urlscan.io logo urlscan.io
SecurityTrails logo

gls-hu.apay-wiew.site Open in urlscan Pro
2606:4700:3036::ac43:abc1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://sc.link/dSrgM
Effective URL: https://gls-hu.apay-wiew.site/safedeal/595246213956
Submission: On December 15 via manual from HU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 7 domains to perform 29 HTTP transactions. The main IP is 2606:4700:3036::ac43:abc1, located in United States and belongs to CLOUDFLARENET, US. The main domain is gls-hu.apay-wiew.site.
TLS certificate: Issued by GTS CA 1P5 on December 11th 2023. Valid for: 3 months.
This is the only time gls-hu.apay-wiew.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 178.248.232.231 51115 (HLL-AS)
1 15 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
6 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a04:4e42::649 54113 (FASTLY)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a02:4780:9:1... 47583 (AS-HOSTINGER)
29 7
1    178.248.232.231 (Russian Federation)

ASN51115 (HLL-AS, RU)
sc.link
15    2606:4700:3036::ac43:abc1 (United States)

ASN13335 (CLOUDFLARENET, US)
gls-hu.apay-wiew.site
2    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2606:4700:3035::ac43:c8c8 (United States)

ASN13335 (CLOUDFLARENET, US)
dpays-offers.site
2    2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
4    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a02:4780:9:1111:0:1aa4:22e8:2 (Vilnius, Lithuania)

ASN47583 (AS-HOSTINGER, CY)
pmtomrer.dk
Apex Domain
Subdomains		 Transfer
15 apay-wiew.site
gls-hu.apay-wiew.site
44 KB
6 dpays-offers.site
dpays-offers.site
24 KB
4 gstatic.com
fonts.gstatic.com
71 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 735
61 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
1 pmtomrer.dk
pmtomrer.dk
1 MB
1 sc.link
sc.link
851 B
29 7
Domain Requested by
15 gls-hu.apay-wiew.site 1 redirects gls-hu.apay-wiew.site
code.jquery.com
6 dpays-offers.site gls-hu.apay-wiew.site
code.jquery.com
4 fonts.gstatic.com fonts.googleapis.com
2 code.jquery.com gls-hu.apay-wiew.site
dpays-offers.site
2 fonts.googleapis.com gls-hu.apay-wiew.site
dpays-offers.site
1 pmtomrer.dk dpays-offers.site
1 sc.link 1 redirects
29 7

This site contains no links.

Subject Issuer Validity Valid
apay-wiew.site
GTS CA 1P5		 2023-12-11 -
2024-03-10		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
dpays-offers.site
GTS CA 1P5		 2023-12-02 -
2024-03-01		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
pmtomrer.dk
R3		 2023-12-04 -
2024-03-03		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://gls-hu.apay-wiew.site/safedeal/595246213956
Frame ID: 2E60B5468A96E605AC36F4CF91B45996
Requests: 20 HTTP requests in this frame

Frame: https://dpays-offers.site/nwbt/bot-api/chat.php?chat_id=595246213956&service=glshu2.0
Frame ID: 48C9E96810CAFE47DBE66CC91B5744C4
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

LifeGear Classic Pro 20380 Szobakerékpár - GLS HU

Page URL History Show full URLs

  1. https://sc.link/dSrgM HTTP 308
    https://gls-hu.apay-wiew.site/safedeal/595246213956 HTTP 302
    https://gls-hu.apay-wiew.site/safedeal/595246213956 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

29
Requests

100 %
HTTPS

86 %
IPv6

7
Domains

7
Subdomains

7
IPs

4
Countries

1341 kB
Transfer

1538 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://sc.link/dSrgM HTTP 308
    https://gls-hu.apay-wiew.site/safedeal/595246213956 HTTP 302
    https://gls-hu.apay-wiew.site/safedeal/595246213956 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 595246213956
gls-hu.apay-wiew.site/safedeal/
Redirect Chain
  • https://sc.link/dSrgM
  • https://gls-hu.apay-wiew.site/safedeal/595246213956
  • https://gls-hu.apay-wiew.site/safedeal/595246213956
10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gls-hu.apay-wiew.site/safedeal/595246213956
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:abc1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
770e9cc62978886f4d831d0f1cf3c3d5a4dbe85f61ee7da1c3bdcf0e1ded9d10

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
baloo-proxy
1.4
cf-cache-status
DYNAMIC
cf-ray
835e125a9f5a968c-SJC
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 15 Dec 2023 10:41:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DKG8eDG0PGvokv1BrW%2FUudNADlwgrkpcCYJqrZGd2RimlbDnzDOY8HrH24Om8xC8Mn69tIyxUUUfAiRHt9XhuVg51Z470UXfjlDttk1lyi5ycR4tRVVqGfoYAx95AdEAeSc8xSwfVouamGNIEJfLm2ZCvAw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
baloo-proxy
1.4
cf-cache-status
DYNAMIC
cf-ray
835e12579c85968c-SJC
content-type
text/html; charset=utf-8
date
Fri, 15 Dec 2023 10:41:00 GMT
location
/safedeal/595246213956
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WkwPbk85qEIeNLnqO74Vb6mt9P9cSZw1jcOx3rLRpbmVRRIRniYVBu0nVAZ2SswKSg%2FHMLT6nLdhMdwE68sL4khI9NSB806c2Ac7r9F8oddLKjZBUTQGk2%2BspFnEE5LuUmqcBaqA2UIMaQf4WanO9LQlDqA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
css2
fonts.googleapis.com/ 		5 KB
960 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Onest:wght@300;400;500;600&display=swap
Requested by
Host: gls-hu.apay-wiew.site
URL: https://gls-hu.apay-wiew.site/safedeal/595246213956
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2ae74c8908ff6ec0d83de80e91c16a8a8169e28967534d8d94259d559a95ecf3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gls-hu.apay-wiew.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 15 Dec 2023 10:41:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 15 Dec 2023 10:41:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 15 Dec 2023 10:41:01 GMT
normalize.css
gls-hu.apay-wiew.site/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gls-hu.apay-wiew.site/css/normalize.css
Requested by
Host: gls-hu.apay-wiew.site
URL: https://gls-hu.apay-wiew.site/safedeal/595246213956
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:abc1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd6da89a7351d004bfe48c19d8903820332d9ae9a8837625652832baa1d0cff7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gls-hu.apay-wiew.site/safedeal/595246213956
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:41:01 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 08 Dec 2023 08:25:37 GMT
proxy-cache
MISS
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag
W/"186b-60bfb542dfd24-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=siLCRSe1m4L85q75bldE0xf1HtuaDqTBwhjczr7jf1rbXKvYkHg0qVhHXTIpyJo9y5vpRL4NzpDtxI5QcaQK26USSMAsOyF0%2FN3fDKjm4X9wNNbJK2bNc9%2FgcXF3a5NL2ZLNGhNHL%2B6YhfRcYvVPoXH4Vh0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
baloo-proxy
1.4
cf-ray
835e125e0e6f2bf1-FRA
alt-svc
h3=":443"; ma=86400
main.css
gls-hu.apay-wiew.site/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gls-hu.apay-wiew.site/css/main.css
Requested by
Host: gls-hu.apay-wiew.site
URL: https://gls-hu.apay-wiew.site/safedeal/595246213956
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:abc1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2ee448bf98472c2421ceb1e094e80665be6d82a8a529039503abd05b7468d7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gls-hu.apay-wiew.site/safedeal/595246213956
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:41:01 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 08 Dec 2023 08:33:49 GMT
proxy-cache
MISS
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag
W/"153b-60bfb71843c2e-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oSq%2FA8bykO98NkNVT%2BB%2FcVTm3lkKTQG7EoF4KED5lDth5LQ0Ibo37cPkMN2q2IbqPFkzsV1xn5xcLMB3pkM19rolf%2FUGcOXLdDIOzrmu%2BecpCwPorS52KDc1AtK9o527%2FsGuLgGQ%2B4D63EMPzplIuw4YUJc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
baloo-proxy
1.4
cf-ray
835e125e1e722bf1-FRA
alt-svc
h3=":443"; ma=86400
chat.css
gls-hu.apay-wiew.site/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gls-hu.apay-wiew.site/chat.css
Requested by
Host: gls-hu.apay-wiew.site
URL: https://gls-hu.apay-wiew.site/safedeal/595246213956
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:abc1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32d2197a1fd1c0b5c47de3809988721b9336452f808663c5e003170026400adf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gls-hu.apay-wiew.site/safedeal/595246213956
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:41:01 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 10 Dec 2023 09:37:54 GMT
proxy-cache
MISS
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag
W/"1783-60c249266ea4a-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2BRFd75dftT96njncCkj9%2F9YuXedCZ8rsD9A0DdxT9GXIJ%2B8Vi4uvpKtw%2FOWET6mmfcfaQTzllSYmUoT38eYL%2FXKa3aQqmWkIZELhC0t%2FAAOoxYeCIrv9e47yslDzCwmtwDMbGY01cgD7gqydhUZMnsK5OY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
baloo-proxy
1.4
cf-ray
835e125e1e752bf1-FRA
alt-svc
h3=":443"; ma=86400
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eeda67bd2327a192aa3de335daf55743804d8a4dc2695311bd3e57b38c4e0cb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
595246213956.png
dpays-offers.site/nwbt/temp/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpays-offers.site/nwbt/temp/595246213956.png
Requested by
Host: gls-hu.apay-wiew.site
URL: https://gls-hu.apay-wiew.site/safedeal/595246213956
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:c8c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce18ec3308f885d6203a466853356a4e459ec86f827aa9d0b76b1224cde0ec78

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gls-hu.apay-wiew.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:41:01 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
8058
last-modified
Fri, 15 Dec 2023 08:54:55 GMT
proxy-cache
MISS
server
cloudflare
etag
"657c145f-1f7a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lTzckbitwonV8VL7lVaJYuTl3%2BSgJKdM39smw7qCrQKNUGgsp4uHbqEM9SLtzbPI5OaSvDW27tVCwOVlAOGwVeSveKvUp8V%2BMZl9Fo2lb%2FtUIrDMJrd%2Fs4MmjcH3MdHmyJc3EqWsQ%2F%2BIWS4r%2BPJjnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
baloo-proxy
1.4
accept-ranges
bytes
cf-ray
835e1260de5396ef-SJC
expires
Sat, 16 Dec 2023 10:41:01 GMT
cards.svg
gls-hu.apay-wiew.site/images/ 		37 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gls-hu.apay-wiew.site/images/cards.svg
Requested by
Host: gls-hu.apay-wiew.site
URL: https://gls-hu.apay-wiew.site/safedeal/595246213956
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:abc1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e4c2991fec8cb25edcd232a5feaf5d2f536d6aaf1a20e6ad17bea15f333ccd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gls-hu.apay-wiew.site/safedeal/595246213956
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:41:01 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 08 Dec 2023 08:25:37 GMT
proxy-cache
MISS
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag
W/"948f-60bfb5436c714"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ooSACS8uBpE55bgTx9c6QAfZ%2Bq1HEz0mBSXz%2B%2B3GtNw1zVJLGuJCrNbsAdWIeVAjILz4Fgq93QwkMVNKpprxYKlwbNXNuuTZAcqxKUL2ZQc7Fqolu2mdsz0f4CPz7j2Nmo7tPfdZ23kaTfRmYUPPvEo%2BQ4I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
baloo-proxy
1.4
cf-ray
835e125e1e762bf1-FRA
alt-svc
h3=":443"; ma=86400
agreement.svg
gls-hu.apay-wiew.site/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gls-hu.apay-wiew.site/images/agreement.svg
Requested by
Host: gls-hu.apay-wiew.site
URL: https://gls-hu.apay-wiew.site/safedeal/595246213956
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:abc1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ffabf8be186b8ef8ce90a2f182ac3f3b48fa4e460318b6bef36770ed50b8b5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gls-hu.apay-wiew.site/safedeal/595246213956
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:41:01 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 08 Dec 2023 08:25:37 GMT
proxy-cache
MISS
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag
W/"4b3-60bfb5436c714"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w5OMHq1UssxYC4Wcn2T1ijMSugiLlfWMWz0EIXjRhg6Kdv1cceYzPSuphTpG3AzmKpxGrRLs18lyccL%2BHIYdWwYfd41KTdo33DoVQu8R8Q85V5%2BKY0drqP9i9ctzyXKSfsIc4pE4UylZvoblLBsSMVHh8vA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
baloo-proxy
1.4
cf-ray
835e125e1e772bf1-FRA
alt-svc
h3=":443"; ma=86400
jquery-3.6.1.min.js
code.jquery.com/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.1.min.js
Requested by
Host: gls-hu.apay-wiew.site
URL: https://gls-hu.apay-wiew.site/safedeal/595246213956
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

Referer
https://gls-hu.apay-wiew.site/
Origin
https://gls-hu.apay-wiew.site
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:41:01 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
3253348
x-cache
HIT, HIT
content-length
30957
x-served-by
cache-lga13629-LGA, cache-fra-eddf8230099-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1702636861.167043,VS0,VE0
etag
W/"28feccc0-15e40"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
1, 10962
gNMKW3F-SZuj7xmf-HY.woff2
fonts.gstatic.com/s/onest/v6/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/onest/v6/gNMKW3F-SZuj7xmf-HY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Onest:wght@300;400;500;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b7650d2e1b163ebdce8e7c79762bb054c49693702a6582f5cdc365a027fa591
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gls-hu.apay-wiew.site
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:22:43 GMT
x-content-type-options
nosniff
age
278298
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32216
x-xss-protection
0
last-modified
Mon, 27 Nov 2023 19:26:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Dec 2024 05:22:43 GMT
gNMKW3F-SZuj7xmR-HY6EQ.woff2
fonts.gstatic.com/s/onest/v6/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/onest/v6/gNMKW3F-SZuj7xmR-HY6EQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Onest:wght@300;400;500;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
265f5b66519070be429a4df8c93e480ab439fe2d505e6c33ea9c8ca4f9d5ddab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gls-hu.apay-wiew.site
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:38:07 GMT
x-content-type-options
nosniff
age
262974
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15760
x-xss-protection
0
last-modified
Mon, 27 Nov 2023 19:27:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Dec 2024 09:38:07 GMT
chat.php
dpays-offers.site/nwbt/bot-api/ Frame 48C9 		72 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dpays-offers.site/nwbt/bot-api/chat.php?chat_id=595246213956&service=glshu2.0
Requested by
Host: gls-hu.apay-wiew.site
URL: https://gls-hu.apay-wiew.site/safedeal/595246213956
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:c8c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32e13d4810d73a5d04ba66886ef1cdd2c4fafdc1ab96aa40562bf6cabe176527

Request headers

Referer
https://gls-hu.apay-wiew.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
baloo-proxy
1.4
cf-cache-status
DYNAMIC
cf-ray
835e1260de5196ef-SJC
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 15 Dec 2023 10:41:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pd%2B3n5k6LqtxUU5eNpH%2BNEBM0bpnsS9Ym2yfLreMz6Es0zEZRvy4M8cYEJAz4TBPv7PHXX5g%2B3t6ToXvpJQPOmhC9RGqa2ijfX5hOlAyrVSbnPwyqGcodBPq%2B8sNdT3%2BqQr2xEBNxnOMHcdAEDIVSg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
jquery-3.4.1.min.js
code.jquery.com/ Frame 48C9 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.min.js
Requested by
Host: dpays-offers.site
URL: https://dpays-offers.site/nwbt/bot-api/chat.php?chat_id=595246213956&service=glshu2.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dpays-offers.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:41:02 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
7834662
x-cache
HIT, HIT
content-length
30638
x-served-by
cache-lga21965-LGA, cache-fra-eddf8230096-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1702636862.065834,VS0,VE0
etag
W/"28feccc0-15851"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
454, 839434
css2
fonts.googleapis.com/ Frame 48C9 		2 KB
668 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat&display=swap
Requested by
Host: dpays-offers.site
URL: https://dpays-offers.site/nwbt/bot-api/chat.php?chat_id=595246213956&service=glshu2.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ae427a9b14139b41e89b8e50b3616f15408f23e8b31214e5458831af604e4eb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dpays-offers.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 15 Dec 2023 10:41:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 15 Dec 2023 09:48:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 15 Dec 2023 10:41:02 GMT
kontakt-os-1-1024x1024.png
pmtomrer.dk/wp-content/uploads/2020/03/ Frame 48C9 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmtomrer.dk/wp-content/uploads/2020/03/kontakt-os-1-1024x1024.png
Requested by
Host: dpays-offers.site
URL: https://dpays-offers.site/nwbt/bot-api/chat.php?chat_id=595246213956&service=glshu2.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:9:1111:0:1aa4:22e8:2 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
0aca7b63af97c4d5b5e5743d7b4ef21dea5553d15653e9048cfdfdd30bc9afd2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dpays-offers.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:41:02 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 24 Mar 2020 19:36:09 GMT
server
LiteSpeed
etag
"11cc6f-5e7a6129-6ef288ae6aef5996;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
1166447
expires
Fri, 22 Dec 2023 10:41:02 GMT
getStatus.php
gls-hu.apay-wiew.site/ 		4 B
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gls-hu.apay-wiew.site/getStatus.php?page_id=595246213956
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:abc1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

Accept
*/*
Referer
https://gls-hu.apay-wiew.site/safedeal/595246213956
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:41:02 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache
MISS
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FhY00eqkmcNKzYa2j%2BJ8DaD483FYps8DAivEqqbPSFYqiMdSFI6e45KDQA2sNjN77Dkvo9qp%2B10F1LhlZfzs%2ByQ9XsiFPINqbModk0bQ8iUVFNBYX6gFvrNuguZ9qiZYoRsh8Eiw6zL6wwZBPGzGmc7mlSQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
baloo-proxy
1.4
cf-ray
835e126588282bf1-FRA
alt-svc
h3=":443"; ma=86400
newMsg.php
gls-hu.apay-wiew.site/ 		5 B
456 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gls-hu.apay-wiew.site/newMsg.php?page_id=595246213956&page=safedeal
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:abc1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

Accept
*/*
Referer
https://gls-hu.apay-wiew.site/safedeal/595246213956
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:41:02 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache
MISS
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fZVAZdumh%2BQravXLjQtz9qN6AUYK4cDyJAct70gWiu2jJUZiqB7dlFYjosSpdCdcYQvbp1vjc6JfeEFBJ0BvaYszXVFokqb%2FcCaOb7Aj4KleGKNMVfc06MskmjJzAgMvBAFcLfpsRfNjSzfFFuJ5XCRQglc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
baloo-proxy
1.4
cf-ray
835e1265882b2bf1-FRA
alt-svc
h3=":443"; ma=86400
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame 48C9 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dpays-offers.site
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 23:22:46 GMT
x-content-type-options
nosniff
age
299896
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14940
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:46:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Dec 2024 23:22:46 GMT
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw9aXpsog.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame 48C9 		8 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw9aXpsog.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3a86ec5d513def02afa9ea87e94e5961d9d88688ae807d4c3d5ff55639bfbb54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dpays-offers.site
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 07:15:13 GMT
x-content-type-options
nosniff
age
271549
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8636
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:43:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Dec 2024 07:15:13 GMT
chat.php
dpays-offers.site/nwbt/bot-api/ Frame 48C9 		341 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpays-offers.site/nwbt/bot-api/chat.php?api=true&chat_id=595246213956&service=glshu2.0&getMessages=true
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:c8c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f023348e24d790f40c9fe9969262ff77273b7bc80cd923f51a0788ec8f59df5a

Request headers

Accept
*/*
Referer
https://dpays-offers.site/nwbt/bot-api/chat.php?chat_id=595246213956&service=glshu2.0
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:41:03 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache
MISS
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RqgviydhrIcoVwGfwOWCj8DspYmp8nPtxFJ58p2eO7It%2BAany4w6sIk5w1lmOD5CmMlm%2FZt81E6FKHIbqDqXUMpteP8JYYVyOkSEUlmMot1DEsrInxLsreSuKPOPmIVJvEQN3S4eAAB%2FTmzU4bwYlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
baloo-proxy
1.4
cf-ray
835e12695b2a96ef-SJC
alt-svc
h3=":443"; ma=86400
chat.php
dpays-offers.site/nwbt/bot-api/ Frame 48C9 		341 B
701 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpays-offers.site/nwbt/bot-api/chat.php?api=true&chat_id=595246213956&service=glshu2.0&getMessages=true
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:c8c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f023348e24d790f40c9fe9969262ff77273b7bc80cd923f51a0788ec8f59df5a

Request headers

Accept
*/*
Referer
https://dpays-offers.site/nwbt/bot-api/chat.php?chat_id=595246213956&service=glshu2.0
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:41:03 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache
MISS
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9CoM0H1AoPjocR5t7M5Gw9qj%2F%2BgH4O0y3xLw98NXOuC2gfSXZ%2FVjtzXdT12jiS4A3VBqvUGh0KIBsP5flwtkFLnxVOmiKpMwxwcsDwiDqxmjcyKjDtuTmiv6C%2Bnx0kslnOE9vw4viIzgyA7FW5oWiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
baloo-proxy
1.4
cf-ray
835e126b082f92a8-FRA
alt-svc
h3=":443"; ma=86400
getStatus.php
gls-hu.apay-wiew.site/ 		4 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gls-hu.apay-wiew.site/getStatus.php?page_id=595246213956
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:abc1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

Accept
*/*
Referer
https://gls-hu.apay-wiew.site/safedeal/595246213956
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:41:03 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache
MISS
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ILDg9vI4biQwalLwxAW1ZxiUDAlzq2odZth5Ffx1JRMwVrnNKfZJB%2BWC3s4S5goU2Yr2la7gWYnRk%2BjvlNHT0owkgmAtf%2BSdWm%2BZ60RhUhh75caWpRJgDO91a%2F3HMSyxygXsP%2BQwkFxzA8GU01GLSFAvwWM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
baloo-proxy
1.4
cf-ray
835e126bc8632bf1-FRA
alt-svc
h3=":443"; ma=86400
newMsg.php
gls-hu.apay-wiew.site/ 		5 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gls-hu.apay-wiew.site/newMsg.php?page_id=595246213956&page=safedeal
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:abc1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

Accept
*/*
Referer
https://gls-hu.apay-wiew.site/safedeal/595246213956
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:41:03 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache
MISS
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7oESjb3SI%2FRkMUF8UaDN%2FRZo8KM7PDJA1zXhlUwKiQvIBT8v%2FVSCt7ydSP7SbvlYBaHwJM1HMk9FPjwJD%2FrH%2BCi3jhnGK7f%2FoeX05%2F2krJBHc0KUXgeaJPNRTjzWVoMfg0MkQELi%2BOvqIVKYhov477xOaIY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
baloo-proxy
1.4
cf-ray
835e126bc8662bf1-FRA
alt-svc
h3=":443"; ma=86400
chat.php
dpays-offers.site/nwbt/bot-api/ Frame 48C9 		341 B
663 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpays-offers.site/nwbt/bot-api/chat.php?api=true&chat_id=595246213956&service=glshu2.0&getMessages=true
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:c8c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f023348e24d790f40c9fe9969262ff77273b7bc80cd923f51a0788ec8f59df5a

Request headers

Accept
*/*
Referer
https://dpays-offers.site/nwbt/bot-api/chat.php?chat_id=595246213956&service=glshu2.0
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:41:04 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache
MISS
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=phhdxkmPCcaNVpMVKwKJ6xv1hP70VeuyAa8ZihAc1xIIqUJruRtyyYC3wa1rTwjaPvFP3y%2BS2ON5ysaVEHZXRz9RCGneYOH%2Bu2nF6dKTqJ9U1dMTO8Qbcp1lMKG5RRobWXDaMYlnBGArS1ESHUxT4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
baloo-proxy
1.4
cf-ray
835e12714e3192a8-FRA
alt-svc
h3=":443"; ma=86400
getStatus.php
gls-hu.apay-wiew.site/ 		4 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gls-hu.apay-wiew.site/getStatus.php?page_id=595246213956
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:abc1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

Accept
*/*
Referer
https://gls-hu.apay-wiew.site/safedeal/595246213956
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:41:04 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache
MISS
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9oyNgbBFHcwVYpoCp%2BitWRtpPZjU9xIvO2XSjiLk%2Ff4JNe1urVkTfP2hQBBKLfIkZJHZ5SRnLyo%2BWXZG6g8IW9mYWnLMUO5JPP9BlcY3XcGBfHFXsre0fFyRmuxnLEqXyR1Wj5iKbGR1t0Jx9bjLqcoXcmw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
baloo-proxy
1.4
cf-ray
835e127209492bf1-FRA
alt-svc
h3=":443"; ma=86400
newMsg.php
gls-hu.apay-wiew.site/ 		5 B
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gls-hu.apay-wiew.site/newMsg.php?page_id=595246213956&page=safedeal
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:abc1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

Accept
*/*
Referer
https://gls-hu.apay-wiew.site/safedeal/595246213956
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:41:04 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache
MISS
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=joBUCFwmnXzG30kPft0zEgeR7kzr9xw20SknThfel0LFvPFz0GuI9Z6ET9HoUTtqx1beXJdGjDwuxn74MvRkehbW%2BNyDB%2F7hr9ZsZWKb1v5s9Stz6CYmLt4zMYsBK2yZogtOi1HLrrOc0VtmpQ0ke%2FCSOF4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
baloo-proxy
1.4
cf-ray
835e1272094d2bf1-FRA
alt-svc
h3=":443"; ma=86400
chat.php
dpays-offers.site/nwbt/bot-api/ Frame 48C9 		341 B
668 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpays-offers.site/nwbt/bot-api/chat.php?api=true&chat_id=595246213956&service=glshu2.0&getMessages=true
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:c8c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f023348e24d790f40c9fe9969262ff77273b7bc80cd923f51a0788ec8f59df5a

Request headers

Accept
*/*
Referer
https://dpays-offers.site/nwbt/bot-api/chat.php?chat_id=595246213956&service=glshu2.0
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:41:05 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache
MISS
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TePIG9ZAkkIEfIkfmyUFHE9kyhh%2F7oImqtmDPKXREqdbYQnFEH4KX6Luc%2Ban7dnjnuS3ARC3xZFH0UpNB0NADozn7txkILKJcJGth2jheHPDgMJelKS8XZHVhQaI%2BFlbJT7etoL1i61%2FDaeKxM%2Bvzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
baloo-proxy
1.4
cf-ray
835e12778d7f92a8-FRA
alt-svc
h3=":443"; ma=86400
getStatus.php
gls-hu.apay-wiew.site/ 		4 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gls-hu.apay-wiew.site/getStatus.php?page_id=595246213956
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:abc1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

Accept
*/*
Referer
https://gls-hu.apay-wiew.site/safedeal/595246213956
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:41:05 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache
MISS
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XkYikZqV4W6Fz8cLPdPhvfG6o9sa%2Fv%2BWjGjU3WHJJQ4lp387CHJavb6IQeMkB0xR0YQxugYYn4yvNq42AiZLccl%2FldglGg6lvLKyObW2kEbYgL5UahnxZykWU1pl%2Bp0ol1aMqVvTx28oOmhr4d4DBIjoFdk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
baloo-proxy
1.4
cf-ray
835e127849782bf1-FRA
alt-svc
h3=":443"; ma=86400
newMsg.php
gls-hu.apay-wiew.site/ 		5 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gls-hu.apay-wiew.site/newMsg.php?page_id=595246213956&page=safedeal
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:abc1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

Accept
*/*
Referer
https://gls-hu.apay-wiew.site/safedeal/595246213956
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:41:05 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proxy-cache
MISS
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ks3fwY8m5sOzR0FOk8MLgUN9LLlO9o6TT%2FQcEskIrRL%2Bc3JLv900u6d2K5x8VxQv%2BQGOsto%2FOvpIZoifAdHLJKXrnpN29tZueAp4Iju%2FXbC0P6bRuERatbVFmiczbLB%2BLoEDJpDC0uj32JDXqJssVRw5ocA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
baloo-proxy
1.4
cf-ray
835e1278497b2bf1-FRA
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture function| $ function| jQuery function| updateStatus function| updateStatus2 function| openForm function| closeForm string| currentStatus

1 Cookies

Domain/Path Name / Value
gls-hu.apay-wiew.site/ Name: _1__bProxy_v
Value: e49601fd337f161609cd2639b9f51f81e66fbf5e14ce35791abeb961ecad3b1c

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
dpays-offers.site
fonts.googleapis.com
fonts.gstatic.com
gls-hu.apay-wiew.site
pmtomrer.dk
sc.link
178.248.232.231
2606:4700:3035::ac43:c8c8
2606:4700:3036::ac43:abc1
2a00:1450:4001:803::2003
2a00:1450:4001:831::200a
2a02:4780:9:1111:0:1aa4:22e8:2
2a04:4e42::649
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0aca7b63af97c4d5b5e5743d7b4ef21dea5553d15653e9048cfdfdd30bc9afd2
1e4c2991fec8cb25edcd232a5feaf5d2f536d6aaf1a20e6ad17bea15f333ccd4
265f5b66519070be429a4df8c93e480ab439fe2d505e6c33ea9c8ca4f9d5ddab
2ae74c8908ff6ec0d83de80e91c16a8a8169e28967534d8d94259d559a95ecf3
2ffabf8be186b8ef8ce90a2f182ac3f3b48fa4e460318b6bef36770ed50b8b5a
32d2197a1fd1c0b5c47de3809988721b9336452f808663c5e003170026400adf
32e13d4810d73a5d04ba66886ef1cdd2c4fafdc1ab96aa40562bf6cabe176527
3a86ec5d513def02afa9ea87e94e5961d9d88688ae807d4c3d5ff55639bfbb54
4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
770e9cc62978886f4d831d0f1cf3c3d5a4dbe85f61ee7da1c3bdcf0e1ded9d10
9b7650d2e1b163ebdce8e7c79762bb054c49693702a6582f5cdc365a027fa591
a2ee448bf98472c2421ceb1e094e80665be6d82a8a529039503abd05b7468d7e
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
ae427a9b14139b41e89b8e50b3616f15408f23e8b31214e5458831af604e4eb0
cd6da89a7351d004bfe48c19d8903820332d9ae9a8837625652832baa1d0cff7
ce18ec3308f885d6203a466853356a4e459ec86f827aa9d0b76b1224cde0ec78
eeda67bd2327a192aa3de335daf55743804d8a4dc2695311bd3e57b38c4e0cb4
f023348e24d790f40c9fe9969262ff77273b7bc80cd923f51a0788ec8f59df5a
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa