paymentpage.cfd Open in urlscan Pro
207.244.254.173  Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response paymentpage.cfd/	400 KB 401 KB	4099ms 3199ms	Document text/html	207.244.254.173 NL-811-40021
General Check archive.org Show headers Download Go to Full URL https://paymentpage.cfd/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 207.244.254.173 St Louis, United States, ASN40021 (NL-811-40021, US), Reverse DNS vmi1581649.contaboserver.net Software Apache / Resource Hash eee43bbb857e2a45fcb3d23db440cf609d603aaecaa82db5092924baf03c06da Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Connection Keep-Alive Content-Type text/html; charset=UTF-8 Date Tue, 06 Aug 2024 14:47:28 GMT Keep-Alive timeout=5, max=100 Link <https://paymentpage.cfd/wp-json/>; rel="https://api.w.org/", <https://paymentpage.cfd/wp-json/wp/v2/pages/88>; rel="alternate"; title="JSON"; type="application/json", <https://paymentpage.cfd/>; rel=shortlink Server Apache Transfer-Encoding chunked
GET H/1.1	200 OK	c2VydmljZT1jc3Mmc3JjPWh0dHBzJTNBJTJGJTJGZm9udHMuZ29vZ2xlYXBpcy5jb20lMkZjc3MlM0ZmYW1pbHklM0RPcmJpdHJvbiZjYWNoZU1hcmtlcj02YTIwNjQzZTU5MjYyZmVmYTdiZjlmYmQyNDdhYjAxZi0yMzkyOTkmdG9rZW49YzE5YzdkMzVhNjZmY... paymentpage.cfd/wp-content/plugins/phastpress/phast.php/	374 B 825 B	561ms 314ms	Stylesheet text/css	207.244.254.173 NL-811-40021
General Check archive.org Show headers Download Go to Full URL https://paymentpage.cfd/wp-content/plugins/phastpress/phast.php/c2VydmljZT1jc3Mmc3JjPWh0dHBzJTNBJTJGJTJGZm9udHMuZ29vZ2xlYXBpcy5jb20lMkZjc3MlM0ZmYW1pbHklM0RPcmJpdHJvbiZjYWNoZU1hcmtlcj02YTIwNjQzZTU5MjYyZmVmYTdiZjlmYmQyNDdhYjAxZi0yMzkyOTkmdG9rZW49YzE5YzdkMzVhNjZmYWNkZg.q.js Requested by Host: paymentpage.cfd URL: https://paymentpage.cfd/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 207.244.254.173 St Louis, United States, ASN40021 (NL-811-40021, US), Reverse DNS vmi1581649.contaboserver.net Software Apache / Resource Hash cc957b32137440586578725addf3843e1493a2aa965f0e9c9fb7be5fafe98209 Security Headers Name Value Content-Security-Policy default-src 'none' X-Content-Type-Options nosniff Request headers Referer https://paymentpage.cfd/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Tue, 06 Aug 2024 14:47:32 GMT Content-Encoding gzip X-Content-Type-Options nosniff Content-Security-Policy default-src 'none' Transfer-Encoding chunked Connection Keep-Alive X-Accel-Expires 31536000 Last-Modified Tue, 06 Aug 2024 14:47:32 GMT Server Apache ETag "777227b8d8e2a75f577f489f9dc50230" Vary Accept-Encoding Content-Type text/css;charset=UTF-8 Access-Control-Allow-Origin * Cache-Control max-age=31536000 Keep-Alive timeout=5, max=100 Expires Wed, 06 Aug 2025 14:47:32 GMT
GET H/1.1	200 OK	9vZ2xlYXBpcy5jb20lMkZjc3MlM0ZmYW1pbHklM0RGaXJhJTJCU2FucyUyNTNBMTAwJTI1MkMzMDAlMjUyQzQwMCUyNTJDNzAwJTI1MkM5MDAlMjZzdWJzZXQlM0RsYXRpbiUyNnZlciUzRDEuMi41JmNhY2hlTWFya2VyPTNmNWY2OGExMWViMmI0YTA5ZjVhM2E... paymentpage.cfd/wp-content/plugins/phastpress/phast.php/c2VydmljZT1jc3Mmc3JjPWh0dHBzJTNBJTJGJTJGZm9udHMuZ2/	10 KB 1 KB	582ms 292ms	Stylesheet text/css	207.244.254.173 NL-811-40021
General Check archive.org Show headers Download Go to Full URL https://paymentpage.cfd/wp-content/plugins/phastpress/phast.php/c2VydmljZT1jc3Mmc3JjPWh0dHBzJTNBJTJGJTJGZm9udHMuZ2/9vZ2xlYXBpcy5jb20lMkZjc3MlM0ZmYW1pbHklM0RGaXJhJTJCU2FucyUyNTNBMTAwJTI1MkMzMDAlMjUyQzQwMCUyNTJDNzAwJTI1MkM5MDAlMjZzdWJzZXQlM0RsYXRpbiUyNnZlciUzRDEuMi41JmNhY2hlTWFya2VyPTNmNWY2OGExMWViMmI0YTA5ZjVhM2EzMDQxZmYzMjc3LTIzOTI5OSZ0b2tlbj02OWMyYTBlYmM3NjA4NTli.q.js Requested by Host: paymentpage.cfd URL: https://paymentpage.cfd/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 207.244.254.173 St Louis, United States, ASN40021 (NL-811-40021, US), Reverse DNS vmi1581649.contaboserver.net Software Apache / Resource Hash 31a5c1823d1839173e38d59056fddec0c2d0caa3ccf1afd0bacd7474e8bc4507 Security Headers Name Value Content-Security-Policy default-src 'none' X-Content-Type-Options nosniff Request headers Referer https://paymentpage.cfd/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Tue, 06 Aug 2024 14:47:32 GMT Content-Encoding gzip X-Content-Type-Options nosniff Content-Security-Policy default-src 'none' Transfer-Encoding chunked Connection Keep-Alive X-Accel-Expires 31536000 Last-Modified Tue, 06 Aug 2024 14:47:32 GMT Server Apache ETag "9cbe6c05ca93601a49b226b3a6408061" Vary Accept-Encoding Content-Type text/css;charset=UTF-8 Access-Control-Allow-Origin * Cache-Control max-age=31536000 Keep-Alive timeout=5, max=100 Expires Wed, 06 Aug 2025 14:47:32 GMT
GET H/1.1	200 OK	AwJTI1MkM2MDBpdGFsaWMlMjUyQzcwMCUyNTJDNzAwaXRhbGljJTI1MkM4MDAlMjUyQzgwMGl0YWxpYyUyNTJDOTAwJTI1MkM5MDBpdGFsaWMlMjZkaXNwbGF5JTNEc3dhcCUyNnZlciUzRDYuNi4xJmNhY2hlTWFya2VyPTUyOTNhYWI1NjhlZmQ2MDFhZjJhYjM... paymentpage.cfd/wp-content/plugins/phastpress/phast.php/c2VydmljZT1jc3Mmc3JjPWh0dHBzJTNB/JTJGJTJGZm9udHMuZ29vZ2xlYXBpcy5jb20lMkZjc3MlM0ZmYW1pbHklM0RSb2JvdG8lMjUzQTEwMCUyNTJDMTAwaXRhbGljJTI1MkMyMDAl...	45 KB 2 KB	397ms 316ms	Stylesheet text/css	207.244.254.173 NL-811-40021
General Check archive.org Show headers Download Go to Full URL https://paymentpage.cfd/wp-content/plugins/phastpress/phast.php/c2VydmljZT1jc3Mmc3JjPWh0dHBzJTNB/JTJGJTJGZm9udHMuZ29vZ2xlYXBpcy5jb20lMkZjc3MlM0ZmYW1pbHklM0RSb2JvdG8lMjUzQTEwMCUyNTJDMTAwaXRhbGljJTI1MkMyMDAlMjUyQzIwMGl0YWxpYyUyNTJDMzAwJTI1MkMzMDBpdGFsaWMlMjUyQzQwMCUyNTJDNDAwaXRhbGljJTI1MkM1MDAlMjUyQzUwMGl0YWxpYyUyNTJDNjAwJTI1MkM2MDBpdGFsaWMlMjUyQzcwMCU/yNTJDNzAwaXRhbGljJTI1MkM4MDAlMjUyQzgwMGl0YWxpYyUyNTJDOTAwJTI1MkM5MDBpdGFsaWMlMjU3Q1JvYm90byUyQlNsYWIlMjUzQTEwMCUyNTJDMTAwaXRhbGljJTI1MkMyMDAlMjUyQzIwMGl0YWxpYyUyNTJDMzAwJTI1MkMzMDBpdGFsaWMlMjUyQzQwMCUyNTJDNDAwaXRhbGljJTI1MkM1MDAlMjUyQzUwMGl0YWxpYyUyNTJDNj/AwJTI1MkM2MDBpdGFsaWMlMjUyQzcwMCUyNTJDNzAwaXRhbGljJTI1MkM4MDAlMjUyQzgwMGl0YWxpYyUyNTJDOTAwJTI1MkM5MDBpdGFsaWMlMjZkaXNwbGF5JTNEc3dhcCUyNnZlciUzRDYuNi4xJmNhY2hlTWFya2VyPTUyOTNhYWI1NjhlZmQ2MDFhZjJhYjMyOWZiNWEyN2YwLTIzOTI5OSZ0b2tlbj05NmRlNzcwMDhhODJlYjll.q.js Requested by Host: paymentpage.cfd URL: https://paymentpage.cfd/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 207.244.254.173 St Louis, United States, ASN40021 (NL-811-40021, US), Reverse DNS vmi1581649.contaboserver.net Software Apache / Resource Hash da43ae4d2670a49d1d9a67a1e3eb3dfb4fe8b3509119005b2a756719e44cbbfa Security Headers Name Value Content-Security-Policy default-src 'none' X-Content-Type-Options nosniff Request headers Referer https://paymentpage.cfd/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Tue, 06 Aug 2024 14:47:32 GMT Content-Encoding gzip X-Content-Type-Options nosniff Content-Security-Policy default-src 'none' Transfer-Encoding chunked Connection Keep-Alive X-Accel-Expires 31536000 Last-Modified Tue, 06 Aug 2024 14:47:32 GMT Server Apache ETag "825ffd1350e54efff118c4760349acf6" Vary Accept-Encoding Content-Type text/css;charset=UTF-8 Access-Control-Allow-Origin * Cache-Control max-age=31536000 Keep-Alive timeout=5, max=99 Expires Wed, 06 Aug 2025 14:47:32 GMT
GET DATA	200 OK	truncated /	240 B 240 B		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a1f389a4a583504e955a630f2dc66ba3ef895fed89b6c6477f30fef9e09fd631 Request headers Referer Origin https://paymentpage.cfd User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Content-Type font/woff2
GET H/1.1	200 OK	c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcGF5bWVudHBhZ2UuY2ZkJTJGd3AtY29udGVudCUyRnVwbG9hZHMlMkYyMDI0JTJGMDclMkZjcm9wcGVkLUlNR183ODAzLmpwZWcmY2FjaGVNYXJrZXI9MTcyMDU1ODk1OS02NzQzNjcmdG9rZW49N2UyN... paymentpage.cfd/wp-content/plugins/phastpress/phast.php/	605 KB 606 KB	219ms 218ms	Image image/webp	207.244.254.173 NL-811-40021
General Check archive.org Show headers Download Go to Show image Full URL https://paymentpage.cfd/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcGF5bWVudHBhZ2UuY2ZkJTJGd3AtY29udGVudCUyRnVwbG9hZHMlMkYyMDI0JTJGMDclMkZjcm9wcGVkLUlNR183ODAzLmpwZWcmY2FjaGVNYXJrZXI9MTcyMDU1ODk1OS02NzQzNjcmdG9rZW49N2UyN2NhYzM1MTc4ZWJkMw.q.jpeg Requested by Host: paymentpage.cfd URL: https://paymentpage.cfd/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 207.244.254.173 St Louis, United States, ASN40021 (NL-811-40021, US), Reverse DNS vmi1581649.contaboserver.net Software Apache / Resource Hash 915e4c0bca1a5b1d48cb89b60b7ccdece48dca33fd7a81be46c665a354f8e9c2 Security Headers Name Value Content-Security-Policy default-src 'none' X-Content-Type-Options nosniff Request headers Referer https://paymentpage.cfd/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Tue, 06 Aug 2024 14:47:33 GMT Content-Security-Policy default-src 'none' X-Content-Type-Options nosniff Transfer-Encoding chunked Connection Keep-Alive X-Accel-Expires 31536000 Last-Modified Tue, 06 Aug 2024 14:47:33 GMT Server Apache ETag "4548b17a41c943c285034ba84a871ba6" Vary Accept Content-Type image/webp Access-Control-Allow-Origin * Cache-Control max-age=31536000 Link <https://paymentpage.cfd/wp-content/uploads/2024/07/cropped-IMG_7803.jpeg>; rel="canonical" Keep-Alive timeout=5, max=98 Expires Wed, 06 Aug 2025 14:47:33 GMT
GET H2	200	va9E4kDNxMZdWfMOD5Vvl4jL.woff2 fonts.gstatic.com/s/firasans/v17/	23 KB 23 KB	515ms 246ms	Font font/woff2	2607:f8b0:400d:c0d::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/firasans/v17/va9E4kDNxMZdWfMOD5Vvl4jL.woff2 Requested by Host: paymentpage.cfd URL: https://paymentpage.cfd/wp-content/plugins/phastpress/phast.php/c2VydmljZT1jc3Mmc3JjPWh0dHBzJTNBJTJGJTJGZm9udHMuZ2/9vZ2xlYXBpcy5jb20lMkZjc3MlM0ZmYW1pbHklM0RGaXJhJTJCU2FucyUyNTNBMTAwJTI1MkMzMDAlMjUyQzQwMCUyNTJDNzAwJTI1MkM5MDAlMjZzdWJzZXQlM0RsYXRpbiUyNnZlciUzRDEuMi41JmNhY2hlTWFya2VyPTNmNWY2OGExMWViMmI0YTA5ZjVhM2EzMDQxZmYzMjc3LTIzOTI5OSZ0b2tlbj02OWMyYTBlYmM3NjA4NTli.q.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:400d:c0d::5e Morganton, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://paymentpage.cfd/ Origin https://paymentpage.cfd User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 01 Aug 2024 03:15:49 GMT x-content-type-options nosniff age 473504 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23880 x-xss-protection 0 last-modified Tue, 02 May 2023 14:50:07 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 01 Aug 2025 03:15:49 GMT
GET H2	200	va9C4kDNxMZdWfMOD5Vn9LjJYTI.woff2 fonts.gstatic.com/s/firasans/v17/	22 KB 23 KB	393ms 124ms	Font font/woff2	2607:f8b0:400d:c0d::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/firasans/v17/va9C4kDNxMZdWfMOD5Vn9LjJYTI.woff2 Requested by Host: paymentpage.cfd URL: https://paymentpage.cfd/wp-content/plugins/phastpress/phast.php/c2VydmljZT1jc3Mmc3JjPWh0dHBzJTNBJTJGJTJGZm9udHMuZ2/9vZ2xlYXBpcy5jb20lMkZjc3MlM0ZmYW1pbHklM0RGaXJhJTJCU2FucyUyNTNBMTAwJTI1MkMzMDAlMjUyQzQwMCUyNTJDNzAwJTI1MkM5MDAlMjZzdWJzZXQlM0RsYXRpbiUyNnZlciUzRDEuMi41JmNhY2hlTWFya2VyPTNmNWY2OGExMWViMmI0YTA5ZjVhM2EzMDQxZmYzMjc3LTIzOTI5OSZ0b2tlbj02OWMyYTBlYmM3NjA4NTli.q.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:400d:c0d::5e Morganton, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 96b3dfc0361e64c77830b968f74e931324ab6357b0cee548930f883d7d4d3600 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://paymentpage.cfd/ Origin https://paymentpage.cfd User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 31 Jul 2024 21:47:52 GMT x-content-type-options nosniff age 493181 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 22856 x-xss-protection 0 last-modified Tue, 02 May 2023 14:50:01 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 31 Jul 2025 21:47:52 GMT
GET H2	200	va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2 fonts.gstatic.com/s/firasans/v17/	24 KB 25 KB	570ms 302ms	Font font/woff2	2607:f8b0:400d:c0d::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2 Requested by Host: paymentpage.cfd URL: https://paymentpage.cfd/wp-content/plugins/phastpress/phast.php/c2VydmljZT1jc3Mmc3JjPWh0dHBzJTNBJTJGJTJGZm9udHMuZ2/9vZ2xlYXBpcy5jb20lMkZjc3MlM0ZmYW1pbHklM0RGaXJhJTJCU2FucyUyNTNBMTAwJTI1MkMzMDAlMjUyQzQwMCUyNTJDNzAwJTI1MkM5MDAlMjZzdWJzZXQlM0RsYXRpbiUyNnZlciUzRDEuMi41JmNhY2hlTWFya2VyPTNmNWY2OGExMWViMmI0YTA5ZjVhM2EzMDQxZmYzMjc3LTIzOTI5OSZ0b2tlbj02OWMyYTBlYmM3NjA4NTli.q.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:400d:c0d::5e Morganton, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 45f1b654ec61c60215f597e30df063b0fee38c8a42f7046f99bf9bf3376971dc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://paymentpage.cfd/ Origin https://paymentpage.cfd User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 31 Jul 2024 17:20:23 GMT x-content-type-options nosniff age 509230 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24964 x-xss-protection 0 last-modified Tue, 02 May 2023 14:50:32 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 31 Jul 2025 17:20:23 GMT
GET H/1.1	200 OK	c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcGF5bWVudHBhZ2UuY2ZkJTJGd3AtY29udGVudCUyRnVwbG9hZHMlMkYyMDI0JTJGMDclMkZJTUdfMDU0MC5wbmcmY2FjaGVNYXJrZXI9MTcyMDU1MjU0OS0xMjUxNTcmdG9rZW49ZjM0ZTFiNWYxODQ2N... paymentpage.cfd/wp-content/plugins/phastpress/phast.php/	11 KB 12 KB	320ms 318ms	Image image/webp	207.244.254.173 NL-811-40021
General Check archive.org Show headers Download Go to Show image Full URL https://paymentpage.cfd/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcGF5bWVudHBhZ2UuY2ZkJTJGd3AtY29udGVudCUyRnVwbG9hZHMlMkYyMDI0JTJGMDclMkZJTUdfMDU0MC5wbmcmY2FjaGVNYXJrZXI9MTcyMDU1MjU0OS0xMjUxNTcmdG9rZW49ZjM0ZTFiNWYxODQ2NzM5Ng.q.png Requested by Host: paymentpage.cfd URL: https://paymentpage.cfd/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 207.244.254.173 St Louis, United States, ASN40021 (NL-811-40021, US), Reverse DNS vmi1581649.contaboserver.net Software Apache / Resource Hash ee3e5d081281087b02c6f65d348b8abc8f5bca5b507ecda579199921f3b520fb Security Headers Name Value Content-Security-Policy default-src 'none' X-Content-Type-Options nosniff Request headers Referer https://paymentpage.cfd/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Tue, 06 Aug 2024 14:47:33 GMT Content-Security-Policy default-src 'none' X-Content-Type-Options nosniff Transfer-Encoding chunked Connection Keep-Alive X-Accel-Expires 31536000 Last-Modified Tue, 06 Aug 2024 14:47:33 GMT Server Apache ETag "5631be473d94642f345e1f8db939bcb5" Vary Accept Content-Type image/webp Access-Control-Allow-Origin * Cache-Control max-age=31536000 Link <https://paymentpage.cfd/wp-content/uploads/2024/07/IMG_0540.png>; rel="canonical" Keep-Alive timeout=5, max=99 Expires Wed, 06 Aug 2025 14:47:33 GMT
GET H/1.1	200 OK	c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcGF5bWVudHBhZ2UuY2ZkJTJGd3AtY29udGVudCUyRnVwbG9hZHMlMkYyMDI0JTJGMDclMkZJTUdfMDU0My0zMDB4MTk3LnBuZyZjYWNoZU1hcmtlcj0xNzIwNTUzODc0LTQ4NDE3JnRva2VuPWM3ODA2Z... paymentpage.cfd/wp-content/plugins/phastpress/phast.php/	6 KB 7 KB	289ms 288ms	Image image/webp	207.244.254.173 NL-811-40021
General Check archive.org Show headers Download Go to Show image Full URL https://paymentpage.cfd/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcGF5bWVudHBhZ2UuY2ZkJTJGd3AtY29udGVudCUyRnVwbG9hZHMlMkYyMDI0JTJGMDclMkZJTUdfMDU0My0zMDB4MTk3LnBuZyZjYWNoZU1hcmtlcj0xNzIwNTUzODc0LTQ4NDE3JnRva2VuPWM3ODA2ZmY4NjU4YzA4Mjg.q.png Requested by Host: paymentpage.cfd URL: https://paymentpage.cfd/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 207.244.254.173 St Louis, United States, ASN40021 (NL-811-40021, US), Reverse DNS vmi1581649.contaboserver.net Software Apache / Resource Hash f7cd0aa51a3490146b0b2b6988409c33ec2cbab62674a7182ec1bd2d82bb4bc5 Security Headers Name Value Content-Security-Policy default-src 'none' X-Content-Type-Options nosniff Request headers Referer https://paymentpage.cfd/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Tue, 06 Aug 2024 14:47:33 GMT Content-Security-Policy default-src 'none' X-Content-Type-Options nosniff Transfer-Encoding chunked Connection Keep-Alive X-Accel-Expires 31536000 Last-Modified Tue, 06 Aug 2024 14:47:33 GMT Server Apache ETag "7163de9965674d4498892782cb47c1a8" Vary Accept Content-Type image/webp Access-Control-Allow-Origin * Cache-Control max-age=31536000 Link <https://paymentpage.cfd/wp-content/uploads/2024/07/IMG_0543-300x197.png>; rel="canonical" Keep-Alive timeout=5, max=99 Expires Wed, 06 Aug 2025 14:47:33 GMT
GET H/1.1	200 OK	c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcGF5bWVudHBhZ2UuY2ZkJTJGd3AtY29udGVudCUyRnVwbG9hZHMlMkYyMDI0JTJGMDclMkZJTUdfMDYzMi5wbmcmY2FjaGVNYXJrZXI9MTcyMTQwNDk5NS04MzU1JnRva2VuPWFiM2U4NmVkZDJkNDViY... paymentpage.cfd/wp-content/plugins/phastpress/phast.php/	5 KB 5 KB	217ms 215ms	Image image/webp	207.244.254.173 NL-811-40021
General Check archive.org Show headers Download Go to Show image Full URL https://paymentpage.cfd/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcGF5bWVudHBhZ2UuY2ZkJTJGd3AtY29udGVudCUyRnVwbG9hZHMlMkYyMDI0JTJGMDclMkZJTUdfMDYzMi5wbmcmY2FjaGVNYXJrZXI9MTcyMTQwNDk5NS04MzU1JnRva2VuPWFiM2U4NmVkZDJkNDViYjQ.q.png Requested by Host: paymentpage.cfd URL: https://paymentpage.cfd/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 207.244.254.173 St Louis, United States, ASN40021 (NL-811-40021, US), Reverse DNS vmi1581649.contaboserver.net Software Apache / Resource Hash d733ea300069e84e398c74ebb594ad2f5bad723b468e1586b20a73dca0cc3735 Security Headers Name Value Content-Security-Policy default-src 'none' X-Content-Type-Options nosniff Request headers Referer https://paymentpage.cfd/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Tue, 06 Aug 2024 14:47:33 GMT Content-Security-Policy default-src 'none' X-Content-Type-Options nosniff Transfer-Encoding chunked Connection Keep-Alive X-Accel-Expires 31536000 Last-Modified Tue, 06 Aug 2024 14:47:33 GMT Server Apache ETag "6397b5ef441e1cb99d5e1e9f8a888ac8" Vary Accept Content-Type image/webp Access-Control-Allow-Origin * Cache-Control max-age=31536000 Link <https://paymentpage.cfd/wp-content/uploads/2024/07/IMG_0632.png>; rel="canonical" Keep-Alive timeout=5, max=100 Expires Wed, 06 Aug 2025 14:47:33 GMT
GET H/1.1	200 OK	c2VydmljZT1idW5kbGVyJnI9ZEVicXNwaTBFa2M.q.js Show response paymentpage.cfd/wp-content/plugins/phastpress/phast.php/	3 KB 1 KB	328ms 210ms	XHR application/json	207.244.254.173 NL-811-40021
General Check archive.org Show headers Download Go to Full URL https://paymentpage.cfd/wp-content/plugins/phastpress/phast.php/c2VydmljZT1idW5kbGVyJnI9ZEVicXNwaTBFa2M.q.js Requested by Host: paymentpage.cfd URL: https://paymentpage.cfd/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 207.244.254.173 St Louis, United States, ASN40021 (NL-811-40021, US), Reverse DNS vmi1581649.contaboserver.net Software Apache / Resource Hash 284800ca9e68e11fe78a243f73da5f861743cf9b9921dafae583ac81cc711405 Security Headers Name Value Content-Security-Policy default-src 'none' X-Content-Type-Options nosniff Request headers Referer https://paymentpage.cfd/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Tue, 06 Aug 2024 14:47:33 GMT Content-Encoding gzip X-Content-Type-Options nosniff Content-Security-Policy default-src 'none' Transfer-Encoding chunked Connection Keep-Alive X-Accel-Expires 31536000 Last-Modified Tue, 06 Aug 2024 14:47:33 GMT Server Apache ETag "7149608a82ab48860c234c8320a000ad" Vary Accept-Encoding Content-Type application/json Access-Control-Allow-Origin * Cache-Control max-age=31536000 Keep-Alive timeout=5, max=99 Expires Wed, 06 Aug 2025 14:47:33 GMT
GET H/1.1	200 OK	npjVG9rJnI9N3ROdy1obGp2UHMmcj1CbXY3NXgwTHptbyZyPU9KOUd4RXRQcmtNJnI9Umt6b2M1ZUt1cDQmcj1XeEk3enVwVlR0NCZyPVlWd3JWenlieFdzJnI9XzQta01ndkRQZjAmcj1fNmVWeTVENkdtRSZyPWdxZkpoZkRHVVVJJnI9Z3RjZkQ3d25IV1Emcj... Show response paymentpage.cfd/wp-content/plugins/phastpress/phast.php/c2VydmljZT1idW5kbGVyJnI9LXNacEhNS2hCdm8mcj0wdGpQek1lLVhhYyZyPTJiTkc2S/	915 KB 132 KB	455ms 269ms	XHR application/json	207.244.254.173 NL-811-40021
General Check archive.org Show headers Download Go to Full URL https://paymentpage.cfd/wp-content/plugins/phastpress/phast.php/c2VydmljZT1idW5kbGVyJnI9LXNacEhNS2hCdm8mcj0wdGpQek1lLVhhYyZyPTJiTkc2S/npjVG9rJnI9N3ROdy1obGp2UHMmcj1CbXY3NXgwTHptbyZyPU9KOUd4RXRQcmtNJnI9Umt6b2M1ZUt1cDQmcj1XeEk3enVwVlR0NCZyPVlWd3JWenlieFdzJnI9XzQta01ndkRQZjAmcj1fNmVWeTVENkdtRSZyPWdxZkpoZkRHVVVJJnI9Z3RjZkQ3d25IV1Emcj1yUVQ4V1Zmb053ayZyPXMtTGV2b2lkRENBJnI9eGJNUHJPMVpsb0E.q.js Requested by Host: paymentpage.cfd URL: https://paymentpage.cfd/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 207.244.254.173 St Louis, United States, ASN40021 (NL-811-40021, US), Reverse DNS vmi1581649.contaboserver.net Software Apache / Resource Hash 76f471e1b7605e8a0267a5a441a09991d71eacb74ba50917ce41990ad793fc48 Security Headers Name Value Content-Security-Policy default-src 'none' X-Content-Type-Options nosniff Request headers Referer https://paymentpage.cfd/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Tue, 06 Aug 2024 14:47:33 GMT Content-Encoding gzip X-Content-Type-Options nosniff Content-Security-Policy default-src 'none' Transfer-Encoding chunked Connection Keep-Alive X-Accel-Expires 31536000 Last-Modified Tue, 06 Aug 2024 14:47:33 GMT Server Apache ETag "42a85c90b7f0209c1a124d353b6695c1" Vary Accept-Encoding Content-Type application/json Access-Control-Allow-Origin * Cache-Control max-age=31536000 Keep-Alive timeout=5, max=98 Expires Wed, 06 Aug 2025 14:47:33 GMT
GET BLOB	200 OK	48b2f398-ded0-4121-943f-66e2a2c75496 https://paymentpage.cfd/	1 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://paymentpage.cfd/48b2f398-ded0-4121-943f-66e2a2c75496 Requested by Host: paymentpage.cfd URL: https://paymentpage.cfd/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Content-Length 1185 Content-Type text/javascript
GET H/1.1	200 OK	cropped-IMG_0528-32x32.jpeg paymentpage.cfd/wp-content/uploads/2024/07/	1 KB 1 KB	122ms 122ms	Other image/jpeg	207.244.254.173 NL-811-40021
General Check archive.org Show headers Download Go to Full URL https://paymentpage.cfd/wp-content/uploads/2024/07/cropped-IMG_0528-32x32.jpeg Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 207.244.254.173 St Louis, United States, ASN40021 (NL-811-40021, US), Reverse DNS vmi1581649.contaboserver.net Software Apache / Resource Hash c84444775cc0ebd621ca8e9169b9d2b58b1f192be943f40249c2653ee566e440 Request headers Referer https://paymentpage.cfd/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Tue, 06 Aug 2024 14:47:34 GMT Last-Modified Tue, 09 Jul 2024 14:54:38 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 1071
GET H/1.1	200 OK	N21FbmMmcj1EMm1kdjBHSDJrYyZyPUhCNHYyREREeWNzJnI9SmdZVkRBVmFmaDQmcj1LSHRoamg0Zmx3USZyPVFrUFh5VVJxYkRjJnI9UnY1RS1RZ01GOTgmcj1ZLTJxdGdVSmJNRSZyPWFWYVd4TVNRRFE4JnI9aWVtUS1INU8wQ1Umcj1tMk5raVk2SEI0RSZyP... Show response paymentpage.cfd/wp-content/plugins/phastpress/phast.php/c2VydmljZT1idW5kbGVyJnI9LTVDZjB1THNoRnMmcj02TGQ4MGI0ajd1USZyPTZ0Y3ZnQlRWU2xBJnI9N0o0cFVK/	249 KB 75 KB	231ms 231ms	XHR application/json	207.244.254.173 NL-811-40021
General Check archive.org Show headers Download Go to Full URL https://paymentpage.cfd/wp-content/plugins/phastpress/phast.php/c2VydmljZT1idW5kbGVyJnI9LTVDZjB1THNoRnMmcj02TGQ4MGI0ajd1USZyPTZ0Y3ZnQlRWU2xBJnI9N0o0cFVK/N21FbmMmcj1EMm1kdjBHSDJrYyZyPUhCNHYyREREeWNzJnI9SmdZVkRBVmFmaDQmcj1LSHRoamg0Zmx3USZyPVFrUFh5VVJxYkRjJnI9UnY1RS1RZ01GOTgmcj1ZLTJxdGdVSmJNRSZyPWFWYVd4TVNRRFE4JnI9aWVtUS1INU8wQ1Umcj1tMk5raVk2SEI0RSZyPXBlb3ZBYV9PUWJvJnI9djJnOTAzS1BXRjgmcj16NU9YRklwS1JGbw.q.js Requested by Host: paymentpage.cfd URL: https://paymentpage.cfd/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 207.244.254.173 St Louis, United States, ASN40021 (NL-811-40021, US), Reverse DNS vmi1581649.contaboserver.net Software Apache / Resource Hash ab4387ba61119d55bbcd7a1a4ffdacdecb02713842272e6376f4dc610d950f08 Security Headers Name Value Content-Security-Policy default-src 'none' X-Content-Type-Options nosniff Request headers Referer https://paymentpage.cfd/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Tue, 06 Aug 2024 14:47:34 GMT Content-Encoding gzip X-Content-Type-Options nosniff Content-Security-Policy default-src 'none' Transfer-Encoding chunked Connection Keep-Alive X-Accel-Expires 31536000 Last-Modified Tue, 06 Aug 2024 14:47:34 GMT Server Apache ETag "fa089c6e041519f3e57353a53fa7ce1f" Vary Accept-Encoding Content-Type application/json Access-Control-Allow-Origin * Cache-Control max-age=31536000 Keep-Alive timeout=5, max=97 Expires Wed, 06 Aug 2025 14:47:34 GMT
GET H/1.1	200 OK	burst-goals.js Show response paymentpage.cfd/wp-content/plugins/burst-statistics//assets/js/build/	4 KB 5 KB	123ms 122ms	Script text/javascript	207.244.254.173 NL-811-40021
General Check archive.org Show headers Download Go to Full URL https://paymentpage.cfd/wp-content/plugins/burst-statistics//assets/js/build/burst-goals.js?v=1.7.0 Requested by Host: paymentpage.cfd URL: https://paymentpage.cfd/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 207.244.254.173 St Louis, United States, ASN40021 (NL-811-40021, US), Reverse DNS vmi1581649.contaboserver.net Software Apache / Resource Hash 355b03927e976d0993918c4eff8b0dc3d14d0f5e6725b67c95665cee70361879 Request headers Referer https://paymentpage.cfd/ Origin https://paymentpage.cfd User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Tue, 06 Aug 2024 14:47:34 GMT Last-Modified Fri, 02 Aug 2024 04:31:58 GMT Server Apache Content-Type text/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 4387
GET H2	200	getjs Show response fastsslcertificates.com/siteseal/	1 KB 1 KB	576ms 350ms	Script application/x-javascript	2606:4700:3031::ac43:c1bb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fastsslcertificates.com/siteseal/getjs?v=29941744 Requested by Host: paymentpage.cfd URL: https://paymentpage.cfd/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:c1bb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash b484312bd8bac0e3a0a41ce65f4599fa5c3eeb5156dff53589451288eb208ee2 Request headers Referer https://paymentpage.cfd/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 06 Aug 2024 14:47:35 GMT content-encoding gzip x-aspnetmvc-version 5.2 cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-aspnet-version 4.0.30319 server cloudflare x-powered-by ASP.NET vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vQY5vN3W%2BaoHOeroMZFg%2B280sRLHheML53xBM4no%2B2dgao6e%2B1bDJux8sQckiVGN5eTt%2FrXMAlquyeYExXuyofDxWNww0sYpZn%2BoR1jak7%2FcF8Fczv%2BsYY9W6g%2BblPfhvl72dJWWL99zDOpOOea9vWj%2FzqN7BA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript; charset=utf-8 cache-control private cf-ray 8aefd2aa0889cba2-LAX alt-svc h3=":443"; ma=86400 content-length 892
GET H2	200	yMJMMIlzdpvBhQQL_SC3X9yhF25-T1nyGy6BoWgz.woff2 fonts.gstatic.com/s/orbitron/v31/	6 KB 6 KB	125ms 123ms	Font font/woff2	2607:f8b0:400d:c0d::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/orbitron/v31/yMJMMIlzdpvBhQQL_SC3X9yhF25-T1nyGy6BoWgz.woff2 Requested by Host: paymentpage.cfd URL: https://paymentpage.cfd/wp-content/plugins/phastpress/phast.php/c2VydmljZT1jc3Mmc3JjPWh0dHBzJTNBJTJGJTJGZm9udHMuZ29vZ2xlYXBpcy5jb20lMkZjc3MlM0ZmYW1pbHklM0RPcmJpdHJvbiZjYWNoZU1hcmtlcj02YTIwNjQzZTU5MjYyZmVmYTdiZjlmYmQyNDdhYjAxZi0yMzkyOTkmdG9rZW49YzE5YzdkMzVhNjZmYWNkZg.q.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:400d:c0d::5e Morganton, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 810602b2714840ce1b2dcf416d8abfccac89df116c8d076022d3cc3226fa55b1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://paymentpage.cfd/ Origin https://paymentpage.cfd User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 31 Jul 2024 10:12:33 GMT x-content-type-options nosniff age 534901 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6380 x-xss-protection 0 last-modified Thu, 24 Aug 2023 20:51:23 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 31 Jul 2025 10:12:33 GMT
POST H/1.1	200 OK	endpoint.php paymentpage.cfd/wp-content/plugins/burst-statistics/	0 186 B	342ms 339ms	Ping text/html	207.244.254.173 NL-811-40021
General Check archive.org Show headers Download Go to Full URL https://paymentpage.cfd/wp-content/plugins/burst-statistics/endpoint.php Requested by Host: paymentpage.cfd URL: https://paymentpage.cfd/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 207.244.254.173 St Louis, United States, ASN40021 (NL-811-40021, US), Reverse DNS vmi1581649.contaboserver.net Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://paymentpage.cfd/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type application/json Response headers Date Tue, 06 Aug 2024 14:47:34 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=96 Content-Length 0 Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	c2VydmljZT1zY3JpcHRzJnNyYz1odHRwcyUzQSUyRiUyRnBheW1lbnRwYWdlLmNmZCUyRndwLWluY2x1ZGVzJTJGanMlMkZ3cC1lbW9qaS1yZWxlYXNlLm1pbi5qcyUzRnZlciUzRDhkNmZkMmJmZmE3NWUzOGIzZTMzMTViYTZkZTVkY2VkJmNhY2hlTWFya2VyP... Show response paymentpage.cfd/wp-content/plugins/phastpress/phast.php/	18 KB 5 KB	256ms 255ms	Script application/javascript	207.244.254.173 NL-811-40021
General Check archive.org Show headers Download Go to Full URL https://paymentpage.cfd/wp-content/plugins/phastpress/phast.php/c2VydmljZT1zY3JpcHRzJnNyYz1odHRwcyUzQSUyRiUyRnBheW1lbnRwYWdlLmNmZCUyRndwLWluY2x1ZGVzJTJGanMlMkZ3cC1lbW9qaS1yZWxlYXNlLm1pbi5qcyUzRnZlciUzRDhkNmZkMmJmZmE3NWUzOGIzZTMzMTViYTZkZTVkY2VkJmNhY2hlTWFya2VyPTIzOTI5OQ.q.js Requested by Host: paymentpage.cfd URL: https://paymentpage.cfd/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 207.244.254.173 St Louis, United States, ASN40021 (NL-811-40021, US), Reverse DNS vmi1581649.contaboserver.net Software Apache / Resource Hash e691c64bdb42f02ea459a437eafe52e3ddc782e149d50b528c750df0d07c40c9 Security Headers Name Value Content-Security-Policy default-src 'none' X-Content-Type-Options nosniff Request headers Referer https://paymentpage.cfd/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Tue, 06 Aug 2024 14:47:34 GMT Content-Encoding gzip X-Content-Type-Options nosniff Content-Security-Policy default-src 'none' Transfer-Encoding chunked Connection Keep-Alive X-Accel-Expires 31536000 Last-Modified Tue, 06 Aug 2024 14:47:34 GMT Server Apache ETag "e976e4d2a1acc23f6e489cd4a3f45ac7" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=31536000 Keep-Alive timeout=5, max=98 Expires Wed, 06 Aug 2025 14:47:34 GMT
GET H2	200	render fastsslcertificates.com/siteseal/	10 KB 11 KB	356ms 350ms	Image image/png	2606:4700:3031::ac43:c1bb CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://fastsslcertificates.com/siteseal/render?hash=UlFrTk0S9R6R9DWzZSl6pg==&size=l&from=paymentpage.cfd&v=33070203 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:c1bb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 8d9ac03a43f89ce487d8805da2f31576517f84827fda329fcc8a0f83fefa04da Request headers Referer https://paymentpage.cfd/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 06 Aug 2024 14:47:35 GMT x-aspnetmvc-version 5.2 cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-aspnet-version 4.0.30319 server cloudflare x-powered-by ASP.NET report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7R7KN4iBocpJ8FU%2B08vZRvZAl1vEKmY2%2B%2F1RRD94HT%2BuWokEhXHkyl003cFgZVgps5YJ%2F3R%2FIq70jWKc2NDjzqE51rtABcovtBRZuXgx8lwYqpDcGynU4GvOLAaPAoLLdCMq5tu2PLlODN14yk8IzwPG9spkOw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control private cf-ray 8aefd2ac68d6cba2-LAX alt-svc h3=":443"; ma=86400 content-length 10741
GET H/1.1	200 OK	nunito-v8-latin-700.woff2 paymentpage.cfd/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/	18 KB 19 KB	121ms 121ms	Font font/woff2	207.244.254.173 NL-811-40021
General Check archive.org Show headers Download Go to Full URL https://paymentpage.cfd/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/nunito-v8-latin-700.woff2 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 207.244.254.173 St Louis, United States, ASN40021 (NL-811-40021, US), Reverse DNS vmi1581649.contaboserver.net Software Apache / Resource Hash cdc28355b0b7217392395460dd7dfbc65a4cf0822c986a7533f4ca7434799e53 Request headers Referer https://paymentpage.cfd/ Origin https://paymentpage.cfd User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Tue, 06 Aug 2024 14:47:36 GMT Last-Modified Mon, 08 Jul 2024 18:23:28 GMT Server Apache Content-Type font/woff2 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 18912
GET H/1.1	200 OK	nunito-v8-latin-regular.woff2 paymentpage.cfd/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/	18 KB 19 KB	111ms 110ms	Font font/woff2	207.244.254.173 NL-811-40021
General Check archive.org Show headers Download Go to Full URL https://paymentpage.cfd/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/nunito-v8-latin-regular.woff2 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 207.244.254.173 St Louis, United States, ASN40021 (NL-811-40021, US), Reverse DNS vmi1581649.contaboserver.net Software Apache / Resource Hash 623b62596e07df1fbf3a9fc0219c238e373bec6e55349826b0315b50ed2a7a7d Request headers Referer https://paymentpage.cfd/ Origin https://paymentpage.cfd User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Tue, 06 Aug 2024 14:47:36 GMT Last-Modified Mon, 08 Jul 2024 18:23:28 GMT Server Apache Content-Type font/woff2 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 18796

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _wpemojiSettings object| burst object| TimeMe function| burst_enable_cookies function| burst_update_hit function| burst_track_hit function| burst_init_events function| cssVars function| jQuery function| currentTime function| updateTime object| options function| nocontextmenu function| addMultiEventListener function| show_toast string| image_save_msg string| no_menu_msg string| smessage function| disableEnterKey function| wccp_free_iscontenteditable function| disable_copy function| disable_copy_ie function| reEnable function| disableSelection function| onlongtouch number| touchduration function| touchstart function| touchend function| wccp_pro_is_passive function| nocontext object| e object| body object| __fsid function| show_wpcp_message function| hide_message object| wp function| sprintf function| vsprintf object| swv object| wpcf7 object| $nanospaceBreakpoints function| NanoSpaceMenu object| nanospaceHelper object| nanospace object| moove_frontend_gdpr_scripts function| postscribe function| gdpr_lightbox string| gdpr_consent__strict string| gdpr_consent__thirdparty string| gdpr_consent__advanced object| twemoji

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			paymentpage.cfd/	1970-01-20 23:19:07	Name: burst_uid Value: 250fd112904b39e4bff9f4f5ec422ee0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fastsslcertificates.com
fonts.gstatic.com
paymentpage.cfd
207.244.254.173
2606:4700:3031::ac43:c1bb
2607:f8b0:400d:c0d::5e
284800ca9e68e11fe78a243f73da5f861743cf9b9921dafae583ac81cc711405
31a5c1823d1839173e38d59056fddec0c2d0caa3ccf1afd0bacd7474e8bc4507
355b03927e976d0993918c4eff8b0dc3d14d0f5e6725b67c95665cee70361879
45f1b654ec61c60215f597e30df063b0fee38c8a42f7046f99bf9bf3376971dc
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
623b62596e07df1fbf3a9fc0219c238e373bec6e55349826b0315b50ed2a7a7d
76f471e1b7605e8a0267a5a441a09991d71eacb74ba50917ce41990ad793fc48
810602b2714840ce1b2dcf416d8abfccac89df116c8d076022d3cc3226fa55b1
89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57
8d9ac03a43f89ce487d8805da2f31576517f84827fda329fcc8a0f83fefa04da
915e4c0bca1a5b1d48cb89b60b7ccdece48dca33fd7a81be46c665a354f8e9c2
96b3dfc0361e64c77830b968f74e931324ab6357b0cee548930f883d7d4d3600
a1f389a4a583504e955a630f2dc66ba3ef895fed89b6c6477f30fef9e09fd631
ab4387ba61119d55bbcd7a1a4ffdacdecb02713842272e6376f4dc610d950f08
b484312bd8bac0e3a0a41ce65f4599fa5c3eeb5156dff53589451288eb208ee2
c84444775cc0ebd621ca8e9169b9d2b58b1f192be943f40249c2653ee566e440
cc957b32137440586578725addf3843e1493a2aa965f0e9c9fb7be5fafe98209
cdc28355b0b7217392395460dd7dfbc65a4cf0822c986a7533f4ca7434799e53
d733ea300069e84e398c74ebb594ad2f5bad723b468e1586b20a73dca0cc3735
da43ae4d2670a49d1d9a67a1e3eb3dfb4fe8b3509119005b2a756719e44cbbfa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e691c64bdb42f02ea459a437eafe52e3ddc782e149d50b528c750df0d07c40c9
ee3e5d081281087b02c6f65d348b8abc8f5bca5b507ecda579199921f3b520fb
eee43bbb857e2a45fcb3d23db440cf609d603aaecaa82db5092924baf03c06da
f7cd0aa51a3490146b0b2b6988409c33ec2cbab62674a7182ec1bd2d82bb4bc5