URL: https://payments.karpahasands.com/
Submission: On February 08 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 17 HTTP transactions. The main IP is 207.148.127.230, located in Singapore and belongs to AS-CHOOPA, US. The main domain is payments.karpahasands.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on February 8th 2023. Valid for: 3 months.
This is the only time payments.karpahasands.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 207.148.127.230 20473 (AS-CHOOPA)
1 2a00:1450:400... 15169 (GOOGLE)
5 2606:4700:e2:... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
17 7
Apex Domain
Subdomains
Transfer
5 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 851
86 KB
3 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 746
51 KB
3 karpahasands.com
payments.karpahasands.com
26 KB
2 gstatic.com
fonts.gstatic.com
59 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 196
13 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 32
ajax.googleapis.com — Cisco Umbrella Rank: 298
31 KB
17 6
Domain Requested by
5 use.fontawesome.com payments.karpahasands.com
use.fontawesome.com
3 maxcdn.bootstrapcdn.com payments.karpahasands.com
maxcdn.bootstrapcdn.com
3 payments.karpahasands.com payments.karpahasands.com
2 fonts.gstatic.com fonts.googleapis.com
2 cdnjs.cloudflare.com payments.karpahasands.com
1 ajax.googleapis.com payments.karpahasands.com
1 fonts.googleapis.com payments.karpahasands.com
17 7

This site contains links to these domains. Also see Links.

Domain
www.karpahasands.com
benworldwide.com
Subject Issuer Validity Valid
payments.karpahasands.com
cPanel, Inc. Certification Authority
2023-02-08 -
2023-05-09
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-01-09 -
2023-04-03
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-06 -
2023-06-05
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-01-09 -
2023-04-03
3 months crt.sh

This page contains 1 frames:

Primary Page: https://payments.karpahasands.com/
Frame ID: CFC34F2B260EEB47EFBC54B52A5370BB
Requests: 17 HTTP requests in this frame

Screenshot

Page Title

Karpaha Sands

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

100 %
HTTPS

86 %
IPv6

6
Domains

7
Subdomains

7
IPs

3
Countries

267 kB
Transfer

528 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
payments.karpahasands.com/
6 KB
2 KB
Document
General
Full URL
https://payments.karpahasands.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
207.148.127.230 , Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
sghighend.benworldwide.com
Software
/
Resource Hash
319991cb4d6781baa3bd90222d3055ea3bc8a645866e766505b4896d149e2b59

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Age
0
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 08 Feb 2023 17:15:08 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Cache
MISS
X-Varnish
133038
css
fonts.googleapis.com/
11 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato|Montserrat:300,400,500,600,700|Playfair+Display:400,700
Requested by
Host: payments.karpahasands.com
URL: https://payments.karpahasands.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
34d3f12df9cb99861a8123e52853629bb12e05574a32ef010d3b870f14e000cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.karpahasands.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 08 Feb 2023 17:15:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 08 Feb 2023 17:15:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 Feb 2023 17:15:09 GMT
6474df5036.js
use.fontawesome.com/
4 KB
2 KB
Script
General
Full URL
https://use.fontawesome.com/6474df5036.js
Requested by
Host: payments.karpahasands.com
URL: https://payments.karpahasands.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35a2f0e1962dba3f78ee14fa6c89cfe3dfaecc833cf70c24c48c4e2619f23826

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.karpahasands.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 17:15:09 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 30 Jun 2021 20:04:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
R305KEYM8M7TSFWR
etag
W/"df82dea0978edd8bbba9bebba2fad6b3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8uUeUVBKwtcmK%2F705wHWRR%2FRzxawTAfb7fUN%2FB%2FEtaOK0lsvLr4ONmLIAOVIfAHnzxCMw0S8dzCon8BEJD%2BkgMllHI7IlsmAtb6bc5%2FalCy%2BqgVqUlkRQLzwPfp0bfilsrsEOKKYF5VzCn%2BXWdtqV8hF"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=1800
cf-ray
796601743b35bbe6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
8s+Ti+Gs0Y36Ex5ASOF/0UK4vmOIXd5zYy29BPbXIDM6K/1O3qYD5vP7LuZBVEnji2h16GQu9gs=
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/
107 KB
19 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/bootstrap.min.css
Requested by
Host: payments.karpahasands.com
URL: https://payments.karpahasands.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5fd723750763ebb731f9221e413e7d64d58d5192dc040e42292ed3dcccca732
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.karpahasands.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 17:15:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
845
age
4094889
cdn-cachedat
09/01/2022 23:05:28
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:57 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
W/"385b964b68acb68d23cb43a5218fade9"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
e21ddbe4528fb727aa1b1e85d0241157
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
796601742f892bde-FRA
cdn-requestpullsuccess
True
datepicker.css
cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.3.0/css/
18 KB
3 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.3.0/css/datepicker.css
Requested by
Host: payments.karpahasands.com
URL: https://payments.karpahasands.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22ba89116416afe1b5ba68a954dd5c9f84da4df93e0f1a08507db0e22736e2fa
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.karpahasands.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 17:15:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
653467
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1893
last-modified
Mon, 04 May 2020 16:06:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d8e-461a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2F09m3r9waARC6id7uRoGVcMAqitzETRykEhvWbC3Bx9LKc7pdcSohLtDz2t6ZANp2jScmFWo7mv4Ns7Kn%2BeDOKMRDbooXmFIhLYiFVE7%2F%2F%2BLBfa3goXC9im%2FGVenVhsL%2FDIETjVcSuIgk24LU5LPPLI"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
796601742b2f39e8-FRA
expires
Mon, 29 Jan 2024 17:15:08 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/
85 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: payments.karpahasands.com
URL: https://payments.karpahasands.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.karpahasands.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 03:27:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49659
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Feb 2024 03:27:30 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.2.0/js/
31 KB
9 KB
Script
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.2.0/js/bootstrap.min.js
Requested by
Host: payments.karpahasands.com
URL: https://payments.karpahasands.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.karpahasands.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 17:15:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
894
age
4094888
cdn-cachedat
08/06/2022 21:16:38
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:57 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
W/"abda843684d022f3bc22bc83927fe05f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
58500572f38c851b18c9f26eaea9ca77
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
796601742f8b2bde-FRA
cdn-requestpullsuccess
True
bootstrap-datepicker.js
cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.3.0/js/
46 KB
11 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.3.0/js/bootstrap-datepicker.js
Requested by
Host: payments.karpahasands.com
URL: https://payments.karpahasands.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
986511f1a769906aaa5557b6267180f43596342bddf89b7e86c61508df0729f3
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.karpahasands.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 17:15:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
653466
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10419
last-modified
Mon, 04 May 2020 16:06:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d8e-b6e5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tp0oA3cKqTiP%2BJk80NieY0oVFZ%2F56MayP5ZeJXGkYDLAWetYlkdQpikNEdO2d5hNQ7aPdmMNRAkPxliamixK908kbg8jUz2sRUdM6QbSp0Cp47txd57YNeyxKZkTb5w6qZJI5tt2ji7Jw9L0%2BWmiWfN5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
796601742b3139e8-FRA
expires
Mon, 29 Jan 2024 17:15:08 GMT
style.css
payments.karpahasands.com/css/
8 KB
3 KB
Stylesheet
General
Full URL
https://payments.karpahasands.com/css/style.css
Requested by
Host: payments.karpahasands.com
URL: https://payments.karpahasands.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
207.148.127.230 , Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
sghighend.benworldwide.com
Software
/
Resource Hash
019592a108e3eb0d4179ed7c5b86791d18e5acf3f76bad2aea3e3931cbf1908d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.karpahasands.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 17:15:07 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Jan 2020 04:22:42 GMT
Age
1
Vary
Accept-Encoding
X-Cache
HIT
X-Varnish
133040 2464247
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2726
X-Cache-Hits
1
karpaha_sands_logo.jpg
payments.karpahasands.com//img/
21 KB
21 KB
Image
General
Full URL
https://payments.karpahasands.com//img/karpaha_sands_logo.jpg
Requested by
Host: payments.karpahasands.com
URL: https://payments.karpahasands.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
207.148.127.230 , Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
sghighend.benworldwide.com
Software
/
Resource Hash
bb46a39a25efd7276655747f8c3a2c7215a684cdc6470bd281f00b4e42bb97e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.karpahasands.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 17:15:07 GMT
Last-Modified
Mon, 13 Jan 2020 04:22:44 GMT
Age
1
X-Cache
HIT
X-Varnish
2464254 2464249
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21081
X-Cache-Hits
1
webfontloader.js
use.fontawesome.com/webfontloader/1.6.24/
12 KB
5 KB
Script
General
Full URL
https://use.fontawesome.com/webfontloader/1.6.24/webfontloader.js
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/6474df5036.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2711b037e078e306e59765e9fc22d9f86867eb26af8c6af72d864a1c52bed8ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.karpahasands.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 17:15:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9K3HE0SAD82TH7TB
age
224
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
+NO/O5wYL6ku1oMZQxeysB7HTc5yrxbvakKzDGiSUX6zgZdN1nvU2rfuNvxGOv7jN25NJLHlzWs=
last-modified
Wed, 30 Jun 2021 15:26:30 GMT
server
cloudflare
etag
W/"9064ce12d2c81f68123c93bc1a8b0cad"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DqQl2vuZbtlGvhyLpDK2CXuN1HxFI%2BSAQdzNu5pCUYyurbj4gBVCtcBQ2I8laryrJQFxe2zVNusdVpWfOxQNRJqfNLrXDa%2FBsjsdjhUfWFi676AwFsKrJLcKL9PaU10FTa74OT4OE%2FAkka9eMuqHTslw"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31556926
cf-ray
79660177bfcfbbe6-FRA
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/
23 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato|Montserrat:300,400,500,600,700|Playfair+Display:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://payments.karpahasands.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 15:21:12 GMT
x-content-type-options
nosniff
age
93237
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Feb 2024 15:21:12 GMT
nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v30/
35 KB
35 KB
Font
General
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato|Montserrat:300,400,500,600,700|Playfair+Display:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://payments.karpahasands.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 12:52:40 GMT
x-content-type-options
nosniff
age
534149
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35764
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:06:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 Feb 2024 12:52:40 GMT
glyphicons-halflings-regular.woff
maxcdn.bootstrapcdn.com/bootstrap/3.2.0/fonts/
23 KB
23 KB
Font
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.2.0/fonts/glyphicons-halflings-regular.woff
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/bootstrap.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/bootstrap.min.css
Origin
https://payments.karpahasands.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 17:15:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
cdn-edgestorageid
1029
cdn-cachedat
01/02/2023 00:18:30
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23320
last-modified
Mon, 25 Jan 2021 22:03:57 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
"68ed1dac06bf0409c18ae7bc62889170"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
478548cd536d3af6818587a9128a364f
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
796601780f643617-FRA
cdn-requestpullsuccess
True
6474df5036.css
use.fontawesome.com/
1 KB
989 B
Stylesheet
General
Full URL
https://use.fontawesome.com/6474df5036.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/webfontloader/1.6.24/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
400b849f2f3785797ffb7eda3c89895794573dd445326b77d873508ce1306cf7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.karpahasands.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 17:15:09 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 30 Jun 2021 20:04:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
KSCV34TK06KFB9J8
etag
W/"eec2afc117a54f86ccd39c795d150ec8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H1Pm9USTE1%2FXeQQyXyOcIgHRXgcsPXH1nxFqrrQeK4UXom0nroWNfcU8mnvv4s5OQactvBRpTrLNtiquwwhmpstO3owCBbnKhxpK12zGa6mJnADTnYmF9sOMl6VuJ1jBbi9F2gobP0tDDMeozpOFewZc"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
79660178186335f3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
2nD4R1G0mZMDtkpL/jF6YAGcJLCTgb75Mst6kNCTWsmhH2ExYrtgXaaBLfjbsZr0+Y9M3gHdwAg=
font-awesome-css.min.css
use.fontawesome.com/releases/v4.6.3/css/
28 KB
7 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v4.6.3/css/font-awesome-css.min.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/6474df5036.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61f7de13520a14ec37ba246b4846f5850ab87ffbc0d5b366709509c1d97d83b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://use.fontawesome.com/6474df5036.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 17:15:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
796MJH02YZETZ8SF
age
647963
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
hHn8/6+/4BABVslKYYWWqHN9tstQwlRvW4HpdQrPboMyudmuqjn+ADt4W1JOlSlJIx4J1SHwxu0=
last-modified
Wed, 30 Jun 2021 15:26:48 GMT
server
cloudflare
etag
W/"7937bc10f6c59ceed1ff6e6bbebfcd8d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xLVKMotB44GmoMQlbYUHZzD1M5GZNY7F6sU3%2BiodVHXU0OFcLyyDrSlZICNsQ4UZosQ8OlQQvPST1raKI315ewQLR%2BzrvNdLGPvU2quBTgQAFlhTshQA%2FSiD5mEj%2Fg%2FODH2cTYZyvsFGZoAvr3cmJnfw"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
796601796a4a35f3-FRA
fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.6.3/fonts/
70 KB
71 KB
Font
General
Full URL
https://use.fontawesome.com/releases/v4.6.3/fonts/fontawesome-webfont.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/6474df5036.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer
https://use.fontawesome.com/6474df5036.css
Origin
https://payments.karpahasands.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 17:15:10 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
RXBZH0VT7ECGDYJP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
71896
x-amz-id-2
cr5bNeVak8/GVULmA2qVrUuis1Jf9RX3mNDRJ0aHTW4WSAr9VAUlR7rTBaHYeBuddFWJzBq+ICE=
last-modified
Wed, 30 Jun 2021 15:26:48 GMT
server
cloudflare
etag
"e6cf7c6ec7c2d6f670ae9d762604cb0b"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zKbH2GLZKyQbh3S2ztt%2F9en3J74K15vP8T9BpUHMp16nI82lGGWSz90yecg4YpxTvE6wXCGIsWnbqJCbE4Kt9mS%2Fs59by3pn%2Blvi9%2FW0tZRmNWeruXyjvE9RZ4zF6GFGoPKxbmHtvs0IupFk2EJAw9%2F%2B"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
79660179ce50372c-FRA

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange object| FontAwesomeCdnConfig object| WebFontConfig function| $ function| jQuery object| currDate object| WebFont

1 Cookies

Domain/Path Name / Value
payments.karpahasands.com/ Name: CAKEPHP
Value: 64onvb1l70b8hlri4a15pt6p06

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
payments.karpahasands.com
use.fontawesome.com
207.148.127.230
2606:4700::6811:190e
2606:4700::6812:acf
2606:4700:e2::ac40:850f
2a00:1450:400d:80a::2003
2a00:1450:400d:80c::200a
2a00:1450:400d:80e::200a
019592a108e3eb0d4179ed7c5b86791d18e5acf3f76bad2aea3e3931cbf1908d
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8
22ba89116416afe1b5ba68a954dd5c9f84da4df93e0f1a08507db0e22736e2fa
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f
2711b037e078e306e59765e9fc22d9f86867eb26af8c6af72d864a1c52bed8ac
319991cb4d6781baa3bd90222d3055ea3bc8a645866e766505b4896d149e2b59
34d3f12df9cb99861a8123e52853629bb12e05574a32ef010d3b870f14e000cc
35a2f0e1962dba3f78ee14fa6c89cfe3dfaecc833cf70c24c48c4e2619f23826
400b849f2f3785797ffb7eda3c89895794573dd445326b77d873508ce1306cf7
61f7de13520a14ec37ba246b4846f5850ab87ffbc0d5b366709509c1d97d83b5
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
986511f1a769906aaa5557b6267180f43596342bddf89b7e86c61508df0729f3
b5fd723750763ebb731f9221e413e7d64d58d5192dc040e42292ed3dcccca732
bb46a39a25efd7276655747f8c3a2c7215a684cdc6470bd281f00b4e42bb97e8
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e