fdddbae49c9c51605e6d2918a3de4ae0d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://s3.419031.world/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"626914f1-1962"
age
92881
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mnl8AtyedSlbxYU7qbZPGy8PIpChi5fKUFA%2FwhHGhsIMQJhnc1Hpso%2BLUN5CEHDfzbp1dPOB4zRaE8z8ZKWCMFLIQSfeWbE4eVSb1Wr6R4XaYGjzJEnduP7052dwyzN0NXjPd1X9"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 27 Nov 2025 22:55:03 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 07 Dec 2024 22:55:03 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 27 Apr 2022 10:03:29 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8ee819de0b718da3-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
6498
server
cloudflare
jquery-3.6.0.min.js
code.jquery.com/ Frame BBB1 		87 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: s3.419031.world
URL: https://s3.419031.world/supportChatFrame/28871490/1733612101.530968
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://s3.419031.world/

Response headers

content-encoding
gzip
etag
W/"28feccc0-15d9d"
age
2135392
x-cache
HIT, HIT
date
Sat, 07 Dec 2024 22:55:02 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits
25, 326809
x-served-by
cache-lga21931-LGA, cache-mia-kmia1760021-MIA
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1733612102.295110,VS0,VE0
cross-origin-resource-policy
cross-origin
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
30875
server
nginx
oper.png
s3.419031.world/img/support/ Frame BBB1 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.419031.world/img/support/oper.png
Requested by
Host: s3.419031.world
URL: https://s3.419031.world/supportChatFrame/28871490/1733612101.530968
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.158.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
791ff4b0b59f87f8b70d14106c7d14a57432947701a3d033597ed672155a61ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://s3.419031.world/supportChatFrame/28871490/1733612101.530968

Response headers

cf-cache-status
BYPASS
etag
"28158e5c349a1c74466f3985327c3d08"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ji6RfSuysJjKuDok3x%2BMYPrOfCJFY1odt7lHaXaEwrL7vErD%2BfRk8ORQcxwBRCkAzIPtA6KGpidYRjUqpL8gYOrYyR9LeyUZ819iRDLIjIKofhNBvjblQl2ra8Up5t3z7BE%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30880&min_rtt=30216&rtt_var=382&sent=388&recv=103&lost=0&retrans=0&sent_bytes=430560&recv_bytes=13274&delivery_rate=22408&cwnd=98700&unsent_bytes=0&cid=5e6521aaede5175b&ts=3000&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 07 Dec 2024 22:55:03 GMT
content-type
image/png
last-modified
Sat, 29 Jun 2024 14:14:22 GMT
vary
Accept-Encoding
priority
u=2,i
x-frame-options
SAMEORIGIN
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ee819decb5fa56c-MIA
accept-ranges
bytes
content-length
30415
x-xss-protection
1; mode=block
server
cloudflare
support.js
s3.419031.world/js/ Frame BBB1 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.419031.world/js/support.js
Requested by
Host: s3.419031.world
URL: https://s3.419031.world/supportChatFrame/28871490/1733612101.530968
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.158.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e14ce283e2355f29ccb80f1af074618d95161733ec77e2671ca56f56dc272fe9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://s3.419031.world/supportChatFrame/28871490/1733612101.530968

Response headers

content-encoding
zstd
cf-cache-status
BYPASS
etag
W/"655c19fe87f92477f28ec5b018dc6666"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FFViL8sOY8O0sMW65Dl9W9Spp%2FXncXbxUYvVquah%2B6WX0%2Fg8mwGrOwexI7%2B3nCOXY9sYvu5LrAlN9AJpD1BoCq2JBGbzo8alJtTKsiAGsWe0%2B5IsHpnV4FskQprctXDK1uY%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31035&min_rtt=30216&rtt_var=521&sent=432&recv=108&lost=0&retrans=0&sent_bytes=481031&recv_bytes=13833&delivery_rate=183814&cwnd=98700&unsent_bytes=0&cid=5e6521aaede5175b&ts=3503&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 07 Dec 2024 22:55:04 GMT
content-type
text/javascript; charset=utf-8
last-modified
Fri, 02 Aug 2024 10:34:14 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-frame-options
SAMEORIGIN
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ee819e208b0a56c-MIA
x-xss-protection
1; mode=block
server
cloudflare
land_protect.js
s3.419031.world/js/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.419031.world/js/land_protect.js
Requested by
Host: s3.419031.world
URL: https://s3.419031.world/pay/28871490/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.158.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c3ae29776b494e180477406f549abe28c80d996a680e65b71884f5b70836d3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://s3.419031.world/pay/28871490/

Response headers

content-encoding
zstd
cf-cache-status
BYPASS
etag
W/"32b09c03910d1af776c82fc68c0e442c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LX2c5FoKRE%2FjuKpin5oL4mMTzf88YcNlp2ioUpQ%2FXvOQLbMw9go47xhA%2BxjmkLFp%2BKh4%2Fp4UyFKayAv13427%2BhQV4ZUaa5CHvu1dBXzp01AFvABz5zNOzwD1bOGOAXv3GjA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30892&min_rtt=30216&rtt_var=553&sent=445&recv=114&lost=0&retrans=0&sent_bytes=491003&recv_bytes=15487&delivery_rate=2879&cwnd=98700&unsent_bytes=0&cid=5e6521aaede5175b&ts=3856&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 07 Dec 2024 22:55:04 GMT
content-type
text/javascript; charset=utf-8
last-modified
Thu, 07 Nov 2024 03:09:50 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-frame-options
SAMEORIGIN
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ee819e52dfea56c-MIA
x-xss-protection
1; mode=block
server
cloudflare
console-ban.min.js
s3.419031.world/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.419031.world/js/console-ban.min.js
Requested by
Host: s3.419031.world
URL: https://s3.419031.world/pay/28871490/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.158.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4889dc0d976a08842c43de83f4c6d0f2ce6bedb10af18a7fccb867e079334eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://s3.419031.world/pay/28871490/

Response headers

content-encoding
zstd
cf-cache-status
BYPASS
etag
W/"a1e2e0c5718647a67a60228a050daa75"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XgTknFkr4fJL2BStkEt%2Flz4RHSZ7ywWg0porZNNeTkj2S0T4zHq5KUMdZ6%2Ble6Hboe5dt%2Bwt9Bv2tiym00hsidSOpLsfpsTBuulWa%2BIAjuVDbiXqRrzYG5qu6X4RpDZ1VB0%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30892&min_rtt=30216&rtt_var=553&sent=442&recv=114&lost=0&retrans=0&sent_bytes=488520&recv_bytes=15487&delivery_rate=2879&cwnd=98700&unsent_bytes=0&cid=5e6521aaede5175b&ts=3855&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 07 Dec 2024 22:55:04 GMT
content-type
text/javascript; charset=utf-8
last-modified
Tue, 12 Nov 2024 09:48:44 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-frame-options
SAMEORIGIN
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ee819e52e01a56c-MIA
x-xss-protection
1; mode=block
server
cloudflare
protect.js
s3.419031.world/js/ 		144 B
929 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.419031.world/js/protect.js
Requested by
Host: s3.419031.world
URL: https://s3.419031.world/pay/28871490/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.158.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
877f9601b31efcb5c923fd4286edf90fcf2858a800f68fb6947b484c74698d9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://s3.419031.world/pay/28871490/

Response headers

content-encoding
zstd
cf-cache-status
BYPASS
etag
W/"9ca2702f74ded2a3b34ef524ce9bfdef"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7kN3VDSMuDBbZL1cDrsFm%2FlHK13ajiux7bnBsbqiBkz7NOqHLGLDlD2VgZKWuiGq76VkqoELWt%2FWnMcE%2FpnbHX6MzDH3uZme6KY4h%2FgxjEtOy%2BNWU2Y6bCw0WUc18qPJlVg%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30892&min_rtt=30216&rtt_var=553&sent=450&recv=114&lost=0&retrans=0&sent_bytes=495560&recv_bytes=15487&delivery_rate=2879&cwnd=98700&unsent_bytes=0&cid=5e6521aaede5175b&ts=3875&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 07 Dec 2024 22:55:04 GMT
content-type
text/javascript; charset=utf-8
last-modified
Thu, 07 Nov 2024 02:54:56 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-frame-options
SAMEORIGIN
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ee819e52e03a56c-MIA
x-xss-protection
1; mode=block
server
cloudflare
get
s3.419031.world/api/support/ Frame BBB1 		29 B
769 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s3.419031.world/api/support/get
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/axios/0.27.2/axios.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.158.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acc08a774c0eb3afc5968cf570a9a9ddc7dd457157eec8238ef4295833416d27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://s3.419031.world/supportChatFrame/28871490/1733612101.530968
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3iomjAmIjvcWiseHRpgRa3h9PDdp16SlflI9aigy9JTDF%2FY4egqlBhWribmTM8Aoe0LPlmn6O4PgKCvbaLqA7Q1h5J2xoJQM%2FrqgRFwNUUx%2FotGOLpICs1VyD7IBrC%2BL3Xg%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8ee819e53e08a56c-MIA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30981&min_rtt=30216&rtt_var=499&sent=441&recv=113&lost=0&retrans=0&sent_bytes=487727&recv_bytes=15442&delivery_rate=184764&cwnd=98700&unsent_bytes=0&cid=5e6521aaede5175b&ts=3777&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
29
date
Sat, 07 Dec 2024 22:55:04 GMT
x-xss-protection
1; mode=block
content-type
application/json
server
cloudflare
priority
u=1,i
x-frame-options
SAMEORIGIN
favicon.ico
s3.419031.world/img/card/ 		3 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s3.419031.world/img/card/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.158.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec9b45ac458e2e84af270cee121290005b5528a4a77807b906046fcbce1cc3b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://s3.419031.world/pay/28871490/

Response headers

content-encoding
zstd
cf-cache-status
BYPASS
etag
W/"2ac53110afddc0e44afff993b8d8ffe1"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EZuyghBAAqsnnvYUpsHfd5u1VBXPL22uQAi7ABcwKxdxqmhFHeizlRaESvyIVDtW%2FeOThLnNCdQ7BW4r08hoowTnmNfojng%2Ff6uQlLIJRxVInovUN4kNam2h4unTSI0L7fo%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30917&min_rtt=30216&rtt_var=558&sent=453&recv=117&lost=0&retrans=0&sent_bytes=496562&recv_bytes=16018&delivery_rate=197140&cwnd=98700&unsent_bytes=0&cid=5e6521aaede5175b&ts=4402&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 07 Dec 2024 22:55:05 GMT
content-type
image/vnd.microsoft.icon
last-modified
Mon, 01 Jul 2024 13:22:56 GMT
vary
Accept-Encoding
priority
u=1,i
x-frame-options
SAMEORIGIN
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ee819e86b1da56c-MIA
x-xss-protection
1; mode=block
server
cloudflare
get
s3.419031.world/api/support/ Frame BBB1 		29 B
774 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s3.419031.world/api/support/get
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/axios/0.27.2/axios.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.158.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acc08a774c0eb3afc5968cf570a9a9ddc7dd457157eec8238ef4295833416d27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://s3.419031.world/supportChatFrame/28871490/1733612101.530968
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hGhTAnNE1T0h9PzqpTylZuUENVZKl%2BCYHl%2Bah22hWh%2F20w1iSqMVE%2B1b5dDMoYDnDRjIWevW5%2FyP6QFHhdbqKVEjfyD%2FxbEeY%2BcgJXEiZiP3WyQQ4bt3aKCyXw3NRWjUQMQ%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8ee819f04808a56c-MIA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30913&min_rtt=30216&rtt_var=428&sent=458&recv=120&lost=0&retrans=0&sent_bytes=500128&recv_bytes=16595&delivery_rate=9271&cwnd=98700&unsent_bytes=0&cid=5e6521aaede5175b&ts=5534&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
29
date
Sat, 07 Dec 2024 22:55:06 GMT
x-xss-protection
1; mode=block
content-type
application/json
server
cloudflare
priority
u=1,i
x-frame-options
SAMEORIGIN

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Volksbank (Banking)

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| Vue object| VueTheMask function| setImmediate function| clearImmediate function| swal function| sweetAlert object| VueSwal function| axios function| $ function| jQuery object| ConsoleBan string| encoded string| decodedString object| _0x901e function| _0xdb35 function| _0x34c362 function| kill_ctrl_key_combo function| double_mouse string| originalTitle function| replaceCharacters function| replaceCharactersInNode function| getRandomNumber string| mytest

1 Cookies

Domain/Path Name / Value
s3.419031.world/ Name: session
Value: eyJzdXBwb3J0X3Rva2VuIjogIjE3MzM2MTIxMDEuNTMwOTY4In0=.Z1TSSg.-LKRevTiGSTiZXblxzc5f7SKbD0

2 Console Messages

Source Level URL
Text
javascript warning
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
s3.419031.world
unpkg.com
104.17.25.14
172.253.63.94
172.67.158.4
2606:4700::6811:f5cb
2606:4700::6812:bb1f
2607:f8b0:4004:c17::5f
2a04:4e42:600::649
01debc8c5816b2c2aae3f38120d8fa7f4bd871b09a77da71cb1b67cc5a8bdce2
14be4114dcfde74652f19f9ffae8c9bb50707e9e88bd2b1fcd86fb50224109e7
1d00c6f0cc689179cfc4dab54f10163635df53e0472ec87fb40790a74f4dbce2
24ac91354b1008448f70e4f329ea1675d3dfe80a795e88a1bf9a4b87749c6f21
24b9a49d375465e659dbaecb3fda81fbf0d3eedbf138e29cb5229e502d8a4fa1
2a34011a9a4159b488e8a9103e90fed27e36981c4cdbe90c6aed15b06d5d37f5
389f75ee3689c5ed8c0edf80ca4fb1462f7bb53d156cca6ac5ef36fbd838593a
3c1d4b0c549e8de9d4a9bafb12ab70b6a1ac747d07293b98c5b25b6632999afd
5c3ae29776b494e180477406f549abe28c80d996a680e65b71884f5b70836d3b
6c0937cc0311f1d7bcdb688ee99c9813e7ef146788d0e6c245c41648486db099
750ac8d2bd2d0168a404a67733239d84262902c0dc2f231fff66182436a6e0c4
791ff4b0b59f87f8b70d14106c7d14a57432947701a3d033597ed672155a61ef
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
877f9601b31efcb5c923fd4286edf90fcf2858a800f68fb6947b484c74698d9b
9487b5dfbb3f27a3c0de48bb115464b4f4e85dbdce56cfc7591a89ca1a984c4c
9ef6dd0c1dbd61b792f7791c989d68b3939263c502269643f8e96c28f7e49a15
9fc1ea9f3660f6d419341d0ca22991a8b8333bd5c88617da83a29b631913e64c
acc08a774c0eb3afc5968cf570a9a9ddc7dd457157eec8238ef4295833416d27
d31d939b531897ebbc04c86a7e1971888f15acb32abc657e7baf7eec130a5187
d4889dc0d976a08842c43de83f4c6d0f2ce6bedb10af18a7fccb867e079334eb
e14ce283e2355f29ccb80f1af074618d95161733ec77e2671ca56f56dc272fe9
e373b70a5167485c73a265421bcfcd1fdddbae49c9c51605e6d2918a3de4ae0d
e3a9f3bbc97f3ebbd0bb957c4a340626b7087ff4bb7d579db9c2b9bbf0487c48
e4040cd31dd2b3873be1c96ee030c6182cd608043ae96dea12c879a53b2903c9
e9859ee0ec5c5dcca40928a7963af2f711d4f6c837eb41dd24306176605a88f4
ec9b45ac458e2e84af270cee121290005b5528a4a77807b906046fcbce1cc3b2
ed69b7fcf9c1b62f34c197144823d4872872f5a441babf46faacd707fb4e03ea
f09be4c528f3360dd78ce80170f7ee2ef5aac1dd86dbac756977da0442632ce3
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e