urlscan.io logo urlscan.io
SecurityTrails logo

vlnted-gb.ggegl.info Open in urlscan Pro
2606:4700:3033::6815:54b7  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://tinu.be/-sDbXyxiv
Effective URL: https://vlnted-gb.ggegl.info/getpayment/187204239
Submission: On November 20 via api from IE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 8 domains to perform 30 HTTP transactions. The main IP is 2606:4700:3033::6815:54b7, located in United States and belongs to CLOUDFLARENET, US. The main domain is vlnted-gb.ggegl.info.
TLS certificate: Issued by GTS CA 1P5 on November 19th 2023. Valid for: 3 months.
This is the only time vlnted-gb.ggegl.info was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

IP Address AS Autonomous System
1 1 76.76.21.21 16509 (AMAZON-02)
1 8 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a02:ec80:300... 14907 (WIKIMEDIA)
8 52.202.168.65 14618 (AMAZON-AES)
6 2600:9000:214... 16509 (AMAZON-02)
30 8
1    76.76.21.21 (Walnut, United States)

ASN16509 (AMAZON-02, US)
tinu.be
8    2606:4700:3033::6815:54b7 (United States)

ASN13335 (CLOUDFLARENET, US)
vlnted-gb.ggegl.info
2    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    2a02:ec80:300:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)
upload.wikimedia.org
8    52.202.168.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-168-65.compute-1.amazonaws.com
app.chatwoot.com
6    2600:9000:214f:5200:7:dce7:b680:21 (United States)

ASN16509 (AMAZON-02, US)
d3tq67kexc2w2i.cloudfront.net
Apex Domain
Subdomains		 Transfer
8 chatwoot.com
app.chatwoot.com — Cisco Umbrella Rank: 194181
46 KB
8 ggegl.info
vlnted-gb.ggegl.info
316 KB
6 cloudfront.net
d3tq67kexc2w2i.cloudfront.net
250 KB
4 wikimedia.org
upload.wikimedia.org — Cisco Umbrella Rank: 2859
39 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223
10 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1137
40 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 364
31 KB
1 tinu.be
tinu.be
219 B
30 8
Domain Requested by
8 app.chatwoot.com vlnted-gb.ggegl.info
app.chatwoot.com
d3tq67kexc2w2i.cloudfront.net
8 vlnted-gb.ggegl.info 1 redirects vlnted-gb.ggegl.info
6 d3tq67kexc2w2i.cloudfront.net vlnted-gb.ggegl.info
d3tq67kexc2w2i.cloudfront.net
4 upload.wikimedia.org vlnted-gb.ggegl.info
2 cdnjs.cloudflare.com vlnted-gb.ggegl.info
2 maxcdn.bootstrapcdn.com vlnted-gb.ggegl.info
1 ajax.googleapis.com vlnted-gb.ggegl.info
1 tinu.be 1 redirects
30 8

This site contains links to these domains. Also see Links.

Domain
www.vinted.es
Subject Issuer Validity Valid
ggegl.info
GTS CA 1P5		 2023-11-19 -
2024-02-17		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.wikipedia.org
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-10-18 -
2024-10-16		 a year crt.sh
app.chatwoot.com
R3		 2023-11-12 -
2024-02-10		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh

This page contains 3 frames:

Primary Page: https://vlnted-gb.ggegl.info/getpayment/187204239
Frame ID: B039B09B027BF18619A85937F9C0DF3C
Requests: 18 HTTP requests in this frame

Frame: https://vlnted-gb.ggegl.info/supportChatFrame/%item%
Frame ID: 2E71A85A93CB87BBCD0B5D661C81A13D
Requests: 1 HTTP requests in this frame

Frame: https://app.chatwoot.com/widget?website_token=43s7YryV7GYXYpxPsvJTzYbw
Frame ID: 55A060405D227E70D32518F497923842
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sleeveless fitted dress

Page URL History Show full URLs

  1. https://tinu.be/-sDbXyxiv HTTP 307
    https://vlnted-gb.ggegl.info/getpayment/187204239 Page URL
  2. https://vlnted-gb.ggegl.info/cdn-cgi/phish-bypass?atok=bYI6CTwGLklExP30.UFK2tU62g9KaaqL9MKJAtgYyXE-170050... HTTP 301
    https://vlnted-gb.ggegl.info/getpayment/187204239 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

30
Requests

100 %
HTTPS

75 %
IPv6

8
Domains

8
Subdomains

8
IPs

2
Countries

731 kB
Transfer

2244 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://tinu.be/-sDbXyxiv HTTP 307
    https://vlnted-gb.ggegl.info/getpayment/187204239 Page URL
  2. https://vlnted-gb.ggegl.info/cdn-cgi/phish-bypass?atok=bYI6CTwGLklExP30.UFK2tU62g9KaaqL9MKJAtgYyXE-1700501113-0-%2Fgetpayment%2F187204239 HTTP 301
    https://vlnted-gb.ggegl.info/getpayment/187204239 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://tinu.be/-sDbXyxiv HTTP 307
  • https://vlnted-gb.ggegl.info/getpayment/187204239

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
187204239
vlnted-gb.ggegl.info/getpayment/
Redirect Chain
  • https://tinu.be/-sDbXyxiv
  • https://vlnted-gb.ggegl.info/getpayment/187204239
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vlnted-gb.ggegl.info/getpayment/187204239
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:54b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6d0bf1b1e841632d161a599144fc00e3bb3c13ca0d870e15dda987c953e63ea
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-ray
8292641569590bae-AMS
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 20 Nov 2023 17:25:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=id3IdYYN%2FWl6%2FGYwJe9Hk2G95QeFZ4YXfnP2QbsBiYwN%2BW6c3w9sA2BQgJwg5QeJcKr4DVmMjcEB7l7tE%2FnThCU8pttaw1e1ROcY9bSXUIU1gWpHxirQojUpL2B5%2B3kGUfT5TyNyST5YvrzZK0jR40a6Jg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

age
0
cache-control
public, max-age=0, must-revalidate
content-length
49
date
Mon, 20 Nov 2023 17:25:13 GMT
location
https://vlnted-gb.ggegl.info/getpayment/187204239
server
Vercel
strict-transport-security
max-age=63072000
x-matched-path
/en/[shortCode]
x-vercel-cache
MISS
x-vercel-id
fra1::iad1::56j2q-1700501112845-71224df15700
cf.errors.css
vlnted-gb.ggegl.info/cdn-cgi/styles/ 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vlnted-gb.ggegl.info/cdn-cgi/styles/cf.errors.css
Requested by
Host: vlnted-gb.ggegl.info
URL: https://vlnted-gb.ggegl.info/getpayment/187204239
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:54b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vlnted-gb.ggegl.info/getpayment/187204239
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:25:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 16 Nov 2023 21:55:48 GMT
server
cloudflare
etag
W/"65568fe4-5e44"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=7200, public
cf-ray
82926415a9a10bae-AMS
expires
Mon, 20 Nov 2023 19:25:13 GMT
icon-exclamation.png
vlnted-gb.ggegl.info/cdn-cgi/images/ 		452 B
541 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vlnted-gb.ggegl.info/cdn-cgi/images/icon-exclamation.png?1376755637
Requested by
Host: vlnted-gb.ggegl.info
URL: https://vlnted-gb.ggegl.info/cdn-cgi/styles/cf.errors.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:54b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vlnted-gb.ggegl.info/cdn-cgi/styles/cf.errors.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:25:13 GMT
x-content-type-options
nosniff
last-modified
Thu, 16 Nov 2023 21:55:48 GMT
server
cloudflare
etag
"65568fe4-1c4"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
82926415c9d20bae-AMS
content-length
452
expires
Mon, 20 Nov 2023 19:25:13 GMT
Primary Request 187204239
vlnted-gb.ggegl.info/getpayment/
Redirect Chain
  • https://vlnted-gb.ggegl.info/cdn-cgi/phish-bypass?atok=bYI6CTwGLklExP30.UFK2tU62g9KaaqL9MKJAtgYyXE-1700501113-0-%2Fgetpayment%2F187204239
  • https://vlnted-gb.ggegl.info/getpayment/187204239
473 KB
307 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vlnted-gb.ggegl.info/getpayment/187204239
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:54b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a539fa04223136c73711eefc55a958a0ad1d5a4dcdc1bc5897f64ec69d419abd

Request headers

Referer
https://vlnted-gb.ggegl.info/getpayment/187204239
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8292642d7fac0bae-AMS
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 20 Nov 2023 17:25:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6eUCUyhN70igRUq9iKAPi%2B%2BgUxfUD%2Fbd0gi3k3SqFMtKwOuD6XBQqUpwjbp8k4ziPKMyuhG7ZYiIw%2F8dZl5AW9s9II20upYKO62SLtPt0n%2FQQBxMQcUDlFuUTCyO9zKNmC2aMVk9u6JjCPzRTgGsmidkrA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express

Redirect headers

cache-control
private, no-cache
cf-ray
8292642d5f6b0bae-AMS
content-length
167
content-type
text/html
date
Mon, 20 Nov 2023 17:25:17 GMT
location
https://vlnted-gb.ggegl.info/getpayment/187204239
server
cloudflare
x-content-type-options
nosniff
x-frame-options
DENY
support_parent.css
vlnted-gb.ggegl.info/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vlnted-gb.ggegl.info/css/support_parent.css
Requested by
Host: vlnted-gb.ggegl.info
URL: https://vlnted-gb.ggegl.info/getpayment/187204239
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:54b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
9afd537e6723bb869397626212305906f739306bc96bfff09e9e6f45c206f715

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vlnted-gb.ggegl.info/getpayment/187204239
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:25:17 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Sun, 05 Mar 2023 22:42:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"e06-186b3f09d40"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nGj0awlHmtVJG8IHB%2Fr%2BJECX%2Fy%2FvMbs5tqp4ohKwsBKQm%2FNMOw7Xjr9d5Yjyy%2FLZPGmNbF26T2%2Fc1b2s9rtWdMvXez4DmkruYI6kErFHyukDkZN%2F%2BWNmFm7XxrngyhWTU47zsJGNCZO5ZLFRCDeLVtZZAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=14400
cf-ray
8292642de88b0bae-AMS
alt-svc
h3=":443"; ma=86400
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/ 		157 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css
Requested by
Host: vlnted-gb.ggegl.info
URL: https://vlnted-gb.ggegl.info/getpayment/187204239
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vlnted-gb.ggegl.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:25:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
601
age
827411
cdn-cachedat
08/03/2021 15:44:07
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:11 GMT
cdn-proxyver
1.0
cdn-requestpullcode
200
server
cloudflare
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
0c835de6853c3382b93a518481c93460
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
8292642e1b643618-FRA
cdn-requestpullsuccess
True
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: vlnted-gb.ggegl.info
URL: https://vlnted-gb.ggegl.info/getpayment/187204239
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vlnted-gb.ggegl.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 16:16:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4104
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Nov 2024 16:16:53 GMT
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js
Requested by
Host: vlnted-gb.ggegl.info
URL: https://vlnted-gb.ggegl.info/getpayment/187204239
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vlnted-gb.ggegl.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:25:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
906935
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6696
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-5309"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hyLCKCEc2YdEzIyjY6XrYU8Kq5d5CC0A0XNy6ccXtKKe9iQAYycOxUuuOh9jy5Lg7C2ShvrnvN8X5EwMJ3%2F9nDap7SmNzRbpUdqkezsRFtmdyAoR%2BSXQUoOvekZei3MwcCuv2%2FhoGxVCWlIRXw2UYVYr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8292642e1bfa37c6-FRA
expires
Sat, 09 Nov 2024 17:25:17 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/ 		59 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js
Requested by
Host: vlnted-gb.ggegl.info
URL: https://vlnted-gb.ggegl.info/getpayment/187204239
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vlnted-gb.ggegl.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:25:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
1048
age
653369
cdn-cachedat
09/17/2023 22:21:35
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:11 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"02d223393e00c273efdcb1ade8f4f8b1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
7f9c470a6349644c490ab0e58dbcefa0
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
8292642e1b673618-FRA
cdn-requestpullsuccess
True
jquery.maskedinput.js
cdnjs.cloudflare.com/ajax/libs/jquery.maskedinput/1.4.1/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery.maskedinput/1.4.1/jquery.maskedinput.js
Requested by
Host: vlnted-gb.ggegl.info
URL: https://vlnted-gb.ggegl.info/getpayment/187204239
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ef14a1e070a6a2ec9ff44ccf5e923cb2a460c5861a3db8a9ae1e21557d27020
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vlnted-gb.ggegl.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 17:25:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1028610
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2306
last-modified
Mon, 04 May 2020 16:11:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec3-284d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z3VSUHsl9o5TJ9fLJSPbILe2KXIargUZxzH0r%2FbYKWQDl2wM8Hzr7K3wkLDZBtTcQW5fjSi9Mjt1JgaOaPDNSTt%2Fyq2kAkrfdQzOslH0%2B3k9vj3OyO8RqFQeuPHGEahE9kGCTc7OE5PoGK%2BVzlgW0%2Br2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8292642e1bf937c6-FRA
expires
Sat, 09 Nov 2024 17:25:17 GMT
800px-Vinted_logo.png
upload.wikimedia.org/wikipedia/commons/thumb/2/29/Vinted_logo.png/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/2/29/Vinted_logo.png/800px-Vinted_logo.png
Requested by
Host: vlnted-gb.ggegl.info
URL: https://vlnted-gb.ggegl.info/getpayment/187204239
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:ec80:300:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/9.1.4 /
Resource Hash
81c4665c2b54d51cde4ec8a972f8676a0c8d14b61eac28d375f5098af137705e
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vlnted-gb.ggegl.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 07:42:48 GMT
strict-transport-security
max-age=106384710; includeSubDomains; preload
x-content-type-options
nosniff
nel
{ "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
age
34948
x-cache-status
hit-front
x-cache
cp3074 miss, cp3074 hit/74
content-disposition
inline;filename*=UTF-8''Vinted_logo.png
server-timing
cache;desc="hit-front", host;desc="cp3074"
content-length
30635
x-client-ip
2a01:4a0:2b::8
last-modified
Wed, 26 Oct 2022 11:25:57 GMT
server
ATS/9.1.4
etag
2dab9731e03f511523a396a4f40e8802
report-to
{ "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
accept-ranges
bytes
timing-allow-origin
*
%item%
vlnted-gb.ggegl.info/supportChatFrame/ Frame 2E71 		155 B
186 B 		Document
General
Check archive.org
Download Go to
Full URL
https://vlnted-gb.ggegl.info/supportChatFrame/%item%
Requested by
Host: vlnted-gb.ggegl.info
URL: https://vlnted-gb.ggegl.info/getpayment/187204239
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:54b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efca0895b4d88b27a94249f8e7ac0083eff0a4ff3ac37c2841b3f6d7e11c1905

Request headers

Referer
https://vlnted-gb.ggegl.info/getpayment/187204239
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-ray
-
content-length
155
content-type
text/html
date
Mon, 20 Nov 2023 17:25:17 GMT
server
cloudflare
truncated
/ 		285 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3fc6a8cf4dd825d99f0f2af74015876db24b3b314ba9e9505f0b21c3aa09a2dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2ba8595bebedd956f33da747b65a27151f94af448b748d09012b51ff7c3670ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
Maestro_2016.svg
upload.wikimedia.org/wikipedia/commons/8/80/ 		4 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/8/80/Maestro_2016.svg
Requested by
Host: vlnted-gb.ggegl.info
URL: https://vlnted-gb.ggegl.info/getpayment/187204239
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:ec80:300:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/9.1.4 /
Resource Hash
8e46e2bdfbe8d342eb69a5e311d6825ff14383f35b7b9621d5f0e63eefaf3dc5
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vlnted-gb.ggegl.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:25:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=106384710; includeSubDomains; preload
nel
{ "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
age
21579
x-cache-status
hit-front
x-cache
cp3074 miss, cp3074 hit/19
server-timing
cache;desc="hit-front", host;desc="cp3074"
content-length
1870
x-client-ip
2a01:4a0:2b::8
x-object-meta-sha1base36
iil68gbuldla4ytu2xcga1lzg599kr6
last-modified
Tue, 17 Aug 2021 14:37:21 GMT
server
ATS/9.1.4
etag
W/283a9f7a39006ec4719ad888d8ceee3a
vary
Accept-Encoding
report-to
{ "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
accept-ranges
bytes
timing-allow-origin
*
Visa_2021.svg
upload.wikimedia.org/wikipedia/commons/d/d6/ 		4 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/d/d6/Visa_2021.svg
Requested by
Host: vlnted-gb.ggegl.info
URL: https://vlnted-gb.ggegl.info/getpayment/187204239
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:ec80:300:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/9.1.4 /
Resource Hash
b989270f80fd2cb478049a7683b4b64a1be54cdd82181d1698524f6c210cd37f
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vlnted-gb.ggegl.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 08:18:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=106384710; includeSubDomains; preload
nel
{ "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
age
32804
x-cache-status
hit-front
x-cache
cp3074 hit, cp3074 hit/33
server-timing
cache;desc="hit-front", host;desc="cp3074"
content-length
1700
x-client-ip
2a01:4a0:2b::8
x-object-meta-sha1base36
royl9hyp3sfvf222yp268pme4rwx5kw
last-modified
Wed, 13 Apr 2022 20:21:15 GMT
server
ATS/9.1.4
etag
W/47b8cbc184f7cc50310feae1e19b5108
vary
Accept-Encoding
report-to
{ "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
accept-ranges
bytes
timing-allow-origin
*
Mastercard-logo.svg
upload.wikimedia.org/wikipedia/commons/2/2a/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/2/2a/Mastercard-logo.svg
Requested by
Host: vlnted-gb.ggegl.info
URL: https://vlnted-gb.ggegl.info/getpayment/187204239
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:ec80:300:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/9.1.4 /
Resource Hash
79534478273e209365b14a47e39375e95329d1f7fc41b50c2eadd8cb09a32c9e
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vlnted-gb.ggegl.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 06:32:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=106384710; includeSubDomains; preload
nel
{ "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
age
39187
x-cache-status
hit-front
x-cache
cp3074 hit, cp3074 hit/118
server-timing
cache;desc="hit-front", host;desc="cp3074"
content-length
1643
x-client-ip
2a01:4a0:2b::8
x-object-meta-sha1base36
dmf7kamp6hfl7o7fmrlt1q5b7k29l89
last-modified
Tue, 17 Aug 2021 14:43:58 GMT
server
ATS/9.1.4
etag
W/55c42d54937583ac3f242da371c2e16d
vary
Accept-Encoding
report-to
{ "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
accept-ranges
bytes
timing-allow-origin
*
sdk.js
app.chatwoot.com/packs/js/ 		100 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.chatwoot.com/packs/js/sdk.js
Requested by
Host: vlnted-gb.ggegl.info
URL: https://vlnted-gb.ggegl.info/getpayment/187204239
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.202.168.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-168-65.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
ee5ac1215fff5738786629cc8786515e06cec9e42cbb94d7b1b3d46d795c04b7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vlnted-gb.ggegl.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 17:25:16 GMT
Content-Encoding
br
Via
1.1 vegur
Strict-Transport-Security
max-age=63072000; includeSubDomains
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server
Cowboy
Last-Modified
Fri, 17 Nov 2023 23:38:46 GMT
Vary
Accept-Encoding, Origin
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1700501117&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=2tlEpwWHKEAMzFyMMBImkwhXIAJx2WHxSmzlraGpz1g%3D"}]}
Content-Type
application/javascript
Cache-Control
public, max-age=31556952
Connection
keep-alive
Content-Length
30635
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1700501117&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=2tlEpwWHKEAMzFyMMBImkwhXIAJx2WHxSmzlraGpz1g%3D
widget
app.chatwoot.com/ Frame 55A0 		6 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.chatwoot.com/widget?website_token=43s7YryV7GYXYpxPsvJTzYbw
Requested by
Host: app.chatwoot.com
URL: https://app.chatwoot.com/packs/js/sdk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.202.168.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-168-65.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
bfbec5ec8f5b0ceb4379e9f7523ace27c49ab6aa986cb6b3bbf5d79048c6bb61
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vlnted-gb.ggegl.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Length
6041
Content-Type
text/html; charset=utf-8
Date
Mon, 20 Nov 2023 17:25:16 GMT
Etag
W/"bfbec5ec8f5b0ceb4379e9f7523ace27"
Link
<https://d3tq67kexc2w2i.cloudfront.net/packs/js/widget-d0c5c92526547c28eb16.js>; rel=preload; as=script; nopush,<https://d3tq67kexc2w2i.cloudfront.net/packs/css/widget-3b5111fe.css>; rel=preload; as=style; nopush
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Referrer-Policy
strict-origin-when-cross-origin
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1700501117&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=2tlEpwWHKEAMzFyMMBImkwhXIAJx2WHxSmzlraGpz1g%3D"}]}
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1700501117&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=2tlEpwWHKEAMzFyMMBImkwhXIAJx2WHxSmzlraGpz1g%3D
Server
Cowboy
Strict-Transport-Security
max-age=63072000; includeSubDomains
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Permitted-Cross-Domain-Policies
none
X-Request-Id
6344916b-9e91-46d1-b34b-ab57ea8c79a7
X-Runtime
0.072684
X-Xss-Protection
0
widget-d0c5c92526547c28eb16.js
d3tq67kexc2w2i.cloudfront.net/packs/js/ Frame 55A0 		804 KB
218 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3tq67kexc2w2i.cloudfront.net/packs/js/widget-d0c5c92526547c28eb16.js
Requested by
Host: vlnted-gb.ggegl.info
URL: https://vlnted-gb.ggegl.info/getpayment/187204239
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:5200:7:dce7:b680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
a58ddc17cdad382c6b1f8fbb46c4f43a6714c831b39fedb596adb5fb102c5944
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.chatwoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:41:48 GMT
content-encoding
gzip
via
1.1 vegur, 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-cf-pop
FRA53-C1
age
236609
x-cache
Hit from cloudfront
content-length
222210
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1700264507&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=pxVhr7SOZRmiSItZ3b5oQKuGxc8umtKNQmwgpc%2Bj7k4%3D
last-modified
Fri, 17 Nov 2023 23:38:46 GMT
server
Cowboy
vary
Accept-Encoding,Origin
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1700264507&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=pxVhr7SOZRmiSItZ3b5oQKuGxc8umtKNQmwgpc%2Bj7k4%3D"}]}
content-type
application/javascript
cache-control
public, max-age=31556952
x-amz-cf-id
QpzHObdkKrq7NHvUU5LAhSogmng6z0DNFBGcjOsZntw4UQMUy6Mxog==
widget-3b5111fe.css
d3tq67kexc2w2i.cloudfront.net/packs/css/ Frame 55A0 		126 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3tq67kexc2w2i.cloudfront.net/packs/css/widget-3b5111fe.css
Requested by
Host: vlnted-gb.ggegl.info
URL: https://vlnted-gb.ggegl.info/getpayment/187204239
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:5200:7:dce7:b680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
69699076e2d3bad121ca90f7bae4e6a9b5d0a309ebd5707dcf7bd3afcc8f457d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.chatwoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:41:57 GMT
content-encoding
gzip
via
1.1 vegur, 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-cf-pop
FRA53-C1
age
236599
x-cache
Hit from cloudfront
content-length
20054
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1700264507&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=pxVhr7SOZRmiSItZ3b5oQKuGxc8umtKNQmwgpc%2Bj7k4%3D
last-modified
Fri, 17 Nov 2023 23:38:46 GMT
server
Cowboy
vary
Accept-Encoding,Origin
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1700264507&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=pxVhr7SOZRmiSItZ3b5oQKuGxc8umtKNQmwgpc%2Bj7k4%3D"}]}
content-type
text/css
cache-control
public, max-age=31556952
x-amz-cf-id
hI_2EO-uM5uziHZlLHegoFXZdv2S9rYhiX9VajdKhqmY4Hz6WAJkbA==
2-3cbaac99.chunk.css
d3tq67kexc2w2i.cloudfront.net/packs/css/ Frame 55A0 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3tq67kexc2w2i.cloudfront.net/packs/css/2-3cbaac99.chunk.css
Requested by
Host: d3tq67kexc2w2i.cloudfront.net
URL: https://d3tq67kexc2w2i.cloudfront.net/packs/js/widget-d0c5c92526547c28eb16.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:5200:7:dce7:b680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
1de7f14d7da20e88edfd4564fc22d926bbe7ffa248dcbe4038278b4ee99aca1e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.chatwoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:42:01 GMT
content-encoding
gzip
via
1.1 vegur, 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-cf-pop
FRA53-C1
age
236595
x-cache
Hit from cloudfront
content-length
2797
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1700264518&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=fDtKMZMNv7BodNs0%2FILc%2B%2BYWBD0MoaLx7wXho%2Bs2AJI%3D
last-modified
Fri, 17 Nov 2023 23:38:46 GMT
server
Cowboy
vary
Accept-Encoding,Origin
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1700264518&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=fDtKMZMNv7BodNs0%2FILc%2B%2BYWBD0MoaLx7wXho%2Bs2AJI%3D"}]}
content-type
text/css
cache-control
public, max-age=31556952
x-amz-cf-id
PWlETXSdh5qKMasp6JV93W9Z7IxhMZIA75gyFSb4o5HWTg-NrKUwdQ==
2-455b8ef920e79e3cb1c9.chunk.js
d3tq67kexc2w2i.cloudfront.net/packs/js/ Frame 55A0 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3tq67kexc2w2i.cloudfront.net/packs/js/2-455b8ef920e79e3cb1c9.chunk.js
Requested by
Host: d3tq67kexc2w2i.cloudfront.net
URL: https://d3tq67kexc2w2i.cloudfront.net/packs/js/widget-d0c5c92526547c28eb16.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:5200:7:dce7:b680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
68d2db7313f7aa396edd3ccb6d4f1fbe308949eaf93977402ee7cfbf80d2ef93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.chatwoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 23:19:59 GMT
content-encoding
gzip
via
1.1 vegur, 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-cf-pop
FRA53-C1
age
410717
x-cache
Hit from cloudfront
content-length
1813
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1700090399&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=4svQ4nIouQMlsR5QeFFMu5xza4QpG7VMHhjZbP3BIQg%3D
last-modified
Wed, 15 Nov 2023 23:16:45 GMT
server
Cowboy
vary
Accept-Encoding,Origin
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1700090399&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=4svQ4nIouQMlsR5QeFFMu5xza4QpG7VMHhjZbP3BIQg%3D"}]}
content-type
application/javascript
cache-control
public, max-age=31556952
x-amz-cf-id
NvWCnmVYMZCyaXZSH_tNJ4uhQn4vEXN_mwxNyU5j8B6tX99BkpNjgg==
33-e1f2e032.chunk.css
d3tq67kexc2w2i.cloudfront.net/packs/css/ Frame 55A0 		101 B
882 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3tq67kexc2w2i.cloudfront.net/packs/css/33-e1f2e032.chunk.css
Requested by
Host: d3tq67kexc2w2i.cloudfront.net
URL: https://d3tq67kexc2w2i.cloudfront.net/packs/js/widget-d0c5c92526547c28eb16.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:5200:7:dce7:b680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
0a7ca23b9044a6a868b5979194c0204f48a0e04cf5b706f4c46edb6aad5f6cc9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.chatwoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:42:11 GMT
strict-transport-security
max-age=63072000; includeSubDomains
via
1.1 vegur, 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-cf-pop
FRA53-C1
age
236585
x-cache
Hit from cloudfront
content-length
101
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1700264525&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=rw3crQgbAIFB130Bda8C9IGLoKA7S%2B7oiOFRbVADIes%3D
last-modified
Fri, 17 Nov 2023 23:38:46 GMT
server
Cowboy
vary
Accept-Encoding,Origin
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1700264525&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=rw3crQgbAIFB130Bda8C9IGLoKA7S%2B7oiOFRbVADIes%3D"}]}
content-type
text/css
cache-control
public, max-age=31556952
x-amz-cf-id
nqpdmHNaX3nnHo2LqRxYzFvbcKGwom5JUuepWr-aBP-Evz6fYHJTWw==
33-3ce056f4f883e0df60dc.chunk.js
d3tq67kexc2w2i.cloudfront.net/packs/js/ Frame 55A0 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3tq67kexc2w2i.cloudfront.net/packs/js/33-3ce056f4f883e0df60dc.chunk.js
Requested by
Host: d3tq67kexc2w2i.cloudfront.net
URL: https://d3tq67kexc2w2i.cloudfront.net/packs/js/widget-d0c5c92526547c28eb16.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:5200:7:dce7:b680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
cd5f9097907a4b4a806edda9bd3c01a49d027750445cfabdce6304309caa7c17
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.chatwoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 23:20:12 GMT
content-encoding
gzip
via
1.1 vegur, 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-cf-pop
FRA53-C1
age
410705
x-cache
Hit from cloudfront
content-length
4374
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1700090406&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=yNpxne5A3QJtYpp%2FNry%2BTYcZaeTvS7zC%2FPM4oGCpteg%3D
last-modified
Wed, 15 Nov 2023 23:16:45 GMT
server
Cowboy
vary
Accept-Encoding,Origin
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1700090406&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=yNpxne5A3QJtYpp%2FNry%2BTYcZaeTvS7zC%2FPM4oGCpteg%3D"}]}
content-type
application/javascript
cache-control
public, max-age=31556952
x-amz-cf-id
m_4LCaR9SBCHth6bJxvwzc29tRmdAlwub0c1pclBlmdnxaL6eA6PTg==
conversations
app.chatwoot.com/api/v1/widget/ Frame 55A0 		2 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.chatwoot.com/api/v1/widget/conversations?website_token=43s7YryV7GYXYpxPsvJTzYbw
Requested by
Host: d3tq67kexc2w2i.cloudfront.net
URL: https://d3tq67kexc2w2i.cloudfront.net/packs/js/widget-d0c5c92526547c28eb16.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.202.168.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-168-65.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.chatwoot.com/widget?website_token=43s7YryV7GYXYpxPsvJTzYbw
X-Auth-Token
eyJhbGciOiJIUzI1NiJ9.eyJzb3VyY2VfaWQiOiI5N2RlOThiZi1iNzQwLTQzZjgtYjZjYS1jMzk1ZmJmNDg2NzUiLCJpbmJveF9pZCI6MzQ5ODV9.jrKRSfBeJ1ifYpGxqmkIjyMEy-vP6nFU4gq6fnlbrsk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 17:25:17 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
X-Permitted-Cross-Domain-Policies
none
Via
1.1 vegur
Connection
keep-alive
Content-Length
2
X-Xss-Protection
0
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1700501117&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=2tlEpwWHKEAMzFyMMBImkwhXIAJx2WHxSmzlraGpz1g%3D
X-Request-Id
c3cfd118-9004-4b54-953b-1a6c1db4c5e0
X-Runtime
0.043115
Referrer-Policy
strict-origin-when-cross-origin
Server
Cowboy
Etag
W/"44136fa355b3678a1146ad16f7e8649e"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1700501117&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=2tlEpwWHKEAMzFyMMBImkwhXIAJx2WHxSmzlraGpz1g%3D"}]}
Content-Type
application/json; charset=utf-8
Cache-Control
max-age=0, private, must-revalidate
messages
app.chatwoot.com/api/v1/widget/ Frame 55A0 		14 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.chatwoot.com/api/v1/widget/messages?website_token=43s7YryV7GYXYpxPsvJTzYbw
Requested by
Host: d3tq67kexc2w2i.cloudfront.net
URL: https://d3tq67kexc2w2i.cloudfront.net/packs/js/widget-d0c5c92526547c28eb16.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.202.168.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-168-65.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.chatwoot.com/widget?website_token=43s7YryV7GYXYpxPsvJTzYbw
X-Auth-Token
eyJhbGciOiJIUzI1NiJ9.eyJzb3VyY2VfaWQiOiI5N2RlOThiZi1iNzQwLTQzZjgtYjZjYS1jMzk1ZmJmNDg2NzUiLCJpbmJveF9pZCI6MzQ5ODV9.jrKRSfBeJ1ifYpGxqmkIjyMEy-vP6nFU4gq6fnlbrsk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 17:25:17 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
X-Permitted-Cross-Domain-Policies
none
Via
1.1 vegur
Connection
keep-alive
Content-Length
14
X-Xss-Protection
0
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1700501118&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=nND8KzsM6JfHoIG86k5qrxuhZ4WzzkELfvsP0stRKBI%3D
X-Request-Id
ef7ec89c-9ac4-4bcf-9967-888dc546536b
X-Runtime
0.037731
Referrer-Policy
strict-origin-when-cross-origin
Server
Cowboy
Etag
W/"258153158e38e3291e3d48162225fcdb"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1700501118&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=nND8KzsM6JfHoIG86k5qrxuhZ4WzzkELfvsP0stRKBI%3D"}]}
Content-Type
application/json; charset=utf-8
Cache-Control
max-age=0, private, must-revalidate
inbox_members
app.chatwoot.com/api/v1/widget/ Frame 55A0 		90 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.chatwoot.com/api/v1/widget/inbox_members?website_token=43s7YryV7GYXYpxPsvJTzYbw
Requested by
Host: d3tq67kexc2w2i.cloudfront.net
URL: https://d3tq67kexc2w2i.cloudfront.net/packs/js/widget-d0c5c92526547c28eb16.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.202.168.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-168-65.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
8d6fe3aec82f45d6c63f920a86fa6e0d7a484f06c196fbda4bf74bcaa539a85f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.chatwoot.com/widget?website_token=43s7YryV7GYXYpxPsvJTzYbw
X-Auth-Token
eyJhbGciOiJIUzI1NiJ9.eyJzb3VyY2VfaWQiOiI5N2RlOThiZi1iNzQwLTQzZjgtYjZjYS1jMzk1ZmJmNDg2NzUiLCJpbmJveF9pZCI6MzQ5ODV9.jrKRSfBeJ1ifYpGxqmkIjyMEy-vP6nFU4gq6fnlbrsk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 17:25:18 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
X-Permitted-Cross-Domain-Policies
none
Via
1.1 vegur
Connection
keep-alive
Content-Length
90
X-Xss-Protection
0
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1700501118&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=nND8KzsM6JfHoIG86k5qrxuhZ4WzzkELfvsP0stRKBI%3D
X-Request-Id
7d6757f8-a287-4434-a4ff-06a0f4838cb1
X-Runtime
0.017254
Referrer-Policy
strict-origin-when-cross-origin
Server
Cowboy
Etag
W/"8d6fe3aec82f45d6c63f920a86fa6e0d"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1700501118&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=nND8KzsM6JfHoIG86k5qrxuhZ4WzzkELfvsP0stRKBI%3D"}]}
Content-Type
application/json; charset=utf-8
Cache-Control
max-age=0, private, must-revalidate
contact
app.chatwoot.com/api/v1/widget/ Frame 55A0 		93 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.chatwoot.com/api/v1/widget/contact?website_token=43s7YryV7GYXYpxPsvJTzYbw
Requested by
Host: d3tq67kexc2w2i.cloudfront.net
URL: https://d3tq67kexc2w2i.cloudfront.net/packs/js/widget-d0c5c92526547c28eb16.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.202.168.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-168-65.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
fe349460384220ab774e994f8c1d5a27ec213d8fab7cda87a1bac220988bd4d8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.chatwoot.com/widget?website_token=43s7YryV7GYXYpxPsvJTzYbw
X-Auth-Token
eyJhbGciOiJIUzI1NiJ9.eyJzb3VyY2VfaWQiOiI5N2RlOThiZi1iNzQwLTQzZjgtYjZjYS1jMzk1ZmJmNDg2NzUiLCJpbmJveF9pZCI6MzQ5ODV9.jrKRSfBeJ1ifYpGxqmkIjyMEy-vP6nFU4gq6fnlbrsk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 17:25:17 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
X-Permitted-Cross-Domain-Policies
none
Via
1.1 vegur
Connection
keep-alive
Content-Length
93
X-Xss-Protection
0
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1700501118&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=nND8KzsM6JfHoIG86k5qrxuhZ4WzzkELfvsP0stRKBI%3D
X-Request-Id
abe1eb2b-8e22-48e0-a46a-307722b7e064
X-Runtime
0.010992
Referrer-Policy
strict-origin-when-cross-origin
Server
Cowboy
Etag
W/"fe349460384220ab774e994f8c1d5a27"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1700501118&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=nND8KzsM6JfHoIG86k5qrxuhZ4WzzkELfvsP0stRKBI%3D"}]}
Content-Type
application/json; charset=utf-8
Cache-Control
max-age=0, private, must-revalidate
campaigns
app.chatwoot.com/api/v1/widget/ Frame 55A0 		2 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.chatwoot.com/api/v1/widget/campaigns?website_token=43s7YryV7GYXYpxPsvJTzYbw
Requested by
Host: d3tq67kexc2w2i.cloudfront.net
URL: https://d3tq67kexc2w2i.cloudfront.net/packs/js/widget-d0c5c92526547c28eb16.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.202.168.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-168-65.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.chatwoot.com/widget?website_token=43s7YryV7GYXYpxPsvJTzYbw
X-Auth-Token
eyJhbGciOiJIUzI1NiJ9.eyJzb3VyY2VfaWQiOiI5N2RlOThiZi1iNzQwLTQzZjgtYjZjYS1jMzk1ZmJmNDg2NzUiLCJpbmJveF9pZCI6MzQ5ODV9.jrKRSfBeJ1ifYpGxqmkIjyMEy-vP6nFU4gq6fnlbrsk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 17:25:17 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
X-Permitted-Cross-Domain-Policies
none
Via
1.1 vegur
Connection
keep-alive
Content-Length
2
X-Xss-Protection
0
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1700501118&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=nND8KzsM6JfHoIG86k5qrxuhZ4WzzkELfvsP0stRKBI%3D
X-Request-Id
bf3c2a86-a6ce-4854-98c0-da3faef08f29
X-Runtime
0.012457
Referrer-Policy
strict-origin-when-cross-origin
Server
Cowboy
Etag
W/"4f53cda18c2baa0c0354bb5f9a3ecbe5"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1700501118&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=nND8KzsM6JfHoIG86k5qrxuhZ4WzzkELfvsP0stRKBI%3D"}]}
Content-Type
application/json; charset=utf-8
Cache-Control
max-age=0, private, must-revalidate
logo_thumbnail.svg
app.chatwoot.com/brand-assets/ Frame 55A0 		916 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.chatwoot.com/brand-assets/logo_thumbnail.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.202.168.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-168-65.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
9c1bb7bba73eaf75e949795556bc7e66ce7ff3fec6f65797271c7cfe1a305f6f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.chatwoot.com/widget?website_token=43s7YryV7GYXYpxPsvJTzYbw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 17:25:17 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
Via
1.1 vegur
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server
Cowboy
Last-Modified
Fri, 17 Nov 2023 21:21:16 GMT
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1700501118&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=nND8KzsM6JfHoIG86k5qrxuhZ4WzzkELfvsP0stRKBI%3D"}]}
Content-Type
image/svg+xml
Cache-Control
public, max-age=31556952
Connection
keep-alive
Content-Length
916
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1700501118&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=nND8KzsM6JfHoIG86k5qrxuhZ4WzzkELfvsP0stRKBI%3D
message.php
vlnted-gb.ggegl.info/chat_src/ 		160 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vlnted-gb.ggegl.info/chat_src/message.php
Requested by
Host: vlnted-gb.ggegl.info
URL: https://vlnted-gb.ggegl.info/getpayment/187204239
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:54b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
4a8da7bc74896250e6cb72ae819930d8dc1e2b39adcd7edcccb96b2b90753d90
Security Headers
Name Value
Content-Security-Policy default-src 'none'
X-Content-Type-Options nosniff

Request headers

Referer
https://vlnted-gb.ggegl.info/getpayment/187204239
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 20 Nov 2023 17:25:21 GMT
content-security-policy
default-src 'none'
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
x-powered-by
Express
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eh1E%2F3pbogi1fHWG5MnotpK6rlajJiYk5y5aTlnQ9fSuJu4%2B%2BCDFhhJOWKQz7MSNyrh%2Fi52OXjfjAOLRibYoDTdOoX%2BWcLtJtRxqrGsdS9vJTfIz09WpL%2FMssCxcsC42plpKgLBb10LzeeCb%2BazIND9gpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cf-ray
829264476f650bae-AMS
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture function| $ function| jQuery function| Popper object| bootstrap function| openChat function| sendMessage object| xhttp function| playAudio number| myVar function| updateChat function| getCurTime function| getTime function| getCookie function| setCookie function| openForm function| closeForm object| input object| regeneratorRuntime object| chatwootSDK object| $chatwoot function| playAudioAlert

3 Cookies

Domain/Path Name / Value
.vlnted-gb.ggegl.info/ Name: __cf_mw_byp
Value: bYI6CTwGLklExP30.UFK2tU62g9KaaqL9MKJAtgYyXE-1700501113-0-/getpayment/187204239
vlnted-gb.ggegl.info/ Name: cw_conversation
Value: eyJhbGciOiJIUzI1NiJ9.eyJzb3VyY2VfaWQiOiI5N2RlOThiZi1iNzQwLTQzZjgtYjZjYS1jMzk1ZmJmNDg2NzUiLCJpbmJveF9pZCI6MzQ5ODV9.jrKRSfBeJ1ifYpGxqmkIjyMEy-vP6nFU4gq6fnlbrsk
vlnted-gb.ggegl.info/ Name: token
Value: 3h56u9

2 Console Messages

Source Level URL
Text
network error URL: https://vlnted-gb.ggegl.info/supportChatFrame/%item%
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://vlnted-gb.ggegl.info/chat_src/message.php
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
app.chatwoot.com
cdnjs.cloudflare.com
d3tq67kexc2w2i.cloudfront.net
maxcdn.bootstrapcdn.com
tinu.be
upload.wikimedia.org
vlnted-gb.ggegl.info
2600:9000:214f:5200:7:dce7:b680:21
2606:4700:3033::6815:54b7
2606:4700::6811:180e
2606:4700::6812:bcf
2a00:1450:4001:80e::200a
2a02:ec80:300:ed1a::2:b
52.202.168.65
76.76.21.21
0a7ca23b9044a6a868b5979194c0204f48a0e04cf5b706f4c46edb6aad5f6cc9
1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b
1de7f14d7da20e88edfd4564fc22d926bbe7ffa248dcbe4038278b4ee99aca1e
258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57
2ba8595bebedd956f33da747b65a27151f94af448b748d09012b51ff7c3670ba
3fc6a8cf4dd825d99f0f2af74015876db24b3b314ba9e9505f0b21c3aa09a2dc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4a8da7bc74896250e6cb72ae819930d8dc1e2b39adcd7edcccb96b2b90753d90
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
68d2db7313f7aa396edd3ccb6d4f1fbe308949eaf93977402ee7cfbf80d2ef93
69699076e2d3bad121ca90f7bae4e6a9b5d0a309ebd5707dcf7bd3afcc8f457d
79534478273e209365b14a47e39375e95329d1f7fc41b50c2eadd8cb09a32c9e
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
7ef14a1e070a6a2ec9ff44ccf5e923cb2a460c5861a3db8a9ae1e21557d27020
81c4665c2b54d51cde4ec8a972f8676a0c8d14b61eac28d375f5098af137705e
8d6fe3aec82f45d6c63f920a86fa6e0d7a484f06c196fbda4bf74bcaa539a85f
8e46e2bdfbe8d342eb69a5e311d6825ff14383f35b7b9621d5f0e63eefaf3dc5
9afd537e6723bb869397626212305906f739306bc96bfff09e9e6f45c206f715
9c1bb7bba73eaf75e949795556bc7e66ce7ff3fec6f65797271c7cfe1a305f6f
a539fa04223136c73711eefc55a958a0ad1d5a4dcdc1bc5897f64ec69d419abd
a58ddc17cdad382c6b1f8fbb46c4f43a6714c831b39fedb596adb5fb102c5944
b989270f80fd2cb478049a7683b4b64a1be54cdd82181d1698524f6c210cd37f
bfbec5ec8f5b0ceb4379e9f7523ace27c49ab6aa986cb6b3bbf5d79048c6bb61
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
cd5f9097907a4b4a806edda9bd3c01a49d027750445cfabdce6304309caa7c17
d6d0bf1b1e841632d161a599144fc00e3bb3c13ca0d870e15dda987c953e63ea
ee5ac1215fff5738786629cc8786515e06cec9e42cbb94d7b1b3d46d795c04b7
efca0895b4d88b27a94249f8e7ac0083eff0a4ff3ac37c2841b3f6d7e11c1905
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fe349460384220ab774e994f8c1d5a27ec213d8fab7cda87a1bac220988bd4d8