pay.victo.ga Open in urlscan Pro
2606:4700:3036::6815:2cc2  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://sbe.pwsauth.ga/ Page URL
2. https://pay.victo.ga/ Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response sbe.pwsauth.ga/	280 B 550 B	1514ms 1073ms	Document text/html	76.76.21.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sbe.pwsauth.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 76.76.21.21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Vercel / Resource Hash af6069efdddf99f16214acba7654214014af957b294ac2affe0382e62324aec5 Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers :method GET :authority sbe.pwsauth.ga :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 16 Feb 2021 12:47:10 GMT content-type text/html; charset=utf-8 content-disposition inline; filename="index.html" cache-control public, max-age=0, must-revalidate content-length 280 access-control-allow-origin * etag W/"af6069efdddf99f16214acba7654214014af957b294ac2affe0382e62324aec5" accept-ranges bytes x-vercel-cache MISS age 0 server Vercel x-vercel-id arn1::sbq8n-1613479629530-12431d227209 strict-transport-security max-age=63072000
GET H2	200	Primary Request / Show response pay.victo.ga/	11 KB 4 KB	598ms 516ms	Document text/html	2606:4700:3036::6815:2cc2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pay.victo.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:2cc2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0d58dc5b29d57b7d7d02fb850ab0ed3b008e77ddbe036a2b476da05c1ccbe4c8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority pay.victo.ga :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest document referer https://sbe.pwsauth.ga/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://sbe.pwsauth.ga/ Response headers date Tue, 16 Feb 2021 12:47:16 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=d5a76298879c6cde5e485612fe1eb91381613479635; expires=Thu, 18-Mar-21 12:47:15 GMT; path=/; domain=.victo.ga; HttpOnly; SameSite=Lax x-xss-protection 1; mode=block x-content-type-options nosniff x-request-id 7de81381ce01761daafba509cf174cd7 cf-cache-status DYNAMIC cf-request-id 084c7a82e000001f2140813000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=H4h%2FGo1iJwYNpa4by4mGZ07GyVCezZVN%2BDdm8dCRx44sWuh7We9LPCXLCF%2FSfZZteRpqA0hXNFzcDBqUWuH1qoypeWFgjexmu6XjeU5WkLtKXbNWlofLW%2BY%3D"}],"group":"cf-nel","max_age":604800} nel {"max_age":604800,"report_to":"cf-nel"} server cloudflare cf-ray 6227604afd9d1f21-FRA content-encoding br
GET H2	200	header_style.css pay.victo.ga/	866 B 786 B	581ms 581ms	Stylesheet text/css	2606:4700:3036::6815:2cc2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pay.victo.ga/header_style.css Requested by Host: pay.victo.ga URL: https://pay.victo.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:2cc2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bd3b5faea17606bfaf9bcdc222c2e7b8985831d23ef176c5b1051f42c05eaf60 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://pay.victo.ga/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 16 Feb 2021 12:47:16 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 0 cf-request-id 084c7a84ed00001f212c8c3000000001 x-request-id fec6059358cf2eb836e8994471a1c686 last-modified Sat, 13 Feb 2021 13:57:44 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sdHsFFQzhDvmuVaTuEYGwu3vhF4zwIjwgDDoCdFI8lyURqDyBg%2BeOWAO9d%2F7dzy7RMrdt4lM2PUs6uV0JqgegaO%2FNXt96tjri4Rd7PtkIVZf8fQ4hMRb9rE%3D"}],"group":"cf-nel","max_age":604800} content-type text/css x-xss-protection 1; mode=block cache-control max-age=14400 cf-ray 6227604e49511f21-FRA
GET H2	200	logo.JPG pay.victo.ga/images/	59 KB 60 KB	623ms 623ms	Image image/jpeg	2606:4700:3036::6815:2cc2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pay.victo.ga/images/logo.JPG Requested by Host: pay.victo.ga URL: https://pay.victo.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:2cc2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fa1c801b0b423ac0efb2766ba86e985ad67a3d8bba634865d999936640b2f086 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://pay.victo.ga/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 16 Feb 2021 12:47:16 GMT x-content-type-options nosniff cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 0 content-length 60867 cf-request-id 084c7a84ed00001f210a827000000001 x-request-id da43993b6eb06e7de338dedc83e9d8be last-modified Sat, 13 Feb 2021 14:00:54 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=q0sCiqBrUFN1FhsIdG4wscxKWCDkagvXQldIaoc0e8r%2FZlG4ID2Pc5Hyzx0v6SO0r%2BUuUQz%2Ffgq0mVd8wn1FxFAhhTS8Xd%2FQSgDgvhOaHu8S5kC7JdLz1NI%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg x-xss-protection 1; mode=block cache-control max-age=14400 accept-ranges bytes cf-ray 6227604e49551f21-FRA
GET H2	200	footer-powered-by-000webhost-white2.png cdn.000webhost.com/000webhost/logo/	2 KB 2 KB	33ms 15ms	Image image/webp	2606:4700::6812:6c08 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.000webhost.com/000webhost/logo/footer-powered-by-000webhost-white2.png Requested by Host: pay.victo.ga URL: https://pay.victo.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:6c08 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 86f2673ec74a632865109a76b2232f4f5b3587daa219e07a17ef1d9c76a0fda5 Security Headers Name Value Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers Referer https://pay.victo.ga/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 16 Feb 2021 12:47:16 GMT x-content-type-options nosniff cf-cache-status HIT age 6340 cf-polished origFmt=png, origSize=2046 content-disposition inline; filename="footer-powered-by-000webhost-white2.webp" cf-bgj imgq:100,h2pri x-hostinger-datacenter srv alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1696 x-xss-protection 1; mode=block last-modified Mon, 15 Feb 2021 11:46:17 GMT server cloudflare x-frame-options sameorigin etag "602a5f09-7fe" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=2592000 content-type image/webp vary Accept cache-control public, max-age=14400 x-hostinger-node nl-srv-cdn2 cf-request-id 084c7a84fe00004a5c10887000000001 accept-ranges bytes cf-ray 6227604e6d3d4a5c-FRA expires Tue, 16 Feb 2021 16:47:16 GMT
GET H2	200	navbar_style.css pay.victo.ga/	2 KB 1017 B	582ms 580ms	Stylesheet text/css	2606:4700:3036::6815:2cc2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pay.victo.ga/navbar_style.css Requested by Host: pay.victo.ga URL: https://pay.victo.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:2cc2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 22474b7f219d26340eb15dc46bc659473a8086da51b4f5655110c1e30cdf0d62 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://pay.victo.ga/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 16 Feb 2021 12:47:16 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 0 cf-request-id 084c7a84ee00001f2109aa0000000001 x-request-id 2bace04653d5f7793a8df3780b24477f last-modified Sat, 13 Feb 2021 13:57:49 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2DKxhb6kUGQWEmHj7EE3QPn4kwvmor7E4rBL8NVIT2vs8m4pQWM6KNitFRQ0PUG3fTYcsptoJMqKXyuJLfb9vvTvz4GgujZJGflKA2cPcFqM3F2H0u76UUE%3D"}],"group":"cf-nel","max_age":604800} content-type text/css x-xss-protection 1; mode=block cache-control max-age=14400 cf-ray 6227604e49571f21-FRA
GET H2	200	jquery-3.2.1.min.js Show response pay.victo.ga/	85 KB 29 KB	562ms 560ms	Script application/javascript	2606:4700:3036::6815:2cc2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pay.victo.ga/jquery-3.2.1.min.js Requested by Host: pay.victo.ga URL: https://pay.victo.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:2cc2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://pay.victo.ga/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 16 Feb 2021 12:47:16 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 0 cf-request-id 084c7a84ee00001f216b3d0000000001 x-request-id 1bb1ff59b2f927c3ee23822506c89b61 last-modified Sat, 13 Feb 2021 13:57:46 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1l6E%2FLbgmVZpVxovCsD35tA3yMkIwXlJX5EiE9AF2c1z4uICG1rsAe9clEU2U%2FPz2EUNFIDDsQsvDJwl2HZERBsQW2cd9ms48iVYgBK50Tx8nlN6Q6SNWA0%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-xss-protection 1; mode=block cache-control max-age=14400 cf-ray 6227604e49581f21-FRA
GET H2	200	home_style.css pay.victo.ga/	3 KB 1 KB	553ms 552ms	Stylesheet text/css	2606:4700:3036::6815:2cc2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pay.victo.ga/home_style.css Requested by Host: pay.victo.ga URL: https://pay.victo.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:2cc2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3f443dd393c330ed891745565953054315ac5994e3a4fc9e2fdf6c53da846a6f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://pay.victo.ga/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 16 Feb 2021 12:47:16 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 0 cf-request-id 084c7a84ee00001f2172955000000001 x-request-id dbaf305cc45fbf0ff6df6d1744f79e9a last-modified Sat, 13 Feb 2021 13:57:45 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pPychoYcBDUvj7P8a5WE2hSuYrcNfHHhZI4Wi7dNkR%2F2la9RtAAw1CSfPOHipQNcbNhEHu8nuTwOUoAjlorqVIhy%2FLrwsveLbtAk3l3FAmRLUOT6Zq%2Fykho%3D"}],"group":"cf-nel","max_age":604800} content-type text/css x-xss-protection 1; mode=block cache-control max-age=14400 cf-ray 6227604e495a1f21-FRA
GET H2	200	removeBanner.js Show response pay.victo.ga/	178 B 451 B	561ms 559ms	Script application/javascript	2606:4700:3036::6815:2cc2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pay.victo.ga/removeBanner.js Requested by Host: pay.victo.ga URL: https://pay.victo.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:2cc2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 821b64027c3bd034a7a041e871594813bcf3405d6f73a698ec18c9c4060b58ce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://pay.victo.ga/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 16 Feb 2021 12:47:16 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 0 cf-request-id 084c7a84ee00001f216a9fd000000001 x-request-id b9dfa1a779d8d703e65ca630aa5c26d1 last-modified Sun, 14 Feb 2021 04:41:27 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BpboNlVDb5SYQUL0R9ftzp9Uc9FmmCNCeMD3jy5sixDmQAfQvLBp%2F2Kpv65yNYV4sUuz%2Bd68ruAoznx942mg9vmWEFxCM5EjkGkytGSUzxPZEpUF8MJ%2BmJY%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-xss-protection 1; mode=block cache-control max-age=14400 cf-ray 6227604e495b1f21-FRA
GET H2	200	easter_egg_style.css pay.victo.ga/	1 KB 803 B	560ms 559ms	Stylesheet text/css	2606:4700:3036::6815:2cc2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pay.victo.ga/easter_egg_style.css Requested by Host: pay.victo.ga URL: https://pay.victo.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:2cc2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4e19c294838fc3b50099261026a8d7b00e2edf3935473930bef6528f94f510d5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://pay.victo.ga/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 16 Feb 2021 12:47:16 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 0 cf-request-id 084c7a84ef00001f2123b62000000001 x-request-id e0ef3f45a585520e50d9d227f04d4fe8 last-modified Sat, 13 Feb 2021 13:57:41 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1bndC1vODSQ7COM2L0EvO89bDLE7CFPV7p5KQ5wrLJi0QpsjR7nzkR27Zw%2FLsugdmQ%2B4p9VGDn7hMtMizDgjiQ7NRpHk6EXACtFo76%2FoPVLp9Ue3nrXtrMo%3D"}],"group":"cf-nel","max_age":604800} content-type text/css x-xss-protection 1; mode=block cache-control max-age=14400 cf-ray 6227604e495c1f21-FRA
GET H2	200	pennywise.jpg pay.victo.ga/images/	57 KB 58 KB	554ms 553ms	Image image/jpeg	2606:4700:3036::6815:2cc2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pay.victo.ga/images/pennywise.jpg Requested by Host: pay.victo.ga URL: https://pay.victo.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:2cc2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b082c052f806d6a8aa9317ac820a548aed62e7cab2e3e5d4b82e2188d5bf258a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://pay.victo.ga/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 16 Feb 2021 12:47:16 GMT x-content-type-options nosniff cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 0 content-length 58669 cf-request-id 084c7a84ef00001f210d368000000001 x-request-id 41d193a56b402d8a6efe0e72358711db last-modified Sat, 13 Feb 2021 14:00:59 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vmkA0iWyuNgnrnuK8tPkrGtwZpKUvu3wLrT8sx1Hjb7rzKlwMvHa%2FkIMmECd86tik2iFFsvlFYEKkv%2BefqX4HzaZUlXetMbgH%2BalATQR3gUt%2BH56vw3zlEs%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg x-xss-protection 1; mode=block cache-control max-age=14400 accept-ranges bytes cf-ray 6227604e495d1f21-FRA
GET H2	200	fonts.css pay.victo.ga/	1 KB 541 B	200ms 200ms	Stylesheet text/css	2606:4700:3036::6815:2cc2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pay.victo.ga/fonts.css Requested by Host: pay.victo.ga URL: https://pay.victo.ga/header_style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:2cc2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 78e5a3e1953dd72bf5921158d3f9db27de51878e4c6b3783cf8b7870ec77dd65 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://pay.victo.ga/header_style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 16 Feb 2021 12:47:16 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 0 cf-request-id 084c7a873100001f214084a000000001 x-request-id 27bca169cbfc9d5edb0e29e7836113c2 last-modified Sat, 13 Feb 2021 13:57:43 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5KjxoG1puRK1I9V1EBEk1G7OkXjuaCCD16oj2GSkgwDaDn9zD0V92MTbrDe0EChnPsVFOqFVcZkldGaXwoJETZzF%2F6kiOzkyHSp5FoXk1nwFWxCcylMWw8c%3D"}],"group":"cf-nel","max_age":604800} content-type text/css x-xss-protection 1; mode=block cache-control max-age=14400 cf-ray 62276051ed641f21-FRA
GET H2	200	home.jpg pay.victo.ga/images/	90 KB 90 KB	561ms 560ms	Image image/jpeg	2606:4700:3036::6815:2cc2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pay.victo.ga/images/home.jpg Requested by Host: pay.victo.ga URL: https://pay.victo.ga/home_style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:2cc2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2cabf2a89bff9a792bba401c78c18277867c2a87477dffb61b373de40bcf2ddd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://pay.victo.ga/home_style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 16 Feb 2021 12:47:17 GMT x-content-type-options nosniff cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 0 content-length 91683 cf-request-id 084c7a880700001f214d86d000000001 x-request-id d00912382bb7aeffdc216914713c01f0 last-modified Sat, 13 Feb 2021 14:00:53 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CB2BIsQ0zNwliFZQQihFIKKba2vDbMVDKQSLRWyLBovteSs4%2BWtV9cp6Yl45pz2ZEVfQd6Nu5WhUXwbNCbHIkxZ0MN4HvSDPydbWjyiyoLdPPVOVcZJh%2Bbk%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg x-xss-protection 1; mode=block cache-control max-age=14400 accept-ranges bytes cf-ray 622760533ee71f21-FRA
GET H2	200	Barlow-Regular.ttf pay.victo.ga/fonts/Barlow/	96 KB 45 KB	572ms 571ms	Font application/font-sfnt	2606:4700:3036::6815:2cc2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pay.victo.ga/fonts/Barlow/Barlow-Regular.ttf Requested by Host: pay.victo.ga URL: https://pay.victo.ga/fonts.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:2cc2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cd90f6856cb7cd099b881b6370b330710a8bf9d082b01fb9ff949df01005bd87 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Origin https://pay.victo.ga Referer https://pay.victo.ga/fonts.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 16 Feb 2021 12:47:17 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 0 cf-request-id 084c7a880c00001f2166365000000001 x-request-id 00284c74ee2297da1326d540b302ff01 last-modified Sat, 13 Feb 2021 14:01:03 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GeStNo28jN7WXt04K6ws9zpmxL%2BSCNBXxteV2tWYdURlTTxf5syWpCMXcz3o3CVAjVp8Ie1fNgR4N%2FRmAbMKuCEZmx9%2FEn3jFGQcJDTIneqUAV0O15MFXtg%3D"}],"group":"cf-nel","max_age":604800} content-type application/font-sfnt x-xss-protection 1; mode=block cache-control max-age=14400 cf-ray 622760534ef61f21-FRA
GET H2	200	DO.ttf pay.victo.ga/fonts/DreamOrphans/	46 KB 23 KB	556ms 555ms	Font application/font-sfnt	2606:4700:3036::6815:2cc2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pay.victo.ga/fonts/DreamOrphans/DO.ttf Requested by Host: pay.victo.ga URL: https://pay.victo.ga/fonts.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:2cc2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3d7402f040fecc0e6cdf31079eb1f3cd70000f51bb4f417d5a2ce5dd4f3e1ee3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Origin https://pay.victo.ga Referer https://pay.victo.ga/fonts.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 16 Feb 2021 12:47:17 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 0 cf-request-id 084c7a881200001f21213de000000001 x-request-id fe5b984d36b7a55edbc50f253090dedd last-modified Sat, 13 Feb 2021 14:01:06 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=R1PuDBAWWU%2F4R89faB8%2BbibDizJ0lcp4cGXr%2Bu%2Ft4aNF1f298q7eDT0IxHqeQhfgXQorwBFQBdXYSDv0WrsQn0%2Be8KIOCn4nUYVAApsLq4ngrG8j%2Fk4kMew%3D"}],"group":"cf-nel","max_age":604800} content-type application/font-sfnt x-xss-protection 1; mode=block cache-control max-age=14400 cf-ray 622760534efc1f21-FRA

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| getCookie undefined| wordpressAdminBody object| notification object| hostingerLogo undefined| mainContent undefined| googleFont undefined| css undefined| style undefined| sheet undefined| button undefined| link undefined| mainContentHolder undefined| h1Tag undefined| h2Tag undefined| paragraph undefined| list undefined| org_html undefined| new_html undefined| saleImage function| $ function| jQuery function| respFunc number| old_time number| count boolean| eEgg_flag object| modal object| footer function| eEgg_func

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.victo.ga/	1970-01-19 16:54:31	Name: __cfduid Value: d5a76298879c6cde5e485612fe1eb91381613479635

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.000webhost.com
pay.victo.ga
sbe.pwsauth.ga
2606:4700:3036::6815:2cc2
2606:4700::6812:6c08
76.76.21.21
0d58dc5b29d57b7d7d02fb850ab0ed3b008e77ddbe036a2b476da05c1ccbe4c8
22474b7f219d26340eb15dc46bc659473a8086da51b4f5655110c1e30cdf0d62
2cabf2a89bff9a792bba401c78c18277867c2a87477dffb61b373de40bcf2ddd
3d7402f040fecc0e6cdf31079eb1f3cd70000f51bb4f417d5a2ce5dd4f3e1ee3
3f443dd393c330ed891745565953054315ac5994e3a4fc9e2fdf6c53da846a6f
4e19c294838fc3b50099261026a8d7b00e2edf3935473930bef6528f94f510d5
78e5a3e1953dd72bf5921158d3f9db27de51878e4c6b3783cf8b7870ec77dd65
821b64027c3bd034a7a041e871594813bcf3405d6f73a698ec18c9c4060b58ce
86f2673ec74a632865109a76b2232f4f5b3587daa219e07a17ef1d9c76a0fda5
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
af6069efdddf99f16214acba7654214014af957b294ac2affe0382e62324aec5
b082c052f806d6a8aa9317ac820a548aed62e7cab2e3e5d4b82e2188d5bf258a
bd3b5faea17606bfaf9bcdc222c2e7b8985831d23ef176c5b1051f42c05eaf60
cd90f6856cb7cd099b881b6370b330710a8bf9d082b01fb9ff949df01005bd87
fa1c801b0b423ac0efb2766ba86e985ad67a3d8bba634865d999936640b2f086